Class ControllerAuthorize

An authorization adapter for AuthComponent. Provides the ability to authorize using a controller callback. Your controller's isAuthorized() method should return a boolean to indicate whether or not the user is authorized.

public function isAuthorized($user)
 {
     if ($this->request->getParam('admin')) {
         return $user['role'] === 'admin';
     }
     return !empty($user);
 }

The above is simple implementation that would only authorize users of the 'admin' role to access admin routing.

Namespace: Cake\Auth

Properties summary

  • $_Controller protected
    \Cake\Controller\Controller

    Controller for the request.

  • $_config protected
    array

    Runtime config

  • $_configInitialized protected
    bool

    Whether the config property has already been configured with defaults

  • $_defaultConfig protected
    array

    Default config for authorize objects.

  • $_registry protected
    \Cake\Controller\ComponentRegistry

    ComponentRegistry instance for getting more components.

Method Summary

  • __construct() public

    Constructor

  • _configDelete() protected

    Deletes a single config key.

  • _configRead() protected

    Reads a config key.

  • _configWrite() protected

    Writes a config key.

  • authorize() public

    Checks user authorization using a controller callback.

  • config() public

    Gets/Sets the config.

  • configShallow() public

    Merge provided config with existing config. Unlike config() which does a recursive merge for nested keys, this method does a simple merge.

  • controller() public

    Get/set the controller this authorize object will be working with. Also checks that isAuthorized is implemented.

  • getConfig() public

    Returns the config.

  • getConfigOrFail() public

    Returns the config for this specific key.

  • setConfig() public

    Sets the config.

Method Detail

__construct() public 

__construct(\Cake\Controller\ComponentRegistry $registry, array $config)

Constructor

Parameters

\Cake\Controller\ComponentRegistry $registry

The controller for this request.

array $config optional

An array of config. This class does not use any config.

_configDelete() protected 

_configDelete(mixed $key)

Deletes a single config key.

Parameters

string $key

Key to delete.

Throws

Cake\Core\Exception\Exception
if attempting to clobber existing config

_configRead() protected 

_configRead(mixed $key)

Reads a config key.

Parameters

string|null $key

Key to read.

Returns

mixed

_configWrite() protected 

_configWrite(mixed $key, mixed $value, mixed $merge)

Writes a config key.

Parameters

string|array $key

Key to write to.

mixed $value

Value to write.

bool|string $merge optional

True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.

Throws

Cake\Core\Exception\Exception
if attempting to clobber existing config

authorize() public 

authorize(mixed $user, \Cake\Http\ServerRequest $request)

Checks user authorization using a controller callback.

Parameters

array|\ArrayAccess $user

Active user data

\Cake\Http\ServerRequest $request

Request instance.

Returns

bool

config() public 

config(mixed $key, mixed $value, mixed $merge)

Gets/Sets the config.

Usage

Reading the whole config:

$this->config();

Reading a specific value:

$this->config('key');

Reading a nested value:

$this->config('some.nested.key');

Setting a specific value:

$this->config('key', $value);

Setting a nested value:

$this->config('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->config(['one' => 'value', 'another' => 'value']);

Parameters

string|array|null $key optional

The key to get/set, or a complete array of configs.

mixed|null $value optional

The value to set.

bool $merge optional

Whether to recursively merge or overwrite existing config, defaults to true.

Returns

mixed

Config value being read, or the object itself on write operations.

Throws

Cake\Core\Exception\Exception
When trying to set a key that is invalid.

configShallow() public 

configShallow(mixed $key, mixed $value)

Merge provided config with existing config. Unlike config() which does a recursive merge for nested keys, this method does a simple merge.

Setting a specific value:

$this->configShallow('key', $value);

Setting a nested value:

$this->configShallow('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->configShallow(['one' => 'value', 'another' => 'value']);

Parameters

string|array $key

The key to set, or a complete array of configs.

mixed|null $value optional

The value to set.

Returns

$this

controller() public 

controller(\Cake\Controller\Controller $controller)

Get/set the controller this authorize object will be working with. Also checks that isAuthorized is implemented.

Parameters

\Cake\Controller\Controller|null $controller optional

null to get, a controller to set.

Returns

\Cake\Controller\Controller

Throws

Cake\Core\Exception\Exception
If controller does not have method `isAuthorized()`.

getConfig() public 

getConfig(mixed $key, mixed $default)

Returns the config.

Usage

Reading the whole config:

$this->getConfig();

Reading a specific value:

$this->getConfig('key');

Reading a nested value:

$this->getConfig('some.nested.key');

Reading with default value:

$this->getConfig('some-key', 'default-value');

Parameters

string|null $key optional

The key to get or null for the whole config.

mixed|null $default optional

The return value when the key does not exist.

Returns

mixed|null

Configuration data at the named key or null if the key does not exist.

getConfigOrFail() public 

getConfigOrFail(mixed $key)

Returns the config for this specific key.

The config value for this key must exist, it can never be null.

Parameters

string|null $key

The key to get.

Returns

mixed

Configuration data at the named key

Throws

InvalidArgumentException

setConfig() public 

setConfig(mixed $key, mixed $value, mixed $merge)

Sets the config.

Usage

Setting a specific value:

$this->setConfig('key', $value);

Setting a nested value:

$this->setConfig('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->setConfig(['one' => 'value', 'another' => 'value']);

Parameters

string|array $key

The key to set, or a complete array of configs.

mixed|null $value optional

The value to set.

bool $merge optional

Whether to recursively merge or overwrite existing config, defaults to true.

Returns

$this

Throws

Cake\Core\Exception\Exception
When trying to set a key that is invalid.

Property Detail

$_Controller protected

Controller for the request.

Type

\Cake\Controller\Controller

$_config protected

Runtime config

Type

array

$_configInitialized protected

Whether the config property has already been configured with defaults

Type

bool

$_defaultConfig protected

Default config for authorize objects.

Type

array

$_registry protected

ComponentRegistry instance for getting more components.

Type

\Cake\Controller\ComponentRegistry

© 2005–present The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
https://api.cakephp.org/3.9/class-Cake.Auth.ControllerAuthorize.html