adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2025-02-12 06:56:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fixing camel cased methods in checks for allowedActions in AuthComponent under PHP5. Normalizes to lowercase method name. Fixes #6142

Browse source 
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@8205 3807eeeb-6ff5-0310-8944-8be069107fe0
This commit is contained in:
mark_story 2009-06-30 00:25:09 +00:00
parent 6a34c9ef31
commit 8c7883fe3e
2 changed files with 29 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
cake/libs/controller/components/auth.php
View file

@ -263,6 +263,8 @@ class AuthComponent extends Object {
*/ */
function startup(&$controller) { function startup(&$controller) {
$methods = array_flip($controller->methods); $methods = array_flip($controller->methods);
$controllerAction = strtolower($controller->params['action']);
$isErrorOrTests = ( $isErrorOrTests = (
strtolower($controller->name) == 'cakeerror' || strtolower($controller->name) == 'cakeerror' ||
(strtolower($controller->name) == 'tests' && Configure::read() > 0) (strtolower($controller->name) == 'tests' && Configure::read() > 0)
@ -273,7 +275,7 @@ class AuthComponent extends Object {
$isMissingAction = ( $isMissingAction = (
$controller->scaffold === false && $controller->scaffold === false &&
!isset($methods[strtolower($controller->params['action'])]) !isset($methods[$controllerAction])
); );
if ($isMissingAction) { if ($isMissingAction) {
@ -295,7 +297,7 @@ class AuthComponent extends Object {
$isAllowed = ( $isAllowed = (
$this->allowedActions == array('*') || $this->allowedActions == array('*') ||
in_array($controller->params['action'], $this->allowedActions) isset($methods[$controllerAction])
); );
if ($loginAction != $url && $isAllowed) { if ($loginAction != $url && $isAllowed) {

25
cake/tests/cases/libs/controller/components/auth.test.php
View file

@ -728,7 +728,32 @@ class AuthTest extends CakeTestCase {
$this->Controller->params['action'] = 'Add'; $this->Controller->params['action'] = 'Add';
$this->assertFalse($this->Controller->Auth->startup($this->Controller)); $this->assertFalse($this->Controller->Auth->startup($this->Controller));
} }
/**
* test that allow() and allowedActions work with camelCase method names.
*
* @return void
**/
function testAllowedActionsWithCamelCaseMethods() {
$url = '/auth_test/camelCase';
$this->Controller->params = Router::parse($url);
$this->Controller->params['url']['url'] = Router::normalize($url);
$this->Controller->Auth->initialize($this->Controller);
$this->Controller->Auth->loginAction = array('controller' => 'AuthTest', 'action' => 'login');
$this->Controller->Auth->userModel = 'AuthUser';
$this->Controller->Auth->allow('*');
$result = $this->Controller->Auth->startup($this->Controller);
$this->assertTrue($result, 'startup() should return true, as action is allowed. %s');
$url = '/auth_test/camelCase';
$this->Controller->params = Router::parse($url);
$this->Controller->params['url']['url'] = Router::normalize($url);
$this->Controller->Auth->initialize($this->Controller);
$this->Controller->Auth->loginAction = array('controller' => 'AuthTest', 'action' => 'login');
$this->Controller->Auth->userModel = 'AuthUser';
$this->Controller->Auth->allowedActions = array('delete', 'camelCase', 'add');
$result = $this->Controller->Auth->startup($this->Controller);
$this->assertTrue($result, 'startup() should return true, as action is allowed. %s');
}
/** /**
* testLoginRedirect method * testLoginRedirect method
* *