MediaWiki  master
GroupPermissionsLookup.php
Go to the documentation of this file.
1 <?php
21 namespace MediaWiki\Permissions;
22 
24 
31 
36  public const CONSTRUCTOR_OPTIONS = [
37  'GroupPermissions',
38  'RevokePermissions',
39  ];
40 
43 
46 
47  /*
48  * @param ServiceOptions $options
49  */
50  public function __construct( ServiceOptions $options ) {
51  $options->assertRequiredOptions( self::CONSTRUCTOR_OPTIONS );
52  $this->groupPermissions = $options->get( 'GroupPermissions' );
53  $this->revokePermissions = $options->get( 'RevokePermissions' );
54  }
55 
68  public function groupHasPermission( string $group, string $permission ): bool {
69  return isset( $this->groupPermissions[$group][$permission] ) &&
70  $this->groupPermissions[$group][$permission] &&
71  !( isset( $this->revokePermissions[$group][$permission] ) &&
72  $this->revokePermissions[$group][$permission] );
73  }
74 
81  public function getGroupPermissions( array $groups ): array {
82  $rights = [];
83  // grant every granted permission first
84 
85  foreach ( $groups as $group ) {
86  if ( isset( $this->groupPermissions[$group] ) ) {
87  $rights = array_merge(
88  $rights,
89  // array_filter removes empty items
90  array_keys( array_filter( $this->groupPermissions[$group] ) )
91  );
92  }
93  }
94  // now revoke the revoked permissions
95  foreach ( $groups as $group ) {
96  if ( isset( $this->revokePermissions[$group] ) ) {
97  $rights = array_diff(
98  $rights,
99  array_keys( array_filter( $this->revokePermissions[$group] ) )
100  );
101  }
102  }
103  return array_unique( $rights );
104  }
105 
112  public function getGroupsWithPermission( string $permission ): array {
113  $allowedGroups = [];
114  foreach ( array_keys( $this->groupPermissions ) as $group ) {
115  if ( $this->groupHasPermission( $group, $permission ) ) {
116  $allowedGroups[] = $group;
117  }
118  }
119  return $allowedGroups;
120  }
121 }
MediaWiki\Permissions\GroupPermissionsLookup
Definition: GroupPermissionsLookup.php:30
MediaWiki\Permissions\GroupPermissionsLookup\$revokePermissions
array $revokePermissions
Definition: GroupPermissionsLookup.php:45
MediaWiki\Permissions\GroupPermissionsLookup\$groupPermissions
array $groupPermissions
Definition: GroupPermissionsLookup.php:32
MediaWiki\Config\ServiceOptions
A class for passing options to services.
Definition: ServiceOptions.php:27
MediaWiki\Permissions\GroupPermissionsLookup\__construct
__construct(ServiceOptions $options)
Definition: GroupPermissionsLookup.php:50
MediaWiki\Permissions\GroupPermissionsLookup\getGroupPermissions
getGroupPermissions(array $groups)
Get the permissions associated with a given list of groups.
Definition: GroupPermissionsLookup.php:81
MediaWiki\Permissions\GroupPermissionsLookup\groupHasPermission
groupHasPermission(string $group, string $permission)
Check, if the given group has the given permission.
Definition: GroupPermissionsLookup.php:68
MediaWiki\Permissions\GroupPermissionsLookup\getGroupsWithPermission
getGroupsWithPermission(string $permission)
Get all the groups who have a given permission.
Definition: GroupPermissionsLookup.php:112
MediaWiki\Config\ServiceOptions\get
get( $key)
Definition: ServiceOptions.php:93
MediaWiki\Config\ServiceOptions\assertRequiredOptions
assertRequiredOptions(array $expectedKeys)
Assert that the list of options provided in this instance exactly match $expectedKeys,...
Definition: ServiceOptions.php:71
MediaWiki\Permissions
Definition: Authority.php:21