HasAcl trait to integrate Acl with
Phproberto\Joomla\Entity\Acl\Traits\HasAcl
This trait provides everything you need to start using ACL with an entity.
Index
Requirements
Entities with ACL checks need to implement the interface:
Phproberto\Joomla\Entity\Acl\Contracts\Aclable
To use this trait with the default behavior your class has to provide a method to retrieve the component that contains the ACL settings this entity requires.
Sample implementation:
/**
* Retrieve the associated component.
*
* @return Component
*/
public function component()
{
return Component::fromOption('com_phproberto');
}
If your entity already extends:
Phproberto\Joomla\Entity\ComponentEntity
You don’t need to do anything.
Alternatively you can override the aclAssetName()
method to provide the entity asset name which is the only place component()
method is retrieved.
Sample custom aclAssetName()
:
/**
* Get the identifier of the associated asset
*
* @return string
*/
public function aclAssetName()
{
if ($this->hasId())
{
return 'com_phproberto.product.' . $this->id();
}
return 'com_phproberto';
}
Usage
Once integrated with your entity you can use this trait’s methods to perform permission checks like:
// Article already uses HasAcl trait
use Phproberto\Joomla\Entity\Content\Article;
$article = Article::find(1);
// If no user is specified it will check permissions of the active user
$permissions = $article->acl();
// You can also check permissions for a specific user
$permissions = $article->acl(User::find(23));
// Actions can be tested directly with can() method. This expects an action core.edit is defined in component access.xml file
if ($permissions->can('edit'))
{
// Do something
}
// Common actions are already defined as methods for fast usage. It also contains complex tests for entities owned by an user. Global edit may be disabled by owner edit may be allowed.
if ($permissions->canEdit())
{
// Do something
}
Methods
This trait has these methods available:
acl(User $user = null)
Get ACL settings for a specific user to start checking permissions.
Parameters:
Phproberto\Joomla\Entity\Users\User
$user (optional): User whose permissions we want to check. Defaults to active user.
Returns:
Phproberto\Joomla\Entity\Acl\Acl
Examples:
// Article already uses HasAcl trait
use Phproberto\Joomla\Entity\Content\Article;
// If no user is specified it will check permissions of the active user
$permissions = $article->acl();
// You can also check permissions for a specific user
$permissions = $article->acl(User::find(23));
aclPrefix()
This defines the prefix that will be used to check this entity permissions. It defaults to
core
because it comes already defined by Joomla and used by core but you can use your custom prefix if you have complex ACL settings. Example: If your entity has actions defined likeproduct.edit
inaccess.xml
you have to useproduct
as prefix. You will rarely use this method outside your entity.
Parameters:
None
Returns:
string
Examples:
// Article already uses HasAcl trait
use Phproberto\Joomla\Entity\Content\Article;
// This will echo `core`
echo Article::find(1)->aclPrefix();
aclAssetName()
This returns the associated asset name to check entity permissions. Default naming rule is:
{component}.{entity_name}.{id}
For an entity named product with id 23 in component com_phproberto the asset returned will be:
com_phproberto.product.23
Parameters:
None
Returns:
string
Examples:
// Article already uses HasAcl trait
use Phproberto\Joomla\Entity\Content\Article;
// This will echo `com_content.article.1`
echo Article::find(1)->aclAssetName();