Table of Contents
Authorization
VuFind has included standard authentication function for a long time, but more detailed authorization logic was introduced in release 2.4.
Components
VuFind's authorization is built using the ZfcRbac component.
Configuration
Documentation on how to define roles (or configure existing ones) can be found in permissions.ini.
Usage
The authorization service can be injected into an object by implementing ZfcRbac\Service\AuthorizationServiceAwareInterface.
The authorization service provides a simple isGranted() method to check if a particular permission is granted.
VuFind's standard controllers implement an accessPermission property that, if set, can specify the name of a permission that must be granted in order to allow access to the controller. If the permission is missing, the user will be redirected to the login screen (or, if already logged in, will be presented with an error screen).
Extension
New types of checks can be implemented for use in permissions.ini by building permission providers.