Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow throwing UnauthorizedException instead of redirection upon unauth... #889

Closed
wants to merge 1 commit into from
Closed

Allow throwing UnauthorizedException instead of redirection upon unauth... #889

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 24 additions & 0 deletions lib/Cake/Controller/Component/AuthComponent.php
View file
Open in desktop
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -211,6 +211,15 @@ class AuthComponent extends Component {
*/ */
public $authError = null; public $authError = null;


/**
* Controls handling of unauthorized access. By default unauthorized user is
* redirected to the referrer url or AuthComponent::$loginAction or '/'.
* If set to false a ForbiddenException exception is thrown instead of redirecting.
*
* @var boolean
*/
public $unauthorizedRedirect = true;

/** /**
* Controller actions for which user validation is not required. * Controller actions for which user validation is not required.
* *
Expand Down Expand Up @@ -322,6 +331,21 @@ public function startup(Controller $controller) {
return true; return true;
} }


return $this->_unauthorized($controller);
}

/**
* Handle unauthorized access attempt
*
* @param Controller $controller A reference to the controller object
* @return boolean Returns false
* @throws ForbiddenException
*/
protected function _unauthorized(Controller $controller) {
if (!$this->unauthorizedRedirect) {
throw new ForbiddenException($this->authError);
}

$this->flash($this->authError); $this->flash($this->authError);
$default = '/'; $default = '/';
if (!empty($this->loginRedirect)) { if (!empty($this->loginRedirect)) {
Expand Down
24 changes: 24 additions & 0 deletions lib/Cake/Test/Case/Controller/Component/AuthComponentTest.php
View file
Open in desktop
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -907,6 +907,30 @@ public function testDefaultToLoginRedirect() {
$this->Auth->startup($Controller); $this->Auth->startup($Controller);
} }


/**
* Throw ForbiddenException if AuthComponent::$unauthorizedRedirect set to false
* @expectedException ForbiddenException
* @return void
*/
public function testForbiddenException() {
$url = '/party/on';
$this->Auth->request = $CakeRequest = new CakeRequest($url);
$this->Auth->request->addParams(Router::parse($url));
$this->Auth->authorize = array('Controller');
$this->Auth->authorize = array('Controller');
$this->Auth->unauthorizedRedirect = false;
$this->Auth->login(array('username' => 'baker', 'password' => 'cake'));

$CakeResponse = new CakeResponse();
$Controller = $this->getMock(
'Controller',
array('on', 'redirect'),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's the 'on' method do?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nothing, bad copy paste :) Will fix it.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, if remove the 'on' my test case fails. So I am not sure what it does. I copied this from the testDefaultToLoginRedirect() function. There too if i remove the 'on' the test case fails.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ceeram enlightened me that the "on" is the controller action as the test uses url "/party/on".

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh I missed that, thanks for the clarification.

array($CakeRequest, $CakeResponse)
);

$this->Auth->startup($Controller);
}

/** /**
* Test that no redirects or authorization tests occur on the loginAction * Test that no redirects or authorization tests occur on the loginAction
* *
Expand Down