1: <?php
 2: /**
 3:  *
 4:  *
 5:  * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
 6:  * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
 7:  *
 8:  * Licensed under The MIT License
 9:  * For full copyright and license information, please see the LICENSE.txt
10:  * Redistributions of files must retain the above copyright notice.
11:  *
12:  * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
13:  * @link          http://cakephp.org CakePHP(tm) Project
14:  * @license       http://www.opensource.org/licenses/mit-license.php MIT License
15:  */
16: 
17: App::uses('BaseAuthorize', 'Controller/Component/Auth');
18: 
19: /**
20:  * An authorization adapter for AuthComponent. Provides the ability to authorize using a controller callback.
21:  * Your controller's isAuthorized() method should return a boolean to indicate whether or not the user is authorized.
22:  *
23:  * {{{
24:  *  public function isAuthorized($user) {
25:  *      if (!empty($this->request->params['admin'])) {
26:  *          return $user['role'] === 'admin';
27:  *      }
28:  *      return !empty($user);
29:  *  }
30:  * }}}
31:  *
32:  * the above is simple implementation that would only authorize users of the 'admin' role to access
33:  * admin routing.
34:  *
35:  * @package       Cake.Controller.Component.Auth
36:  * @since 2.0
37:  * @see AuthComponent::$authenticate
38:  */
39: class ControllerAuthorize extends BaseAuthorize {
40: 
41: /**
42:  * Get/set the controller this authorize object will be working with. Also checks that isAuthorized is implemented.
43:  *
44:  * @param Controller $controller null to get, a controller to set.
45:  * @return mixed
46:  * @throws CakeException
47:  */
48:     public function controller(Controller $controller = null) {
49:         if ($controller) {
50:             if (!method_exists($controller, 'isAuthorized')) {
51:                 throw new CakeException(__d('cake_dev', '$controller does not implement an %s method.', 'isAuthorized()'));
52:             }
53:         }
54:         return parent::controller($controller);
55:     }
56: 
57: /**
58:  * Checks user authorization using a controller callback.
59:  *
60:  * @param array $user Active user data
61:  * @param CakeRequest $request
62:  * @return boolean
63:  */
64:     public function authorize($user, CakeRequest $request) {
65:         return (bool)$this->_Controller->isAuthorized($user);
66:     }
67: 
68: }
69: