|
| 1 | +Auth API |
| 2 | +======== |
| 3 | + |
| 4 | +This is an explanation of how to use the phpBB auth/acl API. |
| 5 | + |
| 6 | +.. contents:: |
| 7 | + :local: |
| 8 | + :depth: 2 |
| 9 | + |
| 10 | +1. Introduction |
| 11 | +--------------- |
| 12 | + |
| 13 | +What is it? |
| 14 | +^^^^^^^^^^^ |
| 15 | + |
| 16 | +The ``auth`` class contains methods related to authorisation of users to access various board functions, e.g., posting, viewing, replying, logging in (and out), etc. If you need to check whether a user can carry out a task or handle user login/logouts, this class is required. |
| 17 | + |
| 18 | +Initialisation |
| 19 | +^^^^^^^^^^^^^^ |
| 20 | + |
| 21 | +To use any methods contained within the ``auth`` class, it first needs to be instantiated. This is best achieved early in the execution of the script in the following manner: |
| 22 | + |
| 23 | +.. code-block:: php |
| 24 | +
|
| 25 | + $auth = new phpbb\auth\auth(); |
| 26 | +
|
| 27 | +Once an instance of the class has been created you are free to call the various methods it contains. Note: if you wish to use the ``auth_admin`` methods you will need to instantiate this separately in the same way. |
| 28 | + |
| 29 | +2. Methods |
| 30 | +---------- |
| 31 | + |
| 32 | +Following are the methods you are able to use. |
| 33 | + |
| 34 | +2.i. acl |
| 35 | +^^^^^^^^ |
| 36 | + |
| 37 | +The ``acl`` method is the initialisation routine for all the ACL functions. It must be called before any ACL method. It takes one parameter: an associative array containing user information. |
| 38 | + |
| 39 | +.. code-block:: php |
| 40 | +
|
| 41 | + $auth->acl($userdata); |
| 42 | +
|
| 43 | +Where ``$userdata`` includes at least: ``user_id``, ``user_permissions``, and ``user_type``. |
| 44 | + |
| 45 | +2.ii. acl_get |
| 46 | +^^^^^^^^^^^^^ |
| 47 | + |
| 48 | +This method determines if a user can perform an action either globally or in a specific forum. |
| 49 | + |
| 50 | +.. code-block:: php |
| 51 | +
|
| 52 | + $result = $auth->acl_get('option'[, forum]); |
| 53 | +
|
| 54 | +- ``option``: e.g., 'f_list', 'm_edit', 'a_adduser', etc. Use ``!option`` to negate. |
| 55 | +- ``forum`` (optional): integer ``forum_id``. |
| 56 | + |
| 57 | +Returns a positive integer if allowed, zero if denied. |
| 58 | + |
| 59 | +2.iii. acl_gets |
| 60 | +^^^^^^^^^^^^^^^ |
| 61 | + |
| 62 | +This method checks multiple permissions at once. |
| 63 | + |
| 64 | +.. code-block:: php |
| 65 | +
|
| 66 | + $result = $auth->acl_gets('option1'[, 'option2', ..., forum]); |
| 67 | +
|
| 68 | +Returns a positive integer if *any* of the permissions is granted. |
| 69 | + |
| 70 | +2.iv. acl_getf |
| 71 | +^^^^^^^^^^^^^^ |
| 72 | + |
| 73 | +This method checks in which forums a user has a certain permission. |
| 74 | + |
| 75 | +.. code-block:: php |
| 76 | +
|
| 77 | + $result = $auth->acl_getf('option'[, clean]); |
| 78 | +
|
| 79 | +- ``option``: permission string (negation with ``!`` allowed) |
| 80 | +- ``clean``: boolean. If true, only forums where permission is granted are returned. |
| 81 | + |
| 82 | +Returns an associative array: |
| 83 | + |
| 84 | +.. code-block:: php |
| 85 | +
|
| 86 | + array(forum_id1 => array(option => integer), forum_id2 => ...) |
| 87 | +
|
| 88 | +2.v. acl_getf_global |
| 89 | +^^^^^^^^^^^^^^^^^^^^ |
| 90 | + |
| 91 | +Checks if a user has a permission globally or in at least one forum. |
| 92 | + |
| 93 | +.. code-block:: php |
| 94 | +
|
| 95 | + $result = $auth->acl_getf_global('option'); |
| 96 | +
|
| 97 | +Returns a positive integer or zero. |
| 98 | + |
| 99 | +2.vi. acl_cache |
| 100 | +^^^^^^^^^^^^^^^ |
| 101 | + |
| 102 | +**Private method.** Automatically called when needed. Generates user_permissions data. |
| 103 | + |
| 104 | +2.vii. acl_clear_prefetch |
| 105 | +^^^^^^^^^^^^^^^^^^^^^^^^^ |
| 106 | + |
| 107 | +Clears the ``user_permissions`` column in the users table. |
| 108 | + |
| 109 | +.. code-block:: php |
| 110 | +
|
| 111 | + $user_id = 2; |
| 112 | + $auth->acl_clear_prefetch($user_id); |
| 113 | +
|
| 114 | +Use ``$user_id = 0`` to clear cache for all users. Returns null. |
| 115 | + |
| 116 | +2.viii. acl_get_list |
| 117 | +^^^^^^^^^^^^^^^^^^^^ |
| 118 | + |
| 119 | +Returns an array describing which users have which permissions in which forums. |
| 120 | + |
| 121 | +.. code-block:: php |
| 122 | +
|
| 123 | + $user_id = array(2, 53); |
| 124 | + $permissions = array('f_list', 'f_read'); |
| 125 | + $forum_id = array(1, 2, 3); |
| 126 | + $result = $auth->acl_get_list($user_id, $permissions, $forum_id); |
| 127 | +
|
| 128 | +Parameter types: |
| 129 | +- ``$user_id``: ``false``, int, or array of int |
| 130 | +- ``$permissions``: ``false``, string, or array of string |
| 131 | +- ``$forum_id``: ``false``, int, or array of int |
| 132 | + |
| 133 | +2.ix. Miscellaneous |
| 134 | +^^^^^^^^^^^^^^^^^^^ |
| 135 | + |
| 136 | +Additional methods for pulling raw permission data: |
| 137 | + |
| 138 | +.. code-block:: php |
| 139 | +
|
| 140 | + function acl_group_raw_data($group_id = false, $opts = false, $forum_id = false) |
| 141 | + function acl_user_raw_data($user_id = false, $opts = false, $forum_id = false) |
| 142 | + function acl_raw_data_single_user($user_id) |
| 143 | + function acl_raw_data($user_id = false, $opts = false, $forum_id = false) |
| 144 | + function acl_role_data($user_type, $role_type, $ug_id = false, $forum_id = false) |
| 145 | +
|
| 146 | +Use ``acl_raw_data`` for general queries; others are optimized for specific data. |
| 147 | + |
| 148 | +3. Admin Related Functions |
| 149 | +-------------------------- |
| 150 | + |
| 151 | +Additional methods are available within the ``auth_admin`` class for managing permissions, options, and user cache. It is found in: |
| 152 | + |
| 153 | +:: |
| 154 | + |
| 155 | + includes/acp/auth.php |
| 156 | + |
| 157 | +Instantiate separately: |
| 158 | + |
| 159 | +.. code-block:: php |
| 160 | +
|
| 161 | + $auth_admin = new auth_admin(); |
| 162 | +
|
| 163 | +This gives access to both ``auth_admin`` and ``auth`` methods. |
0 commit comments