Tilmeld Server API  1.0.0
Nymph user and group management with access controls.
Static Public Member Functions | Public Attributes | Static Public Attributes | List of all members
Tilmeld\Tilmeld Class Reference

Tilmeld main class. More...

Static Public Member Functions

static gatekeeper ($ability=null)
 Check to see if the current user has an ability. More...
 
static configure ($config=[])
 Apply configuration to Tilmeld. More...
 
static addAccessControlSelectors (&$optionsAndSelectors)
 Add selectors to a list of options and selectors which will limit results to only entities the current user has access to. More...
 
static checkPermissions (&$entity, $type=Tilmeld::READ_ACCESS, $user=null)
 Check an entity's permissions for a user. More...
 
static fillSession ($user)
 Fill session user data. More...
 
static clearSession ()
 Clear session user data. More...
 
static extractToken ($token)
 Validate and extract the user from a token. More...
 
static authenticate ()
 Check for a TILMELDAUTH cookie, and, if set, authenticate from it. More...
 
static login ($user, $sendAuthHeader)
 Logs the given user into the system. More...
 
static logout ()
 Logs the current user out of the system.
 
static groupSort (&$array, $property=null, $caseSensitive=false, $reverse=false)
 Sort an array of groups hierarchically. More...
 

Public Attributes

const VERSION = '1.0.0'
 
const NO_ACCESS = 0
 
const READ_ACCESS = 1
 
const WRITE_ACCESS = 2
 
const FULL_ACCESS = 4
 

Static Public Attributes

static $config
 
static $currentUser = null
 

Detailed Description

Tilmeld main class.

Provides an Nymph based user and group manager.

Author
Hunter Perrin hperr.nosp@m.in@g.nosp@m.mail..nosp@m.com
Copyright
SciActive.com
See also
http://tilmeld.org/

Definition at line 17 of file Tilmeld.php.

Member Function Documentation

◆ addAccessControlSelectors()

static Tilmeld\Tilmeld::addAccessControlSelectors ( $optionsAndSelectors)
static

Add selectors to a list of options and selectors which will limit results to only entities the current user has access to.

Parameters
array&$optionsAndSelectorsThe options and selectors of the query.

Definition at line 96 of file Tilmeld.php.

◆ authenticate()

static Tilmeld\Tilmeld::authenticate ( )
static

Check for a TILMELDAUTH cookie, and, if set, authenticate from it.

Returns
bool True if a user was authenticated, false on any failure.

Definition at line 450 of file Tilmeld.php.

◆ checkPermissions()

static Tilmeld\Tilmeld::checkPermissions ( $entity,
  $type = Tilmeld::READ_ACCESS,
  $user = null 
)
static

Check an entity's permissions for a user.

This will check the AC (Access Control) properties of the entity. These include the following properties:

  • acUser
  • acGroup
  • acOther
  • acRead
  • acWrite
  • acFull

"acUser" refers to the entity's owner, "acGroup" refers to all users in the entity's group and all ancestor groups, and "acOther" refers to any user who doesn't fit these descriptions.

Each of these properties should be either NO_ACCESS, READ_ACCESS, WRITE_ACCESS, or FULL_ACCESS.

  • NO_ACCESS - the user has no access to the entity.
  • READ_ACCESS, the user has read access to the entity.
  • WRITE_ACCESS, the user has read and write access to the entity, but can't delete it, change its access controls, or change its ownership.
  • FULL_ACCESS, the user has read, write, and delete access to the entity, as well as being able to manage its access controls and ownership.

These properties defaults to:

  • acUser = Tilmeld::FULL_ACCESS
  • acGroup = Tilmeld::READ_ACCESS
  • acOther = Tilmeld::NO_ACCESS

"acRead", "acWrite", and "acFull" are arrays of users and/or groups that also have those permissions.

Only users with FULL_ACCESS have the ability to change any of the ac*, user, and group properties.

The following conditions will result in different checks, which determine whether the check passes:

  • The user has the "system/admin" ability. (Always true.)
  • It is a user or group. (True for READ_ACCESS or Tilmeld admins.)
  • The entity has no "user" and no "group". (Always true.)
  • No user is logged in. (Check other AC.)
  • The entity is the user. (Always true.)
  • It is the user's primary group. (True for READ_ACCESS.)
  • The user or its groups are listed in "acRead". (True for READ_ACCESS.)
  • The user or its groups are listed in "acWrite". (True for READ_ACCESS and WRITE_ACCESS.)
  • The user or its groups are listed in "acFull". (Always true.)
  • Its "user" is the user. (It is owned by the user.) (Check user AC.)
  • Its "group" is the user's primary group. (Check group AC.)
  • Its "group" is one of the user's secondary groups. (Check group AC.)
  • Its "group" is a descendant of one of the user's groups. (Check group AC.)
  • None of the above. (Check other AC.)
Parameters
object&$entityThe entity to check.
int$typeThe lowest level of permission to consider a pass. One of Tilmeld::READ_ACCESS, Tilmeld::WRITE_ACCESS, or Tilmeld::FULL_ACCESS.
\Tilmeld\Entities\User | null$userThe user to check permissions for. If null, uses the current user. If false, checks for public access.
Returns
bool Whether the current user has at least $type permission for the entity.

Definition at line 268 of file Tilmeld.php.

◆ clearSession()

static Tilmeld\Tilmeld::clearSession ( )
static

Clear session user data.

Also sets the default timezone to the server default.

Definition at line 408 of file Tilmeld.php.

◆ configure()

static Tilmeld\Tilmeld::configure (   $config = [])
static

Apply configuration to Tilmeld.

$config should be an associative array of Tilmeld configuration. Use the following form:

[ 'setup_url' => 'http://example.com/tilmeld/', 'create_admin' => false ]

Parameters
array$configAn associative array of Tilmeld's configuration.

Definition at line 78 of file Tilmeld.php.

◆ extractToken()

static Tilmeld\Tilmeld::extractToken (   $token)
static

Validate and extract the user from a token.

Parameters
string$tokenThe authentication token.
Returns
\Tilmeld\Entities\User|bool The user on success, false on failure.

Definition at line 425 of file Tilmeld.php.

◆ fillSession()

static Tilmeld\Tilmeld::fillSession (   $user)
static

Fill session user data.

Also sets the default timezone to the user's timezone.

Parameters
\Tilmeld\Entities\User$userThe user.

Definition at line 383 of file Tilmeld.php.

◆ gatekeeper()

static Tilmeld\Tilmeld::gatekeeper (   $ability = null)
static

Check to see if the current user has an ability.

If $ability is null, it will check to see if a user is currently logged in.

Parameters
string$abilityThe ability.
Returns
bool True or false.

Definition at line 58 of file Tilmeld.php.

◆ groupSort()

static Tilmeld\Tilmeld::groupSort ( $array,
  $property = null,
  $caseSensitive = false,
  $reverse = false 
)
static

Sort an array of groups hierarchically.

An additional property of the groups can be used to sort them under their parents.

Parameters
array&$arrayThe array of groups.
string | null$propertyThe name of the property to sort groups by. Null for no additional sorting.
bool$caseSensitiveSort case sensitively.
bool$reverseReverse the sort order.

Definition at line 562 of file Tilmeld.php.

◆ login()

static Tilmeld\Tilmeld::login (   $user,
  $sendAuthHeader 
)
static

Logs the given user into the system.

Parameters
\Tilmeld\Entities\User$userThe user.
bool$alwaysSendAuthHeaderWhen true, a custom header with the auth token will be sent.
Returns
bool True on success, false on failure.

Definition at line 513 of file Tilmeld.php.

The documentation for this class was generated from the following file:
Generated by   doxygen 1.8.15