Authorization and ACLs in cakephp 3

Question

Authorization and ACLs in cakephp 3

I am looking for a document, but I did not find anything about ACL implementation in cakephp 3. How can I implement authorization with ACLs in cakephp 3?

+7

authorization cakephp-3.0 acl

anghazi ghermezi Jan 01 '15 at 6:35

source share

2 answers

Great question, as Daniel Castro said the plugin is located at https://github.com/cakephp/acl .

The invalid part is to override "isAuthorized" in your "AppController.php" with something like:

... use Acl\Controller\Component\AclComponent; use Cake\Controller\ComponentRegistry; ... public function isAuthorized($user){ $Collection = new ComponentRegistry(); $acl= new AclComponent($Collection); $username=$user['username']; $controller=$this->request->controller; $action=$this->request->action; $check=$acl->check($user['username'],"$controller/$action"); return $check; }

Someone is wiser than I will know better if the user / action / controller bits can be better sanitized. There are many warnings about the stability of this plugin and "gotchas" on acl in terms of performance.

I move on to implementation 1.3, it was useful to add to the AppController 'initialize' info from http://book.cakephp.org/3.0/en/controllers/components/authentication.html

+3

Marc Jul 03 '15 at 20:22

source share

Daniel Castro · Accepted Answer · 2015-01-01T18:30:50+0000

The ACL is not built into CakePHP 3, as it was in CakePHP 2. Now it is available as a separate plugin.

Quote from http://book.cakephp.org/3.0/en/appendices/3-0-migration-guide.html
ACL-related classes have been ported to a separate plugin. Password, Authentication and Authorization Providers moved to \ Cake \ Auth. You must migrate your providers and hashers to the App \ Auth namespace.

You can find the plugin at https://github.com/cakephp/acl , but note that it is not yet stable.

Authorization and ACLs in cakephp 3

More articles: