You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To adjust ORM queries one has to use the ->applyScope() method of the AuthorizationComponent.
But in certain scenarios it would be helpfull to pass down arguments to the ->applyScope() method because the query needs to be adjusted according to
the current logged in user AND
the state of a specific service object or maybe request parameters.
The proposed solution would look like that:
public function index(MyService $myService)
{
$this->Authorization->skipAuthorization();
$query = $this->Products->find();
$query = $this->Authorization->applyScope($query, 'index', $myService);
$products = $this->paginate($query);
$this->set(compact('products'));
}
And in the ProductsTablePolicy.php it would look like this:
class ProductsTablePolicy
{
public function scopeIndex(IdentityInterface $user, Query $query, $myService)
{
return $query->where(['Products.price >' => 0]);
}
}
This would be of course a BC break because we would have to adjust at least the IdentityInterface::applyScope as well as the AuthorizationServiceInterface::applyScope
What do you think?
The text was updated successfully, but these errors were encountered:
To adjust ORM queries one has to use the
->applyScope()
method of the AuthorizationComponent.But in certain scenarios it would be helpfull to pass down arguments to the
->applyScope()
method because the query needs to be adjusted according toThe proposed solution would look like that:
And in the
ProductsTablePolicy.php
it would look like this:This would be of course a BC break because we would have to adjust at least the
IdentityInterface::applyScope
as well as theAuthorizationServiceInterface::applyScope
What do you think?
The text was updated successfully, but these errors were encountered: