| 13532 |
anikendra |
1 |
<?php
|
|
|
2 |
/**
|
|
|
3 |
*
|
|
|
4 |
*
|
|
|
5 |
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
|
|
6 |
* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
|
|
7 |
*
|
|
|
8 |
* Licensed under The MIT License
|
|
|
9 |
* For full copyright and license information, please see the LICENSE.txt
|
|
|
10 |
* Redistributions of files must retain the above copyright notice.
|
|
|
11 |
*
|
|
|
12 |
* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
|
|
13 |
* @link http://cakephp.org CakePHP(tm) Project
|
|
|
14 |
* @license http://www.opensource.org/licenses/mit-license.php MIT License
|
|
|
15 |
*/
|
|
|
16 |
|
|
|
17 |
App::uses('BaseAuthorize', 'Controller/Component/Auth');
|
|
|
18 |
|
|
|
19 |
/**
|
|
|
20 |
* An authorization adapter for AuthComponent. Provides the ability to authorize using a controller callback.
|
|
|
21 |
* Your controller's isAuthorized() method should return a boolean to indicate whether or not the user is authorized.
|
|
|
22 |
*
|
|
|
23 |
* {{{
|
|
|
24 |
* public function isAuthorized($user) {
|
|
|
25 |
* if (!empty($this->request->params['admin'])) {
|
|
|
26 |
* return $user['role'] === 'admin';
|
|
|
27 |
* }
|
|
|
28 |
* return !empty($user);
|
|
|
29 |
* }
|
|
|
30 |
* }}}
|
|
|
31 |
*
|
|
|
32 |
* the above is simple implementation that would only authorize users of the 'admin' role to access
|
|
|
33 |
* admin routing.
|
|
|
34 |
*
|
|
|
35 |
* @package Cake.Controller.Component.Auth
|
|
|
36 |
* @since 2.0
|
|
|
37 |
* @see AuthComponent::$authenticate
|
|
|
38 |
*/
|
|
|
39 |
class ControllerAuthorize extends BaseAuthorize {
|
|
|
40 |
|
|
|
41 |
/**
|
|
|
42 |
* Get/set the controller this authorize object will be working with. Also checks that isAuthorized is implemented.
|
|
|
43 |
*
|
|
|
44 |
* @param Controller $controller null to get, a controller to set.
|
|
|
45 |
* @return mixed
|
|
|
46 |
* @throws CakeException
|
|
|
47 |
*/
|
|
|
48 |
public function controller(Controller $controller = null) {
|
|
|
49 |
if ($controller) {
|
|
|
50 |
if (!method_exists($controller, 'isAuthorized')) {
|
|
|
51 |
throw new CakeException(__d('cake_dev', '$controller does not implement an %s method.', 'isAuthorized()'));
|
|
|
52 |
}
|
|
|
53 |
}
|
|
|
54 |
return parent::controller($controller);
|
|
|
55 |
}
|
|
|
56 |
|
|
|
57 |
/**
|
|
|
58 |
* Checks user authorization using a controller callback.
|
|
|
59 |
*
|
|
|
60 |
* @param array $user Active user data
|
|
|
61 |
* @param CakeRequest $request
|
|
|
62 |
* @return boolean
|
|
|
63 |
*/
|
|
|
64 |
public function authorize($user, CakeRequest $request) {
|
|
|
65 |
return (bool)$this->_Controller->isAuthorized($user);
|
|
|
66 |
}
|
|
|
67 |
|
|
|
68 |
}
|