Hi,
Sorry if this is dumb question. I am new to php and CakePHP. I am implementing the Authentication and Authorization plugins into my system and doing so in accordance with the CookBook documentation.
The CookBook provides an example of implementing a Policy Pre-Condition:
namespace App\Policy;
use Authorization\Policy\BeforePolicyInterface;
class ArticlesPolicy implements BeforePolicyInterface
{
public function before($user, $resource, $action)
{
if ($user->getOriginalData()->is_admin) {
return true;
}
// fall through
}
}
The CookBook also explains how to use your User class as the Identity:
namespace App\Model\Entity;
use Authorization\AuthorizationServiceInterface;
use Authorization\IdentityInterface;
use Authorization\Policy\ResultInterface;
use Cake\ORM\Entity;
class User extends Entity implements IdentityInterface
{
/**
* Authorization\IdentityInterface method
*/
public function can($action, $resource): bool
{
return $this->authorization->can($this, $action, $resource);
}
/**
* Authorization\IdentityInterface method
*/
public function canResult($action, $resource): ResultInterface
{
return $this->authorization->canResult($this, $action, $resource);
}
/**
* Authorization\IdentityInterface method
*/
public function applyScope($action, $resource)
{
return $this->authorization->applyScope($this, $action, $resource);
}
/**
* Authorization\IdentityInterface method
*/
public function getOriginalData()
{
return $this;
}
/**
* Setter to be used by the middleware.
*/
public function setAuthorization(AuthorizationServiceInterface $service)
{
$this->authorization = $service;
return $this;
}
// Other methods
}
I have implemented this and now $user->getOriginalData()
works for me. However, I do not know how to implement the ->is_admin
component. Sorry - the term component is probably wrong, but I don’t know what the correct term should be.
My Users model has a column with the name role
and has values like Admin, User, etc.
.
I can call $user->getOriginalData()->role
and successfully obtain values from that column.
So, do I need to add more methods to my Model\Entity\User.php
or is the ->is_admin
component meant to be provided inherently from the Authentication plugin?
Thanks in advance for your help.