Added enhancement to AuthComponent::deny(). #277

wants to merge 90 commits into


None yet

Danielpk commented Oct 27, 2011

Now you can deny any action with single line.. $this->Auth->deny(); or $this->Auth->deny('*');



majna commented on 1d8199b Oct 17, 2011

Short version

pear upgrade PEAR
pear config-set auto_discover 1
pear install

works on latest ubuntu...

markstory and others added some commits Oct 18, 2011

@markstory markstory Applying fix from 'euromark' to fix protocol relative links
Fixes #2107
@jpirkey jpirkey Fixing a phpdoc-type for Controller->Components property eb5b4fa
@ADmad ADmad Merge pull request #254 from jpirkey/jpirkey-20111018-fix-controller-…

Fixed controller phpdoc-type of Controller::$Components property
@markstory markstory Fix missing preg_quote around highlight searches.
Highlight strings should be literal values not regexp fragments.
Fixes #2111


@ADmad ADmad Cleaning up code left over from 1.3. If no black-hole callback is spe…
…cified Security::blackHole() now throws an exception. Closes #1532
@majna majna Fixing failing i18n ExtractTask tests on Windows. 0a9033b
@lorenzo lorenzo Merge pull request #256 from majna/2.0-extract-test
Fixing failing i18n ExtractTask tests on Windows.
@markstory markstory Making apc feature test rely on apc_dec.
ZCS comes with a busted apc, and we need apc_dec to properly
use the ApcEngine anyways.

Fixes #2105
@markstory markstory Fix issue writing to file cache
Reading/writing to the same file cache key multiple times
in a row during a single request would result in failed reads.

Fixes #2114
@predominant predominant Changed expectation for CakeEmail to 8bit for transport. cdc21e4
@predominant predominant Changed CakeEmail transport to 8bit bd29145
@predominant predominant Added test for ISO-2022-JP to demonstration fail for charset. Thanks @… cef441c
@predominant predominant Added test for content transfer encoding for iso-2022-jp. Thanks @suzuki
@predominant predominant Added content transfer encoding detection based on charset. 86a0814
@rchavik rchavik fixing typos 2bb9376
@rchavik rchavik removing 'empty' files from nonempty directories a60d71d
@lorenzo lorenzo Merge pull request #257 from rchavik/etc
Fixing typos and removing 'empty' files from non-empty dirs
@suzuki suzuki fixed: change test property CakeEmail::charset to CakeEmail::headerCh…
@renan renan Fixed issue when using multiple extensions in Router::parseExtensions…
…() could result in undefined index notice by RequestHandlerComponent.
@renan renan Fixing failing test introduced in fb4a003. d1be66f
@renan renan Making the test assert what it is intended to assert. fe9762d
@suzuki suzuki add some test for ISO-2022-JP charset mails 712822e
@majna majna Fixed failing smtp tests when testing on host other then hardcoded 'l…
@ADmad ADmad Merge pull request #264 from majna/2.0-smtp-test
Fixed failing smtp tests when testing on host other then hardcoded 'localhost'.
@ADmad ADmad Revert "Fixed failing smtp tests when testing on host other then hard…
…coded 'localhost'."

This change you cause the tests to fail when run through CLI

This reverts commit f361509.
@lorenzo lorenzo Improving the upgrade shell by adding more renaming rules and making …
…it more robust in case insensitive systems
@lorenzo lorenzo Merge branch '2.0' of into 2.0 3735c7d
@rchavik rchavik display offending model and column a02fd82
@markstory markstory Merge pull request #261 from rchavik/misc
display model and field that is causing schema generate to fail
@markstory markstory Update CommandListShell to give better help.
plugins require plugin prefixes now.  Update the help
to suggest how to run plugin shells.

Fixes #2121
@markstory markstory Adding backwards compatible plugin syntax.
Thie got lost during 2.0, and it inflecting only the shell name
is kind of bad.
@johannesnagl @markstory johannesnagl Enable Asset timestamp for image submit buttons.

@markstory markstory Adding test for form->submit() and timestamps.

@markstory markstory Removing the rest of the 'cake' domain.
These string should all be part of the app POT files.
Fixes #2103
@markstory markstory Removing the remaining cake domain translations.
3rd time is a charm.
Fixes #2103

markstory commented on 7c70b37 Oct 20, 2011

Yeah I'm an idiot. It broke a pile of tests, and I forgot a pile of view files too :(

Why not just remove the line?


ceeram replied Oct 22, 2011

it is in next commit


predominant replied Oct 22, 2011

Its my friend.

markstory and others added some commits Oct 22, 2011

@markstory markstory Remove controller reuse between testAction() calls.
Reusing controllers between various testAction calls would
mean that calls that needed to render views, would break on the
second call to testAction().  Controllers are rebuilt for each testAction()
call now.

Fixes #2142
@markstory markstory Fix broken tests. 7b169ed
@majna @markstory majna Fix RedirectRoute by stopping execution.
If CakeResponse sends a Location header, it will stop execution.
This Fixes issues with where a body would be sent with redirect headers.
Tests updated.

Fixes #2143
@markstory markstory Fix issue with missing base on redirect route.
The request data wasn't set in Router when redirect routes are processed.
This caused the base to become missing. This causes issues with applications
running in a subdirectory.
@markstory markstory Revert "Fix RedirectRoute by stopping execution."
This reverts commit 841e7aa.

Having _stop() on CakeResponse seemed like the wrong place to stop
execution.  It can make testing with redirects harder.
Instead RedirectRoute should be stopping execution.
@markstory markstory Add _stop() to RedirectRoute.
Moved from CakeResponse to RedirectRoute,
as RedirectRoute is the only place its currently needed.

Refs #2143
@markstory markstory Remove tests, that interact with RedirectRoute.
RedirectRoute now has exit() in it.  This makes hitting those
routes in testing dangerous.
@markstory markstory Update assertEqual to assertEquals. 3022552
@markstory markstory Fix options in OptionParser for TestTask
Fix the allowed options for type to allow Camelcase versions as well.
@markstory markstory Adding tests for lowercase type names. ab77afb
@jameslarking @markstory jameslarking Camelize type of test being generated.
This fixes use for:

`cake bake model ModelName`

When classTypes and directories should be CamelCase.
This solves issue whereby model tests are written directly to Cases folder rather than into Cases/Model

Signed-off-by: mark_story <>
@markstory markstory Fix issues with stateless authentication.
Cookies and sessions are no longer required for stateful authentication.
AuthComponent::user() also works correctly in these situations as well.

Fixes #2134
@markstory markstory Move registration of CakePlugin.
Move the uses() call to Cake/bootstrap.php
CakePlugin is used by App, and should be loaded along with
other core classes like Configure and Cache.

Fixes #2147
@majna majna Fixing incorrect doc blocks regarding error handler. a9dbde0
@markstory markstory Merge pull request #270 from majna/2.0-exception-doc
Fixing incorrect doc blocks regarding error handler.
@markstory markstory Revert the changes done to remove the 'cake' domain
After some discussion, polutting the app POT file
with unchanging Cake strings was incorrect.  Having these
strings in a separate POT file allows reuse of translations across

Refs #2103
@markstory markstory Add documentation and test for FormHelper::select()
An alternate syntax was undocumented and untested.  Fix that.
Refs #1794
@majna majna Fixing incorrect theme view doc block. 42042c2
@lorenzo lorenzo Merge pull request #274 from majna/2.0-theme-doc
Fixing incorrect theme view doc block.
@fiblan @markstory fiblan Fix missing prefix when reading table schema.
When using prefixes, table metadata would be lost.
Fixes #1522

Signed-off-by: mark_story <>


@markstory markstory Fix inflection for words ending in media.
Fixes #2149
@markstory markstory Add Opera Mobi to mobile detectors.
This was missed in a merge with 1.3.
Fixes #2087
@dereuromark @markstory dereuromark ucfirst object names part two (Folder/File)
Signed-off-by: mark_story <>
@markstory markstory Update link on home page.
Fixes #2159
@markstory markstory Remove reference to XmlHelper.
Refs #2164
@markstory markstory Update doc block concerning plugins.
Fixes #2146
@markstory markstory Fix issue where named parameters would not be urldecoded.
Fixes #2155
@markstory markstory Add comment for test. 5efddd1

basuke commented on 477c492 Oct 26, 2011


Last month, I sent a same kind of patch that was rejected because of no more new feature in 1.3.

If you include this urldecode thing, you should do the opposite. I think you should urlencode the named args in _writeUrl, don't you?


markstory replied Oct 26, 2011

Perhaps. I kind of hate named parameters and want them to die in a fire, I could see an argument for urlencoding outbound named parameters in 2.0. Its still early enough in that release cycle that a change like that could be done.


basuke replied Oct 26, 2011

I hate them too. Anyway, please add urlencode or rawurlencode in _writeUrl(). If you decode it, you must encode it again.


ADmad replied Oct 26, 2011

Mark, how about we at-least dig its grave in 2.1? Removing it totally at this point might not go down too well with the community so keep it for BC but remove core's dependency on it and by default use regular query string wherever possible (eg. pagination).


jeremyharris replied Oct 26, 2011

I think they should go away as well, but I also think this is a much bigger discussion. Perhaps an RFC on lighthouse? Have to deal with things like merging the two (if we keep both), perhaps giving users an option to choose 1 or the other, etc.


ADmad replied Oct 26, 2011

Yeah an RFC on LH and/or topic on cakephp-core google group would be a start.


markstory replied Oct 26, 2011

I don't think we can remove them in 2.1, but for 3.0 they are totally going to die. The biggest outstanding problem with removing them for me is how to properly handle querystring parameters. Do we stick with the '?' => array(...) system currently in use, or just use all non routing keys in an array as query string arguments? If we do that there are some other issues around handling passed arguments as well. Unfortunately, removing them isn't as simple as it looks at first glance :(.


jeremyharris replied Oct 26, 2011

I think the users should explicitly define what should be passed in the query string. Since we're taking some of the magic that makes life miserable out anyway, I think using all extra keys as query args is on that falls in that category of "too much magic." What if you want to pass an action arg? Maybe that's just my opinion though. I'm interested to see what everyone else thinks.


markstory replied Oct 30, 2011

I guess both named params and passed arguments should be urlencoded, as the both could easily contain spaces or non-ascii characters. I'll write a patch for this.


markstory commented Oct 27, 2011

You should target 2.0 branch instead of master.


lorenzo commented Oct 27, 2011

Wrong branch

lorenzo closed this Oct 27, 2011

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment