TIP_Privilege
Index
- Introduction
- Properties
- Methods
- __construct {{($options)}}
- postConstructor {{()}}
- getPrivilege {{($module, [$user])}}
- tagIsManager {{($params) : string|null}}
- tagIsAdmin {{($params) : string|null}}
- tagIsTrusted {{($params) : string|null}}
- tagIsUntrusted {{($params) : string|null}}
- tagPrivilegeDescription {{($params) : string|null}}
- tagPrivilegeId {{($params) : string|null}}
- tagPrivilegeLevel {{($params) : string|null}}
- actionChange {{($user, $module, $privilege) : bool}}
- runManagerAction {{($action)}}
- runAdminAction {{($action)}}
- runTrustedAction {{($action)}}
- runUntrustedAction {{($action)}}
- runAction {{($action)}}
Introduction
The privilege manager
- Source file
- /Type/module/content/privilege.php
- Extends
- TIP_Content
TIP uses different security levels, defined in a top-down fashion: every level allows the actions of the lower levels.
Here's the privilege list, ordered from the highest to the lowest level:
- manager: can perform actionEdit() on everything
* admin: can perform actionDelete() on everything
* trusted: can perform actionEdit() and actionDelete() on his owned content
* untrusted: can perform actionAdd()
* none: can perform actionView() and actionBrowse()
For addictive actions, such as actionLogin() and actionLogout() in TIP_User, you can directy check the source of the module.
The privileges are stored in a "Module-User" way, so for every pair of module-user there will be a specific privilege level. If a requested module-user pair is not stored in the privilege database, the default privilege level will be used.
The default privileges SHOULD be specified in the config file for every module in the 'default_privilege' and 'anonymous_privilege' options. If not specified, the privilege defaults to the one of the application module.
Properties
Methods
__construct ($options)
Constructor
- $options
- array
Properties values - lines
- 65 - 68
- access
- protected
Initializes a TIP_Privilege instance.
postConstructor ()
Custom post construction method
- lines
- 76 - 80
- access
- protected
Overrides the default post-constructor method to avoid the TIP::getPrivilege() call and the consequential mutual recursion.
getPrivilege ($module, [$user])
- $module
- $user
- [ = null ]
- lines
- 85 - 99
- access
- public
tagIsManager ($params) : string|null
Check if the current user is manager
- $params
- string
Parameters of the tag - lines
- 115 - 118
- access
- protected
Expands to 'true' if the current logged-in user is manager in the module specified with $params, 'false' otherwise.
tagIsAdmin ($params) : string|null
Check if the current user is administrator
- $params
- string
Parameters of the tag - lines
- 126 - 129
- access
- protected
Expands to 'true' if the current logged-in user is administrator in the module specified with $params, 'false' otherwise.
tagIsTrusted ($params) : string|null
Check if the current user is a trusted user ' Expands to 'true' if the current logged-in user is trusted in the module specified with $params, 'false' otherwise.
- $params
- string
Parameters of the tag - lines
- 137 - 140
- access
- protected
tagIsUntrusted ($params) : string|null
Check if the current user is an untrusted user
- $params
- string
Parameters of the tag - lines
- 148 - 151
- access
- protected
Expands to 'true' if the current logged-in user is untrusted in the module specified with $params, 'false' otherwise.
tagPrivilegeDescription ($params) : string|null
Get the privilege description
- $params
- string
Parameters of the tag - lines
- 160 - 176
- access
- protected
Expands to the specified privilege description, in the current locale. In $params you must specify the privilege as 'module_id,privilege', where privilege must be manager|admin|trusted|untrusted|none.
tagPrivilegeId ($params) : string|null
Get the privilege id from a privilege level
- $params
- string
Parameters of the tag - lines
- 184 - 191
- access
- protected
Given a privilege level (1..5), returns the privilege id, that is a string containing manager|admin|trusted|untrusted|none.
tagPrivilegeLevel ($params) : string|null
Get the privilege level from a privilege id
- $params
- string
Parameters of the tag - lines
- 198 - 206
- access
- protected
The reverse operation of tagPrivilegeId().
actionChange ($user, $module, $privilege) : bool
Perform a change action
- $user
- int
The user to modify - $module
- string
A module name - $privilege
- string
The new privilege level - lines
- 223 - 275
- access
- protected
Changes the privilege level for the given user on the specified module.
runManagerAction ($action)
- $action
- lines
- 277 - 299
- access
- protected
runAdminAction ($action)
- $action
- lines
- 301 - 304
- access
- protected
runTrustedAction ($action)
- $action
- lines
- 306 - 309
- access
- protected
runUntrustedAction ($action)
- $action
- lines
- 311 - 329
- access
- protected
runAction ($action)
- $action
- lines
- 331 - 334
- access
- protected
TIP_Privilegewas last modified by TiP on Mon 25 May 2009 06:22:25 PM CEST
Tutorial
- Overview
- Module
- Data engine
- Template engine
- A working example
- Download
- Getting started
API reference
- TIP
- TIP_RcbtNG_Instance
- TIP_Renderer
- TIP_Type
- TIP_Type
- TIP_Data
- TIP_Data_Engine
- TIP_Module
- TIP_Template_Engine
- TIP_Template
- TIP_Chronology
- TIP_View