fixes #6062, AuthComponent and Controller::scaffold

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@8018 3807eeeb-6ff5-0310-8944-8be069107fe0

cake/libs/controller/components/auth.php

@@ -262,14 +262,24 @@ function initialize(&$controller) {
  * @access public
  */
 	function startup(&$controller) {
+		$methods = array_flip($controller->methods);
 		$isErrorOrTests = (
 			strtolower($controller->name) == 'cakeerror' ||
-			(strtolower($controller->name) == 'tests' && Configure::read() > 0) ||
-			!in_array(strtolower($controller->params['action']), $controller->methods)
+			(strtolower($controller->name) == 'tests' && Configure::read() > 0)
 		);
 		if ($isErrorOrTests) {
 			return true;
 		}
+
+		$isMissingAction = (
+			$controller->scaffold === false &&
+			!isset($methods[strtolower($controller->params['action'])])
+		);
+
+		if ($isMissingAction) {
+			return true;
+		}
+
 		if (!$this->__setDefaults()) {
 			return false;
 		}
@@ -282,6 +292,7 @@ function startup(&$controller) {
 		}
 		$url = Router::normalize($url);
 		$loginAction = Router::normalize($this->loginAction);
+
 		$isAllowed = (
 			$this->allowedActions == array('*') ||
 			in_array($controller->params['action'], $this->allowedActions)

cake/tests/cases/libs/controller/components/auth.test.php

@@ -448,6 +448,26 @@ function startTest() {
 	function testNoAuth() {
 		$this->assertFalse($this->Controller->Auth->isAuthorized());
 	}
+/**
+ * testIsErrorOrTests
+ *
+ * @access public
+ * @return void
+ */
+	function testIsErrorOrTests() {
+		$this->Controller->Auth->initialize($this->Controller);
+
+		$this->Controller->name = 'CakeError';
+		$this->assertTrue($this->Controller->Auth->startup($this->Controller));
+
+		$this->Controller->name = 'Post';
+		$this->Controller->params['action'] = 'thisdoesnotexist';
+		$this->assertTrue($this->Controller->Auth->startup($this->Controller));
+
+		$this->Controller->scaffold = null;
+		$this->Controller->params['action'] = 'index';
+		$this->assertFalse($this->Controller->Auth->startup($this->Controller));
+	}
 /**
  * testLogin method
  *
@@ -812,7 +832,7 @@ function testLoginRedirect() {
 /**
  * Ensure that no redirect is performed when a 404 is reached
  * And the user doesn't have a session.
- * 
+ *
  * @return void
  **/
 	function testNoRedirectOn404() {
@@ -894,7 +914,7 @@ function testInjection() {
 
 		$this->Controller->Auth->startup($this->Controller);
 		$this->assertTrue(is_null($this->Controller->Auth->user()));
-		
+
 		unset($this->Controller->data['AuthUser']['password']);
 		$this->Controller->data['AuthUser']['username'] = "1'1";
 		$this->Controller->Auth->initialize($this->Controller);
@@ -980,7 +1000,7 @@ function testCustomRoute() {
 		$this->Controller->Auth->startup($this->Controller);
 		$user = $this->Controller->Auth->user();
 		$this->assertTrue(!!$user);
-		
+
 		$this->Controller->Session->del('Auth');
 		Router::reload();
 		Router::connect('/', array('controller' => 'people', 'action' => 'login'));
@@ -1152,4 +1172,4 @@ function tearDown() {
 		unset($this->Controller, $this->AuthUser);
 	}
 }
-?>
+?>