Class ControllerAuthorize

An authorization adapter for AuthComponent. Provides the ability to authorize using a controller callback. Your controller's isAuthorized() method should return a boolean to indicate whether or not the user is authorized.

public function isAuthorized($user)
 {
     if ($this->request->param('admin')) {
         return $user['role'] === 'admin';
     }
     return !empty($user);
 }

The above is simple implementation that would only authorize users of the 'admin' role to access admin routing.

Cake\Auth\BaseAuthorize uses Cake\Core\InstanceConfigTrait
Extended by Cake\Auth\ControllerAuthorize
Namespace: Cake\Auth
See: \Cake\Controller\Component\AuthComponent::$authenticate
Location: Auth/ControllerAuthorize.php

Properties summary

Inherited Properties

Method Summary

  • __construct() public
    Constructor
  • authorize() public
    Checks user authorization using a controller callback.
  • controller() public

    Get/set the controller this authorize object will be working with. Also checks that isAuthorized is implemented.

Method Detail

__construct()source public

__construct( Cake\Controller\ComponentRegistry $registry , array $config [] )

Constructor

Parameters

Cake\Controller\ComponentRegistry $registry
The controller for this request.
array $config optional []
An array of config. This class does not use any config.

Overrides

Cake\Auth\BaseAuthorize::__construct()

authorize()source public

authorize( array|ArrayAccess $user , Cake\Network\Request $request )

Checks user authorization using a controller callback.

Parameters

array|ArrayAccess $user
Active user data
Cake\Network\Request $request
Request instance.

Returns

boolean

controller()source public

controller( Cake\Controller\Controller $controller null )

Get/set the controller this authorize object will be working with. Also checks that isAuthorized is implemented.

Parameters

Cake\Controller\Controller $controller optional null
null to get, a controller to set.

Returns

Cake\Controller\Controller

Throws

Cake\Core\Exception\Exception
If controller does not have method isAuthorized().

Methods used from Cake\Core\InstanceConfigTrait

_configDelete()source protected

_configDelete( string $key )

Delete a single config key

Parameters

string $key
Key to delete.

Throws

Cake\Core\Exception\Exception
if attempting to clobber existing config

_configRead()source protected

_configRead( string|null $key )

Read a config variable

Parameters

string|null $key
Key to read.

Returns

mixed

_configWrite()source protected

_configWrite( string|array $key , mixed $value , boolean|string $merge false )

Write a config variable

Parameters

string|array $key
Key to write to.
mixed $value
Value to write.
boolean|string $merge optional false

True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.

Throws

Cake\Core\Exception\Exception
if attempting to clobber existing config

config()source public

config( string|array|null $key null , mixed|null $value null , boolean $merge true )

Usage

Reading the whole config:

$this->config();

Reading a specific value:

$this->config('key');

Reading a nested value:

$this->config('some.nested.key');

Setting a specific value:

$this->config('key', $value);

Setting a nested value:

$this->config('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->config(['one' => 'value', 'another' => 'value']);

Parameters

string|array|null $key optional null
The key to get/set, or a complete array of configs.
mixed|null $value optional null
The value to set.
boolean $merge optional true
Whether to recursively merge or overwrite existing config, defaults to true.

Returns

mixed
Config value being read, or the object itself on write operations.

Throws

Cake\Core\Exception\Exception
When trying to set a key that is invalid.

configShallow()source public

configShallow( string|array $key , mixed|null $value null )

Merge provided config with existing config. Unlike config() which does a recursive merge for nested keys, this method does a simple merge.

Setting a specific value:

$this->config('key', $value);

Setting a nested value:

$this->config('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->config(['one' => 'value', 'another' => 'value']);

Parameters

string|array $key
The key to set, or a complete array of configs.
mixed|null $value optional null
The value to set.

Returns


$this The object itself.

Properties detail

$_Controllersource

protected Cake\Controller\Controller

Controller for the request.

null

© 2005–2017 The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
https://api.cakephp.org/3.3/class-Cake.Auth.ControllerAuthorize.html