pictcode / lib / Cake / Controller / Component / Auth / ControllerAuthorize.php @ 635eef61
履歴 | 表示 | アノテート | ダウンロード (2.104 KB)
1 | 635eef61 | spyder1211 | <?php
|
---|---|---|---|
2 | /**
|
||
3 | * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||
4 | * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||
5 | *
|
||
6 | * Licensed under The MIT License
|
||
7 | * For full copyright and license information, please see the LICENSE.txt
|
||
8 | * Redistributions of files must retain the above copyright notice.
|
||
9 | *
|
||
10 | * @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||
11 | * @link http://cakephp.org CakePHP(tm) Project
|
||
12 | * @license http://www.opensource.org/licenses/mit-license.php MIT License
|
||
13 | */
|
||
14 | |||
15 | App::uses('BaseAuthorize', 'Controller/Component/Auth'); |
||
16 | |||
17 | /**
|
||
18 | * An authorization adapter for AuthComponent. Provides the ability to authorize using a controller callback.
|
||
19 | * Your controller's isAuthorized() method should return a boolean to indicate whether or not the user is authorized.
|
||
20 | *
|
||
21 | * ```
|
||
22 | * public function isAuthorized($user) {
|
||
23 | * if (!empty($this->request->params['admin'])) {
|
||
24 | * return $user['role'] === 'admin';
|
||
25 | * }
|
||
26 | * return !empty($user);
|
||
27 | * }
|
||
28 | * ```
|
||
29 | *
|
||
30 | * the above is simple implementation that would only authorize users of the 'admin' role to access
|
||
31 | * admin routing.
|
||
32 | *
|
||
33 | * @package Cake.Controller.Component.Auth
|
||
34 | * @since 2.0
|
||
35 | * @see AuthComponent::$authenticate
|
||
36 | */
|
||
37 | class ControllerAuthorize extends BaseAuthorize { |
||
38 | |||
39 | /**
|
||
40 | * Get/set the controller this authorize object will be working with. Also checks that isAuthorized is implemented.
|
||
41 | *
|
||
42 | * @param Controller $controller null to get, a controller to set.
|
||
43 | * @return mixed
|
||
44 | * @throws CakeException
|
||
45 | */
|
||
46 | public function controller(Controller $controller = null) { |
||
47 | if ($controller) { |
||
48 | if (!method_exists($controller, 'isAuthorized')) { |
||
49 | throw new CakeException(__d('cake_dev', '$controller does not implement an %s method.', 'isAuthorized()')); |
||
50 | } |
||
51 | } |
||
52 | return parent::controller($controller); |
||
53 | } |
||
54 | |||
55 | /**
|
||
56 | * Checks user authorization using a controller callback.
|
||
57 | *
|
||
58 | * @param array $user Active user data
|
||
59 | * @param CakeRequest $request Request instance.
|
||
60 | * @return bool
|
||
61 | */
|
||
62 | public function authorize($user, CakeRequest $request) { |
||
63 | return (bool)$this->_Controller->isAuthorized($user); |
||
64 | } |
||
65 | |||
66 | } |