Merge pull request #108 from cakephp/missing-identity

MissingIdentity exception was never thrown.
cakephp · Nov 9, 2019 · 021935f · 021935f
2 parents 112f1a3 + 9e9bc18
commit 021935f
Showing 1 changed file with 11 additions and 7 deletions.
diff --git a/src/Controller/Component/AuthorizationComponent.php b/src/Controller/Component/AuthorizationComponent.php
@@ -16,6 +16,7 @@
 
 use Authorization\AuthorizationServiceInterface;
 use Authorization\Exception\ForbiddenException;
+use Authorization\Exception\MissingIdentityException;
 use Authorization\IdentityInterface;
 use Authorization\Policy\Result;
 use Authorization\Policy\ResultInterface;
@@ -62,7 +63,7 @@ class AuthorizationComponent extends Component
     public function authorize($resource, $action = null)
     {
         if ($action === null) {
-            $request = $this->getController()->request;
+            $request = $this->getController()->getRequest();
             $action = $this->getDefaultAction($request);
         }
 
@@ -96,14 +97,14 @@ public function authorize($resource, $action = null)
      */
     public function can($resource, $action = null)
     {
-        $request = $this->getController()->request;
+        $request = $this->getController()->getRequest();
         if ($action === null) {
             $action = $this->getDefaultAction($request);
         }
 
         $identity = $this->getIdentity($request);
-        if (empty($identity)) {
-            return $this->getService($this->request)->can(null, $action, $resource);
+        if ($identity === null) {
+            return $this->getService($request)->can(null, $action, $resource);
         }
 
         return $identity->can($action, $resource);
@@ -121,11 +122,14 @@ public function can($resource, $action = null)
      */
     public function applyScope($resource, $action = null)
     {
-        $request = $this->getController()->request;
+        $request = $this->getController()->getRequest();
         if ($action === null) {
             $action = $this->getDefaultAction($request);
         }
         $identity = $this->getIdentity($request);
+        if ($identity === null) {
+            throw new MissingIdentityException('Identity must exist for applyScope() call.');
+        }
 
         return $identity->applyScope($action, $resource);
     }
@@ -137,7 +141,7 @@ public function applyScope($resource, $action = null)
      */
     public function skipAuthorization()
     {
-        $request = $this->getController()->request;
+        $request = $this->getController()->getRequest();
         $service = $this->getService($request);
 
         $service->skipAuthorization();
@@ -249,7 +253,7 @@ protected function getIdentity(ServerRequestInterface $request)
      */
     public function authorizeAction()
     {
-        $request = $this->getController()->request;
+        $request = $this->getController()->getRequest();
         $action = $request->getParam('action');
 
         $skipAuthorization = $this->checkAction($action, 'skipAuthorization');