hypejunction/hypecapabilities

此软件包已被废弃,不再维护。没有建议的替代软件包。

角色和功能API

安装: 28

依赖项: 1

建议者: 0

安全: 0

星级: 1

观察者: 1

分支: 1

类型:elgg-plugin

1.2.0 2018-06-29 18:34 UTC

This package is not auto-updated.

Last update: 2020-01-18 13:27:49 UTC


README

功能与角色API

注册角色

\hypeJunction->register('role_name');

将角色分配给用户

// Site wide role
elgg()->roles->assign('role_name', $user);

// Group specific role
elgg()->roles->assign('role_name', $user, $group);

从用户中移除角色

// Site wide role
elgg()->roles->unassign('role_name', $user);

// Group specific role
elgg()->roles->unassign('role_name', $user, $group);

配置角色权限

创建特定类型的实体


// Prevent users with given role from creating entities of a given type
elgg()->roles->role_name->onCreate('object', 'blog', Role::DENY);

// Allow users to create entities of a given type regardless of context
elgg()->roles->role_name->onCreate('object', 'blog', Role::ALLOW, Role::OVERRIDE);

// Allow users to create entities of a given type if all other container permissins are met
elgg()->roles->role_name->onCreate('object', 'blog', Role::ALLOW, Role::STACK);

// Allow users to create entities when specific conditions are met
// Only allow group blogs
elgg()->roles->role_name->onCreate('object', 'blog', Role::DENY, function(\hypeJunction\Capabilities\Context $context) {
	$container = $context->getTarget();
	if (!$container instanceof ElggGroup) {
		return Role::DENY;
	}
});

更新和删除权限

类似于上述方法,您可以使用onUpdateonDelete方法;

授予管理权限

管理权限意味着对实体执行高级管理操作,例如在审查后批准某些帖子。默认情况下,核心不使用此权限级别,但您可以检查用户是否具有对实体的管理权限,如下所示

$params = [
	'entity' => $entity,
	'user' => $user,
];
if (!elgg_trigger_plugin_hook('permissions_check:administer', "$entity->type:$entity->subtype", $params, false)) {
	// No permissions to approve
	throw new EntityPermissionsException();
}

// Do something that requires high level permissions, e.g.
$entity->published_status = 'published';

授予/拒绝管理权限

// Prevent users with given role from creating entities of a given type
// Allow moderator role to administer all blogs regardless of owner/container
elgg()->roles->moderator->onAdminister('object', 'blog', Role::ALLOW, Role::OVERRIDE);

// Allow users to create entities when specific conditions are met
// Allow teacher to administer all group blogs
elgg()->roles->teacher->canAdminister('object', 'blog', Role::ALLOW, function(\hypeJunction\Capabilities\Context $context) {
	$entity = $context->getTarget();
	$actor = $context->getActor();
	
	$container = $entity->getContainerEntity();
	return $container->canEdit($actor->guid);
});

路由

您可以通过路由名称允许/拒绝对某些路由的访问

// Context parameter contain matched route elements
// e.g. prevent access to user profile if users are not friends
elgg()->roles->user->onRouteAccess('view:user', Role::DENY, function(\hypeJunction\Capabilities\Context $context) {
	$actor = $context->getActor();

	$username = $context->getParam('username');
	$user = get_user_by_username($username);

	if (!$actor || !$user instanceof ElggUser || !$actor->isFriendOf($user->guid)) {
		register_error('You must be friends to access user profiles');
		return Role::DENY;
	}
});

// Here is an example of how to prevent access to member pages to non-logged in users:
elgg()->roles->guest->onRouteAccess('collection:user:user', Role::DENY);
elgg()->roles->guest->onRouteAccess('collection:user:user:alpha', Role::DENY);
elgg()->roles->guest->onRouteAccess('collection:user:user:newest', Role::DENY);
elgg()->roles->guest->onRouteAccess('collection:user:user:online', Role::DENY);
elgg()->roles->guest->onRouteAccess('collection:user:user:popular', Role::DENY);
elgg()->roles->guest->onRouteAccess('search:user:user', Role::DENY);
elgg()->roles->guest->onRouteAccess('view:user', Role::DENY);

自定义(组件)功能

您可以检查和修改自定义功能

// Check a custom role
elgg()->roles->can('read', 'discussions');

// Define how role responds to capability check
elgg()->roles->guest->on('read', 'discussions', Role::DENY);

// Override role response
elgg_register_plugin_hook_handler('capability', 'read:discussions', function(Hook $hook) {

});