Backend\FormWidgets\PermissionEditor

Overview

PermissionEditor is used by the system internally on the System / Administrators pages.

Available Modes:

  • radio: Default mode, used by user-level permissions. Provides three-state control over each available permission. States are -1: Explicitly deny the permission 0: Inherit the permission's value from a parent source (User inherits from Role) 1: Explicitly grant the permission

  • checkbox: Used to define permissions for roles. Intended to define a base of what permissions are available Provides two state control over each available permission. States are 1: Explicitly allow the permission null: If the checkbox is not ticked, the permission will not be sent to the server and will not be stored. This is interpreted as the permission not being present and thus not allowed

  • switch: Used to define overriding permissions in a simpler UX than the radio. Provides two state control over each available permission. States are 1: Explicitly allow the permission -1: Explicitly deny the permission

Although users are still not allowed to modify permissions that they themselves do not have access to, available permissions can be defined in the form of an array of permission codes to allow:

availablePermissions: ['some.author.permission', 'some.other.permission', 'etc.some.system.permission']
Extends

Public Properties

public string $mode

Mode to display the permission editor with. Available options: radio, checkbox, switch

public array $availablePermissions

Permission codes to allow to be interacted with through this widget

Show inherited public properties

Inherited Public Properties

Protected Properties

protected Backend\Models\User $user

Show inherited protected properties

Inherited Protected Properties


Public Methods

public getSaveValue()

public getSaveValue($value): void

getSaveValue processes the postback value for this widget. If the value is omitted from postback data, the form widget will be skipped.

public init()

public init(): void

init the widget, called by the constructor and free from its parameters.

public prepareVars()

public prepareVars(): void

prepareVars for display

public render()

public render(): void

render the widget's primary contents.

Show inherited public methods

Inherited Public Methods

Protected Methods

protected getFilteredPermissions()

protected getFilteredPermissions(): array 

getFilteredPermissions returns the available permissions, removing those that the logged-in user does not have access to. In the format of:

['permission-tab' => $arrayOfAllowedPermissionObjects]

protected getSaveValueSecure()

protected getSaveValueSecure(string $value): array 

getSaveValueSecure returns a safely parsed set of permissions, ensuring the user cannot elevate their own permissions or permissions of another user above their own.

protected getViewPermissions()

protected getViewPermissions(): void

protected loadAssets()

protected loadAssets(): void

loadAssets adds widget specific asset files. Use $this->addJs() and $this->addCss() to register new assets to include on the page.

protected makeNestedPermissions()

protected makeNestedPermissions($permissions): void

protected makeTabbedPermissions()

protected makeTabbedPermissions($permissions): void

Show inherited protected methods

Inherited Protected Methods