From 87bddd81f03c13517ef4e23969a1caaa44c6a21a Mon Sep 17 00:00:00 2001
From: gwoo <gwoo@cakephp.org>
Date: Tue, 10 Jul 2007 16:25:23 +0000
Subject: [PATCH] Auth model authorization will pass user, controller, action
 as parameters to the model's isAuthorized method

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5437 3807eeeb-6ff5-0310-8944-8be069107fe0
---
 cake/libs/controller/components/auth.php | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/cake/libs/controller/components/auth.php b/cake/libs/controller/components/auth.php
index a13ee8586..685e42d46 100644
--- a/cake/libs/controller/components/auth.php
+++ b/cake/libs/controller/components/auth.php
@@ -317,8 +317,6 @@ class AuthComponent extends Object {
 						$object = $controller->modelClass;
 					} elseif (!empty($controller->uses) && isset($controller->{$controller->uses[0]}) && is_object($controller->{$controller->uses[0]})) {
 						$object = $controller->uses[0];
-					} else {
-						$object = $this->objectModel;
 					}
 				}
 				if ($this->isAuthorized($type, null, $object)) {
@@ -403,9 +401,7 @@ class AuthComponent extends Object {
 				}
 				$model = $this->getModel($object);
 				if (method_exists($model, 'isAuthorized')) {
-					if($model->isAuthorized($user)) {
-						return true;
-					}
+					$valid = $model->isAuthorized($user, $this->action(':controller'), $this->action(':action'));
 				} else if($model){
 					trigger_error(__(sprintf('%s::isAuthorized() is not defined.', $model), true), E_USER_WARNING);
 				}
@@ -430,13 +426,10 @@ class AuthComponent extends Object {
 		if (empty($auth)) {
 			$auth = $this->authorize;
 		}
-		$object = null;
+		$object = $this->objectModel;
 		if (is_array($auth)) {
 			$type = key($auth);
 			$object = $auth[$type];
-			if (isset($auth[0])) {
-				$assoc = $auth[0];
-			}
 		} else {
 			$type = $auth;
 		}