Use of shield authorization

[foxbille]

Hello everybody,
I'm slowly discovering shield.
Installation ok
Protecting ALL the application with authentification : OK
Next step : How do I use Autorization inside the app ? I want to give some user access to some functionalities, say : controllers
Where do I put my access controls : in routes.php ? so that it protects access to controllers/functions, or in controllers ? or in functions ?
Does someone have an exemple of an application protected by shied ?
I don't find any tutorial about it !
Thanks for all
Eric

[MGatner]

All of the above! I usually do all the authorization I can in Filters as long as it is very user-focused. Once it drills down to the level of resource access (like "only these users can access these widgets") I usually switch to controllers so I can consolidate my model dependencies. Not a "right vs wrong" thing though: you could probably stick everything in a Filter and call it "skinny controllers" and be well off.

I often use my permissions library for handling more intense user-to-resource authorizations. I'm afraid I don't have an example of Shield in use, but maybe someone else will share a repo.

[foxbille]

Thanks, it lites the way