change signature

2013-11-08 14:35:29 +01:00
parent 99ad2d6820
commit 417ed2e324
33 changed files with 158 additions and 109 deletions
--- a/core/lib/Thelia/Core/Security/SecurityContext.php
+++ b/core/lib/Thelia/Core/Security/SecurityContext.php
@@ -123,7 +123,7 @@ class SecurityContext
    *
    * @return Boolean
    */
-    final public function isGranted(array $roles, array $resources, array $accesses)
+    final public function isGranted(array $roles, array $resources, array $modules, array $accesses)
    {
        // Find a user which matches the required roles.
        $user = $this->getCustomerUser();
@@ -140,7 +140,7 @@ class SecurityContext
            return false;
        }

-        if (empty($resources) || empty($accesses)) {
+        if ((empty($resources) && empty($modules)) || empty($accesses)) {
            return true;
        }

@@ -172,6 +172,24 @@ class SecurityContext
            }
        }

+        foreach ($modules as $module) {
+            if ($module === '') {
+                continue;
+            }
+
+            $module = strtolower($module);
+
+            if (!array_key_exists($module, $userPermissions)) {
+                return false;
+            }
+
+            foreach ($accesses as $access) {
+                if (!$userPermissions[$module]->can($access)) {
+                    return false;
+                }
+            }
+        }
+
        return true;
    }

--- a/core/lib/Thelia/Core/Template/Loop/Auth.php
+++ b/core/lib/Thelia/Core/Template/Loop/Auth.php
@@ -60,6 +60,12 @@ class Auth extends BaseLoop implements ArraySearchLoopInterface
                    new AlphaNumStringListType()
                )
            ),
+            new Argument(
+                'module',
+                new TypeCollection(
+                    new AlphaNumStringListType()
+                )
+            ),
            new Argument(
                'access',
                new TypeCollection(
@@ -79,10 +85,20 @@ class Auth extends BaseLoop implements ArraySearchLoopInterface
    {
        $roles = $this->getRole();
        $resource = $this->getResource();
+        $module = $this->getModule();
        $access = $this->getAccess();

+        if(null !== $module) {
+            $in = true;
+        }
+
        try {
-            if (true === $this->securityContext->isGranted($roles, $resource === null ? array() : $resource, $access === null ? array() : $access)) {
+            if (true === $this->securityContext->isGranted(
+                    $roles,
+                    $resource === null ? array() : $resource,
+                    $module === null ? array() : $module,
+                    $access === null ? array() : $access)
+            ) {

                // Create an empty row: loop is no longer empty :)
                $loopResult->addRow(new LoopResultRow());
--- a/core/lib/Thelia/Core/Template/Smarty/Plugins/AdminUtilities.php
+++ b/core/lib/Thelia/Core/Template/Smarty/Plugins/AdminUtilities.php
@@ -69,6 +69,7 @@ class AdminUtilities extends AbstractSmartyPlugin
    {
        // The required permissions
        $resource = $this->getParam($params, 'resource');
+        $module = $this->getParam($params, 'module');
        $access = $this->getParam($params, 'access');

        // The base position change path
@@ -92,7 +93,12 @@ class AdminUtilities extends AbstractSmartyPlugin
        <a href="{url path='/admin/configuration/currencies/positionDown' currency_id=$ID}"><i class="icon-arrow-down"></i></a>
        */

-        if ($permissions == null || $this->securityContext->isGranted("ADMIN", array($resource), array($access))) {
+        if ($permissions == null || $this->securityContext->isGranted(
+                "ADMIN",
+                $resource === null ? array() : array($resource),
+                $module === null ? array() : array($module),
+                array($access))
+        ) {

            return $this->fetch_snippet($smarty, 'includes/admin-utilities-position-block', array(
                    'admin_utilities_go_up_url'           => URL::getInstance()->absoluteUrl($path, array('mode' => 'up', $url_parameter => $id)),
--- a/core/lib/Thelia/Core/Template/Smarty/Plugins/Security.php
+++ b/core/lib/Thelia/Core/Template/Smarty/Plugins/Security.php
@@ -55,9 +55,10 @@ class Security extends AbstractSmartyPlugin
    {
        $roles = $this->_explode($this->getParam($params, 'role'));
        $resources = $this->_explode($this->getParam($params, 'resource'));
+        $modules = $this->_explode($this->getParam($params, 'module'));
        $accesses = $this->_explode($this->getParam($params, 'access'));

-        if (! $this->securityContext->isGranted($roles, $resources, $accesses)) {
+        if (! $this->securityContext->isGranted($roles, $resources, $modules, $accesses)) {

            $ex = new AuthenticationException(
                sprintf("User not granted for roles '%s', to access resources '%s' with %s in context '%s'.",