Example #1
0
 public function isAuthorized()
 {
     parent::isAuthorized();
     if (isset($this->request->params["prefix"]) && $this->request->params["prefix"] == "admin" && $this->Auth->user('group_id') === 1) {
         return true;
     } else {
         return false;
     }
 }
Example #2
0
 public function isAuthorized($user)
 {
     if ($this->action === 'add') {
         return true;
     }
     if (in_array($this->action, array('edit', 'delete'))) {
         $postId = (int) $this->request->params['pass'][0];
         if ($this->Post->isOwnedBy($postId, $user['id'])) {
             return true;
         }
     }
     return parent::isAuthorized($user);
 }