interface AclInterface implements Serializable

This interface represents an access control list (ACL) for a domain object.

Each domain object can have exactly one associated ACL.

An ACL contains all access control entries (ACE) for a given domain object. In order to avoid needing references to the domain object itself, implementations use ObjectIdentity implementations as an additional level of indirection.

Methods

array
getClassAces()

Returns all class-based ACEs associated with this ACL

array
getClassFieldAces(string $field)

Returns all class-field-based ACEs associated with this ACL

array
getObjectAces()

Returns all object-based ACEs associated with this ACL

array
getObjectFieldAces(string $field)

Returns all object-field-based ACEs associated with this ACL

getObjectIdentity()

Returns the object identity associated with this ACL

getParentAcl()

Returns the parent ACL, or null if there is none.

bool
isEntriesInheriting()

Whether this ACL is inheriting ACEs from a parent ACL.

bool
isFieldGranted(string $field, array $masks, array $securityIdentities, bool $administrativeMode = false)

Determines whether field access is granted

bool
isGranted(array $masks, array $securityIdentities, bool $administrativeMode = false)

Determines whether access is granted

bool
isSidLoaded(mixed $securityIdentities)

Whether the ACL has loaded ACEs for all of the passed security identities

Details

at line line 33
array getClassAces()

Returns all class-based ACEs associated with this ACL

Return Value

array

at line line 41
array getClassFieldAces(string $field)

Returns all class-field-based ACEs associated with this ACL

Parameters

string $field

Return Value

array

at line line 48
array getObjectAces()

Returns all object-based ACEs associated with this ACL

Return Value

array

at line line 56
array getObjectFieldAces(string $field)

Returns all object-field-based ACEs associated with this ACL

Parameters

string $field

Return Value

array

at line line 63
ObjectIdentityInterface getObjectIdentity()

Returns the object identity associated with this ACL

at line line 70
AclInterface|null getParentAcl()

Returns the parent ACL, or null if there is none.

Return Value

AclInterface|null

at line line 77
bool isEntriesInheriting()

Whether this ACL is inheriting ACEs from a parent ACL.

Return Value

bool

at line line 88
bool isFieldGranted(string $field, array $masks, array $securityIdentities, bool $administrativeMode = false)

Determines whether field access is granted

Parameters

string $field
array $masks
array $securityIdentities
bool $administrativeMode

Return Value

bool

at line line 99
bool isGranted(array $masks, array $securityIdentities, bool $administrativeMode = false)

Determines whether access is granted

Parameters

array $masks
array $securityIdentities
bool $administrativeMode

Return Value

bool

Exceptions

NoAceFoundException when no ACE was applicable for this request

at line line 107
bool isSidLoaded(mixed $securityIdentities)

Whether the ACL has loaded ACEs for all of the passed security identities

Parameters

mixed $securityIdentities an implementation of SecurityIdentityInterface, or an array thereof

Return Value

bool