isActionAllowed #
Specifies if an action is allowed, denied or conditional based on the rights provided as the first argument:
allowedis returned when an action is authorized without conditionconditionalis returned when the authorization depends on a closuredeniedis returned when the action is forbidden
An action is defined as a pair of action and controller (mandatory), plus an index and a collection(optional).
You can get the rights from Kuzzle by using Security.getUserRights and Kuzzle.getMyRights.
isActionAllowed(rights, controller, action, index, collection) #
| Arguments | Type | Description |
|---|---|---|
rights | JSON array | Rights list |
controller | String | The controller |
action | String | The action |
index | String | The index |
collection | String | The collection |
Return Value #
Returns either allowed, denied or conditional.
Usage #
<?php
use \Kuzzle\Kuzzle;
use \Kuzzle\Security\Security;
$kuzzle = new Kuzzle('localhost');
try {
$rights = $kuzzle->security()->getMyRights();
switch ($kuzzle->security()->isActionAllowed($rights, 'read', 'get', 'index1', 'collection1')) {
case Security::ACTION_ALLOWED:
// code...
break;
case Security::ACTION_DENIED:
// code...
break;
case Security::ACTION_CONDITIONAL:
// code...
break;
}
}
catch (ErrorException $e) {
}Edit this page on Github(opens new window)