Open Journal Systems  3.3.0
AuthorizationDecisionManager Class Reference

Public Member Functions

 __construct ()
 
 _decidePolicySet (&$policySet, &$callOnDeny)
 
 addAuthorizationMessage ($message)
 
 addPolicy ($policyOrPolicySet, $addToTop=false)
 
 decide ()
 
 getAuthorizationMessages ()
 
getAuthorizedContext ()
 
getAuthorizedContextObject ($assocType)
 
 setDecisionIfNoPolicyApplies ($decisionIfNoPolicyApplies)
 

Data Fields

 $_authorizationMessages = array()
 
 $_authorizedContext = array()
 
 $_rootPolicySet
 

Detailed Description

A class that can take a list of authorization policies, apply them to the current authorization request context and return an authorization decision.

This decision manager implements the following logic to combine authorization policies:

  • If any of the given policies applies with a result of AUTHORIZATION_DENY then the decision manager will deny access (=deny overrides policy).
  • If none of the given policies applies then the decision manager will deny access (=whitelist approach, deny if none applicable).

Definition at line 30 of file AuthorizationDecisionManager.inc.php.

Constructor & Destructor Documentation

◆ __construct()

AuthorizationDecisionManager::__construct ( )

Constructor

Definition at line 52 of file AuthorizationDecisionManager.inc.php.

Member Function Documentation

◆ _decidePolicySet()

AuthorizationDecisionManager::_decidePolicySet ( $policySet,
$callOnDeny 
)

Recursively decide the given policy set.

Parameters
$policySetPolicySet
$callOnDenyA "call-on-deny" advice will be passed back by reference if found.
Returns
integer one of the AUTHORIZATION_* values.

Definition at line 160 of file AuthorizationDecisionManager.inc.php.

References addAuthorizationMessage(), and getAuthorizedContext().

Referenced by decide().

◆ addAuthorizationMessage()

AuthorizationDecisionManager::addAuthorizationMessage (   $message)

Add an authorization message

Parameters
$messagestring

Definition at line 85 of file AuthorizationDecisionManager.inc.php.

Referenced by _decidePolicySet().

◆ addPolicy()

AuthorizationDecisionManager::addPolicy (   $policyOrPolicySet,
  $addToTop = false 
)

Add an authorization policy or a policy set.

Parameters
$policyOrPolicySetAuthorizationPolicy|PolicySet
$addToTopboolean whether to insert the new policy to the top of the list.

Definition at line 77 of file AuthorizationDecisionManager.inc.php.

◆ decide()

AuthorizationDecisionManager::decide ( )

Take an authorization decision.

Returns
integer one of AUTHORIZATION_PERMIT or AUTHORIZATION_DENY.

Definition at line 130 of file AuthorizationDecisionManager.inc.php.

References _decidePolicySet().

◆ getAuthorizationMessages()

AuthorizationDecisionManager::getAuthorizationMessages ( )

Return all authorization messages

Returns
array

Definition at line 93 of file AuthorizationDecisionManager.inc.php.

References $_authorizationMessages.

◆ getAuthorizedContext()

& AuthorizationDecisionManager::getAuthorizedContext ( )

Get the authorized context.

Returns
array

Definition at line 116 of file AuthorizationDecisionManager.inc.php.

References $_authorizedContext.

Referenced by _decidePolicySet().

◆ getAuthorizedContextObject()

& AuthorizationDecisionManager::getAuthorizedContextObject (   $assocType)

Retrieve an object from the authorized context

Parameters
$assocTypeinteger
Returns
mixed will return null if the context for the given assoc type does not exist.

Definition at line 103 of file AuthorizationDecisionManager.inc.php.

◆ setDecisionIfNoPolicyApplies()

AuthorizationDecisionManager::setDecisionIfNoPolicyApplies (   $decisionIfNoPolicyApplies)

Set the default decision if none of the policies in the root policy set applies.

Parameters
$decisionIfNoPolicyAppliesinteger

Definition at line 66 of file AuthorizationDecisionManager.inc.php.

Field Documentation

◆ $_authorizationMessages

array AuthorizationDecisionManager::$_authorizationMessages = array()

Definition at line 41 of file AuthorizationDecisionManager.inc.php.

Referenced by getAuthorizationMessages().

◆ $_authorizedContext

array AuthorizationDecisionManager::$_authorizedContext = array()

authorized objects provided by authorization policies

Definition at line 47 of file AuthorizationDecisionManager.inc.php.

Referenced by getAuthorizedContext().

◆ $_rootPolicySet

PolicySet AuthorizationDecisionManager::$_rootPolicySet

the root policy set

Definition at line 35 of file AuthorizationDecisionManager.inc.php.


The documentation for this class was generated from the following file: