Packages:
default
System
System.Caching
System.Collections
System.Data
System.Data.ActiveRecord
System.Data.ActiveRecord.Relations
System.Data.ActiveRecord.Scaffold
System.Data.ActiveReecord.Scaffold.InputBuilder
System.Data.Commom.Sqlite
System.Data.Common
System.Data.Common.Mssql
System.Data.Common.Mysql
System.Data.Common.Oracle
System.Data.Common.Pgsql
System.Data.Common.Sqlite
System.Data.DataGateway
System.Data.SqlMap
System.Data.SqlMap.Configuration
System.Data.SqlMap.Statements
System.Exceptions
System.I18N
System.IO
System.Security
System.Util
System.Web
System.Web.Services
System.Web.UI
System.Web.UI.ActiveControls
System.Web.UI.WebControls
System.Web.UI.WebControls.assets
System.Xml


Classes:
IUserManager
TAuthManager
TAuthorizationRule
TAuthorizationRuleCollection
TDbUser
TDbUserManager
TSecurityManager
TSecurityManagerValidationMode
TUser
TUserManager
TUserManagerPasswordMode
Keyword

Class TAuthorizationRule

TComponent
   |
   --TAuthorizationRule

TAuthorizationRule class

TAuthorizationRule represents a single authorization rule. A rule is specified by an action (required), a list of users (optional), a list of roles (optional), a verb (optional), and a list of IP rules (optional). Action can be either 'allow' or 'deny'. Guest (anonymous, unauthenticated) users are represented by question mark '?'. All users (including guest users) are represented by asterisk '*'. Authenticated users are represented by '@'. Users/roles are case-insensitive. Different users/roles are separated by comma ','. Verb can be either 'get' or 'post'. If it is absent, it means both. IP rules are separated by comma ',' and can contain wild card in the rules (e.g. '192.132.23.33, 192.122.*.*')

Since: 3.0
Author: Qiang Xue <qiang.xue@gmail.com>
Constructor Summary
public
__construct Array
Constructor.
Method Summary
string
getAction ()
boolean
getAuthenticatedApplied ()
boolean
getEveryoneApplied ()
boolean
getGuestApplied ()
array
getIPRules ()
array
getRoles ()
array
getUsers ()
string
getVerb ()
integer
isUserAllowed ( IUser $user, string $verb, string $ip)
Methods Inherited From TComponent
TComponent::addParsedObject(), TComponent::attachEventHandler(), TComponent::canGetProperty(), TComponent::canSetProperty(), TComponent::createdOnTemplate(), TComponent::detachEventHandler(), TComponent::evaluateExpression(), TComponent::evaluateStatements(), TComponent::getEventHandlers(), TComponent::getSubProperty(), TComponent::hasEvent(), TComponent::hasEventHandler(), TComponent::hasProperty(), TComponent::raiseEvent(), TComponent::setSubProperty(), TComponent::__get(), TComponent::__set()
Constructor Details

__construct

public __construct Array

Constructor.
Method Details

getAction

public string getAction ()

Output
string action, either 'allow' or 'deny'
Exception

getAuthenticatedApplied

public boolean getAuthenticatedApplied ()

Output
boolean if this rule applies to authenticated users
Exception

getEveryoneApplied

public boolean getEveryoneApplied ()

Output
boolean if this rule applies to everyone
Exception

getGuestApplied

public boolean getGuestApplied ()

Output
boolean if this rule applies to everyone
Exception

getIPRules

public array getIPRules ()

Output
array list of IP rules.
Exception

getRoles

public array getRoles ()

Output
array list of roles
Exception

getUsers

public array getUsers ()

Output
array list of user IDs
Exception

getVerb

public string getVerb ()

Output
string verb, may be empty, 'get', or 'post'.
Exception

isUserAllowed

public integer isUserAllowed (IUser $user , string $verb , string $ip )

Input
IUser$userthe user object
string$verbthe request verb (GET, PUT)
string$ipthe request IP address
Output
integer 1 if the user is allowed, -1 if the user is denied, 0 if the rule does not apply to the user
Exception