Skip to content

Latest commit

 

History

History
89 lines (65 loc) · 2.69 KB

Quick-start-and-introduction.md

File metadata and controls

89 lines (65 loc) · 2.69 KB
Raw

Quick Start

Installation

Install the plugin with composer from your CakePHP Project's ROOT directory (where the composer.json file is located)

composer require cakephp/authorization

Getting Started

The Authorization plugin integrates into your application as a middleware layer and optionally a component to make checking authorization easier. First, lets apply the middleware. In src/Application.php add the following to the class imports:

use Phauthentic\Authorization\AuthorizationService;
use Phauthentic\Authorization\AuthorizationServiceProviderInterface;
use Phauthentic\Authorization\Middleware\AuthorizationMiddleware;
use Phauthentic\Authorization\Policy\OrmResolver;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;

Add the AuthorizationProviderInterface to the implemented interfaces on your application:

class Application extends BaseApplication implements AuthorizationServiceProviderInterface

Then add the following to your middleware() method:

// Add authorization (after authentication if you are using that plugin too).
$middleware->add(new AuthorizationMiddleware($this));

The AuthorizationMiddleware will call a hook method on your application when it starts handling the request. This hook method allows your application to define the AuthorizationService it wants to use. Add the following method your src/Application.php

public function getAuthorizationService(ServerRequestInterface $request, ResponseInterface $response)
{
    $resolver = new OrmResolver();

    return new AuthorizationService($resolver);
}

This configures a very basic resolver that will match ORM entities with their policy classes.

Next lets add the AuthorizationComponent to AppController. In src/Controller/AppController.php add the following to the initialize() method:

$this->loadComponent('Authorization.Authorization');

By loading the authorization component we'll be able to check authorization on a per action basic more easily. For example, we can do:

public function edit($id = null)
{
    $article = $this->Article->get($id);
    $this->Authorization->authorize('update', $article);

    // Rest of action
}

By calling authorize we can use our policies to enforce our application's access control rules. You can check permissions anywhere by using the identity stored in the request.

Further Reading