HumHub Documentation (unofficial)

ManagerInterface extends CheckAccessInterface
in

For more details and usage information on ManagerInterface, see the [guide article on security authorization](guide:security-authorization).

Tags
author

Qiang Xue qiang.xue@gmail.com

since
2.0

Table of Contents

Methods

add()  : bool
Adds a role, permission or rule to the RBAC system.
addChild()  : bool
Adds an item as a child of another item.
assign()  : Assignment
Assigns a role to a user.
canAddChild()  : bool
Checks the possibility of adding a child to parent.
checkAccess()  : bool
Checks if the user has the specified permission.
createPermission()  : Permission
Creates a new Permission object.
createRole()  : Role
Creates a new Role object.
getAssignment()  : Assignment|null
Returns the assignment information regarding a role and a user.
getAssignments()  : array<string|int, Assignment>
Returns all role assignment information for the specified user.
getChildren()  : array<string|int, Item>
Returns the child permissions and/or roles.
getChildRoles()  : array<string|int, Role>
Returns child roles of the role specified. Depth isn't limited.
getPermission()  : Permission|null
Returns the named permission.
getPermissions()  : array<string|int, Permission>
Returns all permissions in the system.
getPermissionsByRole()  : array<string|int, Permission>
Returns all permissions that the specified role represents.
getPermissionsByUser()  : array<string|int, Permission>
Returns all permissions that the user has.
getRole()  : Role|null
Returns the named role.
getRoles()  : array<string|int, Role>
Returns all roles in the system.
getRolesByUser()  : array<string|int, Role>
Returns the roles that are assigned to the user via [[assign()]].
getRule()  : Rule|null
Returns the rule of the specified name.
getRules()  : array<string|int, Rule>
Returns all rules available in the system.
getUserIdsByRole()  : array<string|int, mixed>
Returns all user IDs assigned to the role specified.
hasChild()  : bool
Returns a value indicating whether the child already exists for the parent.
remove()  : bool
Removes a role, permission or rule from the RBAC system.
removeAll()  : mixed
Removes all authorization data, including roles, permissions, rules, and assignments.
removeAllAssignments()  : mixed
Removes all role assignments.
removeAllPermissions()  : mixed
Removes all permissions.
removeAllRoles()  : mixed
Removes all roles.
removeAllRules()  : mixed
Removes all rules.
removeChild()  : bool
Removes a child from its parent.
removeChildren()  : bool
Removed all children form their parent.
revoke()  : bool
Revokes a role from a user.
revokeAll()  : bool
Revokes all roles from a user.
update()  : bool
Updates the specified role, permission or rule in the system.

Methods

add()

Adds a role, permission or rule to the RBAC system.

public add(Role|Permission|Rule $object) : bool
Parameters
$object : Role|Permission|Rule
Tags
throws
Exception

if data validation or saving fails (such as the name of the role or permission is not unique)

Return values
bool

whether the role, permission or rule is successfully added to the system

addChild()

Adds an item as a child of another item.

public addChild(Item $parent, Item $child) : bool
Parameters
$parent : Item
$child : Item
Tags
throws
Exception

if the parent-child relationship already exists or if a loop has been detected.

Return values
bool

whether the child successfully added

assign()

Assigns a role to a user.

public assign(Role|Permission $role, string|int $userId) : Assignment
Parameters
$role : Role|Permission
$userId : string|int

the user ID (see [[\yii\web\User::id]])

Tags
throws
Exception

if the role has already been assigned to the user

Return values
Assignment

the role assignment information.

canAddChild()

Checks the possibility of adding a child to parent.

public canAddChild(Item $parent, Item $child) : bool
Parameters
$parent : Item

the parent item

$child : Item

the child item to be added to the hierarchy

Tags
since
2.0.8
Return values
bool

possibility of adding

checkAccess()

Checks if the user has the specified permission.

public checkAccess(string|int $userId, string $permissionName[, array<string|int, mixed> $params = [] ]) : bool
Parameters
$userId : string|int

the user ID. This should be either an integer or a string representing the unique identifier of a user. See [[\yii\web\User::id]].

$permissionName : string

the name of the permission to be checked against

$params : array<string|int, mixed> = []

name-value pairs that will be passed to the rules associated with the roles and permissions assigned to the user.

Tags
throws
InvalidParamException

if $permissionName does not refer to an existing permission

Return values
bool

whether the user has the specified permission.

createPermission()

Creates a new Permission object.

public createPermission(string $name) : Permission

Note that the newly created permission is not added to the RBAC system yet. You must fill in the needed data and call [[add()]] to add it to the system.

Parameters
$name : string

the permission name

Return values
Permission

the new Permission object

createRole()

Creates a new Role object.

public createRole(string $name) : Role

Note that the newly created role is not added to the RBAC system yet. You must fill in the needed data and call [[add()]] to add it to the system.

Parameters
$name : string

the role name

Return values
Role

the new Role object

getAssignment()

Returns the assignment information regarding a role and a user.

public getAssignment(string $roleName, string|int $userId) : Assignment|null
Parameters
$roleName : string

the role name

$userId : string|int

the user ID (see [[\yii\web\User::id]])

Return values
Assignment|null

the assignment information. Null is returned if the role is not assigned to the user.

getAssignments()

Returns all role assignment information for the specified user.

public getAssignments(string|int $userId) : array<string|int, Assignment>
Parameters
$userId : string|int

the user ID (see [[\yii\web\User::id]])

Return values
array<string|int, Assignment>

the assignments indexed by role names. An empty array will be returned if there is no role assigned to the user.

getChildren()

Returns the child permissions and/or roles.

public getChildren(string $name) : array<string|int, Item>
Parameters
$name : string

the parent name

Return values
array<string|int, Item>

the child permissions and/or roles

getChildRoles()

Returns child roles of the role specified. Depth isn't limited.

public getChildRoles(string $roleName) : array<string|int, Role>
Parameters
$roleName : string

name of the role to file child roles for

Tags
throws
InvalidParamException

if Role was not found that are getting by $roleName

since
2.0.10
Return values
array<string|int, Role>

Child roles. The array is indexed by the role names. First element is an instance of the parent Role itself.

getPermission()

Returns the named permission.

public getPermission(string $name) : Permission|null
Parameters
$name : string

the permission name.

Return values
Permission|null

the permission corresponding to the specified name. Null is returned if no such permission.

getPermissions()

Returns all permissions in the system.

public getPermissions() : array<string|int, Permission>
Return values
array<string|int, Permission>

all permissions in the system. The array is indexed by the permission names.

getPermissionsByRole()

Returns all permissions that the specified role represents.

public getPermissionsByRole(string $roleName) : array<string|int, Permission>
Parameters
$roleName : string

the role name

Return values
array<string|int, Permission>

all permissions that the role represents. The array is indexed by the permission names.

getPermissionsByUser()

Returns all permissions that the user has.

public getPermissionsByUser(string|int $userId) : array<string|int, Permission>
Parameters
$userId : string|int

the user ID (see [[\yii\web\User::id]])

Return values
array<string|int, Permission>

all permissions that the user has. The array is indexed by the permission names.

getRole()

Returns the named role.

public getRole(string $name) : Role|null
Parameters
$name : string

the role name.

Return values
Role|null

the role corresponding to the specified name. Null is returned if no such role.

getRoles()

Returns all roles in the system.

public getRoles() : array<string|int, Role>
Return values
array<string|int, Role>

all roles in the system. The array is indexed by the role names.

getRolesByUser()

Returns the roles that are assigned to the user via [[assign()]].

public getRolesByUser(string|int $userId) : array<string|int, Role>

Note that child roles that are not assigned directly to the user will not be returned.

Parameters
$userId : string|int

the user ID (see [[\yii\web\User::id]])

Return values
array<string|int, Role>

all roles directly assigned to the user. The array is indexed by the role names.

getRule()

Returns the rule of the specified name.

public getRule(string $name) : Rule|null
Parameters
$name : string

the rule name

Return values
Rule|null

the rule object, or null if the specified name does not correspond to a rule.

getRules()

Returns all rules available in the system.

public getRules() : array<string|int, Rule>
Return values
array<string|int, Rule>

the rules indexed by the rule names

getUserIdsByRole()

Returns all user IDs assigned to the role specified.

public getUserIdsByRole(string $roleName) : array<string|int, mixed>
Parameters
$roleName : string
Tags
since
2.0.7
Return values
array<string|int, mixed>

array of user ID strings

hasChild()

Returns a value indicating whether the child already exists for the parent.

public hasChild(Item $parent, Item $child) : bool
Parameters
$parent : Item
$child : Item
Return values
bool

whether $child is already a child of $parent

removeAll()

Removes all authorization data, including roles, permissions, rules, and assignments.

public removeAll() : mixed

removeAllAssignments()

Removes all role assignments.

public removeAllAssignments() : mixed

removeAllPermissions()

Removes all permissions.

public removeAllPermissions() : mixed

All parent child relations will be adjusted accordingly.

removeAllRoles()

Removes all roles.

public removeAllRoles() : mixed

All parent child relations will be adjusted accordingly.

removeAllRules()

Removes all rules.

public removeAllRules() : mixed

All roles and permissions which have rules will be adjusted accordingly.

removeChild()

Removes a child from its parent.

public removeChild(Item $parent, Item $child) : bool

Note, the child item is not deleted. Only the parent-child relationship is removed.

Parameters
$parent : Item
$child : Item
Return values
bool

whether the removal is successful

removeChildren()

Removed all children form their parent.

public removeChildren(Item $parent) : bool

Note, the children items are not deleted. Only the parent-child relationships are removed.

Parameters
$parent : Item
Return values
bool

whether the removal is successful

revoke()

Revokes a role from a user.

public revoke(Role|Permission $role, string|int $userId) : bool
Parameters
$role : Role|Permission
$userId : string|int

the user ID (see [[\yii\web\User::id]])

Return values
bool

whether the revoking is successful

revokeAll()

Revokes all roles from a user.

public revokeAll(mixed $userId) : bool
Parameters
$userId : mixed

the user ID (see [[\yii\web\User::id]])

Return values
bool

whether the revoking is successful

update()

Updates the specified role, permission or rule in the system.

public update(string $name, Role|Permission|Rule $object) : bool
Parameters
$name : string

the old name of the role, permission or rule

$object : Role|Permission|Rule
Tags
throws
Exception

if data validation or saving fails (such as the name of the role or permission is not unique)

Return values
bool

whether the update is successful


        

        
    




    

    

                                

                

                            
    

        On this page

        
    


                

                            

            

    

        

            
Search results