Hoa central
Public Member Functions | Static Public Member Functions | Public Attributes | Protected Member Functions | Protected Attributes | Private Member Functions | Static Private Attributes | List of all members
Hoa\Acl\Acl Class Reference

Public Member Functions

 addUser (User $user)
 
 deleteUser ($user)
 
 addGroup (Group $group, $inherit=[])
 
 deleteGroup ($groupId, $propagate=self::DELETE_RESTRICT)
 
 addService (Service $service)
 
 deleteService ($service)
 
 allow ($groupId, $permissions=[])
 
 deny ($groupId, $permissions=[])
 
 isAllowed ($user, $permission, $service=null, IAcl\Assert $assert=null)
 
 isGroupAllowed ($group, $permission)
 
 userExists ($userId)
 
 groupExists ($groupId)
 
 serviceExists ($serviceId)
 
 getUser ($userId)
 
 getGroup ($groupId)
 
 getService ($serviceId)
 
 __toString ()
 

Static Public Member Functions

static getInstance ($loop=Graph::DISALLOW_LOOP)
 

Public Attributes

const DELETE_CASCADE = true
 
const DELETE_RESTRICT = false
 

Protected Member Functions

 getUsers ()
 
 getGroups ()
 
 getServices ()
 

Protected Attributes

 $users = []
 
 $groups = null
 
 $services = []
 

Private Member Functions

 __construct ($loop=Graph::DISALLOW_LOOP)
 

Static Private Attributes

static $_instance = null
 

Detailed Description

Class .

The ACL main class. It contains all users, groups, and services collections. It also proposes to check if a user is allow or not to do an action according to its groups and services.

Definition at line 52 of file Acl.php.

Constructor & Destructor Documentation

Hoa\Acl\Acl::__construct (   $loop = Graph::DISALLOW_LOOP)
private

Built an access control list.

Parameters
bool$loopAllow or not loop. Please, see the class.
Returns
void

Definition at line 105 of file Acl.php.

106  {
107  $this->groups = Graph::getInstance(
109  $loop
110  );
111 
112  return;
113  }
const TYPE_ADJACENCYLIST
Definition: Graph.php:59
static getInstance($type=self::TYPE_ADJACENCYLIST)
Definition: Graph.php:126

Here is the call graph for this function:

Member Function Documentation

Hoa\Acl\Acl::__toString ( )

Transform the groups to DOT language.

Returns
string

Definition at line 556 of file Acl.php.

557  {
558  return $this->getGroups()->__toString();
559  }
getGroups()
Definition: Acl.php:520

Here is the call graph for this function:

Hoa\Acl\Acl::addGroup ( Group  $group,
  $inherit = [] 
)

Add a group.

Parameters
\Hoa\Acl\Group$groupGroup to add.
mixed$inheritGroup inherit permission from (should be the group ID or the group instance).
Returns
void
Exceptions

Definition at line 180 of file Acl.php.

181  {
182  if (!is_array($inherit)) {
183  $inherit = [$inherit];
184  }
185 
186  foreach ($inherit as &$in) {
187  if ($in instanceof Group) {
188  $in = $in->getId();
189  }
190  }
191 
192  try {
193  $this->getGroups()->addNode($group, $inherit);
194  } catch (Graph\Exception $e) {
195  throw new Exception($e->getMessage(), $e->getCode());
196  }
197 
198  return;
199  }
getGroups()
Definition: Acl.php:520

Here is the call graph for this function:

Hoa\Acl\Acl::addService ( Service  $service)

Add a service.

Parameters
\Hoa\Acl\Service$serviceService to add.
Returns
void
Exceptions

Definition at line 235 of file Acl.php.

236  {
237  if ($this->serviceExists($service->getId())) {
238  throw new Exception(
239  'Service %s is already registried.',
240  1,
241  $service->getId()
242  );
243  }
244 
245  $this->services[$service->getId()] = $service;
246 
247  return;
248  }
serviceExists($serviceId)
Definition: Acl.php:464

Here is the call graph for this function:

Hoa\Acl\Acl::addUser ( User  $user)

Add a user.

Parameters
\Hoa\Acl\User$userUser to add.
Returns
void
Exceptions

Definition at line 138 of file Acl.php.

139  {
140  if ($this->userExists($user->getId())) {
141  throw new Exception(
142  'User %s is already registried.',
143  0,
144  $user->getId()
145  );
146  }
147 
148  $this->users[$user->getId()] = $user;
149 
150  return;
151  }
userExists($userId)
Definition: Acl.php:434

Here is the call graph for this function:

Hoa\Acl\Acl::allow (   $groupId,
  $permissions = [] 
)

Allow a group to make an action according to permissions.

Parameters
mixed$groupIdThe group ID.
array$permissionsCollection of permissions.
Returns
bool
Exceptions

Definition at line 275 of file Acl.php.

276  {
277  if (false === $this->groupExists($groupId)) {
278  throw new Exception(
279  'Group %s does not exist.',
280  2,
281  $groupId
282  );
283  }
284 
285  $this->getGroups()->getNode($groupId)->addPermission($permissions);
286 
287  foreach ($this->getGroups()->getChild($groupId) as $subGroupId => $group) {
288  $this->allow($subGroupId, $permissions);
289  }
290 
291  return;
292  }
allow($groupId, $permissions=[])
Definition: Acl.php:275
groupExists($groupId)
Definition: Acl.php:449
getGroups()
Definition: Acl.php:520

Here is the call graph for this function:

Hoa\Acl\Acl::deleteGroup (   $groupId,
  $propagate = self::DELETE_RESTRICT 
)

Delete a group.

Parameters
mixed$groupIdThe group ID.
bool$propagatePropagate the erasure.
Returns
void
Exceptions

Definition at line 209 of file Acl.php.

210  {
211  if ($groupId instanceof Group) {
212  $groupId = $groupId->getId();
213  }
214 
215  try {
216  $this->getGroups()->deleteNode($groupId, $propagate);
217  } catch (Graph\Exception $e) {
218  throw new Exception($e->getMessage(), $e->getCode());
219  }
220 
221  foreach ($this->getUsers() as $userId => $user) {
222  $user->deleteGroup($groupId);
223  }
224 
225  return;
226  }
getUsers()
Definition: Acl.php:494
getGroups()
Definition: Acl.php:520

Here is the call graph for this function:

Hoa\Acl\Acl::deleteService (   $service)

Delete a service.

Parameters
mixed$serviceService to delete.
Returns
void

Definition at line 256 of file Acl.php.

257  {
258  if ($service instanceof Service) {
259  $service = $service->getId();
260  }
261 
262  unset($this->services[$service]);
263 
264  return;
265  }
Hoa\Acl\Acl::deleteUser (   $user)

Delete a user.

Parameters
mixed$userUser to delete.
Returns
void

Definition at line 159 of file Acl.php.

160  {
161  if ($user instanceof User) {
162  $user = $user->getId();
163  }
164 
165  unset($this->users[$user]);
166 
167  return;
168  }
Hoa\Acl\Acl::deny (   $groupId,
  $permissions = [] 
)

Deny a group to make an action according to permissions.

Parameters
mixed$groupIdThe group ID.
array$permissionsCollection of permissions.
Returns
bool
Exceptions

Definition at line 302 of file Acl.php.

303  {
304  if ($groupId instanceof Group) {
305  $groupId = $groupId->getId();
306  }
307 
308  if (false === $this->groupExists($groupId)) {
309  throw new Exception(
310  'Group %s does not exist.',
311  3,
312  $groupId
313  );
314  }
315 
316  $this->getGroups()->getNode($groupId)->deletePermission($permissions);
317 
318  foreach ($this->getGroups()->getChild($groupId) as $subGroupId => $group) {
319  $this->deny($subGroupId, $permissions);
320  }
321 
322  return;
323  }
deny($groupId, $permissions=[])
Definition: Acl.php:302
groupExists($groupId)
Definition: Acl.php:449
getGroups()
Definition: Acl.php:520

Here is the call graph for this function:

Hoa\Acl\Acl::getGroup (   $groupId)

Get a specific group.

Parameters
string$groupIdThe group ID.
Returns
Exceptions

Definition at line 506 of file Acl.php.

507  {
508  if (false === $this->groupExists($groupId)) {
509  throw new Exception('Group %s does not exist.', 8, $groupId);
510  }
511 
512  return $this->getGroups()->getNode($groupId);
513  }
groupExists($groupId)
Definition: Acl.php:449
getGroups()
Definition: Acl.php:520

Here is the call graph for this function:

Hoa\Acl\Acl::getGroups ( )
protected

Get all groups, i.e. get the groups graph.

Returns

Definition at line 520 of file Acl.php.

521  {
522  return $this->groups;
523  }

Here is the caller graph for this function:

static Hoa\Acl\Acl::getInstance (   $loop = Graph::DISALLOW_LOOP)
static

Get the instance of , make a singleton.

Parameters
bool$loopAllow or not loop. Please, see the class.
Returns
object

Definition at line 122 of file Acl.php.

123  {
124  if (null === static::$_instance) {
125  static::$_instance = new static($loop);
126  }
127 
128  return static::$_instance;
129  }
Hoa\Acl\Acl::getService (   $serviceId)

Get a specific service.

Parameters
string$serviceIdThe service ID.
Returns
Exceptions

Definition at line 532 of file Acl.php.

533  {
534  if (false === $this->serviceExists($serviceId)) {
535  throw new Exception('Service %s does not exist.', 9, $serviceId);
536  }
537 
538  return $this->services[$serviceId];
539  }
serviceExists($serviceId)
Definition: Acl.php:464

Here is the call graph for this function:

Here is the caller graph for this function:

Hoa\Acl\Acl::getServices ( )
protected

Get all services.

Returns
array

Definition at line 546 of file Acl.php.

547  {
548  return $this->services;
549  }
$services
Definition: Acl.php:94
Hoa\Acl\Acl::getUser (   $userId)

Get a specific user.

Parameters
string$userIdThe user ID.
Returns
Exceptions

Definition at line 480 of file Acl.php.

481  {
482  if (false === $this->userExists($userId)) {
483  throw new Exception('User %s does not exist.', 7, $userId);
484  }
485 
486  return $this->users[$userId];
487  }
userExists($userId)
Definition: Acl.php:434

Here is the call graph for this function:

Here is the caller graph for this function:

Hoa\Acl\Acl::getUsers ( )
protected

Get all users.

Returns
array

Definition at line 494 of file Acl.php.

495  {
496  return $this->users;
497  }

Here is the caller graph for this function:

Hoa\Acl\Acl::groupExists (   $groupId)

Check if a group exists or not.

Parameters
string$groupIdThe group ID.
Returns
bool

Definition at line 449 of file Acl.php.

450  {
451  if ($groupId instanceof Group) {
452  $groupId = $groupId->getId();
453  }
454 
455  return $this->getGroups()->nodeExists($groupId);
456  }
getGroups()
Definition: Acl.php:520

Here is the call graph for this function:

Here is the caller graph for this function:

Hoa\Acl\Acl::isAllowed (   $user,
  $permission,
  $service = null,
IAcl\Assert  $assert = null 
)

Check if a user is allowed to reach a action according to the permission.

Parameters
mixed$userUser to check (should be the user ID or the user instance).
mixed$permissionList of permission (should be permission ID, permission instance).
mixed$serviceService or serviceId.
Hoa\Acl\IAcl\Assert$assertAssert.
Returns
bool
Exceptions

Definition at line 339 of file Acl.php.

344  {
345  if ($user instanceof User) {
346  $user = $user->getId();
347  }
348 
349  if ($permission instanceof Permission) {
350  $permission = $permission->getId();
351  }
352 
353  if (is_array($permission)) {
354  throw new Exception(
355  'Should check one permission, not a list of permissions.',
356  4
357  );
358  }
359 
360  if (null !== $service &&
361  !($service instanceof Service)) {
362  $service = $this->getService($service);
363  }
364 
365  $user = $this->getUser($user);
366  $out = false;
367 
368  if (null !== $service &&
369  false === $service->userExists($user->getId())) {
370  return false;
371  }
372 
373  foreach ($user->getGroups() as $groupId) {
374  $out |= $this->isGroupAllowed($groupId, $permission);
375  }
376 
377  $out = (bool) $out;
378 
379  if (null === $assert) {
380  return $out;
381  }
382 
383  return $out && $assert->assert();
384  }
isGroupAllowed($group, $permission)
Definition: Acl.php:396
getUser($userId)
Definition: Acl.php:480
getService($serviceId)
Definition: Acl.php:532

Here is the call graph for this function:

Hoa\Acl\Acl::isGroupAllowed (   $group,
  $permission 
)

Check if a group is allowed to reach a action according to the permission.

Parameters
mixed$groupGroup to check (should be the group ID or the group instance).
mixed$permissionList of permission (should be permission ID, permission instance).
Returns
bool
Exceptions

Definition at line 396 of file Acl.php.

397  {
398  if ($group instanceof Group) {
399  $group = $group->getId();
400  }
401 
402  if ($permission instanceof Permission) {
403  $permission = $permission->getId();
404  }
405 
406  if (is_array($permission)) {
407  throw new Exception(
408  'Should check one permission, not a list of permissions.',
409  5
410  );
411  }
412 
413  if (false === $this->groupExists($group)) {
414  throw new Exception(
415  'Group %s does not exist.',
416  6,
417  $group
418  );
419  }
420 
421  return
422  $this
423  ->getGroups()
424  ->getNode($group)
425  ->permissionExists($permission);
426  }
groupExists($groupId)
Definition: Acl.php:449

Here is the call graph for this function:

Here is the caller graph for this function:

Hoa\Acl\Acl::serviceExists (   $serviceId)

Check if a service exists or not.

Parameters
string$serviceIdThe service ID.
Returns
bool

Definition at line 464 of file Acl.php.

465  {
466  if ($serviceId instanceof Service) {
467  $serviceId = $serviceId->getId();
468  }
469 
470  return isset($this->services[$serviceId]);
471  }

Here is the caller graph for this function:

Hoa\Acl\Acl::userExists (   $userId)

Check if a user exists or not.

Parameters
string$userIdThe user ID.
Returns
bool

Definition at line 434 of file Acl.php.

435  {
436  if ($userId instanceof User) {
437  $userId = $userId->getId();
438  }
439 
440  return isset($this->users[$userId]);
441  }

Here is the caller graph for this function:

Member Data Documentation

Hoa\Acl\Acl::$_instance = null
staticprivate

Definition at line 73 of file Acl.php.

Hoa\Acl\Acl::$groups = null
protected

Definition at line 87 of file Acl.php.

Hoa\Acl\Acl::$services = []
protected

Definition at line 94 of file Acl.php.

Hoa\Acl\Acl::$users = []
protected

Definition at line 80 of file Acl.php.

const Hoa\Acl\Acl::DELETE_CASCADE = true

Propagate delete.

bool

Definition at line 59 of file Acl.php.

const Hoa\Acl\Acl::DELETE_RESTRICT = false

Restricte delete.

bool

Definition at line 66 of file Acl.php.


The documentation for this class was generated from the following file: