/**
* Validate the user has the correct CRUD access permission.
*
* @param array $user
* @return bool
* @throws UnauthorizedException
*/
public function isAuthorized($user = null)
{
parent::isAuthorized($user);
if (!$this->Acl->check(array(USER_MODEL => $user), $this->Model->qualifiedName, 'read')) {
throw new UnauthorizedException(__d('admin', 'Insufficient Access Permissions'));
}
return true;
}
/**
* Validate the user has the correct CRUD access permission.
*
* @param array $user
* @return bool
* @throws ForbiddenException
* @throws UnauthorizedException
*/
public function isAuthorized($user = null)
{
parent::isAuthorized($user);
if (empty($this->params['model'])) {
throw new ForbiddenException(__d('admin', 'Invalid Model'));
}
list($plugin, $model, $class) = Admin::parseName($this->params['model']);
// Don't allow certain models
if (in_array($class, Configure::read('Admin.ignoreModels'))) {
throw new ForbiddenException(__d('admin', 'Restricted Model'));
}
$action = $this->action;
// Allow non-crud actions
if (in_array($action, array('type_ahead', 'proxy', 'process_behavior', 'process_model'))) {
return true;
// Index counts as a read
} else {
if ($action === 'index') {
$action = 'read';
}
}
if ($this->Acl->check(array(USER_MODEL => $user), $class, $action)) {
return true;
}
throw new UnauthorizedException(__d('admin', 'Insufficient Access Permissions'));
}
