From 6890482101e2fdfedd041cd9ef44e81bba000ef3 Mon Sep 17 00:00:00 2001 From: franck Date: Mon, 8 Jul 2013 13:22:11 +0200 Subject: [PATCH] Working on security --- .../Admin/Controller/AdminController.php | 50 +----------- .../Admin/Controller/SessionController.php | 63 +++++++++++++++ .../Thelia/Config/Resources/routing/admin.xml | 6 +- .../Thelia/Core/Security/SecurityManager.php | 13 ++- .../Core/Template/Smarty/Plugins/Security.php | 81 +++++++++++++++++++ templates/admin/default/home.html | 20 +++++ 6 files changed, 177 insertions(+), 56 deletions(-) create mode 100644 core/lib/Thelia/Admin/Controller/SessionController.php create mode 100644 core/lib/Thelia/Core/Template/Smarty/Plugins/Security.php diff --git a/core/lib/Thelia/Admin/Controller/AdminController.php b/core/lib/Thelia/Admin/Controller/AdminController.php index 38084ba89..1b5212cd2 100755 --- a/core/lib/Thelia/Admin/Controller/AdminController.php +++ b/core/lib/Thelia/Admin/Controller/AdminController.php @@ -23,58 +23,10 @@ namespace Thelia\Admin\Controller; -use Symfony\Component\HttpFoundation\Response; -use Thelia\Form\AdminLogin; - class AdminController extends BaseAdminController { - public function loginAction() - { - $form = $this->getLoginForm(); - - $request = $this->getRequest(); - - if($request->isMethod("POST")) { - - $form->bind($request); - - if ($form->isValid()) { - - $this->container->get('request')->authenticate( - $form->get('username')->getData(), - $form->get('password')->getData() - ); - - echo "valid"; exit; - } - } - - return $this->render("login.html", array( - "form" => $form->createView() - )); - } - public function indexAction() { - $form = $this->getLoginForm(); - - return $this->render("login.html", array( - "form" => $form->createView() - )); - } - - protected function getLoginForm() - { - $adminLogin = new AdminLogin($this->getRequest()); - - return $adminLogin->getForm(); - } - - public function lostAction() - { - return new Response( - $this->renderRaw("404.html"), - 404 - ); + return $this->render("home.html"); } } \ No newline at end of file diff --git a/core/lib/Thelia/Admin/Controller/SessionController.php b/core/lib/Thelia/Admin/Controller/SessionController.php new file mode 100644 index 000000000..cba11a00e --- /dev/null +++ b/core/lib/Thelia/Admin/Controller/SessionController.php @@ -0,0 +1,63 @@ +. */ +/* */ +/*************************************************************************************/ + +namespace Thelia\Admin\Controller; + +use Symfony\Component\HttpFoundation\Response; +use Thelia\Form\AdminLogin; + +class SessionController extends BaseAdminController { + + public function loginAction() + { + $form = $this->getLoginForm(); + + $request = $this->getRequest(); + + if($request->isMethod("POST")) { + + $form->bind($request); + + if ($form->isValid()) { + + $this->container->get('request')->authenticate( + $form->get('username')->getData(), + $form->get('password')->getData() + ); + + echo "valid"; exit; + } + } + + return $this->render("login.html", array( + "form" => $form->createView() + )); + } + + protected function getLoginForm() + { + $adminLogin = new AdminLogin($this->getRequest()); + + return $adminLogin->getForm(); + } +} \ No newline at end of file diff --git a/core/lib/Thelia/Config/Resources/routing/admin.xml b/core/lib/Thelia/Config/Resources/routing/admin.xml index 90ecd0c1a..dc5e38a9b 100755 --- a/core/lib/Thelia/Config/Resources/routing/admin.xml +++ b/core/lib/Thelia/Config/Resources/routing/admin.xml @@ -8,10 +8,10 @@ Thelia\Admin\Controller\AdminController::indexAction - Thelia\Admin\Controller\AdminController::loginAction + Thelia\Admin\Controller\SessionController::loginAction - - Thelia\Admin\Controller\AdminController::lostAction + + Thelia\Admin\Controller\AdminController::notFoundAction .* \ No newline at end of file diff --git a/core/lib/Thelia/Core/Security/SecurityManager.php b/core/lib/Thelia/Core/Security/SecurityManager.php index 82c45a304..b60bf14d2 100644 --- a/core/lib/Thelia/Core/Security/SecurityManager.php +++ b/core/lib/Thelia/Core/Security/SecurityManager.php @@ -32,21 +32,22 @@ use Thelia\Core\Security\Exception\AuthenticationTokenNotFoundException; * @author Franck Allimant */ class SecurityManager { - +/* protected $authProvider; public function __construct(AuthenticationProviderInterface $authProvider) { $this->authProvider = $authProvider; } - +*/ /** * Checks if the current token is authenticated * * @throws AuthenticationCredentialsNotFoundException when the security context has no authentication token. * * @return Boolean + * @throws AuthenticationTokenNotFoundException if no thoken was found in context */ - final public function isGranted() + final public function isGranted($roles, $permissions) { if (null === $this->token) { throw new AuthenticationTokenNotFoundException('The security context contains no authentication token.'); @@ -56,7 +57,11 @@ class SecurityManager { $this->token = $this->authProvider->authenticate($this->token); } - return $this->token->isAuthenticated(); + if ($this->token->isAuthenticated()) { + // Check user roles and permissions + } + + return false; } /** diff --git a/core/lib/Thelia/Core/Template/Smarty/Plugins/Security.php b/core/lib/Thelia/Core/Template/Smarty/Plugins/Security.php new file mode 100644 index 000000000..de7573be6 --- /dev/null +++ b/core/lib/Thelia/Core/Template/Smarty/Plugins/Security.php @@ -0,0 +1,81 @@ +. */ +/* */ +/*************************************************************************************/ + +namespace Thelia\Core\Template\Smarty\Plugins; + +use Thelia\Core\Template\Smarty\SmartyPluginDescriptor; +use Thelia\Core\Template\Smarty\SmartyPluginInterface; +use Thelia\Core\Template\Smarty\Assets\SmartyAssetsManager; +use Thelia\Core\Security\SecurityManager; + +class Security implements SmartyPluginInterface +{ + private $securityManager; + + public function __construct(SecurityManager $securityManager) + { + $this->securityManager = $securityManager; + } + + private function _explode($commaSeparatedValues) + { + + $array = explode(',', $commaSeparatedValues); + + if (array_walk($array, function(&$item) { + $item = strtoupper(trim($item)); + })) { + return $array; + } + + return array(); + } + + /** + * Process security check function + * + * @param unknown $params + * @param unknown $smarty + * @return string + */ + public function checkAUth($params, &$smarty) + { + $roles = $this->_explode($params['role']); + $permissions = $this->_explode($params['role']); + + $this->securityManager->isGranted($roles, $permissions); + + } + + /** + * Define the various smarty plugins hendled by this class + * + * @return an array of smarty plugin descriptors + */ + public function getPluginDescriptors() + { + return array( + new SmartyPluginDescriptor('function', 'check_auth', $this, 'checkAUth'), + ); + } +} diff --git a/templates/admin/default/home.html b/templates/admin/default/home.html index e69de29bb..01e667a28 100755 --- a/templates/admin/default/home.html +++ b/templates/admin/default/home.html @@ -0,0 +1,20 @@ +{check_auth roles="ADMIN"} +{$page_title={intl l='Home'}} +{include file='includes/header.inc.html'} + +
+
+ {images file='assets/img/logo-thelia-34px.png'}{intl l='Thelia, solution e-commerce libre'}{/images} +
+ +
+ + {module_include location='index_top'} + +welcome home ! + + {module_include location='home_bottom'} +
+
+ +{include file='includes/footer.inc.html'} \ No newline at end of file