How to check if user has permission to edit content using the eZ Platform Public API in PHP?

Question

eZ Platform is a Full Stack Symfony based Content Management System (CMS). It adds a content repository and other features that allow users to create content. This is controlled by a sophisticated permissions system that allows finegrained control.

Normally these permissions are exposed through the user interface so that users can either perform certain functions or not. But how do I achieve this in my custom code, in Controllers or Console Commands?

Answer 1

Developers use standard services to interact with the repository. There are plenty of good examples of this in the CookBookBundle. One thing that is not covered by the examples in the bundle is how to check if a user has permission to do a certain function.

You can do this easily by using the PermissionResolver from the repository, for example:

$content = $contentService->loadContent(52);
$canEdit = $permissionResolver->canUser('content','edit',$content);

if($canEdit){
   echo "Logged in user can edit object " . $content->getName();
} else {
   echo "Logged in user can't edit object " . $content->getName();
}

This naturally applies to any commands and functionalities in the repository. For example, the content module has functionalities such as create, edit and remove.