TheCoreDev/sterivein
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

change signature

Browse Source
This commit is contained in:
Etienne Roudeix
2013-11-08 14:35:29 +01:00
parent 99ad2d6820
commit 417ed2e324
33 changed files with 158 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
core/lib/Thelia/Controller/Admin/AbstractCrudController.php
View File

@@ -267,7 +267,7 @@ abstract class AbstractCrudController extends BaseAdminController
*/
public function defaultAction()
{
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::VIEW)) return $response;
return $this->renderList();
}
@@ -279,7 +279,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function createAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::CREATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::CREATE)) return $response;
$error_msg = false;
@@ -340,7 +340,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function updateAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
// Load the object
$object = $this->getExistingObject();
@@ -366,7 +366,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function processUpdateAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;
@@ -431,7 +431,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function updatePositionAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
try {
$mode = $this->getRequest()->get('mode', null);
@@ -465,7 +465,7 @@ abstract class AbstractCrudController extends BaseAdminController
protected function genericUpdatePositionAction($object, $eventName, $doFinalRedirect = true)
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
if ($object != null) {
@@ -499,7 +499,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function setToggleVisibilityAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$changeEvent = $this->createToggleVisibilityEvent($this->getRequest());
@@ -521,7 +521,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function deleteAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::DELETE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::DELETE)) return $response;
// Get the currency id, and dispatch the delet request
$deleteEvent = $this->getDeleteEvent();

2
core/lib/Thelia/Controller/Admin/AddressController.php
View File

@@ -59,7 +59,7 @@ class AddressController extends AbstractCrudController
public function useAddressAction()
{
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$address_id = $this->getRequest()->request->get('address_id');

2
core/lib/Thelia/Controller/Admin/AdminLogsController.php
View File

@@ -32,7 +32,7 @@ class AdminLogsController extends BaseAdminController
public function defaultAction()
{
if (null !== $response = $this->checkAuth(self::RESOURCE_CODE, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(self::RESOURCE_CODE, array(), AccessManager::VIEW)) return $response;
// Render the edition template.
return $this->render('admin-logs');

6
core/lib/Thelia/Controller/Admin/AreaController.php
View File

@@ -231,7 +231,7 @@ class AreaController extends AbstractCrudController
public function addCountry()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$areaCountryForm = new AreaCountryForm($this->getRequest());
$error_msg = null;
@@ -273,7 +273,7 @@ class AreaController extends AbstractCrudController
public function removeCountry()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$request = $this->getRequest();
$removeCountryEvent = new AreaRemoveCountryEvent($request->request->get('areai_id', 0), $request->request->get('country_id', 0));
@@ -284,7 +284,7 @@ class AreaController extends AbstractCrudController
public function updatePostageAction()
{
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$areaUpdateForm = new AreaPostageForm($this->getRequest());
$error_msg = null;

2
core/lib/Thelia/Controller/Admin/AttributeController.php
View File

@@ -235,7 +235,7 @@ class AttributeController extends AbstractCrudController
protected function addRemoveFromAllTemplates($eventType)
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
try {
if (null !== $object = $this->getExistingObject()) {

7
core/lib/Thelia/Controller/Admin/BaseAdminController.php
View File

@@ -118,17 +118,18 @@ class BaseAdminController extends BaseController
* Check current admin user authorisations. An ADMIN role is assumed.
*
* @param mixed $resources a single resource or an array of resources.
* @param mixed $modules a single module or an array of modules.
* @param mixed $accesses a single access or an array of accesses.
*
* @return mixed null if authorization is granted, or a Response object which contains the error page otherwise
*
*/
protected function checkAuth($resources, $accesses)
protected function checkAuth($resources, $modules, $accesses)
{
$resources = is_array($resources) ? $resources : array($resources);
$modules = is_array($modules) ? $modules : array($modules);
$accesses = is_array($accesses) ? $accesses : array($accesses);
if ($this->getSecurityContext()->isGranted(array("ADMIN"), $resources, $accesses)) {
if ($this->getSecurityContext()->isGranted(array("ADMIN"), $resources, $modules, $accesses)) {
// Okay !
return null;
}

8
core/lib/Thelia/Controller/Admin/CategoryController.php
View File

@@ -215,7 +215,7 @@ class CategoryController extends AbstractCrudController
public function setToggleVisibilityAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$event = new CategoryToggleVisibilityEvent($this->getExistingObject());
@@ -295,7 +295,7 @@ class CategoryController extends AbstractCrudController
public function addRelatedContentAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$content_id = intval($this->getRequest()->get('content_id'));
@@ -325,7 +325,7 @@ class CategoryController extends AbstractCrudController
public function addRelatedPictureAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) {
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) {
return $response;
}
@@ -353,7 +353,7 @@ class CategoryController extends AbstractCrudController
public function deleteRelatedContentAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$content_id = intval($this->getRequest()->get('content_id'));

2
core/lib/Thelia/Controller/Admin/ConfigController.php
View File

@@ -186,7 +186,7 @@ class ConfigController extends AbstractCrudController
public function changeValuesAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$variables = $this->getRequest()->get('variable', array());

4
core/lib/Thelia/Controller/Admin/ContentController.php
View File

@@ -69,7 +69,7 @@ class ContentController extends AbstractCrudController
public function addAdditionalFolderAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$folder_id = intval($this->getRequest()->request->get('additional_folder_id'));
@@ -97,7 +97,7 @@ class ContentController extends AbstractCrudController
public function removeAdditionalFolderAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$folder_id = intval($this->getRequest()->request->get('additional_folder_id'));

2
core/lib/Thelia/Controller/Admin/CountryController.php
View File

@@ -235,7 +235,7 @@ class CountryController extends AbstractCrudController
public function toggleDefaultAction()
{
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$content = null;
if (null !== $country_id = $this->getRequest()->get('country_id')) {
$toogleDefaultEvent = new CountryToggleDefaultEvent($country_id);

12
core/lib/Thelia/Controller/Admin/CouponController.php
View File

@@ -62,7 +62,7 @@ class CouponController extends BaseAdminController
*/
public function browseAction()
{
$this->checkAuth(AdminResources::COUPON, AccessManager::VIEW);
$this->checkAuth(AdminResources::COUPON, array(), AccessManager::VIEW);
$args['urlReadCoupon'] = $this->getRoute(
'admin.coupon.read',
@@ -94,7 +94,7 @@ class CouponController extends BaseAdminController
*/
public function readAction($couponId)
{
$this->checkAuth(AdminResources::COUPON, AccessManager::VIEW);
$this->checkAuth(AdminResources::COUPON, array(), AccessManager::VIEW);
// Database request repeated in the loop but cached
$search = CouponQuery::create();
@@ -122,7 +122,7 @@ class CouponController extends BaseAdminController
public function createAction()
{
// Check current user authorization
$response = $this->checkAuth(AdminResources::COUPON, AccessManager::CREATE);
$response = $this->checkAuth(AdminResources::COUPON, array(), AccessManager::CREATE);
if ($response !== null) {
return $response;
}
@@ -170,7 +170,7 @@ class CouponController extends BaseAdminController
public function updateAction($couponId)
{
// Check current user authorization
$response = $this->checkAuth(AdminResources::COUPON, AccessManager::UPDATE);
$response = $this->checkAuth(AdminResources::COUPON, array(), AccessManager::UPDATE);
if ($response !== null) {
return $response;
}
@@ -274,7 +274,7 @@ class CouponController extends BaseAdminController
*/
public function getConditionInputAction($conditionId)
{
$this->checkAuth(AdminResources::COUPON, AccessManager::VIEW);
$this->checkAuth(AdminResources::COUPON, array(), AccessManager::VIEW);
$this->checkXmlHttpRequest();
@@ -304,7 +304,7 @@ class CouponController extends BaseAdminController
*/
public function updateConditionsAction($couponId)
{
$this->checkAuth(AdminResources::COUPON, AccessManager::VIEW);
$this->checkAuth(AdminResources::COUPON, array(), AccessManager::VIEW);
$this->checkXmlHttpRequest();

4
core/lib/Thelia/Controller/Admin/CurrencyController.php
View File

@@ -185,7 +185,7 @@ class CurrencyController extends AbstractCrudController
public function updateRatesAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
try {
$this->dispatch(TheliaEvents::CURRENCY_UPDATE_RATES);
@@ -203,7 +203,7 @@ class CurrencyController extends AbstractCrudController
public function setDefaultAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$changeEvent = new CurrencyUpdateEvent($this->getRequest()->get('currency_id', 0));

10
core/lib/Thelia/Controller/Admin/CustomerController.php
View File

@@ -45,13 +45,13 @@ class CustomerController extends BaseAdminController
{
public function indexAction()
{
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, array(), AccessManager::VIEW)) return $response;
return $this->render("customers", array("display_customer" => 20));
}
public function viewAction($customer_id)
{
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, array(), AccessManager::VIEW)) return $response;
return $this->render("customer-edit", array(
"customer_id" => $customer_id
));
@@ -65,7 +65,7 @@ class CustomerController extends BaseAdminController
*/
public function updateAction($customer_id)
{
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, array(), AccessManager::UPDATE)) return $response;
$message = false;
@@ -121,7 +121,7 @@ class CustomerController extends BaseAdminController
public function createAction()
{
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, AccessManager::CREATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, array(), AccessManager::CREATE)) return $response;
$message = null;
@@ -171,7 +171,7 @@ class CustomerController extends BaseAdminController
public function deleteAction()
{
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, AccessManager::DELETE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, array(), AccessManager::DELETE)) return $response;
$message = null;

2
core/lib/Thelia/Controller/Admin/FeatureController.php
View File

@@ -235,7 +235,7 @@ class FeatureController extends AbstractCrudController
protected function addRemoveFromAllTemplates($eventType)
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
try {
if (null !== $object = $this->getExistingObject()) {

24
core/lib/Thelia/Controller/Admin/FileController.php
View File

@@ -71,7 +71,7 @@ class FileController extends BaseAdminController
*/
public function saveImageAjaxAction($parentId, $parentType)
{
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
if ($this->isParentTypeValid($parentType)) {
@@ -161,7 +161,7 @@ class FileController extends BaseAdminController
*/
public function saveDocumentAjaxAction($parentId, $parentType)
{
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
if ($this->isParentTypeValid($parentType)) {
@@ -239,7 +239,7 @@ class FileController extends BaseAdminController
*/
public function getImageListAjaxAction($parentId, $parentType)
{
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$args = array('imageType' => $parentType, 'parentId' => $parentId);
@@ -256,7 +256,7 @@ class FileController extends BaseAdminController
*/
public function getDocumentListAjaxAction($parentId, $parentType)
{
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$args = array('documentType' => $parentType, 'parentId' => $parentId);
@@ -273,7 +273,7 @@ class FileController extends BaseAdminController
*/
public function getImageFormAjaxAction($parentId, $parentType)
{
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$args = array('imageType' => $parentType, 'parentId' => $parentId);
@@ -290,7 +290,7 @@ class FileController extends BaseAdminController
*/
public function getDocumentFormAjaxAction($parentId, $parentType)
{
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$args = array('documentType' => $parentType, 'parentId' => $parentId);
@@ -307,7 +307,7 @@ class FileController extends BaseAdminController
*/
public function viewImageAction($imageId, $parentType)
{
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE)) {
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE)) {
return $response;
}
try {
@@ -336,7 +336,7 @@ class FileController extends BaseAdminController
*/
public function viewDocumentAction($documentId, $parentType)
{
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE)) {
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE)) {
return $response;
}
try {
@@ -365,7 +365,7 @@ class FileController extends BaseAdminController
*/
public function updateImageAction($imageId, $parentType)
{
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE)) {
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE)) {
return $response;
}
@@ -442,7 +442,7 @@ class FileController extends BaseAdminController
*/
public function updateDocumentAction($documentId, $parentType)
{
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE)) {
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE)) {
return $response;
}
@@ -519,7 +519,7 @@ class FileController extends BaseAdminController
*/
public function deleteImageAction($imageId, $parentType)
{
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$fileManager = new FileManager($this->container);
@@ -591,7 +591,7 @@ class FileController extends BaseAdminController
*/
public function deleteDocumentAction($documentId, $parentType)
{
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$fileManager = new FileManager($this->container);

2
core/lib/Thelia/Controller/Admin/HomeController.php
View File

@@ -33,7 +33,7 @@ class HomeController extends BaseAdminController
public function defaultAction()
{
if (null !== $response = $this->checkAuth(self::RESOURCE_CODE, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(self::RESOURCE_CODE, array(), AccessManager::VIEW)) return $response;
// Render the edition template.
return $this->render('home');

18
core/lib/Thelia/Controller/Admin/LangController.php
View File

@@ -51,7 +51,7 @@ class LangController extends BaseAdminController
public function defaultAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::VIEW)) return $response;
return $this->renderDefault();
}
@@ -72,7 +72,7 @@ class LangController extends BaseAdminController
public function updateAction($lang_id)
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::UPDATE)) return $response;
$this->checkXmlHttpRequest();
@@ -96,7 +96,7 @@ class LangController extends BaseAdminController
public function processUpdateAction($lang_id)
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;
@@ -138,7 +138,7 @@ class LangController extends BaseAdminController
public function toggleDefaultAction($lang_id)
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::UPDATE)) return $response;
$this->checkXmlHttpRequest();
$error = false;
@@ -169,7 +169,7 @@ class LangController extends BaseAdminController
public function addAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::CREATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::CREATE)) return $response;
$createForm = new LangCreateForm($this->getRequest());
@@ -211,7 +211,7 @@ class LangController extends BaseAdminController
public function deleteAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::DELETE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::DELETE)) return $response;
$error_msg = false;
@@ -235,7 +235,7 @@ class LangController extends BaseAdminController
public function defaultBehaviorAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;
@@ -267,7 +267,7 @@ class LangController extends BaseAdminController
public function domainAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;
$langUrlForm = new LangUrlForm($this->getRequest());
@@ -314,7 +314,7 @@ class LangController extends BaseAdminController
private function domainActivation($activate)
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;

2
core/lib/Thelia/Controller/Admin/LanguageController.php
View File

@@ -35,7 +35,7 @@ class LanguageController extends BaseAdminController
{
public function defaultAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::VIEW)) return $response;
return $this->render("languages");
}

4
core/lib/Thelia/Controller/Admin/MailingSystemController.php
View File

@@ -36,7 +36,7 @@ class MailingSystemController extends BaseAdminController
public function defaultAction()
{
if (null !== $response = $this->checkAuth(self::RESOURCE_CODE, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(self::RESOURCE_CODE, array(), AccessManager::VIEW)) return $response;
// Hydrate the form abd pass it to the parser
$data = array(
@@ -64,7 +64,7 @@ class MailingSystemController extends BaseAdminController
public function updateAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth(self::RESOURCE_CODE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(self::RESOURCE_CODE, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;

6
core/lib/Thelia/Controller/Admin/ModuleController.php
View File

@@ -180,7 +180,7 @@ class ModuleController extends AbstractCrudController
public function indexAction()
{
if (null !== $response = $this->checkAuth(AdminResources::MODULE, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::MODULE, array(), AccessManager::VIEW)) return $response;
$moduleManagement = new ModuleManagement();
$moduleManagement->updateModules();
@@ -190,7 +190,7 @@ class ModuleController extends AbstractCrudController
public function toggleActivationAction($module_id)
{
if (null !== $response = $this->checkAuth(AdminResources::MODULE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::MODULE, array(), AccessManager::UPDATE)) return $response;
$message = null;
try {
$event = new ModuleToggleActivationEvent($module_id);
@@ -222,7 +222,7 @@ class ModuleController extends AbstractCrudController
public function deleteAction()
{
if (null !== $response = $this->checkAuth(AdminResources::MODULE, AccessManager::DELETE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::MODULE, array(), AccessManager::DELETE)) return $response;
$message = null;
try {

10
core/lib/Thelia/Controller/Admin/OrderController.php
View File

@@ -47,7 +47,7 @@ class OrderController extends BaseAdminController
{
public function indexAction()
{
if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::ORDER, array(), AccessManager::VIEW)) return $response;
return $this->render("orders", array("display_order" => 20));
}
@@ -60,7 +60,7 @@ class OrderController extends BaseAdminController
public function updateStatus($order_id = null)
{
if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::ORDER, array(), AccessManager::UPDATE)) return $response;
$message = null;
@@ -111,7 +111,7 @@ class OrderController extends BaseAdminController
public function updateDeliveryRef($order_id)
{
if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::ORDER, array(), AccessManager::UPDATE)) return $response;
$message = null;
@@ -146,7 +146,7 @@ class OrderController extends BaseAdminController
public function updateAddress($order_id)
{
if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::ORDER, array(), AccessManager::UPDATE)) return $response;
$message = null;
@@ -212,7 +212,7 @@ class OrderController extends BaseAdminController
protected function generatePdf($order_id, $fileName)
{
if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::ORDER, array(), AccessManager::UPDATE)) return $response;
$html = $this->renderRaw(
$fileName,

24
core/lib/Thelia/Controller/Admin/ProductController.php
View File

@@ -407,7 +407,7 @@ class ProductController extends AbstractCrudController
public function setToggleVisibilityAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$event = new ProductToggleVisibilityEvent($this->getExistingObject());
@@ -483,7 +483,7 @@ class ProductController extends AbstractCrudController
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$content_id = intval($this->getRequest()->get('content_id'));
@@ -509,7 +509,7 @@ class ProductController extends AbstractCrudController
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$content_id = intval($this->getRequest()->get('content_id'));
@@ -561,7 +561,7 @@ class ProductController extends AbstractCrudController
public function addAccessoryAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$accessory_id = intval($this->getRequest()->get('accessory_id'));
@@ -586,7 +586,7 @@ class ProductController extends AbstractCrudController
public function deleteAccessoryAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$accessory_id = intval($this->getRequest()->get('accessory_id'));
@@ -642,7 +642,7 @@ class ProductController extends AbstractCrudController
public function setProductTemplateAction($productId)
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$product = ProductQuery::create()->findPk($productId);
@@ -739,7 +739,7 @@ class ProductController extends AbstractCrudController
public function addAdditionalCategoryAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$category_id = intval($this->getRequest()->request->get('additional_category_id'));
@@ -764,7 +764,7 @@ class ProductController extends AbstractCrudController
public function deleteAdditionalCategoryAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$category_id = intval($this->getRequest()->get('additional_category_id'));
@@ -861,7 +861,7 @@ class ProductController extends AbstractCrudController
public function addProductSaleElementAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$event = new ProductSaleElementCreateEvent(
$this->getExistingObject(),
@@ -885,7 +885,7 @@ class ProductController extends AbstractCrudController
public function deleteProductSaleElementAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$event = new ProductSaleElementDeleteEvent(
$this->getRequest()->get('product_sale_element_id',0),
@@ -944,7 +944,7 @@ class ProductController extends AbstractCrudController
protected function processProductSaleElementUpdate($changeForm)
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;
@@ -1053,7 +1053,7 @@ class ProductController extends AbstractCrudController
public function buildCombinationsAction() {
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;

6
core/lib/Thelia/Controller/Admin/ProfileController.php
View File

@@ -221,7 +221,7 @@ class ProfileController extends AbstractCrudController
public function updateAction()
{
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$object = $this->getExistingObject();
@@ -306,7 +306,7 @@ class ProfileController extends AbstractCrudController
public function processUpdateResourceAccess()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;
@@ -355,7 +355,7 @@ class ProfileController extends AbstractCrudController
public function processUpdateModuleAccess()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;

8
core/lib/Thelia/Controller/Admin/ShippingZoneController.php
View File

@@ -42,13 +42,13 @@ class ShippingZoneController extends BaseAdminController
public function indexAction()
{
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, array(), AccessManager::VIEW)) return $response;
return $this->render("shipping-zones", array("display_shipping_zone" => 20));
}
public function updateAction($shipping_zones_id)
{
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, array(), AccessManager::VIEW)) return $response;
return $this->render("shipping-zones-edit", array(
"shipping_zones_id" => $shipping_zones_id
));
@@ -59,7 +59,7 @@ class ShippingZoneController extends BaseAdminController
*/
public function addArea()
{
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, array(), AccessManager::UPDATE)) return $response;
$shippingAreaForm = new ShippingZoneAddArea($this->getRequest());
$error_msg = null;
@@ -94,7 +94,7 @@ class ShippingZoneController extends BaseAdminController
public function removeArea()
{
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, array(), AccessManager::UPDATE)) return $response;
$shippingAreaForm = new ShippingZoneRemoveArea($this->getRequest());
$error_msg = null;

4
core/lib/Thelia/Controller/Admin/SystemLogController.php
View File

@@ -86,7 +86,7 @@ class SystemLogController extends BaseAdminController
public function defaultAction()
{
if (null !== $response = $this->checkAuth(AdminResources::SYSTEM_LOG, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::SYSTEM_LOG, array(), AccessManager::VIEW)) return $response;
/*
const VAR_LEVEL = "tlog_level";
@@ -121,7 +121,7 @@ class SystemLogController extends BaseAdminController
public function saveAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;

6
core/lib/Thelia/Controller/Admin/TaxRuleController.php
View File

@@ -219,7 +219,7 @@ class TaxRuleController extends AbstractCrudController
public function updateAction()
{
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$object = $this->getExistingObject();
@@ -237,7 +237,7 @@ class TaxRuleController extends AbstractCrudController
public function setDefaultAction()
{
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$setDefaultEvent = new TaxRuleEvent();
@@ -255,7 +255,7 @@ class TaxRuleController extends AbstractCrudController
public function processUpdateTaxesAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;

8
core/lib/Thelia/Controller/Admin/TemplateController.php
View File

@@ -211,7 +211,7 @@ class TemplateController extends AbstractCrudController
public function addAttributeAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, array(), AccessManager::UPDATE)) return $response;
$attribute_id = intval($this->getRequest()->get('attribute_id'));
@@ -235,7 +235,7 @@ class TemplateController extends AbstractCrudController
public function deleteAttributeAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, array(), AccessManager::UPDATE)) return $response;
$event = new TemplateDeleteAttributeEvent(
$this->getExistingObject(),
@@ -270,7 +270,7 @@ class TemplateController extends AbstractCrudController
public function addFeatureAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, array(), AccessManager::UPDATE)) return $response;
$feature_id = intval($this->getRequest()->get('feature_id'));
@@ -294,7 +294,7 @@ class TemplateController extends AbstractCrudController
public function deleteFeatureAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, array(), AccessManager::UPDATE)) return $response;
$event = new TemplateDeleteFeatureEvent(
$this->getExistingObject(),

4
core/lib/Thelia/Controller/Admin/TranslationsController.php
View File

@@ -161,14 +161,14 @@ class TranslationsController extends BaseAdminController
public function defaultAction()
{
if (null !== $response = $this->checkAuth(AdminResources::TRANSLATIONS, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::TRANSLATIONS, array(), AccessManager::VIEW)) return $response;
return $this->renderTemplate();
}
public function updateAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::UPDATE)) return $response;
return $this->renderTemplate();
}

22
core/lib/Thelia/Core/Security/SecurityContext.php
View File

@@ -123,7 +123,7 @@ class SecurityContext
*
* @return Boolean
*/
final public function isGranted(array $roles, array $resources, array $accesses)
final public function isGranted(array $roles, array $resources, array $modules, array $accesses)
{
// Find a user which matches the required roles.
$user = $this->getCustomerUser();
@@ -140,7 +140,7 @@ class SecurityContext
return false;
}
if (empty($resources) || empty($accesses)) {
if ((empty($resources) && empty($modules)) || empty($accesses)) {
return true;
}
@@ -172,6 +172,24 @@ class SecurityContext
}
}
foreach ($modules as $module) {
if ($module === '') {
continue;
}
$module = strtolower($module);
if (!array_key_exists($module, $userPermissions)) {
return false;
}
foreach ($accesses as $access) {
if (!$userPermissions[$module]->can($access)) {
return false;
}
}
}
return true;
}

18
core/lib/Thelia/Core/Template/Loop/Auth.php
View File

@@ -60,6 +60,12 @@ class Auth extends BaseLoop implements ArraySearchLoopInterface
new AlphaNumStringListType()
)
),
new Argument(
'module',
new TypeCollection(
new AlphaNumStringListType()
)
),
new Argument(
'access',
new TypeCollection(
@@ -79,10 +85,20 @@ class Auth extends BaseLoop implements ArraySearchLoopInterface
{
$roles = $this->getRole();
$resource = $this->getResource();
$module = $this->getModule();
$access = $this->getAccess();
if(null !== $module) {
$in = true;
}
try {
if (true === $this->securityContext->isGranted($roles, $resource === null ? array() : $resource, $access === null ? array() : $access)) {
if (true === $this->securityContext->isGranted(
$roles,
$resource === null ? array() : $resource,
$module === null ? array() : $module,
$access === null ? array() : $access)
) {
// Create an empty row: loop is no longer empty :)
$loopResult->addRow(new LoopResultRow());

8
core/lib/Thelia/Core/Template/Smarty/Plugins/AdminUtilities.php
View File

@@ -69,6 +69,7 @@ class AdminUtilities extends AbstractSmartyPlugin
{
// The required permissions
$resource = $this->getParam($params, 'resource');
$module = $this->getParam($params, 'module');
$access = $this->getParam($params, 'access');
// The base position change path
@@ -92,7 +93,12 @@ class AdminUtilities extends AbstractSmartyPlugin
<a href="{url path='/admin/configuration/currencies/positionDown' currency_id=$ID}"><i class="icon-arrow-down"></i></a>
*/
if ($permissions == null || $this->securityContext->isGranted("ADMIN", array($resource), array($access))) {
if ($permissions == null || $this->securityContext->isGranted(
"ADMIN",
$resource === null ? array() : array($resource),
$module === null ? array() : array($module),
array($access))
) {
return $this->fetch_snippet($smarty, 'includes/admin-utilities-position-block', array(
'admin_utilities_go_up_url' => URL::getInstance()->absoluteUrl($path, array('mode' => 'up', $url_parameter => $id)),

3
core/lib/Thelia/Core/Template/Smarty/Plugins/Security.php
View File

@@ -55,9 +55,10 @@ class Security extends AbstractSmartyPlugin
{
$roles = $this->_explode($this->getParam($params, 'role'));
$resources = $this->_explode($this->getParam($params, 'resource'));
$modules = $this->_explode($this->getParam($params, 'module'));
$accesses = $this->_explode($this->getParam($params, 'access'));
if (! $this->securityContext->isGranted($roles, $resources, $accesses)) {
if (! $this->securityContext->isGranted($roles, $resources, $modules, $accesses)) {
$ex = new AuthenticationException(
sprintf("User not granted for roles '%s', to access resources '%s' with %s in context '%s'.",

11
templates/admin/default/includes/module-block.html
View File

@@ -39,9 +39,16 @@
<td class="text-right">
<div class="btn-group">
{* {loop type="auth" name="can_change" role="ADMIN" resource="admin.modules" access="VIEW"}
{loop type="auth" name="can_change" role="ADMIN" module=$CODE access="VIEW"}
<a class="btn btn-primary btn-xs" title="{intl l='Configure this module'}" href="{url path="/admin/module/update/$CODE"}">{intl l="Configure"}</a>
{/loop}
{*loop type="auth" name="can_change" role="ADMIN" resource="admin.modules" access="VIEW"}
<a class="btn btn-default btn-xs" title="{intl l='Read the documentation of this module'}" href="{url path="/admin/module/documentation/$ID"}"><span class="glyphicon glyphicon-book"></span></a>
{/loop}*}
{/loop*}
{loop type="auth" name="can_change" role="ADMIN" resource="admin.modules" access="UPDATE"}
<a class="btn btn-default btn-xs" title="{intl l='Edit this module'}" href="{url path="/admin/module/update/$ID"}"><span class="glyphicon glyphicon-edit"></span></a>