Authentication index


I am using cakephp4.x

How do I apply authentication for index? I have read the CakePHP Authorization 2.x Cookbook and found out that I should use Scope Conditions. But then I am lost. Is there somewhere a minimal example of how to do that or can you tell me? How does the controller function index look like and how the policy (or is it put somewhere else than in policies?).

@Roridula Thanks for bringing this up. I would appreciate some guidance as well.

I want to simply deny access to the user index to everyone but admins.

I’ve create a policy for the index method:

public function canIndex(IdentityInterface $user, User $resource)
    return $this->isAdmin($user, $resource);

My users controller:

public function index()
    $users = $this->Users->find();

But I still get:

Policy for App\Model\Table\UsersTable has not been defined.

If, instead of applyScope, I try:


I see:

Policy forCake\ORM\ResultSethas not been defined.

The other policies in the UserPolicy.php are working for the other methods (edit,delete,view,and a custom method), just not for the index.

If anyone could provide some insight into why this happening, I’d very much appreciate it.

Thank you!