1: <?php
 2: /**
 3:  * PHP 5
 4:  *
 5:  * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
 6:  * Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
 7:  *
 8:  * Licensed under The MIT License
 9:  * Redistributions of files must retain the above copyright notice.
10:  *
11:  * @copyright     Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
12:  * @link          http://cakephp.org CakePHP(tm) Project
13:  * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
14:  */
15: 
16: App::uses('BaseAuthorize', 'Controller/Component/Auth');
17: 
18: /**
19:  * An authorization adapter for AuthComponent.  Provides the ability to authorize using a controller callback.
20:  * Your controller's isAuthorized() method should return a boolean to indicate whether or not the user is authorized.
21:  *
22:  * {{{
23:  *  public function isAuthorized($user) {
24:  *      if (!empty($this->request->params['admin'])) {
25:  *          return $user['role'] == 'admin';
26:  *      }
27:  *      return !empty($user);
28:  *  }
29:  * }}}
30:  *
31:  * the above is simple implementation that would only authorize users of the 'admin' role to access
32:  * admin routing.
33:  *
34:  * @package       Cake.Controller.Component.Auth
35:  * @since 2.0
36:  * @see AuthComponent::$authenticate
37:  */
38: class ControllerAuthorize extends BaseAuthorize {
39: 
40: /**
41:  * Get/set the controller this authorize object will be working with.  Also checks that isAuthorized is implemented.
42:  *
43:  * @param mixed $controller null to get, a controller to set.
44:  * @return mixed
45:  * @throws CakeException
46:  */
47:     public function controller($controller = null) {
48:         if ($controller) {
49:             if (!method_exists($controller, 'isAuthorized')) {
50:                 throw new CakeException(__d('cake_dev', '$controller does not implement an isAuthorized() method.'));
51:             }
52:         }
53:         return parent::controller($controller);
54:     }
55: 
56: /**
57:  * Checks user authorization using a controller callback.
58:  *
59:  * @param array $user Active user data
60:  * @param CakeRequest $request
61:  * @return boolean
62:  */
63:     public function authorize($user, CakeRequest $request) {
64:         return (bool) $this->_Controller->isAuthorized($user);
65:     }
66: 
67: }