Class RequestAuthorizationMiddleware
Request Authorization Middleware
This MUST be added after the Authorization, Authentication and RoutingMiddleware in the Middleware Queue!
This middleware is useful when you want to authorize your requests, for example each controller and action, against a role based access system or any other kind of authorization process that controls access to certain actions.
Property Summary
-
$_config protected
array<string, mixed>Runtime config
-
$_configInitialized protected
boolWhether the config property has already been configured with defaults
-
$_defaultConfig protected
arrayDefault Config
Method Summary
-
__construct() public
Constructor
-
_configDelete() protected
Deletes a single config key.
-
_configRead() protected
Reads a config key.
-
_configWrite() protected
Writes a config key.
-
configShallow() public
Merge provided config with existing config. Unlike
config()which does a recursive merge for nested keys, this method does a simple merge. -
getConfig() public
Returns the config.
-
getConfigOrFail() public
Returns the config for this specific key.
-
getServiceFromRequest() protected
Gets the authorization service from the request attribute
-
handleException() protected
Handle exception.
-
process() public
Callable implementation for the middleware stack.
-
setConfig() public
Sets the config.
Method Detail
__construct() ¶ public
__construct(array $config = [])Constructor
Parameters
-
array$config optional Configuration options
_configDelete() ¶ protected
_configDelete(string $key): voidDeletes a single config key.
Parameters
-
string$key Key to delete.
Returns
voidThrows
Cake\Core\Exception\CakeExceptionif attempting to clobber existing config
_configRead() ¶ protected
_configRead(string|null $key): mixedReads a config key.
Parameters
-
string|null$key Key to read.
Returns
mixed_configWrite() ¶ protected
_configWrite(array<string, mixed>|string $key, mixed $value, string|bool $merge = false): voidWrites a config key.
Parameters
-
array<string, mixed>|string$key Key to write to.
-
mixed$value Value to write.
-
string|bool$merge optional True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.
Returns
voidThrows
Cake\Core\Exception\CakeExceptionif attempting to clobber existing config
configShallow() ¶ public
configShallow(array<string, mixed>|string $key, mixed|null $value = null): $thisMerge provided config with existing config. Unlike config() which does
a recursive merge for nested keys, this method does a simple merge.
Setting a specific value:
$this->configShallow('key', $value);Setting a nested value:
$this->configShallow('some.nested.key', $value);Updating multiple config settings at the same time:
$this->configShallow(['one' => 'value', 'another' => 'value']);Parameters
-
array<string, mixed>|string$key The key to set, or a complete array of configs.
-
mixed|null$value optional The value to set.
Returns
$thisgetConfig() ¶ public
getConfig(string|null $key = null, mixed $default = null): mixedReturns the config.
Usage
Reading the whole config:
$this->getConfig();Reading a specific value:
$this->getConfig('key');Reading a nested value:
$this->getConfig('some.nested.key');Reading with default value:
$this->getConfig('some-key', 'default-value');Parameters
-
string|null$key optional The key to get or null for the whole config.
-
mixed$default optional The return value when the key does not exist.
Returns
mixedgetConfigOrFail() ¶ public
getConfigOrFail(string $key): mixedReturns the config for this specific key.
The config value for this key must exist, it can never be null.
Parameters
-
string$key The key to get.
Returns
mixedThrows
InvalidArgumentExceptiongetServiceFromRequest() ¶ protected
getServiceFromRequest(Psr\Http\Message\ServerRequestInterface $request): Authorization\AuthorizationServiceInterfaceGets the authorization service from the request attribute
Parameters
-
Psr\Http\Message\ServerRequestInterface$request Server request.
Returns
Authorization\AuthorizationServiceInterfacehandleException() ¶ protected
handleException(Authorization\Exception\Exception $exception, Psr\Http\Message\ServerRequestInterface $request, array|string $handler): Psr\Http\Message\ResponseInterfaceHandle exception.
Parameters
-
Authorization\Exception\Exception$exception Exception to handle.
-
Psr\Http\Message\ServerRequestInterface$request Request instance.
-
array|string$handler Handler config.
Returns
Psr\Http\Message\ResponseInterfaceprocess() ¶ public
process(ServerRequestInterface $request, RequestHandlerInterface $handler): Psr\Http\Message\ResponseInterfaceCallable implementation for the middleware stack.
Processes an incoming server request in order to produce a response. If unable to produce the response itself, it may delegate to the provided request handler to do so.
Parameters
-
ServerRequestInterface$request The request.
-
RequestHandlerInterface$handler The request handler.
Returns
Psr\Http\Message\ResponseInterfacesetConfig() ¶ public
setConfig(array<string, mixed>|string $key, mixed|null $value = null, bool $merge = true): $thisSets the config.
Usage
Setting a specific value:
$this->setConfig('key', $value);Setting a nested value:
$this->setConfig('some.nested.key', $value);Updating multiple config settings at the same time:
$this->setConfig(['one' => 'value', 'another' => 'value']);Parameters
-
array<string, mixed>|string$key The key to set, or a complete array of configs.
-
mixed|null$value optional The value to set.
-
bool$merge optional Whether to recursively merge or overwrite existing config, defaults to true.
Returns
$thisThrows
Cake\Core\Exception\CakeExceptionWhen trying to set a key that is invalid.