Comments (4)
The ORM resolver doesn't currently support a fallback/default policy. Would you be using a fallback to define default permissions or just trying to avoid having to define policy methods?
from authorization.
I am trying to make authorization that logged in user can access Index, View, Add actions and check owner on Edit, Delete actions for all controller.
class GeneralPolicy
{
public function canView()
{
return true;
}
public function canCreate()
{
return true;
}
public function canEdit(IdentityInterface $user, $model)
{
// logged in users can edit their own models.
return $this->isAuthor($user, $model);
}
public function canDelete(IdentityInterface $user, $model)
{
// logged in users can delete their own models.
return $this->isAuthor($user, $model);
}
protected function isAuthor(IdentityInterface $user, $model)
{
return $model->user_id === $user->id;
}
}
May be (User class as identity) is solution but I don't understand clearly.
from authorization.
The user class as identity would be helpful, but more is needed. Right now you would need to use the chain resolver and build a resolver class that always returns your GeneralPolicy class. Then you could put the OrmResolver first in the chain, and your generic resolver second. Doing this would let you to add specific policies for models as you need them.
from authorization.
Closing this as the solution is a custom resolver.
from authorization.
Related Issues (20)
- Redirect is not working for me HOT 2
- Policy for Modelless controller HOT 15
- Can't use i18n and get plugin in different locale HOT 5
- Allow for AuthorizationComponent::can to not set $authorizationChecked HOT 3
- "Call to a member function getOriginalData() on null" Cake4 - RequestAuthorizationMiddleware HOT 12
- FR: visualization of policies HOT 5
- ORM Policy resolver broken HOT 2
- Error to test login with phpunit: setAuthorization() HOT 2
- MissingPolicyException using Paginator HOT 6
- Problem with policies HOT 2
- Check entity authorization inside entity HOT 2
- How can an user redirect with Request Authorization Middleware? HOT 1
- Allow passing extra options to applyScope() HOT 1
- RFC: Make `access` the action verb for authorization HOT 7
- Deprecated logs after update to CakePHP 4.3 and PHP 8.1.0 HOT 2
- Allow multiple optional parameters to be passed down to applyScope()
- PHP8.2: Using ${var} in strings is deprecated, use {$var} instead HOT 2
- Suggestion: narrowing the type of $resource HOT 5
- Feature request: Allow Table policies to use BeforePolicyInterface HOT 7
- Feature request: Make Authorization service available via DI in the Middleware HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from authorization.