From 2f62ee2cdeb1963b37d3976bc3519f22b7d883d2 Mon Sep 17 00:00:00 2001
From: Sebastien Barre <sebastien.barre@gmail.com>
Date: Fri, 31 Oct 2014 15:00:19 -0400
Subject: [PATCH] ticket #5017 add userFields setting to BaseAuthenticate

---
 .../Component/Auth/BaseAuthenticate.php       |  8 +++++++
 .../Component/Auth/BasicAuthenticateTest.php  | 21 +++++++++++++++++++
 2 files changed, 29 insertions(+)

diff --git a/lib/Cake/Controller/Component/Auth/BaseAuthenticate.php b/lib/Cake/Controller/Component/Auth/BaseAuthenticate.php
index aee2f6cc7..9c87cfa2a 100644
--- a/lib/Cake/Controller/Component/Auth/BaseAuthenticate.php
+++ b/lib/Cake/Controller/Component/Auth/BaseAuthenticate.php
@@ -27,6 +27,7 @@ abstract class BaseAuthenticate {
  *
  * - `fields` The fields to use to identify a user by.
  * - `userModel` The model name of the User, defaults to User.
+ * - `userFields` Array of fields to retrieve from User model, null to retrieve all. Defaults to null.
  * - `scope` Additional conditions to use when looking up and authenticating users,
  *    i.e. `array('User.is_active' => 1).`
  * - `recursive` The value of the recursive key passed to find(). Defaults to 0.
@@ -43,6 +44,7 @@ abstract class BaseAuthenticate {
 			'password' => 'password'
 		),
 		'userModel' => 'User',
+		'userFields' => null,
 		'scope' => array(),
 		'recursive' => 0,
 		'contain' => null,
@@ -105,9 +107,15 @@ abstract class BaseAuthenticate {
 			$conditions = array_merge($conditions, $this->settings['scope']);
 		}
 
+		$userFields = $this->settings['userFields'];
+		if ($password !== null && $userFields !== null) {
+			$userFields[] = $fields['password'];
+		}
+
 		$result = ClassRegistry::init($userModel)->find('first', array(
 			'conditions' => $conditions,
 			'recursive' => $this->settings['recursive'],
+			'fields' => $userFields,
 			'contain' => $this->settings['contain'],
 		));
 		if (empty($result[$model])) {
diff --git a/lib/Cake/Test/Case/Controller/Component/Auth/BasicAuthenticateTest.php b/lib/Cake/Test/Case/Controller/Component/Auth/BasicAuthenticateTest.php
index cd337cf08..79eab963f 100644
--- a/lib/Cake/Test/Case/Controller/Component/Auth/BasicAuthenticateTest.php
+++ b/lib/Cake/Test/Case/Controller/Component/Auth/BasicAuthenticateTest.php
@@ -197,6 +197,27 @@ class BasicAuthenticateTest extends CakeTestCase {
 		$this->assertEquals($expected, $result);
 	}
 
+/**
+ * test userFields success
+ *
+ * @return void
+ */
+	public function testAuthenticateUserFieldsSuccess() {
+		$this->auth->settings['userFields'] = array('id', 'user');
+		$request = new CakeRequest('posts/index', false);
+		$request->addParams(array('pass' => array(), 'named' => array()));
+
+		$_SERVER['PHP_AUTH_USER'] = 'mariano';
+		$_SERVER['PHP_AUTH_PW'] = 'password';
+
+		$result = $this->auth->authenticate($request, $this->response);
+		$expected = array(
+			'id' => 1,
+			'user' => 'mariano',
+		);
+		$this->assertEquals($expected, $result);
+	}
+
 /**
  * test scope failure.
  *