Skip to content

Commit

Permalink
Refactored the access check in the before filter into a separate func…
Browse files Browse the repository at this point in the history 
…tion
  • Loading branch information
@m0hamed
m0hamed committed Sep 6, 2013
1 parent e46b19a commit 62659eb
Showing 1 changed file with 26 additions and 7 deletions.
33 changes: 26 additions & 7 deletions app/Controller/AppController.php
View file
Expand Up @@ -42,10 +42,17 @@ class AppController extends Controller {

public $uses = array('Developer');

public $whitelist = array(
'developers',
'pages',
'incidents' => array(
'create',
),
);

public function beforeFilter() {
$params = $this->params->params;
$controller = $params["controller"];
$action = $params["action"];
$this->set('current_controller', $controller);

if ($this->Session->read('Developer.id')) {
Expand All @@ -57,13 +64,25 @@ public function beforeFilter() {
$this->set('developer_signed_in', true);
} else {
$this->set('developer_signed_in', false);
$this->_checkAccess();
}
}

if ($controller !== "pages" && $controller !== "developers" &&
!($action === "create" && $controller === "incidents")) {
$this->Session->setFlash("You need to be signed in to do this", "default",
array("class" => "alert alert-error"));
return $this->redirect("/");
}
protected function _checkAccess() {
$params = $this->params->params;
$controller = $params["controller"];
$action = $params["action"];

if (in_array($controller, $this->whitelist)) {
return;
}
if (isset($this->whitelist[$controller]) &&
in_array($action, $this->whitelist[$controller])) {
return;
}

$this->Session->setFlash("You need to be signed in to do this", "default",
array("class" => "alert alert-error"));
return $this->redirect($this->referer());
}
}

0 comments on commit 62659eb

Please sign in to comment.