KMP PHP API Reference

AuthorizationService extends AuthorizationService
in package
implements AuthorizationServiceInterface

Custom authorization service with KMP identity handling.

Extends CakePHP's authorization service with proper state management for nested authorization calls and consistent boolean returns from policy checks.

Tags
see
KmpIdentityInterface

Enhanced identity interface

see
BasePolicy

Base policy class

Table of Contents

Interfaces

AuthorizationServiceInterface

Properties

$authCheckLog  : array<string|int, mixed>

Methods

checkCan()  : bool
Check authorization with proper state management for nested calls.
clearAuthCheckLog()  : void
Clear the authorization check log
getAuthCheckLog()  : array<string|int, mixed>
Get the authorization check log (only available in debug mode)
getResourceInfo()  : string
Get readable resource information for logging
logAuthCheck()  : void
Log an authorization check for debugging purposes

Properties

$authCheckLog

protected static array<string|int, mixed> $authCheckLog = []

Debug log of authorization checks

Methods

checkCan()

Check authorization with proper state management for nested calls.

public checkCan(KmpIdentityInterface|null $user, string $action, mixed $resource, mixed ...$optionalArgs) : bool
Parameters
$user : KmpIdentityInterface|null

The authenticated user

$action : string

The action being attempted

$resource : mixed

The resource being accessed

$optionalArgs : mixed

Additional policy arguments

Tags
throws
Exception

If policy not found or other authorization errors

Return values
bool

// Check class-level permissions if ($authService->checkCan($currentUser, 'add', 'Members')) { // User can add new members }

// Check with additional context if ($authService->checkCan($currentUser, 'approve', $warrant, $branch)) { // User can approve warrant in this branch context }

clearAuthCheckLog()

Clear the authorization check log

public static clearAuthCheckLog() : void

getAuthCheckLog()

Get the authorization check log (only available in debug mode)

public static getAuthCheckLog() : array<string|int, mixed>
Return values
array<string|int, mixed>

getResourceInfo()

Get readable resource information for logging

protected getResourceInfo(mixed $resource) : string
Parameters
$resource : mixed

The resource

Return values
string

logAuthCheck()

Log an authorization check for debugging purposes

protected logAuthCheck(KmpIdentityInterface|null $user, string $action, mixed $resource, bool $result, array<string|int, mixed> $optionalArgs) : void
Parameters
$user : KmpIdentityInterface|null

The user performing the check

$action : string

The action being checked

$resource : mixed

The resource being accessed

$result : bool

The result of the check

$optionalArgs : array<string|int, mixed>

Optional arguments


        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results