Checking Permissions
Checking Complex Permission Keys
For permissions with granular control, like "Edit Page Properties," the process involves more detailed checks. To determine specific permissions, such as editing a page name, follow these steps:
Retrieve the permission key:
$key = \Concrete\Core\Permission\Key\Key::getByHandle('edit_page_properties');Set the permission object:
$c = \Page::getCurrentPage(); $key->setPermissionObject($this->page);Since "Edit Page Properties" is an advanced permission key, it's an instance of [Concrete\Core\Permission\Key\EditPagePropertiesKey]. Use its
getMyAssignmentmethod to get a [Concrete\Core\Permission\Access\ListItem\EditPagePropertiesListItem] instance:$assignment = $key->getMyAssignment();This method contains all necessary functions to check specific actions under the Edit Page Properties permission. For instance, to check if a user can edit the page's name:
if ($assignment->allowEditName()) { // User can edit the page's name }
This approach is generally used for permission keys with advanced capabilities, retrieving a list item object that defines the current user's permissions.
Checking Permissions for Different Users or Groups
To check permissions for users or groups other than the currently logged-in user, follow these steps:
Check Page for Guest Group Viewing
Get the permission key for View Page:
$key = Key::getByHandle('view_page');Set the permission object:
$key->setPermissionObject($page);Retrieve the access object for the key/object combination:
$access = $key->getPermissionAccessObject(); if (!$access) { return false; }Get the access entity for the Guest Group:
$guestGroup = \Concrete\Core\User\Group\Group::getByID(GUEST_GROUP_ID); $entity = \Concrete\Core\Permission\Access\Entity\GroupEntity::getOrCreate($guestGroup);Validate the access object against the Guest Group entity:
return $access->validateAccessEntities([$entity]);
Check File Download Permission for a Specific User
Retrieve the permission key for View File:
$key = Key::getByHandle('view_file');Set the permission object:
$file = \File::getByID(10); $key->setPermissionObject($file);Retrieve the access object for the key/object combination:
$access = $key->getPermissionAccessObject(); if (!$access) { return false; }Get the User object for the specific user:
$info = \User::getByName('andrew');Retrieve all access entities for that user:
$entities = \Concrete\Core\Permission\Access\Entity\Entity::getForUser($info);Pass the entities to the access object to validate:
return $access->validateAccessEntities($entities);
This approach lets you check whether specific users or groups, like the Guest group or a particular user, have the necessary permissions.
Full List of Permission Keys
| Handle | Name | Category | Custom Class | Can Trigger Workflow |
|---|---|---|---|---|
| access_api | Access API | admin | No | No |
| access_page_defaults | Access Page Type Defaults | admin | No | No |
| access_page_type_permissions | Access Page Type Permissions | admin | No | No |
| access_task_permissions | Access Task Permissions | admin | No | No |
| add_topic_tree | Add Topic Tree | admin | No | No |
| customize_themes | Customize Themes | admin | No | No |
| edit_topic_tree | Edit Topic Tree | admin | No | No |
| empty_trash | Empty Trash | admin | No | No |
| manage_layout_presets | Manage Layout Presets | admin | No | No |
| remove_topic_tree | Remove Topic Tree | admin | No | No |
| upgrade | Upgrade Concrete | admin | No | No |
| view_announcement_content | View Announcement Content | admin | No | No |
| view_in_maintenance_mode | View Site in Maintenance Mode | admin | No | No |
| add_block_to_area | Add Block to Area | area | Yes | No |
| add_layout_to_area | Add Layouts to Area | area | No | No |
| add_stack_to_area | Add Stack to Area | area | No | No |
| delete_area_contents | Delete Area Contents | area | No | No |
| edit_area_contents | Edit Area Contents | area | No | No |
| edit_area_design | Edit Area Design | area | No | No |
| edit_area_permissions | Edit Area Permissions | area | No | No |
| schedule_area_contents_guest_access | Schedule Guest Access | area | No | No |
| view_area | View Area | area | No | No |
| approve_basic_workflow_action | Approve or Deny | basic_workflow | No | No |
| notify_on_basic_workflow_approve | Notify on Approve | basic_workflow | No | No |
| notify_on_basic_workflow_deny | Notify on Deny | basic_workflow | No | No |
| notify_on_basic_workflow_entry | Notify on Entry | basic_workflow | No | No |
| delete_block | Delete Block | block | No | No |
| edit_block | Edit Block | block | No | No |
| edit_block_cache_settings | Edit Cache Settings | block | No | No |
| edit_block_custom_template | Change Block Template | block | No | No |
| edit_block_design | Edit Design | block | No | No |
| edit_block_name | Edit Name | block | No | No |
| edit_block_permissions | Edit Permissions | block | No | No |
| schedule_guest_access | Schedule Guest Access | block | No | No |
| view_block | View Block | block | No | No |
| add_block | Add Block | block_type | Yes | No |
| add_stack | Add Stack | block_type | No | No |
| delete_board | Delete Board | board | No | No |
| edit_board_contents | Edit Contents | board | No | No |
| edit_board_locked_rules | Edit Locked Rules | board | No | No |
| edit_board_permissions | Edit Permissions | board | No | No |
| edit_board_settings | Edit Settings | board | No | No |
| view_board | View Board | board | No | No |
| add_board | Add Board | board_admin | No | No |
| delete_boards | Delete Boards | board_admin | No | No |
| edit_boards_contents | Edit Board Content | board_admin | No | No |
| edit_boards_locked_rules | Edit Locked Rules | board_admin | No | No |
| edit_boards_permissions | Edit Permissions | board_admin | No | No |
| edit_boards_settings | Edit Board Settings | board_admin | No | No |
| view_boards | View Boards | board_admin | No | No |
| access_calendar_rss_feed | Access RSS Feed | calendar | No | No |
| add_calendar_event | Add Calendar Event | calendar | No | No |
| approve_calendar_event | Approve Calendar Event | calendar | No | Yes |
| delete_calendar | Delete Calendar | calendar | No | No |
| edit_calendar | Edit Calendar | calendar | No | No |
| edit_calendar_event_more_details_location | Modify More Details Location | calendar | No | No |
| edit_calendar_events | Edit Calendar Events | calendar | No | No |
| edit_calendar_permissions | Edit Permissions | calendar | No | No |
| view_calendar | View Calendar | calendar | No | No |
| view_calendar_in_edit_interface | View in Edit Interface | calendar | No | No |
| access_calendar_rss_feeds | Access RSS Feeds | calendar_admin | No | No |
| add_calendar | Add Calendar | calendar_admin | No | No |
| add_calendar_events | Add Calendar Events | calendar_admin | No | No |
| approve_calendar_events | Approve Calendar Events | calendar_admin | No | Yes |
| delete_calendars | Delete Calendars | calendar_admin | No | No |
| edit_calendars | Edit Calendars | calendar_admin | No | No |
| edit_calendars_permissions | Edit Permissions | calendar_admin | No | No |
| view_calendars | View Calendars | calendar_admin | No | No |
| view_category_tree_node | View Category Tree Node | category_tree_node | No | No |
| add_conversation_message | Add Message to Conversation | conversation | Yes | No |
| add_conversation_message_attachments | Add Message Attachments | conversation | No | No |
| approve_conversation_message | Approve Message | conversation | No | No |
| delete_conversation_message | Delete Message | conversation | No | No |
| edit_conversation_message | Edit Message | conversation | No | No |
| edit_conversation_permissions | Edit Conversation Permissions | conversation | No | No |
| flag_conversation_message | Flag Message | conversation | No | No |
| rate_conversation_message | Rate Message | conversation | No | No |
| delete_express_entry | Delete Entry | express_entry | No | No |
| edit_express_entry | Edit Entry | express_entry | No | No |
| view_express_entry | View Entries | express_entry | No | No |
| add_express_entries | Add Entry | express_tree_node | No | No |
| delete_express_entries | Delete Entry | express_tree_node | No | No |
| edit_express_entries | Edit Entry | express_tree_node | No | No |
| view_express_entries | View Entries | express_tree_node | No | No |
| copy_file | Copy File | file | No | No |
| delete_file | Delete File | file | No | No |
| edit_file_contents | Edit File Contents | file | No | No |
| edit_file_permissions | Edit File Access | file | No | No |
| edit_file_properties | Edit File Properties | file | No | No |
| view_file | View Files | file | No | No |
| view_file_in_file_manager | View File in File Manager | file | No | No |
| add_file | Add File | file_folder | Yes | No |
| copy_file_folder_files | Copy File | file_folder | No | No |
| delete_file_folder | Delete File Folder | file_folder | No | No |
| delete_file_folder_files | Delete File | file_folder | No | No |
| edit_file_folder | Edit File Folder | file_folder | No | No |
| edit_file_folder_file_contents | Edit File Contents | file_folder | No | No |
| edit_file_folder_file_properties | Edit File Properties | file_folder | No | No |
| edit_file_folder_permissions | Edit File Access | file_folder | No | No |
| search_file_folder | Search File Folder | file_folder | No | No |
| view_file_folder_file | View Files | file_folder | No | No |
| add_group | Add Group | group_folder | No | No |
| add_group_folder | Add Group Folder | group_folder | No | No |
| assign_groups | Assign Groups | group_folder | No | No |
| delete_group_folder | Delete Group Folder | group_folder | No | No |
| edit_group_folder | Edit Group Folder | group_folder | No | No |
| edit_group_folder_permissions | Edit Group Access | group_folder | No | No |
| search_group_folder | Search Group Folder | group_folder | No | No |
| add_sub_group | Add Child Group | group_tree_node | No | No |
| assign_group | Assign Group | group_tree_node | No | No |
| edit_group | Edit Group | group_tree_node | No | No |
| edit_group_permissions | Edit Group Permissions | group_tree_node | No | No |
| search_users_in_group | Search User Group | group_tree_node | No | No |
| delete_log_entries | Delete Log Entries | logs | No | No |
| export_log_entries | Export Log Entries | logs | No | No |
| view_log_entries | View Log Entries | logs | No | No |
| install_packages | Install Packages | marketplace | No | No |
| uninstall_packages | Uninstall Packages | marketplace | No | No |
| notify_in_notification_center | Notify in Notification Center | notification | Yes | No |
| add_subpage | Add Sub-Page | page | Yes | No |
| approve_page_versions | Approve Changes | page | No | Yes |
| delete_page | Delete | page | No | Yes |
| delete_page_versions | Delete Versions | page | No | Yes |
| edit_page_contents | Edit Contents | page | No | No |
| edit_page_multilingual_settings | Edit Multilingual Settings | page | No | No |
| edit_page_page_type | Edit Page Type | page | No | No |
| edit_page_permissions | Edit Permissions | page | No | Yes |
| edit_page_properties | Edit Properties | page | Yes | No |
| edit_page_speed_settings | Edit Speed Settings | page | No | No |
| edit_page_template | Change Page Template | page | No | No |
| edit_page_theme | Change Theme | page | Yes | No |
| move_or_copy_page | Move or Copy Page | page | No | Yes |
| preview_page_as_user | Preview Page As User | page | No | No |
| schedule_page_contents_guest_access | Schedule Guest Access | page | No | No |
| view_page | View | page | No | No |
| view_page_in_sitemap | View Page in Sitemap | page | No | No |
| view_page_versions | View Versions | page | No | No |
| add_page_type | Add Pages of This Type | page_type | No | No |
| delete_page_type | Delete Page Type | page_type | No | No |
| edit_page_type | Edit Page Type | page_type | No | No |
| edit_page_type_drafts | Edit Page Type Drafts | page_type | No | No |
| edit_page_type_permissions | Edit Page Type Permissions | page_type | No | No |
| access_sitemap | Access Sitemap | sitemap | No | No |
| view_topic_tree_node | View Topic Tree Node | topic_tree_node | No | No |
| access_group_search | Access Group Search | user | No | No |
| access_user_search | Access User Search | user | No | No |
| access_user_search_export | Export Site Users | user | No | No |
| activate_user | Activate/Deactivate User | user | No | Yes |
| delete_user | Delete User | user | No | Yes |
| edit_user_properties | Edit User Details | user | Yes | No |
| sudo | Sign in as User | user | No | No |
| view_user_attributes | View User Attributes | user | Yes | No |