Log message #4189255

# At Username Text
# Jun 12th 2019, 14:59 jeremyharris ^ that was my first suggestion. the authorization plugin does a great way of abstracting out scoping and such for this very purpose
# Jun 12th 2019, 14:59 neon1024 Or have the query building part as a function and take a permissions object I guess :thinking_face:
# Jun 12th 2019, 14:58 neon1024 You could also conditionally build custom finders in your controller based on the permissions
# Jun 12th 2019, 14:58 awi Thank you very much
# Jun 12th 2019, 14:58 awi Didnt know the footprint. thats a nice plugin
# Jun 12th 2019, 14:55 jeremyharris there are a few ways to do that then. like I said you can inject the identity (User) into the behavior, or add a listener that injects it (see muffin/footprint for an example of this)
# Jun 12th 2019, 14:55 awi reason is, that I run an Rest-API by Cake. And I dont have the luxury of relying on well formed POST-Requests as anyone can connect himself through the API
# Jun 12th 2019, 14:54 awi I think I want to have it here
# Jun 12th 2019, 14:54 awi > generally you don’t want to do authorization handling in that layer of the application
# Jun 12th 2019, 14:50 jeremyharris however, if you must, you can always inject the identity into the behavior from the controller
# Jun 12th 2019, 14:49 jeremyharris generally you don’t want to do authorization handling in that layer of the application, it makes testing harder and the domain layer shouldn’t be concerned with authorization necessarily. instead, make changes from the outside, e.g. the controller changes a finder (scopes the query)
# Jun 12th 2019, 14:48 awi Or: Are there reasons not to do it
# Jun 12th 2019, 14:48 awi I try to build a Behavior checking if someone is authorized to link something associated. All my Information about authorization is in a component. Can I call the Component from the behaviour?
# Jun 12th 2019, 14:45 awi hi.
# Jun 12th 2019, 14:16 ricksaccous crazy
# Jun 12th 2019, 14:16 ricksaccous so i could add the same identifier twice but with different resolvers configured
# Jun 12th 2019, 14:16 ricksaccous hahahaha
# Jun 12th 2019, 14:16 ricksaccous i should have talked to you earlier
# Jun 12th 2019, 14:16 ricksaccous welp
# Jun 12th 2019, 14:15 jeremyharris yup they do
# Jun 12th 2019, 14:15 ricksaccous lmao
# Jun 12th 2019, 14:15 ricksaccous because i wouldn't mind not writing this resolver
# Jun 12th 2019, 14:14 ricksaccous until one returns favorably?
# Jun 12th 2019, 14:14 ricksaccous oh is that a thing? does it just go through each?
# Jun 12th 2019, 14:14 jeremyharris or maybe you could add multiple identifiers using different resolvers
# Jun 12th 2019, 14:13 jeremyharris yeah
# Jun 12th 2019, 14:13 ricksaccous but across multiple tables i think i need my own resolver
# Jun 12th 2019, 14:13 jeremyharris ah
# Jun 12th 2019, 14:13 ricksaccous before i used this plugin
# Jun 12th 2019, 14:13 ricksaccous no i meant before when i wrote my own Auth
# Jun 12th 2019, 14:12 jeremyharris you can do that with the ‘finder’ option in the OrmResolver ;)
# Jun 12th 2019, 14:11 ricksaccous hehe
# Jun 12th 2019, 14:11 ricksaccous besides username/password
# Jun 12th 2019, 14:11 ricksaccous I have written my own auth though because i wanted to add a field to the check
# Jun 12th 2019, 14:11 ricksaccous haha yeah i've been using that
# Jun 12th 2019, 14:10 neon1024 Oh the middleware? Then I’m out. I’ve only used it once a long time ago in alpha
# Jun 12th 2019, 14:10 ricksaccous I'm using the new authentication plugin thing
# Jun 12th 2019, 14:10 neon1024 I wrote an ApiAuth adapter for my api :slightly_smiling_face:
# Jun 12th 2019, 14:10 ricksaccous but the way the normal authenticator grabs the table info is via a resolver, which works fine right now
# Jun 12th 2019, 14:09 ricksaccous which will identify against an api/tables
# Jun 12th 2019, 14:09 ricksaccous yeah i'm writing a custom identifier