Skip to content
This repository
Browse code

Add onlyAllow() to CakeRequest, to check if the request method matche…

…s the allowed ones.

Throws exception if not matched, using the required Allow response header.
  • Loading branch information...
commit d730acba59156884f7a04428dbe3ce956ea7d337 1 parent d4986b5
ceeram authored August 09, 2012
32  lib/Cake/Network/CakeRequest.php
@@ -804,6 +804,38 @@ public function input($callback = null) {
804 804
 	}
805 805
 
806 806
 /**
  807
+ * Only allow certain HTTP request methods, if the request method does not match
  808
+ * a 405 error will be shown and the required "Allow" response header will be set.
  809
+ *
  810
+ * Example:
  811
+ *
  812
+ * $this->request->onlyAllow('post', 'delete');
  813
+ * or
  814
+ * $this->request->onlyAllow(array('post', 'delete'));
  815
+ *
  816
+ * If the request would be GET, response header "Allow: POST, DELETE" will be set
  817
+ * and a 405 error will be returned
  818
+ *
  819
+ * @param string|array $methods Allowed HTTP request methods
  820
+ * @return boolean true
  821
+ * @throws MethodNotAllowedException
  822
+ */
  823
+	public function onlyAllow($methods) {
  824
+		if (!is_array($methods)) {
  825
+			$methods = func_get_args();
  826
+		}
  827
+		foreach ($methods as $method) {
  828
+			if ($this->is($method)) {
  829
+				return true;
  830
+			}
  831
+		}
  832
+		$allowed = strtoupper(implode(', ', $methods));
  833
+		$e = new MethodNotAllowedException();
  834
+		$e->responseHeader('Allow', $allowed);
  835
+		throw $e;
  836
+	}
  837
+
  838
+/**
807 839
  * Read data from php://input, mocked in tests.
808 840
  *
809 841
  * @return string contents of php://input
34  lib/Cake/Test/Case/Network/CakeRequestTest.php
@@ -1858,6 +1858,40 @@ public function testIsRequested() {
1858 1858
 	}
1859 1859
 
1860 1860
 /**
  1861
+ * TestOnlyAllow
  1862
+ *
  1863
+ * @return void
  1864
+ */
  1865
+	public function testOnlyAllow() {
  1866
+		$_SERVER['REQUEST_METHOD'] = 'PUT';
  1867
+		$request = new CakeRequest('/posts/edit/1');
  1868
+
  1869
+		$this->assertTrue($request->onlyAllow(array('put')));
  1870
+
  1871
+		$_SERVER['REQUEST_METHOD'] = 'DELETE';
  1872
+		$this->assertTrue($request->onlyAllow('post', 'delete'));
  1873
+	}
  1874
+
  1875
+/**
  1876
+ * TestOnlyAllow throwing exception
  1877
+ *
  1878
+ */
  1879
+	public function testOnlyAllowException() {
  1880
+		$_SERVER['REQUEST_METHOD'] = 'PUT';
  1881
+		$request = new CakeRequest('/posts/edit/1');
  1882
+
  1883
+		try {
  1884
+			$request->onlyAllow('POST', 'DELETE');
  1885
+			$this->fail('An expected exception has not been raised.');
  1886
+		} catch (MethodNotAllowedException $e) {
  1887
+			$this->assertEquals(array('Allow' => 'POST, DELETE'), $e->responseHeader());
  1888
+		}
  1889
+
  1890
+		$this->setExpectedException('MethodNotAllowedException');
  1891
+		$request->onlyAllow('POST');
  1892
+	}
  1893
+
  1894
+/**
1861 1895
  * loadEnvironment method
1862 1896
  *
1863 1897
  * @param array $env

0 notes on commit d730acb

Please sign in to comment.
Something went wrong with that request. Please try again.