Index

  1. \com\setasign\SetaFramework
    1. Permissions
      1. HasPermissionsInterface
      2. PermissionControl
      3. PermissionException
      4. ResourceDefinition
      5. Role

com\setasign\SetaFramework\Permissions

Role Class Permissions Role

File: /SetaFramework/src/Permissions/Role.php

Class hierarchy

Implements

Summary

Methods

Properties

Properties

$actions

private array Role::$actions = array()

Array of actions ['ResourceName' => [callable | ['ActionName' => bool|callable]]]

$inheritedRole

private ?Role Role::$inheritedRole

Variable for the inherited role

$name

private string Role::$name

Variable for the name of the role

$resources

private array Role::$resources = array()

Array of SetaFramework\Permissions\ResourceDefinitions


Methods

__construct()

public Role::__construct (
string $name,
?Role $inheritedRole = null
)

Constructor

Parameters
$name : string

Name of the role

$inheritedRole : ?Role
 

allow()

public Role::allow (
ResourceDefinition $resource,
array|string|callable|null $actionsOrCallback = null
): void

Allow one or more actions of a resource

Parameters
$resource : ResourceDefinition
 
$actionsOrCallback : array|string|callable|null
 
Exceptions

Throws \InvalidArgumentException

checkOwnPermissions()

protected Role::checkOwnPermissions (
string $name,
string $actionName,
?object $object
): int
Parameters
$name : string
  • the ResourceDefinition name
$actionName : string
  • the action name
$object : ?object
  • the allowed/denied object
Return Values
  • 1 : allowed, -1 : denied

deny()

public Role::deny (
ResourceDefinition $resource,
array|string|callable|null $actionsOrCallback = null
): void

Deny one or more actions of a resource

Parameters
$resource : ResourceDefinition
 
$actionsOrCallback : array|string|callable|null
 
Exceptions

Throws \InvalidArgumentException

getIndividualPermissions()

public Role::getIndividualPermissions (
void
): array

Get all individual permissions that are defined in the $actions array

getInheritedRole()

public Role::getInheritedRole (
void
): ?Role

Gets the inherited role

getName()

public Role::getName (
void
): string

Gets the role name

isAllowed()

public Role::isAllowed (
object|string $nameOrObject,
string $action
): bool

Checks whether a action of a resource is allowed

Parameters
$nameOrObject : object|string
 
$action : string
 

requirePermission()

public Role::requirePermission (
object|string $nameOrObject,
string $action
): void

Checks whether a action of a resource is allowed and if not an exception will be thrown

Parameters
$nameOrObject : object|string
 
$action : string
 
Exceptions

Throws PermissionException If the permission is rejected!

resolveObject()

protected Role::resolveObject (
object $object
): ?string
Parameters
$object : object
 

© 2025 Setasign GmbH & Co. KG · Contact / Imprint · Data Privacy Statement (German)