Skip to content
Permalink
Browse files

Making AuthComponent::deny() case insensitive like allow(). Fixes #6261

  • Loading branch information...
markstory committed Aug 31, 2009
1 parent c84b4cf commit b4a1c4723de2e9e69430647a64996d6d76150555
@@ -605,7 +605,7 @@ function allow() {
if (isset($args[0]) && is_array($args[0])) {
$args = $args[0];
}
$this->allowedActions = array_merge($this->allowedActions, $args);
$this->allowedActions = array_merge($this->allowedActions, array_map($args, 'strtolower'));
}
}
@@ -625,7 +625,7 @@ function deny() {
$args = $args[0];
}
foreach ($args as $arg) {
$i = array_search($arg, $this->allowedActions);
$i = array_search(strtolower($arg), $this->allowedActions);
if (is_int($i)) {
unset($this->allowedActions[$i]);
}
@@ -798,6 +798,23 @@ function testAllowDenyAll() {
$this->assertFalse($this->Controller->Auth->startup($this->Controller));
}
/**
* test that deny() converts camel case inputs to lowercase.
*
* @return void
**/
function testDenyWithCamelCaseMethods() {
$this->Controller->Auth->initialize($this->Controller);
$this->Controller->Auth->allow('*');
$this->Controller->Auth->deny('add', 'camelCase');
$url = '/auth_test/camelCase';
$this->Controller->params = Router::parse($url);
$this->Controller->params['url']['url'] = Router::normalize($url);
$this->assertFalse($this->Controller->Auth->startup($this->Controller));
}
/**
* test that allow() and allowedActions work with camelCase method names.
*

0 comments on commit b4a1c47

Please sign in to comment.
You can’t perform that action at this time.