Merge pull request #11469 from db-bogdan/issue11468

fixes #11468 sending user data on basic auth in API environment
This commit is contained in:
Mark Story 2017-11-28 21:52:59 -05:00 committed by GitHub
commit abec95d3ea
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 35 additions and 0 deletions

View file

@ -298,6 +298,7 @@ class AuthComponent extends Component {
} }
if ($this->_isAllowed($controller)) { if ($this->_isAllowed($controller)) {
$this->_getUser();
return true; return true;
} }

View file

@ -1818,4 +1818,38 @@ class AuthComponentTest extends CakeTestCase {
$this->assertEquals('/users/login', $this->Controller->testUrl); $this->assertEquals('/users/login', $this->Controller->testUrl);
} }
/**
* testStatelessAuthAllowedActionsRetrieveUser method
*
* @return void
*/
public function testStatelessAuthAllowedActionsRetrieveUser() {
if (CakeSession::id()) {
session_destroy();
CakeSession::$id = null;
}
$_SESSION = null;
$_SERVER['PHP_AUTH_USER'] = 'mariano';
$_SERVER['PHP_AUTH_PW'] = 'cake';
AuthComponent::$sessionKey = false;
$this->Controller->Auth->authenticate = array(
'Basic' => array('userModel' => 'AuthUser')
);
$this->Controller->request['action'] = 'add';
$this->Controller->Auth->initialize($this->Controller);
$this->Controller->Auth->allow();
$this->Controller->Auth->startup($this->Controller);
$expectedUser = array(
'id' => '1',
'username' => 'mariano',
'created' => '2007-03-17 01:16:23',
'updated' => '2007-03-17 01:18:31',
);
$this->assertEquals($expectedUser, $this->Controller->Auth->user());
}
} }