Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Add onlyAllow() to CakeRequest, to check if the request method matche…

…s the allowed ones.

Throws exception if not matched, using the required Allow response header.
  • Loading branch information...
commit d730acba59156884f7a04428dbe3ce956ea7d337 1 parent d4986b5
ceeram ceeram authored
32 lib/Cake/Network/CakeRequest.php
View
@@ -804,6 +804,38 @@ public function input($callback = null) {
}
/**
+ * Only allow certain HTTP request methods, if the request method does not match
+ * a 405 error will be shown and the required "Allow" response header will be set.
+ *
+ * Example:
+ *
+ * $this->request->onlyAllow('post', 'delete');
+ * or
+ * $this->request->onlyAllow(array('post', 'delete'));
+ *
+ * If the request would be GET, response header "Allow: POST, DELETE" will be set
+ * and a 405 error will be returned
+ *
+ * @param string|array $methods Allowed HTTP request methods
+ * @return boolean true
+ * @throws MethodNotAllowedException
+ */
+ public function onlyAllow($methods) {
+ if (!is_array($methods)) {
+ $methods = func_get_args();
+ }
+ foreach ($methods as $method) {
+ if ($this->is($method)) {
+ return true;
+ }
+ }
+ $allowed = strtoupper(implode(', ', $methods));
+ $e = new MethodNotAllowedException();
+ $e->responseHeader('Allow', $allowed);
+ throw $e;
+ }
+
+/**
* Read data from php://input, mocked in tests.
*
* @return string contents of php://input
34 lib/Cake/Test/Case/Network/CakeRequestTest.php
View
@@ -1858,6 +1858,40 @@ public function testIsRequested() {
}
/**
+ * TestOnlyAllow
+ *
+ * @return void
+ */
+ public function testOnlyAllow() {
+ $_SERVER['REQUEST_METHOD'] = 'PUT';
+ $request = new CakeRequest('/posts/edit/1');
+
+ $this->assertTrue($request->onlyAllow(array('put')));
+
+ $_SERVER['REQUEST_METHOD'] = 'DELETE';
+ $this->assertTrue($request->onlyAllow('post', 'delete'));
+ }
+
+/**
+ * TestOnlyAllow throwing exception
+ *
+ */
+ public function testOnlyAllowException() {
+ $_SERVER['REQUEST_METHOD'] = 'PUT';
+ $request = new CakeRequest('/posts/edit/1');
+
+ try {
+ $request->onlyAllow('POST', 'DELETE');
+ $this->fail('An expected exception has not been raised.');
+ } catch (MethodNotAllowedException $e) {
+ $this->assertEquals(array('Allow' => 'POST, DELETE'), $e->responseHeader());
+ }
+
+ $this->setExpectedException('MethodNotAllowedException');
+ $request->onlyAllow('POST');
+ }
+
+/**
* loadEnvironment method
*
* @param array $env
Please sign in to comment.
Something went wrong with that request. Please try again.