Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Add onlyAllow() to CakeRequest, to check if the request method matche…

…s the allowed ones.

Throws exception if not matched, using the required Allow response header.
  • Loading branch information...
commit d730acba59156884f7a04428dbe3ce956ea7d337 1 parent d4986b5
@ceeram ceeram authored
View
32 lib/Cake/Network/CakeRequest.php
@@ -804,6 +804,38 @@ public function input($callback = null) {
}
/**
+ * Only allow certain HTTP request methods, if the request method does not match
+ * a 405 error will be shown and the required "Allow" response header will be set.
+ *
+ * Example:
+ *
+ * $this->request->onlyAllow('post', 'delete');
+ * or
+ * $this->request->onlyAllow(array('post', 'delete'));
+ *
+ * If the request would be GET, response header "Allow: POST, DELETE" will be set
+ * and a 405 error will be returned
+ *
+ * @param string|array $methods Allowed HTTP request methods
+ * @return boolean true
+ * @throws MethodNotAllowedException
+ */
+ public function onlyAllow($methods) {
+ if (!is_array($methods)) {
+ $methods = func_get_args();
+ }
+ foreach ($methods as $method) {
+ if ($this->is($method)) {
+ return true;
+ }
+ }
+ $allowed = strtoupper(implode(', ', $methods));
+ $e = new MethodNotAllowedException();
+ $e->responseHeader('Allow', $allowed);
+ throw $e;
+ }
+
+/**
* Read data from php://input, mocked in tests.
*
* @return string contents of php://input
View
34 lib/Cake/Test/Case/Network/CakeRequestTest.php
@@ -1858,6 +1858,40 @@ public function testIsRequested() {
}
/**
+ * TestOnlyAllow
+ *
+ * @return void
+ */
+ public function testOnlyAllow() {
+ $_SERVER['REQUEST_METHOD'] = 'PUT';
+ $request = new CakeRequest('/posts/edit/1');
+
+ $this->assertTrue($request->onlyAllow(array('put')));
+
+ $_SERVER['REQUEST_METHOD'] = 'DELETE';
+ $this->assertTrue($request->onlyAllow('post', 'delete'));
+ }
+
+/**
+ * TestOnlyAllow throwing exception
+ *
+ */
+ public function testOnlyAllowException() {
+ $_SERVER['REQUEST_METHOD'] = 'PUT';
+ $request = new CakeRequest('/posts/edit/1');
+
+ try {
+ $request->onlyAllow('POST', 'DELETE');
+ $this->fail('An expected exception has not been raised.');
+ } catch (MethodNotAllowedException $e) {
+ $this->assertEquals(array('Allow' => 'POST, DELETE'), $e->responseHeader());
+ }
+
+ $this->setExpectedException('MethodNotAllowedException');
+ $request->onlyAllow('POST');
+ }
+
+/**
* loadEnvironment method
*
* @param array $env
Please sign in to comment.
Something went wrong with that request. Please try again.