The Security Component creates an easy way to integrate tighter security in your application. It provides methods for various tasks like:
_authRequired( Cake\Controller\Controller $controller )
Check if authentication is required
Cake\Controller\Controller
$controller
boolean
_callback( Cake\Controller\Controller $controller , string $method , array $params [] )
Calls a controller callback method
Cake\Controller\Controller
$controller
$method
$params
optional [] mixed
Cake\Network\Exception\BadRequestException
_requireMethod( string $method , array $actions [] )
Sets the actions that require a $method HTTP request, or empty for all actions
$method
$actions
optional [] _secureRequired( Cake\Controller\Controller $controller )
Check if access requires secure connection
Cake\Controller\Controller
$controller
boolean
_validatePost( Cake\Controller\Controller $controller )
Validate submitted form
Cake\Controller\Controller
$controller
boolean
blackHole( Cake\Controller\Controller $controller , string $error '' )
Black-hole an invalid request with a 400 error or custom callback. If SecurityComponent::$blackHoleCallback is specified, it will use this callback by executing the method indicated in $error
Cake\Controller\Controller
$controller
$error
optional '' mixed
Cake\Network\Exception\BadRequestException
generateToken( Cake\Network\Request $request )
Manually add form tampering prevention token information into the provided request object.
Cake\Network\Request
$request
boolean
implementedEvents( )
Events supported by this component.
array
Cake\Controller\Component::implementedEvents()
requireAuth( string|array $actions )
Sets the actions that require whitelisted form submissions.
Adding actions with this method will enforce the restrictions set in SecurityComponent::$allowedControllers and SecurityComponent::$allowedActions.
$actions
requireSecure( string|array $actions null )
Sets the actions that require a request that is SSL-secured, or empty for all actions
$actions
optional null startup( Cake\Event\Event $event )
Component startup. All security checking happens here.
Cake\Event\Event
$event
mixed
__construct( Cake\Controller\ComponentRegistry $registry , array $config [] )
Constructor
Cake\Controller\ComponentRegistry
$registry
$config
optional [] __debugInfo( )
Returns an array that can be used to describe the internal state of this object.
array
__get( string $name )
Magic method for lazy loading $components.
$name
mixed
initialize( array $config )
Constructor hook method.
Implement this method to avoid having to overwrite the constructor and call parent.
$config
_configDelete( string $key )
Delete a single config key
$key
Cake\Core\Exception\Exception
_configRead( string|null $key )
Read a config variable
$key
mixed
_configWrite( string|array $key , mixed $value , boolean|string $merge false )
Write a config variable
$key
$value
$merge
optional false Cake\Core\Exception\Exception
config( string|array|null $key null , mixed|null $value null , boolean $merge true )
Reading the whole config:
$this->config();
Reading a specific value:
$this->config('key');
Reading a nested value:
$this->config('some.nested.key');
Setting a specific value:
$this->config('key', $value);
Setting a nested value:
$this->config('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->config(['one' => 'value', 'another' => 'value']);
$key
optional null $value
optional null $merge
optional true mixed
Cake\Core\Exception\Exception
configShallow( string|array $key , mixed|null $value null )
Merge provided config with existing config. Unlike config()
which does a recursive merge for nested keys, this method does a simple merge.
Setting a specific value:
$this->config('key', $value);
Setting a nested value:
$this->config('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->config(['one' => 'value', 'another' => 'value']);
$key
$value
optional null mixed
log( mixed $msg , integer|string $level LogLevel::ERROR , string|array $context [] )
Convenience method to write a message to Log. See Log::write() for more information on writing to logs.
$msg
$level
optional LogLevel::ERROR $context
optional [] boolean
protected array
A component lookup table used to lazy load component objects.
[]
protected Cake\Controller\ComponentRegistry
Component registry class used to lazy load components.
protected boolean
Whether the config property has already been configured with defaults
false
© 2005–2016 The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
http://api.cakephp.org/3.1/class-Cake.Controller.Component.SecurityComponent.html