protected static function addOrRemoveSpecificPermission($moduleClassName, $permitable, $permission, $value) { assert('is_string($moduleClassName)'); assert('$permitable instanceof Permitable'); assert('$permitable->id > 0'); assert('is_int($permission)'); assert('is_int($value) || $value == null'); $item = NamedSecurableItem::getByName($moduleClassName); $item->allowChangePermissionsRegardlessOfUser = true; if (!empty($value) && $value == Permission::ALLOW) { //Before adding explicit allow permission, remove any existing deny permission $item->removePermissions($permitable, $permission, Permission::DENY); $item->addPermissions($permitable, $permission, Permission::ALLOW); } elseif (!empty($value) && $value == Permission::DENY) { $item->addPermissions($permitable, $permission, Permission::DENY); } else { $item->removePermissions($permitable, $permission); } $saved = $item->save(); if ($saved) { ReadPermissionsSubscriptionUtil::modulePermissionsHasBeenChanged($permitable); } $item->forget(); return $saved; }