Quick Start
Alpha 6
This is the documentation for the AAM 7.0.0-alpha.6 release. We are actively working on the documentation that may change before stable release announcement.
The AAM PHP Framework is primarily a collection of services that help manage access controls and preferences. You can access any of these services via the unified AAM API endpoint AAM::api()
. This is the recommended method as it ensures services are configured properly upon retrieval.
The code snippet below demonstrates how to get an instance of the URL service, which is typically used to control access to any WordPress website URL. The service you retrieve is pre-configured to manage access based on the current user or visitor's access controls.
// Retrieve the URL service using the AAM API endpoint
$service = AAM::api()->urls();
From here, you can easily configure access controls to any URL and check if current user is allowed to access it.
// Let's deny access to some URL on WP site
// You can also use relative path "/category/science"
// The second argument is optional and configures only how to handle redirect when
// access is denied. Otherwise it'll default to the Access Denied Redirect rule.
$service->restrict('https://mywpsite.xyz/category/science', [
'type' => 'custom_message',
'message' => 'Sorry, you are not allowed to view this page'
]);
// Check if the user is allowed to access currently viewed URL on the site
if ($service->is_restricted($_SERVER['REQUEST_URI'])) {
// The URL is restricted. Do something
}
Each service provides several public methods that allow you to either manage access controls or check if a specific access level (e.g., the current user) has the necessary permissions for a given resource. For example, the following PHP code restricts and denies access to a specific post for a designated user group and checks if the current user has access to it.
/**
* Assign permissions to a specific post for a particular user role
*
* @param int $post_id
* @param string $user_role
*
* @return boolean
*/
function SetPostPermissions($post_id, $user_role) {
// Obtain the Content service and configure it for the specified Role
$service = AAM::api()->content(
AAM::api()->role($user_role)
);
// Retrieve the post by its ID and apply permissions
return $service->post($post_id)->add_permissions([
'list' => 'deny',
'read' => 'deny'
]);
}
// Restrict access to post with ID 34 for users with the "Author" role
SetPostPermissions(34, 'author');
// If the current user has the "Author" role, the following conditions will
// evaluate as true
if (AAM::api()->content()->post(34)->is_restricted()) {
// Execute some action here
}
if (AAM::api()->content()->post(34)->is_hidden()) {
// Execute some action here
}
This approach streamlines the management of access permissions for WordPress resources, ensuring a flexible and secure system for content control.