/** * Setup allowed actions. * * @return array */ protected function _setupAllowedActions() { $controller = $this->_registry->getController(); $permission = new PermissionExtract($controller->Auth->user(), $controller->request); $allowed = (array) $permission->requestAllowedMap(); if ($controller->request->param('controller') == 'Pages' && empty($allowed)) { $allowed = ['display']; } if ($controller->Auth->user('role.alias') == USER_ROLE_ADMIN) { $controller->Auth->allow(); } else { $controller->Auth->allow($allowed); } }
/** * User authorize. * * @param array $user * @param Request $request * @return bool */ public function authorize($user, Request $request) { $role = Hash::get($user, 'role.alias'); if ($role == USER_ROLE_ADMIN) { return true; } $permission = PermissionExtract::getInstance($user, $request); if (!$request->param('plugin') && $request->param('controller') == 'Pages') { return true; } return $permission->isAllowed(); }