SecurityClearanceService
in package
Table of Contents
Methods
- classifyObject() : array{success: bool, error: string|null}
- Classify an object with escalation constraint validation
- declassifyObject() : bool
- Declassify an object (remove or downgrade classification)
- getAllClassifications() : array<string|int, mixed>
- Get all security classifications
- getClassification() : object|null
- Get classification by ID
- getEffectiveClassification() : object|null
- Get effective classification (including inherited from parents)
- getObjectClassification() : object|null
- Get classification for an information object
- getParentEffectiveClassification() : object|null
- Get the effective classification of an object's parent (for escalation validation)
- getUserClearance() : object|null
- Get user's current clearance (active only)
- getUserClearanceRecord() : object|null
- Get user's clearance record including expired (for admin view)
- grantClearance() : bool
- Grant clearance to a user
- revokeClearance() : bool
- Revoke clearance from a user
Methods
classifyObject()
Classify an object with escalation constraint validation
public
static classifyObject(int $objectId, int $classificationId, array<string|int, mixed> $data, int $classifiedBy) : array{success: bool, error: string|null}
Parameters
- $objectId : int
- $classificationId : int
- $data : array<string|int, mixed>
- $classifiedBy : int
Return values
array{success: bool, error: string|null}declassifyObject()
Declassify an object (remove or downgrade classification)
public
static declassifyObject(int $objectId, int|null $newClassificationId, int $declassifiedBy[, string|null $reason = null ]) : bool
Parameters
- $objectId : int
- $newClassificationId : int|null
- $declassifiedBy : int
- $reason : string|null = null
Return values
boolgetAllClassifications()
Get all security classifications
public
static getAllClassifications() : array<string|int, mixed>
Return values
array<string|int, mixed>getClassification()
Get classification by ID
public
static getClassification(int $id) : object|null
Parameters
- $id : int
Return values
object|nullgetEffectiveClassification()
Get effective classification (including inherited from parents)
public
static getEffectiveClassification(int $objectId) : object|null
Parameters
- $objectId : int
Return values
object|nullgetObjectClassification()
Get classification for an information object
public
static getObjectClassification(int $objectId) : object|null
Parameters
- $objectId : int
Return values
object|nullgetParentEffectiveClassification()
Get the effective classification of an object's parent (for escalation validation)
public
static getParentEffectiveClassification(int $objectId) : object|null
Parameters
- $objectId : int
Return values
object|nullgetUserClearance()
Get user's current clearance (active only)
public
static getUserClearance(int $userId) : object|null
Parameters
- $userId : int
Return values
object|nullgetUserClearanceRecord()
Get user's clearance record including expired (for admin view)
public
static getUserClearanceRecord(int $userId) : object|null
Parameters
- $userId : int
Return values
object|nullgrantClearance()
Grant clearance to a user
public
static grantClearance(int $userId, int $classificationId, int $grantedBy[, string|null $expiresAt = null ][, string|null $notes = null ]) : bool
Parameters
- $userId : int
- $classificationId : int
- $grantedBy : int
- $expiresAt : string|null = null
- $notes : string|null = null
Return values
boolrevokeClearance()
Revoke clearance from a user
public
static revokeClearance(int $userId, int $revokedBy[, string|null $notes = null ]) : bool
Parameters
- $userId : int
- $revokedBy : int
- $notes : string|null = null