Index

  1. \com\setasign\SetaFramework
    1. Permissions
      1. HasPermissionsInterface
      2. PermissionControl
      3. PermissionException
      4. ResourceDefinition
      5. Role

com\setasign\SetaFramework\Permissions

PermissionControl Class PermissionControl

File: /SetaFramework/src/Permissions/PermissionControl.php

Class hierarchy

Implements

Summary

Methods

Properties

Properties

$actions

private array PermissionControl::$actions = array()

Variable for all defined permissions ['ResourceName' => [callable | ['ActionName' => bool|callable]]]

$logger

protected ?\Psr\Log\LoggerInterface PermissionControl::$logger

$resources

private array PermissionControl::$resources = array()

Variable for resource definitions

$roles

private array PermissionControl::$roles = array()

Variable for all added roles


Methods

addRole()

public PermissionControl::addRole (
Role $role
): void

Adds a role to the $roles array

Parameters
$role : Role
 

allow()

public PermissionControl::allow (
ResourceDefinition $resource,
array|string|callable|null $actionsOrCallback = null
): void

Allow one or more actions of a resource

Parameters
$resource : ResourceDefinition
 
$actionsOrCallback : array|string|callable|null
 
Exceptions

Throws \InvalidArgumentException

checkOwnPermissions()

protected PermissionControl::checkOwnPermissions (
string $name,
string $actionName,
?object $object
): int
Parameters
$name : string
  • the ResourceDefinition name
$actionName : string
  • the action name
$object : ?object
  • the allowed/denied object
Return Values
  • 1 : allowed, -1 : denied

checkRolesPermissions()

protected PermissionControl::checkRolesPermissions (
object|string|ResourceDefinition $nameOrObject,
string $action
): int
Parameters
$nameOrObject : object|string|ResourceDefinition
 
$action : string
 

deny()

public PermissionControl::deny (
ResourceDefinition $resource,
array|string|callable|null $actionsOrCallback = null
): void

Deny one or more actions of a resource

Parameters
$resource : ResourceDefinition
 
$actionsOrCallback : array|string|callable|null
 
Exceptions

Throws \InvalidArgumentException

getIndividualPermissions()

public PermissionControl::getIndividualPermissions (
void
): array

Get all individual permissions that are defined in the $actions array

getRoles()

public PermissionControl::getRoles (
void
): array

Gets all added roles

isAllowed()

public PermissionControl::isAllowed (
object|string|ResourceDefinition $nameOrObject,
string $action
): bool

Checks whether a action of a resource is allowed

Parameters
$nameOrObject : object|string|ResourceDefinition
 
$action : string
 

requirePermission()

public PermissionControl::requirePermission (
object|string|ResourceDefinition $nameOrObject,
string $action
): void

Checks whether a action of a resource is allowed and if not an exception will be thrown

Parameters
$nameOrObject : object|string|ResourceDefinition
 
$action : string
 
Exceptions

Throws PermissionException If the permission is rejected!

resolveObject()

protected PermissionControl::resolveObject (
ResourceDefinition|object $object
): ?string
Parameters
$object : ResourceDefinition|object
 

setLogger()

public PermissionControl::setLogger (
\Psr\Log\LoggerInterface $logger
): void

Sets a logger instance on the object.

Parameters
$logger : \Psr\Log\LoggerInterface
 

© 2025 Setasign GmbH & Co. KG · Contact / Imprint · Data Privacy Statement (German)