Commit graph

152 commits

Author SHA1 Message Date
Phally
6b41eaa950 Merge branch 'master' into 2.4 2013-07-26 19:44:11 +02:00
Phally
f7eab23a5c Strips the base off the generated URL from the AuthComponent.
Fixes #3922.
2013-07-26 15:18:28 +02:00
ADmad
d161b21ae1 Merge branch 'master' into 2.4
Conflicts:
	lib/Cake/Controller/Component/AuthComponent.php
2013-07-14 10:58:55 +05:30
mark_story
d40c7376ce Rebalance where URL normalization happens in AuthComponent.
Make URL's not include the base path when storing them in the session.
This makes future redirection simpler. When URL's are an array use
Router::url() on them.

Fixes #3916
2013-07-12 21:54:22 -04:00
mark_story
8133f72b53 Update AuthComponent to not strip when normalizing URLs.
Revert most of the changes done to fix #3897 originally and try
a different strategy of solving the base path issues and not breaking
apps running in a subdirectory.

Fixes #3916
2013-07-12 21:17:25 -04:00
mark_story
f09693f6e8 Merge branch 'master' into 2.4 2013-06-29 23:26:26 -04:00
mark_story
1d18a4f702 Fix issue where redirectURLs were not generated correctly.
When the first path segment matches the base path an incorrect URL was
generated. Trimming slashes off makes Router normalize the URL correctly
as the leading / implies that the base is already prepended.

Fixes #3897
2013-06-29 23:26:13 -04:00
mark_story
dcf7df39d2 Merge branch 'master' into 2.4 2013-06-21 17:47:37 -04:00
Marc Würth
2418ea0a57 Fixed typo in AuthComponent::redirectUrl 2013-06-21 16:49:31 +02:00
Rachman Chavik
0d486bdab4 AuthComponent: Allow suppressing authError message
When unauthenticated users accesses protected areas, they are greeted
with the default 'You are not allowed to access that location' which is
not desired in some cases.

This patch allows applications to suppress this message by setting
AuthComponent::authError to false bypassing the call to
SessionComponent::setFlash() altogether.

Refs: https://github.com/croogo/croogo/pull/175#discussion_r4714240
2013-06-17 09:33:59 +07:00
ADmad
3303a2cda1 Merge branch 'master' into 2.4
Conflicts:
	lib/Cake/Console/Templates/skel/Config/Schema/db_acl.php
	lib/Cake/Console/Templates/skel/Config/Schema/i18n.php
	lib/Cake/Console/Templates/skel/Config/Schema/sessions.php
	lib/Cake/Console/Templates/skel/Config/acl.ini.php
	lib/Cake/Console/Templates/skel/Config/acl.php
	lib/Cake/Console/Templates/skel/Config/bootstrap.php
	lib/Cake/Console/Templates/skel/Config/core.php
	lib/Cake/Console/Templates/skel/Config/database.php.default
	lib/Cake/Console/Templates/skel/Config/email.php.default
	lib/Cake/Console/Templates/skel/Config/routes.php
	lib/Cake/Console/Templates/skel/Console/Command/AppShell.php
	lib/Cake/Console/Templates/skel/Console/cake.bat
	lib/Cake/Console/Templates/skel/Console/cake.php
	lib/Cake/Console/Templates/skel/Controller/AppController.php
	lib/Cake/Console/Templates/skel/Controller/PagesController.php
	lib/Cake/Console/Templates/skel/Model/AppModel.php
	lib/Cake/Console/Templates/skel/View/Errors/error400.ctp
	lib/Cake/Console/Templates/skel/View/Errors/error500.ctp
	lib/Cake/Console/Templates/skel/View/Helper/AppHelper.php
	lib/Cake/Console/Templates/skel/View/Layouts/Emails/html/default.ctp
	lib/Cake/Console/Templates/skel/View/Layouts/ajax.ctp
	lib/Cake/Console/Templates/skel/View/Layouts/default.ctp
	lib/Cake/Console/Templates/skel/View/Layouts/error.ctp
	lib/Cake/Console/Templates/skel/View/Layouts/flash.ctp
	lib/Cake/Console/Templates/skel/View/Pages/home.ctp
	lib/Cake/Console/Templates/skel/index.php
	lib/Cake/Console/Templates/skel/webroot/index.php
	lib/Cake/Console/Templates/skel/webroot/test.php
2013-06-02 18:03:59 +05:30
Marc Würth
4c9f0414cb Improved the DocBlocks and other code cleanup
Fixed @license tag, url comes first
Whitespace and other minor code cleanup
Added some docblocks
2013-05-31 00:11:19 +02:00
ADmad
00f972f033 Deprecated AuthComponent::password() 2013-05-27 00:25:42 +05:30
ADmad
a10275fb8b Merge branch 'master' into 2.4
Conflicts:
	lib/Cake/Test/Case/Model/Datasource/Database/PostgresTest.php
2013-05-05 14:36:46 +05:30
euromark
09d9efe235 spelling corrections (a url to an URL, unify URL) 2013-04-29 11:05:17 +02:00
ADmad
3db632732c Avoid unnecessary overhead if user record already available from session. 2013-04-23 01:35:04 +05:30
mark_story
3fc627c5f8 Merge branch 'master' into 2.4
Conflicts:
	lib/Cake/Controller/Component/AuthComponent.php
	lib/Cake/Error/ErrorHandler.php
	lib/Cake/Test/Case/Controller/Component/AuthComponentTest.php
	lib/Cake/View/Helper/HtmlHelper.php
2013-03-30 22:12:27 -04:00
ADmad
342bf65811 Ensure referrer is saved in session even when AuthComponent::$loginRedirect is set.
Clarified redirectUrl() docblock.
2013-03-27 15:11:02 +05:30
ADmad
8e299fc404 Move 'Auth.redirect' session value clearing from AuthComponent::shutdown() to prevent unnecessary session start.
Closes #3702
2013-03-14 12:42:21 +05:30
ADmad
b7834a2b16 Implemented stateless login for Auth 2013-03-10 00:11:35 +05:30
mark_story
4b13e0a5f2 Merge branch 'master' into 2.4
Conflicts:
	lib/Cake/VERSION.txt
2013-03-04 21:55:29 -05:00
mark_story
d9fbe5e00a Tidy up doc blocks.
These kind of changes make tidyier method summaries in apigen.
2013-02-26 21:43:53 -05:00
mark_story
d1c88ebf8a Merge branch 'master' into 2.4
Conflicts:
	lib/Cake/Log/Engine/FileLog.php
	lib/Cake/Utility/Validation.php
	lib/Cake/View/Helper/HtmlHelper.php
2013-02-24 20:24:26 -05:00
ADmad
49157d83ae Breaking down AuthComponent::startup() into multiple methods for easier management and extension. 2013-02-10 13:49:07 +05:30
ADmad
a7c751922d Replace loose comparison with casting to boolean.
In any case AuthComponent::user() returns null not empty array when user isn't logged in.
2013-02-10 12:16:20 +05:30
ADmad
a9bbfd80c7 Added type hinting 2013-02-09 18:09:11 +05:30
Graham Weldon
66d856d883 Added extra line for referencing license file for copyright 2013-02-08 21:22:51 +09:00
Graham Weldon
7b860debe4 This commit is dedicated to Mark Story, who has put in much dedicated time and effort into CakePHP over the years.
I just wanted to ruin his evening, because this change needs to be merged into CakePHP 3.0.
2013-02-08 20:59:49 +09:00
ADmad
04ec9dd614 Renamed AuthComponent::redirect() to AuthComponent::redirectUrl().
Closes #3268
2013-01-27 21:22:11 +05:30
ADmad
676872d623 Allow AuthComponent::$unauthorizedRedirect to be an url.
Closes #3494
2013-01-12 11:25:13 +05:30
ADmad
594a19c4e1 Fix docblock 2012-12-28 02:02:05 +05:30
euromark
b811afbc44 double spaces to single ones 2012-12-22 23:48:15 +01:00
ADmad
72d6ca636f Docblock fixes 2012-11-29 04:36:29 +05:30
ADmad
1c0492eb8b Allow throwing exception instead of redirecting upon unauthorized access attempt. Closes #591 2012-10-04 18:40:57 +05:30
Jose Lorenzo Rodriguez
d5c9d97dc1 Merge remote-tracking branch 'origin/master' into 2.3
Conflicts:
	lib/Cake/Model/Behavior/TranslateBehavior.php
	lib/Cake/Model/CakeSchema.php
	lib/Cake/Utility/CakeTime.php
	lib/Cake/Utility/ClassRegistry.php
	lib/Cake/View/MediaView.php
2012-09-25 16:36:03 +02:00
mark_story
0282194c20 Make permission denied redirects host relative.
This helps fix infinite redirect loops when HTTP_X_FORWARDED_HOST is
set, and fixes redirects back to external domains on authentication
errors.

Fixes #3207
2012-09-14 09:39:45 -04:00
dogmatic69
2c70319d27 Cleaning up the AuthComponent
Simplify if statements, return early and less variable use
2012-09-14 01:50:24 +01:00
Thom Seddon
f3ba2bdb7d Remove legacy test for all actions allowed (*) in startup and tidy code 2012-08-24 19:30:25 +01:00
Spencer Ellinor
8a41fb0c34 Fix issue and remove unneccesary code. The (fixed) conditional doesn't do anything, since if Hash::get returns null, the function still returns null. 2012-07-25 15:09:22 -04:00
Ceeram
03e2263b69 Merge branch '2.1' into 2.2 2012-06-19 18:35:36 +02:00
mark_story
f9ddc9c64c Move error disabling to the error controller. 2012-06-18 22:08:39 -04:00
Ceeram
6c9b2a1fec Fix user() return value for nested data 2012-05-31 15:13:24 +02:00
Jelle Henkens
f7ce5262b7 Updating mixed @param documentation to seperate list of accepted types 2012-05-21 21:55:10 +01:00
Jose Lorenzo Rodriguez
bf0f5ab118 Merge remote-tracking branch 'origin/2.1' into 2.2 2012-04-29 20:05:39 -04:30
Kyle Robinson Young
b8488b8dfe Update 1.x @link in docblocks 2012-04-26 19:49:18 -07:00
mark_story
9f9feec222 Merge branch '2.2-hash' into 2.2
Conflicts:
	lib/Cake/Test/Case/Model/Datasource/DboSourceTest.php
	lib/Cake/View/Helper/FormHelper.php
2012-04-10 21:32:37 -04:00
Kyle Robinson Young
319d154aee Default to loginRedirect, if set, on authError in AuthComponent
Implements #2390
Based on the patch written by @dereuromark
2012-03-27 22:51:47 -07:00
mark_story
19e0d8d946 Switch usage to Hash where possible. 2012-03-26 22:32:53 -04:00
Juan Basso
c754fb2dcb Updated copyright to 2012. 2012-03-12 22:46:46 -04:00
Juan Basso
3b1bd90ad6 Updated copyright to 2012. 2012-03-12 22:46:07 -04:00
mark_story
61aba0f0f8 Fix most coding standard issues in Controller. 2012-03-03 19:27:46 -05:00
euromark
22452f61f8 type hinting controllers and views 2012-02-25 19:46:06 -05:00
mark_story
7877e7f997 Make allow(null) and deny(null) consistent with no args.
No arguments and a single null should be handled the same.

Fixes #2461
2012-01-10 20:32:12 -05:00
ADmad
389072708a Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Test/Case/Model/ModelReadTest.php
	lib/Cake/Utility/Debugger.php
2011-12-22 03:15:04 +05:30
mark_story
321caf6db6 Fix incorrect value being stored in Auth.redirect.
An incorrect value would be stored in Auth.redirect when
a custom route with the `pass` key set.

Fixes #2366
2011-12-15 22:56:39 -05:00
mark_story
6d269ce25d Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Config/config.php
	lib/Cake/Console/Command/Task/ModelTask.php
	lib/Cake/Console/Command/TestsuiteShell.php
	lib/Cake/Model/CakeSchema.php
	lib/Cake/Model/Datasource/Database/Sqlite.php
	lib/Cake/Test/Case/Model/ModelTestBase.php
	lib/Cake/Test/Case/Routing/DispatcherTest.php
	lib/Cake/Test/Case/Utility/FileTest.php
	lib/Cake/VERSION.txt
2011-12-03 13:45:28 -05:00
Kyle Robinson Young
8197f87dbc Spelling and grammar fixes 2011-12-01 21:58:09 -08:00
Jose Lorenzo Rodriguez
f6534d2962 Fixing issue where changing the case for an action in the url would allow the action in the AuthComponent making it accessible to not-logged in users 2011-11-28 00:52:47 -04:30
mark_story
21cd3f00ac Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Test/Case/BasicsTest.php
2011-11-19 20:40:07 -05:00
mark_story
92aea9de88 Update comment. 2011-11-16 23:17:48 -05:00
Daniel Pakuschewski
841c0c2295 Dropped support for wildcard in AuthComponent::allow()
Conflicts:

	lib/Cake/Controller/Component/AuthComponent.php
2011-11-15 23:01:04 -05:00
mark_story
bf43a5ee24 Fix whitespace and add usage to doc block. 2011-10-31 21:56:16 -04:00
José Lorenzo Rodríguez
f51be0a82c Merge pull request #278 from Danielpk/enhancement_auth_deny
Added enhancement to AuthComponent::deny().
2011-10-30 15:38:21 -07:00
Daniel Pakuschewski
09579198a9 Droped support to deny('*'). 2011-10-29 13:54:35 -02:00
Gun.io Whitespace Robot
4742168253 Remove whitespace [Gun.io WhitespaceBot] 2011-10-28 18:25:08 -04:00
Daniel Luiz Pakuschewski
5246e7dd1d Allow AuthComponent to deny all actions with single deny() or deny('*') 2011-10-26 22:07:17 -02:00
mark_story
d62351eb36 Revert the changes done to remove the 'cake' domain
After some discussion, polutting the app POT file
with unchanging Cake strings was incorrect.  Having these
strings in a separate POT file allows reuse of translations across
projects.

Refs #2103
2011-10-23 20:36:31 -04:00
mark_story
e457c14dec Fix issues with stateless authentication.
Cookies and sessions are no longer required for stateful authentication.
AuthComponent::user() also works correctly in these situations as well.

Fixes #2134
2011-10-23 12:54:51 -04:00
Rachman Chavik
2bb93761cc fixing typos 2011-10-19 12:19:28 +07:00
Jose Lorenzo Rodriguez
670917070e Changing a bunch of links in doc blocks 2011-10-15 10:43:26 -04:30
mark_story
6bf6d79979 Removing 'cake' domain from core.
This domain was supposed to be replaced by cake_dev.
There are a number of translations that should be App land as well.
Such as those in helpers.

Fixes #2103
2011-10-14 21:01:17 -04:00
mark_story
9e080951b1 Adding additional documentation for CrudAuthorize.
Fixes #2034
2011-09-28 23:25:14 -04:00
mark_story
b1dad6e5bd Adding session renewal upon login/logout.
This helps improve session security, as it reduces the opportunity
of replaying a session id successfully.
Fixes #836
2011-09-24 22:35:21 -04:00
mark_story
7cabb4e4d5 Extracting password hashing into as separate method.
This makes is much easier for a subclass to only change how passwords
are hashed.
2011-09-21 07:38:22 -04:00
Juan Basso
840d27bbb9 Fixed the allow method to parameters not be required. 2011-08-30 21:12:57 -04:00
Juan Basso
f7f3515135 Fixed documentation to methods that use func_get_args(). 2011-08-21 21:45:34 -04:00
Juan Basso
61833294f0 Changed the visibility to methods that not affect others classes. 2011-08-20 01:39:30 -04:00
Juan Basso
895c10af7b Adjusted some types in @param, @return and @var. 2011-07-31 22:57:17 -04:00
Juan Basso
fedadc091c Included @throws in API that was missing. 2011-07-31 16:55:52 -04:00
Juan Basso
9bc3e567c1 Removed the @access and @static. 2011-07-30 20:56:48 -04:00
Juan Basso
3723f7d396 Fixed some API doc in controllers and errors. 2011-07-30 16:48:37 -04:00
Jose Lorenzo Rodriguez
cfd2d9e00b Updating all @package annotations in doc blocks 2011-07-26 01:46:14 -04:30
mark_story
71933f5cf5 Adding a logout callback to authenticate objects.
Adding tests for the callback.
Adding doc blocks for the new callback.
Fixes #1758
2011-07-03 12:53:21 -04:00
mark_story
182a89b0a0 Fixing default/fallback url when no referrer is set.
Fixes #1761
2011-06-09 20:34:17 -04:00
Juan Basso
192812ee7f Updating the copyright to 2011. 2011-05-30 22:32:43 -04:00
Ceeram
2d78d59a7b Small optimization, remove unneeded else 2011-05-27 23:13:57 +02:00
Jose Lorenzo Rodriguez
91bce16e9d Merge remote-tracking branch 'origin/2.0' into 2.0-merge
Conflicts:
	lib/Cake/Test/Case/Console/Command/Task/TemplateTaskTest.php
	lib/Cake/Test/Case/Controller/Component/Auth/FormAuthenticate.php
	lib/Cake/Test/Case/Log/Engine/FileLog.php
	lib/Cake/Test/test_app/Plugin/TestPlugin/View/Helper/plugged_helper.php
	lib/Cake/Test/test_app/Plugin/TestPlugin/View/Helper/test_plugin_app.php
	lib/Cake/tests/Case/Controller/Component/Auth/FormAuthenticate.php
	lib/Cake/tests/Case/Controller/Component/Auth/FormAuthenticateTest.php
	lib/Cake/tests/Case/Log/Engine/FileLog.php
	lib/Cake/tests/Case/Log/Engine/FileLogTest.php
	lib/Cake/tests/test_app/plugins/test_plugin/View/Helper/PluggedHelper.php
	lib/Cake/tests/test_app/plugins/test_plugin/View/Helper/TestPluginAppHelper.php
	lib/Cake/tests/test_app/plugins/test_plugin/View/Helper/plugged_helper.php
	lib/Cake/tests/test_app/plugins/test_plugin/View/Helper/test_plugin_app.php
2011-05-15 00:40:54 -04:30
Jose Lorenzo Rodriguez
7ba60ff424 Changing more paths 2011-05-13 03:15:04 -04:30
mark_story
339db4033f Removing goofy protected field that didn't work all the time.
Making AuthComponent::loggedIn() check the current user status.
Fixes #1694
2011-05-09 21:54:59 -04:00
Jose Lorenzo Rodriguez
000e05b468 Merge remote-tracking branch 'origin/2.0' into 2.0-class-loading
Conflicts:
	cake/libs/view/helpers/js.php
	cake/tests/lib/templates/missing_conenction.php
	cake/tests/lib/templates/missing_connection.php
	lib/Cake/Model/ConnectionManager.php
	lib/Cake/TestSuite/templates/missing_conenction.php
	lib/Cake/View/Helper/FormHelper.php
	lib/Cake/tests/Case/Core/ConfigureTest.php
2011-04-11 22:48:08 -04:30
AD7six
32df3156a7 consolidate cake_error and cake_developer to simply "cake_dev"
it's a lot easier for adding new translations to think:
	is it for the end user?
		use 'cake' as the domain
	is it for the developer
		use 'cake_dev' as the domain
	is it for the console
		use 'cake_console' as the domain

also neatly avoids the "this message is an error, and it's in
cake_developer, why?" - question (because cake_error was intended for
anything which is used in trigger_error/exceptions, not a variable named
$error
2011-03-20 16:38:31 +01:00
AD7six
f95340b361 use the domain cake_error for error message intended for the developer 2011-03-19 18:07:05 +01:00
AD7six
cb7f0f087e translation changes in the controller ditranslation changes in the
controller dirr
2011-03-12 19:59:40 +01:00
Jose Lorenzo Rodriguez
cacbab168a Fixing som package location in AuthComponent 2011-03-05 17:54:42 -04:30
Jose Lorenzo Rodriguez
f1e2f5e949 Starting to migrate AuthComponent to the new class loader 2011-03-05 17:40:42 -04:30
José Lorenzo Rodríguez
4cebe55a9b Merge remote-tracking branch 'origin/2.0' into 2.0-class-loading
Conflicts:
	app/webroot/index.php
	lib/Cake/Controller/Component/AuthComponent.php
	lib/Cake/Network/CakeRequest.php
	lib/Cake/tests/cases/libs/controller/components/auth.test.php
2011-02-21 22:28:30 -04:30
José Lorenzo Rodríguez
06fb51f19d Added some missing App::uses() calls 2011-01-28 02:06:30 -04:30
José Lorenzo Rodríguez
4c0e06c451 Merge remote branch 'origin/2.0' into 2.0-class-loading
Conflicts:
	cake/bootstrap.php
	cake/libs/view/helpers/js.php
	lib/Cake/Model/AclNode.php
	lib/Cake/Model/ConnectionManager.php
	lib/Cake/bootstrap.php
	lib/Cake/tests/cases/libs/controller/controller.test.php
2011-01-02 02:00:03 -04:30
José Lorenzo Rodríguez
827a74b734 Merge remote branch 'origin/2.0' into 2.0-class-loading 2010-12-19 23:12:37 -04:30
José Lorenzo Rodríguez
8436fd53d0 Changing initial uses of App::uses() to the new packages system 2010-12-15 01:20:02 -04:30