PHP Class Prado\Security\TAuthorizationRule

TAuthorizationRule represents a single authorization rule. A rule is specified by an action (required), a list of users (optional), a list of roles (optional), a verb (optional), and a list of IP rules (optional). Action can be either 'allow' or 'deny'. Guest (anonymous, unauthenticated) users are represented by question mark '?'. All users (including guest users) are represented by asterisk '*'. Authenticated users are represented by '@'. Users/roles are case-insensitive. Different users/roles are separated by comma ','. Verb can be either 'get' or 'post'. If it is absent, it means both. IP rules are separated by comma ',' and can contain wild card in the rules (e.g. '192.132.23.33, 192.122.*.*')

Since: 3.0

Author: Qiang Xue ([email protected])

Inheritance: extends Prado\TComponent

Afficher le fichier Open project: pradosoft/prado

Méthodes publiques

Méthode	Description
__construct ( $action, $users, $roles, $verb = '', $ipRules = '' )	Constructor.
getAction ( ) : string
getAuthenticatedApplied ( ) : boolean
getEveryoneApplied ( ) : boolean
getGuestApplied ( ) : boolean
getIPRules ( ) : array
getRoles ( ) : array
getUsers ( ) : array
getVerb ( ) : string
isUserAllowed ( Prado\Security\IUser $user, $verb, $ip ) : integer

Private Methods

Méthode	Description
isIpMatched ( $ip )
isRoleMatched ( $user )
isUserMatched ( $user )
isVerbMatched ( $verb )

Method Details

__construct() public méthode

Constructor.

public __construct ( $action, $users, $roles, $verb = '', $ipRules = '' )

getAction() public méthode

public getAction ( ) : string
Résultat	string	action, either 'allow' or 'deny'

getAuthenticatedApplied() public méthode

public getAuthenticatedApplied ( ) : boolean
Résultat	boolean	if this rule applies to authenticated users

getEveryoneApplied() public méthode

public getEveryoneApplied ( ) : boolean
Résultat	boolean	if this rule applies to everyone

getGuestApplied() public méthode

public getGuestApplied ( ) : boolean
Résultat	boolean	if this rule applies to everyone

getIPRules() public méthode

Since: 3.1.1

public getIPRules ( ) : array
Résultat	array	list of IP rules.

getRoles() public méthode

public getRoles ( ) : array
Résultat	array	list of roles

getUsers() public méthode

public getUsers ( ) : array
Résultat	array	list of user IDs

getVerb() public méthode

public getVerb ( ) : string
Résultat	string	verb, may be empty, 'get', or 'post'.

isUserAllowed() public méthode

public isUserAllowed ( Prado\Security\IUser $user, $verb, $ip ) : integer
$user	Prado\Security\IUser
Résultat	integer	1 if the user is allowed, -1 if the user is denied, 0 if the rule does not apply to the user