PHP Class Neos\Flow\Security\Policy\PolicyService

The access decision voters get the roles and privileges configured (in the security policy) for a specific method invocation from this service.

Show file Open project: neos/flow-development-collection Class Usage Examples

Protected Properties

Property	Type	Description
$configurationManager	Neos\Flow\Configuration\ConfigurationManager
$initialized	boolean
$objectManager	Neos\Flow\ObjectManagement\ObjectManagerInterface
$policyConfiguration	array
$privilegeTargets	Neos\Flow\Security\Authorization\Privilege\PrivilegeTarget[]
$roles	Role[]

Public Methods

Method	Description
getAllPrivilegesByType ( string $type ) : array	Returns all privileges of the given type
getPrivilegeTargetByIdentifier ( string $privilegeTargetIdentifier ) : PrivilegeTarget	Returns the privilege target identified by the given string
getPrivilegeTargets ( ) : PrivilegeTarget[]	Returns all configured privilege targets
getRole ( string $roleIdentifier ) : Role	Returns a Role object configured in the PolicyService
getRoles ( boolean $includeAbstract = false ) : Role[]	Returns an array of all configured roles
hasRole ( string $roleIdentifier ) : boolean	Checks if a role exists
injectConfigurationManager ( ConfigurationManager $configurationManager ) : void	This object is created very early so we can't rely on AOP for the property injection
injectObjectManager ( Neos\Flow\ObjectManagement\ObjectManagerInterface $objectManager ) : void	This object is created very early so we can't rely on AOP for the property injection
reset ( ) : void	Resets the PolicyService to behave transparently during functional testing.

Protected Methods

Method	Description
emitConfigurationLoaded ( array &$policyConfiguration ) : void	Emits a signal when the policy configuration has been loaded
emitRolesInitialized ( array &$roles ) : void	Emits a signal when roles have been initialized
initialize ( ) : void	Parses the global policy configuration and initializes roles and privileges accordingly
initializePrivilegeTargets ( ) : void	Initialized all configured privilege targets from the policy definitions

Method Details

emitConfigurationLoaded() protected method

This signal can be used to add roles and/or privilegeTargets during runtime. In the slot make sure to receive the $policyConfiguration array by reference so you can alter it.

protected emitConfigurationLoaded ( array &$policyConfiguration ) : void
$policyConfiguration	array	The policy configuration
return	void

emitRolesInitialized() protected method

This signal can be used to register roles during runtime. In the slot make sure to receive the $roles array by reference so you can alter it.

protected emitRolesInitialized ( array &$roles ) : void
$roles	array
return	void

getAllPrivilegesByType() public method

Returns all privileges of the given type

public getAllPrivilegesByType ( string $type ) : array
$type	string	Full qualified class or interface name
return	array

getPrivilegeTargetByIdentifier() public method

Returns the privilege target identified by the given string

public getPrivilegeTargetByIdentifier ( string $privilegeTargetIdentifier ) : PrivilegeTarget
$privilegeTargetIdentifier	string	Identifier of a privilege target
return	Neos\Flow\Security\Authorization\Privilege\PrivilegeTarget

getPrivilegeTargets() public method

Returns all configured privilege targets

public getPrivilegeTargets ( ) : PrivilegeTarget[]
return	Neos\Flow\Security\Authorization\Privilege\PrivilegeTarget[]

getRole() public method

Returns a Role object configured in the PolicyService

public getRole ( string $roleIdentifier ) : Role
$roleIdentifier	string	The role identifier of the role, format: (:)
return	Role

getRoles() public method

Returns an array of all configured roles

public getRoles ( boolean $includeAbstract = false ) : Role[]
$includeAbstract	boolean	If TRUE the result includes abstract roles, otherwise those will be skipped
return	Role[]	Array of all configured roles, indexed by role identifier

hasRole() public method

Checks if a role exists

public hasRole ( string $roleIdentifier ) : boolean
$roleIdentifier	string	The role identifier, format: (:)
return	boolean

initialize() protected method

Parses the global policy configuration and initializes roles and privileges accordingly

protected initialize ( ) : void
return	void

initializePrivilegeTargets() protected method

Initialized all configured privilege targets from the policy definitions

protected initializePrivilegeTargets ( ) : void
return	void

injectConfigurationManager() public method

This object is created very early so we can't rely on AOP for the property injection

public injectConfigurationManager ( ConfigurationManager $configurationManager ) : void
$configurationManager	Neos\Flow\Configuration\ConfigurationManager	The configuration manager
return	void

injectObjectManager() public method

This object is created very early so we can't rely on AOP for the property injection

public injectObjectManager ( Neos\Flow\ObjectManagement\ObjectManagerInterface $objectManager ) : void
$objectManager	Neos\Flow\ObjectManagement\ObjectManagerInterface
return	void

reset() public method

Resets the PolicyService to behave transparently during functional testing.

public reset ( ) : void
return	void

Property Details

$configurationManager protected property

protected ConfigurationManager,Neos\Flow\Configuration $configurationManager
return	Neos\Flow\Configuration\ConfigurationManager

$initialized protected property

protected bool $initialized
return	boolean

$objectManager protected property

protected ObjectManagerInterface,Neos\Flow\ObjectManagement $objectManager
return	Neos\Flow\ObjectManagement\ObjectManagerInterface

$policyConfiguration protected property

protected array $policyConfiguration
return	array

$privilegeTargets protected property

protected PrivilegeTarget[],Neos\Flow\Security\Authorization\Privilege $privilegeTargets
return	Neos\Flow\Security\Authorization\Privilege\PrivilegeTarget[]

$roles protected property

protected Role[],Neos\Flow\Security\Policy $roles
return	Role[]