TheCoreDev/sterivein
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add a first verification in controller creation process for verifying if an admin is already logged in. Fix #246

Browse Source
This commit is contained in:
Manuel Raynaud
2014-03-07 12:35:50 +01:00
parent 6193274620
commit 8c45c392ac
5 changed files with 77 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
core/lib/Thelia/Core/Controller/ControllerResolver.php
View File

@@ -27,6 +27,9 @@ use Symfony\Component\HttpKernel\Controller\ControllerResolver as BaseController
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\DependencyInjection\ContainerAwareInterface;
use Psr\Log\LoggerInterface;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Thelia\Controller\Admin\BaseAdminController;
use Thelia\Exception\AdminAccessDenied;
/**
* ControllerResolver that supports "a:b:c", "service:method" and class::method" notations in routes definition
@@ -90,6 +93,15 @@ class ControllerResolver extends BaseControllerResolver
$controller->setContainer($this->container);
}
//check if an admin is logged in
if ($controller instanceof BaseAdminController) {
$securityContext = $this->container->get('thelia.securityContext');
$request = $this->container->get('request');
if(false === $securityContext->hasAdminUser() && $request->attributes->get('not-logged') != 1) {
throw new AdminAccessDenied();
}
}
return array($controller, $method);
}
}