forked from symfony/security-acl
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathAclInterface.php
104 lines (91 loc) · 2.96 KB
/
AclInterface.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <[email protected]>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Security\Acl\Model;
use Symfony\Component\Security\Acl\Exception\NoAceFoundException;
/**
* This interface represents an access control list (ACL) for a domain object.
* Each domain object can have exactly one associated ACL.
*
* An ACL contains all access control entries (ACE) for a given domain object.
* In order to avoid needing references to the domain object itself, implementations
* use ObjectIdentity implementations as an additional level of indirection.
*
* @author Johannes M. Schmitt <[email protected]>
*
* @method array __serialize() returns all the necessary state of the object for serialization purposes
* @method void __unserialize(array $data) restores the object state from an array given by {@see __serialize}
*/
interface AclInterface extends \Serializable
{
/**
* Returns all class-based ACEs associated with this ACL.
*
* @return array<int, EntryInterface>
*/
public function getClassAces();
/**
* Returns all class-field-based ACEs associated with this ACL.
*
* @return array<int, EntryInterface>
*/
public function getClassFieldAces(string $field);
/**
* Returns all object-based ACEs associated with this ACL.
*
* @return array<int, EntryInterface>
*/
public function getObjectAces();
/**
* Returns all object-field-based ACEs associated with this ACL.
*
* @return array<int, EntryInterface>
*/
public function getObjectFieldAces(string $field);
/**
* Returns the object identity associated with this ACL.
*
* @return ObjectIdentityInterface
*/
public function getObjectIdentity();
/**
* Returns the parent ACL, or null if there is none.
*
* @return AclInterface|null
*/
public function getParentAcl();
/**
* Whether this ACL is inheriting ACEs from a parent ACL.
*
* @return bool
*/
public function isEntriesInheriting();
/**
* Determines whether field access is granted.
*
* @return bool
*/
public function isFieldGranted(string $field, array $masks, array $securityIdentities, bool $administrativeMode = false);
/**
* Determines whether access is granted.
*
* @return bool
*
* @throws NoAceFoundException when no ACE was applicable for this request
*/
public function isGranted(array $masks, array $securityIdentities, bool $administrativeMode = false);
/**
* Whether the ACL has loaded ACEs for all of the passed security identities.
*
* @param SecurityIdentityInterface|SecurityIdentityInterface[] $securityIdentities
*
* @return bool
*/
public function isSidLoaded($securityIdentities);
}