Overview

Packages

  • application
    • commands
    • components
      • actions
      • filters
      • leftWidget
      • permissions
      • sortableWidget
      • util
      • webupdater
      • x2flow
        • actions
        • triggers
      • X2GridView
      • X2Settings
    • controllers
    • models
      • embedded
    • modules
      • accounts
        • controllers
        • models
      • actions
        • controllers
        • models
      • calendar
        • controllers
        • models
      • charts
        • models
      • contacts
        • controllers
        • models
      • docs
        • components
        • controllers
        • models
      • groups
        • controllers
        • models
      • marketing
        • components
        • controllers
        • models
      • media
        • controllers
        • models
      • mobile
        • components
      • opportunities
        • controllers
        • models
      • products
        • controllers
        • models
      • quotes
        • controllers
        • models
      • services
        • controllers
        • models
      • template
        • models
      • users
        • controllers
        • models
      • workflow
        • controllers
        • models
      • x2Leads
        • controllers
        • models
  • None
  • system
    • base
    • caching
    • console
    • db
      • ar
      • schema
    • validators
    • web
      • actions
      • auth
      • helpers
      • widgets
        • captcha
        • pagers
  • zii
    • widgets
      • grid

Classes

  • ControllerPermissionsBehavior
  • ModelPermissionsBehavior
  • X2ControllerPermissionsBehavior
  • X2PermissionsBehavior
  • Overview
  • Package
  • Class
  • Tree

Class X2PermissionsBehavior

CModelBehavior class for permissions lookups on classes.

X2PermissionsBehavior is a CModelBehavior which allows consistent lookup of access levels and whether or not a user is allowed to view or edit a record.

CComponent
Extended by CBehavior implements IBehavior
Extended by CModelBehavior
Extended by CActiveRecordBehavior
Extended by ModelPermissionsBehavior
Extended by X2PermissionsBehavior
Package: application\components\permissions
Author: Jake Houser <jake@x2engine.com>, Demitri Morgan <demitri@x2engine.com> TODO: replace hard-coded references to ", " delimeter with Fields::MULTI_ASSIGNMENT_DELIM
Located at x2engine/protected/components/permissions/X2PermissionsBehavior.php
Methods summary
public
# clearCache( )
public CDbCriteria
# getAccessCriteria( mixed $tableAlias = 't', mixed $paramsNamespace = 'X2PermissionsBehavior', mixed $showHidden = false )

Returns a CDbCriteria containing record-level access conditions.

Returns a CDbCriteria containing record-level access conditions.

Returns

CDbCriteria
public array
# getAccessSQLCondition( mixed $tableAlias = 't' )

Returns

array
access condition and parameters
public integer
# getAccessLevel( mixed $uid = null )

Returns a number from 0 to 3 representing the current user's access level using the Yii auth manager. Assumes authItem naming scheme like "ContactsViewPrivate", etc. This method probably ought to overridden, as there is no reliable way to determine the module a model "belongs" to.

Returns a number from 0 to 3 representing the current user's access level using the Yii auth manager. Assumes authItem naming scheme like "ContactsViewPrivate", etc. This method probably ought to overridden, as there is no reliable way to determine the module a model "belongs" to.

Returns

integer
The access level. 0=no access, 1=own records, 2=public records, 3=full access
public type
# getAssignmentAttr( )

Resolves/returns the assignment attribute to use in permission checks

Resolves/returns the assignment attribute to use in permission checks

Returns

type
public
# getVisibilityAttr( )

Resolves/returns the visibility attribute to use in permission checks

Resolves/returns the visibility attribute to use in permission checks

public static type
# getVisibilityOptions( )

Returns visibility dropdown menu options.

Returns visibility dropdown menu options.

Returns

type

Overrides

ModelPermissionsBehavior::getVisibilityOptions()
public String
# getAccessConditions( Integer $accessLevel, mixed $tableAlias = 't', mixed $paramsNamespace = 'X2PermissionsBehavior', mixed $showHidden = false )

Generates SQL condition to filter out records the user doesn't have permission to see.

Generates SQL condition to filter out records the user doesn't have permission to see.

This method is used by the 'accessControl' filter.

Parameters

$accessLevel
Integer
$accessLevel The user's access level. 0=no access, 1=own records, 2=public records, 3=full access
$tableAlias
$paramsNamespace
$showHidden

Returns

String
The SQL conditions
public boolean
# isAssignedTo( string $username, boolean $excludeAnyone = false )

Checks assignment list, including membership to groups in assignment list

Checks assignment list, including membership to groups in assignment list

Parameters

$username
string
$username The username of the user for which to check assignment
$excludeAnyone
boolean
$excludeAnyone If true, isAssignedTo will not return true if the record is assigned to anyone or no one.

Returns

boolean
true of action is assigned to specified user, false otherwise
public
# getHiddenCondition( mixed $tableAlias = 't' )
public type
# isVisibleTo( User $user )

Uses the visibility attribute and the assignment of the model to determine if a given named user has permission to view it.

Uses the visibility attribute and the assignment of the model to determine if a given named user has permission to view it.

Parameters

$user
User
$user The user for which visibility is to be checked

Returns

type
public array
# getAssignedToCondition( boolean $includeAnyone = true, mixed $alias = null, mixed $username = null, mixed $paramsNamespace = 'X2PermissionsBehavior' )

Returns SQL condition which can be used to determine if an action is assigned to the
current user.

Returns SQL condition which can be used to determine if an action is assigned to the current user.

Parameters

$includeAnyone
boolean
$includeAnyone If true, SQL condition will evaluate to true for actions assigned to anyone or no one.
$alias
$username
$paramsNamespace

Returns

array
array (<SQL condition string>, <array of parameters>)
public
# getAssigneeNames( mixed $value = false )

Generates a display-friendly list of assignees

Generates a display-friendly list of assignees

Parameters

$value
mixed
$value If specified, use as the assignment instead of the current model's assignment field.
public array
# getAssignees( boolean $getUsernamesFromGroups = false )

Determines all users to whom a record is assigned.

Determines all users to whom a record is assigned.

Parameters

$getUsernamesFromGroups
boolean
$getUsernamesFromGroups If true, usernames of all users in groups whose ids are in the assignedTo string will also be returned

Returns

array
assignees of this action
public static string
# getGroupIdRegex( mixed $username = null )

Returns regex for performing SQL assignedTo field comparisons.

Returns regex for performing SQL assignedTo field comparisons.

Returns

string
This can be inserted (with parameter binding) into SQL queries to determine if an action is assigned to a given group.
public static
# getUsernameListRegex( array $usernames )

Regular expression for matching against a list of users

Regular expression for matching against a list of users

Parameters

$usernames
array
$userNames
public static
# getGroupmatesRegex( )
Methods inherited from ModelPermissionsBehavior
getUserNameRegex()
Methods inherited from CActiveRecordBehavior
afterDelete(), afterFind(), afterSave(), beforeCount(), beforeDelete(), beforeFind(), beforeSave(), events()
Methods inherited from CModelBehavior
afterConstruct(), afterValidate(), beforeValidate()
Methods inherited from CBehavior
attach(), detach(), getEnabled(), getOwner(), setEnabled()
Methods inherited from CComponent
__call(), __get(), __isset(), __set(), __unset(), asa(), attachBehavior(), attachBehaviors(), attachEventHandler(), canGetProperty(), canSetProperty(), detachBehavior(), detachBehaviors(), detachEventHandler(), disableBehavior(), disableBehaviors(), enableBehavior(), enableBehaviors(), evaluateExpression(), getEventHandlers(), hasEvent(), hasEventHandler(), hasProperty(), raiseEvent()
Constants summary
integer QUERY_ALL 3
#

The access level for administrators.

The access level for administrators.

All records, public and private, will be included in indexes and searches.

integer QUERY_PUBLIC 2
#

The access level for users granted general access.

The access level for users granted general access.

All records marked public or viewable to groupmates (providing the user in question shares a group in common with the assignee(s)) will be included in indexes and searches.

integer QUERY_SELF 1
#

The access level for users granted "private" access.

The access level for users granted "private" access.

Only records assigned to the user in question, or assigned to the user's groups, will be included.

integer QUERY_NONE 0
#

The access level for users granted no access.

The access level for users granted no access.

No records will be retrieved.

integer VISIBILITY_PRIVATE 0
#

This visibility value implies "private"; ordinarily visible only to assignee(s)/owner(s) of the record

This visibility value implies "private"; ordinarily visible only to assignee(s)/owner(s) of the record

integer VISIBILITY_PUBLIC 1
#

This visibility setting implies the record is public/shared, and anyone can view.

This visibility setting implies the record is public/shared, and anyone can view.

integer VISIBILITY_GROUPS 2
#

This visibility setting implies that the record is visible to the owners and other members of groups to which the owners belong ("groupmates").

This visibility setting implies that the record is visible to the owners and other members of groups to which the owners belong ("groupmates").

string SQL_PARAMS_PREFIX 'X2PermissionsBehavior'
#

Used to prefix sql parameters to prevent parameter name conflicts

Used to prefix sql parameters to prevent parameter name conflicts

Magic properties summary
public string $assignmentAttr
#

Name of the attribute to use for permissions

Name of the attribute to use for permissions

public string $visibilityAttr
#

Name of the attribute to use for visibility setting

Name of the attribute to use for visibility setting

Magic properties inherited from CActiveRecordBehavior
$owner
Magic properties inherited from CBehavior
$enabled
X2CRM Documentation API documentation generated by ApiGen 2.8.0