phpcr/src/PHPCR/Security/AccessControlListInterface.php
inheritedCopyright 2008-2011 Karsten Dambekalns karsten@typo3.org
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
\PHPCR\Security\AccessControlListInterface
It is mutable before being set to the AccessControlManagerInterface and consequently defines methods to read and mutate the list i.e. to get, add or remove individual AccessControlEntryInterface instances.
The \Traversable interface enables the implementation to be addressed with foreach. AccessControlList has to implement either \RecursiveIterator or \Iterator. The iterator is equivalent to getAccessControlEntries() returning AccessControlEntryInterface instances. The iterator keys have no significant meaning.
- Parent(s)
- \PHPCR\Security\AccessControlPolicyInterface
- Api
Methods
addAccessControlEntry(\PHPCR\Security\PrincipalInterface $principal, array $privileges) : booleanRegisters an access control entry object to the registry.
Adds an access control entry to this policy consisting of the specified principal and the specified privileges. This method returns true if this policy was modified, false otherwise.
How the entries are grouped within the list is an implementation detail. An implementation may e.g. combine the specified privileges with those added by a previous call to addAccessControlEntry for the same Principal. However, a call to addAccessControlEntry for a given Principal can never remove a Privilege added by a previous call.
The modification does not take effect until this policy has been set to a node by calling AccessControlManagerInterface::setPolicy() and Session::save is performed.
| Name | Type | Description |
|---|---|---|
| $principal | \PHPCR\Security\PrincipalInterface | the entity that should have this privilege |
| $privileges | array |
|
| Type | Description |
|---|---|
| boolean | true if this policy was modify; false otherwise. |
| Exception | Description |
|---|---|
| \PHPCR\Security\AccessControlException | if the specified principal or any of the privileges does not exist or if some other access control related exception occurs. |
| \PHPCR\RepositoryException | - if another error occurs. |
- Api
getAccessControlEntries() : arrayReturns all access control entries present with this policy.
This method is only guaranteed to return an access control entry object if that access control entry object has been assigned through this API.
| Type | Description |
|---|---|
| array | all AccessControlEntry objects present with this policy. |
| Exception | Description |
|---|---|
| \PHPCR\RepositoryException | - if an error occurs. |
- Api
removeAccessControlEntry(\PHPCR\Security\AccessControlEntryInterface $ace) : voidRemoves the specified access control entry object from this policy.
Only exactly those entries obtained through getAccessControlEntries can be removed. This method does not take effect until this policy has been re-assigned to a node by calling AccessControlManagerInterface::setPolicy() and save is performed.
| Name | Type | Description |
|---|---|---|
| $ace | \PHPCR\Security\AccessControlEntryInterface | the access control entry to be removed. |
| Exception | Description |
|---|---|
| \PHPCR\Security\AccessControlException | if the specified entry is not present on the specified node. |
| \PHPCR\RepositoryException | if another error occurs. |
- Api