Class Phalcon\Acl\Adapter\Memory

extends class Phalcon\Acl\Adapter

Manages ACL lists in memory

  1. <?php
  3. $acl = new \Phalcon\Acl\Adapter\Memory();
  5. $acl->setDefaultAction(Phalcon\Acl::DENY);
  7. //Register roles
  8. $roles = array(
  9.     'users' => new \Phalcon\Acl\Role('Users'),
  10.     'guests' => new \Phalcon\Acl\Role('Guests')
  11. );
  12. foreach ($roles as $role) {
  13.     $acl->addRole($role);
  14. }
  16. //Private area resources
  17. $privateResources = array(
  18.     'companies' => array('index', 'search', 'new', 'edit', 'save', 'create', 'delete'),
  19.     'products' => array('index', 'search', 'new', 'edit', 'save', 'create', 'delete'),
  20.     'invoices' => array('index', 'profile')
  21. );
  22. foreach ($privateResources as $resource => $actions) {
  23.     $acl->addResource(new Phalcon\Acl\Resource($resource), $actions);
  24. }
  26. //Public area resources
  27. $publicResources = array(
  28.     'index' => array('index'),
  29.     'about' => array('index'),
  30.     'session' => array('index', 'register', 'start', 'end'),
  31.     'contact' => array('index', 'send')
  32. );
  33. foreach ($publicResources as $resource => $actions) {
  34.     $acl->addResource(new Phalcon\Acl\Resource($resource), $actions);
  35. }
  37. //Grant access to public areas to both users and guests
  38. foreach ($roles as $role){
  39.     foreach ($publicResources as $resource => $actions) {
  40.             $acl->allow($role->getName(), $resource, '*');
  41.     }
  42. }
  44. //Grant access to private area to role Users
  45. foreach ($privateResources as $resource => $actions) {
  46.             foreach ($actions as $action) {
  47.             $acl->allow('Users', $resource, $action);
  48.     }
  49. }

Methods

public __construct ()

Phalcon\Acl\Adapter\Memory constructor

public boolean addRole (unknown $role, [unknown $accessInherits])

Adds a role to the ACL list. Second parameter allows inheriting access data from other existing role Example:

  1. <?php
  3.     $acl->addRole(new Phalcon\Acl\Role('administrator'), 'consultant');
  4.     $acl->addRole('administrator', 'consultant');

public addInherit (unknown $roleName, unknown $roleToInherit)

Do a role inherit from another existing role

public boolean isRole (unknown $roleName)

Check whether role exist in the roles list

public boolean isResource (unknown $resourceName)

Check whether resource exist in the resources list

public boolean addResource (unknown $resourceValue, unknown $accessList)

Adds a resource to the ACL list Access names can be a particular action, by example search, update, delete, etc or a list of them Example:

  1. <?php
  3.  //Add a resource to the the list allowing access to an action
  4.  $acl->addResource(new Phalcon\Acl\Resource('customers'), 'search');
  5.  $acl->addResource('customers', 'search');
  7.  //Add a resource  with an access list
  8.  $acl->addResource(new Phalcon\Acl\Resource('customers'), array('create', 'search'));
  9.  $acl->addResource('customers', array('create', 'search'));

public boolean addResourceAccess (unknown $resourceName, unknown $accessList)

Adds access to resources

public dropResourceAccess (unknown $resourceName, unknown $accessList)

Removes an access from a resource

protected _allowOrDeny (unknown $roleName, unknown $resourceName, unknown $access, unknown $action)

Checks if a role has access to a resource

public allow (unknown $roleName, unknown $resourceName, unknown $access)

Allow access to a role on a resource You can use ‘*’ as wildcard Example:

  1. <?php
  3.  //Allow access to guests to search on customers
  4.  $acl->allow('guests', 'customers', 'search');
  6.  //Allow access to guests to search or create on customers
  7.  $acl->allow('guests', 'customers', array('search', 'create'));
  9.  //Allow access to any role to browse on products
  10.  $acl->allow('*', 'products', 'browse');
  12.  //Allow access to any role to browse on any resource
  13.  $acl->allow('*', '*', 'browse');

public boolean deny (unknown $roleName, unknown $resourceName, unknown $access)

Deny access to a role on a resource You can use ‘*’ as wildcard Example:

  1. <?php
  3.  //Deny access to guests to search on customers
  4.  $acl->deny('guests', 'customers', 'search');
  6.  //Deny access to guests to search or create on customers
  7.  $acl->deny('guests', 'customers', array('search', 'create'));
  9.  //Deny access to any role to browse on products
  10.  $acl->deny('*', 'products', 'browse');
  12.  //Deny access to any role to browse on any resource
  13.  $acl->deny('*', '*', 'browse');

public boolean isAllowed (unknown $roleName, unknown $resourceName, unknown $access)

Check whether a role is allowed to access an action from a resource

  1. <?php
  3.  //Does andres have access to the customers resource to create?
  4.  $acl->isAllowed('andres', 'Products', 'create');
  6.  //Do guests have access to any resource to edit?
  7.  $acl->isAllowed('guests', '*', 'edit');

public Phalcon\Acl\Role [] getRoles ()

Return an array with every role registered in the list

public Phalcon\Acl\Resource [] getResources ()

Return an array with every resource registered in the list

public getActiveRole () inherited from Phalcon\Acl\Adapter

Role which the list is checking if it’s allowed to certain resource/access

public getActiveResource () inherited from Phalcon\Acl\Adapter

Resource which the list is checking if some role can access it

public getActiveAccess () inherited from Phalcon\Acl\Adapter

Active access which the list is checking if some role can access it

public setEventsManager (unknown $eventsManager) inherited from Phalcon\Acl\Adapter

Sets the events manager

public Phalcon\Events\ManagerInterface getEventsManager () inherited from Phalcon\Acl\Adapter

Returns the internal event manager

public setDefaultAction (unknown $defaultAccess) inherited from Phalcon\Acl\Adapter

Sets the default access level (Phalcon\Acl::ALLOW or Phalcon\Acl::DENY)

public int getDefaultAction () inherited from Phalcon\Acl\Adapter

Returns the default ACL access level