We've already covered how authentication and authorization works. Now we'll describe the interface you need to implement in your application space to create a class representing the user. Better said, classes representing users - as intended.

Static methods for general work with users

Method Meaning of
public static get(
string|int $id
): static|null
Based on the ID, it returns the user instance (if such a user exists).
public static getList(
string|null $role_id = null
): iterable
Returns a list of users. It is possible to get a list of users belonging to a specific role.
public static getByIdentity(
string $username,
string $password
): static|null
Returns an instance of the user based on their username and password. Both must be valid, of course - otherwise null is returned.
public static usernameExists(
string $username
): bool
Verifies that the username is not already in use.
public static getGetByUsername(
string $username
): Auth_User_Interface|null
Returns an instance of the user based on the username.

Methods for working with a specific user

Method Meaning of
public getId(
): string|int
Returns the user ID.
public getUsername(
): string
Returns the username.
public setUsername(
string $username
): void
Sets the username.
public setPassword(
string $password,
bool $encrypt_password=true
): void
Sets the password.

If the encrypt_password = true parameter (default value), then the password in text form is assumed on the input and is transformed to a hash before setting.

Otherwise, an already secured password is assumed.
public encryptPassword(
string $plain_password
): string
Converts a password in text form to a hash.
public verifyPassword(
string $plain_password
): bool
Verifies the validity of the password.
public getName(
): string
Returns the user name that is used, for example, in event logs.
Thus, for example, for the purpose: Edit article "Jara Cimrman".
public setRoles(
array $role_ids
): void
Sets the role of the user. An array containing the role ID is expected on input.
public getRoles(
): Auth_Visitor_Role[]
Returns a list of roles (in the form of role instances) to which the user belongs.
public hasRole(
string $role_id
): bool
Verifies that the user has the given role.
public hasPrivilege(
string $privilege,
mixed $value=null
): bool
Checks whether the user has the given permission.

If the $value parameter is null, then it checks whether the user has the permission regardless of the value (i.e. whether the user has the permission at all, whatever it is).
public getPrivilegeValues(
string $privilege
): array
Returns a list of all possible allowed permissions values from all roles to which the user belongs.
Previous chapter
Next chapter