Represents the authority of a given User. More...
Inherits MediaWiki\Permissions\Authority.
Public Member Functions | ||||||||||
| __construct (User $user, WebRequest $request, IContextSource $uiContext, PermissionManager $permissionManager, RateLimiter $rateLimiter, BlockErrorFormatter $blockErrorFormatter) | ||||||||||
| authorizeAction (string $action, PermissionStatus $status=null) | ||||||||||
Authorize an action.This should be used immediately before performing the action.Calling this method may have non-trivial side-effects, such as incrementing a rate limit counter.
| ||||||||||
| authorizeRead (string $action, PageIdentity $target, PermissionStatus $status=null) | ||||||||||
Authorize read access.This should be used immediately before performing read access on restricted information.Calling this method may have non-trivial side-effects, such as incrementing a rate limit counter.
| ||||||||||
| authorizeWrite (string $action, PageIdentity $target, PermissionStatus $status=null) | ||||||||||
Authorize write access.This should be used immediately before updating persisted information.Calling this method may have non-trivial side-effects, such as incrementing a rate limit counter.
| ||||||||||
| definitelyCan (string $action, PageIdentity $target, PermissionStatus $status=null) | ||||||||||
Checks whether this authority can perform the given action on the given target page.This method performs a thorough check, but does not protect against race conditions. It is intended to be used when a user is intending to perform an action, but has not yet committed to it. For example, when a user goes to the edit page of an article, this method may be used to determine whether the user should be presented with a warning and a read-only view instead.This method may apply rate limit checks and evaluate user blocks.
| ||||||||||
| getBlock (int $freshness=IDBAccessObject::READ_NORMAL) | ||||||||||
Returns any user block affecting the Authority.
| ||||||||||
| getUser () | ||||||||||
Returns the performer of the actions associated with this authority.Actions performed under this authority should generally be attributed to the user identity returned by this method.
| ||||||||||
| isAllowed (string $permission, PermissionStatus $status=null) | ||||||||||
Checks whether this authority has the given permission in general.For some permissions, exceptions may exist, both positive and negative, on a per-target basis. This method offers a fast, lightweight check, but may produce false positives. It is intended for determining which UI elements should be offered to the user.This method will not apply rate limit checks or evaluate user blocks.
| ||||||||||
| isAllowedAll (... $permissions) | ||||||||||
Checks whether this authority has any of the given permissions in general.Implementations must ensure that this method returns false if isAllowed would return false for any of the given permissions. Calling isAllowedAll() with one parameter must be equivalent to calling isAllowed(). Calling isAllowedAny() with no parameter is not allowed.
| ||||||||||
| isAllowedAny (... $permissions) | ||||||||||
Checks whether this authority has any of the given permissions in general.Implementations must ensure that this method returns true if isAllowed would return true for any of the given permissions. Calling isAllowedAny() with one parameter must be equivalent to calling isAllowed(). Calling isAllowedAny() with no parameter is not allowed.
| ||||||||||
| isDefinitelyAllowed (string $action, PermissionStatus $status=null) | ||||||||||
Checks whether this authority is allowed to perform the given action.This method performs a thorough check, but does not protect against race conditions. It is intended to be used when a user is intending to perform an action, but has not yet committed to it. For example, when a user visits their preferences page, this method may be used to determine whether the user should have the option to change their email address.This method may apply rate limit checks and evaluate user blocks.
| ||||||||||
| isNamed () | ||||||||||
| Is the user a normal non-temporary registered user? | ||||||||||
| isRegistered () | ||||||||||
| Get whether the user is registered. | ||||||||||
| isTemp () | ||||||||||
| Is the user an autocreated temporary user? | ||||||||||
| limit (string $action, int $incrBy, ?PermissionStatus $status) | ||||||||||
| Check whether a rate limit has been exceeded for the given action. | ||||||||||
| probablyCan (string $action, PageIdentity $target, PermissionStatus $status=null) | ||||||||||
Checks whether this authority can probably perform the given action on the given target page.This method offers a fast, lightweight check, but may produce false positives. It is intended for determining which UI elements should be offered to the user. This method will not apply rate limit checks or evaluate user blocks.
| ||||||||||
| setUseLimitCache (bool $useLimitCache) | ||||||||||
Detailed Description
Represents the authority of a given User.
For anonymous visitors, this will typically allow only basic permissions. For logged in users, permissions are generally based on group membership, but may be adjusted based on things like IP range blocks, OAuth grants, or rate limits.
- Note
- This is intended as an intermediate step towards an implementation of Authority that contains much of the logic currently in PermissionManager, and is based directly on WebRequest and Session, rather than a User object. However, for now, code that needs an Authority that reflects the current user and web request should use a User object directly.
- Stability: unstable
- Since
- 1.36
Definition at line 51 of file UserAuthority.php.
Constructor & Destructor Documentation
◆ __construct()
| MediaWiki\Permissions\UserAuthority::__construct | ( | User | $user, |
| WebRequest | $request, | ||
| IContextSource | $uiContext, | ||
| PermissionManager | $permissionManager, | ||
| RateLimiter | $rateLimiter, | ||
| BlockErrorFormatter | $blockErrorFormatter ) |
- Parameters
-
User $user WebRequest $request IContextSource $uiContext PermissionManager $permissionManager RateLimiter $rateLimiter BlockErrorFormatter $blockErrorFormatter
Definition at line 112 of file UserAuthority.php.
Member Function Documentation
◆ authorizeAction()
| MediaWiki\Permissions\UserAuthority::authorizeAction | ( | string | $action, |
| PermissionStatus | $status = null ) |
Authorize an action.This should be used immediately before performing the action.Calling this method may have non-trivial side-effects, such as incrementing a rate limit counter.
- Since
- 1.41
- Parameters
-
string $action PermissionStatus | null $status aggregator for failures
- Returns
- bool
Implements MediaWiki\Permissions\Authority.
Definition at line 205 of file UserAuthority.php.
◆ authorizeRead()
| MediaWiki\Permissions\UserAuthority::authorizeRead | ( | string | $action, |
| PageIdentity | $target, | ||
| PermissionStatus | $status = null ) |
Authorize read access.This should be used immediately before performing read access on restricted information.Calling this method may have non-trivial side-effects, such as incrementing a rate limit counter.
- Parameters
-
string $action PageIdentity $target PermissionStatus | null $status aggregator for failures
- Returns
- bool If the user can perform the action
Implements MediaWiki\Permissions\Authority.
Definition at line 222 of file UserAuthority.php.
◆ authorizeWrite()
| MediaWiki\Permissions\UserAuthority::authorizeWrite | ( | string | $action, |
| PageIdentity | $target, | ||
| PermissionStatus | $status = null ) |
Authorize write access.This should be used immediately before updating persisted information.Calling this method may have non-trivial side-effects, such as incrementing a rate limit counter.
- Parameters
-
string $action PageIdentity $target PermissionStatus | null $status aggregator for failures
- Returns
- bool If the user can perform the action
Implements MediaWiki\Permissions\Authority.
Definition at line 242 of file UserAuthority.php.
◆ definitelyCan()
| MediaWiki\Permissions\UserAuthority::definitelyCan | ( | string | $action, |
| PageIdentity | $target, | ||
| PermissionStatus | $status = null ) |
Checks whether this authority can perform the given action on the given target page.This method performs a thorough check, but does not protect against race conditions. It is intended to be used when a user is intending to perform an action, but has not yet committed to it. For example, when a user goes to the edit page of an article, this method may be used to determine whether the user should be presented with a warning and a read-only view instead.This method may apply rate limit checks and evaluate user blocks.
- See also
- probablyCan
- isDefinitelyAllowed
- Parameters
-
string $action PageIdentity $target PermissionStatus | null $status aggregator for failures
- Returns
- bool
Implements MediaWiki\Permissions\Authority.
Definition at line 181 of file UserAuthority.php.
◆ getBlock()
| MediaWiki\Permissions\UserAuthority::getBlock | ( | int | $freshness = IDBAccessObject::READ_NORMAL | ) |
Returns any user block affecting the Authority.
- Parameters
-
int $freshness Indicates whether slightly stale data is acceptable in, exchange for a fast response.
- Returns
- ?Block
- Since
- 1.37
Implements MediaWiki\Permissions\Authority.
Definition at line 448 of file UserAuthority.php.
◆ getUser()
| MediaWiki\Permissions\UserAuthority::getUser | ( | ) |
Returns the performer of the actions associated with this authority.Actions performed under this authority should generally be attributed to the user identity returned by this method.
- Returns
- UserIdentity
Implements MediaWiki\Permissions\Authority.
Definition at line 138 of file UserAuthority.php.
◆ isAllowed()
| MediaWiki\Permissions\UserAuthority::isAllowed | ( | string | $permission, |
| PermissionStatus | $status = null ) |
Checks whether this authority has the given permission in general.For some permissions, exceptions may exist, both positive and negative, on a per-target basis. This method offers a fast, lightweight check, but may produce false positives. It is intended for determining which UI elements should be offered to the user.This method will not apply rate limit checks or evaluate user blocks.
- Parameters
-
string $permission PermissionStatus | null $status
- Returns
- bool
- See also
- isDefinitelyAllowed
- probablyCan
Implements MediaWiki\Permissions\Authority.
Definition at line 143 of file UserAuthority.php.
◆ isAllowedAll()
| MediaWiki\Permissions\UserAuthority::isAllowedAll | ( | $permissions | ) |
Checks whether this authority has any of the given permissions in general.Implementations must ensure that this method returns false if isAllowed would return false for any of the given permissions. Calling isAllowedAll() with one parameter must be equivalent to calling isAllowed(). Calling isAllowedAny() with no parameter is not allowed.
- See also
- isAllowed
- Parameters
-
string ...$permissions Permissions to test. At least one must be given.
- Returns
- bool True if the user is allowed to perform all of the given actions
Implements MediaWiki\Permissions\Authority.
Definition at line 157 of file UserAuthority.php.
◆ isAllowedAny()
| MediaWiki\Permissions\UserAuthority::isAllowedAny | ( | $permissions | ) |
Checks whether this authority has any of the given permissions in general.Implementations must ensure that this method returns true if isAllowed would return true for any of the given permissions. Calling isAllowedAny() with one parameter must be equivalent to calling isAllowed(). Calling isAllowedAny() with no parameter is not allowed.
- See also
- isAllowed
- Parameters
-
string ...$permissions Permissions to test. At least one must be given.
- Returns
- bool True if user is allowed to perform any of the given actions
Implements MediaWiki\Permissions\Authority.
Definition at line 148 of file UserAuthority.php.
◆ isDefinitelyAllowed()
| MediaWiki\Permissions\UserAuthority::isDefinitelyAllowed | ( | string | $action, |
| PermissionStatus | $status = null ) |
Checks whether this authority is allowed to perform the given action.This method performs a thorough check, but does not protect against race conditions. It is intended to be used when a user is intending to perform an action, but has not yet committed to it. For example, when a user visits their preferences page, this method may be used to determine whether the user should have the option to change their email address.This method may apply rate limit checks and evaluate user blocks.
- Since
- 1.41
- See also
- isAllowed
- definitelyCan
- Parameters
-
string $action PermissionStatus | null $status aggregator for failures
- Returns
- bool
Implements MediaWiki\Permissions\Authority.
Definition at line 199 of file UserAuthority.php.
◆ isNamed()
| MediaWiki\Permissions\UserAuthority::isNamed | ( | ) |
Is the user a normal non-temporary registered user?
- Since
- 1.39
- Returns
- bool
Implements MediaWiki\Permissions\Authority.
Definition at line 485 of file UserAuthority.php.
◆ isRegistered()
| MediaWiki\Permissions\UserAuthority::isRegistered | ( | ) |
Get whether the user is registered.
- Returns
- bool
- Since
- 1.39
Implements MediaWiki\Permissions\Authority.
Definition at line 477 of file UserAuthority.php.
◆ isTemp()
| MediaWiki\Permissions\UserAuthority::isTemp | ( | ) |
Is the user an autocreated temporary user?
- Since
- 1.39
- Returns
- bool
Implements MediaWiki\Permissions\Authority.
Definition at line 481 of file UserAuthority.php.
◆ limit()
| MediaWiki\Permissions\UserAuthority::limit | ( | string | $action, |
| int | $incrBy, | ||
| ?PermissionStatus | $status ) |
Check whether a rate limit has been exceeded for the given action.
- See also
- RateLimiter::limit
- Access: internal
- For use by User::pingLimiter only.
- Parameters
-
string $action int $incrBy PermissionStatus | null $status
- Returns
- bool
Definition at line 409 of file UserAuthority.php.
◆ probablyCan()
| MediaWiki\Permissions\UserAuthority::probablyCan | ( | string | $action, |
| PageIdentity | $target, | ||
| PermissionStatus | $status = null ) |
Checks whether this authority can probably perform the given action on the given target page.This method offers a fast, lightweight check, but may produce false positives. It is intended for determining which UI elements should be offered to the user. This method will not apply rate limit checks or evaluate user blocks.
- See also
- definitelyCan
- isAllowed
- Parameters
-
string $action PageIdentity $target PermissionStatus | null $status aggregator for failures
- Returns
- bool
Implements MediaWiki\Permissions\Authority.
Definition at line 166 of file UserAuthority.php.
◆ setUseLimitCache()
| MediaWiki\Permissions\UserAuthority::setUseLimitCache | ( | bool | $useLimitCache | ) |
The documentation for this class was generated from the following file:
- includes/Permissions/UserAuthority.php
