cakephp2-php8/lib/Cake/Controller/Component/Auth/ControllerAuthorize.php
AD7six 32df3156a7 consolidate cake_error and cake_developer to simply "cake_dev"
it's a lot easier for adding new translations to think:
	is it for the end user?
		use 'cake' as the domain
	is it for the developer
		use 'cake_dev' as the domain
	is it for the console
		use 'cake_console' as the domain

also neatly avoids the "this message is an error, and it's in
cake_developer, why?" - question (because cake_error was intended for
anything which is used in trigger_error/exceptions, not a variable named
$error
2011-03-20 16:38:31 +01:00

66 lines
No EOL
2 KiB
PHP

<?php
/**
* PHP 5
*
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
* Copyright 2005-2010, Cake Software Foundation, Inc. (http://cakefoundation.org)
*
* Licensed under The MIT License
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright 2005-2010, Cake Software Foundation, Inc. (http://cakefoundation.org)
* @link http://cakephp.org CakePHP(tm) Project
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
*/
App::uses('BaseAuthorize', 'Controller/Component/Auth');
/**
* An authorization adapter for AuthComponent. Provides the ability to authorize using a controller callback.
* Your controller's isAuthorized() method should return a boolean to indicate whether or not the user is authorized.
*
* {{{
* function isAuthorized($user) {
* if (!empty($this->request->params['admin'])) {
* return $user['role'] == 'admin';
* }
* return !empty($user);
* }
* }}}
*
* the above is simple implementation that would only authorize users of the 'admin' role to access
* admin routing.
*
* @package cake.libs.controller.components.auth
* @since 2.0
* @see AuthComponent::$authenticate
*/
class ControllerAuthorize extends BaseAuthorize {
/**
* Get/set the controller this authorize object will be working with. Also checks that isAuthorized is implemented.
*
* @param mixed $controller null to get, a controller to set.
* @return mixed.
*/
public function controller($controller = null) {
if ($controller) {
if (!method_exists($controller, 'isAuthorized')) {
throw new CakeException(__d('cake_dev', '$controller does not implement an isAuthorized() method.'));
}
}
return parent::controller($controller);
}
/**
* Checks user authorization using a controller callback.
*
* @param array $user Active user data
* @param CakeRequest $request
* @return boolean
*/
public function authorize($user, CakeRequest $request) {
return (bool) $this->_Controller->isAuthorized($user);
}
}