Merge remote-tracking branch 'origin/3.0' into 3.0-move-exception

Conflicts: src/Auth/BaseAuthorize.php src/Auth/ControllerAuthorize.php src/Controller/Component/AuthComponent.php
cakephp · Aug 30, 2014 · 3265326 · 3265326
2 parents ef8cedf + 8eba226
commit 3265326
Show file tree

Hide file tree

Showing 6 changed files with 57 additions and 165 deletions.
diff --git a/src/Auth/BaseAuthorize.php b/src/Auth/BaseAuthorize.php
@@ -30,13 +30,6 @@ abstract class BaseAuthorize {
 
 	use InstanceConfigTrait;
 
-/**
- * Controller for the request.
- *
- * @var Controller
- */
-	protected $_Controller = null;
-
 /**
  * ComponentRegistry instance for getting more components.
  *
@@ -47,25 +40,9 @@ abstract class BaseAuthorize {
 /**
  * Default config for authorize objects.
  *
- * - `actionPath` - The path to ACO nodes that contains the nodes for controllers. Used as a prefix
- *    when calling $this->action();
- * - `actionMap` - Action -> crud mappings. Used by authorization objects that want to map actions to CRUD roles.
- * - `userModel` - Model name that ARO records can be found under. Defaults to 'User'.
- *
  * @var array
  */
-	protected $_defaultConfig = [
-		'actionPath' => null,
-		'actionMap' => [
-			'index' => 'read',
-			'add' => 'create',
-			'edit' => 'update',
-			'view' => 'read',
-			'delete' => 'delete',
-			'remove' => 'delete'
-		],
-		'userModel' => 'Users'
-	];
+	protected $_defaultConfig = [];
 
 /**
  * Constructor
@@ -75,8 +52,6 @@ abstract class BaseAuthorize {
  */
 	public function __construct(ComponentRegistry $registry, array $config = array()) {
 		$this->_registry = $registry;
-		$controller = $registry->getController();
-		$this->controller($controller);
 		$this->config($config);
 	}
 
@@ -89,87 +64,4 @@ public function __construct(ComponentRegistry $registry, array $config = array()
  */
 	abstract public function authorize($user, Request $request);
 
-/**
- * Accessor to the controller object.
- *
- * @param Controller $controller null to get, a controller to set.
- * @return mixed
- * @throws \Cake\Core\Exception\Exception
- */
-	public function controller(Controller $controller = null) {
-		if ($controller) {
-			if (!$controller instanceof Controller) {
-				throw new Exception('$controller needs to be an instance of Controller');
-			}
-			$this->_Controller = $controller;
-			return true;
-		}
-		return $this->_Controller;
-	}
-
-/**
- * Get the action path for a given request. Primarily used by authorize objects
- * that need to get information about the plugin, controller, and action being invoked.
- *
- * @param \Cake\Network\Request $request The request a path is needed for.
- * @param string $path Path
- * @return string The action path for the given request.
- */
-	public function action(Request $request, $path = '/:plugin/:controller/:action') {
-		$plugin = empty($request['plugin']) ? null : Inflector::camelize($request['plugin']) . '/';
-		$path = str_replace(
-			array(':controller', ':action', ':plugin/'),
-			array(Inflector::camelize($request['controller']), $request['action'], $plugin),
-			$this->_config['actionPath'] . $path
-		);
-		$path = str_replace('//', '/', $path);
-		return trim($path, '/');
-	}
-
-/**
- * Maps crud actions to actual action names. Used to modify or get the current mapped actions.
- *
- * Create additional mappings for a standard CRUD operation:
- *
- * {{{
- * $this->Auth->mapActions(array('create' => array('add', 'register'));
- * }}}
- *
- * Or equivalently:
- *
- * {{{
- * $this->Auth->mapActions(array('register' => 'create', 'add' => 'create'));
- * }}}
- *
- * Create mappings for custom CRUD operations:
- *
- * {{{
- * $this->Auth->mapActions(array('range' => 'search'));
- * }}}
- *
- * You can use the custom CRUD operations to create additional generic permissions
- * that behave like CRUD operations. Doing this will require additional columns on the
- * permissions lookup. For example if one wanted an additional search CRUD operation
- * one would create and additional column '_search' in the aros_acos table. One could
- * create a custom admin CRUD operation for administration functions similarly if needed.
- *
- * @param array $map Either an array of mappings, or undefined to get current values.
- * @return mixed Either the current mappings or null when setting.
- * @see AuthComponent::mapActions()
- */
-	public function mapActions(array $map = array()) {
-		if (empty($map)) {
-			return $this->_config['actionMap'];
-		}
-		foreach ($map as $action => $type) {
-			if (is_array($type)) {
-				foreach ($type as $typedAction) {
-					$this->_config['actionMap'][$typedAction] = $action;
-				}
-			} else {
-				$this->_config['actionMap'][$action] = $type;
-			}
-		}
-	}
-
 }
diff --git a/src/Auth/ControllerAuthorize.php b/src/Auth/ControllerAuthorize.php
@@ -14,44 +14,66 @@
  */
 namespace Cake\Auth;
 
+use Cake\Controller\ComponentRegistry;
 use Cake\Controller\Controller;
 use Cake\Core\Exception\Exception;
 use Cake\Network\Request;
 
 /**
- * An authorization adapter for AuthComponent. Provides the ability to authorize using a controller callback.
- * Your controller's isAuthorized() method should return a boolean to indicate whether or not the user is authorized.
+ * An authorization adapter for AuthComponent. Provides the ability to authorize
+ * using a controller callback. Your controller's isAuthorized() method should
+ * return a boolean to indicate whether or not the user is authorized.
  *
  * {{{
  *	public function isAuthorized($user) {
- *		if (!empty($this->request->params['admin'])) {
+ *		if ($this->request->param('admin')) {
  *			return $user['role'] === 'admin';
  *		}
  *		return !empty($user);
  *	}
  * }}}
  *
- * the above is simple implementation that would only authorize users of the 'admin' role to access
- * admin routing.
+ * The above is simple implementation that would only authorize users of the
+ * 'admin' role to access admin routing.
  *
  * @see AuthComponent::$authenticate
  */
 class ControllerAuthorize extends BaseAuthorize {
 
 /**
- * Get/set the controller this authorize object will be working with. Also checks that isAuthorized is implemented.
+ * Controller for the request.
+ *
+ * @var \Cake\Controller\Controller
+ */
+	protected $_Controller = null;
+
+/**
+ * {@inheritDoc}
+ */
+	public function __construct(ComponentRegistry $registry, array $config = array()) {
+		parent::__construct($registry, $config);
+		$this->controller($registry->getController());
+	}
+
+/**
+ * Get/set the controller this authorize object will be working with. Also
+ * checks that isAuthorized is implemented.
  *
  * @param Controller $controller null to get, a controller to set.
- * @return mixed
- * @throws \Cake\Core\Exception\Exception
+ * @return \Cake\Controller\Controller
+ * @throws \Cake\Error\Exception If controller does not have method `isAuthorized()`.
  */
 	public function controller(Controller $controller = null) {
 		if ($controller) {
 			if (!method_exists($controller, 'isAuthorized')) {
-				throw new Exception(sprintf('%s does not implement an isAuthorized() method.', get_class($controller)));
+				throw new Exception(sprintf(
+					'%s does not implement an isAuthorized() method.',
+					get_class($controller)
+				));
 			}
+			$this->_Controller = $controller;
 		}
-		return parent::controller($controller);
+		return $this->_Controller;
 	}
 
 /**

diff --git a/src/Auth/WeakPasswordHasher.php b/src/Auth/WeakPasswordHasher.php
@@ -15,6 +15,8 @@
 namespace Cake\Auth;
 
 use Cake\Auth\AbstractPasswordHasher;
+use Cake\Core\Configure;
+use Cake\Utility\Debugger;
 use Cake\Utility\Security;
 
 /**
@@ -34,6 +36,16 @@ class WeakPasswordHasher extends AbstractPasswordHasher {
 		'hashType' => null
 	];
 
+/**
+ * {@inheritDoc}
+ */
+	public function __construct(array $config = []) {
+		if (Configure::read('debug')) {
+			Debugger::checkSecurityKeys();
+		}
+		parent::config($config);
+	}
+
 /**
  * Generates password hash.
  *

diff --git a/src/Controller/Component/AuthComponent.php b/src/Controller/Component/AuthComponent.php
@@ -18,7 +18,6 @@
 use Cake\Controller\ComponentRegistry;
 use Cake\Controller\Controller;
 use Cake\Core\App;
-use Cake\Core\Configure;
 use Cake\Core\Exception\Exception;
 use Cake\Error;
 use Cake\Error\Debugger;
@@ -250,10 +249,6 @@ public function __construct(ComponentRegistry $registry, array $config = []) {
 		$this->response = $controller->response;
 		$this->_methods = $controller->methods;
 		$this->session = $controller->request->session();
-
-		if (Configure::read('debug')) {
-			Debugger::checkSecurityKeys();
-		}
 	}
 
 /**
@@ -561,27 +556,6 @@ public function deny($actions = null) {
 		$this->allowedActions = array_values($this->allowedActions);
 	}
 
-/**
- * Maps action names to CRUD operations.
- *
- * Used for controller-based authentication. Make sure
- * to configure the authorize property before calling this method. As it delegates $map to all the
- * attached authorize objects.
- *
- * @param array $map Actions to map
- * @return void
- * @see BaseAuthorize::mapActions()
- * @link http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#mapping-actions-when-using-crudauthorize
- */
-	public function mapActions(array $map = array()) {
-		if (empty($this->_authorizeObjects)) {
-			$this->constructAuthorize();
-		}
-		foreach ($this->_authorizeObjects as $auth) {
-			$auth->mapActions($map);
-		}
-	}
-
 /**
  * Set provided user info to session as logged in user.
  *

diff --git a/tests/TestCase/Auth/WeakPasswordHasherTest.php b/tests/TestCase/Auth/WeakPasswordHasherTest.php
@@ -15,6 +15,7 @@
 namespace Cake\Test\TestCase\Auth;
 
 use Cake\Auth\WeakPasswordHasher;
+use Cake\Core\Configure;
 use Cake\TestSuite\TestCase;
 
 /**
@@ -23,6 +24,17 @@
  */
 class WeakPasswordHasherTest extends TestCase {
 
+/**
+ * setUp method
+ *
+ * @return void
+ */
+	public function setUp() {
+		parent::setUp();
+
+		Configure::write('Security.salt', 'YJfIxfs2guVoUubWDYhG93b0qyJfIxfs2guwvniR2G0FgaC9mi');
+	}
+
 /**
  * Tests that any password not produced by WeakPasswordHasher needs
  * to be rehashed

diff --git a/tests/TestCase/Controller/Component/AuthComponentTest.php b/tests/TestCase/Controller/Component/AuthComponentTest.php
@@ -1044,26 +1044,6 @@ public function testLogoutTrigger() {
 		$this->Auth->logout();
 	}
 
-/**
- * test mapActions loading and delegating to authorize objects.
- *
- * @return void
- */
-	public function testMapActionsDelegation() {
-		$MapActionMockAuthorize = $this->getMock(
-			'Cake\Controller\Component\Auth\BaseAuthorize',
-			array('authorize', 'mapActions'), array(), '', false
-		);
-
-		$this->Auth->authorize = array('MapActionMock');
-		$this->Auth->setAuthorizeObject(0, $MapActionMockAuthorize);
-		$MapActionMockAuthorize->expects($this->once())
-			->method('mapActions')
-			->with(array('create' => array('my_action')));
-
-		$this->Auth->mapActions(array('create' => array('my_action')));
-	}
-
 /**
  * test setting user info to session.
  *