2011-01-02 18:35:43 +00:00
|
|
|
<?php
|
2011-01-02 18:39:48 +00:00
|
|
|
/**
|
|
|
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
2013-02-08 11:59:49 +00:00
|
|
|
* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
2011-01-02 18:39:48 +00:00
|
|
|
*
|
|
|
|
* Licensed under The MIT License
|
2013-02-08 12:22:51 +00:00
|
|
|
* For full copyright and license information, please see the LICENSE.txt
|
2011-01-02 18:39:48 +00:00
|
|
|
* Redistributions of files must retain the above copyright notice.
|
|
|
|
*
|
2013-02-08 11:59:49 +00:00
|
|
|
* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
2011-01-02 18:39:48 +00:00
|
|
|
* @link http://cakephp.org CakePHP(tm) Project
|
2013-05-30 22:11:14 +00:00
|
|
|
* @license http://www.opensource.org/licenses/mit-license.php MIT License
|
2011-01-02 18:39:48 +00:00
|
|
|
*/
|
2011-03-05 22:10:42 +00:00
|
|
|
|
|
|
|
App::uses('BaseAuthorize', 'Controller/Component/Auth');
|
2011-01-02 18:35:43 +00:00
|
|
|
|
2011-01-02 18:39:48 +00:00
|
|
|
/**
|
2012-12-22 22:48:15 +00:00
|
|
|
* An authorization adapter for AuthComponent. Provides the ability to authorize using a controller callback.
|
2011-01-02 18:39:48 +00:00
|
|
|
* Your controller's isAuthorized() method should return a boolean to indicate whether or not the user is authorized.
|
|
|
|
*
|
2015-01-09 12:47:25 +00:00
|
|
|
* ```
|
2011-05-30 20:02:32 +00:00
|
|
|
* public function isAuthorized($user) {
|
2011-01-02 18:39:48 +00:00
|
|
|
* if (!empty($this->request->params['admin'])) {
|
2013-02-12 02:38:08 +00:00
|
|
|
* return $user['role'] === 'admin';
|
2011-01-02 18:39:48 +00:00
|
|
|
* }
|
|
|
|
* return !empty($user);
|
|
|
|
* }
|
2015-01-09 12:47:25 +00:00
|
|
|
* ```
|
2011-01-02 18:39:48 +00:00
|
|
|
*
|
|
|
|
* the above is simple implementation that would only authorize users of the 'admin' role to access
|
|
|
|
* admin routing.
|
|
|
|
*
|
2011-07-26 06:16:14 +00:00
|
|
|
* @package Cake.Controller.Component.Auth
|
2011-01-02 18:39:48 +00:00
|
|
|
* @since 2.0
|
|
|
|
* @see AuthComponent::$authenticate
|
|
|
|
*/
|
2011-01-02 19:23:43 +00:00
|
|
|
class ControllerAuthorize extends BaseAuthorize {
|
2011-01-02 18:35:43 +00:00
|
|
|
|
|
|
|
/**
|
2012-12-22 22:48:15 +00:00
|
|
|
* Get/set the controller this authorize object will be working with. Also checks that isAuthorized is implemented.
|
2011-01-02 18:35:43 +00:00
|
|
|
*
|
2012-05-13 00:43:31 +00:00
|
|
|
* @param Controller $controller null to get, a controller to set.
|
2011-07-31 20:55:52 +00:00
|
|
|
* @return mixed
|
|
|
|
* @throws CakeException
|
2011-01-02 18:35:43 +00:00
|
|
|
*/
|
2012-02-23 14:06:25 +00:00
|
|
|
public function controller(Controller $controller = null) {
|
2011-01-02 19:23:43 +00:00
|
|
|
if ($controller) {
|
|
|
|
if (!method_exists($controller, 'isAuthorized')) {
|
2013-08-20 22:05:53 +00:00
|
|
|
throw new CakeException(__d('cake_dev', '$controller does not implement an %s method.', 'isAuthorized()'));
|
2011-01-02 19:23:43 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
return parent::controller($controller);
|
2011-01-02 18:35:43 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Checks user authorization using a controller callback.
|
|
|
|
*
|
|
|
|
* @param array $user Active user data
|
2014-05-31 21:36:05 +00:00
|
|
|
* @param CakeRequest $request Request instance.
|
2014-07-03 13:36:42 +00:00
|
|
|
* @return bool
|
2011-01-02 18:35:43 +00:00
|
|
|
*/
|
|
|
|
public function authorize($user, CakeRequest $request) {
|
2012-03-04 00:27:46 +00:00
|
|
|
return (bool)$this->_Controller->isAuthorized($user);
|
2011-01-02 18:35:43 +00:00
|
|
|
}
|
|
|
|
|
2012-03-04 00:27:46 +00:00
|
|
|
}
|