Commit graph

65 commits

Author SHA1 Message Date
mark_story
0282194c20 Make permission denied redirects host relative.
This helps fix infinite redirect loops when HTTP_X_FORWARDED_HOST is
set, and fixes redirects back to external domains on authentication
errors.

Fixes #3207
2012-09-14 09:39:45 -04:00
Spencer Ellinor
8a41fb0c34 Fix issue and remove unneccesary code. The (fixed) conditional doesn't do anything, since if Hash::get returns null, the function still returns null. 2012-07-25 15:09:22 -04:00
Ceeram
03e2263b69 Merge branch '2.1' into 2.2 2012-06-19 18:35:36 +02:00
mark_story
f9ddc9c64c Move error disabling to the error controller. 2012-06-18 22:08:39 -04:00
Ceeram
6c9b2a1fec Fix user() return value for nested data 2012-05-31 15:13:24 +02:00
Jelle Henkens
f7ce5262b7 Updating mixed @param documentation to seperate list of accepted types 2012-05-21 21:55:10 +01:00
Jose Lorenzo Rodriguez
bf0f5ab118 Merge remote-tracking branch 'origin/2.1' into 2.2 2012-04-29 20:05:39 -04:30
Kyle Robinson Young
b8488b8dfe Update 1.x @link in docblocks 2012-04-26 19:49:18 -07:00
mark_story
9f9feec222 Merge branch '2.2-hash' into 2.2
Conflicts:
	lib/Cake/Test/Case/Model/Datasource/DboSourceTest.php
	lib/Cake/View/Helper/FormHelper.php
2012-04-10 21:32:37 -04:00
Kyle Robinson Young
319d154aee Default to loginRedirect, if set, on authError in AuthComponent
Implements #2390
Based on the patch written by @dereuromark
2012-03-27 22:51:47 -07:00
mark_story
19e0d8d946 Switch usage to Hash where possible. 2012-03-26 22:32:53 -04:00
Juan Basso
c754fb2dcb Updated copyright to 2012. 2012-03-12 22:46:46 -04:00
Juan Basso
3b1bd90ad6 Updated copyright to 2012. 2012-03-12 22:46:07 -04:00
mark_story
61aba0f0f8 Fix most coding standard issues in Controller. 2012-03-03 19:27:46 -05:00
euromark
22452f61f8 type hinting controllers and views 2012-02-25 19:46:06 -05:00
mark_story
7877e7f997 Make allow(null) and deny(null) consistent with no args.
No arguments and a single null should be handled the same.

Fixes #2461
2012-01-10 20:32:12 -05:00
ADmad
389072708a Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Test/Case/Model/ModelReadTest.php
	lib/Cake/Utility/Debugger.php
2011-12-22 03:15:04 +05:30
mark_story
321caf6db6 Fix incorrect value being stored in Auth.redirect.
An incorrect value would be stored in Auth.redirect when
a custom route with the `pass` key set.

Fixes #2366
2011-12-15 22:56:39 -05:00
mark_story
6d269ce25d Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Config/config.php
	lib/Cake/Console/Command/Task/ModelTask.php
	lib/Cake/Console/Command/TestsuiteShell.php
	lib/Cake/Model/CakeSchema.php
	lib/Cake/Model/Datasource/Database/Sqlite.php
	lib/Cake/Test/Case/Model/ModelTestBase.php
	lib/Cake/Test/Case/Routing/DispatcherTest.php
	lib/Cake/Test/Case/Utility/FileTest.php
	lib/Cake/VERSION.txt
2011-12-03 13:45:28 -05:00
Kyle Robinson Young
8197f87dbc Spelling and grammar fixes 2011-12-01 21:58:09 -08:00
Jose Lorenzo Rodriguez
f6534d2962 Fixing issue where changing the case for an action in the url would allow the action in the AuthComponent making it accessible to not-logged in users 2011-11-28 00:52:47 -04:30
mark_story
21cd3f00ac Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Test/Case/BasicsTest.php
2011-11-19 20:40:07 -05:00
mark_story
92aea9de88 Update comment. 2011-11-16 23:17:48 -05:00
Daniel Pakuschewski
841c0c2295 Dropped support for wildcard in AuthComponent::allow()
Conflicts:

	lib/Cake/Controller/Component/AuthComponent.php
2011-11-15 23:01:04 -05:00
mark_story
bf43a5ee24 Fix whitespace and add usage to doc block. 2011-10-31 21:56:16 -04:00
José Lorenzo Rodríguez
f51be0a82c Merge pull request #278 from Danielpk/enhancement_auth_deny
Added enhancement to AuthComponent::deny().
2011-10-30 15:38:21 -07:00
Daniel Pakuschewski
09579198a9 Droped support to deny('*'). 2011-10-29 13:54:35 -02:00
Gun.io Whitespace Robot
4742168253 Remove whitespace [Gun.io WhitespaceBot] 2011-10-28 18:25:08 -04:00
Daniel Luiz Pakuschewski
5246e7dd1d Allow AuthComponent to deny all actions with single deny() or deny('*') 2011-10-26 22:07:17 -02:00
mark_story
d62351eb36 Revert the changes done to remove the 'cake' domain
After some discussion, polutting the app POT file
with unchanging Cake strings was incorrect.  Having these
strings in a separate POT file allows reuse of translations across
projects.

Refs #2103
2011-10-23 20:36:31 -04:00
mark_story
e457c14dec Fix issues with stateless authentication.
Cookies and sessions are no longer required for stateful authentication.
AuthComponent::user() also works correctly in these situations as well.

Fixes #2134
2011-10-23 12:54:51 -04:00
Rachman Chavik
2bb93761cc fixing typos 2011-10-19 12:19:28 +07:00
Jose Lorenzo Rodriguez
670917070e Changing a bunch of links in doc blocks 2011-10-15 10:43:26 -04:30
mark_story
6bf6d79979 Removing 'cake' domain from core.
This domain was supposed to be replaced by cake_dev.
There are a number of translations that should be App land as well.
Such as those in helpers.

Fixes #2103
2011-10-14 21:01:17 -04:00
mark_story
9e080951b1 Adding additional documentation for CrudAuthorize.
Fixes #2034
2011-09-28 23:25:14 -04:00
mark_story
b1dad6e5bd Adding session renewal upon login/logout.
This helps improve session security, as it reduces the opportunity
of replaying a session id successfully.
Fixes #836
2011-09-24 22:35:21 -04:00
mark_story
7cabb4e4d5 Extracting password hashing into as separate method.
This makes is much easier for a subclass to only change how passwords
are hashed.
2011-09-21 07:38:22 -04:00
Juan Basso
840d27bbb9 Fixed the allow method to parameters not be required. 2011-08-30 21:12:57 -04:00
Juan Basso
f7f3515135 Fixed documentation to methods that use func_get_args(). 2011-08-21 21:45:34 -04:00
Juan Basso
61833294f0 Changed the visibility to methods that not affect others classes. 2011-08-20 01:39:30 -04:00
Juan Basso
895c10af7b Adjusted some types in @param, @return and @var. 2011-07-31 22:57:17 -04:00
Juan Basso
fedadc091c Included @throws in API that was missing. 2011-07-31 16:55:52 -04:00
Juan Basso
9bc3e567c1 Removed the @access and @static. 2011-07-30 20:56:48 -04:00
Juan Basso
3723f7d396 Fixed some API doc in controllers and errors. 2011-07-30 16:48:37 -04:00
Jose Lorenzo Rodriguez
cfd2d9e00b Updating all @package annotations in doc blocks 2011-07-26 01:46:14 -04:30
mark_story
71933f5cf5 Adding a logout callback to authenticate objects.
Adding tests for the callback.
Adding doc blocks for the new callback.
Fixes #1758
2011-07-03 12:53:21 -04:00
mark_story
182a89b0a0 Fixing default/fallback url when no referrer is set.
Fixes #1761
2011-06-09 20:34:17 -04:00
Juan Basso
192812ee7f Updating the copyright to 2011. 2011-05-30 22:32:43 -04:00
Ceeram
2d78d59a7b Small optimization, remove unneeded else 2011-05-27 23:13:57 +02:00
Jose Lorenzo Rodriguez
91bce16e9d Merge remote-tracking branch 'origin/2.0' into 2.0-merge
Conflicts:
	lib/Cake/Test/Case/Console/Command/Task/TemplateTaskTest.php
	lib/Cake/Test/Case/Controller/Component/Auth/FormAuthenticate.php
	lib/Cake/Test/Case/Log/Engine/FileLog.php
	lib/Cake/Test/test_app/Plugin/TestPlugin/View/Helper/plugged_helper.php
	lib/Cake/Test/test_app/Plugin/TestPlugin/View/Helper/test_plugin_app.php
	lib/Cake/tests/Case/Controller/Component/Auth/FormAuthenticate.php
	lib/Cake/tests/Case/Controller/Component/Auth/FormAuthenticateTest.php
	lib/Cake/tests/Case/Log/Engine/FileLog.php
	lib/Cake/tests/Case/Log/Engine/FileLogTest.php
	lib/Cake/tests/test_app/plugins/test_plugin/View/Helper/PluggedHelper.php
	lib/Cake/tests/test_app/plugins/test_plugin/View/Helper/TestPluginAppHelper.php
	lib/Cake/tests/test_app/plugins/test_plugin/View/Helper/plugged_helper.php
	lib/Cake/tests/test_app/plugins/test_plugin/View/Helper/test_plugin_app.php
2011-05-15 00:40:54 -04:30