Abstract class Phalcon\Acl¶
Constants¶
integer ALLOW
integer DENY
Abstract class Phalcon\Acl\Adapter¶
implements Phalcon\Acl\AdapterInterface, Phalcon\Events\EventsAwareInterface
Adapter for Phalcon\Acl adapters
Methods¶
public getActiveRole ()
Role which the list is checking if it's allowed to certain resource/access
public getActiveResource ()
Resource which the list is checking if some role can access it
public getActiveAccess ()
Active access which the list is checking if some role can access it
public setEventsManager (Phalcon\Events\ManagerInterface $eventsManager)
Sets the events manager
public getEventsManager ()
Returns the internal event manager
public setDefaultAction (mixed $defaultAccess)
Sets the default access level (Phalcon\Acl::ALLOW or Phalcon\Acl::DENY)
public getDefaultAction ()
Returns the default ACL access level
abstract public setNoArgumentsDefaultAction (mixed $defaultAccess) inherited from Phalcon\Acl\AdapterInterface
...
abstract public getNoArgumentsDefaultAction () inherited from Phalcon\Acl\AdapterInterface
...
abstract public addRole (mixed $role, [mixed $accessInherits]) inherited from Phalcon\Acl\AdapterInterface
...
abstract public addInherit (mixed $roleName, mixed $roleToInherit) inherited from Phalcon\Acl\AdapterInterface
...
abstract public isRole (mixed $roleName) inherited from Phalcon\Acl\AdapterInterface
...
abstract public isResource (mixed $resourceName) inherited from Phalcon\Acl\AdapterInterface
...
abstract public addResource (mixed $resourceObject, mixed $accessList) inherited from Phalcon\Acl\AdapterInterface
...
abstract public addResourceAccess (mixed $resourceName, mixed $accessList) inherited from Phalcon\Acl\AdapterInterface
...
abstract public dropResourceAccess (mixed $resourceName, mixed $accessList) inherited from Phalcon\Acl\AdapterInterface
...
abstract public allow (mixed $roleName, mixed $resourceName, mixed $access, [mixed $func]) inherited from Phalcon\Acl\AdapterInterface
...
abstract public deny (mixed $roleName, mixed $resourceName, mixed $access, [mixed $func]) inherited from Phalcon\Acl\AdapterInterface
...
abstract public isAllowed (mixed $roleName, mixed $resourceName, mixed $access, [array $parameters]) inherited from Phalcon\Acl\AdapterInterface
...
abstract public getRoles () inherited from Phalcon\Acl\AdapterInterface
...
abstract public getResources () inherited from Phalcon\Acl\AdapterInterface
...
Class Phalcon\Acl\Adapter\Memory¶
extends abstract class Phalcon\Acl\Adapter
implements Phalcon\Events\EventsAwareInterface, Phalcon\Acl\AdapterInterface
Manages ACL lists in memory
<?php
$acl = new \Phalcon\Acl\Adapter\Memory();
$acl->setDefaultAction(
\Phalcon\Acl::DENY
);
// Register roles
$roles = [
"users" => new \Phalcon\Acl\Role("Users"),
"guests" => new \Phalcon\Acl\Role("Guests"),
];
foreach ($roles as $role) {
$acl->addRole($role);
}
// Private area resources
$privateResources = [
"companies" => ["index", "search", "new", "edit", "save", "create", "delete"],
"products" => ["index", "search", "new", "edit", "save", "create", "delete"],
"invoices" => ["index", "profile"],
];
foreach ($privateResources as $resourceName => $actions) {
$acl->addResource(
new \Phalcon\Acl\Resource($resourceName),
$actions
);
}
// Public area resources
$publicResources = [
"index" => ["index"],
"about" => ["index"],
"session" => ["index", "register", "start", "end"],
"contact" => ["index", "send"],
];
foreach ($publicResources as $resourceName => $actions) {
$acl->addResource(
new \Phalcon\Acl\Resource($resourceName),
$actions
);
}
// Grant access to public areas to both users and guests
foreach ($roles as $role){
foreach ($publicResources as $resource => $actions) {
$acl->allow($role->getName(), $resource, "*");
}
}
// Grant access to private area to role Users
foreach ($privateResources as $resource => $actions) {
foreach ($actions as $action) {
$acl->allow("Users", $resource, $action);
}
}
Methods¶
public __construct ()
Phalcon\Acl\Adapter\Memory constructor
public addRole (RoleInterface | string $role, [array | string $accessInherits])
Adds a role to the ACL list. Second parameter allows inheriting access data from other existing role Example:
<?php
$acl->addRole(
new Phalcon\Acl\Role("administrator"),
"consultant"
);
$acl->addRole("administrator", "consultant");
public addInherit (mixed $roleName, mixed $roleToInherit)
Do a role inherit from another existing role
public isRole (mixed $roleName)
Check whether role exist in the roles list
public isResource (mixed $resourceName)
Check whether resource exist in the resources list
public addResource (Phalcon\Acl\Resource | string $resourceValue, array | string $accessList)
Adds a resource to the ACL list Access names can be a particular action, by example search, update, delete, etc or a list of them Example:
<?php
// Add a resource to the the list allowing access to an action
$acl->addResource(
new Phalcon\Acl\Resource("customers"),
"search"
);
$acl->addResource("customers", "search");
// Add a resource with an access list
$acl->addResource(
new Phalcon\Acl\Resource("customers"),
[
"create",
"search",
]
);
$acl->addResource(
"customers",
[
"create",
"search",
]
);
public addResourceAccess (mixed $resourceName, array | string $accessList)
Adds access to resources
public dropResourceAccess (mixed $resourceName, array | string $accessList)
Removes an access from a resource
protected _allowOrDeny (mixed $roleName, mixed $resourceName, mixed $access, mixed $action, [mixed $func])
Checks if a role has access to a resource
public allow (mixed $roleName, mixed $resourceName, mixed $access, [mixed $func])
Allow access to a role on a resource You can use '*' as wildcard Example:
<?php
//Allow access to guests to search on customers
$acl->allow("guests", "customers", "search");
//Allow access to guests to search or create on customers
$acl->allow("guests", "customers", ["search", "create"]);
//Allow access to any role to browse on products
$acl->allow("*", "products", "browse");
//Allow access to any role to browse on any resource
$acl->allow("*", "*", "browse");
public deny (mixed $roleName, mixed $resourceName, mixed $access, [mixed $func])
Deny access to a role on a resource You can use '*' as wildcard Example:
<?php
//Deny access to guests to search on customers
$acl->deny("guests", "customers", "search");
//Deny access to guests to search or create on customers
$acl->deny("guests", "customers", ["search", "create"]);
//Deny access to any role to browse on products
$acl->deny("*", "products", "browse");
//Deny access to any role to browse on any resource
$acl->deny("*", "*", "browse");
public isAllowed (RoleInterface | RoleAware | string $roleName, ResourceInterface | ResourceAware | string $resourceName, mixed $access, [array $parameters])
Check whether a role is allowed to access an action from a resource
<?php
//Does andres have access to the customers resource to create?
$acl->isAllowed("andres", "Products", "create");
//Do guests have access to any resource to edit?
$acl->isAllowed("guests", "*", "edit");
public setNoArgumentsDefaultAction (mixed $defaultAccess)
Sets the default access level (Phalcon\Acl::ALLOW or Phalcon\Acl::DENY) for no arguments provided in isAllowed action if there exists func for accessKey
public getNoArgumentsDefaultAction ()
Returns the default ACL access level for no arguments provided in isAllowed action if there exists func for accessKey
public getRoles ()
Return an array with every role registered in the list
public getResources ()
Return an array with every resource registered in the list
public getActiveRole () inherited from Phalcon\Acl\Adapter
Role which the list is checking if it's allowed to certain resource/access
public getActiveResource () inherited from Phalcon\Acl\Adapter
Resource which the list is checking if some role can access it
public getActiveAccess () inherited from Phalcon\Acl\Adapter
Active access which the list is checking if some role can access it
public setEventsManager (Phalcon\Events\ManagerInterface $eventsManager) inherited from Phalcon\Acl\Adapter
Sets the events manager
public getEventsManager () inherited from Phalcon\Acl\Adapter
Returns the internal event manager
public setDefaultAction (mixed $defaultAccess) inherited from Phalcon\Acl\Adapter
Sets the default access level (Phalcon\Acl::ALLOW or Phalcon\Acl::DENY)
public getDefaultAction () inherited from Phalcon\Acl\Adapter
Returns the default ACL access level
Interface Phalcon\Acl\AdapterInterface¶
Methods¶
abstract public setDefaultAction (mixed $defaultAccess)
Sets the default access level (Phalcon\Acl::ALLOW or Phalcon\Acl::DENY)
abstract public getDefaultAction ()
Returns the default ACL access level
abstract public setNoArgumentsDefaultAction (mixed $defaultAccess)
Sets the default access level (Phalcon\Acl::ALLOW or Phalcon\Acl::DENY) for no arguments provided in isAllowed action if there exists func for accessKey
abstract public getNoArgumentsDefaultAction ()
Returns the default ACL access level for no arguments provided in isAllowed action if there exists func for accessKey
abstract public addRole (mixed $role, [mixed $accessInherits])
Adds a role to the ACL list. Second parameter lets to inherit access data from other existing role
abstract public addInherit (mixed $roleName, mixed $roleToInherit)
Do a role inherit from another existing role
abstract public isRole (mixed $roleName)
Check whether role exist in the roles list
abstract public isResource (mixed $resourceName)
Check whether resource exist in the resources list
abstract public addResource (mixed $resourceObject, mixed $accessList)
Adds a resource to the ACL list Access names can be a particular action, by example search, update, delete, etc or a list of them
abstract public addResourceAccess (mixed $resourceName, mixed $accessList)
Adds access to resources
abstract public dropResourceAccess (mixed $resourceName, mixed $accessList)
Removes an access from a resource
abstract public allow (mixed $roleName, mixed $resourceName, mixed $access, [mixed $func])
Allow access to a role on a resource
abstract public deny (mixed $roleName, mixed $resourceName, mixed $access, [mixed $func])
Deny access to a role on a resource
abstract public isAllowed (mixed $roleName, mixed $resourceName, mixed $access, [array $parameters])
Check whether a role is allowed to access an action from a resource
abstract public getActiveRole ()
Returns the role which the list is checking if it's allowed to certain resource/access
abstract public getActiveResource ()
Returns the resource which the list is checking if some role can access it
abstract public getActiveAccess ()
Returns the access which the list is checking if some role can access it
abstract public getRoles ()
Return an array with every role registered in the list
abstract public getResources ()
Return an array with every resource registered in the list
Class Phalcon\Acl\Exception¶
extends class Phalcon\Exception
implements Throwable
Methods¶
final private Exception __clone () inherited from Exception
Clone the exception
public __construct ([mixed $message], [mixed $code], [mixed $previous]) inherited from Exception
Exception constructor
public __wakeup () inherited from Exception
...
final public string getMessage () inherited from Exception
Gets the Exception message
final public int getCode () inherited from Exception
Gets the Exception code
final public string getFile () inherited from Exception
Gets the file in which the exception occurred
final public int getLine () inherited from Exception
Gets the line in which the exception occurred
final public array getTrace () inherited from Exception
Gets the stack trace
final public Exception getPrevious () inherited from Exception
Returns previous Exception
final public Exception getTraceAsString () inherited from Exception
Gets the stack trace as a string
public string __toString () inherited from Exception
String representation of the exception
Class Phalcon\Acl\Resource¶
implements Phalcon\Acl\ResourceInterface
This class defines resource entity and its description
Methods¶
public getName ()
Resource name
public __toString ()
Resource name
public getDescription ()
Resource description
public __construct (mixed $name, [mixed $description])
Phalcon\Acl\Resource constructor
Interface Phalcon\Acl\ResourceAware¶
Methods¶
abstract public getResourceName ()
Returns resource name
Interface Phalcon\Acl\ResourceInterface¶
Methods¶
abstract public getName ()
Returns the resource name
abstract public getDescription ()
Returns resource description
abstract public __toString ()
Magic method __toString
Class Phalcon\Acl\Role¶
implements Phalcon\Acl\RoleInterface
This class defines role entity and its description
Methods¶
public getName ()
Role name
public __toString ()
Role name
public getDescription ()
Role description
public __construct (mixed $name, [mixed $description])
Phalcon\Acl\Role constructor
Interface Phalcon\Acl\RoleAware¶
Methods¶
abstract public getRoleName ()
Returns role name
Interface Phalcon\Acl\RoleInterface¶
Methods¶
abstract public getName ()
Returns the role name
abstract public getDescription ()
Returns role description
abstract public __toString ()
Magic method __toString