Open Journal Systems  2.4.4
 All Classes Namespaces Functions Variables Groups Pages
AuthorizationDecisionManager Class Reference

Public Member Functions

 _decidePolicySet (&$policySet, &$callOnDeny)
 
 addAuthorizationMessage ($message)
 
 addPolicy (&$policyOrPolicySet, $addToTop=false)
 
 AuthorizationDecisionManager ()
 
 decide ()
 
 getAuthorizationMessages ()
 
getAuthorizedContext ()
 
getAuthorizedContextObject ($assocType)
 
 setDecisionIfNoPolicyApplies ($decisionIfNoPolicyApplies)
 

Detailed Description

A class that can take a list of authorization policies, apply them to the current authorization request context and return an authorization decision.

This decision manager implements the following logic to combine authorization policies:

  • If any of the given policies applies with a result of AUTHORIZATION_DENY then the decision manager will deny access (=deny overrides policy).
  • If none of the given policies applies then the decision manager will deny access (=whitelist approach, deny if none applicable).

Definition at line 30 of file AuthorizationDecisionManager.inc.php.

Member Function Documentation

AuthorizationDecisionManager::_decidePolicySet ( $policySet,
$callOnDeny 
)

Recursively decide the given policy set.

Parameters
$policySetPolicySet
$callOnDenyA "call-on-deny" advice will be passed back by reference if found.
Returns
integer one of the AUTHORIZATION_* values.

Definition at line 151 of file AuthorizationDecisionManager.inc.php.

References addAuthorizationMessage(), and getAuthorizedContext().

Referenced by decide().

AuthorizationDecisionManager::addAuthorizationMessage (   $message)

Add an authorization message

Parameters
$messagestring

Definition at line 76 of file AuthorizationDecisionManager.inc.php.

Referenced by _decidePolicySet().

AuthorizationDecisionManager::addPolicy ( $policyOrPolicySet,
  $addToTop = false 
)

Add an authorization policy or a policy set.

Parameters
$policyOrPolicySetAuthorizationPolicy|PolicySet
$addToTopboolean whether to insert the new policy to the top of the list.

Definition at line 68 of file AuthorizationDecisionManager.inc.php.

AuthorizationDecisionManager::AuthorizationDecisionManager ( )

Constructor

Definition at line 43 of file AuthorizationDecisionManager.inc.php.

AuthorizationDecisionManager::decide ( )

Take an authorization decision.

Returns
integer one of AUTHORIZATION_PERMIT or AUTHORIZATION_DENY.

Definition at line 121 of file AuthorizationDecisionManager.inc.php.

References _decidePolicySet().

AuthorizationDecisionManager::getAuthorizationMessages ( )

Return all authorization messages

Returns
array

Definition at line 84 of file AuthorizationDecisionManager.inc.php.

& AuthorizationDecisionManager::getAuthorizedContext ( )

Get the authorized context.

Returns
array

Definition at line 107 of file AuthorizationDecisionManager.inc.php.

Referenced by _decidePolicySet().

& AuthorizationDecisionManager::getAuthorizedContextObject (   $assocType)

Retrieve an object from the authorized context

Parameters
$assocTypeinteger
Returns
mixed will return null if the context for the given assoc type does not exist.

Definition at line 94 of file AuthorizationDecisionManager.inc.php.

AuthorizationDecisionManager::setDecisionIfNoPolicyApplies (   $decisionIfNoPolicyApplies)

Set the default decision if none of the policies in the root policy set applies.

Parameters
$decisionIfNoPolicyAppliesinteger

Definition at line 57 of file AuthorizationDecisionManager.inc.php.


The documentation for this class was generated from the following file: