/** * Validate the user has the correct CRUD access permission. * * @param array $user * @return bool * @throws UnauthorizedException */ public function isAuthorized($user = null) { parent::isAuthorized($user); if (!$this->Acl->check(array(USER_MODEL => $user), $this->Model->qualifiedName, 'read')) { throw new UnauthorizedException(__d('admin', 'Insufficient Access Permissions')); } return true; }
/** * Validate the user has the correct CRUD access permission. * * @param array $user * @return bool * @throws ForbiddenException * @throws UnauthorizedException */ public function isAuthorized($user = null) { parent::isAuthorized($user); if (empty($this->params['model'])) { throw new ForbiddenException(__d('admin', 'Invalid Model')); } list($plugin, $model, $class) = Admin::parseName($this->params['model']); // Don't allow certain models if (in_array($class, Configure::read('Admin.ignoreModels'))) { throw new ForbiddenException(__d('admin', 'Restricted Model')); } $action = $this->action; // Allow non-crud actions if (in_array($action, array('type_ahead', 'proxy', 'process_behavior', 'process_model'))) { return true; // Index counts as a read } else { if ($action === 'index') { $action = 'read'; } } if ($this->Acl->check(array(USER_MODEL => $user), $class, $action)) { return true; } throw new UnauthorizedException(__d('admin', 'Insufficient Access Permissions')); }