Browse files

Updating documentation.

  • Loading branch information...
1 parent d67a808 commit 7f5421b7a87456225957375c7181330bf83277a5 @jperras jperras committed Feb 11, 2010
Showing with 7 additions and 0 deletions.
  1. +7 −0 README.markdown
7 README.markdown
@@ -79,6 +79,13 @@ method to our `app/app_controller.php`:
return $this->Authority->allowed($this->Auth->user('role'));
+Note that for this specific example, we are passing the `role` value for the currently logged in
+user to `AuthorityComponent::allowed()`. In this case, `role` is a string that identifies which group the user
+belongs to, and the Authority component will return a boolean indicating whether or not that group
+has access to the current controller/action. The use of `$this->Auth->user('role')` is, in the end,
+arbitrary - you could feed anything you wanted to `AuthorityComponent::allowed()` as long as it is a
You can, of course, add in any additional logic that you may require in the `isAuthorized()` method.
Moreover, you are also able to override the method in subclasses (optionally calling
`parent::isAuthorized()`) to provide more fine-grained authorization control at the controller level.

0 comments on commit 7f5421b

Please sign in to comment.