Sections

Abstract Class Phalcon\Acl\Adapter\AbstractAdapter

Source on GitHub

Namespace Phalcon\Acl\Adapter   Uses Phalcon\Events\ManagerInterface, Phalcon\Events\EventsAwareInterface   Implements AdapterInterface, EventsAwareInterface

Adapter for Phalcon\Acl adapters

Properties

/**
 * Active access which the list is checking if some role can access it
 *
 * @var string
 */
protected activeAccess;

/**
 * Access Granted
 *
 * @var bool
 */
protected accessGranted = false;

/**
 * Role which the list is checking if it's allowed to certain
 * component/access
 *
 * @var string
 */
protected activeRole;

/**
 * Component which the list is checking if some role can access it
 *
 * @var string
 */
protected activeComponent;

/**
 * Default access
 *
 * @var bool
 */
protected defaultAccess = false;

/**
 * Events manager
 *
 * @var mixed
 */
protected eventsManager;

Methods

public function getActiveAccess(): string
public function getActiveComponent(): string
public function getActiveRole(): string
public function getDefaultAction(): int;

Returns the default ACL access level

public function getEventsManager(): ManagerInterface;

Returns the internal event manager

public function setDefaultAction( int $defaultAccess ): void;

Sets the default access level (Phalcon\Acl::ALLOW or Phalcon\Acl::DENY)

public function setEventsManager( ManagerInterface $eventsManager ): void;

Sets the events manager

Interface Phalcon\Acl\Adapter\AdapterInterface

Source on GitHub

Namespace Phalcon\Acl\Adapter   Uses Phalcon\Acl\ComponentInterface, Phalcon\Acl\RoleInterface

Interface for Phalcon\Acl adapters

Methods

public function addComponent( mixed $componentObject, mixed $accessList ): bool;

Adds a component to the ACL list

Access names can be a particular action, by example search, update, delete, etc or a list of them

public function addComponentAccess( string $componentName, mixed $accessList ): bool;

Adds access to components

public function addInherit( string $roleName, mixed $roleToInherit ): bool;

Do a role inherit from another existing role

public function addRole( mixed $role, mixed $accessInherits = null ): bool;

Adds a role to the ACL list. Second parameter lets to inherit access data from other existing role

public function allow( string $roleName, string $componentName, mixed $access, mixed $func = null ): void;

Allow access to a role on a component

public function deny( string $roleName, string $componentName, mixed $access, mixed $func = null ): void;

Deny access to a role on a component

public function dropComponentAccess( string $componentName, mixed $accessList ): void;

Removes an access from a component

public function getActiveAccess(): string;

Returns the access which the list is checking if some role can access it

public function getActiveComponent(): string;

Returns the component which the list is checking if some role can access it

public function getActiveRole(): string;

Returns the role which the list is checking if it’s allowed to certain component/access

public function getComponents(): ComponentInterface[];

Return an array with every component registered in the list

public function getDefaultAction(): int;

Returns the default ACL access level

public function getNoArgumentsDefaultAction(): int;

Returns the default ACL access level for no arguments provided in isAllowed action if there exists func for accessKey

public function getRoles(): RoleInterface[];

Return an array with every role registered in the list

public function isAllowed( mixed $roleName, mixed $componentName, string $access, array $parameters = null ): bool;

Check whether a role is allowed to access an action from a component

public function isComponent( string $componentName ): bool;

Check whether component exist in the components list

public function isRole( string $roleName ): bool;

Check whether role exist in the roles list

public function setDefaultAction( int $defaultAccess ): void;

Sets the default access level (Phalcon\Ac\Enuml::ALLOW or Phalcon\Acl\Enum::DENY)

public function setNoArgumentsDefaultAction( int $defaultAccess ): void;

Sets the default access level (Phalcon\Acl\Enum::ALLOW or Phalcon\Acl\Enum::DENY) for no arguments provided in isAllowed action if there exists func for accessKey

Class Phalcon\Acl\Adapter\Memory

Source on GitHub

Namespace Phalcon\Acl\Adapter   Uses Phalcon\Acl\Enum, Phalcon\Acl\Role, Phalcon\Acl\RoleInterface, Phalcon\Acl\Component, Phalcon\Acl\Exception, Phalcon\Events\Manager, Phalcon\Acl\RoleAware, Phalcon\Acl\ComponentAware, Phalcon\Acl\ComponentInterface, ReflectionFunction   Extends AbstractAdapter

Manages ACL lists in memory

$acl = new \Phalcon\Acl\Adapter\Memory();

$acl->setDefaultAction(
    \Phalcon\Acl\Enum::DENY
);

// Register roles
$roles = [
    "users"  => new \Phalcon\Acl\Role("Users"),
    "guests" => new \Phalcon\Acl\Role("Guests"),
];
foreach ($roles as $role) {
    $acl->addRole($role);
}

// Private area components
$privateComponents = [
    "companies" => ["index", "search", "new", "edit", "save", "create", "delete"],
    "products"  => ["index", "search", "new", "edit", "save", "create", "delete"],
    "invoices"  => ["index", "profile"],
];

foreach ($privateComponents as $componentName => $actions) {
    $acl->addComponent(
        new \Phalcon\Acl\Component($componentName),
        $actions
    );
}

// Public area components
$publicComponents = [
    "index"   => ["index"],
    "about"   => ["index"],
    "session" => ["index", "register", "start", "end"],
    "contact" => ["index", "send"],
];

foreach ($publicComponents as $componentName => $actions) {
    $acl->addComponent(
        new \Phalcon\Acl\Component($componentName),
        $actions
    );
}

// Grant access to public areas to both users and guests
foreach ($roles as $role) {
    foreach ($publicComponents as $component => $actions) {
        $acl->allow($role->getName(), $component, "*");
    }
}

// Grant access to private area to role Users
foreach ($privateComponents as $component => $actions) {
    foreach ($actions as $action) {
        $acl->allow("Users", $component, $action);
    }
}

Properties

/**
 * Access
 *
 * @var mixed
 */
protected access;

/**
 * Access List
 *
 * @var mixed
 */
protected accessList;

/**
 * Returns latest function used to acquire access
 *
 * @var mixed
 */
protected activeFunction;

/**
 * Returns number of additional arguments(excluding role and resource) for active function
 *
 * @var int
 */
protected activeFunctionCustomArgumentsCount = 0;

/**
 * Returns latest key used to acquire access
 *
 * @var string|null
 */
protected activeKey;

/**
 * Components
 *
 * @var mixed
 */
protected components;

/**
 * Component Names
 *
 * @var mixed
 */
protected componentsNames;

/**
 * Function List
 *
 * @var mixed
 */
protected func;

/**
 * Default action for no arguments is allow
 *
 * @var mixed
 */
protected noArgumentsDefaultAction;

/**
 * Roles
 *
 * @var mixed
 */
protected roles;

/**
 * Role Inherits
 *
 * @var mixed
 */
protected roleInherits;

/**
 * Roles Names
 *
 * @var mixed
 */
protected rolesNames;

Methods

public function __construct();

Phalcon\Acl\Adapter\Memory constructor

public function addComponent( mixed $componentValue, mixed $accessList ): bool;

Adds a component to the ACL list

Access names can be a particular action, by example search, update, delete, etc or a list of them

Example:

// Add a component to the the list allowing access to an action
$acl->addComponent(
    new Phalcon\Acl\Component("customers"),
    "search"
);

$acl->addComponent("customers", "search");

// Add a component  with an access list
$acl->addComponent(
    new Phalcon\Acl\Component("customers"),
    [
        "create",
        "search",
    ]
);

$acl->addComponent(
    "customers",
    [
        "create",
        "search",
    ]
);
public function addComponentAccess( string $componentName, mixed $accessList ): bool;

Adds access to components

public function addInherit( string $roleName, mixed $roleToInherits ): bool;

Do a role inherit from another existing role

$acl->addRole("administrator", "consultant");
$acl->addRole("administrator", ["consultant", "consultant2"]);
public function addRole( mixed $role, mixed $accessInherits = null ): bool;

Adds a role to the ACL list. Second parameter allows inheriting access data from other existing role

$acl->addRole(
    new Phalcon\Acl\Role("administrator"),
    "consultant"
);

$acl->addRole("administrator", "consultant");
$acl->addRole("administrator", ["consultant", "consultant2"]);
public function allow( string $roleName, string $componentName, mixed $access, mixed $func = null ): void;

Allow access to a role on a component. You can use * as wildcard

// Allow access to guests to search on customers
$acl->allow("guests", "customers", "search");

// Allow access to guests to search or create on customers
$acl->allow("guests", "customers", ["search", "create"]);

// Allow access to any role to browse on products
$acl->allow("*", "products", "browse");

// Allow access to any role to browse on any component
$acl->allow("*", "*", "browse");


```php
public function deny( string $roleName, string $componentName, mixed $access, mixed $func = null ): void;

Deny access to a role on a component. You can use * as wildcard

// Deny access to guests to search on customers
$acl->deny("guests", "customers", "search");

// Deny access to guests to search or create on customers
$acl->deny("guests", "customers", ["search", "create"]);

// Deny access to any role to browse on products
$acl->deny("*", "products", "browse");

// Deny access to any role to browse on any component
$acl->deny("*", "*", "browse");
public function dropComponentAccess( string $componentName, mixed $accessList ): void;

Removes an access from a component

public function getActiveFunction(): mixed
public function getActiveFunctionCustomArgumentsCount(): int
public function getActiveKey(): string|null
public function getComponents(): ComponentInterface[];

Return an array with every component registered in the list

public function getNoArgumentsDefaultAction(): int;

Returns the default ACL access level for no arguments provided in isAllowed action if a func (callable) exists for accessKey

public function getRoles(): RoleInterface[];

Return an array with every role registered in the list

public function isAllowed( mixed $roleName, mixed $componentName, string $access, array $parameters = null ): bool;

Check whether a role is allowed to access an action from a component

// Does andres have access to the customers component to create?
$acl->isAllowed("andres", "Products", "create");

// Do guests have access to any component to edit?
$acl->isAllowed("guests", "*", "edit");
public function isComponent( string $componentName ): bool;

Check whether component exist in the components list

public function isRole( string $roleName ): bool;

Check whether role exist in the roles list

public function setNoArgumentsDefaultAction( int $defaultAccess ): void;

Sets the default access level (Phalcon\Enum::ALLOW or Phalcon\Enum::DENY) for no arguments provided in isAllowed action if there exists func for accessKey

Class Phalcon\Acl\Component

Source on GitHub

Namespace Phalcon\Acl   Implements ComponentInterface

This class defines component entity and its description

Properties

/**
 * Component description
 *
 * @var string
 */
private description;

/**
 * Component name
 *
 * @var string
 */
private name;

Methods

public function __construct( string $name, string $description = null );

Phalcon\Acl\Component constructor

public function __toString(): string
public function getDescription(): string
public function getName(): string

Interface Phalcon\Acl\ComponentAware

Source on GitHub

Namespace Phalcon\Acl

Interface for classes which could be used in allow method as RESOURCE

Methods

public function getComponentName(): string;

Returns component name

Interface Phalcon\Acl\ComponentInterface

Source on GitHub

Namespace Phalcon\Acl

Interface for Phalcon\Acl\Component

Methods

public function __toString(): string;

Magic method __toString

public function getDescription(): string;

Returns component description

public function getName(): string;

Returns the component name

Class Phalcon\Acl\Enum

Source on GitHub

Namespace Phalcon\Acl

Constants for Phalcon\Acl\Adapter adapters

Constants

const ALLOW = 1;
const DENY = 0;

Class Phalcon\Acl\Exception

Source on GitHub

Namespace Phalcon\Acl   Extends \Phalcon\Exception

Class for exceptions thrown by Phalcon\Acl

Class Phalcon\Acl\Role

Source on GitHub

Namespace Phalcon\Acl   Implements RoleInterface

This class defines role entity and its description

Properties

/**
 * Role name
 *
 * @var string
 */
private name;

/**
 * Role description
 *
 * @var string
 */
private description;

Methods

public function __construct( string $name, string $description = null );

Phalcon\Acl\Role constructor

public function __toString(): string
public function getDescription(): string
public function getName(): string

Interface Phalcon\Acl\RoleAware

Source on GitHub

Namespace Phalcon\Acl

Interface for classes which could be used in allow method as ROLE

Methods

public function getRoleName(): string;

Returns role name

Interface Phalcon\Acl\RoleInterface

Source on GitHub

Namespace Phalcon\Acl

Interface for Phalcon\Acl\Role

Methods

public function __toString(): string;

Magic method __toString

public function getDescription(): string;

Returns role description

public function getName(): string;

Returns the role name