PermissionsController
extends AdminBaseController
in package
uses
CommonDataTrait, PermissionsTrait, UsersTrait, RolesTrait
Permissions controller.
Tags
Table of Contents
Properties
- $Input : Input
- $Languages : Languages
- $runnedCronResult : array<string|int, mixed>
- $selectedRoles : array<string|int, mixed>
- $totalLoggedInSessions : int
- $userSessionCookieData : array<string|int, mixed>
Methods
- __construct() : mixed
- {@inheritDoc}
- indexAction() : string
- List permissions page and get data via REST API.
- addUpdateUserFormValidation() : array<string|int, mixed>
- Form validation for add and update user.
- checkLogin() : mixed
- Check for logged in, if not then redirect to login page.
- checkPermission() : mixed
- Check permission and (redirect OR response error message).
- decryptUserFieldsKey() : string
- Decrypt user fields key.
- generateUserFieldsKey() : array<string|int, mixed>
- Generate user fields key.
- getConfigDb() : array<string|int, mixed>
- Get config from DB.
- getPageHtmlClasses() : string
- Get page HTML classes.
- getPageHtmlTitle() : string
- Get page HTML title including site name if it was set.
- getPermissionsData() : array<string|int, mixed>
- Get permissions data.
- getPermissionUrlsMethods() : array<string|int, mixed>
- Get URLs and methods about permissions pages.
- getRdbAdminAssets() : array<string|int, mixed>
- Get RdbAdmin module's assets.
- getRoles() : array<string|int, mixed>
- Get list of **ALL** roles.
- getRoleUrlsMethods() : array<string|int, mixed>
- Get role URLs and methods about role pages.
- getUser() : array<string|int, mixed>
- Get a user data.
- getUserUrlsMethods() : array<string|int, mixed>
- Get URLs and methods about user pages.
- isRestrictedPriority() : bool
- Check if the data that will be update or delete is in restricted priority.
- isUserLoggedIn() : bool
- Check if user is logged in.
- logoutUser() : mixed
- Logout target user.
- maybeRunCron() : mixed
- Maybe run cron job if config is set to not use server cron.
- responseJson() : string
- {@inheritDoc}
- responseXml() : string
- {@inheritDoc}
- sessionTraitLogoutAll() : mixed
- Logout all succeeded login sessions, lock user account, send login link to user's email.
- setBasicConfig() : mixed
- Setup basic PHP configurations such as default timezone.
- setCssAssets() : mixed
- Set CSS assets for common admin pages.
- setHeaderAllowOrigin() : mixed
- Set header allow origin for CORS.
- setJsAssetsAndObject() : mixed
- Set JS assets and its object for XHR common data.
- isModuleExcute() : bool
- Check if current call is `Modules->execute()`
- sessionsTraitCheckIsLoggedInFromContainer() : array<string|int, mixed>
- Check is logged in from container if exists.
- sessionTraitLogoutPreviousSessions() : mixed
- Logout all sessions before latest succeeded login. (logout only succeeded login).
Properties
$Input
protected
Input
$Input
$Languages
protected
Languages
$Languages
$runnedCronResult
protected
array<string|int, mixed>
$runnedCronResult
= []
Runned cron jobs result.
This is for use in case that set cron job, cron tab to run by URL.
The CronController will be call to this BaseController.
So, it is no need to using Libraries\Cron class to run jobs again.
Just get the run result from this property.
This property will be set by maybeRunCron() method.
$selectedRoles
protected
array<string|int, mixed>
$selectedRoles
= []
Selected roles. This property can access after called to isRestrictedPriority() method. It can be use to loop each row immediately.
$totalLoggedInSessions
protected
int
$totalLoggedInSessions
= 0
The number of sessions that found this user logged in. This property is able to access after called to isUserLoggedIn() method.
$userSessionCookieData
protected
array<string|int, mixed>
$userSessionCookieData
= []
The cookie data of logged in user. This property is able to access after called to isUserLoggedIn() method.
Methods
__construct()
{@inheritDoc}
public
__construct(Container $Container) : mixed
Parameters
- $Container : Container
indexAction()
List permissions page and get data via REST API.
public
indexAction() : string
Return values
stringaddUpdateUserFormValidation()
Form validation for add and update user.
protected
addUpdateUserFormValidation(array<string|int, mixed> $data[, array<string|int, mixed> $dataField = [] ][, array<string|int, mixed> $dataUsersRoles = [] ][, string $saveType = 'insert' ][, string|int $user_id = '' ]) : array<string|int, mixed>
Validate required and valid form fields.
Validate that selected roles did not have higher priority that the user who add or update them.
Validate username and email must not exists.
This method was called from doAddAction() method.
Parameters
- $data : array<string|int, mixed>
-
The associative array form data.
- $dataField : array<string|int, mixed> = []
-
Associative array for
user_fieldstable. - $dataUsersRoles : array<string|int, mixed> = []
-
Associative array for
users_rolestable. - $saveType : string = 'insert'
-
Type of saving data. It can be 'insert' or 'update'. Default is 'insert'.
- $user_id : string|int = ''
-
The
user_idto check where$saveTypeis 'update' that any user else data must be unique.
Return values
array<string|int, mixed> —Return associative array with keys if contain at least one error:
formResultStatus (if error),
formResultMessage (if error) The result message,
formFieldsValidation (optional) Fields that contain errors,
responseStatus (optional) For HTTP response status,
checkLogin()
Check for logged in, if not then redirect to login page.
protected
checkLogin() : mixed
checkPermission()
Check permission and (redirect OR response error message).
protected
checkPermission(string $moduleSystemName, string $page, string|array<string|int, mixed> $action[, array<string|int, mixed> $identity = [] ]) : mixed
This will be redirect user to /admin page if request from web page.
This will be response error message if request via REST API or AJAX.
Parameters
- $moduleSystemName : string
-
The module (module system name or folder name) to check.
- $page : string
-
The page name to check.
- $action : string|array<string|int, mixed>
-
The action(s) on that page. Use string if check for single action, use array if check for multiple actions.
If checking for multiple actions, any single action matched with certain module, page will be returntrue. - $identity : array<string|int, mixed> = []
-
The associative array of identity.
Tags
decryptUserFieldsKey()
Decrypt user fields key.
protected
decryptUserFieldsKey(string|object $encryptedKey) : string
Parameters
- $encryptedKey : string|object
-
The encrypted key string. Or you may set user_fields object from PDO query instead.
Return values
string —Return decrypted key string or return empty string if failed to decrypted.
generateUserFieldsKey()
Generate user fields key.
protected
generateUserFieldsKey([int $length = 8 ]) : array<string|int, mixed>
Generate keys that can be use in change email confirmation, register confirmation, etc.
Parameters
- $length : int = 8
-
The length of key.
Return values
array<string|int, mixed> —Return associative array with 'readableKey', 'encryptedKey' keys.
getConfigDb()
Get config from DB.
protected
getConfigDb() : array<string|int, mixed>
This will get commonly used between admin controllers with these data.
rdbadmin_SiteName, rdbadmin_SiteTimezone, rdbadmin_AdminItemsPerPage,
Return values
array<string|int, mixed>getPageHtmlClasses()
Get page HTML classes.
protected
getPageHtmlClasses([array<string|int, mixed> $classes = [] ]) : string
Parameters
- $classes : array<string|int, mixed> = []
-
The classes to set for this html page.
Tags
Return values
string —Return generated html classes names.
getPageHtmlTitle()
Get page HTML title including site name if it was set.
protected
getPageHtmlTitle(string $title[, string|null|false $siteName = false ]) : string
Parameters
- $title : string
-
The site title.
- $siteName : string|null|false = false
-
Site name should be string.
Set to empty string ornullwill not include the site name.
Set tofalseto automatic get the site name from config DB.
Tags
Return values
stringgetPermissionsData()
Get permissions data.
protected
getPermissionsData([string $permissionFor = 'roles' ][, int $user_id = 0 ][, string $permissionModule = '' ][, array<string|int, mixed> $listColumns = [] ]) : array<string|int, mixed>
Get permission pages, actions, checked data for specific module and roles or user.
Parameters
- $permissionFor : string = 'roles'
-
Query string that this management is get permission for 'roles' or 'users'.
- $user_id : int = 0
-
If getting permission for 'users', please specify user ID.
- $permissionModule : string = ''
-
The module to get checked values.
- $listColumns : array<string|int, mixed> = []
-
List columns get from
getRoles(), orgetUser()method. The array must contain 'items' key in it.
Return values
array<string|int, mixed> —Return associative array.
getPermissionUrlsMethods()
Get URLs and methods about permissions pages.
protected
getPermissionUrlsMethods() : array<string|int, mixed>
Return values
array<string|int, mixed> —Return associative array.
getRdbAdminAssets()
Get RdbAdmin module's assets.
protected
getRdbAdminAssets() : array<string|int, mixed>
These contain the assets that is required for admin page to work.
Return values
array<string|int, mixed> —Return associative array with 'css' and 'js' in keys.
getRoles()
Get list of **ALL** roles.
protected
getRoles() : array<string|int, mixed>
Return values
array<string|int, mixed>getRoleUrlsMethods()
Get role URLs and methods about role pages.
protected
getRoleUrlsMethods([string $userrole_id = '' ]) : array<string|int, mixed>
Parameters
- $userrole_id : string = ''
-
The role ID.
Return values
array<string|int, mixed> —Return associative array.
getUser()
Get a user data.
protected
getUser(int $user_id) : array<string|int, mixed>
Parameters
- $user_id : int
Return values
array<string|int, mixed>getUserUrlsMethods()
Get URLs and methods about user pages.
protected
getUserUrlsMethods([string $user_id = '' ]) : array<string|int, mixed>
Parameters
- $user_id : string = ''
-
The user ID.
Return values
array<string|int, mixed> —Return associative array.
isRestrictedPriority()
Check if the data that will be update or delete is in restricted priority.
protected
isRestrictedPriority(array<string|int, mixed> $userrole_ids) : bool
Parameters
- $userrole_ids : array<string|int, mixed>
-
The list of user role IDs. This can be array of IDs that was re-ordered.
Return values
bool —Return true if yes (cannot update), false if not (can update).
isUserLoggedIn()
Check if user is logged in.
protected
isUserLoggedIn([int $user_id = null ][, string $userlogin_session_key = '' ]) : bool
After called this method and it was true then you can access total sessions via totalLoggedInSessions property.
After called this method and cookie is valid then you can access cookie data via userSessionCookieData property.
If there is simultaneous login and user's setting is something that is not allowed (such as logout previous, logout all), it will be process here.
Parameters
- $user_id : int = null
-
The user ID. Set to
null(default) to auto detect from cookie. - $userlogin_session_key : string = ''
-
The logged in session key. Set to empty string (default) to auto detect from cookie.
Return values
bool —Return true if logged in, false for not.
logoutUser()
Logout target user.
protected
logoutUser([array<string|int, mixed> $cookieData = [] ][, bool $logoutAllDevice = false ]) : mixed
Parameters
- $cookieData : array<string|int, mixed> = []
-
The associative array of cookie data. This value can get from
Cookieclass. The array keys are:
user_id(required).
sessionKey(optional) For delete specific session key fromuser_loginstable. - $logoutAllDevice : bool = false
-
Set to
trueto logout all device,falsefor specific session key.
maybeRunCron()
Maybe run cron job if config is set to not use server cron.
protected
maybeRunCron() : mixed
responseJson()
{@inheritDoc}
protected
responseJson(mixed $output) : string
Parameters
- $output : mixed
Return values
stringresponseXml()
{@inheritDoc}
protected
responseXml(mixed $output) : string
Parameters
- $output : mixed
Return values
stringsessionTraitLogoutAll()
Logout all succeeded login sessions, lock user account, send login link to user's email.
protected
sessionTraitLogoutAll(int $user_id, UserLoginsDb $UserLoginsDb, UserFieldsDb $UserFieldsDb) : mixed
This method also set cache that email was sent recently.
This method was called from isUserLoggedIn().
This method was called from LoginController->doLogin().
Parameters
- $user_id : int
- $UserLoginsDb : UserLoginsDb
- $UserFieldsDb : UserFieldsDb
setBasicConfig()
Setup basic PHP configurations such as default timezone.
protected
setBasicConfig() : mixed
setCssAssets()
Set CSS assets for common admin pages.
protected
setCssAssets(Assets $Assets, array<string|int, mixed> $assetsData) : mixed
This is required to make basic admin pages working correctly.
Parameters
- $Assets : Assets
-
The Assets class.
- $assetsData : array<string|int, mixed>
-
The assets data. Please read more on
\Rdb\Modules\RdbAdmin\Libraries\Assets::addMultipleAssets().
setHeaderAllowOrigin()
Set header allow origin for CORS.
protected
setHeaderAllowOrigin() : mixed
setJsAssetsAndObject()
Set JS assets and its object for XHR common data.
protected
setJsAssetsAndObject(Assets $Assets, array<string|int, mixed> $assetsData) : mixed
This is required to make basic admin pages working correctly.
Parameters
- $Assets : Assets
-
The Assets class.
- $assetsData : array<string|int, mixed>
-
The assets data. Please read more on
\Rdb\Modules\RdbAdmin\Libraries\Assets::addMultipleAssets().
isModuleExcute()
Check if current call is `Modules->execute()`
private
isModuleExcute() : bool
This method was called from maybeRunCron(), __construct().
Tags
Return values
bool —Return true if it is, false if it is not.
sessionsTraitCheckIsLoggedInFromContainer()
Check is logged in from container if exists.
private
sessionsTraitCheckIsLoggedInFromContainer() : array<string|int, mixed>
The check data in container must not older than N seconds.
Tags
Return values
array<string|int, mixed> —Return indexed array where first index is UsersSessionsTrait object in the container if exists. This value can be null.
Second index is result of "is logged in". This value can be null.
sessionTraitLogoutPreviousSessions()
Logout all sessions before latest succeeded login. (logout only succeeded login).
private
sessionTraitLogoutPreviousSessions(int $user_id, UserLoginsDb $UserLoginsDb) : mixed
This method was called from isUserLoggedIn().
Parameters
- $user_id : int
- $UserLoginsDb : UserLoginsDb