authorization icon indicating copy to clipboard operation
authorization copied to clipboard
verified publisher icon cakephp

"did not apply any authorization checks" error when setIdentity

Open grizzly opened this issue 1 year ago • 3 comments

I have to update the identity in my code, so I am using

    $_identity = $this->Authentication->getIdentity();
    $data = $_identity->getOriginalData();
    if ($data instanceof User) {
        $data->x = [1];
    }
    $this->Authentication->setIdentity($_identity);

I am adding a scope with:

$posts = $this->Authorization->applyScope($posts, 'moderate');

Without the prevouse setIdentity, all works fine. When setting a new Identity, it gives me the "did not apply any authorization checks" error.

grizzly avatar Jun 25 '24 10:06 grizzly

Do you replace the identity before or after the applyScope call? While it shouldn't matter, knowing more about what you're trying to do helps with reproducing the issue.

markstory avatar Jun 25 '24 19:06 markstory

Do you replace the identity before or after the applyScope call? While it shouldn't matter, knowing more about what you're trying to do helps with reproducing the issue.

The identity is replaced before, as part of the login process.

grizzly avatar Jun 26 '24 04:06 grizzly

The identity is replaced before, as part of the login process.

So wouldn't the identity be consistent between the start of the controller action and the authorization check? Are you certain that the controller action is applying the policy scope? The tracking for whether or not an authorization check has been applied is very simple https://github.com/cakephp/authorization/blob/3.x/src/AuthorizationService.php#L117 and I don't see a way for it to misbehave.

markstory avatar Jun 26 '24 18:06 markstory