/** * Permission extract constructor. * * @param $user * @param Request $request */ public function __construct($user, Request $request) { $this->_request = $request; $this->_user = (array) $user; $this->_requestPref = $request->param('prefix'); $this->_controller = $request->param('Controller'); $this->_setAclPlugins(); $this->_setupAllowed(); }
/** * Hands authorization over to the AnnAuthorize class. * @param array $user * An array containing information about the user to authorize. * @param Request $request * Describes the request to authorize. */ public function authorize($user, Request $request) { $controller = $this->_registry->getController(); $action = $request->param('action'); $pass = $request->param('pass'); Log::debug(sprintf('Trying to authorize user %s for request %s/%s and parameters %s.', $user['username'], $controller->name, $action, json_encode($pass))); $annAuthorization = AnnAuthorization::getInstance(); $authorized = $annAuthorization->authorizeRequest($user['id'], $controller, $action, $pass, $request); Log::debug(sprintf('Authorization %s', $authorized ? 'was successful.' : 'failed.')); return $authorized; }
/** * User authorize. * * @param array $user * @param Request $request * @return bool */ public function authorize($user, Request $request) { $user = new Data($user); // Allow all for admin role. if (Role::ADMIN_ID == $user->get('role_id', Role::PUBLIC_ID)) { return true; } return (bool) $request->param('allowed'); }
/** * Get node ref path by request. * * @return string */ protected function _getNodeRef() { $ref = ['type' => 'controllers', 'plugin' => null, 'prefix' => Inflector::camelize($this->_request->param('prefix')), 'controller' => $this->_request->param('controller')]; if ($this->_request->param('plugin') !== false) { $ref['plugin'] = FS::clean($this->_request->param('plugin'), '\\'); return implode('/', $ref); } return FS::clean(implode('/', $ref), '/'); }
/** * Check and get current theme. * * @param Request $request * @return string|null */ public static function get(Request $request) { $theme = Configure::read('Theme.site'); if ($request->param('prefix') == 'admin') { $theme = Configure::read('Theme.admin'); } $path = self::_find($theme); if ($path !== null) { self::loadList([$theme]); return $theme; } return null; }
/** * Xml file path by request action. * * @param Request $request * @param bool $isAction * @return string */ public static function xmlActionForm(Request $request, $isAction = false) { $plugin = $request->param('plugin'); $controller = $request->param('controller'); $prefix = $request->param('prefix'); $action = $request->param('action'); $tplPath = self::plugin($plugin) . 'src' . DS . 'Template'; if ($prefix) { $tplPath .= DS . Inflector::camelize($prefix) . DS; } $tplPath .= $controller . DS . 'Forms' . DS; if (!$isAction) { $tplPath .= 'form.xml'; } if ($isAction === true) { $tplPath .= $action . '.xml'; } if (is_string($isAction)) { $tplPath .= $isAction . '.xml'; } return $tplPath; }
/** * Throws an exception when a controller is missing. * * @param \Cake\Network\Request $request The request. * @throws \Cake\Routing\Exception\MissingControllerException * @return void */ protected function missingController($request) { throw new MissingControllerException(['class' => $request->param('controller'), 'plugin' => $request->param('plugin'), 'prefix' => $request->param('prefix'), '_ext' => $request->param('_ext')]); }
/** * test writing request params with param() * * @return void */ public function testParamWriting() { $request = new Request('/'); $request->addParams(['action' => 'index']); $this->assertInstanceOf('Cake\\Network\\Request', $request->param('some', 'thing'), 'Method has not returned $this'); $request->param('Post.null', null); $this->assertNull($request->params['Post']['null']); $request->param('Post.false', false); $this->assertFalse($request->params['Post']['false']); $request->param('Post.zero', 0); $this->assertSame(0, $request->params['Post']['zero']); $request->param('Post.empty', ''); $this->assertSame('', $request->params['Post']['empty']); $this->assertSame('index', $request->action); $request->param('action', 'edit'); $this->assertSame('edit', $request->action); }
/** * Get the provider name based on the request or on the provider set. * * @param \Cake\Network\Request $request Request object. * @return mixed Either false or an array of user information */ protected function _getProviderName($request = null) { $provider = false; if (!is_null($this->_provider)) { $provider = SocialUtils::getProvider($this->_provider); } elseif (!empty($request)) { $provider = ucfirst($request->param('provider')); } return $provider; }
/** * @param array $user Active user data * @param Request $request Request instance. * @return bool */ public function authorize($user, Request $request) { $controller = $request->param('controller'); $action = $request->param('action'); return $this->validate($user, $controller, $action); }
/** * This method parses the provided rule param string and returns the appropriate value to be passed to the rule method. * @param string $ruleParam * The rule param as parsed by the parseAuthAnnotation method. * @param array $pass * The pass array from the parsed url. * @param Request $request * The request object representing the current request. * @return mixed * Returns the value corresponding to the provided $ruleParam. * @throws AnnAuthorizationException * Throws this exception if the $pass or $request parameter designated by the $ruleParam does not exist. */ protected function getParam($ruleParam, array $pass, Request $request) { $ruleMatched = preg_match('/(' . self::PARAM_TYPE_PASS . '|' . self::PARAM_TYPE_REQ . ')\\[([^\\]]+)\\]/', $ruleParam, $matches); if (!$ruleMatched) { return $ruleParam; } $type = $matches[1]; $index = $matches[2]; switch ($type) { case self::PARAM_TYPE_PASS: if (!array_key_exists($index, $pass)) { throw new AnnAuthorizationException(); } return $pass[$index]; case self::PARAM_TYPE_REQ: if (!array_key_exists($index, $request->params)) { throw new AnnAuthorizationException(); } return $request->param($index); } }
/** * Test using param() * * @return void */ public function testReadingParams() { $request = new Request(); $request->addParams(array('controller' => 'posts', 'admin' => true, 'truthy' => 1, 'zero' => '0')); $this->assertFalse($request->param('not_set')); $this->assertTrue($request->param('admin')); $this->assertEquals(1, $request->param('truthy')); $this->assertEquals('posts', $request->param('controller')); $this->assertEquals('0', $request->param('zero')); }
/** * Returns the `$request`-ed provider. * * @param \Cake\Network\Request $request Current HTTP request. * @return \League\Oauth2\Client\Provider\GenericProvider|false */ public function provider(Request $request) { if (!($alias = $request->param('provider'))) { return false; } if (empty($this->_provider)) { $this->_provider = $this->_getProvider($alias); } return $this->_provider; }
public function testAuthorizeRequestWithParams() { $this->assertTrue($this->AnnAuthorization->authorizeRequest(UsersTable::SUPERADMIN_ID, $this->controller, 'ruleWithParamAction', ['test1'], new Request())); $this->assertTrue($this->AnnAuthorization->authorizeRequest(UsersTable::SUPERADMIN_ID, $this->controller, 'ruleWithParamsAction', ['test1', 'test2'], new Request())); $request = new Request(); $request->param('key1', 'test1'); $request->param('key2', 'test2'); $this->assertTrue($this->AnnAuthorization->authorizeRequest(UsersTable::SUPERADMIN_ID, $this->controller, 'ruleWithReqAction', ['test1', 'test2'], $request)); $this->assertTrue($this->AnnAuthorization->authorizeRequest(UsersTable::SUPERADMIN_ID, $this->controller, 'ruleWithReqsAction', ['test1', 'test2'], $request)); $this->assertTrue($this->AnnAuthorization->authorizeRequest(UsersTable::SUPERADMIN_ID, $this->controller, 'ruleWithMixedParamsAction', ['test1', 'test2'], $request)); }
/** * Get the number per page. * * @return int */ public function getPerPage() { return $this->request->param('paging.' . $this->pagingType . '.perPage'); }