From 61e4cdb031e6cb86767589d72ee07e0dbb636fa9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Florian=20Kr=C3=A4mer?= <florian.kraemer@cakedc.com>
Date: Fri, 9 Oct 2015 09:45:37 +0200
Subject: [PATCH] Improved AuthHelper::hasRole().

---
 src/View/Helper/AuthHelper.php                | 18 +++++++++++-------
 tests/TestCase/View/Helper/AuthHelperTest.php |  7 +++++++
 2 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/src/View/Helper/AuthHelper.php b/src/View/Helper/AuthHelper.php
index 5c05804..eb5a3bf 100644
--- a/src/View/Helper/AuthHelper.php
+++ b/src/View/Helper/AuthHelper.php
@@ -116,7 +116,7 @@ public function user($key = null) {
 		if ($key === null) {
 			return $this->_userData;
 		}
-		return Hash::get($this->_userData(true), $key);
+		return Hash::get((array)$this->_userData(true), $key);
 	}
 
 /**
@@ -125,17 +125,21 @@ public function user($key = null) {
  * @param string String of the role identifier.
  * @return boolean|null True if the role is in the set of roles for the active user data.
  */
-	public function hasRole($role) {
-		if (!is_string($role)) {
+	public function hasRole($requestedRole) {
+		if (!is_string($requestedRole) && !is_array($requestedRole)) {
 			throw new \InvalidArgumentException('Role must be a string!');
 		}
 		$roles = $this->user($this->config('roleField'));
+		if (is_null($roles)) {
+			return false;
+		}
 		if (is_string($roles)) {
-			return ($role === $roles);
+			$roles = [$roles];
 		}
-		if (is_array($roles)) {
-			return (in_array($role, $roles));
+		if (is_string($requestedRole)) {
+			$requestedRole = [$requestedRole];
 		}
+		$result = array_intersect($roles, $requestedRole);
+		return (count($result) > 0);
 	}
-
 }
diff --git a/tests/TestCase/View/Helper/AuthHelperTest.php b/tests/TestCase/View/Helper/AuthHelperTest.php
index 373ba50..4407f0b 100644
--- a/tests/TestCase/View/Helper/AuthHelperTest.php
+++ b/tests/TestCase/View/Helper/AuthHelperTest.php
@@ -92,6 +92,13 @@ public function testHasRole() {
 		$this->assertTrue($Auth->hasRole('manager'));
 		$this->assertFalse($Auth->hasRole('doesnotexist'));
 
+		$this->View->viewVars['userData']['role'] = array(
+			'manager', 'user'
+		);
+		$Auth = new AuthHelper($this->View);
+		$this->assertTrue($Auth->hasRole('manager'));
+		$this->assertFalse($Auth->hasRole('doesnotexist'));
+
 		try {
 			$object = new \stdClass();
 			$Auth->hasRole($object);