Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fixing camel cased methods in checks for allowedActions in AuthCompon…

…ent under PHP5. Normalizes to lowercase method name. Fixes #6142

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@8205 3807eeeb-6ff5-0310-8944-8be069107fe0
  • Loading branch information...
commit 8c7883fe3efa87941b239e377b59933299e641a7 1 parent 6a34c9e
@markstory markstory authored
View
6 cake/libs/controller/components/auth.php
@@ -263,6 +263,8 @@ function initialize(&$controller) {
*/
function startup(&$controller) {
$methods = array_flip($controller->methods);
+ $controllerAction = strtolower($controller->params['action']);
+
$isErrorOrTests = (
strtolower($controller->name) == 'cakeerror' ||
(strtolower($controller->name) == 'tests' && Configure::read() > 0)
@@ -273,7 +275,7 @@ function startup(&$controller) {
$isMissingAction = (
$controller->scaffold === false &&
- !isset($methods[strtolower($controller->params['action'])])
+ !isset($methods[$controllerAction])
);
if ($isMissingAction) {
@@ -295,7 +297,7 @@ function startup(&$controller) {
$isAllowed = (
$this->allowedActions == array('*') ||
- in_array($controller->params['action'], $this->allowedActions)
+ isset($methods[$controllerAction])
);
if ($loginAction != $url && $isAllowed) {
View
25 cake/tests/cases/libs/controller/components/auth.test.php
@@ -728,7 +728,32 @@ function testAllowDenyAll() {
$this->Controller->params['action'] = 'Add';
$this->assertFalse($this->Controller->Auth->startup($this->Controller));
}
+/**
+ * test that allow() and allowedActions work with camelCase method names.
+ *
+ * @return void
+ **/
+ function testAllowedActionsWithCamelCaseMethods() {
+ $url = '/auth_test/camelCase';
+ $this->Controller->params = Router::parse($url);
+ $this->Controller->params['url']['url'] = Router::normalize($url);
+ $this->Controller->Auth->initialize($this->Controller);
+ $this->Controller->Auth->loginAction = array('controller' => 'AuthTest', 'action' => 'login');
+ $this->Controller->Auth->userModel = 'AuthUser';
+ $this->Controller->Auth->allow('*');
+ $result = $this->Controller->Auth->startup($this->Controller);
+ $this->assertTrue($result, 'startup() should return true, as action is allowed. %s');
+ $url = '/auth_test/camelCase';
+ $this->Controller->params = Router::parse($url);
+ $this->Controller->params['url']['url'] = Router::normalize($url);
+ $this->Controller->Auth->initialize($this->Controller);
+ $this->Controller->Auth->loginAction = array('controller' => 'AuthTest', 'action' => 'login');
+ $this->Controller->Auth->userModel = 'AuthUser';
+ $this->Controller->Auth->allowedActions = array('delete', 'camelCase', 'add');
+ $result = $this->Controller->Auth->startup($this->Controller);
+ $this->assertTrue($result, 'startup() should return true, as action is allowed. %s');
+ }
/**
* testLoginRedirect method
*

0 comments on commit 8c7883f

Please sign in to comment.
Something went wrong with that request. Please try again.