1: <?php
2: /**
3: * PHP 5
4: *
5: * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
6: * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
7: *
8: * Licensed under The MIT License
9: * For full copyright and license information, please see the LICENSE.txt
10: * Redistributions of files must retain the above copyright notice.
11: *
12: * @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
13: * @link http://cakephp.org CakePHP(tm) Project
14: * @license http://www.opensource.org/licenses/mit-license.php MIT License
15: */
16:
17: App::uses('BaseAuthorize', 'Controller/Component/Auth');
18:
19: /**
20: * An authorization adapter for AuthComponent. Provides the ability to authorize using a controller callback.
21: * Your controller's isAuthorized() method should return a boolean to indicate whether or not the user is authorized.
22: *
23: * {{{
24: * public function isAuthorized($user) {
25: * if (!empty($this->request->params['admin'])) {
26: * return $user['role'] === 'admin';
27: * }
28: * return !empty($user);
29: * }
30: * }}}
31: *
32: * the above is simple implementation that would only authorize users of the 'admin' role to access
33: * admin routing.
34: *
35: * @package Cake.Controller.Component.Auth
36: * @since 2.0
37: * @see AuthComponent::$authenticate
38: */
39: class ControllerAuthorize extends BaseAuthorize {
40:
41: /**
42: * Get/set the controller this authorize object will be working with. Also checks that isAuthorized is implemented.
43: *
44: * @param Controller $controller null to get, a controller to set.
45: * @return mixed
46: * @throws CakeException
47: */
48: public function controller(Controller $controller = null) {
49: if ($controller) {
50: if (!method_exists($controller, 'isAuthorized')) {
51: throw new CakeException(__d('cake_dev', '$controller does not implement an isAuthorized() method.'));
52: }
53: }
54: return parent::controller($controller);
55: }
56:
57: /**
58: * Checks user authorization using a controller callback.
59: *
60: * @param array $user Active user data
61: * @param CakeRequest $request
62: * @return boolean
63: */
64: public function authorize($user, CakeRequest $request) {
65: return (bool)$this->_Controller->isAuthorized($user);
66: }
67:
68: }
69: