/**
* Setup allowed actions.
*
* @return array
*/
protected function _setupAllowedActions()
{
$controller = $this->_registry->getController();
$permission = new PermissionExtract($controller->Auth->user(), $controller->request);
$allowed = (array) $permission->requestAllowedMap();
if ($controller->request->param('controller') == 'Pages' && empty($allowed)) {
$allowed = ['display'];
}
if ($controller->Auth->user('role.alias') == USER_ROLE_ADMIN) {
$controller->Auth->allow();
} else {
$controller->Auth->allow($allowed);
}
}
/**
* User authorize.
*
* @param array $user
* @param Request $request
* @return bool
*/
public function authorize($user, Request $request)
{
$role = Hash::get($user, 'role.alias');
if ($role == USER_ROLE_ADMIN) {
return true;
}
$permission = PermissionExtract::getInstance($user, $request);
if (!$request->param('plugin') && $request->param('controller') == 'Pages') {
return true;
}
return $permission->isAllowed();
}
