LdapTools\Security\Acl\Dacl::orderAcesCanonically PHP Method

Dacl Class Documentation Show file Open project: ldaptools/ldaptools

orderAcesCanonically() protected method

Returns all ACEs in canonical order as expected by AD.

protected orderAcesCanonically ( ) : Ace[]
return	LdapTools\Security\Ace\Ace[]

    protected function orderAcesCanonically()
    {
        $explicitDeny = [];
        $explicitAllow = [];
        $objectDeny = [];
        $objectAllow = [];
        $inherited = [];
        foreach ($this->aces as $ace) {
            $isDenied = $ace->isDenyAce();
            $isObject = $ace->isObjectAce();
            if ($ace->getFlags()->isInherited()) {
                $inherited[] = $ace;
            } elseif ($isDenied && $isObject) {
                $objectDeny[] = $ace;
            } elseif ($isDenied) {
                $explicitDeny[] = $ace;
            } elseif ($isObject) {
                $objectAllow[] = $ace;
            } else {
                $explicitAllow[] = $ace;
            }
        }
        return array_merge($objectDeny, $explicitDeny, $objectAllow, $explicitAllow, $inherited);
    }

Dacl

canonicalize

getAllowedAceType

getSddlIdentifier

isCanonical

orderAcesCanonically

toBinary

toSddl