Drupal 8  8.0.2
PermissionHandler Class Reference
Inheritance diagram for PermissionHandler:

Public Member Functions

 __construct (ModuleHandlerInterface $module_handler, TranslationInterface $string_translation, ControllerResolverInterface $controller_resolver)
 
 getPermissions ()
 
 moduleProvidesPermissions ($module_name)
 

Protected Member Functions

 getYamlDiscovery ()
 
 buildPermissionsYaml ()
 
 sortPermissions (array $all_permissions=array())
 
 getModuleNames ()
 
 systemRebuildModuleData ()
 

Protected Attributes

 $moduleHandler
 
 $yamlDiscovery
 
 $controllerResolver
 

Detailed Description

Provides the available permissions based on yml files.

To define permissions you can use a $module.permissions.yml file. This file defines machine names, human-readable names, restrict access (if required for security warning), and optionally descriptions for each permission type. The machine names are the canonical way to refer to permissions for access checking.

If your module needs to define dynamic permissions you can use the permission_callbacks key to declare a callable that will return an array of permissions, keyed by machine name. Each item in the array can contain the same keys as an entry in $module.permissions.yml.

Here is an example from the core filter module (comments have been added):

# The key is the permission machine name, and is required.
administer filters:
# (required) Human readable name of the permission used in the UI.
title: 'Administer text formats and filters'
# (optional) Additional description fo the permission used in the UI.
description: 'Define how text is handled by combining filters into text formats.'
# (optional) Boolean, when set to true a warning about site security will
# be displayed on the Permissions page. Defaults to false.
restrict access: false
# An array of callables used to generate dynamic permissions.
permission_callbacks:
# Each item in the array should return an associative array with one or
# more permissions following the same keys as the permission defined above.
- Drupal\filter\FilterPermissions::permissions
See Also
filter.permissions.yml
User accounts, permissions, and roles

Constructor & Destructor Documentation

__construct ( ModuleHandlerInterface  $module_handler,
TranslationInterface  $string_translation,
ControllerResolverInterface  $controller_resolver 
)

Constructs a new PermissionHandler.

Parameters
\Drupal\Core\Extension\ModuleHandlerInterface$module_handlerThe module handler.
\Drupal\Core\StringTranslation\TranslationInterface$string_translationThe string translation.
\Drupal\Core\Controller\ControllerResolverInterface$controller_resolverThe controller resolver.

References Drupal\moduleHandler().

Here is the call graph for this function:

Member Function Documentation

buildPermissionsYaml ( )
protected

Builds all permissions provided by .permissions.yml files.

Returns
array[] Each return permission is an array with the following keys:
  • title: The title of the permission.
  • description: The description of the permission, defaults to NULL.
  • provider: The provider of the permission.

References PermissionHandler\getYamlDiscovery(), and t().

Referenced by PermissionHandler\getPermissions().

Here is the call graph for this function:

Here is the caller graph for this function:

getModuleNames ( )
protected

Returns all module names.

Returns
string[] Returns the human readable names of all modules keyed by machine name.

References Drupal\moduleHandler().

Referenced by PermissionHandler\sortPermissions().

Here is the call graph for this function:

Here is the caller graph for this function:

getPermissions ( )

{Gets all available permissions.

Returns
array An array whose keys are permission names and whose corresponding values are arrays containing the following key-value pairs:
  • title: The human-readable name of the permission, to be shown on the permission administration page. This should be wrapped in the t() function so it can be translated.
  • description: (optional) A description of what the permission does. This should be wrapped in the t() function so it can be translated.
  • restrict access: (optional) A boolean which can be set to TRUE to indicate that site administrators should restrict access to this permission to trusted users. This should be used for permissions that have inherent security risks across a variety of potential use cases (for example, the "administer filters" and "bypass node access" permissions provided by Drupal core). When set to TRUE, a standard warning message defined in user_admin_permissions() will be displayed with the permission on the permission administration page. Defaults to FALSE.
  • warning: (optional) A translated warning message to display for this permission on the permission administration page. This warning overrides the automatic warning generated by 'restrict access' being set to TRUE. This should rarely be used, since it is important for all permissions to have a clear, consistent security warning that is the same across the site. Use the 'description' key instead to provide any information that is specific to the permission you are defining.
  • provider: (optional) The provider name of the permission.
}

Implements PermissionHandlerInterface.

References PermissionHandler\buildPermissionsYaml(), and PermissionHandler\sortPermissions().

Referenced by PermissionHandler\moduleProvidesPermissions().

Here is the call graph for this function:

Here is the caller graph for this function:

getYamlDiscovery ( )
protected

Gets the YAML discovery.

Returns
The YAML discovery.

References Drupal\moduleHandler().

Referenced by PermissionHandler\buildPermissionsYaml().

Here is the call graph for this function:

Here is the caller graph for this function:

moduleProvidesPermissions (   $module_name)

{Determines whether a module provides some permissions.

Parameters
string$module_nameThe module name.
Returns
bool Returns TRUE if the module provides some permissions, otherwise FALSE.
}

Implements PermissionHandlerInterface.

References PermissionHandler\getPermissions().

Here is the call graph for this function:

sortPermissions ( array  $all_permissions = array())
protected

Sorts the given permissions by provider name and title.

Parameters
array$all_permissionsThe permissions to be sorted.
Returns
array[] Each return permission is an array with the following keys:
  • title: The title of the permission.
  • description: The description of the permission, defaults to NULL.
  • provider: The provider of the permission.

References PermissionHandler\getModuleNames().

Referenced by PermissionHandler\getPermissions().

Here is the call graph for this function:

Here is the caller graph for this function:

systemRebuildModuleData ( )
protected

Wraps system_rebuild_module_data()

Returns
[]

The documentation for this class was generated from the following file: