About Features Downloads Getting Started Documentation Events Support GitHub

Site Tools


development:architecture:authorization

Authorization

VuFind has included standard authentication function for a long time, but more detailed authorization logic was introduced in release 2.4.

Components

VuFind's authorization is built using the ZfcRbac component.

Configuration

Documentation on how to define roles (or configure existing ones) can be found in permissions.ini.

Usage

The authorization service can be injected into an object by implementing ZfcRbac\Service\AuthorizationServiceAwareInterface.

The authorization service provides a simple isGranted() method to check if a particular permission is granted.

VuFind's standard controllers implement an accessPermission property that, if set, can specify the name of a permission that must be granted in order to allow access to the controller. If the permission is missing, the user will be redirected to the login screen (or, if already logged in, will be presented with an error screen).

Extension

New types of checks can be implemented for use in permissions.ini by building permission providers.

development/architecture/authorization.txt · Last modified: 2020/09/22 14:13 by demiankatz