TheCoreDev/sterivein
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Finalized admin security

Browse Source
This commit is contained in:
franck
2013-07-12 14:22:08 +02:00
parent 257de6fba4
commit 385a83f896
35 changed files with 386 additions and 896 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
core/lib/Thelia/Core/HttpFoundation/Session/Session.php
View File

@@ -24,6 +24,7 @@
namespace Thelia\Core\HttpFoundation\Session;
use Symfony\Component\HttpFoundation\Session\Session as BaseSession;
use Thelia\Core\Security\User\UserInterface;
class Session extends BaseSession {
@@ -35,7 +36,31 @@ class Session extends BaseSession {
public function getLang()
{
return $this->get("lang", "en");
return substr($this->getLocale(), 0, 2);
}
public function setCustomerUser(UserInterface $user) {
$this->set('customer_user', $user);
}
public function getCustomerUser() {
return $this->get('customer_user');
}
public function clearCustomerUser() {
return $this->remove('customer_user');
}
public function setAdminUser(UserInterface $user) {
$this->set('admin_user', $user);
}
public function getAdminUser() {
return $this->get('admin_user');
}
public function clearAdminUser() {
return $this->remove('admin_user');
}
}

60
core/lib/Thelia/Core/Security/Authentication/AuthenticationProviderInterface.php
View File

@@ -1,60 +0,0 @@
<?php
/*************************************************************************************/
/* */
/* Thelia */
/* */
/* Copyright (c) OpenStudio */
/* email : info@thelia.net */
/* web : http://www.thelia.net */
/* */
/* This program is free software; you can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 3 of the License */
/* */
/* This program is distributed in the hope that it will be useful, */
/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
/* GNU General Public License for more details. */
/* */
/* You should have received a copy of the GNU General Public License */
/* along with this program. If not, see <http://www.gnu.org/licenses/>. */
/* */
/*************************************************************************************/
namespace Thelia\Core\Security\Authentication;
use Thelia\Core\Security\UserNotFoundException;
use Thelia\Core\Security\IncorrectPasswordException;
/**
* Aunthentication providers are in charge or retrieving users, and check their
* credentials.
*
* @author Franck
*
*/
interface AuthenticationProviderInterface {
/**
* Set the authentication token
*
* @param TokenInterface $token the authentication token
*/
public function setToken(TokenInterface $token);
/**
* Set the authentication token
*
* @param unknown $key
*/
public function supportsToken(TokenInterface $token);
/**
* Authenticate the token
*
*@throws Exception if authentication was not successful
*/
public function authenticate();
}
?>

67
core/lib/Thelia/Core/Security/Authentication/UsernamePasswordAuthenticator.php
View File

@@ -1,67 +0,0 @@
<?php
/*************************************************************************************/
/* */
/* Thelia */
/* */
/* Copyright (c) OpenStudio */
/* email : info@thelia.net */
/* web : http://www.thelia.net */
/* */
/* This program is free software; you can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 3 of the License */
/* */
/* This program is distributed in the hope that it will be useful, */
/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
/* GNU General Public License for more details. */
/* */
/* You should have received a copy of the GNU General Public License */
/* along with this program. If not, see <http://www.gnu.org/licenses/>. */
/* */
/*************************************************************************************/
namespace Thelia\Core\Security\Authentication;
use Thelia\Core\Security\Authentication\AuthenticationProviderInterface;
use Thelia\Core\Security\Encoder\PasswordEncoderInterface;
use Thelia\Core\Security\User\UserProviderInterface;
use Thelia\Security\Token\TokenInterface;
use Thelia\Core\Security\Exception\IncorrectPasswordException;
use Thelia\Core\Security\Token\UsernamePasswordToken;
class UsernamePasswordAuthenticator implements AuthenticationProviderInterface {
protected $userProvider;
protected $encoder;
private $token;
public function __construct(UserProviderInterface $userProvider, PasswordEncoderInterface $encoder) {
$this->userProvider = $userProvider;
$this->encoder = $encoder;
}
public function supportsToken(TokenInterface $token) {
return $token instanceof UsernamePasswordToken;
}
public function authenticate($token) {
if (!$this->supports($token)) {
return null;
}
// Retreive user
$user = $this->userProvider->getUser($this->token->getUsername());
// Check password
$authOk = $this->encoder->isEqual($password, $user->getPassword(), $user->getAlgo(), $user->getSalt()) === true;
$authenticatedToken = new UsernamePasswordToken($user, $token->getCredentials(), $authOk);
return $authenticatedToken;
}
}

35
core/lib/Thelia/Core/Security/AuthenticationProcessor.php
View File

@@ -1,35 +0,0 @@
<?php
use Thelia\Core\Security\Token\UsernamePasswordToken;
use Symfony\Component\HttpFoundation\Request;
use Thelia\Core\Security\Authentication\UsernamePasswordAuthenticator;
use Thelia\Core\Security\User\UserProvider\CustomerUserProvider;
use Thelia\Core\Security\Encoder\PasswordHashEncoder;
use Symfony\Component\DependencyInjection\ContainerInterface;
class AuthenticationProcessor {
private $container;
public function __construct(ContainerInterface $container) {
$this->container = $container;
}
public function createToken(Request $request) {
$context = $request->get('_context');
try {
$securityContext = $this->container->get("security.$context");
$token = new UsernamePasswordToken(
$request->get('_username'),
$request->get('_password')
);
$securityContext->setToken($token);
}
catch (\Exception $ex) {
// Nothing to do
}
}
}

52
core/lib/Thelia/Core/Security/Encoder/PasswordEncoderInterface.php
View File

@@ -1,52 +0,0 @@
<?php
/*************************************************************************************/
/* */
/* Thelia */
/* */
/* Copyright (c) OpenStudio */
/* email : info@thelia.net */
/* web : http://www.thelia.net */
/* */
/* This program is free software; you can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 3 of the License */
/* */
/* This program is distributed in the hope that it will be useful, */
/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
/* GNU General Public License for more details. */
/* */
/* You should have received a copy of the GNU General Public License */
/* along with this program. If not, see <http://www.gnu.org/licenses/>. */
/* */
/*************************************************************************************/
namespace Thelia\Core\Security\Encoder;
/**
* This interface defines a password encoder.
*
* @author Franck Allimant <franck@cqfdev.fr>
*
*/
interface PasswordEncoderInterface {
/**
* Encode a string.
*
* @param string $password the password to encode
* @param string $algorithm the hash() algorithm
* @return string $salt the salt
*/
public function encode($password, $algorithm, $salt);
/**
* Check a string against an encoded password.
*
* @param string $string the string to compare against password
* @param string $password the encoded password
* @param string $algorithm the hash() algorithm
* @return string $salt the salt
*/
public function isEqual($string, $password, $algorithm, $salt);
}

66
core/lib/Thelia/Core/Security/Encoder/PasswordHashEncoder.php
View File

@@ -1,66 +0,0 @@
<?php
/*************************************************************************************/
/* */
/* Thelia */
/* */
/* Copyright (c) OpenStudio */
/* email : info@thelia.net */
/* web : http://www.thelia.net */
/* */
/* This program is free software; you can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 3 of the License */
/* */
/* This program is distributed in the hope that it will be useful, */
/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
/* GNU General Public License for more details. */
/* */
/* You should have received a copy of the GNU General Public License */
/* along with this program. If not, see <http://www.gnu.org/licenses/>. */
/* */
/*************************************************************************************/
namespace Thelia\Core\Security\Encoder;
/**
* This interface defines a hash based password encoder.
*
* @author Franck Allimant <franck@cqfdev.fr>
*/
class PasswordHashEncoder implements PasswordEncoderInterface {
/**
* {@inheritdoc}
*/
public function encode($password, $algorithm, $salt)
{
if (!in_array($algorithm, hash_algos(), true)) {
throw new \LogicException(sprintf('The algorithm "%s" is not supported.', $algorithm));
}
// Salt the string
$salted = $password.$salt;
// Create the hash
$digest = hash($algorithm, $salted, true);
// "stretch" hash
for ($i = 1; $i < 5000; $i++) {
$digest = hash($algorithm, $digest.$salted, true);
}
return base64_encode($digest);
}
/**
* {@inheritdoc}
*/
public function isEqual($string, $password, $algorithm, $salt)
{
$encoded = $this->encode($password, $algorithm, $salt);
return $encoded == $string;
}
}

58
core/lib/Thelia/Core/Security/Encoder/PasswordPhpCompatEncoder.php
View File

@@ -1,58 +0,0 @@
<?php
/*************************************************************************************/
/* */
/* Thelia */
/* */
/* Copyright (c) OpenStudio */
/* email : info@thelia.net */
/* web : http://www.thelia.net */
/* */
/* This program is free software; you can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 3 of the License */
/* */
/* This program is distributed in the hope that it will be useful, */
/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
/* GNU General Public License for more details. */
/* */
/* You should have received a copy of the GNU General Public License */
/* along with this program. If not, see <http://www.gnu.org/licenses/>. */
/* */
/*************************************************************************************/
namespace Thelia\Core\Security\Encoder;
/**
*
* use password api include in php 5.5 and available throw the password_compat library.
*
* Class PasswordPhpCompatEncoder
* @package Thelia\Core\Security\Encoder
*/
class PasswordPhpCompatEncoder implements PasswordEncoderInterface {
/**
* Encode a string.
*
* @param string $password the password to encode
* @param string $algorithm the hash() algorithm
* @return string $salt the salt, the salt is not used here.
*/
public function encode($password, $algorithm, $salt = null)
{
return password_hash($password, $algorithm);
}
/**
* Check a string against an encoded password.
*
* @param string $string the string to compare against password
* @param string $password the encoded password
* @param string $algorithm the hash() algorithm, not used here
* @return string $salt the salt, not used here
*/
public function isEqual($string, $password, $algorithm = null, $salt = null)
{
return password_verify($string, $password);
}
}

28
core/lib/Thelia/Core/Security/Exception/AuthenticationTokenNotFoundException.php
View File

@@ -1,28 +0,0 @@
<?php
/*************************************************************************************/
/* */
/* Thelia */
/* */
/* Copyright (c) OpenStudio */
/* email : info@thelia.net */
/* web : http://www.thelia.net */
/* */
/* This program is free software; you can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 3 of the License */
/* */
/* This program is distributed in the hope that it will be useful, */
/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
/* GNU General Public License for more details. */
/* */
/* You should have received a copy of the GNU General Public License */
/* along with this program. If not, see <http://www.gnu.org/licenses/>. */
/* */
/*************************************************************************************/
namespace Thelia\Core\Security\Exception;
class AuthenticationTokenNotFoundException extends \Exception
{
}

2
core/lib/Thelia/Core/Security/Role/Role.php
View File

@@ -9,7 +9,7 @@
* file that was distributed with this source code.
*/
namespace use Thelia\Core\Security\Role;
namespace Thelia\Core\Security\Role;
/**
* Role is a simple implementation of a RoleInterface where the role is a

121
core/lib/Thelia/Core/Security/SecurityContext.php
View File

@@ -25,62 +25,125 @@ namespace Thelia\Core\Security;
use Thelia\Core\Security\Authentication\AuthenticationProviderInterface;
use Thelia\Core\Security\Exception\AuthenticationTokenNotFoundException;
use Thelia\Core\Security\Token\TokenInterface;
use Thelia\Core\Security\User\UserInterface;
use Thelia\Core\HttpFoundation\Request;
/**
* A simple security manager, in charge of authenticating users using various authentication systems.
* A simple security manager, in charge of checking user
*
* @author Franck Allimant <franck@cqfdev.fr>
*/
class SecurityContext {
/*
protected $authProvider;
public function __construct(AuthenticationProviderInterface $authProvider) {
$this->authProvider = $authProvider;
}
*/
const CONTEXT_FRONT_OFFICE = 'front';
const CONTEXT_BACK_OFFICE = 'admin';
private $request;
private $context;
public function __construct(Request $request) {
$this->request = $request;
$this->context = null;
}
public function setContext($context) {
if ($context !== self::CONTEXT_FRONT_OFFICE && $context !== self::CONTEXT_BACK_OFFICE) {
throw new \InvalidArgumentException(sprintf("Invalid or empty context identifier '%s'", $context));
}
$this->context = $context;
}
public function getContext($exception_if_context_undefined = false) {
if (null === $this->context && $exception_if_context_undefined === true)
throw new \LogicException("No context defined. Please use setContext() first.");
return $this->context;
}
private function getSession() {
$session = $this->request->getSession();
if ($session === null)
throw new \LogicException("No session found.");
return $session;
}
/**
* Checks if the current token is authenticated
* Gets the currently authenticated user in the current context, or null if none is defined
*
* @throws AuthenticationCredentialsNotFoundException when the security context has no authentication token.
* @return UserInterface|null A UserInterface instance or null if no user is available
*/
public function getUser() {
$context = $this->getContext(true);
if ($context === self::CONTEXT_FRONT_OFFICE)
$user = $this->getSession()->getCustomerUser();
else if ($context == self::CONTEXT_BACK_OFFICE)
$user = $this->getSession()->getAdminUser();
else
$user = null;
return $user;
}
final public function isAuthenticated()
{
if (null !== $this->getUser()) {
return true;
}
return false;
}
/**
* Checks if the current user is allowed
*
* @return Boolean
* @throws AuthenticationTokenNotFoundException if no thoken was found in context
*/
final public function isGranted($roles, $permissions)
{
if (null === $this->token) {
throw new AuthenticationTokenNotFoundException('The security context contains no authentication token.');
}
if ($this->isAuthenticated() === true) {
if (!$this->token->isAuthenticated()) {
$this->token = $this->authProvider->authenticate($this->token);
}
echo "TODO: check roles and permissions !";
if ($this->token->isAuthenticated()) {
// Check user roles and permissions
// TODO : check roles and permissions
return true;
}
return false;
}
/**
* Gets the currently authenticated token.
* Sets the authenticated user.
*
* @return TokenInterface|null A TokenInterface instance or null if no authentication information is available
* @param UserInterface $user A UserInterface, or null if no further user should be stored
*/
public function getToken()
public function setUser(UserInterface $user)
{
return $this->token;
$context = $this->getContext(true);
$user->eraseCredentials();
if ($context === self::CONTEXT_FRONT_OFFICE)
$this->getSession()->setCustomerUser($user);
else if ($context == self::CONTEXT_BACK_OFFICE)
$this->getSession()->setAdminUser($user);
}
/**
* Sets the token.
*
* @param TokenInterface $token A TokenInterface token, or null if no further authentication information should be stored
*/
public function setToken(TokenInterface $token = null)
{
$this->token = $token;
* Clear the user from the security context
*/
public function clear() {
$context = $this->getContext(true);
if ($context === self::CONTEXT_FRONT_OFFICE)
$this->getSession()->clearCustomerUser();
else if ($context == self::CONTEXT_BACK_OFFICE)
$this->getSession()->clearAdminUser();
}
}

148
core/lib/Thelia/Core/Security/Token/AbstractToken.php
View File

@@ -1,148 +0,0 @@
<?php
namespace Thelia\Core\Security\Token;
use Thelia\Core\Security\User\UserInterface;
/**
* Base class for Token instances.
*
* @author Fabien Potencier <fabien@symfony.com>
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
*/
abstract class AbstractToken implements TokenInterface
{
private $user;
private $authenticated;
/**
* Constructor.
*
* @param RoleInterface[] $roles An array of roles
*
* @throws \InvalidArgumentException
*/
public function __construct()
{
$this->authenticated = false;
}
/**
* {@inheritdoc}
*/
public function getUsername()
{
if ($this->user instanceof UserInterface) {
return $this->user->getUsername();
}
return (string) $this->user;
}
public function getUser()
{
return $this->user;
}
/**
* Sets the user in the token.
*
* The user can be a UserInterface instance, or an object implementing
* a __toString method or the username as a regular string.
*
* @param mixed $user The user
* @throws \InvalidArgumentException
*/
public function setUser($user)
{
if (!($user instanceof UserInterface || is_string($user))) {
throw new \InvalidArgumentException('$user must be an instanceof UserInterface, or a primitive string.');
}
if (null === $this->user) {
$changed = false;
} elseif ($this->user instanceof UserInterface) {
if (!$user instanceof UserInterface) {
$changed = true;
} else {
$changed = $this->hasUserChanged($user);
}
} elseif ($user instanceof UserInterface) {
$changed = true;
} else {
$changed = (string) $this->user !== (string) $user;
}
if ($changed) {
$this->setAuthenticated(false);
}
$this->user = $user;
}
/**
* {@inheritdoc}
*/
public function isAuthenticated()
{
return $this->authenticated;
}
/**
* {@inheritdoc}
*/
public function setAuthenticated($authenticated)
{
$this->authenticated = (Boolean) $authenticated;
}
/**
* {@inheritdoc}
*/
public function eraseCredentials()
{
if ($this->getUser() instanceof UserInterface) {
$this->getUser()->eraseCredentials();
}
}
/**
* {@inheritdoc}
*/
public function serialize()
{
return serialize(array($this->user, $this->authenticated));
}
/**
* {@inheritdoc}
*/
public function unserialize($serialized)
{
list($this->user, $this->authenticated) = unserialize($serialized);
}
private function hasUserChanged(UserInterface $user)
{
if (!($this->user instanceof UserInterface)) {
throw new \BadMethodCallException('Method "hasUserChanged" should be called when current user class is instance of "UserInterface".');
}
if ($this->user instanceof EquatableInterface) {
return ! (Boolean) $this->user->isEqualTo($user);
}
if ($this->user->getPassword() !== $user->getPassword()) {
return true;
}
if ($this->user->getSalt() !== $user->getSalt()) {
return true;
}
if ($this->user->getUsername() !== $user->getUsername()) {
return true;
}
return false;
}
}

81
core/lib/Thelia/Core/Security/Token/TokenInterface.php
View File

@@ -1,81 +0,0 @@
<?php
/*************************************************************************************/
/* */
/* Thelia */
/* */
/* Copyright (c) OpenStudio */
/* email : info@thelia.net */
/* web : http://www.thelia.net */
/* */
/* This program is free software; you can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 3 of the License */
/* */
/* This program is distributed in the hope that it will be useful, */
/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
/* GNU General Public License for more details. */
/* */
/* You should have received a copy of the GNU General Public License */
/* along with this program. If not, see <http://www.gnu.org/licenses/>. */
/* */
/*************************************************************************************/
namespace Thelia\Core\Security\Token;
/**
* TokenInterface is the interface for the user authentication information.
*
* Parts borrowed from Symfony Security Framework (Fabien Potencier <fabien@symfony.com> / Johannes M. Schmitt <schmittjoh@gmail.com>)
*/
interface TokenInterface extends \Serializable
{
/**
* Returns the user credentials.
*
* @return mixed The user credentials
*/
public function getCredentials();
/**
* Returns a user representation.
*
* @return mixed either returns an object which implements __toString(), or
* a primitive string is returned.
*/
public function getUser();
/**
* Sets a user instance
*
* @param mixed $user
*/
public function setUser($user);
/**
* Returns the username.
*
* @return string
*/
public function getUsername();
/**
* Returns whether the user is authenticated or not.
*
* @return Boolean true if the token has been authenticated, false otherwise
*/
public function isAuthenticated();
/**
* Sets the authenticated flag.
*
* @param Boolean $isAuthenticated The authenticated flag
*/
public function setAuthenticated($isAuthenticated);
/**
* Removes sensitive information from the token.
*/
public function eraseCredentials();
}

75
core/lib/Thelia/Core/Security/Token/UsernamePasswordToken.php
View File

@@ -1,75 +0,0 @@
<?php
namespace Thelia\Core\Security\Token;
use Thelia\Core\Security\User\UserInterface;
/**
* UsernamePasswordToken implements a username and password token.
*
* @author Fabien Potencier <fabien@symfony.com>
*/
class UsernamePasswordToken extends AbstractToken
{
private $credentials;
/**
* Constructor.
*
* @param string $user The username (like a nickname, email address, etc.), or a UserInterface instance or an object implementing a __toString method.
* @param string $password The password of the user
*
* @throws \InvalidArgumentException
*/
public function __construct($username, $password, array $roles = array())
{
$this->setUser($username);
$this->credentials = $password;
parent::setAuthenticated(count($roles) > 0);
}
/**
* {@inheritdoc}
*/
public function setAuthenticated($isAuthenticated)
{
if ($isAuthenticated) {
throw new \LogicException('Cannot set this token to trusted after instantiation.');
}
parent::setAuthenticated(false);
}
public function getCredentials()
{
return $this->credentials;
}
/**
* {@inheritdoc}
*/
public function eraseCredentials()
{
parent::eraseCredentials();
$this->credentials = null;
}
/**
* {@inheritdoc}
*/
public function serialize()
{
return serialize(array($this->credentials, $this->providerKey, parent::serialize()));
}
/**
* {@inheritdoc}
*/
public function unserialize($serialized)
{
list($this->credentials, $this->providerKey, $parentStr) = unserialize($serialized);
parent::unserialize($parentStr);
}
}

9
core/lib/Thelia/Core/Security/User/UserInterface.php
View File

@@ -21,14 +21,9 @@ interface UserInterface {
public function getPassword();
/**
* return the salt used to calculate the user password
* Check a string against a the user password
*/
public function getSalt();
/**
* return the algorithm used to calculate the user password
*/
public function getAlgo();
public function checkPassword($password);
/**
* Returns the roles granted to the user.

7
core/lib/Thelia/Core/Security/UserProvider/AdminUserProvider.php
View File

@@ -1,12 +1,13 @@
<?php
namespace Thelia\Core\Security\User\UserProvider;
namespace Thelia\Core\Security\UserProvider;
use Thelia\Model\Admin;
use Thelia\Model\AdminQuery;
class AdminUserProvider implements UserProviderInterface {
public function getUser($key) {
$admin = new Admin();
$admin = AdminQuery::create()
->filterByLogin($key)
->findOne();

6
core/lib/Thelia/Core/Security/UserProvider/CustomerUserProvider.php
View File

@@ -1,13 +1,13 @@
<?php
namespace Thelia\Core\Security\User\UserProvider;
namespace Thelia\Core\Security\UserProvider;
use Thelia\Action\Customer;
use Thelia\Model\CustomerQuery;
class CustomerUserProvider implements UserProviderInterface {
public function getUser($key) {
$customer = new Customer();
$customer = CustomerQuery::create()
->filterByEmail($key)
->findOne();

2
core/lib/Thelia/Core/Security/UserProvider/UserProviderInterface.php
View File

@@ -1,6 +1,6 @@
<?php
namespace Thelia\Core\Security\User\UserProvider;
namespace Thelia\Core\Security\UserProvider;
interface UserProviderInterface {
/**

3
core/lib/Thelia/Core/Template/Smarty/Assets/SmartyAssetsManager.php
View File

@@ -24,6 +24,7 @@
namespace Thelia\Core\Template\Smarty\Assets;
use Thelia\Core\Template\Assets\AsseticHelper;
use Thelia\Model\ConfigQuery;
class SmartyAssetsManager
{
@@ -71,7 +72,7 @@ class SmartyAssetsManager
$url = $this->assetic_manager->asseticize(
$asset_dir.'/'.$asset_file,
$this->web_root."/".$this->path_relative_to_web_root,
$this->path_relative_to_web_root,
ConfigQuery::read('base_url', '/') . $this->path_relative_to_web_root,
$assetType,
$filters,
$debug

19
core/lib/Thelia/Core/Template/Smarty/Plugins/Security.php
View File

@@ -27,6 +27,7 @@ use Thelia\Core\Template\Smarty\SmartyPluginDescriptor;
use Thelia\Core\Template\Smarty\SmartyPluginInterface;
use Thelia\Core\Template\Smarty\Assets\SmartyAssetsManager;
use Thelia\Core\Security\SecurityContext;
use Thelia\Core\Security\Exception\AuthenticationException;
class Security implements SmartyPluginInterface
{
@@ -39,7 +40,6 @@ class Security implements SmartyPluginInterface
private function _explode($commaSeparatedValues)
{
$array = explode(',', $commaSeparatedValues);
if (array_walk($array, function(&$item) {
@@ -60,10 +60,23 @@ class Security implements SmartyPluginInterface
*/
public function checkAuthFunction($params, &$smarty)
{
$roles = $this->_explode($params['role']);
// Context: 'front' or 'admin'
$context = strtolower(trim($params['context']));
$this->securityContext->setContext($context);
$roles = $this->_explode($params['roles']);
$permissions = $this->_explode($params['permissions']);
$this->securityContext->isGranted($roles, $permissions);
if (! $this->securityContext->isGranted($roles, $permissions)) {
throw new AuthenticationException(
sprintf("User not granted for roles '%s', permissions '%s' in context '%s'.",
implode(',', $roles), implode(',', $permissions), $context
)
);
}
return '';
}
/**

20
core/lib/Thelia/Core/Template/Smarty/Plugins/Translation.php
View File

@@ -25,9 +25,16 @@ namespace Thelia\Core\Template\Smarty\Plugins;
use Thelia\Core\Template\Smarty\SmartyPluginDescriptor;
use Thelia\Core\Template\Smarty\SmartyPluginInterface;
use Symfony\Component\Translation\TranslatorInterface;
class Translation implements SmartyPluginInterface
{
protected $translator;
public function __construct(TranslatorInterface $translator) {
$this->translator = $translator;
}
/**
* Process translate function
*
@@ -35,16 +42,9 @@ class Translation implements SmartyPluginInterface
* @param unknown $smarty
* @return string
*/
public function theliaTranslate($params, &$smarty)
public function translate($params, &$smarty)
{
if (isset($params['l'])) {
$string = str_replace('\'', '\\\'', $params['l']);
} else {
$string = '';
}
// TODO
return "$string";
return $this->translator->trans($params['l'], isset($params['p']) ? $params['p'] : array());
}
/**
@@ -55,7 +55,7 @@ class Translation implements SmartyPluginInterface
public function getPluginDescriptors()
{
return array(
new SmartyPluginDescriptor('function', 'intl', $this, 'theliaTranslate'),
new SmartyPluginDescriptor('function', 'intl', $this, 'translate'),
);
}
}