1: <?php
2: /**
3: * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
4: * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
5: *
6: * Licensed under The MIT License
7: * For full copyright and license information, please see the LICENSE.txt
8: * Redistributions of files must retain the above copyright notice.
9: *
10: * @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
11: * @link http://cakephp.org CakePHP(tm) Project
12: * @license http://www.opensource.org/licenses/mit-license.php MIT License
13: */
14:
15: App::uses('BaseAuthorize', 'Controller/Component/Auth');
16:
17: /**
18: * An authorization adapter for AuthComponent. Provides the ability to authorize using a controller callback.
19: * Your controller's isAuthorized() method should return a boolean to indicate whether or not the user is authorized.
20: *
21: * ```
22: * public function isAuthorized($user) {
23: * if (!empty($this->request->params['admin'])) {
24: * return $user['role'] === 'admin';
25: * }
26: * return !empty($user);
27: * }
28: * ```
29: *
30: * the above is simple implementation that would only authorize users of the 'admin' role to access
31: * admin routing.
32: *
33: * @package Cake.Controller.Component.Auth
34: * @since 2.0
35: * @see AuthComponent::$authenticate
36: */
37: class ControllerAuthorize extends BaseAuthorize {
38:
39: /**
40: * Get/set the controller this authorize object will be working with. Also checks that isAuthorized is implemented.
41: *
42: * @param Controller $controller null to get, a controller to set.
43: * @return mixed
44: * @throws CakeException
45: */
46: public function controller(Controller $controller = null) {
47: if ($controller) {
48: if (!method_exists($controller, 'isAuthorized')) {
49: throw new CakeException(__d('cake_dev', '$controller does not implement an %s method.', 'isAuthorized()'));
50: }
51: }
52: return parent::controller($controller);
53: }
54:
55: /**
56: * Checks user authorization using a controller callback.
57: *
58: * @param array $user Active user data
59: * @param CakeRequest $request Request instance.
60: * @return bool
61: */
62: public function authorize($user, CakeRequest $request) {
63: return (bool)$this->_Controller->isAuthorized($user);
64: }
65:
66: }
67: