request->params['admin'])) { * return $user['role'] === 'admin'; * } * return !empty($user); * } * }}} * * the above is simple implementation that would only authorize users of the 'admin' role to access * admin routing. * * @package Cake.Controller.Component.Auth * @since 2.0 * @see AuthComponent::$authenticate */ class ControllerAuthorize extends BaseAuthorize { /** * Get/set the controller this authorize object will be working with. Also checks that isAuthorized is implemented. * * @param Controller $controller null to get, a controller to set. * @return mixed * @throws CakeException */ public function controller(Controller $controller = null) { if ($controller) { if (!method_exists($controller, 'isAuthorized')) { throw new CakeException(__d('cake_dev', '$controller does not implement an isAuthorized() method.')); } } return parent::controller($controller); } /** * Checks user authorization using a controller callback. * * @param array $user Active user data * @param CakeRequest $request * @return boolean */ public function authorize($user, CakeRequest $request) { return (bool)$this->_Controller->isAuthorized($user); } }