Skip to content
Permalink
Browse files

Renamed disabledActions to unlockedActions

  • Loading branch information...
tigrang committed Aug 3, 2012
1 parent df8ec17 commit 617d47042729d0c9b096ef66316ad6c11fe5a116
@@ -129,6 +129,13 @@ class SecurityComponent extends Component {
*/
public $unlockedFields = array();
/**
* Actions to exclude from any security checks
*
* @var array
*/
public $unlockedActions = array();
/**
* Whether to validate POST data. Set to false to disable for data coming from 3rd party
* services, etc.
@@ -178,13 +185,6 @@ class SecurityComponent extends Component {
*/
public $csrfLimit = 100;
/**
* List of actions to disable security checks
*
* @var array
*/
public $disabledActions = array();
/**
* Other components used by the Security component
*
@@ -225,7 +225,7 @@ public function startup(Controller $controller) {
$controller->request->params['requested'] != 1
);
if (!in_array($this->_action, (array)$this->disabledActions) && $isPost && $isNotRequestAction) {
if (!in_array($this->_action, (array)$this->unlockedActions) && $isPost && $isNotRequestAction) {
if ($this->validatePost && $this->_validatePost($controller) === false) {
return $this->blackHole($controller, 'auth');
}
@@ -1374,14 +1374,14 @@ public function testCsrfLimit() {
}
/**
* Test disabled actions
* Test unlocked actions
*
* @return void
*/
public function testDisabledActions() {
public function testUnlockedActions() {
$_SERVER['REQUEST_METHOD'] = 'POST';
$this->Controller->request->data = array('data');
$this->Controller->Security->disabledActions = 'index';
$this->Controller->Security->unlockedActions = 'index';
$this->Controller->Security->blackHoleCallback = null;
$result = $this->Controller->Security->startup($this->Controller);
$this->assertNull($result);

0 comments on commit 617d470

Please sign in to comment.
You can’t perform that action at this time.