class Policy

Properties

static $parity_ints

Methods

mixed
_cb_sort_policy_clusters_by_row_count_desc(mixed $a, mixed $b)

Helper callback for the create_policy_clusters Method, sorting the found clusters based on the number of rows (policies) they contain.

batch_calculate_policy_clusters_and_user_diffs()

Calculates all policy clusters as well as user diffs, thus updating the whole system right management WARNING: May take a few minutes and can cause performance lacks!

int[]
find_users_with_policy(string $instance_id, string $policy_name, string $value = null, int|string $group_security_id = 0)

No description

string[]
get_all_parent_contexts(string $current)

Returns the instance ids of all ancestors for a given instance id, including the passed one

int
get_hook_policy_value(string $instance_id, string $hook_name)

Retrieves a dummy policy value for a given hook

string
get_policy_key(int $policy_id, bool|int $global_group_security_id = false, mixed $value = false, bool $return_prefix = false)

Generate the policy key for a given policy setting

string
get_policy_key_by_names(string $instance_id, string $policy_name, bool|int $global_group_security_id = false, mixed $value = false, bool $return_prefix = false)

Generate the policy key for a given policy setting

array
get_user_clusters(bool|int|DocumentIndex $document_index = false, bool $only_active_users = true, $access_level = XF_SEC_LEVEL_ADMIN)

Return users in clusters that have the same rights settings A document index may be passed to group the users to clusters that have the same rights for that particular document

array
get_user_clusters_for_instance_ids(string[] $instance_ids = array(), $global_group_security_ids = array(), bool $only_active_users = true, $access_level = XF_SEC_LEVEL_ADMIN)

Returns users grouped into clusters that have the same rights An array of instance ids can be passed in order to group users that have the same rights within the scope of these instances.

invalidate_policy_cluster()

No description

invalidate_user_policy_diff($user_ids)

Invalidate User Policy Diff for passed User IDs All Invalidated User Policy Diffs will be Reloaded the next Time a New / Dirty Session is loaded

array
parse_policies(string $centroid, string $changes = '', string[] $policy_prefixes = array())

Generates a filtered policy array using a policy centroid (which can also be a user_diff), an optional changes array and an optional set of prefixes the found policies should be filtered for. Returns an assoc array that holds the proper parity integer for each policy key found. This may include unset properties as them being unset is only saved in the changes column of the user_policy_diff table until the next user group calc run.

set_instance_policies_to_level(string $instance_id, array $group_per_level = array(), array $user_per_level = array(), int $global_group_security_id = 0, bool $apply_to_dependencies = true)

Sets all static policies and page access rights for all provided users and groups based on the access level.

int[]
users_that_have_policy(mixed $instance_id, mixed $policy_name, mixed $value = '*', mixed $group_security_id = '0', mixed $parity = 'allow', $return_only_active_users = true)

Returns all users that have a certain policy parity.

Details

at line 991
mixed _cb_sort_policy_clusters_by_row_count_desc(mixed $a, mixed $b)

Helper callback for the create_policy_clusters Method, sorting the found clusters based on the number of rows (policies) they contain.

Parameters

mixed $a
mixed $b

Return Value

mixed

at line 705
batch_calculate_policy_clusters_and_user_diffs()

Calculates all policy clusters as well as user diffs, thus updating the whole system right management WARNING: May take a few minutes and can cause performance lacks!

at line 616
int[] find_users_with_policy(string $instance_id, string $policy_name, string $value = null, int|string $group_security_id = 0)

No description

Parameters

string $instance_id
string $policy_name
string $value
int|string $group_security_id

Return Value

int[]

User IDs

at line 518
string[] get_all_parent_contexts(string $current)

Returns the instance ids of all ancestors for a given instance id, including the passed one

Parameters

string $current

The instance id for which you need the ancestors

Return Value

string[]

A list of all ancestors, including the passed instance id

at line 1261
int get_hook_policy_value(string $instance_id, string $hook_name)

Retrieves a dummy policy value for a given hook

Parameters

string $instance_id

The instance id of the hook

string $hook_name

The hook name in the instance

Return Value

int

A dummy policy value integer

at line 44
string get_policy_key(int $policy_id, bool|int $global_group_security_id = false, mixed $value = false, bool $return_prefix = false)

Generate the policy key for a given policy setting

Parameters

int $policy_id
bool|int $global_group_security_id
mixed $value
bool $return_prefix

Return Value

string

at line 28
string get_policy_key_by_names(string $instance_id, string $policy_name, bool|int $global_group_security_id = false, mixed $value = false, bool $return_prefix = false)

Generate the policy key for a given policy setting

Parameters

string $instance_id
string $policy_name
bool|int $global_group_security_id
mixed $value
bool $return_prefix

Return Value

string

at line 474
array get_user_clusters(bool|int|DocumentIndex $document_index = false, bool $only_active_users = true, $access_level = XF_SEC_LEVEL_ADMIN)

Return users in clusters that have the same rights settings A document index may be passed to group the users to clusters that have the same rights for that particular document

Parameters

bool|int|DocumentIndex $document_index

The document index or its id for which the users are to be grouped

bool $only_active_users

If you pass false for this parameter, inactive users will be included result

$access_level

Return Value

array

An array of array of user ids

at line 210
array get_user_clusters_for_instance_ids(string[] $instance_ids = array(), $global_group_security_ids = array(), bool $only_active_users = true, $access_level = XF_SEC_LEVEL_ADMIN)

Returns users grouped into clusters that have the same rights An array of instance ids can be passed in order to group users that have the same rights within the scope of these instances.

It is recommended that you use get_user_clusters instead, based on the document index rather than the instance ids to avoid missing references.

Parameters

string[] $instance_ids

An array of instance ids.

$global_group_security_ids
bool $only_active_users

If you pass false for this parameter, inactive users will be included result

$access_level

Return Value

array

An array of array of user ids

at line 1104
invalidate_policy_cluster()

No description

at line 1084
invalidate_user_policy_diff($user_ids)

Invalidate User Policy Diff for passed User IDs All Invalidated User Policy Diffs will be Reloaded the next Time a New / Dirty Session is loaded

Parameters

$user_ids

at line 155
array parse_policies(string $centroid, string $changes = '', string[] $policy_prefixes = array())

Generates a filtered policy array using a policy centroid (which can also be a user_diff), an optional changes array and an optional set of prefixes the found policies should be filtered for. Returns an assoc array that holds the proper parity integer for each policy key found. This may include unset properties as them being unset is only saved in the changes column of the user_policy_diff table until the next user group calc run.

Parameters

string $centroid

The serialized policy settings (a cluster centroid or user diff)

string $changes

Additional policy changes that are to be applied sequentially (separated by a semicolon)

string[] $policy_prefixes

An array of policy key prefixes. If one is provided, only policy settings whose policy start with one of these prefixes are returned

Return Value

array

An assoc array mapping the policy keys (string) to their parity integers (int)

at line 1169
set_instance_policies_to_level(string $instance_id, array $group_per_level = array(), array $user_per_level = array(), int $global_group_security_id = 0, bool $apply_to_dependencies = true)

Sets all static policies and page access rights for all provided users and groups based on the access level.

It takes the instance definition (e.g. the instance id and the gsc for wich the rights are to be set), as well as assoc user and group arrays that list all users and groups that have a specific security level. These users and groups will be granted the access to all policies and pages of that or a lower security level.

Parameters

string $instance_id

The url identifier: the string instance id

array $group_per_level

An assoc array where the keys are the security levels and the values are lists of group ids

array $user_per_level

An assoc array where the keys are the security levels and the values are lists of user ids

int $global_group_security_id

The gsc for which the policies and access rights are to be set

bool $apply_to_dependencies

Shall the policies and access rights of dependent modules be set to the same specifications?

at line 543
int[] users_that_have_policy(mixed $instance_id, mixed $policy_name, mixed $value = '*', mixed $group_security_id = '0', mixed $parity = 'allow', $return_only_active_users = true)

Returns all users that have a certain policy parity.

This function has not yet been tested! It is is experimental and was created as to test the new cluster mechanism. It is, however, likely that a later iteration requires this funciton again.

Parameters

mixed $instance_id

The instance_id (string) owning the policy to check.

mixed $policy_name

The name of the policy.

mixed $value

The value of the policy (defaults to '*').

mixed $group_security_id

The group_security_id for which to test the policy (defaults to '0').

mixed $parity

The parity a user must have for this policy to be returned by the function.

$return_only_active_users

Return Value

int[]

An array of all user ids that have the requested parity of the passed policy EXPLICITLY set. Inherit rights can NOT be returned!