maymeow/cake-authorization

MayMeow/Authorization plugin for CakePHP

Maintainers

Details

github.com/MayMeow/cake-authorization

Source

Issues

Installs: 0

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 5

Forks: 1

Open Issues: 3

Type:cakephp-plugin

v0.1.1 2022-07-17 09:11 UTC

Requires

Requires (Dev)

MIT 226a7b3888ec826de87aa876a6d78e8478c79b39

This package is auto-updated.

Last update: 2024-04-17 16:29:42 UTC

README

This is very simple authorization plugin for CakePHP, it's using attributes for roles definition.

Requirements

  • CakePHP 4.x
  • PHP 8.x
  • Configured Authentication (check CakePHP documentation)

Installation

You can install this plugin into your CakePHP application using composer.

The recommended way to install composer packages is:

composer require maymeow/cake-authorization

load plugin to the CakePHP Application.php

$this->addPlugin('MayMeow/Authorization');

load it in controller

public function initialize(): void
{
    parent::initialize(); // TODO: Change the autogenerated stub

    $this->loadComponent('MayMeow/Authorization.Authorization');
}

and run it

public function beforeFilter(EventInterface $event)
{
    parent::beforeFilter($event); // TODO: Change the autogenerated stub

    $this->Authorization->authorize($this);
}

Simple Authorization

This is just simple checking if identity attribute exists. This function will be probably removed because simple authorization is provided by Authentication plugin.

It can be used as annotate on functions that they need the user is logged-in.

#[Authorize]
public function index()
{
    $users = $this->paginate($this->Users);

    $this->set(compact('users'));
}

Role-based authorization

It is checking if user has provided roles. Entity that storing users must implement \MayMeow\Authorization\Controller\Component\RoleAuthorizationInterface, it must return

Limitations: User can have assigned only one Role

#[Authorize('Administrators')]
public function view($id = null)
{
    $user = $this->Users->get($id, [
        'contain' => [],
    ]);

    $this->set(compact('user'));
}

You can also provide more roles by entering names and separate them with coma ,. Don't use any spaces.

#[Authorize('Administrators,Users')]
public function view($id = null)
{
    $user = $this->Users->get($id, [
        'contain' => [],
    ]);

    $this->set(compact('user'));
}

If you're using role based authorization, all roles for which you want to have access to the actions must be provided.

Contribute

For contibuting guide please check https://github.com/MayMeow/contribution