Permalink
Browse files

Making AuthComponent::deny() case insensitive like allow(). Fixes #6261

  • Loading branch information...
1 parent c84b4cf commit b4a1c4723de2e9e69430647a64996d6d76150555 @markstory markstory committed Aug 31, 2009
@@ -605,7 +605,7 @@ function allow() {
if (isset($args[0]) && is_array($args[0])) {
$args = $args[0];
}
- $this->allowedActions = array_merge($this->allowedActions, $args);
+ $this->allowedActions = array_merge($this->allowedActions, array_map($args, 'strtolower'));
}
}
@@ -625,7 +625,7 @@ function deny() {
$args = $args[0];
}
foreach ($args as $arg) {
- $i = array_search($arg, $this->allowedActions);
+ $i = array_search(strtolower($arg), $this->allowedActions);
if (is_int($i)) {
unset($this->allowedActions[$i]);
}
@@ -798,6 +798,23 @@ function testAllowDenyAll() {
$this->assertFalse($this->Controller->Auth->startup($this->Controller));
}
+/**
+ * test that deny() converts camel case inputs to lowercase.
+ *
+ * @return void
+ **/
+ function testDenyWithCamelCaseMethods() {
+ $this->Controller->Auth->initialize($this->Controller);
+ $this->Controller->Auth->allow('*');
+ $this->Controller->Auth->deny('add', 'camelCase');
+
+ $url = '/auth_test/camelCase';
+ $this->Controller->params = Router::parse($url);
+ $this->Controller->params['url']['url'] = Router::normalize($url);
+
+ $this->assertFalse($this->Controller->Auth->startup($this->Controller));
+ }
+
/**
* test that allow() and allowedActions work with camelCase method names.
*

0 comments on commit b4a1c47

Please sign in to comment.