1: <?php
2: /**
3: * PHP 5
4: *
5: * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
6: * Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
7: *
8: * Licensed under The MIT License
9: * Redistributions of files must retain the above copyright notice.
10: *
11: * @copyright Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
12: * @link http://cakephp.org CakePHP(tm) Project
13: * @license MIT License (http://www.opensource.org/licenses/mit-license.php)
14: */
15:
16: App::uses('BaseAuthorize', 'Controller/Component/Auth');
17:
18: /**
19: * An authorization adapter for AuthComponent. Provides the ability to authorize using a controller callback.
20: * Your controller's isAuthorized() method should return a boolean to indicate whether or not the user is authorized.
21: *
22: * {{{
23: * public function isAuthorized($user) {
24: * if (!empty($this->request->params['admin'])) {
25: * return $user['role'] == 'admin';
26: * }
27: * return !empty($user);
28: * }
29: * }}}
30: *
31: * the above is simple implementation that would only authorize users of the 'admin' role to access
32: * admin routing.
33: *
34: * @package Cake.Controller.Component.Auth
35: * @since 2.0
36: * @see AuthComponent::$authenticate
37: */
38: class ControllerAuthorize extends BaseAuthorize {
39:
40: /**
41: * Get/set the controller this authorize object will be working with. Also checks that isAuthorized is implemented.
42: *
43: * @param mixed $controller null to get, a controller to set.
44: * @return mixed
45: * @throws CakeException
46: */
47: public function controller(Controller $controller = null) {
48: if ($controller) {
49: if (!method_exists($controller, 'isAuthorized')) {
50: throw new CakeException(__d('cake_dev', '$controller does not implement an isAuthorized() method.'));
51: }
52: }
53: return parent::controller($controller);
54: }
55:
56: /**
57: * Checks user authorization using a controller callback.
58: *
59: * @param array $user Active user data
60: * @param CakeRequest $request
61: * @return boolean
62: */
63: public function authorize($user, CakeRequest $request) {
64: return (bool)$this->_Controller->isAuthorized($user);
65: }
66:
67: }
68: