Error 'Policy for Cake\ORM\ResultSet has not been defined' - authorization related

I’m new to CakePHP, just followed the CMS tutorial and trying to figure out how authorization component works.
Auth on single Entity works fine, but when I create a table policy class for my Entity I don’t know how to implement the actions, this is the actual code:

class utentivaleTablePolicy
{

public function canIndex(IdentityInterface $user, utentivale $utentivale)
{
    return true;
}
public function scopeIndex(IdentityInterface $user, utentivale $utentivale )
{
    return $user->role_id== $user::TYPE_ADMIN;

}

}

In the controller class, index method:
public function index()
{

    $utentivale = $this->paginate($this->Utentivale);

    $this->Authorization->authorize($utentivale);
   
    $this->set(compact('utentivale'));
}

When I go to localhost:8765/utentivale/ I receive the error
Error ‘Policy for Cake\ORM\ResultSet has not been defined’.

I must be missing something…
Thanks for your help

UP.

Same issue here. I would like to set authorization policy to the users controller, but i cannot figure out because i get stuck at " Policy for Cake\ORM\ResultSet has not been defined" error…

The example is the cms in the toturial. How can i set authorization to the view and index method?

A little help would be much appreciated, thanks in advance.

Nicola.

I resolved implemeting the scopeIndex functions in UsersTablePolicy in a different way:

public function scopeIndex(IdentityInterface $user, Query $query )
{

 return $query->select(['field1','field2','fieldn']);

}

Check also in UserPolicy that canView is enabled:
public function canView(IdentityInterface $user, User $resource)

{
        return true;
}

PS: these are examples, so you have to provide your own business logic

For those you are searching. Based on policy docs.

Create/bake policy with (–type table) :

// note plural
bin/cake bake policy -v --type table Articles

Then add this in the newly created/baked /src/Policy/ActiclesTablePolicy.php

public function canIndex($user,  $query)
{
   //return true or false;
}
// In controller
$this->Authorization->authorize($query);
1 Like

Here, you can do different things:

  1. To send the Table class and accept “UtentivaleTable” object as the second parameter in the policy’s canIndex function:
    // In controller’s index() action
    $this->Authorization->authorize($this->Utentivale);

// In policy class:
public function canIndex(IdentityInterface $user, UtentivaleTable $utentivale)
{
return true;
}

  1. To send the query and accept Cake\ORM\Query object as the second parameter in the policy’s canIndex function:
    // In controller’s index() action
    $query = $this->Utentivale->find();
    $this->Authorization->authorize($query);
    $utentivale = $this->paginate($query);

// In policy class:
public function canIndex(IdentityInterface $user, Cake\ORM\Query $query)
{
return true;
}

There could be more solutions available. But, haven’t tried anything else.
Hope this works.

Thank you!