ControllerAuthorize (class)
Class ControllerAuthorize
An authorization adapter for AuthComponent. Provides the ability to authorize using a controller callback. Your controller's isAuthorized() method should return a boolean to indicate whether or not the user is authorized.
public function isAuthorized($user)
{
if ($this->request->param('admin')) {
return $user['role'] === 'admin';
}
return !empty($user);
} The above is simple implementation that would only authorize users of the 'admin' role to access admin routing.
