Access Control List representation on LeanCloud
An ACL is a field that specifies who can or cannot read/write an
object. The read/write access can be speified for public, or any
users and roles. There can be as many users and roles as possible
in an ACL.
Methods summary
public
|
#
__construct( mixed $val = array() )
Initialize an ACL object
It accepts user, or JSON encoded ACL data. In the former, the
user will be granted both read and write access. While the
latter will be interpretted as JSON encoded array.
With empty param, it creates an ACL with no permission granted.
Parameters
- $val
- User or JSON encoded ACL array
|
public
boolean
|
#
getPublicReadAccess( )
Get whether public is allowed to read
Get whether public is allowed to read
Returns
boolean
|
public
boolean
|
#
getPublicWriteAccess( )
Get whether public is allowed to write
Get whether public is allowed to write
Returns
boolean
|
public
LeanCloud\ACL
|
#
setPublicReadAccess( boolean $flag )
Set read access for public
Set read access for public
Parameters
- $flag
- Enable or disable public read
Returns
|
public
LeanCloud\ACL
|
#
setPublicWriteAccess( boolean $flag )
Set write access for public
Set write access for public
Parameters
- $flag
- Enable or disable public write
Returns
|
public
boolean
|
#
getRoleReadAccess( string|LeanCloud\Role $role )
Get explicit read access for role
Get explicit read access for role
Even if it returns false, the group may still be able to access
object if object is accessible to public.
Parameters
Returns
boolean
|
public
boolean
|
#
getRoleWriteAccess( string|LeanCloud\Role $role )
Get explicit write access for role
Get explicit write access for role
Even if it returns false, the group may still be able to access
object if object is accessible to public.
Parameters
Returns
boolean
|
public
LeanCloud\ACL
|
|
public
LeanCloud\ACL
|
#
setRoleWriteAccess( string|LeanCloud\Role $role, boolean $flag )
Set write access for role
Set write access for role
Parameters
- $role
- Role object or role name
- $flag
Returns
|
public
boolean
|
#
getReadAccess( string|LeanCloud\User $user )
Get explicit read access for user
Get explicit read access for user
Even if it returns false, the user may still be able to access
object if object is accessible to public or a role the user
belongs to.
Parameters
- $user
- Target user or user id
Returns
boolean
|
public
boolean
|
#
getWriteAccess( string|LeanCloud\User $user )
Get explicit write access for user
Get explicit write access for user
Even if it returns false, the user may still be able to access
object if object is accessible to public or a role the user
belongs to.
Parameters
- $user
- Target user or user id
Returns
boolean
|
public
LeanCloud\ACL
|
#
setReadAccess( string|LeanCloud\User $user, boolean $flag )
Set read access for user
Parameters
- $user
- Target user or user id
- $flag
- Enable or disable read for user
Returns
|
public
LeanCloud\ACL
|
#
setWriteAccess( string|LeanCloud\User $user, boolean $flag )
Set write access for user
Set write access for user
Parameters
- $user
- Target user or user id
- $flag
- Enable or disable write for user
Returns
|
public
array|object
|
#
encode( )
Encode to JSON representation
Encode to JSON representation
It returns an associative array, or an empty object if
empty. The latter is a workaround as we need to json encode
empty ACL as json object, instead of array.
Returns
array|object
|