This is a proposal initiated by @jamisonbryant to make at least the OrmResolver more DI aware.
Instead of having to pass on services to ->can() etc. one can easily inject the needed services into the policies which actually need them to do whatever logic is required to authorize the current user on the given action.
To get this working from a user perspective, all they would have to adjust in their Application::getAuthorizationService method is
$ormResolver = new OrmResolver();
to
$ormResolver = new OrmResolver('App', [], $this->getContainer());
After that all policies retrieved by the OrmResolver can leverage constructor injection.
If we want to go this way then we should also make the MapResolver DI aware as well.
This is a proposal initiated by @jamisonbryant to make at least the OrmResolver more DI aware.
Instead of having to pass on services to
->can()
etc. one can easily inject the needed services into the policies which actually need them to do whatever logic is required to authorize the current user on the given action.To get this working from a user perspective, all they would have to adjust in their
Application::getAuthorizationService
method isto
After that all policies retrieved by the OrmResolver can leverage constructor injection.
If we want to go this way then we should also make the MapResolver DI aware as well.