Omeka_Acl_Assert_User

Package: Acl

class Omeka_Acl_Assert_User

implements Zend_Acl_Assert_Interface

Assert whether or not a specific user is allowed access to that person’s user account data.

Omeka_Acl_Assert_User::assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)

Assert whether or not the ACL should allow access.

Assertions follow this logic:

Non-authenticated users (null role) have no access.

There exists a set of privileges (A) that are always allowed, provided that the user role and user resource are the same (editing own info, changing own password, etc.).

There also exists a set of privileges (B) that are always denied when performed on one’s own user account (deleting own account, changing own role, etc.)

The super user can do anything that isn’t on (B), e.g. the super user account cannot modify its own role.

All other users are limited to (A).

Parameters:
  • $acl (Zend_Acl) –

  • $role (Zend_Acl_Role_Interface) –

  • $resource (Zend_Acl_Resource_Interface) –

  • $privilege

Omeka_Acl_Assert_User::_isAllowedSelf($privilege)
Parameters:
  • $privilege

Omeka_Acl_Assert_User::_isDeniedSelf($privilege)
Parameters:
  • $privilege

Omeka_Acl_Assert_User::_isSelf($role, $resource)
Parameters:
  • $role

  • $resource

Omeka_Acl_Assert_User::_isSuperUser($user)
Parameters:
  • $user