From 84957ddbc317c8d63eda3745c643ecbe1af80fcc Mon Sep 17 00:00:00 2001 From: Mohammad Alavi Date: Sat, 10 Feb 2024 12:25:42 +0330 Subject: [PATCH] feat: remove mentions of `check` method --- docs/components/main-components/requests.md | 94 +------------------ docs/security/authorization.mdx | 4 +- .../components/main-components/requests.md | 94 +------------------ .../version-12.x/security/authorization.mdx | 4 +- 4 files changed, 6 insertions(+), 190 deletions(-) diff --git a/docs/components/main-components/requests.md b/docs/components/main-components/requests.md index a3e7c5e4a..8b4f6d973 100644 --- a/docs/components/main-components/requests.md +++ b/docs/components/main-components/requests.md @@ -143,9 +143,7 @@ class DemoRequest extends ParentRequest public function authorize(): bool { - return $this->check([ - 'hasAccess', - ]); + return $this->hasAccess(); } } ``` @@ -225,53 +223,6 @@ class DemoRequest extends ParentRequest ## Helper Methods -### check - -The `check` method is used to authorize the user to access the endpoint. -It accepts an array of methods names that will be called to check if the user has access or not. -Each of those methods must return a boolean. -Take a look at the following example: - -```php -use App\Ship\Parents\Requests\Request as ParentRequest; - -class DemoRequest extends ParentRequest -{ - use IsAuthorTrait; - - // ... - - public function authorize(): bool - { - return $this->check([ - 'hasAccess|isOwner', - 'isKing', - ]); - } -} -``` - -Here we are passing the the `hasAccess`, `isOwner` and `isKing` methods to the `check` method. -Then the `check` method follows the following rules and checks if the user has access or not: - -- The separator `|` between the methods indicates an `OR` operation. -- The default operation between all methods in the array is `AND`. - -So in the above example, the call to the `check` method will be translated to: - -```php -return ($this->hasAccess() || $this->isOwner()) && $this->isKing(); -``` - -And if the result of this operation is `true` then the user will be authorized to access the endpoint. - -:::note - -- `hasAccess` method is a [built-in authorization method](#hasaccess). -- `isOwner` and `isKing` methods are [custom authorization methods](#custom-authorize-methods) - -::: - ### hasAccess The `hasAccess` method assesses a user's access rights based on the Request's `$access` property. @@ -449,48 +400,7 @@ $request = RegisterUserRequest::injectData($data) ->withUrlParameters(['id' => 123]); ``` -## Custom Authorize Methods - -The recommended approach for adding custom authorization functions is by using a Trait, -which can be included in your Request classes. - -For instance, -let's -create an `IsAuthorTrait` Trait with a single method -named `isAuthor` to determine if the current user holds the role of an author. - -```php -trait IsAuthorTrait -{ - public function isAuthor(): bool - { - return $this->user()->hasRole('author'); - } -} -``` - -Subsequently, you can apply the `IsAuthorTrait` Trait to a Request class, -allowing the utilization of the `isAuthor` function within the authorization process. - -```php -use App\Ship\Parents\Requests\Request as ParentRequest; - -class DemoRequest extends ParentRequest -{ - use IsAuthorTrait; - - // ... - - public function authorize(): bool - { - return $this->check([ - 'isAuthor', - ]); - } -} -``` - -## Bypass Authorization +## Bypassing Authorization To grant certain Roles access to all endpoints within the system without the need to define the role in each Request object, diff --git a/docs/security/authorization.mdx b/docs/security/authorization.mdx index 3d3ebafd9..502d1c48f 100644 --- a/docs/security/authorization.mdx +++ b/docs/security/authorization.mdx @@ -52,9 +52,7 @@ class DeleteUserRequest extends ParentRequest public function authorize(): bool { - return $this->check([ - 'hasAccess', - ]); + return $this->hasAccess(); } } ``` diff --git a/versioned_docs/version-12.x/components/main-components/requests.md b/versioned_docs/version-12.x/components/main-components/requests.md index a3e7c5e4a..8b4f6d973 100644 --- a/versioned_docs/version-12.x/components/main-components/requests.md +++ b/versioned_docs/version-12.x/components/main-components/requests.md @@ -143,9 +143,7 @@ class DemoRequest extends ParentRequest public function authorize(): bool { - return $this->check([ - 'hasAccess', - ]); + return $this->hasAccess(); } } ``` @@ -225,53 +223,6 @@ class DemoRequest extends ParentRequest ## Helper Methods -### check - -The `check` method is used to authorize the user to access the endpoint. -It accepts an array of methods names that will be called to check if the user has access or not. -Each of those methods must return a boolean. -Take a look at the following example: - -```php -use App\Ship\Parents\Requests\Request as ParentRequest; - -class DemoRequest extends ParentRequest -{ - use IsAuthorTrait; - - // ... - - public function authorize(): bool - { - return $this->check([ - 'hasAccess|isOwner', - 'isKing', - ]); - } -} -``` - -Here we are passing the the `hasAccess`, `isOwner` and `isKing` methods to the `check` method. -Then the `check` method follows the following rules and checks if the user has access or not: - -- The separator `|` between the methods indicates an `OR` operation. -- The default operation between all methods in the array is `AND`. - -So in the above example, the call to the `check` method will be translated to: - -```php -return ($this->hasAccess() || $this->isOwner()) && $this->isKing(); -``` - -And if the result of this operation is `true` then the user will be authorized to access the endpoint. - -:::note - -- `hasAccess` method is a [built-in authorization method](#hasaccess). -- `isOwner` and `isKing` methods are [custom authorization methods](#custom-authorize-methods) - -::: - ### hasAccess The `hasAccess` method assesses a user's access rights based on the Request's `$access` property. @@ -449,48 +400,7 @@ $request = RegisterUserRequest::injectData($data) ->withUrlParameters(['id' => 123]); ``` -## Custom Authorize Methods - -The recommended approach for adding custom authorization functions is by using a Trait, -which can be included in your Request classes. - -For instance, -let's -create an `IsAuthorTrait` Trait with a single method -named `isAuthor` to determine if the current user holds the role of an author. - -```php -trait IsAuthorTrait -{ - public function isAuthor(): bool - { - return $this->user()->hasRole('author'); - } -} -``` - -Subsequently, you can apply the `IsAuthorTrait` Trait to a Request class, -allowing the utilization of the `isAuthor` function within the authorization process. - -```php -use App\Ship\Parents\Requests\Request as ParentRequest; - -class DemoRequest extends ParentRequest -{ - use IsAuthorTrait; - - // ... - - public function authorize(): bool - { - return $this->check([ - 'isAuthor', - ]); - } -} -``` - -## Bypass Authorization +## Bypassing Authorization To grant certain Roles access to all endpoints within the system without the need to define the role in each Request object, diff --git a/versioned_docs/version-12.x/security/authorization.mdx b/versioned_docs/version-12.x/security/authorization.mdx index 3d3ebafd9..502d1c48f 100644 --- a/versioned_docs/version-12.x/security/authorization.mdx +++ b/versioned_docs/version-12.x/security/authorization.mdx @@ -52,9 +52,7 @@ class DeleteUserRequest extends ParentRequest public function authorize(): bool { - return $this->check([ - 'hasAccess', - ]); + return $this->hasAccess(); } } ```