Quick Start

Load the plugin by adding the following statement in your project’s:

$this->addPlugin('Authorization');
// Prior to 3.6.0
Plugin::load('Authorization');

The Authorization plugin integrates into your application as a middleware layerand optionally a component to make checking authorization easier. First, letsapply the middleware. In src/Application.php add the following to the classimports:

class Application extends BaseApplication implements AuthorizationServiceProviderInterface

Then add the following to your middleware() method:

The will call a hook method on your application whenit starts handling the request. This hook method allows your application todefine the AuthorizationService it wants to use. Add the following method yoursrc/Application.php:

public function getAuthorizationService(ServerRequestInterface $request, ResponseInterface $response)
{
    $resolver = new OrmResolver();
 
    return new AuthorizationService($resolver);

Next lets add the AuthorizationComponent to . Insrc/Controller/AppController.php add the following to the initialize()method:

By loading the authorization component we’ll be able to checkauthorization on a per-action basis more easily. For example, we can do:

public function edit($id = null)
{
    $article = $this->Article->get($id);
    $this->Authorization->authorize('update', $article);
 
    // Rest of action
}

• • Creating Policies
  • Policy Result Objects
• • Using OrmResolver
  • Creating a Resolver
• • Identity Decorator
• • Automatic authorization checks
  • Anonymous Users
  • Skipping Authorization