\Dewdrop\AdminPermissions

This class allows you to adjust the permissions for an admin component. It allows you to disable or enable a permission globally, by role or by callback, much like the permissions-related methods on \Dewdrop\Fields\FieldInterface.

By default, there are only two very simple permissions available:

1) access: Can the user access this component at all?

2) display-menu: Should the component be shown in the main admin nav menu?

For component's implementing the CrudInterface, they get a number of additional permissions automatically.

For permissions specific to your component, call the register() method to add them.

Summary

Methods
Properties
Constants
__construct()
registerAndSetDefaultsForCrudInterface()
register()
can()
haltIfNotAllowed()
setAll()
set()
lock()
No public properties found
No constants found
getUserRoleValues()
No protected properties found
N/A
No private methods found
$component
$registeredPermissions
$settings
$lockedSettings
N/A

Properties

$registeredPermissions

$registeredPermissions : array

What permissions are available to set on this component.

Type

array

$settings

$settings : array

The settings applied for the permissions so far.

Type

array

$lockedSettings

$lockedSettings : array

Any settings that should not be alterable (or even shown) in the UI.

Type

array

Methods

__construct()

__construct(mixed  $component, null|boolean  $debug = null) 

Provide the component that these permissions should be applied to.

Parameters

mixed $component
null|boolean $debug

Throws

\Dewdrop\Exception

registerAndSetDefaultsForCrudInterface()

registerAndSetDefaultsForCrudInterface(\Dewdrop\Admin\Component\CrudInterface  $component) : $this

Register a number of permissions that we make available on CrudInterface components.

Parameters

\Dewdrop\Admin\Component\CrudInterface $component

Returns

$this

register()

register(string  $name, string  $description) : $this

Register a new permission that can be set for the component. The name will be referenced in code when setting the permission. The description will be displayed to users in a UI.

Parameters

string $name
string $description

Returns

$this

can()

can(string  $name, boolean  $throwExceptionOnFail = false) : boolean

Check to see if the given permission is granted to the current user (or anonymous users, if no user resource is available in Pimple. You can optionally choose to just throw an exception to halt execution when the user doesn't have the requested permission. This can be convenient when the user can only reach the point where this permission is checked by circumventing the normal navigation provided in the UI (e.g. by manipulating the URL).

Parameters

string $name
boolean $throwExceptionOnFail

Throws

\Dewdrop\Exception

Returns

boolean

haltIfNotAllowed()

haltIfNotAllowed(string  $name) : boolean

Check the supplied permission and halt execution if it's not allowed.

Parameters

string $name

Returns

boolean

setAll()

setAll(string  $setting) : $this

Set all registered permissions to the supplied value. Useful if you want different defaults in your component.

Parameters

string $setting

Returns

$this

set()

set(string  $name, mixed  $setting) : $this

Set the provided permission's setting.

Parameters

string $name
mixed $setting

Throws

\Dewdrop\Exception

Returns

$this

lock()

lock(string  $name, mixed  $setting) : $this

Set the provided permission's setting and lock it so it cannot be modified by users.

Parameters

string $name
mixed $setting

Throws

\Dewdrop\Exception

Returns

$this

getUserRoleValues()

getUserRoleValues(\Symfony\Component\Security\Core\User\UserInterface  $user) : array

Get the role values (rather than the clumsy SfRole objects) for the provided user object.

Parameters

\Symfony\Component\Security\Core\User\UserInterface $user

Returns

array