From 5689a9af03fa5807a0919f9bb5974aa11d9dea02 Mon Sep 17 00:00:00 2001 From: gwoo Date: Wed, 15 Aug 2007 18:37:43 +0000 Subject: [PATCH] fix for auth redirect, #3072 git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5529 3807eeeb-6ff5-0310-8944-8be069107fe0 --- cake/libs/controller/components/auth.php | 9 ++++---- .../libs/controller/components/auth.test.php | 21 +++++++++++++++++-- 2 files changed, 24 insertions(+), 6 deletions(-) diff --git a/cake/libs/controller/components/auth.php b/cake/libs/controller/components/auth.php index 4e42695cb..2782038e6 100644 --- a/cake/libs/controller/components/auth.php +++ b/cake/libs/controller/components/auth.php @@ -277,9 +277,10 @@ class AuthComponent extends Object { $url = $controller->params['url']['url']; } - if ($this->_normalizeURL($this->loginAction) == $this->_normalizeURL($url)) { + $this->loginAction = $this->_normalizeURL($this->loginAction); + if ($this->loginAction == $this->_normalizeURL($url)) { if (empty($controller->data) || !isset($controller->data[$this->userModel])) { - if (!$this->Session->check('Auth.redirect')) { + if (!$this->Session->check('Auth.redirect') && env('HTTP_REFERER')) { $this->Session->write('Auth.redirect', $controller->referer()); } return false; @@ -304,7 +305,7 @@ class AuthComponent extends Object { if (!$this->user()) { if (!$this->RequestHandler->isAjax()) { $this->Session->write('Auth.redirect', $url); - $controller->redirect($this->_normalizeURL($this->loginAction), null, true); + $controller->redirect($this->loginAction, null, true); return false; } elseif (!empty($this->ajaxLogin)) { $controller->viewPath = 'elements'; @@ -607,7 +608,7 @@ class AuthComponent extends Object { $redir = $this->Session->read('Auth.redirect'); $this->Session->delete('Auth.redirect'); - if ($this->_normalizeURL($redir) == $this->_normalizeURL($this->loginAction)) { + if ($this->_normalizeURL($redir) == $this->loginAction) { $redir = $this->loginRedirect; } } else { diff --git a/cake/tests/cases/libs/controller/components/auth.test.php b/cake/tests/cases/libs/controller/components/auth.test.php index 4882e2d0d..3a450d89b 100644 --- a/cake/tests/cases/libs/controller/components/auth.test.php +++ b/cake/tests/cases/libs/controller/components/auth.test.php @@ -169,11 +169,11 @@ class AuthTest extends CakeTestCase { $this->Controller->Auth->authorize = array('model'=>'AuthUser'); $result = $this->Controller->Auth->startup($this->Controller); $this->assertTrue($result); - + $this->Controller->Session->del('Auth'); $result = $this->Controller->Auth->isAuthorized(); $this->assertFalse($result); - + } function testAuthorizeCrud() { @@ -223,6 +223,23 @@ class AuthTest extends CakeTestCase { $this->Controller->Acl->Aro->execute('truncate aros_acos;'); } + function testLoginRedirect() { + $backup = $_SERVER['HTTP_REFERER']; + + $_SERVER['HTTP_REFERER'] = false; + $this->Controller->data = array(); + $this->Controller->params['url']['url'] = 'users/login'; + + $this->Controller->Auth->initialize($this->Controller); + $this->Controller->Auth->loginRedirect = array('controller' => 'pages', 'action' => 'display', 'welcome'); + $this->Controller->Auth->startup($this->Controller); + + $expected = $this->Controller->Auth->_normalizeURL($this->Controller->Auth->loginRedirect); + $this->assertEqual($expected, $this->Controller->Auth->redirect()); + + $_SERVER['HTTP_REFERER'] = $backup; + } + function tearDown() { unset($this->Controller, $this->AuthUser); }