Commit graph

234 commits

Author SHA1 Message Date
Jose Lorenzo Rodriguez
4f176d4284 Merge remote-tracking branch 'origin/2.0' into 2.1 2012-02-12 21:04:35 -04:30
mark_story
ad09b910ee Remove pointless comparison. 2012-02-12 10:09:25 -05:00
mark_story
2afb05b590 Merge branch '2.0' into 2.1
Conflicts:
	app/View/Pages/home.ctp
	lib/Cake/Config/config.php
	lib/Cake/Core/App.php
	lib/Cake/VERSION.txt
	lib/Cake/View/Helper/NumberHelper.php
2012-02-12 10:06:13 -05:00
mark_story
ab09229d40 Update API docs
View switching only happens for known mime types.
Refs #2565
2012-02-11 11:45:06 -05:00
mark_story
7e17da0ae8 Fix notice error when reading empty values.
When reading empty values a notice error would be triggered.
Slicing the first char off and comparing that solves this.

Fixes #2537
2012-02-11 11:33:04 -05:00
mark_story
6f914174a6 Fix issues with double / & leading/trailing /
Authorize classes should remove // and leading trailing /
Without this incorrect paths that fail to match nodes can be
generated.  This also allows settings[actionPath] to be
permissive in what it accepts.

Fixes #2563
2012-02-11 10:29:18 -05:00
Thomas Ploch
059a5f21ed Fixed TODO: Refactored setting of Cookies into CakeResponse. 2012-02-09 14:24:10 +01:00
0x20h
3abfaeecf3 Don't let every role inherit from default role. Filter empty aco paths 2012-02-05 15:30:26 +01:00
mark_story
ace9fefb02 Merge branch '2.0' into 2.1 2012-02-03 21:54:50 -05:00
mark_story
e697c68da5 Uncommented code works better. 2012-02-01 20:24:02 -05:00
mark_story
b03d7ba9b3 Fix reset() missing delivery property.
Fixes #2533
2012-02-01 20:20:14 -05:00
mark_story
a4740f02f1 Remove odd inflection.
This additional inflection isn't needed.  People can type the classname
they want.

Refs #2514
2012-01-29 13:56:53 -05:00
mark_story
e770c7a72d Split the AclComponent classes up.
Refs #2514
2012-01-29 13:54:26 -05:00
Jose Lorenzo Rodriguez
a1daaf5960 Merge branch '2.1-http' into 2.1 2012-01-21 15:51:34 -04:30
mark_story
df5d9ac3d1 Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Model/Model.php
	lib/Cake/Test/Case/Routing/RouterTest.php
2012-01-20 20:28:15 -05:00
Jose Lorenzo Rodriguez
5df2a0957f Not sending the response in beforeRender, better let Dispatcher do its work 2012-01-19 22:26:32 -04:30
mark_story
ad304e0b43 Reformat long line. 2012-01-19 21:50:51 -05:00
Stefano Zoffoli
c3b806ce8c Prevent blackhole auth error where are present multi fields 2012-01-19 17:48:39 +01:00
Jose Lorenzo Rodriguez
979f7a28b5 Fixing a couple bugs in CakeResponse::checkNotModified() and implementing conditional rendering in
RequestHandlerComponent
2012-01-19 01:08:45 -04:30
Jose Lorenzo Rodriguez
b79e0ad8f3 Moving checkModified() to CakeResponse, having it in the RequestHandler has too restrivtive 2012-01-19 01:08:45 -04:30
Jose Lorenzo Rodriguez
dffe84cfbc Implementing RequestHandler::checkNotModified() as a helper for HTTP caching 2012-01-19 01:08:44 -04:30
0x20h
4532659fed code cleanup, added some tests 2012-01-18 20:59:44 +01:00
0x20h
9838338976 docblocks 2012-01-13 23:34:35 +01:00
0x20h
bfaea78504 allow more elaborate regex rules 2012-01-13 23:29:23 +01:00
0x20h
95a41af9db allow multiple roles for a rule to be specified as string or array 2012-01-13 22:02:25 +01:00
0x20h
ef5eead038 use more appropriate array key when passing options to the adapter 2012-01-13 21:55:47 +01:00
0x20h
153152642c PHP configuration file base Acl implementation 2012-01-13 21:43:48 +01:00
Mark Story
b76f8f8832 Merge pull request #260 from tPl0ch/2.1-authenticate
Added 'recursive' settings option to BaseAuthenticate and BasicAuthenticate
2012-01-12 18:53:19 -08:00
mark_story
7877e7f997 Make allow(null) and deny(null) consistent with no args.
No arguments and a single null should be handled the same.

Fixes #2461
2012-01-10 20:32:12 -05:00
mark_story
0e56d742b8 Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Model/BehaviorCollection.php
	lib/Cake/basics.php
2012-01-08 21:59:18 -05:00
mark_story
f4c27e04bc Fix errors generated when option['order'] is undefined.
Fixes #2447
2012-01-08 21:55:51 -05:00
ADmad
389072708a Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Test/Case/Model/ModelReadTest.php
	lib/Cake/Utility/Debugger.php
2011-12-22 03:15:04 +05:30
Kyle Robinson Young
d794084d38 More code standards formatting 2011-12-15 23:00:07 -08:00
Kyle Robinson Young
51f9837db4 Code standards formatting 2011-12-15 22:52:07 -08:00
mark_story
321caf6db6 Fix incorrect value being stored in Auth.redirect.
An incorrect value would be stored in Auth.redirect when
a custom route with the `pass` key set.

Fixes #2366
2011-12-15 22:56:39 -05:00
mark_story
2e8498e166 Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Model/Datasource/Database/Postgres.php
	lib/Cake/Test/Case/Console/TaskCollectionTest.php
	lib/Cake/Test/Case/Model/ModelIntegrationTest.php
	lib/Cake/Test/Case/Utility/ClassRegistryTest.php
	lib/Cake/Utility/ClassRegistry.php
2011-12-11 22:51:40 -05:00
Kyle Robinson Young
c836ba08a3 Add/move docblocks to make text available in the API docs 2011-12-08 07:35:02 -08:00
Kyle Robinson Young
1e1c7a036d Code consistency formatting tweaks 2011-12-06 12:52:48 -08:00
mark_story
545694d84b Fix undefined variable error. 2011-12-06 12:35:18 -05:00
mark_story
fc4846d676 Move overflow limits to only take effect after expiration. 2011-12-06 12:23:15 -05:00
mark_story
9296f770d5 Adding SecurityComponent::$csrfLimit
This property allows you to control the number of tokens
that will be kept active.  Its possible to make really large
CSRF collection sizes.  Capping the number of tokens allows developers
to better control session sizes.
2011-12-03 20:13:17 -05:00
mark_story
e421b3bc8f Adding SecurityComponent::generateToken()
This method allows end developers to add the csrf tokens
manually, if they aren't added automatically.

Tokens are cheap to generate, simplifying the logic
makes things a bit easier to understand.
2011-12-03 20:13:03 -05:00
mark_story
6d269ce25d Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Config/config.php
	lib/Cake/Console/Command/Task/ModelTask.php
	lib/Cake/Console/Command/TestsuiteShell.php
	lib/Cake/Model/CakeSchema.php
	lib/Cake/Model/Datasource/Database/Sqlite.php
	lib/Cake/Test/Case/Model/ModelTestBase.php
	lib/Cake/Test/Case/Routing/DispatcherTest.php
	lib/Cake/Test/Case/Utility/FileTest.php
	lib/Cake/VERSION.txt
2011-12-03 13:45:28 -05:00
Kyle Robinson Young
8197f87dbc Spelling and grammar fixes 2011-12-01 21:58:09 -08:00
Jose Lorenzo Rodriguez
f6534d2962 Fixing issue where changing the case for an action in the url would allow the action in the AuthComponent making it accessible to not-logged in users 2011-11-28 00:52:47 -04:30
mark_story
04463c4ee5 Fix errors found in review. 2011-11-27 23:51:49 -05:00
mark_story
cfbc43671e Starting content type specific error pages.
- Adding RequestHandler to the error controller.  This allows reuse
  of all of Cake's internals.
- Adding a simple JsonView class to do serialized JSON views.
- Adding serialize hooks, and wiring things together.
2011-11-27 23:51:47 -05:00
Kyle Robinson Young
bc0e0b5c05 Add @link to CookieComponent docblocks 2011-11-22 22:32:13 -08:00
mark_story
21cd3f00ac Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Test/Case/BasicsTest.php
2011-11-19 20:40:07 -05:00
mark_story
92aea9de88 Update comment. 2011-11-16 23:17:48 -05:00
mark_story
fa0ec44dfd Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Test/Case/Console/Command/CommandListShellTest.php
	lib/Cake/Test/Case/Error/ExceptionRendererTest.php
	lib/Cake/Test/Case/Utility/DebuggerTest.php
	lib/Cake/Test/Case/View/Helper/TextHelperTest.php
2011-11-16 21:31:16 -05:00
Ceeram
e5c8a446d6 Add sorting on joined model virtual field, fixes #2250 2011-11-17 00:18:12 +01:00
mark_story
fb7d931bef Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Config/config.php
	lib/Cake/VERSION.txt
2011-11-15 23:10:34 -05:00
Daniel Pakuschewski
841c0c2295 Dropped support for wildcard in AuthComponent::allow()
Conflicts:

	lib/Cake/Controller/Component/AuthComponent.php
2011-11-15 23:01:04 -05:00
Ceeram
2bb4ed01be Removing _Token from request data.
It is not used outside the component and could possibly affect Model::save().
Fixes #2256

Signed-off-by: mark_story <mark@mark-story.com>
2011-11-15 22:51:04 -05:00
mark_story
6e4493cc14 Fix ambiguous content types in RequestHandler.
Treat xhtml + html as content types that should trigger no
response/extension setting.  They are different but similar in
that they both generally use the same HTML templates.

Fixes #2257
2011-11-15 22:48:54 -05:00
mark_story
550076d75e Fix issue in RequestHandlerComponent.
Fixes issues where response and request properties would
not be set as the initialize() callback would have not fired.

Fixes #2190
Fixes #2189
2011-10-31 22:41:43 -04:00
mark_story
bf43a5ee24 Fix whitespace and add usage to doc block. 2011-10-31 21:56:16 -04:00
José Lorenzo Rodríguez
f51be0a82c Merge pull request #278 from Danielpk/enhancement_auth_deny
Added enhancement to AuthComponent::deny().
2011-10-30 15:38:21 -07:00
Daniel Pakuschewski
09579198a9 Droped support to deny('*'). 2011-10-29 13:54:35 -02:00
Gun.io Whitespace Robot
4742168253 Remove whitespace [Gun.io WhitespaceBot] 2011-10-28 18:25:08 -04:00
Daniel Luiz Pakuschewski
5246e7dd1d Allow AuthComponent to deny all actions with single deny() or deny('*') 2011-10-26 22:07:17 -02:00
mark_story
d62351eb36 Revert the changes done to remove the 'cake' domain
After some discussion, polutting the app POT file
with unchanging Cake strings was incorrect.  Having these
strings in a separate POT file allows reuse of translations across
projects.

Refs #2103
2011-10-23 20:36:31 -04:00
mark_story
e457c14dec Fix issues with stateless authentication.
Cookies and sessions are no longer required for stateful authentication.
AuthComponent::user() also works correctly in these situations as well.

Fixes #2134
2011-10-23 12:54:51 -04:00
Thomas Ploch
521dff8468 Added 'recursive' settings option to BaseAuthenticate and BasicAuthenticate to have a bit more fine grained control in custom Authenticate objects. 2011-10-19 17:54:08 +02:00
Renan Gonçalves
646b8f1aa0 Fixed issue when using multiple extensions in Router::parseExtensions() could result in undefined index notice by RequestHandlerComponent. 2011-10-19 15:36:00 +02:00
Rachman Chavik
2bb93761cc fixing typos 2011-10-19 12:19:28 +07:00
ADmad
fc5a465189 Cleaning up code left over from 1.3. If no black-hole callback is specified Security::blackHole() now throws an exception. Closes #1532 2011-10-19 02:32:38 +05:30
Jose Lorenzo Rodriguez
91d0a081fb Fixing more links in doc blocks 2011-10-15 11:38:49 -04:30
Jose Lorenzo Rodriguez
670917070e Changing a bunch of links in doc blocks 2011-10-15 10:43:26 -04:30
mark_story
6bf6d79979 Removing 'cake' domain from core.
This domain was supposed to be replaced by cake_dev.
There are a number of translations that should be App land as well.
Such as those in helpers.

Fixes #2103
2011-10-14 21:01:17 -04:00
mark_story
4090b3e8c6 Fix content-type detection to accomodate jQuery.
Add tests for jQuery content type strings.
Refactor tests, add in missing assertions and missing parent calls.
The new behavior is more lenient and allows for a single requested
content type to switch the view type.

Fixes #2088
2011-10-12 23:21:07 -04:00
Renan Gonçalves
49f4035412 Fixing bug when trying to Paginate ordering by multiple keys. 2011-10-12 14:51:46 +02:00
mark_story
c4eb19ab91 Adding another import for helpers appended by RequestHandlerComponent.
Fixes #2084.
2011-10-11 12:42:45 -04:00
mark_story
055224ef68 Merge remote-tracking branch 'origin/1.3' into merger
Conflicts:
	cake/libs/controller/controller.php
	cake/libs/model/datasources/dbo/dbo_mysqli.php
	cake/tests/cases/libs/controller/controller.test.php
	cake/tests/cases/libs/model/datasources/dbo/dbo_mysql.test.php
	cake/tests/lib/cake_test_suite_dispatcher.php
	lib/Cake/Model/Behavior/TranslateBehavior.php
	lib/Cake/Model/Datasource/DataSource.php
	lib/Cake/Model/Datasource/Database/Mysql.php
2011-10-06 21:06:40 -04:00
mark_story
9e080951b1 Adding additional documentation for CrudAuthorize.
Fixes #2034
2011-09-28 23:25:14 -04:00
mark_story
a5fe702624 Updating CrudAuthorize to work like ActionsAuthorize.
Updating tests.
Fixes #1749
2011-09-26 20:38:38 -04:00
mark_story
b1dad6e5bd Adding session renewal upon login/logout.
This helps improve session security, as it reduces the opportunity
of replaying a session id successfully.
Fixes #836
2011-09-24 22:35:21 -04:00
mark_story
7cabb4e4d5 Extracting password hashing into as separate method.
This makes is much easier for a subclass to only change how passwords
are hashed.
2011-09-21 07:38:22 -04:00
Mark Story mark@mark-story.com
bb3a1d546b Fixing RequesHandler::prefers(). It was previously entirely wrong.
It took the ordered list of accept types, and blindly assumed
the first in the list was the most preferred.  This is an incorrect
assumption to make, as all types with the same q value are equal.

- Using CakeRequest::parseAccept() to access only the most preferred
content types.
- Using in_array() to check for the desired type.
- Updating tests for RequestHandler.
2011-09-01 00:20:54 +01:00
Juan Basso
840d27bbb9 Fixed the allow method to parameters not be required. 2011-08-30 21:12:57 -04:00
Juan Basso
7d0250ff47 Merge branch '2.0-api-doc' into 2.0 2011-08-26 20:22:26 -04:00
mark_story
6acf024a2b Fixing incorrect keying for ext routing parameter. It was
nested under params[url][ext].  This makes it unlike
all other routing parameters.  Having the nested value
also makes reversing requests harder, and generating urls more
difficult.
Adding a test for Router::reverse() and extensions.
Fixes #1923, fixes #1928
2011-08-22 22:26:02 -04:00
Juan Basso
f7f3515135 Fixed documentation to methods that use func_get_args(). 2011-08-21 21:45:34 -04:00
Juan Basso
689c7ffd45 Fixed some problems caused by the visibility changes. 2011-08-21 01:04:55 -04:00
Mark Story
58888399f1 Adding Todo about moving Cookie setting to CakeResponse. 2011-08-20 17:28:58 -04:00
Juan Basso
a1a049c700 Merge remote-tracking branch 'origin/2.0' into 2.0-api-doc
Conflicts:
	lib/Cake/Model/Model.php
	lib/Cake/View/Helper/CacheHelper.php
2011-08-20 01:47:27 -04:00
Juan Basso
61833294f0 Changed the visibility to methods that not affect others classes. 2011-08-20 01:39:30 -04:00
Juan Basso
f5a54d00dd Changed methods and attributes from private to protected. 2011-08-20 00:43:34 -04:00
Ceeram
acdfb483a7 Change casing of delivery method being passed to transport(), to ensure correct transport class will be loaded 2011-08-19 16:47:46 +02:00
Juan Basso
0575e92833 Added visibility in some methods and attributes. 2011-08-18 22:30:28 -04:00
Juan Basso
16ef234180 Removing trailing spaces. 2011-08-15 23:55:08 -04:00
Juan Basso
620a65b2fc Merge branch '2.0' into 2.0-api-doc
Conflicts:
	lib/Cake/Test/Case/View/Helper/CacheHelperTest.php
	lib/Cake/Utility/Debugger.php
2011-08-14 21:12:05 -04:00
mark_story
3014d3fb84 Fixing issues with CSRF token failure and requestAction.
Fixes #1900
2011-08-12 20:38:24 -04:00
mark_story
1df8de683d Fixing notice error when all csrf tokens are expired at once.
Fixes #1901
2011-08-11 23:06:18 -04:00
Juan Basso
895c10af7b Adjusted some types in @param, @return and @var. 2011-07-31 22:57:17 -04:00
Juan Basso
fedadc091c Included @throws in API that was missing. 2011-07-31 16:55:52 -04:00
Juan Basso
9bc3e567c1 Removed the @access and @static. 2011-07-30 20:56:48 -04:00
Juan Basso
3723f7d396 Fixed some API doc in controllers and errors. 2011-07-30 16:48:37 -04:00
Juan Basso
fbbfbaf870 Fixed some API doc in controller. 2011-07-29 00:06:43 -04:00