1: <?php
2:
3: /*
4: * This file is part of the Symfony package.
5: *
6: * (c) Fabien Potencier <fabien@symfony.com>
7: *
8: * For the full copyright and license information, please view the LICENSE
9: * file that was distributed with this source code.
10: */
11:
12: namespace Symfony\Component\Security\Acl\Model;
13:
14: use Symfony\Component\Security\Acl\Exception\NoAceFoundException;
15:
16: /**
17: * This interface represents an access control list (ACL) for a domain object.
18: * Each domain object can have exactly one associated ACL.
19: *
20: * An ACL contains all access control entries (ACE) for a given domain object.
21: * In order to avoid needing references to the domain object itself, implementations
22: * use ObjectIdentity implementations as an additional level of indirection.
23: *
24: * @author Johannes M. Schmitt <schmittjoh@gmail.com>
25: */
26: interface AclInterface extends \Serializable
27: {
28: /**
29: * Returns all class-based ACEs associated with this ACL
30: *
31: * @return array
32: */
33: public function getClassAces();
34:
35: /**
36: * Returns all class-field-based ACEs associated with this ACL
37: *
38: * @param string $field
39: * @return array
40: */
41: public function getClassFieldAces($field);
42:
43: /**
44: * Returns all object-based ACEs associated with this ACL
45: *
46: * @return array
47: */
48: public function getObjectAces();
49:
50: /**
51: * Returns all object-field-based ACEs associated with this ACL
52: *
53: * @param string $field
54: * @return array
55: */
56: public function getObjectFieldAces($field);
57:
58: /**
59: * Returns the object identity associated with this ACL
60: *
61: * @return ObjectIdentityInterface
62: */
63: public function getObjectIdentity();
64:
65: /**
66: * Returns the parent ACL, or null if there is none.
67: *
68: * @return AclInterface|null
69: */
70: public function getParentAcl();
71:
72: /**
73: * Whether this ACL is inheriting ACEs from a parent ACL.
74: *
75: * @return bool
76: */
77: public function isEntriesInheriting();
78:
79: /**
80: * Determines whether field access is granted
81: *
82: * @param string $field
83: * @param array $masks
84: * @param array $securityIdentities
85: * @param bool $administrativeMode
86: * @return bool
87: */
88: public function isFieldGranted($field, array $masks, array $securityIdentities, $administrativeMode = false);
89:
90: /**
91: * Determines whether access is granted
92: *
93: * @throws NoAceFoundException when no ACE was applicable for this request
94: * @param array $masks
95: * @param array $securityIdentities
96: * @param bool $administrativeMode
97: * @return bool
98: */
99: public function isGranted(array $masks, array $securityIdentities, $administrativeMode = false);
100:
101: /**
102: * Whether the ACL has loaded ACEs for all of the passed security identities
103: *
104: * @param mixed $securityIdentities an implementation of SecurityIdentityInterface, or an array thereof
105: * @return bool
106: */
107: public function isSidLoaded($securityIdentities);
108: }
109: