/ cake / libs / controller / components / security.php
Defined Classes
SecurityComponent Class Info:
- Class Declaration:
class SecurityComponent extends Object
- File name:
- cake/libs/controller/components/security.php
- Description:
SecurityComponent
- Class Inheritance
- Package
- cake
- Subpackage
- cake.cake.libs.controller.components
- Link
- http://book.cakephp.org/view/1296/Security-Component
Properties:
-
_action string
Holds the current action of the controller
-
allowedActions array
Actions from which actions of the current controller are allowed to receive requests.
-
allowedControllers array
Controllers from which actions of the current controller are allowed to receive requests.
-
blackHoleCallback string
The controller method that will be called if this request is black-hole'd
-
components array
Other components used by the Security component
-
disabledFields array
Form fields to disable
-
loginOptions array
Login options for SecurityComponent::requireLogin()
-
loginUsers array
An associative array of usernames/passwords used for HTTP-authenticated logins.
-
requireAuth array
List of actions that require a valid authentication key
-
requireDelete array
List of controller actions for which a DELETE request is required
-
requireGet array
List of controller actions for which a GET request is required
-
requireLogin array
List of actions that require an HTTP-authenticated login (basic or digest)
-
requirePost array
List of controller actions for which a POST request is required
-
requirePut array
List of controller actions for which a PUT request is required
-
requireSecure array
List of actions that require an SSL-secured connection
-
validatePost boolean
Whether to validate POST data. Set to false to disable for data coming from 3rd party services, etc.
Method Summary:
- _authRequired( $controller )
- blackHole( $controller, $error = '' )
- cakeError( $method, $messages = array ( ) )
- _callback( $controller, $method, $params = array ( ) )
- __construct( )
- dispatchMethod( $method, $params = array ( ) )
- generateDigestResponseHash( $data )
- _generateToken( $controller )
- initialize( $controller, $settings = array ( ) )
- log( $msg, $type = 2 )
- loginCredentials( $type = NULL )
- loginRequest( $options = array ( ) )
- _loginRequired( $controller )
- _methodsRequired( $controller )
- Object( )
- parseDigestAuthData( $digest )
- _persist( $name, $return, $object, $type = NULL )
- requestAction( $url, $extra = array ( ) )
- requireAuth( )
- requireDelete( )
- requireGet( )
- requireLogin( )
- _requireMethod( $method, $actions = array ( ) )
- requirePost( )
- requirePut( )
- requireSecure( )
- _savePersistent( $name, $object )
- _secureRequired( $controller )
- _set( $properties = array ( ) )
- _setLoginDefaults( $options )
- startup( $controller )
- _stop( $status = 0 )
- toString( )
- _validatePost( $controller )
_authRequired
topCheck if authentication is required
- Parameters:
-
-
object $controller required
Instantiating controller
-
- Method defined in:
- cake/libs/controller/components/security.php on line 509
- Return
bool true if authentication required
- Access
protected
blackHole
topBlack-hole an invalid request with a 404 error or custom callback. If SecurityComponent::$blackHoleCallback is specified, it will use this callback by executing the method indicated in $error
- Parameters:
-
-
object $controller required
Instantiating controller
-
string $error optional ''
Error method
-
- Method defined in:
- cake/libs/controller/components/security.php on line 427
- Return
mixed If specified, controller blackHoleCallback's response, or no return otherwise
- Access
public
- See
- Link
- http://book.cakephp.org/view/1307/blackHole-object-controller-string-error
cakeError
topUsed to report user friendly errors. If there is a file app/error.php or app/app_error.php this file will be loaded error.php is the AppError class it should extend ErrorHandler class.
- Parameters:
-
-
string $method required
Method to be called in the error class (AppError or ErrorHandler classes)
-
array $messages optional array ( )
Message that is to be displayed by the error class
-
- Method defined in:
- cake/libs/object.php on line 187
- Return
error message
- Access
public
_callback
topCalls a controller callback method
- Parameters:
-
-
object $controller required
Controller to run callback on
-
string $method required
Method to execute
-
array $params optional array ( )
Parameters to send to method
-
- Method defined in:
- cake/libs/controller/components/security.php on line 739
- Return
mixed Controller callback method's response
- Access
protected
__construct
topClass constructor, overridden in descendant classes.
- Method defined in:
- cake/libs/object.php on line 54
dispatchMethod
topCalls a method on this object with the given parameters. Provides an OO wrapper
for call_user_func_array
- Parameters:
-
-
string $method required
Name of the method to call
-
array $params optional array ( )
Parameter list to use when calling $method
-
- Method defined in:
- cake/libs/object.php on line 107
- Return
mixed Returns the result of the method call
- Access
public
generateDigestResponseHash
topGenerates a hash to be compared with an HTTP digest-authenticated response
- Parameters:
-
-
array $data required
HTTP digest response data, as parsed by SecurityComponent::parseDigestAuthData()
-
- Method defined in:
- cake/libs/controller/components/security.php on line 408
- Return
string Digest authentication hash
- Access
public
- See
- Link
- http://book.cakephp.org/view/1306/generateDigestResponseHash-array-data
_generateToken
topAdd authentication key for new form posts
- Parameters:
-
-
object $controller required
Instantiating controller
-
- Method defined in:
- cake/libs/controller/components/security.php on line 674
- Return
bool Success
- Access
protected
initialize
topInitialize the SecurityComponent
- Parameters:
-
-
object $controller required
Controller instance for the request
-
array $settings optional array ( )
Settings to set to the component
-
- Method defined in:
- cake/libs/controller/components/security.php on line 180
- Return
void
- Access
public
log
topConvience method to write a message to CakeLog. See CakeLog::write() for more information on writing to logs.
- Parameters:
-
-
string $msg required
Log message
-
integer $type optional 2
Error type constant. Defined in app/config/core.php.
-
- Method defined in:
- cake/libs/object.php on line 148
- Return
boolean Success of log write
- Access
public
loginCredentials
topAttempts to validate the login credentials for an HTTP-authenticated request
- Parameters:
-
-
string $type optional NULL
Either 'basic', 'digest', or null. If null/empty, will try both.
-
- Method defined in:
- cake/libs/controller/components/security.php on line 316
- Return
mixed If successful, returns an array with login name and password, otherwise null.
- Access
public
- Link
- http://book.cakephp.org/view/1303/loginCredentials-string-type
loginRequest
topGenerates the text of an HTTP-authentication request header from an array of options.
- Parameters:
-
-
array $options optional array ( )
Set of options for header
-
- Method defined in:
- cake/libs/controller/components/security.php on line 356
- Return
string HTTP-authentication request header
- Access
public
- Link
- http://book.cakephp.org/view/1304/loginRequest-array-options
_loginRequired
topCheck if login is required
- Parameters:
-
-
object $controller required
Instantiating controller
-
- Method defined in:
- cake/libs/controller/components/security.php on line 545
- Return
bool true if login is required
- Access
protected
_methodsRequired
topCheck if HTTP methods are required
- Parameters:
-
-
object $controller required
Instantiating controller
-
- Method defined in:
- cake/libs/controller/components/security.php on line 462
- Return
bool true if $method is required
- Access
protected
Object
topA hack to support __construct() on PHP 4 Hint: descendant classes have no PHP4 class_name() constructors, so this constructor gets called first and calls the top-layer __construct() which (if present) should call parent::__construct()
- Method defined in:
- cake/libs/object.php on line 43
- Return
Object
parseDigestAuthData
topParses an HTTP digest authentication response, and returns an array of the data, or null on failure.
- Parameters:
-
-
string $digest required
Digest authentication response
-
- Method defined in:
- cake/libs/controller/components/security.php on line 379
- Return
array Digest authentication parameters
- Access
public
- Link
- http://book.cakephp.org/view/1305/parseDigestAuthData-string-digest
_persist
topChecks for a persistent class file, if found file is opened and true returned If file is not found a file is created and false returned If used in other locations of the model you should choose a unique name for the persistent file There are many uses for this method, see manual for examples
- Parameters:
-
-
string $name required
name of the class to persist
-
$return required
-
string $object required
the object to persist
-
$type optional NULL
-
- Method defined in:
- cake/libs/object.php on line 218
- Return
boolean Success
- Access
protected
- Todo
add examples to manual
requestAction
topCalls a controller's method from any location. Can be used to connect controllers together or tie plugins into a main application. requestAction can be used to return rendered views or fetch the return value from controller actions.
- Parameters:
-
-
mixed $url required
String or array-based url.
-
array $extra optional array ( )
if array includes the key "return" it sets the AutoRender to true.
-
- Method defined in:
- cake/libs/object.php on line 80
- Return
mixed Boolean true or false on success/failure, or contents of rendered action if 'return' is set in $extra.
- Access
public
requireAuth
topSets the actions that require an authenticated request, or empty for all actions
- Method defined in:
- cake/libs/controller/components/security.php on line 278
- Return
void
- Access
public
- Link
- http://book.cakephp.org/view/1301/requireAuth
requireDelete
topSets the actions that require a DELETE request, or empty for all actions
- Method defined in:
- cake/libs/controller/components/security.php on line 254
- Return
void
- Access
public
requireGet
topSets the actions that require a GET request, or empty for all actions
- Method defined in:
- cake/libs/controller/components/security.php on line 232
- Return
void
- Access
public
requireLogin
topSets the actions that require an HTTP-authenticated request, or empty for all actions
- Method defined in:
- cake/libs/controller/components/security.php on line 290
- Return
void
- Access
public
- Link
- http://book.cakephp.org/view/1302/requireLogin
_requireMethod
topSets the actions that require a $method HTTP request, or empty for all actions
- Parameters:
-
-
string $method required
The HTTP method to assign controller actions to
-
array $actions optional array ( )
Controller actions to set the required HTTP method to.
-
- Method defined in:
- cake/libs/controller/components/security.php on line 448
- Return
void
- Access
protected
requirePost
topSets the actions that require a POST request, or empty for all actions
- Method defined in:
- cake/libs/controller/components/security.php on line 221
- Return
void
- Access
public
- Link
- http://book.cakephp.org/view/1299/requirePost
requirePut
topSets the actions that require a PUT request, or empty for all actions
- Method defined in:
- cake/libs/controller/components/security.php on line 243
- Return
void
- Access
public
requireSecure
topSets the actions that require a request that is SSL-secured, or empty for all actions
- Method defined in:
- cake/libs/controller/components/security.php on line 266
- Return
void
- Access
public
- Link
- http://book.cakephp.org/view/1300/requireSecure
_savePersistent
topYou should choose a unique name for the persistent file
There are many uses for this method, see manual for examples
- Parameters:
-
-
string $name required
name used for object to cache
-
object $object required
the object to persist
-
- Method defined in:
- cake/libs/object.php on line 247
- Return
boolean true on save, throws error if file can not be created
- Access
protected
_secureRequired
topCheck if access requires secure connection
- Parameters:
-
-
object $controller required
Instantiating controller
-
- Method defined in:
- cake/libs/controller/components/security.php on line 487
- Return
bool true if secure connection required
- Access
protected
_set
topAllows setting of multiple properties of the object in a single line of code. Will only set properties that are part of a class declaration.
- Parameters:
-
-
array $properties optional array ( )
An associative array containing properties and corresponding values.
-
- Method defined in:
- cake/libs/object.php on line 166
- Return
void
- Access
protected
_setLoginDefaults
topSets the default login options for an HTTP-authenticated request
- Parameters:
-
-
array $options required
Default login options
-
- Method defined in:
- cake/libs/controller/components/security.php on line 720
- Return
void
- Access
protected
startup
topComponent startup. All security checking happens here.
- Parameters:
-
-
object $controller required
Instantiating controller
-
- Method defined in:
- cake/libs/controller/components/security.php on line 191
- Return
void
- Access
public
_stop
topStop execution of the current script. Wraps exit() making testing easier.
- Parameters:
-
-
$status optional 0
-
- Method defined in:
- cake/libs/object.php on line 135
- Return
void
- Access
public
toString
topObject-to-string conversion. Each class can override this method as necessary.
- Method defined in:
- cake/libs/object.php on line 64
- Return
string The name of this class
- Access
public
_validatePost
topValidate submitted form
- Parameters:
-
-
object $controller required
Instantiating controller
-
- Method defined in:
- cake/libs/controller/components/security.php on line 593
- Return
bool true if submitted form is valid
- Access
protected
