Skip to content
This repository
Browse code

Breaking down AuthComponent::startup() into multiple methods for easi…

…er management and extension.
  • Loading branch information...
commit 49157d83ae008c3127113a2e31b3a7d3c824205f 1 parent 13029cc
ADmad authored February 10, 2013
74  lib/Cake/Controller/Component/AuthComponent.php
@@ -294,12 +294,36 @@ public function startup(Controller $controller) {
294 294
 		if (!$this->_setDefaults()) {
295 295
 			return false;
296 296
 		}
297  
-		$request = $controller->request;
298 297
 
299  
-		$url = '';
  298
+		if ($this->_isAllowed($controller)) {
  299
+			return true;
  300
+		}
  301
+
  302
+		if (!$this->_getUser()) {
  303
+			return $this->_unauthenticated($controller);
  304
+		}
  305
+
  306
+		if (empty($this->authorize) || $this->isAuthorized($this->user())) {
  307
+			return true;
  308
+		}
  309
+
  310
+		return $this->_unauthorized($controller);
  311
+	}
  312
+
  313
+/**
  314
+ * Checks whether current action is accessible without authentication.
  315
+ * If current action is login action referrer url is saved in session which is
  316
+ * later accessible using AuthComponent::redirectUrl().
  317
+ *
  318
+ * @param Controller $controller A reference to the instantiating controller object
  319
+ * @return boolean True if action is accessible without authentication else false
  320
+ */
  321
+	protected function _isAllowed(Controller $controller) {
  322
+		$action = strtolower($controller->request->params['action']);
300 323
 
301  
-		if (isset($request->url)) {
302  
-			$url = $request->url;
  324
+		$url = '';
  325
+		if (isset($controller->request->url)) {
  326
+			$url = $controller->request->url;
303 327
 		}
304 328
 		$url = Router::normalize($url);
305 329
 		$loginAction = Router::normalize($this->loginAction);
@@ -309,35 +333,37 @@ public function startup(Controller $controller) {
309 333
 		}
310 334
 
311 335
 		if ($loginAction == $url) {
312  
-			if (empty($request->data)) {
  336
+			if (empty($controller->request->data)) {
313 337
 				if (!$this->Session->check('Auth.redirect') && !$this->loginRedirect && env('HTTP_REFERER')) {
314 338
 					$this->Session->write('Auth.redirect', $controller->referer(null, true));
315 339
 				}
316 340
 			}
317 341
 			return true;
318 342
 		}
  343
+		return false;
  344
+	}
319 345
 
320  
-		if (!$this->_getUser()) {
321  
-			if (!$request->is('ajax')) {
322  
-				$this->flash($this->authError);
323  
-				$this->Session->write('Auth.redirect', $request->here());
324  
-				$controller->redirect($loginAction);
325  
-				return false;
326  
-			}
327  
-			if (!empty($this->ajaxLogin)) {
328  
-				$controller->viewPath = 'Elements';
329  
-				echo $controller->render($this->ajaxLogin, $this->RequestHandler->ajaxLayout);
330  
-				$this->_stop();
331  
-				return false;
332  
-			}
333  
-			$controller->redirect(null, 403);
  346
+/**
  347
+ * Handle unauthenticated access attempt.
  348
+ *
  349
+ * @param Controller $controller A reference to the controller object
  350
+ * @return boolean Returns false
  351
+ */
  352
+	protected function _unauthenticated(Controller $controller) {
  353
+		if (!$controller->request->is('ajax')) {
  354
+			$this->flash($this->authError);
  355
+			$this->Session->write('Auth.redirect', $controller->request->here());
  356
+			$controller->redirect($this->loginAction);
  357
+			return false;
334 358
 		}
335  
-
336  
-		if (empty($this->authorize) || $this->isAuthorized($this->user())) {
337  
-			return true;
  359
+		if (!empty($this->ajaxLogin)) {
  360
+			$controller->viewPath = 'Elements';
  361
+			echo $controller->render($this->ajaxLogin, $this->RequestHandler->ajaxLayout);
  362
+			$this->_stop();
  363
+			return false;
338 364
 		}
339  
-
340  
-		return $this->_unauthorized($controller);
  365
+		$controller->redirect(null, 403);
  366
+		return false;
341 367
 	}
342 368
 
343 369
 /**

0 notes on commit 49157d8

Please sign in to comment.
Something went wrong with that request. Please try again.