Skip to content

Commit 8c7883f

Browse files
markstorymarkstory
committed
Fixing camel cased methods in checks for allowedActions in AuthComponent under PHP5. Normalizes to lowercase method name. Fixes #6142
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@8205 3807eeeb-6ff5-0310-8944-8be069107fe0
1 parent 6a34c9e commit 8c7883f

File tree

2 files changed

+29
-2
lines changed

2 files changed

+29
-2
lines changed

cake/libs/controller/components/auth.php

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -263,6 +263,8 @@ function initialize(&$controller) {
263263
*/
264264
function startup(&$controller) {
265265
$methods = array_flip($controller->methods);
266+
$controllerAction = strtolower($controller->params['action']);
267+
266268
$isErrorOrTests = (
267269
strtolower($controller->name) == 'cakeerror' ||
268270
(strtolower($controller->name) == 'tests' && Configure::read() > 0)
@@ -273,7 +275,7 @@ function startup(&$controller) {
273275

274276
$isMissingAction = (
275277
$controller->scaffold === false &&
276-
!isset($methods[strtolower($controller->params['action'])])
278+
!isset($methods[$controllerAction])
277279
);
278280

279281
if ($isMissingAction) {
@@ -295,7 +297,7 @@ function startup(&$controller) {
295297

296298
$isAllowed = (
297299
$this->allowedActions == array('*') ||
298-
in_array($controller->params['action'], $this->allowedActions)
300+
isset($methods[$controllerAction])
299301
);
300302

301303
if ($loginAction != $url && $isAllowed) {

cake/tests/cases/libs/controller/components/auth.test.php

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -728,7 +728,32 @@ function testAllowDenyAll() {
728728
$this->Controller->params['action'] = 'Add';
729729
$this->assertFalse($this->Controller->Auth->startup($this->Controller));
730730
}
731+
/**
732+
* test that allow() and allowedActions work with camelCase method names.
733+
*
734+
* @return void
735+
**/
736+
function testAllowedActionsWithCamelCaseMethods() {
737+
$url = '/auth_test/camelCase';
738+
$this->Controller->params = Router::parse($url);
739+
$this->Controller->params['url']['url'] = Router::normalize($url);
740+
$this->Controller->Auth->initialize($this->Controller);
741+
$this->Controller->Auth->loginAction = array('controller' => 'AuthTest', 'action' => 'login');
742+
$this->Controller->Auth->userModel = 'AuthUser';
743+
$this->Controller->Auth->allow('*');
744+
$result = $this->Controller->Auth->startup($this->Controller);
745+
$this->assertTrue($result, 'startup() should return true, as action is allowed. %s');
731746

747+
$url = '/auth_test/camelCase';
748+
$this->Controller->params = Router::parse($url);
749+
$this->Controller->params['url']['url'] = Router::normalize($url);
750+
$this->Controller->Auth->initialize($this->Controller);
751+
$this->Controller->Auth->loginAction = array('controller' => 'AuthTest', 'action' => 'login');
752+
$this->Controller->Auth->userModel = 'AuthUser';
753+
$this->Controller->Auth->allowedActions = array('delete', 'camelCase', 'add');
754+
$result = $this->Controller->Auth->startup($this->Controller);
755+
$this->assertTrue($result, 'startup() should return true, as action is allowed. %s');
756+
}
732757
/**
733758
* testLoginRedirect method
734759
*

0 commit comments

Comments
 (0)