Annotate example

README.md

@@ -18,17 +18,28 @@ use Xillion\Authorization\Action;
 use Xillion\Authorization\PolicySerializer\JsonPolicySerializer;
 use Xillion\Authorization\PolicyLoader\JsonPolicyLoader;
 
+
+// The authorization context keeps track of policies, and can perform authorization checks
 $context = new Context();
 
+// What action is going to be performed?
+$action = new Action('s3', 'ListBucket');
+
+// Who is going to perform the action?
 $identity = new Identity('AWS', 'xrn:aws:iam::AWS-account-ID:user/bob');
+
+// What resource is the action going to be performed on?
 $resource = new Resource('xrn:aws:s3:eu-west-1:12345:some-bucket');
 
+
+// Load policies from a file
 $loader = new JsonPolicyLoader();
 $policy = $loader->load(__DIR__ . '/resource-policy1.json');
-$context->addResourcePolicy($resource, $policy);
 
-$action = new Action('s3', 'ListBucket');
+// Add the loaded policy to the context
+$context->addResourcePolicy($resource, $policy);
 
+// Check if the identity is allowed to perform the action on the resource
 if ($context->isAllowed($identity, $resource, $action))) {
     echo "Action is allowed on this resource by this identity";
 } else {