/**
* Permission extract constructor.
*
* @param $user
* @param Request $request
*/
public function __construct($user, Request $request)
{
$this->_request = $request;
$this->_user = (array) $user;
$this->_requestPref = $request->param('prefix');
$this->_controller = $request->param('Controller');
$this->_setAclPlugins();
$this->_setupAllowed();
}
/**
* Hands authorization over to the AnnAuthorize class.
* @param array $user
* An array containing information about the user to authorize.
* @param Request $request
* Describes the request to authorize.
*/
public function authorize($user, Request $request)
{
$controller = $this->_registry->getController();
$action = $request->param('action');
$pass = $request->param('pass');
Log::debug(sprintf('Trying to authorize user %s for request %s/%s and parameters %s.', $user['username'], $controller->name, $action, json_encode($pass)));
$annAuthorization = AnnAuthorization::getInstance();
$authorized = $annAuthorization->authorizeRequest($user['id'], $controller, $action, $pass, $request);
Log::debug(sprintf('Authorization %s', $authorized ? 'was successful.' : 'failed.'));
return $authorized;
}
/**
* User authorize.
*
* @param array $user
* @param Request $request
* @return bool
*/
public function authorize($user, Request $request)
{
$user = new Data($user);
// Allow all for admin role.
if (Role::ADMIN_ID == $user->get('role_id', Role::PUBLIC_ID)) {
return true;
}
return (bool) $request->param('allowed');
}
/**
* Get node ref path by request.
*
* @return string
*/
protected function _getNodeRef()
{
$ref = ['type' => 'controllers', 'plugin' => null, 'prefix' => Inflector::camelize($this->_request->param('prefix')), 'controller' => $this->_request->param('controller')];
if ($this->_request->param('plugin') !== false) {
$ref['plugin'] = FS::clean($this->_request->param('plugin'), '\\');
return implode('/', $ref);
}
return FS::clean(implode('/', $ref), '/');
}
/**
* Check and get current theme.
*
* @param Request $request
* @return string|null
*/
public static function get(Request $request)
{
$theme = Configure::read('Theme.site');
if ($request->param('prefix') == 'admin') {
$theme = Configure::read('Theme.admin');
}
$path = self::_find($theme);
if ($path !== null) {
self::loadList([$theme]);
return $theme;
}
return null;
}
/**
* Xml file path by request action.
*
* @param Request $request
* @param bool $isAction
* @return string
*/
public static function xmlActionForm(Request $request, $isAction = false)
{
$plugin = $request->param('plugin');
$controller = $request->param('controller');
$prefix = $request->param('prefix');
$action = $request->param('action');
$tplPath = self::plugin($plugin) . 'src' . DS . 'Template';
if ($prefix) {
$tplPath .= DS . Inflector::camelize($prefix) . DS;
}
$tplPath .= $controller . DS . 'Forms' . DS;
if (!$isAction) {
$tplPath .= 'form.xml';
}
if ($isAction === true) {
$tplPath .= $action . '.xml';
}
if (is_string($isAction)) {
$tplPath .= $isAction . '.xml';
}
return $tplPath;
}
/**
* Throws an exception when a controller is missing.
*
* @param \Cake\Network\Request $request The request.
* @throws \Cake\Routing\Exception\MissingControllerException
* @return void
*/
protected function missingController($request)
{
throw new MissingControllerException(['class' => $request->param('controller'), 'plugin' => $request->param('plugin'), 'prefix' => $request->param('prefix'), '_ext' => $request->param('_ext')]);
}
/**
* test writing request params with param()
*
* @return void
*/
public function testParamWriting()
{
$request = new Request('/');
$request->addParams(['action' => 'index']);
$this->assertInstanceOf('Cake\\Network\\Request', $request->param('some', 'thing'), 'Method has not returned $this');
$request->param('Post.null', null);
$this->assertNull($request->params['Post']['null']);
$request->param('Post.false', false);
$this->assertFalse($request->params['Post']['false']);
$request->param('Post.zero', 0);
$this->assertSame(0, $request->params['Post']['zero']);
$request->param('Post.empty', '');
$this->assertSame('', $request->params['Post']['empty']);
$this->assertSame('index', $request->action);
$request->param('action', 'edit');
$this->assertSame('edit', $request->action);
}
/**
* Get the provider name based on the request or on the provider set.
*
* @param \Cake\Network\Request $request Request object.
* @return mixed Either false or an array of user information
*/
protected function _getProviderName($request = null)
{
$provider = false;
if (!is_null($this->_provider)) {
$provider = SocialUtils::getProvider($this->_provider);
} elseif (!empty($request)) {
$provider = ucfirst($request->param('provider'));
}
return $provider;
}
/**
* @param array $user Active user data
* @param Request $request Request instance.
* @return bool
*/
public function authorize($user, Request $request)
{
$controller = $request->param('controller');
$action = $request->param('action');
return $this->validate($user, $controller, $action);
}
/**
* This method parses the provided rule param string and returns the appropriate value to be passed to the rule method.
* @param string $ruleParam
* The rule param as parsed by the parseAuthAnnotation method.
* @param array $pass
* The pass array from the parsed url.
* @param Request $request
* The request object representing the current request.
* @return mixed
* Returns the value corresponding to the provided $ruleParam.
* @throws AnnAuthorizationException
* Throws this exception if the $pass or $request parameter designated by the $ruleParam does not exist.
*/
protected function getParam($ruleParam, array $pass, Request $request)
{
$ruleMatched = preg_match('/(' . self::PARAM_TYPE_PASS . '|' . self::PARAM_TYPE_REQ . ')\\[([^\\]]+)\\]/', $ruleParam, $matches);
if (!$ruleMatched) {
return $ruleParam;
}
$type = $matches[1];
$index = $matches[2];
switch ($type) {
case self::PARAM_TYPE_PASS:
if (!array_key_exists($index, $pass)) {
throw new AnnAuthorizationException();
}
return $pass[$index];
case self::PARAM_TYPE_REQ:
if (!array_key_exists($index, $request->params)) {
throw new AnnAuthorizationException();
}
return $request->param($index);
}
}
/**
* Test using param()
*
* @return void
*/
public function testReadingParams()
{
$request = new Request();
$request->addParams(array('controller' => 'posts', 'admin' => true, 'truthy' => 1, 'zero' => '0'));
$this->assertFalse($request->param('not_set'));
$this->assertTrue($request->param('admin'));
$this->assertEquals(1, $request->param('truthy'));
$this->assertEquals('posts', $request->param('controller'));
$this->assertEquals('0', $request->param('zero'));
}
/**
* Returns the `$request`-ed provider.
*
* @param \Cake\Network\Request $request Current HTTP request.
* @return \League\Oauth2\Client\Provider\GenericProvider|false
*/
public function provider(Request $request)
{
if (!($alias = $request->param('provider'))) {
return false;
}
if (empty($this->_provider)) {
$this->_provider = $this->_getProvider($alias);
}
return $this->_provider;
}
public function testAuthorizeRequestWithParams()
{
$this->assertTrue($this->AnnAuthorization->authorizeRequest(UsersTable::SUPERADMIN_ID, $this->controller, 'ruleWithParamAction', ['test1'], new Request()));
$this->assertTrue($this->AnnAuthorization->authorizeRequest(UsersTable::SUPERADMIN_ID, $this->controller, 'ruleWithParamsAction', ['test1', 'test2'], new Request()));
$request = new Request();
$request->param('key1', 'test1');
$request->param('key2', 'test2');
$this->assertTrue($this->AnnAuthorization->authorizeRequest(UsersTable::SUPERADMIN_ID, $this->controller, 'ruleWithReqAction', ['test1', 'test2'], $request));
$this->assertTrue($this->AnnAuthorization->authorizeRequest(UsersTable::SUPERADMIN_ID, $this->controller, 'ruleWithReqsAction', ['test1', 'test2'], $request));
$this->assertTrue($this->AnnAuthorization->authorizeRequest(UsersTable::SUPERADMIN_ID, $this->controller, 'ruleWithMixedParamsAction', ['test1', 'test2'], $request));
}
/**
* Get the number per page.
*
* @return int
*/
public function getPerPage()
{
return $this->request->param('paging.' . $this->pagingType . '.perPage');
}
