Adding user check fix for AuthComponent::isAuthorized(), and removing comments from Model test (Ticket #2381)

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4833 3807eeeb-6ff5-0310-8944-8be069107fe0

cake/libs/controller/components/auth.php

@@ -330,7 +330,9 @@ class AuthComponent extends Object {
  * @return boolean True if $user is authorized, otherwise false
  */
 	function isAuthorized(&$controller, $type = null, $user = null) {
-		if (empty($user)) {
+		if (empty($user) && !$this->user()) {
+			return false;
+		} elseif (empty($user)) {
 			$user = $this->user();
 		}
 		extract($this->__authType($type));
@@ -353,7 +355,7 @@ class AuthComponent extends Object {
 		$valid = false;
 		switch ($type) {
 			case 'actions':
-				$valid = $this->Acl->check($this->user(), $this->action());
+				$valid = $this->Acl->check($user, $this->action());
 			break;
 			case 'objects':
 
@@ -366,7 +368,7 @@ class AuthComponent extends Object {
 				if (!isset($this->actionMap[$this->params['action']])) {
 					trigger_error('Auth::startup() - Attempted access of un-mapped action "' . $this->params['action'] . '" in controller "' . $this->params['controller'] . '"', E_USER_WARNING);
 				} else {
-					$valid = $this->Acl->check($this->user(), $this->action(':controller'), $this->actionMap[$this->params['action']]);
+					$valid = $this->Acl->check($user, $this->action(':controller'), $this->actionMap[$this->params['action']]);
 				}
 			break;
 			case null:

cake/tests/cases/libs/model/model.test.php

@@ -733,10 +733,6 @@ class ModelTest extends CakeTestCase {
 			'hasAndBelongsToMany'=>array('Tag'))
 		);
 
-		// UNCOMMENT THE FOLLOWING LINE TO MAKE TEST SUCCEED:
-		//
-		// $this->Featured->ArticleFeatured->unbindModel(array('belongsTo'=>array('Category')));
-
 		$orderBy = 'ArticleFeatured.id ASC';
 		$result = $this->Featured->findAll(null, null, $orderBy, 3);