From 1c2f4283c7bfb1f4a6cbaf21eb7731f347a476d9 Mon Sep 17 00:00:00 2001 From: mscherer Date: Fri, 18 Apr 2025 17:26:24 +0200 Subject: [PATCH 1/2] disableIdentityCheck --- .../Component/AuthenticationComponent.php | 11 +++++ .../Component/AuthenticationComponentTest.php | 46 +++++++++++++------ 2 files changed, 42 insertions(+), 15 deletions(-) diff --git a/src/Controller/Component/AuthenticationComponent.php b/src/Controller/Component/AuthenticationComponent.php index d1a0b8b6..0bfe0ddd 100644 --- a/src/Controller/Component/AuthenticationComponent.php +++ b/src/Controller/Component/AuthenticationComponent.php @@ -190,6 +190,17 @@ protected function doIdentityCheck(): void } } + /** + * Disables the identity check for this controller and as all its actions. + * They then don't require an authentication identity to be present. + * + * @return void + */ + public function disableIdentityCheck(): void + { + $this->setConfig('requireIdentity', false); + } + /** * Set the list of actions that don't require an authentication identity to be present. * diff --git a/tests/TestCase/Controller/Component/AuthenticationComponentTest.php b/tests/TestCase/Controller/Component/AuthenticationComponentTest.php index 51cf7573..43ffdbff 100644 --- a/tests/TestCase/Controller/Component/AuthenticationComponentTest.php +++ b/tests/TestCase/Controller/Component/AuthenticationComponentTest.php @@ -55,11 +55,6 @@ class AuthenticationComponentTest extends TestCase */ protected $request; - /** - * @var \Cake\Http\Response - */ - protected $response; - /** * @var \Authentication\AuthenticationService */ @@ -495,7 +490,7 @@ public function testUnauthenticatedActionsNoActionsFails() } /** - * test disabling requireidentity via settings + * test disabling requireIdentity via settings * * @return void */ @@ -516,6 +511,27 @@ public function testUnauthenticatedActionsDisabledOptions() $this->assertTrue(true, 'No exception should be raised as require identity is off.'); } + /** + * test disabling requireIdentity via convenience method + * + * @return void + */ + public function testUnauthenticatedActionsDisabledOptionsCall() + { + $request = $this->request + ->withParam('action', 'view') + ->withAttribute('authentication', $this->service); + + $controller = new Controller($request); + $controller->loadComponent('Authentication.Authentication'); + $controller->Authentication->disableIdentityCheck(); + + // Mismatched actions would normally cause an error. + $controller->Authentication->allowUnauthenticated(['index', 'add']); + $controller->startupProcess(); + $this->assertTrue(true, 'No exception should be raised as require identity is off.'); + } + /** * Test that the identity check can be run from callback for Controller.initialize * @@ -574,7 +590,7 @@ public function testImpersonate() $request = $this->request ->withAttribute('identity', $identity) ->withAttribute('authentication', $this->service); - $controller = new Controller($request, $this->response); + $controller = new Controller($request); $registry = new ComponentRegistry($controller); $component = new AuthenticationComponent($registry); @@ -605,7 +621,7 @@ public function testImpersonateDecoratorIgnored() $request = $this->request ->withAttribute('identity', $identity) ->withAttribute('authentication', $this->service); - $controller = new Controller($request, $this->response); + $controller = new Controller($request); $registry = new ComponentRegistry($controller); $component = new AuthenticationComponent($registry); @@ -630,7 +646,7 @@ public function testImpersonateNoIdentity() $impersonated = new ArrayObject(['username' => 'larry']); $request = $this->request ->withAttribute('authentication', $this->service); - $controller = new Controller($request, $this->response); + $controller = new Controller($request); $registry = new ComponentRegistry($controller); $component = new AuthenticationComponent($registry); $this->expectException(UnauthenticatedException::class); @@ -659,7 +675,7 @@ public function testImpersonateFailure() $request = $this->request ->withAttribute('identity', $identity) ->withAttribute('authentication', $service); - $controller = new Controller($request, $this->response); + $controller = new Controller($request); $registry = new ComponentRegistry($controller); $component = new AuthenticationComponent($registry); $this->expectException(UnexpectedValueException::class); @@ -680,7 +696,7 @@ public function testStopImpersonating() $this->request->getSession()->write('AuthImpersonate', $impersonator); $this->service->authenticate($this->request); $request = $this->request->withAttribute('authentication', $this->service); - $controller = new Controller($request, $this->response); + $controller = new Controller($request); $registry = new ComponentRegistry($controller); $component = new AuthenticationComponent($registry); $this->assertEquals($impersonator, $controller->getRequest()->getSession()->read('AuthImpersonate')); @@ -710,7 +726,7 @@ public function testStopImpersonatingFailure() $request = $this->request ->withAttribute('identity', $identity) ->withAttribute('authentication', $service); - $controller = new Controller($request, $this->response); + $controller = new Controller($request); $registry = new ComponentRegistry($controller); $component = new AuthenticationComponent($registry); $this->expectException(UnexpectedValueException::class); @@ -733,7 +749,7 @@ public function testIsImpersonating() $request = $this->request ->withAttribute('authentication', $this->service) ->withAttribute('identity', new Identity($impersonated)); - $controller = new Controller($request, $this->response); + $controller = new Controller($request); $registry = new ComponentRegistry($controller); $component = new AuthenticationComponent($registry); @@ -757,7 +773,7 @@ public function testGetImpersonationAuthenticationServiceFailure() $request = $this->request ->withAttribute('authentication', $service) ->withAttribute('identity', new Identity($user)); - $controller = new Controller($request, $this->response); + $controller = new Controller($request); $registry = new ComponentRegistry($controller); $component = new AuthenticationComponent($registry); @@ -778,7 +794,7 @@ public function testIsImpersonatingNotImpersonating() $this->request->getSession()->write('Auth', $user); $this->service->authenticate($this->request); $request = $this->request->withAttribute('authentication', $this->service); - $controller = new Controller($request, $this->response); + $controller = new Controller($request); $registry = new ComponentRegistry($controller); $component = new AuthenticationComponent($registry); From 7bbc90907f00fd7ada18d70fd2ff88baaac68fbf Mon Sep 17 00:00:00 2001 From: mscherer Date: Fri, 18 Apr 2025 17:27:51 +0200 Subject: [PATCH 2/2] Docs --- docs/en/authentication-component.rst | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/en/authentication-component.rst b/docs/en/authentication-component.rst index 07d9a659..34da6ccf 100644 --- a/docs/en/authentication-component.rst +++ b/docs/en/authentication-component.rst @@ -103,4 +103,6 @@ applied during the ``Controller.initialize`` event instead:: ]); You can also disable identity checks entirely with the ``requireIdentity`` -option. +option or by calling ``disableIdentityCheck`` from the controller's ``beforeFilter()`` method itself:: + + $this->Authentication->disableIdentityCheck();