This is the documentation for concrete5 version 5.6 and earlier. View Current Documentation

Pages, Areas and Blocks share a unified permissions framework. There is a simple API with which developers can check to see if the logged-in user has the ability to perform a variety of content-related actions.

Getting the Permissions Object

Getting the permissions object for a page, area, block or file is as simple as passing it to the Permissions() constructor.

	$p = new Permissions($page);

Areas can be interacted with in the same way

	$a = Area::get($page, 'Main'); 	$p = new Permissions($a);

As can blocks:

	$block = Block::getByID($blockID, $page, 'Main'); 	$p = new Permissions($block);

Permissions Methods

The following methods are available in the Permissions Object

Available to All Permissions Objects

$p->canRead()

Returns true if the logged-in user can read the piece of content.

$p->canWrite()

Returns true if the logged-in user can edit the piece of content.

Available when $page was passed to Permissions()

$p->canAddSubContent()

Returns true if the logged-in user can add pages beneath the current page.

$p->canAddSubCollection($collectionType)

Returns true if the logged-in user can add a page of the type $collectionType beneath the current page.

$p->canReadVersions()

Returns true if the logged-in user can read versions.

$p->canDeleteCollection()

Returns true if the logged-in user can delete the page.

$p->canApproveCollection()

Returns true if the logged-in user can approve the page.

Available when a block or area is passed to the Permissions() constructor

$p->canDeleteBlock()

Returns true if the user can delete the block (or any block from within the area.)

Available when an Area object is passed to Permissions()

$p->canAddBlocks()

Returns true if the user has the ability to add a block.

$p->canAddBlock($blockType)

Returns true if the user is able to add a block of the $blockType to the area.

File Permissions

File permissions are slightly more advanced than other content types.

Getting File Permissions

The following will grab the global file permissions object.

$fp = FilePermissions::getGlobal()

Additionally, if advanced permissions have been enabled for your site, you may grab file-set-based permissions this way

	$fs = FileSet::getByName('My File Set'); 	$p = new Permissions($fs);

Methods Available

$p->canAddFiles()

Returns true if the user can add files (to the selected set, or the file manager as a whole.)

$p->canAddFileType($extension)

Returns true if the user can add a file with the given extension (to the selected set, or the file manager as a whole.)

$p->canAddFile($file)

Grabs the extension, then returns the value of canAddFileType($extension)

$p->canAccessFileManager()

Returns true if the user has access to the file manager interface (the file search parameter.)

$p-> canSearchFiles()

Returns true if the user can search files.

$p-> getAllowedFileExtensions()

Gets all file extensions the user is allowed to add.

Loading Conversation