LimeSurvey API - Master branch

Permission extends LSActiveRecord
in package

Class Permission

Table of Contents

Properties

$bEncryption  : mixed
$create_p  : int
$delete_p  : int
$entity  : string
$entity_id  : int
$export_p  : int
$id  : int
$import_p  : int
$permission  : string
$read_p  : int
$uid  : int
$update_p  : int
$aCachedSurveyPermissions  : mixed
$aGlobalBasePermissions  : mixed
$xssFilterAttributes  : array<string|int, string>

Methods

behaviors()  : array<string|int, mixed>
Lists the behaviors of this model
copySurveyPermissions()  : mixed
decrypt()  : mixed
Decrypt values from database
decryptEncryptAttributes()  : mixed
Encrypt/decrypt values
decryptSingle()  : string
Decrypt single value
decryptSingleOld()  : string
Decrypt single value
deleteAllByAttributes()  : int
dispatchPluginModelEvent()  : PluginEvent
editThemePermissionsUser()  : array<string|int, mixed>
Saves the updated values of a users themepermissions.
encrypt()  : mixed
Encrypt values
encryptAttributeValues()  : array<string|int, mixed>
Attribute values are encrypted ( if needed )to be used for searching purposes
encryptSave()  : mixed
Encrypt values before saving to the database
encryptSingle()  : mixed
Enrypt single value
findAllAsArray()  : array<string|int, mixed>
Finds all active records satisfying the specified condition but returns them as array
findAllByAttributes()  : array<string|int, static>
Overriding of Yii's findAllByAttributes method to provide encrypted attribute value search
findByAttributes()  : static|null
Overriding of Yii's findByAttributes method to provide encrypted attribute value search
getAllEncryptedAttributes()  : array<string|int, mixed>
getButtons()  : string
getEntity()  : object
Get object with $iEntityID of type $sEntityName NB: This method needs to be public so that it can be mocked.
getEntityBasePermissions()  : array<string|int, mixed>
Return Permission for an object, using object::getPermissionData directly
getEntityMinimalPermissionRead()  : null|string
Return minimal permission name (for read value)
getGlobalBasePermissions()  : array<string|int, mixed>
Returns the global permissions including description and title
getGlobalPermissionData()  : array<string|int, mixed>
Return the global permission list as array
getMaxId()  : false|int
Return the max value for a field
getMinId()  : false|int
Return the min value for a field
getPermissionGradeList()  : array<string|int, mixed>
Get the translation of each CRUD
getPermissionList()  : array<string|int, mixed>
Used in application/views/admin/surveymenu_entries/_form.php
getPermissions()  : array<string|int, mixed>
get current permissions list Seems used in LimeSurvey\PluginManager\LimesurveyApi->getPermissionSet
getSurveyBasePermissions()  : array<string|int, mixed>
Returns the base permissions for survey
getUserId()  : int
Get the default/fixed $iUserID for Permission only Use App()->getCurrentUserId() for all other purpose
getUserRole()  : int
get the connected user role
giveAllSurveyPermissions()  : mixed
Give all permission of a specific user without permission control of current user Used when create survey
hasGlobalPermission()  : bool
Returns true if a user has global permission for a certain action.
hasPermission()  : bool
Checks if a user has a certain permission
hasSurveyPermission()  : bool
Checks if a user has a certain permission in the given survey
hasTemplatePermission()  : bool
Returns true if a user has permission to read/create/update a certain template
insertRecords()  : mixed
insertSomeRecords()  : bool
isForcedSuperAdmin()  : bool
Returns true if user is a forced superadmin (can not disable superadmin rights)
model()  : Permission
Returns the static model of Settings table
relations()  : mixed
roleHasPermission()  : bool
Returns true if a role has permission for crud
rules()  : array<string|int, mixed>
setEncryptedAttributeLabel()  : string
Function to show encryption symbol in gridview attribute header if value ois encrypted
setGlobalPermission()  : mixed
Set global permissions to the user id
setMinimalEntityPermission()  : null|self::model
Set global permissions to the user id
setPermissions()  : null|bool
Sets permissions (global or survey-specific) for a survey administrator Checks what permissions may be set and automatically filters invalid ones.
tableName()  : mixed
updateAll()  : int
Updates records with the specified condition.
getEntityOwnerId()  : int|null
get the owner if of an entity if exist
query()  : mixed
Modified version that default to do the same as the original, but allows via a third parameter to retrieve the result as array instead of active records. This solves a joining problem. Usage via findAllAsArray method
comparePermissionTitle()  : int
function used to order Permission by language string

Properties

$aCachedSurveyPermissions

protected static mixed $aCachedSurveyPermissions = []

$aGlobalBasePermissions

protected static mixed $aGlobalBasePermissions

$xssFilterAttributes

protected array<string|int, string> $xssFilterAttributes = []

Array of attributes that should be XSS filtered on mass updates

Methods

behaviors()

Lists the behaviors of this model

public behaviors() : array<string|int, mixed>

Below is a list of all behaviors we register:

Tags
see
PluginEventBehavior
see
CTimestampBehavior
Return values
array<string|int, mixed>

copySurveyPermissions()

public copySurveyPermissions(int $iSurveyIDSource, int $iSurveyIDTarget) : mixed
Parameters
$iSurveyIDSource : int
$iSurveyIDTarget : int

decrypt()

Decrypt values from database

public decrypt([mixed $value = '' ]) : mixed
Parameters
$value : mixed = ''

decryptEncryptAttributes()

Encrypt/decrypt values

public decryptEncryptAttributes([mixed $action = 'decrypt' ]) : mixed
Parameters
$action : mixed = 'decrypt'

decryptSingle()

Decrypt single value

public static decryptSingle([string $value = '' ]) : string
Parameters
$value : string = ''

String value which needs to be decrypted

Return values
string

the decrypted string

decryptSingleOld()

Decrypt single value

public static decryptSingleOld([string $value = '' ]) : string
Parameters
$value : string = ''

String value which needs to be decrypted

Return values
string

the decrypted string

deleteAllByAttributes()

public deleteAllByAttributes(array<string|int, mixed> $attributes[, string $condition = '' ][, array<string|int, mixed> $params = [] ]) : int
Parameters
$attributes : array<string|int, mixed>

list of attribute values (indexed by attribute names) that the active records should match. An attribute value can be an array which will be used to generate an IN condition.

$condition : string = ''

query condition or criteria.

$params : array<string|int, mixed> = []

parameters to be bound to an SQL statement.

Tags
todo

This should also be moved to the behavior at some point. This method overrides the parent in order to raise PluginEvents for Bulk delete operations.

Filter Criteria are wrapped into a CDBCriteria instance so we have a single instance responsible for holding the filter criteria to be passed to the PluginEvent, this also enables us to pass the fully configured CDBCriteria instead of the original Parameters.

See for detailed explanation about $condition and $params.

Return values
int

number of rows affected by the execution.

dispatchPluginModelEvent()

public dispatchPluginModelEvent(string $sEventName, CDbCriteria $criteria = null, array<string|int, mixed> $eventParams = []) : PluginEvent
Parameters
$sEventName : string
$criteria = null : CDbCriteria
$eventParams = [] : array<string|int, mixed>
Return values
PluginEvent

editThemePermissionsUser()

Saves the updated values of a users themepermissions.

public static editThemePermissionsUser( $userId,  $aTemplatePermissions) : array<string|int, mixed>
Parameters
$userId :

integer -- this user themepermission values should be updated

$aTemplatePermissions :

array -- permissions to be set

Return values
array<string|int, mixed>

encryptAttributeValues()

Attribute values are encrypted ( if needed )to be used for searching purposes

public encryptAttributeValues([array<string|int, mixed> $attributes = null ][, mixed $bEncryptedOnly = false ][, mixed $bReplaceValues = true ]) : array<string|int, mixed>
Parameters
$attributes : array<string|int, mixed> = null

list of attribute values (indexed by attribute names) that the active records should match. An attribute value can be an array which will be used to generate an IN condition.

$bEncryptedOnly : mixed = false
$bReplaceValues : mixed = true
Return values
array<string|int, mixed>

attributes array with encrypted atrribute values is returned

encryptSave()

Encrypt values before saving to the database

public encryptSave([mixed $runValidation = false ]) : mixed
Parameters
$runValidation : mixed = false

encryptSingle()

Enrypt single value

public static encryptSingle([string $value = '' ]) : mixed
Parameters
$value : string = ''

String value which needs to be encrypted

findAllAsArray()

Finds all active records satisfying the specified condition but returns them as array

public findAllAsArray([mixed $condition = '' ][, array<string|int, mixed> $params = [] ]) : array<string|int, mixed>

See for detailed explanation about $condition and $params.

Parameters
$condition : mixed = ''

query condition or criteria.

$params : array<string|int, mixed> = []

parameters to be bound to an SQL statement.

Return values
array<string|int, mixed>

list of active records satisfying the specified condition. An empty array is returned if none is found.

findAllByAttributes()

Overriding of Yii's findAllByAttributes method to provide encrypted attribute value search

public findAllByAttributes(array<string|int, mixed> $attributes[, mixed $condition = '' ][, array<string|int, mixed> $params = [] ]) : array<string|int, static>
Parameters
$attributes : array<string|int, mixed>

list of attribute values (indexed by attribute names) that the active records should match. An attribute value can be an array which will be used to generate an IN condition.

$condition : mixed = ''

query condition or criteria.

$params : array<string|int, mixed> = []

parameters to be bound to an SQL statement.

Return values
array<string|int, static>

the records found. An empty array is returned if none is found.

findByAttributes()

Overriding of Yii's findByAttributes method to provide encrypted attribute value search

public findByAttributes(array<string|int, mixed> $attributes[, mixed $condition = '' ][, array<string|int, mixed> $params = [] ]) : static|null
Parameters
$attributes : array<string|int, mixed>

list of attribute values (indexed by attribute names) that the active record should match. An attribute value can be an array which will be used to generate an IN condition.

$condition : mixed = ''

query condition or criteria.

$params : array<string|int, mixed> = []

parameters to be bound to an SQL statement.

Return values
static|null

the record found. Null if none is found.

getAllEncryptedAttributes()

public getAllEncryptedAttributes(int $iSurveyId, string $sClassName) : array<string|int, mixed>
Parameters
$iSurveyId : int
$sClassName : string
Return values
array<string|int, mixed>

TODO: Should be split into seperate functions in the appropiate model or helper class TODO: Make an interface for records that support encryption.

getButtons()

public getButtons() : string
Return values
string

getEntity()

Get object with $iEntityID of type $sEntityName NB: This method needs to be public so that it can be mocked.

public getEntity(string $sEntityName, int $iEntityID) : object
Parameters
$sEntityName : string
$iEntityID : int
Return values
object

getEntityBasePermissions()

Return Permission for an object, using object::getPermissionData directly

public static getEntityBasePermissions(string $sEntityName) : array<string|int, mixed>
Parameters
$sEntityName : string

must be an existing object child of LSActiveRecord

Return values
array<string|int, mixed>

of permission : each permission with array of available crud

getEntityMinimalPermissionRead()

Return minimal permission name (for read value)

public static getEntityMinimalPermissionRead(string $sEntityName) : null|string
Parameters
$sEntityName : string

must be an existing object child of LSActiveRecord

Return values
null|string

getGlobalBasePermissions()

Returns the global permissions including description and title

public static getGlobalBasePermissions() : array<string|int, mixed>
Return values
array<string|int, mixed>

of array of permission

getGlobalPermissionData()

Return the global permission list as array

public static getGlobalPermissionData([string $key = null ]) : array<string|int, mixed>
Parameters
$key : string = null

the specific permission

Tags
todo

Use data value object instead of array.

Return values
array<string|int, mixed>

of crud if $key is set, array of permissio array by crud …

getMaxId()

Return the max value for a field

public getMaxId([string $field = null ][, bool $forceRefresh = false ]) : false|int

This is a convenience method, that uses the primary key of the model to retrieve the highest value.

Parameters
$field : string = null

The field that contains the Id, when null primary key is used if it is a single field

$forceRefresh : bool = false

Don't use value from static cache but always requery the database

Tags
throws
Exception
Return values
false|int

getMinId()

Return the min value for a field

public getMinId([string $field = null ][, bool $forceRefresh = false ]) : false|int

This is a convenience method, that uses the primary key of the model to retrieve the highest value.

Parameters
$field : string = null

The field that contains the Id, when null primary key is used if it is a single field

$forceRefresh : bool = false

Don't use value from static cache but always requery the database

Tags
throws
Exception
Return values
false|int

getPermissionGradeList()

Get the translation of each CRUD

public static getPermissionGradeList() : array<string|int, mixed>
Return values
array<string|int, mixed>

crud=>translation

getPermissionList()

Used in application/views/admin/surveymenu_entries/_form.php

public static getPermissionList() : array<string|int, mixed>
Return values
array<string|int, mixed>

getPermissions()

get current permissions list Seems used in LimeSurvey\PluginManager\LimesurveyApi->getPermissionSet

public static getPermissions(int $iUserID[, int $iEntityID = null ][, string $sEntityName = null ]) : array<string|int, mixed>
Parameters
$iUserID : int
$iEntityID : int = null
$sEntityName : string = null
Return values
array<string|int, mixed>

getSurveyBasePermissions()

Returns the base permissions for survey

public static getSurveyBasePermissions() : array<string|int, mixed>
Tags
see
self::getEntityBasePermissions
Return values
array<string|int, mixed>

getUserId()

Get the default/fixed $iUserID for Permission only Use App()->getCurrentUserId() for all other purpose

public getUserId([int|null $iUserID = null ]) : int
Parameters
$iUserID : int|null = null

optional user id

Tags
todo

move to private function

throws
Exception
Return values
int

user id

getUserRole()

get the connected user role

public static getUserRole(int $iUserID) : int
Parameters
$iUserID : int

user id

Tags
throws
Exception
Return values
int

roleId

giveAllSurveyPermissions()

Give all permission of a specific user without permission control of current user Used when create survey

public giveAllSurveyPermissions(int $iUserID, int $iSurveyID) : mixed
Parameters
$iUserID : int
$iSurveyID : int
Tags
see
mantis

#16967: https://bugs.limesurvey.org/view.php?id=16967

hasGlobalPermission()

Returns true if a user has global permission for a certain action.

public hasGlobalPermission(string $sPermission[,  $sCRUD = 'read' ][,  $iUserID = null ]) : bool
Parameters
$sPermission : string

string Name of the permission - see function getGlobalPermissions

$sCRUD : = 'read'

string The permission detailsyou want to check on: 'create','read','update','delete','import' or 'export'

$iUserID : = null

integer User ID - if not given the one of the current user is used

Return values
bool

True if user has the permission

hasPermission()

Checks if a user has a certain permission

public hasPermission( $iEntityID, string $sEntityName,  $sPermission[,  $sCRUD = 'read' ][,  $iUserID = null ]) : bool
Parameters
$iEntityID :

integer The entity ID

$sEntityName : string

string The entity name

$sPermission :

string Name of the permission

$sCRUD : = 'read'

string The permission detail you want to check on: 'create','read','update','delete','import' or 'export'

$iUserID : = null

integer User ID - if empty : use the current user

Return values
bool

True if user has the permission

hasSurveyPermission()

Checks if a user has a certain permission in the given survey

public hasSurveyPermission( $iSurveyID,  $sPermission[,  $sCRUD = 'read' ][,  $iUserID = null ]) : bool
Parameters
$iSurveyID :

integer The survey ID

$sPermission :

string Name of the permission

$sCRUD : = 'read'

string The permission detail you want to check on: 'create','read','update','delete','import' or 'export'

$iUserID : = null

integer User ID - if not given the one of the current user is used

Return values
bool

True if user has the permission

hasTemplatePermission()

Returns true if a user has permission to read/create/update a certain template

public hasTemplatePermission(string $sTemplateName[,  $sCRUD = 'read' ][, int $iUserID = null ]) : bool
Parameters
$sTemplateName : string
$sCRUD : = 'read'

string The permission detailsyou want to check on: 'create','read','update','delete','import' or 'export'

$iUserID : int = null

integer User ID - if not given the one of the current user is used

Return values
bool

True if user has the permission

insertRecords()

public insertRecords(array<string|int, mixed> $data) : mixed
Parameters
$data : array<string|int, mixed>
Tags
deprecated

at 2018-01-29 use $model->attributes = $data && $model->save()

insertSomeRecords()

public insertSomeRecords(array<string|int, mixed> $data) : bool
Parameters
$data : array<string|int, mixed>
Return values
bool

isForcedSuperAdmin()

Returns true if user is a forced superadmin (can not disable superadmin rights)

public static isForcedSuperAdmin(mixed $iUserID) : bool
Parameters
$iUserID : mixed
Return values
bool

model()

Returns the static model of Settings table

public static model([mixed $className = __CLASS__ ]) : Permission
Parameters
$className : mixed = __CLASS__
Tags
static
access

public

Return values
Permission

relations()

public relations() : mixed
Tags
inheritdoc

roleHasPermission()

Returns true if a role has permission for crud

public roleHasPermission(mixed $iRoleId, string $sPermission[, string $sCRUD = 'read' ]) : bool
Parameters
$iRoleId : mixed
$sPermission : string
$sCRUD : string = 'read'

The permission detailsyou want to check on: 'create','read','update','delete','import' or 'export'

Return values
bool

allowed permssion

rules()

public rules() : array<string|int, mixed>
Return values
array<string|int, mixed>

validation rules for model attributes.

setEncryptedAttributeLabel()

Function to show encryption symbol in gridview attribute header if value ois encrypted

public setEncryptedAttributeLabel(int $surveyId, string $className, string $attributeName) : string
Parameters
$surveyId : int
$className : string
$attributeName : string
Tags
throws
CException
Return values
string

setGlobalPermission()

Set global permissions to the user id

public setGlobalPermission(int $iNewUID, string $sPermType[, array<string|int, string> $aPermissions = array('read_p') ]) : mixed
Parameters
$iNewUID : int
$sPermType : string
$aPermissions : array<string|int, string> = array('read_p')

setMinimalEntityPermission()

Set global permissions to the user id

public static setMinimalEntityPermission(int $iUserID, mixed $iEntityID, string $sEntityName) : null|self::model
Parameters
$iUserID : int

the user id

$iEntityID : mixed

the entity id

$sEntityName : string

the entity name (Object)

Return values
null|self::model

setPermissions()

Sets permissions (global or survey-specific) for a survey administrator Checks what permissions may be set and automatically filters invalid ones.

public static setPermissions(mixed $iUserID, mixed $iEntityID, string $sEntityName, mixed $aPermissions[, bool $bBypassCheck = false ]) : null|bool

A permission may be invalid if the permission does not exist or that particular user may not give that permission

Parameters
$iUserID : mixed
$iEntityID : mixed
$sEntityName : string
$aPermissions : mixed
$bBypassCheck : bool = false

: by pass control of current permission for current user only for global permission

Tags
deprecated

: usage only for global Permission currently

throws
Exception
Return values
null|bool

tableName()

public tableName() : mixed
Tags
inheritdoc

updateAll()

Updates records with the specified condition.

public updateAll(array<string|int, mixed> $attributes[, mixed $condition = '' ][, array<string|int, mixed> $params = array() ]) : int

XSS filtering is enforced for attributes listed in model's $xssFilterAttributes property. See for detailed explanation about $condition and $params. Note, the attributes are not checked for safety and no validation is done.

Parameters
$attributes : array<string|int, mixed>

list of attributes (name=>$value) to be updated

$condition : mixed = ''

query condition or criteria.

$params : array<string|int, mixed> = array()

parameters to be bound to an SQL statement.

Return values
int

the number of rows being updated

getEntityOwnerId()

get the owner if of an entity if exist

protected getEntityOwnerId(int $iEntityID, string $sEntityName) : int|null
Parameters
$iEntityID : int

the entity id

$sEntityName : string

string name (model)

Return values
int|null

user id if exist

query()

Modified version that default to do the same as the original, but allows via a third parameter to retrieve the result as array instead of active records. This solves a joining problem. Usage via findAllAsArray method

protected query(CDbCriteria $criteria[, bool $all = false ][, bool $asAR = true ]) : mixed

Performs the actual DB query and populates the AR objects with the query result. This method is mainly internally used by other AR query methods.

Parameters
$criteria : CDbCriteria

the query criteria

$all : bool = false

whether to return all data

$asAR : bool = true
Tags
since
1.1.7
Return values
mixed

the AR objects populated with the query result

comparePermissionTitle()

function used to order Permission by language string

private static comparePermissionTitle(array<string|int, mixed> $aApermission, array<string|int, mixed> $aBpermission) : int
Parameters
$aApermission : array<string|int, mixed>

The first permission information

$aBpermission : array<string|int, mixed>

The second permission information

Return values
int 
 
  
 
 
 
 
 
 On this page  
 
 
 
 
 
 
Search results