Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fixing camel cased methods in checks for allowedActions in AuthCompon…

…ent under PHP5. Normalizes to lowercase method name. Fixes #6142

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@8205 3807eeeb-6ff5-0310-8944-8be069107fe0
  • Loading branch information...
commit 8c7883fe3efa87941b239e377b59933299e641a7 1 parent 6a34c9e
Mark Story markstory authored
6 cake/libs/controller/components/auth.php
View
@@ -263,6 +263,8 @@ function initialize(&$controller) {
*/
function startup(&$controller) {
$methods = array_flip($controller->methods);
+ $controllerAction = strtolower($controller->params['action']);
+
$isErrorOrTests = (
strtolower($controller->name) == 'cakeerror' ||
(strtolower($controller->name) == 'tests' && Configure::read() > 0)
@@ -273,7 +275,7 @@ function startup(&$controller) {
$isMissingAction = (
$controller->scaffold === false &&
- !isset($methods[strtolower($controller->params['action'])])
+ !isset($methods[$controllerAction])
);
if ($isMissingAction) {
@@ -295,7 +297,7 @@ function startup(&$controller) {
$isAllowed = (
$this->allowedActions == array('*') ||
- in_array($controller->params['action'], $this->allowedActions)
+ isset($methods[$controllerAction])
);
if ($loginAction != $url && $isAllowed) {
25 cake/tests/cases/libs/controller/components/auth.test.php
View
@@ -728,7 +728,32 @@ function testAllowDenyAll() {
$this->Controller->params['action'] = 'Add';
$this->assertFalse($this->Controller->Auth->startup($this->Controller));
}
+/**
+ * test that allow() and allowedActions work with camelCase method names.
+ *
+ * @return void
+ **/
+ function testAllowedActionsWithCamelCaseMethods() {
+ $url = '/auth_test/camelCase';
+ $this->Controller->params = Router::parse($url);
+ $this->Controller->params['url']['url'] = Router::normalize($url);
+ $this->Controller->Auth->initialize($this->Controller);
+ $this->Controller->Auth->loginAction = array('controller' => 'AuthTest', 'action' => 'login');
+ $this->Controller->Auth->userModel = 'AuthUser';
+ $this->Controller->Auth->allow('*');
+ $result = $this->Controller->Auth->startup($this->Controller);
+ $this->assertTrue($result, 'startup() should return true, as action is allowed. %s');
+ $url = '/auth_test/camelCase';
+ $this->Controller->params = Router::parse($url);
+ $this->Controller->params['url']['url'] = Router::normalize($url);
+ $this->Controller->Auth->initialize($this->Controller);
+ $this->Controller->Auth->loginAction = array('controller' => 'AuthTest', 'action' => 'login');
+ $this->Controller->Auth->userModel = 'AuthUser';
+ $this->Controller->Auth->allowedActions = array('delete', 'camelCase', 'add');
+ $result = $this->Controller->Auth->startup($this->Controller);
+ $this->assertTrue($result, 'startup() should return true, as action is allowed. %s');
+ }
/**
* testLoginRedirect method
*
Please sign in to comment.
Something went wrong with that request. Please try again.