XMF Cookbook
  • Introduction
  • XMF Cookbook
  • Basic Ingredients
    • Namespaces
    • Autoloading
    • Debugging
    • Forward Compatibility
  • Recipes
    • Introducing Module Helpers
    • Using the Permission Helper
      • Checking Permissions
      • Managing Item Permissions
    • Using the Session Helper
    • Using JSON Web Tokens
    • Altering Database Tables
    • Migrating a Module's Database
    • Loading Initial Data
    • Module Admin Pages
      • Hide and Seek with Icons
      • Standard Admin Pages
    • Manage Metadata
    • Highlighting Content
  • Reference
    • Assert
      • Assertions
    • Database
      • Migrate
      • TableLoad
      • Tables
        • Getting Started
        • Table Operations
        • Working with Columns
        • Working with Indexes
        • Changing Table Data
        • Interacting with the Work Queue
        • Error Info and Debugging
    • Debug
    • FilterInput
    • Highlighter
    • IPAddress
    • Jwt
      • JsonWebToken
      • KeyFactory
      • TokenFactory
      • TokenReader
    • Key
      • ArrayStorage
      • Basic
      • FileStorage
      • KeyAbstract
      • StorageInterface
    • Language
    • Metagen
      • Extracting Data
      • Applying Data
    • Module
      • Admin
      • Helper
      • Helper
        • AbstractHelper
        • Cache
        • GenericHelper
        • Permission
        • Session
    • ProxyCheck
    • Random
    • Request
    • StopWords
    • Uuid
    • Yaml
  • Credits
  • License:
  • Table of Content
Powered by GitBook
On this page
  • Does the User Have Permission for an Item?
  • Leave if the User Does Not Have Permission
  1. Recipes
  2. Using the Permission Helper

Checking Permissions

Checking a user's permissions is easy with a permission helper.

The first step is to get a Permission Helper instance.

$permHelper = new \Xmf\Module\Helper\Permission();

Does the User Have Permission for an Item?

Let's imagine we have a protected forum, where each topic is protected by group permissions. The user needs a 'viewtopic' permission for a topic to view it. The id of the forum is stored in $id.

$permission = $permHelper->checkPermission('viewtopic', $id);

The $permission variable now holds true if the user has permission, false if not.

Leave if the User Does Not Have Permission

This is based on the same scenario as above, but we want to send the user back to the index page, if they don't have permission.

$permHelper->checkPermissionRedirect('viewtopic', $id,
             'index.php', 3, 'You are not allowed to view that topic');

The user's browser session will be redirected to the module's index.php if the required permission is not assigned.

PreviousUsing the Permission HelperNextManaging Item Permissions

Last updated 6 years ago