Skip to content
This repository
Browse code

Fixing issues created in [8205] where allowedActions check was done i…

…ncorrectly. Fixes #6482

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@8208 3807eeeb-6ff5-0310-8944-8be069107fe0
  • Loading branch information...
commit ff5d9ed6e0f80a44b24143cddd1b6c2733c1ab3f 1 parent fb6b2ae
Mark Story authored July 01, 2009
3  cake/libs/controller/components/auth.php
@@ -264,6 +264,7 @@ function initialize(&$controller) {
264 264
 	function startup(&$controller) {
265 265
 		$methods = array_flip($controller->methods);
266 266
 		$controllerAction = strtolower($controller->params['action']);
  267
+		$lowerAllowedActions = array_map('strtolower', $this->allowedActions);
267 268
 
268 269
 		$isErrorOrTests = (
269 270
 			strtolower($controller->name) == 'cakeerror' ||
@@ -297,7 +298,7 @@ function startup(&$controller) {
297 298
 
298 299
 		$isAllowed = (
299 300
 			$this->allowedActions == array('*') ||
300  
-			isset($methods[$controllerAction])
  301
+			in_array($controllerAction, $lowerAllowedActions)
301 302
 		);
302 303
 
303 304
 		if ($loginAction != $url && $isAllowed) {
4  cake/tests/cases/libs/controller/components/auth.test.php
@@ -753,6 +753,10 @@ function testAllowedActionsWithCamelCaseMethods() {
753 753
 		$this->Controller->Auth->allowedActions = array('delete', 'camelCase', 'add');
754 754
 		$result = $this->Controller->Auth->startup($this->Controller);
755 755
 		$this->assertTrue($result, 'startup() should return true, as action is allowed. %s');
  756
+
  757
+		$this->Controller->Auth->allowedActions = array('delete', 'add');
  758
+		$result = $this->Controller->Auth->startup($this->Controller);
  759
+		$this->assertFalse($result, 'startup() should return false, as action is not allowed. %s');
756 760
 	}
757 761
 /**
758 762
  * testLoginRedirect method

0 notes on commit ff5d9ed

Please sign in to comment.
Something went wrong with that request. Please try again.