ParseACL
in package
implements
Encodable
Class ParseACL - is used to control which users can access or modify a particular object. Each ParseObject can have its own ParseACL. You can grant read and write permissions separately to specific users, to groups of users that belong to roles, or you can grant permissions to "the public" so that, for example, any user could read a particular object but only a particular set of users could write to that object.
Tags
Interfaces, Classes and Traits
- Encodable
- Class Encodable - Interface for Parse Classes which provide an encode method.
Table of Contents
- PUBLIC_KEY = '*'
- $defaultACL : ParseACL
- An ACL with defaults set
- $defaultACLUsesCurrentUser : bool
- Whether the default acl uses the current user or not
- $defaultACLWithCurrentUser : ParseACL
- An ACL with defaults set with the current user
- $lastCurrentUser : ParseUser
- The last known current user
- $permissionsById : array<string|int, mixed>
- Array of permissions by id
- $shared : bool
- Whether this ACL is shared
- _createACLFromJSON() : ParseACL
- Create new ParseACL from existing permissions.
- _encode() : mixed
- Returns an associate array encoding of this ParseACL instance.
- _getDefaultACL() : ParseACL
- Get the defaultACL.
- _isShared() : bool
- Return if ParseACL shared or not.
- _setShared() : mixed
- Set shared for ParseACL.
- createACLWithUser() : ParseACL
- Create new ParseACL with read and write access for the given user.
- getPublicReadAccess() : bool
- Get whether the public is allowed to read this object.
- getPublicWriteAccess() : bool
- Get whether the public is allowed to write this object.
- getReadAccess() : bool
- Get whether the given user id is *explicitly* allowed to read this object. Even if this returns false, the user may still be able to access it if getPublicReadAccess returns true or a role that the user belongs to has read access.
- getRoleReadAccess() : bool
- Get whether users belonging to the given role are allowed to read this object. Even if this returns false, the role may still be able to read it if a parent role has read access. The role must already be saved on the server and its data must have been fetched in order to use this method.
- getRoleReadAccessWithName() : bool
- Get whether users belonging to the role with the given roleName are allowed to read this object. Even if this returns false, the role may still be able to read it if a parent role has read access.
- getRoleWriteAccess() : bool
- Get whether users belonging to the given role are allowed to write this object. Even if this returns false, the role may still be able to write it if a parent role has write access. The role must already be saved on the server and its data must have been fetched in order to use this method.
- getRoleWriteAccessWithName() : bool
- Get whether users belonging to the role with the given roleName are allowed to write this object. Even if this returns false, the role may still be able to write it if a parent role has write access.
- getUserReadAccess() : bool
- Get whether the given user is *explicitly* allowed to read this object.
- getUserWriteAccess() : bool
- Get whether the given user is *explicitly* allowed to write this object.
- getWriteAccess() : bool
- Get whether the given user id is *explicitly* allowed to write this object. Even if this returns false, the user may still be able to access it if getPublicWriteAccess returns true or a role that the user belongs to has write access.
- setDefaultACL() : mixed
- Sets a default ACL that will be applied to all ParseObjects when they are created.
- setPublicReadAccess() : mixed
- Set whether the public is allowed to read this object.
- setPublicWriteAccess() : mixed
- Set whether the public is allowed to write this object.
- setReadAccess() : mixed
- Set whether the given user id is allowed to read this object.
- setRoleReadAccess() : mixed
- Set whether users belonging to the given role are allowed to read this object. The role must already be saved on the server and its data must have been fetched in order to use this method.
- setRoleReadAccessWithName() : mixed
- Set whether users belonging to the role with the given roleName are allowed to read this object.
- setRoleWriteAccess() : mixed
- Set whether users belonging to the given role are allowed to write this object. The role must already be saved on the server and its data must have been fetched in order to use this method.
- setRoleWriteAccessWithName() : mixed
- Set whether users belonging to the role with the given roleName are allowed to write this object.
- setUserReadAccess() : mixed
- Set whether the given user is allowed to read this object.
- setUserWriteAccess() : mixed
- Set whether the given user is allowed to write this object.
- setWriteAccess() : mixed
- Set whether the given user id is allowed to write this object.
- getAccess() : bool
- Get if the given userId has a permission for the given access type or not.
- setAccess() : mixed
- Set access permission with access name, user id and if the user has permission for accessing or not.
- validateRoleState() : mixed
- Check whether the role is valid or not.
Constants
PUBLIC_KEY
public
mixed
PUBLIC_KEY
= '*'
Properties
$defaultACL
An ACL with defaults set
private
static ParseACL
$defaultACL
= null
$defaultACLUsesCurrentUser
Whether the default acl uses the current user or not
private
static bool
$defaultACLUsesCurrentUser
= false
$defaultACLWithCurrentUser
An ACL with defaults set with the current user
private
static ParseACL
$defaultACLWithCurrentUser
= null
$lastCurrentUser
The last known current user
private
static ParseUser
$lastCurrentUser
= null
$permissionsById
Array of permissions by id
private
array<string|int, mixed>
$permissionsById
= []
$shared
Whether this ACL is shared
private
bool
$shared
= false
Methods
_createACLFromJSON()
Create new ParseACL from existing permissions.
public
static _createACLFromJSON(array<string|int, mixed> $data) : ParseACL
Parameters
- $data : array<string|int, mixed>
-
represents permissions.
Tags
Return values
ParseACL —_encode()
Returns an associate array encoding of this ParseACL instance.
public
_encode() : mixed
Return values
mixed —_getDefaultACL()
Get the defaultACL.
public
static _getDefaultACL() : ParseACL
Return values
ParseACL —_isShared()
Return if ParseACL shared or not.
public
_isShared() : bool
Return values
bool —_setShared()
Set shared for ParseACL.
public
_setShared(bool $shared) : mixed
Parameters
- $shared : bool
Return values
mixed —createACLWithUser()
Create new ParseACL with read and write access for the given user.
public
static createACLWithUser(ParseUser $user) : ParseACL
Parameters
- $user : ParseUser
Return values
ParseACL —getPublicReadAccess()
Get whether the public is allowed to read this object.
public
getPublicReadAccess() : bool
Return values
bool —getPublicWriteAccess()
Get whether the public is allowed to write this object.
public
getPublicWriteAccess() : bool
Return values
bool —getReadAccess()
Get whether the given user id is *explicitly* allowed to read this object. Even if this returns false, the user may still be able to access it if getPublicReadAccess returns true or a role that the user belongs to has read access.
public
getReadAccess(string $userId) : bool
Parameters
- $userId : string
-
User id.
Tags
Return values
bool —getRoleReadAccess()
Get whether users belonging to the given role are allowed to read this object. Even if this returns false, the role may still be able to read it if a parent role has read access. The role must already be saved on the server and its data must have been fetched in order to use this method.
public
getRoleReadAccess(ParseRole $role) : bool
Parameters
- $role : ParseRole
-
The role to check for access.
Return values
bool —getRoleReadAccessWithName()
Get whether users belonging to the role with the given roleName are allowed to read this object. Even if this returns false, the role may still be able to read it if a parent role has read access.
public
getRoleReadAccessWithName(string $roleName) : bool
Parameters
- $roleName : string
-
The name of the role.
Return values
bool —getRoleWriteAccess()
Get whether users belonging to the given role are allowed to write this object. Even if this returns false, the role may still be able to write it if a parent role has write access. The role must already be saved on the server and its data must have been fetched in order to use this method.
public
getRoleWriteAccess(ParseRole $role) : bool
Parameters
- $role : ParseRole
-
The role to check for access.
Return values
bool —getRoleWriteAccessWithName()
Get whether users belonging to the role with the given roleName are allowed to write this object. Even if this returns false, the role may still be able to write it if a parent role has write access.
public
getRoleWriteAccessWithName(string $roleName) : bool
Parameters
- $roleName : string
-
The name of the role.
Return values
bool —getUserReadAccess()
Get whether the given user is *explicitly* allowed to read this object.
public
getUserReadAccess(ParseUser $user) : bool
Even if this returns false, the user may still be able to access it if getPublicReadAccess returns true or a role that the user belongs to has read access.
Parameters
- $user : ParseUser
Tags
Return values
bool —getUserWriteAccess()
Get whether the given user is *explicitly* allowed to write this object.
public
getUserWriteAccess(ParseUser $user) : bool
Even if this returns false, the user may still be able to access it if getPublicWriteAccess returns true or a role that the user belongs to has write access.
Parameters
- $user : ParseUser
Tags
Return values
bool —getWriteAccess()
Get whether the given user id is *explicitly* allowed to write this object. Even if this returns false, the user may still be able to access it if getPublicWriteAccess returns true or a role that the user belongs to has write access.
public
getWriteAccess(string $userId) : bool
Parameters
- $userId : string
-
User id.
Tags
Return values
bool —setDefaultACL()
Sets a default ACL that will be applied to all ParseObjects when they are created.
public
static setDefaultACL(ParseACL $acl, bool $withAccessForCurrentUser) : mixed
Parameters
- $acl : ParseACL
-
The ACL to use as a template for all ParseObjects created after setDefaultACL has been called. This value will be copied and used as a template for the creation of new ACLs, so changes to the instance after setDefaultACL() has been called will not be reflected in new ParseObjects.
- $withAccessForCurrentUser : bool
-
If true, the ParseACL that is applied to newly-created ParseObjects will provide read and write access to the ParseUser#getCurrentUser() at the time of creation. If false, the provided ACL will be used without modification. If acl is null, this value is ignored.
Return values
mixed —setPublicReadAccess()
Set whether the public is allowed to read this object.
public
setPublicReadAccess(bool $allowed) : mixed
Parameters
- $allowed : bool
Return values
mixed —setPublicWriteAccess()
Set whether the public is allowed to write this object.
public
setPublicWriteAccess(bool $allowed) : mixed
Parameters
- $allowed : bool
Return values
mixed —setReadAccess()
Set whether the given user id is allowed to read this object.
public
setReadAccess(string $userId, bool $allowed) : mixed
Parameters
- $userId : string
-
User id.
- $allowed : bool
-
If user allowed to read or not.
Tags
Return values
mixed —setRoleReadAccess()
Set whether users belonging to the given role are allowed to read this object. The role must already be saved on the server and its data must have been fetched in order to use this method.
public
setRoleReadAccess(ParseRole $role, bool $allowed) : mixed
Parameters
- $role : ParseRole
-
The role to assign access.
- $allowed : bool
-
Whether the given role can read this object.
Return values
mixed —setRoleReadAccessWithName()
Set whether users belonging to the role with the given roleName are allowed to read this object.
public
setRoleReadAccessWithName(string $roleName, bool $allowed) : mixed
Parameters
- $roleName : string
-
The name of the role.
- $allowed : bool
-
Whether the given role can read this object.
Return values
mixed —setRoleWriteAccess()
Set whether users belonging to the given role are allowed to write this object. The role must already be saved on the server and its data must have been fetched in order to use this method.
public
setRoleWriteAccess(ParseRole $role, bool $allowed) : mixed
Parameters
- $role : ParseRole
-
The role to assign access.
- $allowed : bool
-
Whether the given role can read this object.
Return values
mixed —setRoleWriteAccessWithName()
Set whether users belonging to the role with the given roleName are allowed to write this object.
public
setRoleWriteAccessWithName(string $roleName, bool $allowed) : mixed
Parameters
- $roleName : string
-
The name of the role.
- $allowed : bool
-
Whether the given role can write this object.
Return values
mixed —setUserReadAccess()
Set whether the given user is allowed to read this object.
public
setUserReadAccess(ParseUser $user, bool $allowed) : mixed
Parameters
- $user : ParseUser
- $allowed : bool
Tags
Return values
mixed —setUserWriteAccess()
Set whether the given user is allowed to write this object.
public
setUserWriteAccess(ParseUser $user, bool $allowed) : mixed
Parameters
- $user : ParseUser
- $allowed : bool
Tags
Return values
mixed —setWriteAccess()
Set whether the given user id is allowed to write this object.
public
setWriteAccess(string $userId, bool $allowed) : mixed
Parameters
- $userId : string
-
User id.
- $allowed : bool
-
If user allowed to write or not.
Tags
Return values
mixed —getAccess()
Get if the given userId has a permission for the given access type or not.
private
getAccess(string $accessType, string $userId) : bool
Parameters
- $accessType : string
-
Access name.
- $userId : string
-
User id.
Return values
bool —setAccess()
Set access permission with access name, user id and if the user has permission for accessing or not.
private
setAccess(string $accessType, string $userId, bool $allowed) : mixed
Parameters
- $accessType : string
-
Access name.
- $userId : string
-
User id.
- $allowed : bool
-
If user allowed to access or not.
Tags
Return values
mixed —validateRoleState()
Check whether the role is valid or not.
private
static validateRoleState(ParseRole $role) : mixed
Parameters
- $role : ParseRole