Comments (7)
we could add a new interface for
BeforeScopePolicy
This I like. I'm happy to tackle this, if desired. I don't think it would be super difficult.
and merge the two interfaces in the future 🤷
Would this even be strictly necessary? I would think it would be OK to acknowledge that although a scope is a policy, it's a different kind of policy and so a different interface is necessary.
from authorization.
Would this even be strictly necessary? I would think it would be OK to acknowledge that although a scope is a policy, it's a different kind of policy and so a different interface is necessary.
Good point, we don't have to merge the interfaces, as you wouldn't want to implement beforeScope
on an entity policy.
I'm getting hung up on "boolean value" because technically a ResultInterface is not a boolean. Unless it is understood that a Result with status = true is the same as boolean true, and same for status = false?
What if beforeScope
return the modified scope resource or null if the before hook didn't apply? That would allow before hooks to augment or replace the scoped resource if that is required. This also emulates before
where it can replace the result by returning a bool.
from authorization.
Was this decision to not check for the Interface by design? If so, what was the motivation? And if not, would this change be beneficial?
No it wasn't intentional, using the same interface before applyScope
could be ok. If a policy implements both record policy methods and applyScope
though the before
method would become messy. Should we have a new method for beforeScope
?
Adding methods to existing interfaces isn't possible because of backwards compatibility, but we could add a new interface for BeforeScopePolicy
and merge the two interfaces in the future 🤷
from authorization.
Description for the beforeScope
method (first attempt):
If boolean value is returned, the scope application will be skipped and the unmodified resource will be returned. In case of
null
, the scope will be applied.
I have two questions:
- I'm getting hung up on "boolean value" because technically a
ResultInterface
is not a boolean. Unless it is understood that aResult
with status = true is the same as boolean true, and same for status = false? - Assuming the answer to the previous question is 'yes', what should be done when true or false are returned? It makes sense that returning
null
means the scope application will still be run. But in the context of a scope, I'm not sure what it should do when a boolean is returned.
from authorization.
PR is up, I made sure to run all the checks locally so it should be clean and ready for review.
from authorization.
This issue is stale because it has been open for 120 days with no activity. Remove the stale
label or comment or this will be closed in 15 days
from authorization.
PR was closed because the port to 3.x was handled elsewhere. Confirmed the BeforeScopeInterface
is present in 3.x branches. Closing this issue as resolved :)
from authorization.
Related Issues (20)
- Policy for Modelless controller HOT 15
- Can't use i18n and get plugin in different locale HOT 5
- Allow for AuthorizationComponent::can to not set $authorizationChecked HOT 3
- "Call to a member function getOriginalData() on null" Cake4 - RequestAuthorizationMiddleware HOT 12
- FR: visualization of policies HOT 5
- ORM Policy resolver broken HOT 2
- Error to test login with phpunit: setAuthorization() HOT 2
- MissingPolicyException using Paginator HOT 6
- Problem with policies HOT 2
- Check entity authorization inside entity HOT 2
- How can an user redirect with Request Authorization Middleware? HOT 1
- Allow passing extra options to applyScope() HOT 1
- RFC: Make `access` the action verb for authorization HOT 7
- Deprecated logs after update to CakePHP 4.3 and PHP 8.1.0 HOT 2
- Allow multiple optional parameters to be passed down to applyScope()
- PHP8.2: Using ${var} in strings is deprecated, use {$var} instead HOT 2
- Suggestion: narrowing the type of $resource HOT 5
- Feature request: Make Authorization service available via DI in the Middleware HOT 3
- Feature request: Make Authorization service available via DI in the Middleware HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from authorization.