Interface AuthorizationServiceInterface
Interface for Authorization service
Method Summary
-
applyScope() public
Apply authorization scope conditions/restrictions.
-
authorizationChecked() public
Return a boolean based on whether or not this object has had an authorization operation performed.
-
can() public
Check whether the provided user can perform an action on a resource.
-
canResult() public
Check whether the provided user can perform an action on a resource.
-
skipAuthorization() public
Allow for authorization to be skipped for this object.
Method Detail
applyScope() ¶ public
applyScope(Authorization\IdentityInterface|null $user, string $action, mixed $resource, mixed ...$optionalArgs): mixedApply authorization scope conditions/restrictions.
This method is intended for applying authorization to objects that are then used to access authorized collections of objects. The typical use case for scopes are restricting a query to only return records visible to the current user.
Parameters
-
Authorization\IdentityInterface|null$user The user to check permissions for.
-
string$action The action/operation being performed.
-
mixed$resource The resource being operated on.
-
mixed...$optionalArgs Multiple additional arguments which are passed to the scope
Returns
mixedauthorizationChecked() ¶ public
authorizationChecked(): boolReturn a boolean based on whether or not this object has had an authorization operation performed.
Returns
boolcan() ¶ public
can(Authorization\IdentityInterface|null $user, string $action, mixed $resource, mixed ...$optionalArgs): boolCheck whether the provided user can perform an action on a resource.
This method is intended to allow your application to build conditional logic around authorization checks.
Parameters
-
Authorization\IdentityInterface|null$user The user to check permissions for.
-
string$action The action/operation being performed.
-
mixed$resource The resource being operated on.
-
mixed...$optionalArgs Multiple additional arguments which are passed to the scope
Returns
boolcanResult() ¶ public
canResult(Authorization\IdentityInterface|null $user, string $action, mixed $resource, mixed ...$optionalArgs): Authorization\Policy\ResultInterfaceCheck whether the provided user can perform an action on a resource.
This method is intended to allow your application to build conditional logic around authorization checks.
Parameters
-
Authorization\IdentityInterface|null$user The user to check permissions for.
-
string$action The action/operation being performed.
-
mixed$resource The resource being operated on.
-
mixed...$optionalArgs Multiple additional arguments which are passed to the scope
Returns
Authorization\Policy\ResultInterfaceskipAuthorization() ¶ public
skipAuthorization(): $thisAllow for authorization to be skipped for this object.
After calling this method the value of authorizationChecked() should
return true regardless of whether authorization has been performed or not.
Returns
$this