/
ControllerAuthorize.php
71 lines (66 loc) · 2.16 KB
/
ControllerAuthorize.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
<?php
/**
*
*
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
*
* Licensed under The MIT License
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
* @link http://cakephp.org CakePHP(tm) Project
* @license http://www.opensource.org/licenses/mit-license.php MIT License
*/
namespace Cake\Controller\Component\Auth;
use Cake\Controller\ComponentRegistry;
use Cake\Controller\Controller;
use Cake\Error;
use Cake\Network\Request;
/**
* An authorization adapter for AuthComponent. Provides the ability to authorize using a controller callback.
* Your controller's isAuthorized() method should return a boolean to indicate whether or not the user is authorized.
*
* {{{
* public function isAuthorized($user) {
* if (!empty($this->request->params['admin'])) {
* return $user['role'] === 'admin';
* }
* return !empty($user);
* }
* }}}
*
* the above is simple implementation that would only authorize users of the 'admin' role to access
* admin routing.
*
* @since 2.0
* @see AuthComponent::$authenticate
*/
class ControllerAuthorize extends BaseAuthorize {
/**
* Get/set the controller this authorize object will be working with. Also checks that isAuthorized is implemented.
*
* @param Controller $controller null to get, a controller to set.
* @return mixed
* @throws Cake\Error\Exception
*/
public function controller(Controller $controller = null) {
if ($controller) {
if (!method_exists($controller, 'isAuthorized')) {
throw new Error\Exception(sprintf('%s does not implement an isAuthorized() method.', get_class($controller)));
}
}
return parent::controller($controller);
}
/**
* Checks user authorization using a controller callback.
*
* @param array $user Active user data
* @param Cake\Network\Request $request
* @return boolean
*/
public function authorize($user, Request $request) {
return (bool)$this->_Controller->isAuthorized($user);
}
}