diff --git a/core/lib/Thelia/Controller/Admin/AbstractCrudController.php b/core/lib/Thelia/Controller/Admin/AbstractCrudController.php index 170c35c4f..114bd75c1 100644 --- a/core/lib/Thelia/Controller/Admin/AbstractCrudController.php +++ b/core/lib/Thelia/Controller/Admin/AbstractCrudController.php @@ -23,6 +23,7 @@ namespace Thelia\Controller\Admin; +use Thelia\Core\Security\AccessManager; use Thelia\Form\Exception\FormValidationException; use Thelia\Core\Event\UpdatePositionEvent; @@ -40,10 +41,7 @@ abstract class AbstractCrudController extends BaseAdminController protected $orderRequestParameterName; // Permissions - protected $viewPermissionIdentifier; - protected $createPermissionIdentifier; - protected $updatePermissionIdentifier; - protected $deletePermissionIdentifier; + protected $resourceCode; // Events protected $createEventIdentifier; @@ -58,10 +56,7 @@ abstract class AbstractCrudController extends BaseAdminController * @param string $defaultListOrder the default object list order, or null if list is not sortable. Example: manual * @param string $orderRequestParameterName Name of the request parameter that set the list order (null if list is not sortable) * - * @param string $viewPermissionIdentifier the 'view' permission identifier. Example: "admin.configuration.message.view" - * @param string $createPermissionIdentifier the 'create' permission identifier. Example: "admin.configuration.message.create" - * @param string $updatePermissionIdentifier the 'update' permission identifier. Example: "admin.configuration.message.update" - * @param string $deletePermissionIdentifier the 'delete' permission identifier. Example: "admin.configuration.message.delete" + * @param string $resourceCode the 'resource' code. Example: "admin.configuration.message" * * @param string $createEventIdentifier the dispatched create TheliaEvent identifier. Example: TheliaEvents::MESSAGE_CREATE * @param string $updateEventIdentifier the dispatched update TheliaEvent identifier. Example: TheliaEvents::MESSAGE_UPDATE @@ -76,10 +71,7 @@ abstract class AbstractCrudController extends BaseAdminController $defaultListOrder = null, $orderRequestParameterName = null, - $viewPermissionIdentifier, - $createPermissionIdentifier, - $updatePermissionIdentifier, - $deletePermissionIdentifier, + $resourceCode, $createEventIdentifier, $updateEventIdentifier, @@ -92,10 +84,7 @@ abstract class AbstractCrudController extends BaseAdminController $this->defaultListOrder = $defaultListOrder; $this->orderRequestParameterName = $orderRequestParameterName; - $this->viewPermissionIdentifier = $viewPermissionIdentifier; - $this->createPermissionIdentifier = $createPermissionIdentifier; - $this->updatePermissionIdentifier = $updatePermissionIdentifier; - $this->deletePermissionIdentifier = $deletePermissionIdentifier; + $this->resourceCode = $resourceCode; $this->createEventIdentifier = $createEventIdentifier; $this->updateEventIdentifier = $updateEventIdentifier; @@ -278,7 +267,7 @@ abstract class AbstractCrudController extends BaseAdminController */ public function defaultAction() { - if (null !== $response = $this->checkAuth($this->viewPermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::VIEW)) return $response; return $this->renderList(); } @@ -290,7 +279,7 @@ abstract class AbstractCrudController extends BaseAdminController public function createAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->createPermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::CREATE)) return $response; $error_msg = false; @@ -351,7 +340,7 @@ abstract class AbstractCrudController extends BaseAdminController public function updateAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; // Load the object $object = $this->getExistingObject(); @@ -377,7 +366,7 @@ abstract class AbstractCrudController extends BaseAdminController public function processUpdateAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $error_msg = false; @@ -442,7 +431,7 @@ abstract class AbstractCrudController extends BaseAdminController public function updatePositionAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; try { $mode = $this->getRequest()->get('mode', null); @@ -476,7 +465,7 @@ abstract class AbstractCrudController extends BaseAdminController protected function genericUpdatePositionAction($object, $eventName, $doFinalRedirect = true) { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; if ($object != null) { @@ -510,7 +499,7 @@ abstract class AbstractCrudController extends BaseAdminController public function setToggleVisibilityAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $changeEvent = $this->createToggleVisibilityEvent($this->getRequest()); @@ -532,7 +521,7 @@ abstract class AbstractCrudController extends BaseAdminController public function deleteAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->deletePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::DELETE)) return $response; // Get the currency id, and dispatch the delet request $deleteEvent = $this->getDeleteEvent(); diff --git a/core/lib/Thelia/Controller/Admin/AddressController.php b/core/lib/Thelia/Controller/Admin/AddressController.php index 897b8421d..f934b3279 100644 --- a/core/lib/Thelia/Controller/Admin/AddressController.php +++ b/core/lib/Thelia/Controller/Admin/AddressController.php @@ -24,8 +24,9 @@ namespace Thelia\Controller\Admin; use Thelia\Core\Event\Address\AddressCreateOrUpdateEvent; use Thelia\Core\Event\Address\AddressEvent; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\TheliaEvents; +use Thelia\Core\Security\AccessManager; use Thelia\Form\AddressCreateForm; use Thelia\Form\AddressUpdateForm; use Thelia\Model\AddressQuery; @@ -45,10 +46,7 @@ class AddressController extends AbstractCrudController null, null, - AdminResources::ADDRESS_VIEW, - AdminResources::ADDRESS_CREATE, - AdminResources::ADDRESS_UPDATE, - AdminResources::ADDRESS_DELETE, + AdminResources::ADDRESS, TheliaEvents::ADDRESS_CREATE, TheliaEvents::ADDRESS_UPDATE, @@ -61,7 +59,7 @@ class AddressController extends AbstractCrudController public function useAddressAction() { - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $address_id = $this->getRequest()->request->get('address_id'); diff --git a/core/lib/Thelia/Controller/Admin/AreaController.php b/core/lib/Thelia/Controller/Admin/AreaController.php index bceddad96..4126ef741 100644 --- a/core/lib/Thelia/Controller/Admin/AreaController.php +++ b/core/lib/Thelia/Controller/Admin/AreaController.php @@ -23,7 +23,7 @@ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Area\AreaAddCountryEvent; use Thelia\Core\Event\Area\AreaCreateEvent; use Thelia\Core\Event\Area\AreaDeleteEvent; @@ -31,6 +31,7 @@ use Thelia\Core\Event\Area\AreaRemoveCountryEvent; use Thelia\Core\Event\Area\AreaUpdateEvent; use Thelia\Core\Event\Area\AreaUpdatePostageEvent; use Thelia\Core\Event\TheliaEvents; +use Thelia\Core\Security\AccessManager; use Thelia\Form\Area\AreaCountryForm; use Thelia\Form\Area\AreaCreateForm; use Thelia\Form\Area\AreaModificationForm; @@ -53,10 +54,7 @@ class AreaController extends AbstractCrudController null, null, - AdminResources::AREA_VIEW, - AdminResources::AREA_CREATE, - AdminResources::AREA_UPDATE, - AdminResources::AREA_DELETE, + AdminResources::AREA, TheliaEvents::AREA_CREATE, TheliaEvents::AREA_UPDATE, @@ -233,7 +231,7 @@ class AreaController extends AbstractCrudController public function addCountry() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $areaCountryForm = new AreaCountryForm($this->getRequest()); $error_msg = null; @@ -275,7 +273,7 @@ class AreaController extends AbstractCrudController public function removeCountry() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $request = $this->getRequest(); $removeCountryEvent = new AreaRemoveCountryEvent($request->request->get('areai_id', 0), $request->request->get('country_id', 0)); @@ -286,7 +284,7 @@ class AreaController extends AbstractCrudController public function updatePostageAction() { - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $areaUpdateForm = new AreaPostageForm($this->getRequest()); $error_msg = null; diff --git a/core/lib/Thelia/Controller/Admin/AttributeAvController.php b/core/lib/Thelia/Controller/Admin/AttributeAvController.php index 1e060de2c..92d50955b 100644 --- a/core/lib/Thelia/Controller/Admin/AttributeAvController.php +++ b/core/lib/Thelia/Controller/Admin/AttributeAvController.php @@ -23,7 +23,7 @@ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Attribute\AttributeAvDeleteEvent; use Thelia\Core\Event\TheliaEvents; use Thelia\Core\Event\Attribute\AttributeAvUpdateEvent; diff --git a/core/lib/Thelia/Controller/Admin/AttributeController.php b/core/lib/Thelia/Controller/Admin/AttributeController.php index e2e3f1a7e..00162ffcf 100644 --- a/core/lib/Thelia/Controller/Admin/AttributeController.php +++ b/core/lib/Thelia/Controller/Admin/AttributeController.php @@ -23,11 +23,12 @@ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Attribute\AttributeDeleteEvent; use Thelia\Core\Event\TheliaEvents; use Thelia\Core\Event\Attribute\AttributeUpdateEvent; use Thelia\Core\Event\Attribute\AttributeCreateEvent; +use Thelia\Core\Security\AccessManager; use Thelia\Model\AttributeQuery; use Thelia\Form\AttributeModificationForm; use Thelia\Form\AttributeCreationForm; @@ -51,10 +52,7 @@ class AttributeController extends AbstractCrudController 'manual', 'order', - AdminResources::ATTRIBUTE_VIEW, - AdminResources::ATTRIBUTE_CREATE, - AdminResources::ATTRIBUTE_UPDATE, - AdminResources::ATTRIBUTE_DELETE, + AdminResources::ATTRIBUTE, TheliaEvents::ATTRIBUTE_CREATE, TheliaEvents::ATTRIBUTE_UPDATE, @@ -254,7 +252,7 @@ class AttributeController extends AbstractCrudController protected function addRemoveFromAllTemplates($eventType) { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; try { if (null !== $object = $this->getExistingObject()) { diff --git a/core/lib/Thelia/Controller/Admin/BaseAdminController.php b/core/lib/Thelia/Controller/Admin/BaseAdminController.php index 829e51c37..186727ed5 100755 --- a/core/lib/Thelia/Controller/Admin/BaseAdminController.php +++ b/core/lib/Thelia/Controller/Admin/BaseAdminController.php @@ -111,16 +111,18 @@ class BaseAdminController extends BaseController /** * Check current admin user authorisations. An ADMIN role is assumed. * - * @param mixed $permissions a single permission or an array of permissions. + * @param mixed $resources a single resource or an array of resources. + * @param mixed $accesses a single access or an array of accesses. * * @return mixed null if authorization is granted, or a Response object which contains the error page otherwise * */ - protected function checkAuth($permissions) + protected function checkAuth($resources, $accesses) { - $permArr = is_array($permissions) ? $permissions : array($permissions); + $resources = is_array($resources) ? $resources : array($resources); + $accesses = is_array($accesses) ? $accesses : array($accesses); - if ($this->getSecurityContext()->isGranted(array("ADMIN"), $permArr)) { + if ($this->getSecurityContext()->isGranted(array("ADMIN"), $resources, $accesses)) { // Okay ! return null; } diff --git a/core/lib/Thelia/Controller/Admin/CategoryController.php b/core/lib/Thelia/Controller/Admin/CategoryController.php index e08ffdff9..86e4bb00c 100755 --- a/core/lib/Thelia/Controller/Admin/CategoryController.php +++ b/core/lib/Thelia/Controller/Admin/CategoryController.php @@ -24,11 +24,12 @@ namespace Thelia\Controller\Admin; use Symfony\Component\HttpFoundation\Response; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Category\CategoryDeleteEvent; use Thelia\Core\Event\TheliaEvents; use Thelia\Core\Event\Category\CategoryUpdateEvent; use Thelia\Core\Event\Category\CategoryCreateEvent; +use Thelia\Core\Security\AccessManager; use Thelia\Model\CategoryQuery; use Thelia\Form\CategoryModificationForm; use Thelia\Form\CategoryCreationForm; @@ -55,10 +56,7 @@ class CategoryController extends AbstractCrudController 'manual', 'category_order', - AdminResources::CATEGORY_VIEW, - AdminResources::CATEGORY_CREATE, - AdminResources::CATEGORY_UPDATE, - AdminResources::CATEGORY_DELETE, + AdminResources::CATEGORY, TheliaEvents::CATEGORY_CREATE, TheliaEvents::CATEGORY_UPDATE, @@ -217,7 +215,7 @@ class CategoryController extends AbstractCrudController public function setToggleVisibilityAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $event = new CategoryToggleVisibilityEvent($this->getExistingObject()); @@ -297,7 +295,7 @@ class CategoryController extends AbstractCrudController public function addRelatedContentAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $content_id = intval($this->getRequest()->get('content_id')); @@ -327,7 +325,7 @@ class CategoryController extends AbstractCrudController public function addRelatedPictureAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) { + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) { return $response; } @@ -355,7 +353,7 @@ class CategoryController extends AbstractCrudController public function deleteRelatedContentAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $content_id = intval($this->getRequest()->get('content_id')); diff --git a/core/lib/Thelia/Controller/Admin/ConfigController.php b/core/lib/Thelia/Controller/Admin/ConfigController.php index 1a99d8470..f8eafe820 100644 --- a/core/lib/Thelia/Controller/Admin/ConfigController.php +++ b/core/lib/Thelia/Controller/Admin/ConfigController.php @@ -23,11 +23,12 @@ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Config\ConfigDeleteEvent; use Thelia\Core\Event\TheliaEvents; use Thelia\Core\Event\Config\ConfigUpdateEvent; use Thelia\Core\Event\Config\ConfigCreateEvent; +use Thelia\Core\Security\AccessManager; use Thelia\Model\ConfigQuery; use Thelia\Form\ConfigModificationForm; use Thelia\Form\ConfigCreationForm; @@ -46,10 +47,7 @@ class ConfigController extends AbstractCrudController 'name', 'order', - AdminResources::CONFIG_VIEW, - AdminResources::CONFIG_CREATE, - AdminResources::CONFIG_UPDATE, - AdminResources::CONFIG_DELETE, + AdminResources::CONFIG, TheliaEvents::CONFIG_CREATE, TheliaEvents::CONFIG_UPDATE, @@ -188,7 +186,7 @@ class ConfigController extends AbstractCrudController public function changeValuesAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $variables = $this->getRequest()->get('variable', array()); diff --git a/core/lib/Thelia/Controller/Admin/ContentController.php b/core/lib/Thelia/Controller/Admin/ContentController.php index 721c193f0..adf3cc697 100644 --- a/core/lib/Thelia/Controller/Admin/ContentController.php +++ b/core/lib/Thelia/Controller/Admin/ContentController.php @@ -22,7 +22,7 @@ /*************************************************************************************/ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Content\ContentAddFolderEvent; use Thelia\Core\Event\Content\ContentCreateEvent; use Thelia\Core\Event\Content\ContentDeleteEvent; @@ -31,6 +31,7 @@ use Thelia\Core\Event\Content\ContentToggleVisibilityEvent; use Thelia\Core\Event\Content\ContentUpdateEvent; use Thelia\Core\Event\TheliaEvents; use Thelia\Core\Event\UpdatePositionEvent; +use Thelia\Core\Security\AccessManager; use Thelia\Form\ContentCreationForm; use Thelia\Form\ContentModificationForm; use Thelia\Model\ContentQuery; @@ -50,10 +51,7 @@ class ContentController extends AbstractCrudController 'manual', 'content_order', - AdminResources::CONTENT_VIEW, - AdminResources::CONTENT_CREATE, - AdminResources::CONTENT_UPDATE, - AdminResources::CONTENT_DELETE, + AdminResources::CONTENT, TheliaEvents::CONTENT_CREATE, TheliaEvents::CONTENT_UPDATE, @@ -71,7 +69,7 @@ class ContentController extends AbstractCrudController public function addAdditionalFolderAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $folder_id = intval($this->getRequest()->request->get('additional_folder_id')); @@ -99,7 +97,7 @@ class ContentController extends AbstractCrudController public function removeAdditionalFolderAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $folder_id = intval($this->getRequest()->request->get('additional_folder_id')); diff --git a/core/lib/Thelia/Controller/Admin/CountryController.php b/core/lib/Thelia/Controller/Admin/CountryController.php index 356c3d846..e5bcce67b 100644 --- a/core/lib/Thelia/Controller/Admin/CountryController.php +++ b/core/lib/Thelia/Controller/Admin/CountryController.php @@ -22,12 +22,13 @@ /*************************************************************************************/ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Country\CountryCreateEvent; use Thelia\Core\Event\Country\CountryDeleteEvent; use Thelia\Core\Event\Country\CountryToggleDefaultEvent; use Thelia\Core\Event\Country\CountryUpdateEvent; use Thelia\Core\Event\TheliaEvents; +use Thelia\Core\Security\AccessManager; use Thelia\Form\CountryCreationForm; use Thelia\Form\CountryModificationForm; use Thelia\Model\CountryQuery; @@ -47,10 +48,7 @@ class CountryController extends AbstractCrudController 'manual', 'country_order', - AdminResources::COUNTRY_VIEW, - AdminResources::COUNTRY_CREATE, - AdminResources::COUNTRY_UPDATE, - AdminResources::COUNTRY_DELETE, + AdminResources::COUNTRY, TheliaEvents::COUNTRY_CREATE, TheliaEvents::COUNTRY_UPDATE, @@ -237,7 +235,7 @@ class CountryController extends AbstractCrudController public function toggleDefaultAction() { - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $content = null; if (null !== $country_id = $this->getRequest()->get('country_id')) { $toogleDefaultEvent = new CountryToggleDefaultEvent($country_id); diff --git a/core/lib/Thelia/Controller/Admin/CouponController.php b/core/lib/Thelia/Controller/Admin/CouponController.php index 03a7b7477..3d5b2d72f 100755 --- a/core/lib/Thelia/Controller/Admin/CouponController.php +++ b/core/lib/Thelia/Controller/Admin/CouponController.php @@ -27,11 +27,12 @@ use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Routing\Router; use Thelia\Condition\ConditionFactory; use Thelia\Condition\ConditionManagerInterface; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Condition\ConditionCreateOrUpdateEvent; use Thelia\Core\Event\Coupon\CouponConsumeEvent; use Thelia\Core\Event\Coupon\CouponCreateOrUpdateEvent; use Thelia\Core\Event\TheliaEvents; +use Thelia\Core\Security\AccessManager; use Thelia\Coupon\CouponManager; use Thelia\Coupon\ConditionCollection; use Thelia\Coupon\Type\CouponInterface; @@ -63,7 +64,7 @@ class CouponController extends BaseAdminController */ public function browseAction() { - $this->checkAuth('ADMIN', AdminResources::COUPON_VIEW); + $this->checkAuth(AdminResources::COUPON, AccessManager::VIEW); $args['urlReadCoupon'] = $this->getRoute( 'admin.coupon.read', @@ -95,7 +96,7 @@ class CouponController extends BaseAdminController */ public function readAction($couponId) { - $this->checkAuth('ADMIN', AdminResources::COUPON_VIEW); + $this->checkAuth(AdminResources::COUPON, AccessManager::VIEW); // Database request repeated in the loop but cached $search = CouponQuery::create(); @@ -123,7 +124,7 @@ class CouponController extends BaseAdminController public function createAction() { // Check current user authorization - $response = $this->checkAuth(AdminResources::COUPON_CREATE); + $response = $this->checkAuth(AdminResources::COUPON, AccessManager::CREATE); if ($response !== null) { return $response; } @@ -171,7 +172,7 @@ class CouponController extends BaseAdminController public function updateAction($couponId) { // Check current user authorization - $response = $this->checkAuth(AdminResources::COUPON_UPDATE); + $response = $this->checkAuth(AdminResources::COUPON, AccessManager::UPDATE); if ($response !== null) { return $response; } @@ -278,7 +279,7 @@ var_dump($coupon->getIsRemovingPostage());; */ public function getConditionInputAction($conditionId) { - $this->checkAuth('ADMIN', AdminResources::COUPON_VIEW); + $this->checkAuth(AdminResources::COUPON, AccessManager::VIEW); $this->checkXmlHttpRequest(); @@ -308,7 +309,7 @@ var_dump($coupon->getIsRemovingPostage());; */ public function updateConditionsAction($couponId) { - $this->checkAuth('ADMIN', AdminResources::COUPON_VIEW); + $this->checkAuth(AdminResources::COUPON, AccessManager::VIEW); $this->checkXmlHttpRequest(); diff --git a/core/lib/Thelia/Controller/Admin/CurrencyController.php b/core/lib/Thelia/Controller/Admin/CurrencyController.php index 2510b845c..a50a5cdd6 100644 --- a/core/lib/Thelia/Controller/Admin/CurrencyController.php +++ b/core/lib/Thelia/Controller/Admin/CurrencyController.php @@ -23,7 +23,7 @@ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Currency\CurrencyDeleteEvent; use Thelia\Core\Event\TheliaEvents; use Thelia\Core\Event\Currency\CurrencyUpdateEvent; @@ -47,10 +47,7 @@ class CurrencyController extends AbstractCrudController 'manual', 'order', - AdminResources::CURRENCY_VIEW, - AdminResources::CURRENCY_CREATE, - AdminResources::CURRENCY_UPDATE, - AdminResources::CURRENCY_DELETE, + AdminResources::CURRENCY, TheliaEvents::CURRENCY_CREATE, TheliaEvents::CURRENCY_UPDATE, @@ -187,7 +184,7 @@ class CurrencyController extends AbstractCrudController public function updateRatesAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; try { $this->dispatch(TheliaEvents::CURRENCY_UPDATE_RATES); @@ -205,7 +202,7 @@ class CurrencyController extends AbstractCrudController public function setDefaultAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $changeEvent = new CurrencyUpdateEvent($this->getRequest()->get('currency_id', 0)); diff --git a/core/lib/Thelia/Controller/Admin/CustomerController.php b/core/lib/Thelia/Controller/Admin/CustomerController.php index 2ae53dc91..fd203a066 100644 --- a/core/lib/Thelia/Controller/Admin/CustomerController.php +++ b/core/lib/Thelia/Controller/Admin/CustomerController.php @@ -24,11 +24,12 @@ namespace Thelia\Controller\Admin; use Propel\Runtime\Exception\PropelException; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Customer\CustomerAddressEvent; use Thelia\Core\Event\Customer\CustomerCreateOrUpdateEvent; use Thelia\Core\Event\Customer\CustomerEvent; use Thelia\Core\Event\TheliaEvents; +use Thelia\Core\Security\AccessManager; use Thelia\Form\CustomerModification; use Thelia\Form\Exception\FormValidationException; use Thelia\Model\CustomerQuery; @@ -43,13 +44,13 @@ class CustomerController extends BaseAdminController { public function indexAction() { - if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER_VIEW)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, AccessManager::VIEW)) return $response; return $this->render("customers", array("display_customer" => 20)); } public function viewAction($customer_id) { - if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER_VIEW)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, AccessManager::VIEW)) return $response; return $this->render("customer-edit", array( "customer_id" => $customer_id )); @@ -63,7 +64,7 @@ class CustomerController extends BaseAdminController */ public function updateAction($customer_id) { - if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER_UPDATE)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, AccessManager::UPDATE)) return $response; $message = false; @@ -119,7 +120,7 @@ class CustomerController extends BaseAdminController public function deleteAction() { - if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER_DELETE)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, AccessManager::DELETE)) return $response; $message = null; diff --git a/core/lib/Thelia/Controller/Admin/FeatureAvController.php b/core/lib/Thelia/Controller/Admin/FeatureAvController.php index e65fceac0..f3b80ef51 100644 --- a/core/lib/Thelia/Controller/Admin/FeatureAvController.php +++ b/core/lib/Thelia/Controller/Admin/FeatureAvController.php @@ -23,7 +23,7 @@ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Feature\FeatureAvDeleteEvent; use Thelia\Core\Event\TheliaEvents; use Thelia\Core\Event\Feature\FeatureAvUpdateEvent; diff --git a/core/lib/Thelia/Controller/Admin/FeatureController.php b/core/lib/Thelia/Controller/Admin/FeatureController.php index c681a7b61..7696b9c6e 100644 --- a/core/lib/Thelia/Controller/Admin/FeatureController.php +++ b/core/lib/Thelia/Controller/Admin/FeatureController.php @@ -23,11 +23,12 @@ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Feature\FeatureDeleteEvent; use Thelia\Core\Event\TheliaEvents; use Thelia\Core\Event\Feature\FeatureUpdateEvent; use Thelia\Core\Event\Feature\FeatureCreateEvent; +use Thelia\Core\Security\AccessManager; use Thelia\Model\FeatureQuery; use Thelia\Form\FeatureModificationForm; use Thelia\Form\FeatureCreationForm; @@ -51,10 +52,7 @@ class FeatureController extends AbstractCrudController 'manual', 'order', - AdminResources::FEATURE_VIEW, - AdminResources::FEATURE_CREATE, - AdminResources::FEATURE_UPDATE, - AdminResources::FEATURE_DELETE, + AdminResources::FEATURE, TheliaEvents::FEATURE_CREATE, TheliaEvents::FEATURE_UPDATE, @@ -254,7 +252,7 @@ class FeatureController extends AbstractCrudController protected function addRemoveFromAllTemplates($eventType) { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; try { if (null !== $object = $this->getExistingObject()) { diff --git a/core/lib/Thelia/Controller/Admin/FileController.php b/core/lib/Thelia/Controller/Admin/FileController.php index 0c6f51630..3c2ad0ba9 100755 --- a/core/lib/Thelia/Controller/Admin/FileController.php +++ b/core/lib/Thelia/Controller/Admin/FileController.php @@ -26,12 +26,13 @@ namespace Thelia\Controller\Admin; use Propel\Runtime\Exception\PropelException; use Symfony\Component\HttpFoundation\File\UploadedFile; use Symfony\Component\HttpFoundation\Response; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Document\DocumentCreateOrUpdateEvent; use Thelia\Core\Event\Document\DocumentDeleteEvent; use Thelia\Core\Event\Image\ImageCreateOrUpdateEvent; use Thelia\Core\Event\Image\ImageDeleteEvent; use Thelia\Core\Event\TheliaEvents; +use Thelia\Core\Security\AccessManager; use Thelia\Form\Exception\FormValidationException; use Thelia\Log\Tlog; use Thelia\Model\CategoryDocument; @@ -70,7 +71,7 @@ class FileController extends BaseAdminController */ public function saveImageAjaxAction($parentId, $parentType) { - $this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update')); + $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE); $this->checkXmlHttpRequest(); if ($this->isParentTypeValid($parentType)) { @@ -146,7 +147,7 @@ class FileController extends BaseAdminController */ public function saveDocumentAjaxAction($parentId, $parentType) { - $this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update')); + $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE); $this->checkXmlHttpRequest(); if ($this->isParentTypeValid($parentType)) { @@ -210,7 +211,7 @@ class FileController extends BaseAdminController */ public function getImageListAjaxAction($parentId, $parentType) { - $this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update')); + $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE); $this->checkXmlHttpRequest(); $args = array('imageType' => $parentType, 'parentId' => $parentId); @@ -227,7 +228,7 @@ class FileController extends BaseAdminController */ public function getDocumentListAjaxAction($parentId, $parentType) { - $this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update')); + $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE); $this->checkXmlHttpRequest(); $args = array('documentType' => $parentType, 'parentId' => $parentId); @@ -244,7 +245,7 @@ class FileController extends BaseAdminController */ public function getImageFormAjaxAction($parentId, $parentType) { - $this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update')); + $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE); $this->checkXmlHttpRequest(); $args = array('imageType' => $parentType, 'parentId' => $parentId); @@ -261,7 +262,7 @@ class FileController extends BaseAdminController */ public function getDocumentFormAjaxAction($parentId, $parentType) { - $this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update')); + $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE); $this->checkXmlHttpRequest(); $args = array('documentType' => $parentType, 'parentId' => $parentId); @@ -278,7 +279,7 @@ class FileController extends BaseAdminController */ public function viewImageAction($imageId, $parentType) { - if (null !== $response = $this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update'))) { + if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE)) { return $response; } try { @@ -307,7 +308,7 @@ class FileController extends BaseAdminController */ public function viewDocumentAction($documentId, $parentType) { - if (null !== $response = $this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update'))) { + if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE)) { return $response; } try { @@ -336,7 +337,7 @@ class FileController extends BaseAdminController */ public function updateImageAction($imageId, $parentType) { - if (null !== $response = $this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update'))) { + if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE)) { return $response; } @@ -413,7 +414,7 @@ class FileController extends BaseAdminController */ public function updateDocumentAction($documentId, $parentType) { - if (null !== $response = $this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update'))) { + if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE)) { return $response; } @@ -490,7 +491,7 @@ class FileController extends BaseAdminController */ public function deleteImageAction($imageId, $parentType) { - $this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update')); + $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE); $this->checkXmlHttpRequest(); $fileManager = new FileManager($this->container); @@ -533,7 +534,7 @@ class FileController extends BaseAdminController */ public function deleteDocumentAction($documentId, $parentType) { - $this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update')); + $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE); $this->checkXmlHttpRequest(); $fileManager = new FileManager($this->container); diff --git a/core/lib/Thelia/Controller/Admin/FolderController.php b/core/lib/Thelia/Controller/Admin/FolderController.php index a5dd5c8eb..8b709dbbe 100644 --- a/core/lib/Thelia/Controller/Admin/FolderController.php +++ b/core/lib/Thelia/Controller/Admin/FolderController.php @@ -22,7 +22,7 @@ /*************************************************************************************/ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Folder\FolderCreateEvent; use Thelia\Core\Event\Folder\FolderDeleteEvent; use Thelia\Core\Event\Folder\FolderToggleVisibilityEvent; diff --git a/core/lib/Thelia/Controller/Admin/LanguageController.php b/core/lib/Thelia/Controller/Admin/LanguageController.php index e6ea4890b..834a4cbed 100644 --- a/core/lib/Thelia/Controller/Admin/LanguageController.php +++ b/core/lib/Thelia/Controller/Admin/LanguageController.php @@ -23,7 +23,8 @@ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; +use Thelia\Core\Security\AccessManager; /** * Class LanguageController @@ -34,7 +35,7 @@ class LanguageController extends BaseAdminController { public function defaultAction() { - if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE_VIEW)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::VIEW)) return $response; return $this->render("languages"); } diff --git a/core/lib/Thelia/Controller/Admin/MailingSystemController.php b/core/lib/Thelia/Controller/Admin/MailingSystemController.php index 7cc1a6727..dba5d2417 100644 --- a/core/lib/Thelia/Controller/Admin/MailingSystemController.php +++ b/core/lib/Thelia/Controller/Admin/MailingSystemController.php @@ -23,7 +23,8 @@ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; +use Thelia\Core\Security\AccessManager; /** * Class MailingSystemController @@ -34,7 +35,7 @@ class MailingSystemController extends BaseAdminController { public function defaultAction() { - if (null !== $response = $this->checkAuth(AdminResources::MAILING_SYSTEM_VIEW)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::MAILING_SYSTEM, AccessManager::VIEW)) return $response; return $this->render("mailing-system"); } diff --git a/core/lib/Thelia/Controller/Admin/MessageController.php b/core/lib/Thelia/Controller/Admin/MessageController.php index 71da8b9cf..c0bce7918 100644 --- a/core/lib/Thelia/Controller/Admin/MessageController.php +++ b/core/lib/Thelia/Controller/Admin/MessageController.php @@ -23,7 +23,7 @@ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Message\MessageDeleteEvent; use Thelia\Core\Event\TheliaEvents;use Thelia\Core\Event\Message\MessageUpdateEvent; use Thelia\Core\Event\Message\MessageCreateEvent; diff --git a/core/lib/Thelia/Controller/Admin/ModuleController.php b/core/lib/Thelia/Controller/Admin/ModuleController.php index a2079cee7..44a1c2a24 100644 --- a/core/lib/Thelia/Controller/Admin/ModuleController.php +++ b/core/lib/Thelia/Controller/Admin/ModuleController.php @@ -23,11 +23,12 @@ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Module\ModuleDeleteEvent; use Thelia\Core\Event\Module\ModuleToggleActivationEvent; use Thelia\Core\Event\TheliaEvents; +use Thelia\Core\Security\AccessManager; use Thelia\Module\ModuleManagement; /** @@ -39,7 +40,7 @@ class ModuleController extends BaseAdminController { public function indexAction() { - if (null !== $response = $this->checkAuth(AdminResources::MODULE_VIEW)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::MODULE, AccessManager::VIEW)) return $response; $modulemanagement = new ModuleManagement(); $modulemanagement->updateModules(); @@ -56,7 +57,7 @@ class ModuleController extends BaseAdminController public function toggleActivationAction($module_id) { - if (null !== $response = $this->checkAuth("admin.module.update")) return $response; + if (null !== $response = $this->checkAuth(AdminResources::MODULE, AccessManager::UPDATE)) return $response; $message = null; try { $event = new ModuleToggleActivationEvent($module_id); @@ -88,7 +89,7 @@ class ModuleController extends BaseAdminController public function deleteAction() { - if (null !== $response = $this->checkAuth("admin.module.delete")) return $response; + if (null !== $response = $this->checkAuth(AdminResources::MODULE, AccessManager::DELETE)) return $response; $message = null; try { diff --git a/core/lib/Thelia/Controller/Admin/OrderController.php b/core/lib/Thelia/Controller/Admin/OrderController.php index 1756582cc..429d9837e 100644 --- a/core/lib/Thelia/Controller/Admin/OrderController.php +++ b/core/lib/Thelia/Controller/Admin/OrderController.php @@ -24,11 +24,12 @@ namespace Thelia\Controller\Admin; use Symfony\Component\HttpFoundation\Response; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Order\OrderAddressEvent; use Thelia\Core\Event\Order\OrderEvent; use Thelia\Core\Event\PdfEvent; use Thelia\Core\Event\TheliaEvents; +use Thelia\Core\Security\AccessManager; use Thelia\Form\OrderUpdateAddress; use Thelia\Model\ConfigQuery; use Thelia\Model\Base\OrderAddressQuery; @@ -45,7 +46,7 @@ class OrderController extends BaseAdminController { public function indexAction() { - if (null !== $response = $this->checkAuth(AdminResources::ORDER_VIEW)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::VIEW)) return $response; return $this->render("orders", array("display_order" => 20)); } @@ -58,7 +59,7 @@ class OrderController extends BaseAdminController public function updateStatus($order_id = null) { - if (null !== $response = $this->checkAuth(AdminResources::ORDER_UPDATE)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::UPDATE)) return $response; $message = null; @@ -109,7 +110,7 @@ class OrderController extends BaseAdminController public function updateDeliveryRef($order_id) { - if (null !== $response = $this->checkAuth(AdminResources::ORDER_UPDATE)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::UPDATE)) return $response; $message = null; @@ -144,7 +145,7 @@ class OrderController extends BaseAdminController public function updateAddress($order_id) { - if (null !== $response = $this->checkAuth(AdminResources::ORDER_UPDATE)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::UPDATE)) return $response; $message = null; @@ -210,7 +211,7 @@ class OrderController extends BaseAdminController protected function generatePdf($order_id, $fileName) { - if (null !== $response = $this->checkAuth(AdminResources::ORDER_UPDATE)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::UPDATE)) return $response; $html = $this->renderRaw( $fileName, diff --git a/core/lib/Thelia/Controller/Admin/ProductController.php b/core/lib/Thelia/Controller/Admin/ProductController.php index 8c56ba55a..96a29de32 100644 --- a/core/lib/Thelia/Controller/Admin/ProductController.php +++ b/core/lib/Thelia/Controller/Admin/ProductController.php @@ -23,13 +23,14 @@ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Product\ProductAddCategoryEvent; use Thelia\Core\Event\Product\ProductDeleteCategoryEvent; use Thelia\Core\Event\Product\ProductDeleteEvent; use Thelia\Core\Event\TheliaEvents; use Thelia\Core\Event\Product\ProductUpdateEvent; use Thelia\Core\Event\Product\ProductCreateEvent; +use Thelia\Core\Security\AccessManager; use Thelia\Model\ProductQuery; use Thelia\Form\ProductModificationForm; use Thelia\Form\ProductCreationForm; @@ -62,10 +63,7 @@ class ProductController extends AbstractCrudController 'manual', 'product_order', - AdminResources::PRODUCT_VIEW, - AdminResources::PRODUCT_CREATE, - AdminResources::PRODUCT_UPDATE, - AdminResources::PRODUCT_DELETE, + AdminResources::PRODUCT, TheliaEvents::PRODUCT_CREATE, TheliaEvents::PRODUCT_UPDATE, @@ -281,7 +279,7 @@ class ProductController extends AbstractCrudController public function setToggleVisibilityAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $event = new ProductToggleVisibilityEvent($this->getExistingObject()); @@ -357,7 +355,7 @@ class ProductController extends AbstractCrudController { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $content_id = intval($this->getRequest()->get('content_id')); @@ -383,7 +381,7 @@ class ProductController extends AbstractCrudController { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $content_id = intval($this->getRequest()->get('content_id')); @@ -435,7 +433,7 @@ class ProductController extends AbstractCrudController public function addAccessoryAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $accessory_id = intval($this->getRequest()->get('accessory_id')); @@ -460,7 +458,7 @@ class ProductController extends AbstractCrudController public function deleteAccessoryAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $accessory_id = intval($this->getRequest()->get('accessory_id')); @@ -516,7 +514,7 @@ class ProductController extends AbstractCrudController public function setProductTemplateAction($productId) { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $product = ProductQuery::create()->findPk($productId); @@ -613,7 +611,7 @@ class ProductController extends AbstractCrudController public function addAdditionalCategoryAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $category_id = intval($this->getRequest()->request->get('additional_category_id')); @@ -638,7 +636,7 @@ class ProductController extends AbstractCrudController public function deleteAdditionalCategoryAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $category_id = intval($this->getRequest()->get('additional_category_id')); @@ -735,7 +733,7 @@ class ProductController extends AbstractCrudController public function addCombinationAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $event = new ProductCreateCombinationEvent( $this->getExistingObject(), @@ -760,7 +758,7 @@ class ProductController extends AbstractCrudController public function deleteCombinationAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $event = new ProductDeleteCombinationEvent( $this->getExistingObject(), diff --git a/core/lib/Thelia/Controller/Admin/ProfileController.php b/core/lib/Thelia/Controller/Admin/ProfileController.php index 345093303..b28c418e4 100644 --- a/core/lib/Thelia/Controller/Admin/ProfileController.php +++ b/core/lib/Thelia/Controller/Admin/ProfileController.php @@ -23,7 +23,7 @@ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Profile\ProfileEvent; use Thelia\Core\Event\TheliaEvents; use Thelia\Form\ProfileCreationForm; @@ -40,10 +40,7 @@ class ProfileController extends AbstractCrudController 'manual', 'order', - AdminResources::PRODUCT_VIEW, - AdminResources::PRODUCT_CREATE, - AdminResources::PRODUCT_UPDATE, - AdminResources::PRODUCT_DELETE, + AdminResources::PROFILE, TheliaEvents::PROFILE_CREATE, TheliaEvents::PROFILE_UPDATE, diff --git a/core/lib/Thelia/Controller/Admin/ShippingZoneController.php b/core/lib/Thelia/Controller/Admin/ShippingZoneController.php index 5b0cd6dcc..2bd6363cc 100644 --- a/core/lib/Thelia/Controller/Admin/ShippingZoneController.php +++ b/core/lib/Thelia/Controller/Admin/ShippingZoneController.php @@ -22,10 +22,11 @@ /*************************************************************************************/ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\ShippingZone\ShippingZoneAddAreaEvent; use Thelia\Core\Event\ShippingZone\ShippingZoneRemoveAreaEvent; use Thelia\Core\Event\TheliaEvents; +use Thelia\Core\Security\AccessManager; use Thelia\Form\Exception\FormValidationException; use Thelia\Form\ShippingZone\ShippingZoneAddArea; use Thelia\Form\ShippingZone\ShippingZoneRemoveArea; @@ -41,13 +42,13 @@ class ShippingZoneController extends BaseAdminController public function indexAction() { - if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE_VIEW)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, AccessManager::VIEW)) return $response; return $this->render("shipping-zones", array("display_shipping_zone" => 20)); } public function updateAction($shipping_zones_id) { - if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE_VIEW)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, AccessManager::VIEW)) return $response; return $this->render("shipping-zones-edit", array( "shipping_zones_id" => $shipping_zones_id )); @@ -58,7 +59,7 @@ class ShippingZoneController extends BaseAdminController */ public function addArea() { - if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE_UPDATE)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, AccessManager::UPDATE)) return $response; $shippingAreaForm = new ShippingZoneAddArea($this->getRequest()); $error_msg = null; @@ -93,7 +94,7 @@ class ShippingZoneController extends BaseAdminController public function removeArea() { - if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE_UPDATE)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, AccessManager::UPDATE)) return $response; $shippingAreaForm = new ShippingZoneRemoveArea($this->getRequest()); $error_msg = null; diff --git a/core/lib/Thelia/Controller/Admin/TaxController.php b/core/lib/Thelia/Controller/Admin/TaxController.php index d0166c9c5..ec30dfdfa 100644 --- a/core/lib/Thelia/Controller/Admin/TaxController.php +++ b/core/lib/Thelia/Controller/Admin/TaxController.php @@ -23,7 +23,7 @@ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Tax\TaxEvent; use Thelia\Core\Event\TheliaEvents; use Thelia\Form\TaxCreationForm; diff --git a/core/lib/Thelia/Controller/Admin/TaxRuleController.php b/core/lib/Thelia/Controller/Admin/TaxRuleController.php index 929df576e..db3eca4b4 100644 --- a/core/lib/Thelia/Controller/Admin/TaxRuleController.php +++ b/core/lib/Thelia/Controller/Admin/TaxRuleController.php @@ -23,9 +23,10 @@ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Tax\TaxRuleEvent; use Thelia\Core\Event\TheliaEvents; +use Thelia\Core\Security\AccessManager; use Thelia\Form\TaxRuleCreationForm; use Thelia\Form\TaxRuleModificationForm; use Thelia\Form\TaxRuleTaxListUpdateForm; @@ -41,10 +42,7 @@ class TaxRuleController extends AbstractCrudController 'manual', 'order', - AdminResources::TAX_VIEW, - AdminResources::TAX_CREATE, - AdminResources::TAX_UPDATE, - AdminResources::TAX_DELETE, + AdminResources::TAX, TheliaEvents::TAX_RULE_CREATE, TheliaEvents::TAX_RULE_UPDATE, @@ -221,7 +219,7 @@ class TaxRuleController extends AbstractCrudController public function updateAction() { - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $object = $this->getExistingObject(); @@ -239,7 +237,7 @@ class TaxRuleController extends AbstractCrudController public function setDefaultAction() { - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $setDefaultEvent = new TaxRuleEvent(); @@ -257,7 +255,7 @@ class TaxRuleController extends AbstractCrudController public function processUpdateTaxesAction() { // Check current user authorization - if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response; + if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response; $error_msg = false; diff --git a/core/lib/Thelia/Controller/Admin/TemplateController.php b/core/lib/Thelia/Controller/Admin/TemplateController.php index ba4a1cccf..fd7df6bb2 100644 --- a/core/lib/Thelia/Controller/Admin/TemplateController.php +++ b/core/lib/Thelia/Controller/Admin/TemplateController.php @@ -23,11 +23,12 @@ namespace Thelia\Controller\Admin; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Event\Template\TemplateDeleteEvent; use Thelia\Core\Event\TheliaEvents; use Thelia\Core\Event\Template\TemplateUpdateEvent; use Thelia\Core\Event\Template\TemplateCreateEvent; +use Thelia\Core\Security\AccessManager; use Thelia\Model\TemplateQuery; use Thelia\Form\TemplateModificationForm; use Thelia\Form\TemplateCreationForm; @@ -52,10 +53,7 @@ class TemplateController extends AbstractCrudController null, null, - AdminResources::TEMPLATE_VIEW, - AdminResources::TEMPLATE_CREATE, - AdminResources::TEMPLATE_UPDATE, - AdminResources::TEMPLATE_DELETE, + AdminResources::TEMPLATE, TheliaEvents::TEMPLATE_CREATE, TheliaEvents::TEMPLATE_UPDATE, @@ -213,7 +211,7 @@ class TemplateController extends AbstractCrudController public function addAttributeAction() { // Check current user authorization - if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE_UPDATE)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, AccessManager::UPDATE)) return $response; $attribute_id = intval($this->getRequest()->get('attribute_id')); @@ -237,7 +235,7 @@ class TemplateController extends AbstractCrudController public function deleteAttributeAction() { // Check current user authorization - if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE_UPDATE)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, AccessManager::UPDATE)) return $response; $event = new TemplateDeleteAttributeEvent( $this->getExistingObject(), @@ -272,7 +270,7 @@ class TemplateController extends AbstractCrudController public function addFeatureAction() { // Check current user authorization - if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE_UPDATE)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, AccessManager::UPDATE)) return $response; $feature_id = intval($this->getRequest()->get('feature_id')); @@ -296,7 +294,7 @@ class TemplateController extends AbstractCrudController public function deleteFeatureAction() { // Check current user authorization - if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE_UPDATE)) return $response; + if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, AccessManager::UPDATE)) return $response; $event = new TemplateDeleteFeatureEvent( $this->getExistingObject(), diff --git a/core/lib/Thelia/Core/Security/AccessManager.php b/core/lib/Thelia/Core/Security/AccessManager.php new file mode 100644 index 000000000..cdf7105a8 --- /dev/null +++ b/core/lib/Thelia/Core/Security/AccessManager.php @@ -0,0 +1,84 @@ +. */ +/* */ +/*************************************************************************************/ + +namespace Thelia\Core\Security; + +use Propel\Runtime\ActiveQuery\Criteria; +use Thelia\Core\Security\Resource\AdminResources; +use Thelia\Core\Security\User\UserInterface; +use Thelia\Core\HttpFoundation\Request; +use Thelia\Model\ProfileQuery; +use Thelia\Model\ProfileResourceQuery; + +/** + * A simple security manager, in charge of checking user + * + * @author Etienne Roudeix + */ +class AccessManager +{ + const VIEW = 'VIEW'; + const CREATE = 'CREATE'; + const UPDATE = 'UPDATE'; + const DELETE = 'DELETE'; + + protected $accessGranted = array( + self::VIEW => false, + self::CREATE => false, + self::UPDATE => false, + self::DELETE => false, + ); + + protected $accessPows = array( + self::VIEW => 3, + self::CREATE => 2, + self::UPDATE => 1, + self::DELETE => 0, + ); + + protected $accessValue; + + public function __construct($accessValue) + { + $this->accessValue = $accessValue; + + foreach($this->accessPows as $type => $value) { + if($accessValue >= $value) { + $accessValue -= $value; + $this->accessGranted[$type] = true; + } else { + $this->accessGranted[$type] = false; + } + } + } + + public function can($type) + { + if(!array_key_exists($type, $this->accessGranted)) { + return false; + } + + return $this->accessGranted[$type]; + + } +} diff --git a/core/lib/Thelia/Core/Security/Resource/AdminResources.php b/core/lib/Thelia/Core/Security/Resource/AdminResources.php index 8e8a24e3c..8ca3bdd82 100644 --- a/core/lib/Thelia/Core/Security/Resource/AdminResources.php +++ b/core/lib/Thelia/Core/Security/Resource/AdminResources.php @@ -21,7 +21,7 @@ /* */ /*************************************************************************************/ -namespace Thelia\Core\Event; +namespace Thelia\Core\Security\Resource; use Thelia\Core\Security\Exception\ResourceException; @@ -35,9 +35,9 @@ final class AdminResources { static private $selfReflection = null; - static public function retrieve($name, $action) + static public function retrieve($name) { - $contantName = strtoupper($name . '_' . $action); + $contantName = strtoupper($name); if(null === self::$selfReflection) { self::$selfReflection = new \ReflectionClass(__CLASS__); @@ -52,118 +52,49 @@ final class AdminResources const SUPERADMINISTRATOR = "SUPERADMINISTRATOR"; - const ADDRESS_VIEW = "admin.address.view"; - const ADDRESS_CREATE = "admin.address.create"; - const ADDRESS_UPDATE = "admin.address.update"; - const ADDRESS_DELETE = "admin.address.delete"; + const ADDRESS = "admin.address"; - const ADMIN_VIEW = "admin.configuration.admin.view"; - const ADMIN_CREATE = "admin.configuration.admin.create"; - const ADMIN_UPDATE = "admin.configuration.admin.update"; - const ADMIN_DELETE = "admin.configuration.admin.delete"; + const ADMIN = "admin.configuration.admin"; - const AREA_VIEW = "admin.configuration.area.view"; - const AREA_CREATE = "admin.configuration.area.create"; - const AREA_UPDATE = "admin.configuration.area.update"; - const AREA_DELETE = "admin.configuration.area.delete"; + const AREA = "admin.configuration.area"; - const ATTRIBUTE_VIEW = "admin.configuration.attribute.view"; - const ATTRIBUTE_CREATE = "admin.configuration.attribute.create"; - const ATTRIBUTE_UPDATE = "admin.configuration.attribute.update"; - const ATTRIBUTE_DELETE = "admin.configuration.attribute.delete"; + const ATTRIBUTE = "admin.configuration.attribute"; - const CATEGORY_VIEW = "admin.category.view"; - const CATEGORY_CREATE = "admin.category.create"; - const CATEGORY_UPDATE = "admin.category.update"; - const CATEGORY_DELETE = "admin.category.delete"; + const CATEGORY = "admin.category"; - const CONFIG_VIEW = "admin.configuration.view"; - const CONFIG_CREATE = "admin.configuration.create"; - const CONFIG_UPDATE = "admin.configuration.update"; - const CONFIG_DELETE = "admin.configuration.delete"; + const CONFIG = "admin.configuration"; - const CONTENT_VIEW = "admin.content.view"; - const CONTENT_CREATE = "admin.content.create"; - const CONTENT_UPDATE = "admin.content.update"; - const CONTENT_DELETE = "admin.content.delete"; + const CONTENT = "admin.content"; - const COUNTRY_VIEW = "admin.configuration.country.view"; - const COUNTRY_CREATE = "admin.configuration.country.create"; - const COUNTRY_UPDATE = "admin.configuration.country.update"; - const COUNTRY_DELETE = "admin.configuration.country.delete"; + const COUNTRY = "admin.configuration.country"; - const COUPON_VIEW = "admin.coupon.view"; - const COUPON_CREATE = "admin.coupon.create"; - const COUPON_UPDATE = "admin.coupon.update"; - const COUPON_DELETE = "admin.coupon.delete"; + const COUPON = "admin.coupon"; - const CURRENCY_VIEW = "admin.configuration.currency.view"; - const CURRENCY_CREATE = "admin.configuration.currency.create"; - const CURRENCY_UPDATE = "admin.configuration.currency.update"; - const CURRENCY_DELETE = "admin.configuration.currency.delete"; + const CURRENCY = "admin.configuration.currency"; - const CUSTOMER_VIEW = "admin.customer.view"; - const CUSTOMER_CREATE = "admin.customer.create"; - const CUSTOMER_UPDATE = "admin.customer.update"; - const CUSTOMER_DELETE = "admin.customer.delete"; + const CUSTOMER = "admin.customer"; - const FEATURE_VIEW = "admin.configuration.feature.view"; - const FEATURE_CREATE = "admin.configuration.feature.create"; - const FEATURE_UPDATE = "admin.configuration.feature.update"; - const FEATURE_DELETE = "admin.configuration.feature.delete"; + const FEATURE = "admin.configuration.feature"; - const FOLDER_VIEW = "admin.folder.view"; - const FOLDER_CREATE = "admin.folder.create"; - const FOLDER_UPDATE = "admin.folder.update"; - const FOLDER_DELETE = "admin.folder.delete"; + const FOLDER = "admin.folder"; - const LANGUAGE_VIEW = "admin.configuration.language.view"; - const LANGUAGE_CREATE = "admin.configuration.language.create"; - const LANGUAGE_UPDATE = "admin.configuration.language.update"; - const LANGUAGE_DELETE = "admin.configuration.language.delete"; + const LANGUAGE = "admin.configuration.language"; - const MAILING_SYSTEM_VIEW = "admin.configuration.mailing-system.view"; - const MAILING_SYSTEM_CREATE = "admin.configuration.mailing-system.create"; - const MAILING_SYSTEM_UPDATE = "admin.configuration.mailing-system.update"; - const MAILING_SYSTEM_DELETE = "admin.configuration.mailing-system.delete"; + const MAILING_SYSTEM = "admin.configuration.mailing-system"; - const MESSAGE_VIEW = "admin.configuration.message.view"; - const MESSAGE_CREATE = "admin.configuration.message.create"; - const MESSAGE_UPDATE = "admin.configuration.message.update"; - const MESSAGE_DELETE = "admin.configuration.message.delete"; + const MESSAGE = "admin.configuration.message"; - const MODULE_VIEW = "admin.configuration.module.view"; - const MODULE_CREATE = "admin.configuration.module.create"; - const MODULE_UPDATE = "admin.configuration.module.update"; - const MODULE_DELETE = "admin.configuration.module.delete"; + const MODULE = "admin.configuration.module"; - const ORDER_VIEW = "admin.order.view"; - const ORDER_CREATE = "admin.order.create"; - const ORDER_UPDATE = "admin.order.update"; - const ORDER_DELETE = "admin.order.delete"; + const ORDER = "admin.order"; - const PRODUCT_VIEW = "admin.product.view"; - const PRODUCT_CREATE = "admin.product.create"; - const PRODUCT_UPDATE = "admin.product.update"; - const PRODUCT_DELETE = "admin.product.delete"; + const PRODUCT = "admin.product"; - const PROFILE_VIEW = "admin.configuration.profile.view"; - const PROFILE_CREATE = "admin.configuration.profile.create"; - const PROFILE_UPDATE = "admin.configuration.profile.update"; - const PROFILE_DELETE = "admin.configuration.profile.delete"; + const PROFILE = "admin.configuration.profile"; - const SHIPPING_ZONE_VIEW = "admin.configuration.shipping-zone.view"; - const SHIPPING_ZONE_CREATE = "admin.configuration.shipping-zone.create"; - const SHIPPING_ZONE_UPDATE = "admin.configuration.shipping-zone.update"; - const SHIPPING_ZONE_DELETE = "admin.configuration.shipping-zone.delete"; + const SHIPPING_ZONE = "admin.configuration.shipping-zone"; - const TAX_VIEW = "admin.configuration.tax.view"; - const TAX_CREATE = "admin.configuration.tax.create"; - const TAX_UPDATE = "admin.configuration.tax.update"; - const TAX_DELETE = "admin.configuration.tax.delete"; + const TAX = "admin.configuration.tax"; - const TEMPLATE_VIEW = "admin.configuration.template.view"; - const TEMPLATE_CREATE = "admin.configuration.template.create"; - const TEMPLATE_UPDATE = "admin.configuration.template.update"; - const TEMPLATE_DELETE = "admin.configuration.template.delete"; + const TEMPLATE = "admin.configuration.template"; } diff --git a/core/lib/Thelia/Core/Security/SecurityContext.php b/core/lib/Thelia/Core/Security/SecurityContext.php index 1dc216dd7..087df8810 100755 --- a/core/lib/Thelia/Core/Security/SecurityContext.php +++ b/core/lib/Thelia/Core/Security/SecurityContext.php @@ -24,7 +24,7 @@ namespace Thelia\Core\Security; use Propel\Runtime\ActiveQuery\Criteria; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; use Thelia\Core\Security\User\UserInterface; use Thelia\Core\HttpFoundation\Request; use Thelia\Model\ProfileQuery; @@ -126,12 +126,8 @@ class SecurityContext * * @return Boolean */ - final public function isGranted(array $roles, array $permissions) + final public function isGranted(array $roles, array $resources, array $accesses) { - if (empty($permissions)) { - return true; - } - // Find a user which matches the required roles. $user = $this->getCustomerUser(); @@ -147,7 +143,11 @@ class SecurityContext return false; } - if( !method_exists($user, 'getProfileId') ) { + if (empty($resources) || empty($accesses)) { + return true; + } + + if( !method_exists($user, 'getPermissions') ) { return false; } @@ -157,14 +157,22 @@ class SecurityContext return true; } - foreach($permissions as $permission) { - if($permission === '') { + foreach($resources as $resource) { + if($resource === '') { continue; } - if(! in_array($permission, $userPermissions)) { + $resource = strtolower($resource); + + if(!array_key_exists($resource, $userPermissions)) { return false; } + + foreach($accesses as $access) { + if(!$userPermissions[$resource]->can($access)) { + return false; + } + } } return true; diff --git a/core/lib/Thelia/Core/Template/Loop/Auth.php b/core/lib/Thelia/Core/Template/Loop/Auth.php index ff9f3cfd3..f5691cbd6 100755 --- a/core/lib/Thelia/Core/Template/Loop/Auth.php +++ b/core/lib/Thelia/Core/Template/Loop/Auth.php @@ -29,6 +29,9 @@ use Thelia\Core\Template\Element\LoopResultRow; use Thelia\Core\Template\Loop\Argument\ArgumentCollection; use Thelia\Core\Template\Loop\Argument\Argument; +use Thelia\Type\AlphaNumStringListType; +use Thelia\Type\EnumListType; +use Thelia\Type\TypeCollection; /** * @@ -41,40 +44,45 @@ class Auth extends BaseLoop public function getArgDefinitions() { return new ArgumentCollection( - Argument::createAnyTypeArgument('roles', null, true), - Argument::createAnyTypeArgument('permissions'), + new Argument( + 'roles', + new TypeCollection( + new AlphaNumStringListType() + ), + null, + true + ), + new Argument( + 'resource', + new TypeCollection( + new AlphaNumStringListType() + ) + ), + new Argument( + 'access', + new TypeCollection( + new EnumListType(array("view", "create", "update", "delete")) + ) + ), Argument::createAnyTypeArgument('context', 'front', false) ); } - private function _explode($commaSeparatedValues) - { - - $array = explode(',', $commaSeparatedValues); - - if (array_walk($array, function(&$item) { - $item = strtoupper(trim($item)); - })) { - return $array; - } - - return array(); - } - /** + * @param $pagination * - * - * @return \Thelia\Core\Template\Element\LoopResult + * @return LoopResult */ public function exec(&$pagination) { - $roles = $this->_explode($this->getRoles()); - $permissions = $this->_explode($this->getPermissions()); + $roles = $this->getRoles(); + $resource = $this->getResource(); + $access = $this->getAccess(); $loopResult = new LoopResult(); try { - if (true === $this->securityContext->isGranted($roles, $permissions == null ? array() : $permissions)) { + if (true === $this->securityContext->isGranted($roles, $resource === null ? array() : $resource, $access === null ? array() : $access)) { // Create an empty row: loop is no longer empty :) $loopResult->addRow(new LoopResultRow()); diff --git a/core/lib/Thelia/Core/Template/Smarty/AbstractSmartyPlugin.php b/core/lib/Thelia/Core/Template/Smarty/AbstractSmartyPlugin.php index 8a7cace29..8ef21f51e 100755 --- a/core/lib/Thelia/Core/Template/Smarty/AbstractSmartyPlugin.php +++ b/core/lib/Thelia/Core/Template/Smarty/AbstractSmartyPlugin.php @@ -40,6 +40,10 @@ abstract class AbstractSmartyPlugin */ protected function _explode($commaSeparatedValues) { + if(null === $commaSeparatedValues) { + return array(); + } + $array = explode(',', $commaSeparatedValues); if (array_walk($array, function(&$item) { diff --git a/core/lib/Thelia/Core/Template/Smarty/Plugins/AdminUtilities.php b/core/lib/Thelia/Core/Template/Smarty/Plugins/AdminUtilities.php index a56bbff1c..244d09166 100644 --- a/core/lib/Thelia/Core/Template/Smarty/Plugins/AdminUtilities.php +++ b/core/lib/Thelia/Core/Template/Smarty/Plugins/AdminUtilities.php @@ -45,7 +45,8 @@ class AdminUtilities extends AbstractSmartyPlugin public function generatePositionChangeBlock($params, &$smarty) { // The required permissions - $permission = $this->getParam($params, 'permission'); + $resource = $this->getParam($params, 'resource'); + $access = $this->getParam($params, 'access'); // The base position change path $path = $this->getParam($params, 'path'); @@ -68,7 +69,7 @@ class AdminUtilities extends AbstractSmartyPlugin */ - if ($permissions == null || $this->securityContext->isGranted("ADMIN", array($permission))) { + if ($permissions == null || $this->securityContext->isGranted("ADMIN", array($resource), array($access))) { return sprintf( '%s', URL::getInstance()->absoluteUrl($path, array('mode' => 'up', $url_parameter => $id)), diff --git a/core/lib/Thelia/Core/Template/Smarty/Plugins/Security.php b/core/lib/Thelia/Core/Template/Smarty/Plugins/Security.php index b6e31aef0..4f8b0ccc2 100755 --- a/core/lib/Thelia/Core/Template/Smarty/Plugins/Security.php +++ b/core/lib/Thelia/Core/Template/Smarty/Plugins/Security.php @@ -53,14 +53,15 @@ class Security extends AbstractSmartyPlugin */ public function checkAuthFunction($params, &$smarty) { - $roles = $this->_explode($this->getParam($params, 'roles')); - $permissions = $this->_explode($this->getParam($params, 'permissions')); + $roles = $this->_explode($this->getParam($params, 'role')); + $resources = $this->_explode($this->getParam($params, 'resource')); + $accesses = $this->_explode($this->getParam($params, 'access')); - if (! $this->securityContext->isGranted($roles, $permissions)) { + if (! $this->securityContext->isGranted($roles, $resources, $accesses)) { $ex = new AuthenticationException( - sprintf("User not granted for roles '%s', permissions '%s' in context '%s'.", - implode(',', $roles), implode(',', $permissions), $context + sprintf("User not granted for roles '%s', to access resources '%s' with %s in context '%s'.", + implode(',', $roles), implode(',', $resources), implode(',', $accesses), $context ) ); diff --git a/core/lib/Thelia/Model/Admin.php b/core/lib/Thelia/Model/Admin.php index d4fa2a02d..1c13ea6f1 100755 --- a/core/lib/Thelia/Model/Admin.php +++ b/core/lib/Thelia/Model/Admin.php @@ -3,7 +3,8 @@ namespace Thelia\Model; use Propel\Runtime\ActiveQuery\Criteria; -use Thelia\Core\Event\AdminResources; +use Thelia\Core\Security\Resource\AdminResources; +use Thelia\Core\Security\AccessManager; use Thelia\Core\Security\User\UserInterface; use Thelia\Core\Security\Role\Role; @@ -39,7 +40,7 @@ class Admin extends BaseAdmin implements UserInterface $userPermissions = array(); foreach($userPermissionsQuery as $userPermission) { - $userPermissions[] = $userPermission->getVirtualColumn('code'); + $userPermissions[$userPermission->getVirtualColumn('code')] = new AccessManager($userPermission->getAccess()); } return $userPermissions; diff --git a/core/lib/Thelia/Model/Base/ProfileResource.php b/core/lib/Thelia/Model/Base/ProfileResource.php index 9f3d246fc..bd62a76af 100644 --- a/core/lib/Thelia/Model/Base/ProfileResource.php +++ b/core/lib/Thelia/Model/Base/ProfileResource.php @@ -77,18 +77,11 @@ abstract class ProfileResource implements ActiveRecordInterface protected $resource_id; /** - * The value for the read field. + * The value for the access field. * Note: this column has a database default value of: 0 * @var int */ - protected $read; - - /** - * The value for the write field. - * Note: this column has a database default value of: 0 - * @var int - */ - protected $write; + protected $access; /** * The value for the created_at field. @@ -128,8 +121,7 @@ abstract class ProfileResource implements ActiveRecordInterface */ public function applyDefaultValues() { - $this->read = 0; - $this->write = 0; + $this->access = 0; } /** @@ -426,25 +418,14 @@ abstract class ProfileResource implements ActiveRecordInterface } /** - * Get the [read] column value. + * Get the [access] column value. * * @return int */ - public function getRead() + public function getAccess() { - return $this->read; - } - - /** - * Get the [write] column value. - * - * @return int - */ - public function getWrite() - { - - return $this->write; + return $this->access; } /** @@ -559,46 +540,25 @@ abstract class ProfileResource implements ActiveRecordInterface } // setResourceId() /** - * Set the value of [read] column. + * Set the value of [access] column. * * @param int $v new value * @return \Thelia\Model\ProfileResource The current object (for fluent API support) */ - public function setRead($v) + public function setAccess($v) { if ($v !== null) { $v = (int) $v; } - if ($this->read !== $v) { - $this->read = $v; - $this->modifiedColumns[] = ProfileResourceTableMap::READ; + if ($this->access !== $v) { + $this->access = $v; + $this->modifiedColumns[] = ProfileResourceTableMap::ACCESS; } return $this; - } // setRead() - - /** - * Set the value of [write] column. - * - * @param int $v new value - * @return \Thelia\Model\ProfileResource The current object (for fluent API support) - */ - public function setWrite($v) - { - if ($v !== null) { - $v = (int) $v; - } - - if ($this->write !== $v) { - $this->write = $v; - $this->modifiedColumns[] = ProfileResourceTableMap::WRITE; - } - - - return $this; - } // setWrite() + } // setAccess() /** * Sets the value of [created_at] column to a normalized version of the date/time value specified. @@ -652,11 +612,7 @@ abstract class ProfileResource implements ActiveRecordInterface */ public function hasOnlyDefaultValues() { - if ($this->read !== 0) { - return false; - } - - if ($this->write !== 0) { + if ($this->access !== 0) { return false; } @@ -696,19 +652,16 @@ abstract class ProfileResource implements ActiveRecordInterface $col = $row[TableMap::TYPE_NUM == $indexType ? 2 + $startcol : ProfileResourceTableMap::translateFieldName('ResourceId', TableMap::TYPE_PHPNAME, $indexType)]; $this->resource_id = (null !== $col) ? (int) $col : null; - $col = $row[TableMap::TYPE_NUM == $indexType ? 3 + $startcol : ProfileResourceTableMap::translateFieldName('Read', TableMap::TYPE_PHPNAME, $indexType)]; - $this->read = (null !== $col) ? (int) $col : null; + $col = $row[TableMap::TYPE_NUM == $indexType ? 3 + $startcol : ProfileResourceTableMap::translateFieldName('Access', TableMap::TYPE_PHPNAME, $indexType)]; + $this->access = (null !== $col) ? (int) $col : null; - $col = $row[TableMap::TYPE_NUM == $indexType ? 4 + $startcol : ProfileResourceTableMap::translateFieldName('Write', TableMap::TYPE_PHPNAME, $indexType)]; - $this->write = (null !== $col) ? (int) $col : null; - - $col = $row[TableMap::TYPE_NUM == $indexType ? 5 + $startcol : ProfileResourceTableMap::translateFieldName('CreatedAt', TableMap::TYPE_PHPNAME, $indexType)]; + $col = $row[TableMap::TYPE_NUM == $indexType ? 4 + $startcol : ProfileResourceTableMap::translateFieldName('CreatedAt', TableMap::TYPE_PHPNAME, $indexType)]; if ($col === '0000-00-00 00:00:00') { $col = null; } $this->created_at = (null !== $col) ? PropelDateTime::newInstance($col, null, '\DateTime') : null; - $col = $row[TableMap::TYPE_NUM == $indexType ? 6 + $startcol : ProfileResourceTableMap::translateFieldName('UpdatedAt', TableMap::TYPE_PHPNAME, $indexType)]; + $col = $row[TableMap::TYPE_NUM == $indexType ? 5 + $startcol : ProfileResourceTableMap::translateFieldName('UpdatedAt', TableMap::TYPE_PHPNAME, $indexType)]; if ($col === '0000-00-00 00:00:00') { $col = null; } @@ -721,7 +674,7 @@ abstract class ProfileResource implements ActiveRecordInterface $this->ensureConsistency(); } - return $startcol + 7; // 7 = ProfileResourceTableMap::NUM_HYDRATE_COLUMNS. + return $startcol + 6; // 6 = ProfileResourceTableMap::NUM_HYDRATE_COLUMNS. } catch (Exception $e) { throw new PropelException("Error populating \Thelia\Model\ProfileResource object", 0, $e); @@ -977,11 +930,8 @@ abstract class ProfileResource implements ActiveRecordInterface if ($this->isColumnModified(ProfileResourceTableMap::RESOURCE_ID)) { $modifiedColumns[':p' . $index++] = 'RESOURCE_ID'; } - if ($this->isColumnModified(ProfileResourceTableMap::READ)) { - $modifiedColumns[':p' . $index++] = 'READ'; - } - if ($this->isColumnModified(ProfileResourceTableMap::WRITE)) { - $modifiedColumns[':p' . $index++] = 'WRITE'; + if ($this->isColumnModified(ProfileResourceTableMap::ACCESS)) { + $modifiedColumns[':p' . $index++] = 'ACCESS'; } if ($this->isColumnModified(ProfileResourceTableMap::CREATED_AT)) { $modifiedColumns[':p' . $index++] = 'CREATED_AT'; @@ -1009,11 +959,8 @@ abstract class ProfileResource implements ActiveRecordInterface case 'RESOURCE_ID': $stmt->bindValue($identifier, $this->resource_id, PDO::PARAM_INT); break; - case 'READ': - $stmt->bindValue($identifier, $this->read, PDO::PARAM_INT); - break; - case 'WRITE': - $stmt->bindValue($identifier, $this->write, PDO::PARAM_INT); + case 'ACCESS': + $stmt->bindValue($identifier, $this->access, PDO::PARAM_INT); break; case 'CREATED_AT': $stmt->bindValue($identifier, $this->created_at ? $this->created_at->format("Y-m-d H:i:s") : null, PDO::PARAM_STR); @@ -1093,15 +1040,12 @@ abstract class ProfileResource implements ActiveRecordInterface return $this->getResourceId(); break; case 3: - return $this->getRead(); + return $this->getAccess(); break; case 4: - return $this->getWrite(); - break; - case 5: return $this->getCreatedAt(); break; - case 6: + case 5: return $this->getUpdatedAt(); break; default: @@ -1136,10 +1080,9 @@ abstract class ProfileResource implements ActiveRecordInterface $keys[0] => $this->getId(), $keys[1] => $this->getProfileId(), $keys[2] => $this->getResourceId(), - $keys[3] => $this->getRead(), - $keys[4] => $this->getWrite(), - $keys[5] => $this->getCreatedAt(), - $keys[6] => $this->getUpdatedAt(), + $keys[3] => $this->getAccess(), + $keys[4] => $this->getCreatedAt(), + $keys[5] => $this->getUpdatedAt(), ); $virtualColumns = $this->virtualColumns; foreach ($virtualColumns as $key => $virtualColumn) { @@ -1197,15 +1140,12 @@ abstract class ProfileResource implements ActiveRecordInterface $this->setResourceId($value); break; case 3: - $this->setRead($value); + $this->setAccess($value); break; case 4: - $this->setWrite($value); - break; - case 5: $this->setCreatedAt($value); break; - case 6: + case 5: $this->setUpdatedAt($value); break; } // switch() @@ -1235,10 +1175,9 @@ abstract class ProfileResource implements ActiveRecordInterface if (array_key_exists($keys[0], $arr)) $this->setId($arr[$keys[0]]); if (array_key_exists($keys[1], $arr)) $this->setProfileId($arr[$keys[1]]); if (array_key_exists($keys[2], $arr)) $this->setResourceId($arr[$keys[2]]); - if (array_key_exists($keys[3], $arr)) $this->setRead($arr[$keys[3]]); - if (array_key_exists($keys[4], $arr)) $this->setWrite($arr[$keys[4]]); - if (array_key_exists($keys[5], $arr)) $this->setCreatedAt($arr[$keys[5]]); - if (array_key_exists($keys[6], $arr)) $this->setUpdatedAt($arr[$keys[6]]); + if (array_key_exists($keys[3], $arr)) $this->setAccess($arr[$keys[3]]); + if (array_key_exists($keys[4], $arr)) $this->setCreatedAt($arr[$keys[4]]); + if (array_key_exists($keys[5], $arr)) $this->setUpdatedAt($arr[$keys[5]]); } /** @@ -1253,8 +1192,7 @@ abstract class ProfileResource implements ActiveRecordInterface if ($this->isColumnModified(ProfileResourceTableMap::ID)) $criteria->add(ProfileResourceTableMap::ID, $this->id); if ($this->isColumnModified(ProfileResourceTableMap::PROFILE_ID)) $criteria->add(ProfileResourceTableMap::PROFILE_ID, $this->profile_id); if ($this->isColumnModified(ProfileResourceTableMap::RESOURCE_ID)) $criteria->add(ProfileResourceTableMap::RESOURCE_ID, $this->resource_id); - if ($this->isColumnModified(ProfileResourceTableMap::READ)) $criteria->add(ProfileResourceTableMap::READ, $this->read); - if ($this->isColumnModified(ProfileResourceTableMap::WRITE)) $criteria->add(ProfileResourceTableMap::WRITE, $this->write); + if ($this->isColumnModified(ProfileResourceTableMap::ACCESS)) $criteria->add(ProfileResourceTableMap::ACCESS, $this->access); if ($this->isColumnModified(ProfileResourceTableMap::CREATED_AT)) $criteria->add(ProfileResourceTableMap::CREATED_AT, $this->created_at); if ($this->isColumnModified(ProfileResourceTableMap::UPDATED_AT)) $criteria->add(ProfileResourceTableMap::UPDATED_AT, $this->updated_at); @@ -1332,8 +1270,7 @@ abstract class ProfileResource implements ActiveRecordInterface { $copyObj->setProfileId($this->getProfileId()); $copyObj->setResourceId($this->getResourceId()); - $copyObj->setRead($this->getRead()); - $copyObj->setWrite($this->getWrite()); + $copyObj->setAccess($this->getAccess()); $copyObj->setCreatedAt($this->getCreatedAt()); $copyObj->setUpdatedAt($this->getUpdatedAt()); if ($makeNew) { @@ -1474,8 +1411,7 @@ abstract class ProfileResource implements ActiveRecordInterface $this->id = null; $this->profile_id = null; $this->resource_id = null; - $this->read = null; - $this->write = null; + $this->access = null; $this->created_at = null; $this->updated_at = null; $this->alreadyInSave = false; diff --git a/core/lib/Thelia/Model/Base/ProfileResourceQuery.php b/core/lib/Thelia/Model/Base/ProfileResourceQuery.php index 23794538f..ba4fca82d 100644 --- a/core/lib/Thelia/Model/Base/ProfileResourceQuery.php +++ b/core/lib/Thelia/Model/Base/ProfileResourceQuery.php @@ -24,16 +24,14 @@ use Thelia\Model\Map\ProfileResourceTableMap; * @method ChildProfileResourceQuery orderById($order = Criteria::ASC) Order by the id column * @method ChildProfileResourceQuery orderByProfileId($order = Criteria::ASC) Order by the profile_id column * @method ChildProfileResourceQuery orderByResourceId($order = Criteria::ASC) Order by the resource_id column - * @method ChildProfileResourceQuery orderByRead($order = Criteria::ASC) Order by the read column - * @method ChildProfileResourceQuery orderByWrite($order = Criteria::ASC) Order by the write column + * @method ChildProfileResourceQuery orderByAccess($order = Criteria::ASC) Order by the access column * @method ChildProfileResourceQuery orderByCreatedAt($order = Criteria::ASC) Order by the created_at column * @method ChildProfileResourceQuery orderByUpdatedAt($order = Criteria::ASC) Order by the updated_at column * * @method ChildProfileResourceQuery groupById() Group by the id column * @method ChildProfileResourceQuery groupByProfileId() Group by the profile_id column * @method ChildProfileResourceQuery groupByResourceId() Group by the resource_id column - * @method ChildProfileResourceQuery groupByRead() Group by the read column - * @method ChildProfileResourceQuery groupByWrite() Group by the write column + * @method ChildProfileResourceQuery groupByAccess() Group by the access column * @method ChildProfileResourceQuery groupByCreatedAt() Group by the created_at column * @method ChildProfileResourceQuery groupByUpdatedAt() Group by the updated_at column * @@ -55,16 +53,14 @@ use Thelia\Model\Map\ProfileResourceTableMap; * @method ChildProfileResource findOneById(int $id) Return the first ChildProfileResource filtered by the id column * @method ChildProfileResource findOneByProfileId(int $profile_id) Return the first ChildProfileResource filtered by the profile_id column * @method ChildProfileResource findOneByResourceId(int $resource_id) Return the first ChildProfileResource filtered by the resource_id column - * @method ChildProfileResource findOneByRead(int $read) Return the first ChildProfileResource filtered by the read column - * @method ChildProfileResource findOneByWrite(int $write) Return the first ChildProfileResource filtered by the write column + * @method ChildProfileResource findOneByAccess(int $access) Return the first ChildProfileResource filtered by the access column * @method ChildProfileResource findOneByCreatedAt(string $created_at) Return the first ChildProfileResource filtered by the created_at column * @method ChildProfileResource findOneByUpdatedAt(string $updated_at) Return the first ChildProfileResource filtered by the updated_at column * * @method array findById(int $id) Return ChildProfileResource objects filtered by the id column * @method array findByProfileId(int $profile_id) Return ChildProfileResource objects filtered by the profile_id column * @method array findByResourceId(int $resource_id) Return ChildProfileResource objects filtered by the resource_id column - * @method array findByRead(int $read) Return ChildProfileResource objects filtered by the read column - * @method array findByWrite(int $write) Return ChildProfileResource objects filtered by the write column + * @method array findByAccess(int $access) Return ChildProfileResource objects filtered by the access column * @method array findByCreatedAt(string $created_at) Return ChildProfileResource objects filtered by the created_at column * @method array findByUpdatedAt(string $updated_at) Return ChildProfileResource objects filtered by the updated_at column * @@ -155,7 +151,7 @@ abstract class ProfileResourceQuery extends ModelCriteria */ protected function findPkSimple($key, $con) { - $sql = 'SELECT ID, PROFILE_ID, RESOURCE_ID, READ, WRITE, CREATED_AT, UPDATED_AT FROM profile_resource WHERE ID = :p0 AND PROFILE_ID = :p1 AND RESOURCE_ID = :p2'; + $sql = 'SELECT ID, PROFILE_ID, RESOURCE_ID, ACCESS, CREATED_AT, UPDATED_AT FROM profile_resource WHERE ID = :p0 AND PROFILE_ID = :p1 AND RESOURCE_ID = :p2'; try { $stmt = $con->prepare($sql); $stmt->bindValue(':p0', $key[0], PDO::PARAM_INT); @@ -388,16 +384,16 @@ abstract class ProfileResourceQuery extends ModelCriteria } /** - * Filter the query on the read column + * Filter the query on the access column * * Example usage: * - * $query->filterByRead(1234); // WHERE read = 1234 - * $query->filterByRead(array(12, 34)); // WHERE read IN (12, 34) - * $query->filterByRead(array('min' => 12)); // WHERE read > 12 + * $query->filterByAccess(1234); // WHERE access = 1234 + * $query->filterByAccess(array(12, 34)); // WHERE access IN (12, 34) + * $query->filterByAccess(array('min' => 12)); // WHERE access > 12 * * - * @param mixed $read The value to use as filter. + * @param mixed $access The value to use as filter. * Use scalar values for equality. * Use array values for in_array() equivalent. * Use associative array('min' => $minValue, 'max' => $maxValue) for intervals. @@ -405,16 +401,16 @@ abstract class ProfileResourceQuery extends ModelCriteria * * @return ChildProfileResourceQuery The current query, for fluid interface */ - public function filterByRead($read = null, $comparison = null) + public function filterByAccess($access = null, $comparison = null) { - if (is_array($read)) { + if (is_array($access)) { $useMinMax = false; - if (isset($read['min'])) { - $this->addUsingAlias(ProfileResourceTableMap::READ, $read['min'], Criteria::GREATER_EQUAL); + if (isset($access['min'])) { + $this->addUsingAlias(ProfileResourceTableMap::ACCESS, $access['min'], Criteria::GREATER_EQUAL); $useMinMax = true; } - if (isset($read['max'])) { - $this->addUsingAlias(ProfileResourceTableMap::READ, $read['max'], Criteria::LESS_EQUAL); + if (isset($access['max'])) { + $this->addUsingAlias(ProfileResourceTableMap::ACCESS, $access['max'], Criteria::LESS_EQUAL); $useMinMax = true; } if ($useMinMax) { @@ -425,48 +421,7 @@ abstract class ProfileResourceQuery extends ModelCriteria } } - return $this->addUsingAlias(ProfileResourceTableMap::READ, $read, $comparison); - } - - /** - * Filter the query on the write column - * - * Example usage: - * - * $query->filterByWrite(1234); // WHERE write = 1234 - * $query->filterByWrite(array(12, 34)); // WHERE write IN (12, 34) - * $query->filterByWrite(array('min' => 12)); // WHERE write > 12 - * - * - * @param mixed $write The value to use as filter. - * Use scalar values for equality. - * Use array values for in_array() equivalent. - * Use associative array('min' => $minValue, 'max' => $maxValue) for intervals. - * @param string $comparison Operator to use for the column comparison, defaults to Criteria::EQUAL - * - * @return ChildProfileResourceQuery The current query, for fluid interface - */ - public function filterByWrite($write = null, $comparison = null) - { - if (is_array($write)) { - $useMinMax = false; - if (isset($write['min'])) { - $this->addUsingAlias(ProfileResourceTableMap::WRITE, $write['min'], Criteria::GREATER_EQUAL); - $useMinMax = true; - } - if (isset($write['max'])) { - $this->addUsingAlias(ProfileResourceTableMap::WRITE, $write['max'], Criteria::LESS_EQUAL); - $useMinMax = true; - } - if ($useMinMax) { - return $this; - } - if (null === $comparison) { - $comparison = Criteria::IN; - } - } - - return $this->addUsingAlias(ProfileResourceTableMap::WRITE, $write, $comparison); + return $this->addUsingAlias(ProfileResourceTableMap::ACCESS, $access, $comparison); } /** diff --git a/core/lib/Thelia/Model/Map/ProfileResourceTableMap.php b/core/lib/Thelia/Model/Map/ProfileResourceTableMap.php index 4e46d9c33..5a7f1e07e 100644 --- a/core/lib/Thelia/Model/Map/ProfileResourceTableMap.php +++ b/core/lib/Thelia/Model/Map/ProfileResourceTableMap.php @@ -57,7 +57,7 @@ class ProfileResourceTableMap extends TableMap /** * The total number of columns */ - const NUM_COLUMNS = 7; + const NUM_COLUMNS = 6; /** * The number of lazy-loaded columns @@ -67,7 +67,7 @@ class ProfileResourceTableMap extends TableMap /** * The number of columns to hydrate (NUM_COLUMNS - NUM_LAZY_LOAD_COLUMNS) */ - const NUM_HYDRATE_COLUMNS = 7; + const NUM_HYDRATE_COLUMNS = 6; /** * the column name for the ID field @@ -85,14 +85,9 @@ class ProfileResourceTableMap extends TableMap const RESOURCE_ID = 'profile_resource.RESOURCE_ID'; /** - * the column name for the READ field + * the column name for the ACCESS field */ - const READ = 'profile_resource.READ'; - - /** - * the column name for the WRITE field - */ - const WRITE = 'profile_resource.WRITE'; + const ACCESS = 'profile_resource.ACCESS'; /** * the column name for the CREATED_AT field @@ -116,12 +111,12 @@ class ProfileResourceTableMap extends TableMap * e.g. self::$fieldNames[self::TYPE_PHPNAME][0] = 'Id' */ protected static $fieldNames = array ( - self::TYPE_PHPNAME => array('Id', 'ProfileId', 'ResourceId', 'Read', 'Write', 'CreatedAt', 'UpdatedAt', ), - self::TYPE_STUDLYPHPNAME => array('id', 'profileId', 'resourceId', 'read', 'write', 'createdAt', 'updatedAt', ), - self::TYPE_COLNAME => array(ProfileResourceTableMap::ID, ProfileResourceTableMap::PROFILE_ID, ProfileResourceTableMap::RESOURCE_ID, ProfileResourceTableMap::READ, ProfileResourceTableMap::WRITE, ProfileResourceTableMap::CREATED_AT, ProfileResourceTableMap::UPDATED_AT, ), - self::TYPE_RAW_COLNAME => array('ID', 'PROFILE_ID', 'RESOURCE_ID', 'READ', 'WRITE', 'CREATED_AT', 'UPDATED_AT', ), - self::TYPE_FIELDNAME => array('id', 'profile_id', 'resource_id', 'read', 'write', 'created_at', 'updated_at', ), - self::TYPE_NUM => array(0, 1, 2, 3, 4, 5, 6, ) + self::TYPE_PHPNAME => array('Id', 'ProfileId', 'ResourceId', 'Access', 'CreatedAt', 'UpdatedAt', ), + self::TYPE_STUDLYPHPNAME => array('id', 'profileId', 'resourceId', 'access', 'createdAt', 'updatedAt', ), + self::TYPE_COLNAME => array(ProfileResourceTableMap::ID, ProfileResourceTableMap::PROFILE_ID, ProfileResourceTableMap::RESOURCE_ID, ProfileResourceTableMap::ACCESS, ProfileResourceTableMap::CREATED_AT, ProfileResourceTableMap::UPDATED_AT, ), + self::TYPE_RAW_COLNAME => array('ID', 'PROFILE_ID', 'RESOURCE_ID', 'ACCESS', 'CREATED_AT', 'UPDATED_AT', ), + self::TYPE_FIELDNAME => array('id', 'profile_id', 'resource_id', 'access', 'created_at', 'updated_at', ), + self::TYPE_NUM => array(0, 1, 2, 3, 4, 5, ) ); /** @@ -131,12 +126,12 @@ class ProfileResourceTableMap extends TableMap * e.g. self::$fieldKeys[self::TYPE_PHPNAME]['Id'] = 0 */ protected static $fieldKeys = array ( - self::TYPE_PHPNAME => array('Id' => 0, 'ProfileId' => 1, 'ResourceId' => 2, 'Read' => 3, 'Write' => 4, 'CreatedAt' => 5, 'UpdatedAt' => 6, ), - self::TYPE_STUDLYPHPNAME => array('id' => 0, 'profileId' => 1, 'resourceId' => 2, 'read' => 3, 'write' => 4, 'createdAt' => 5, 'updatedAt' => 6, ), - self::TYPE_COLNAME => array(ProfileResourceTableMap::ID => 0, ProfileResourceTableMap::PROFILE_ID => 1, ProfileResourceTableMap::RESOURCE_ID => 2, ProfileResourceTableMap::READ => 3, ProfileResourceTableMap::WRITE => 4, ProfileResourceTableMap::CREATED_AT => 5, ProfileResourceTableMap::UPDATED_AT => 6, ), - self::TYPE_RAW_COLNAME => array('ID' => 0, 'PROFILE_ID' => 1, 'RESOURCE_ID' => 2, 'READ' => 3, 'WRITE' => 4, 'CREATED_AT' => 5, 'UPDATED_AT' => 6, ), - self::TYPE_FIELDNAME => array('id' => 0, 'profile_id' => 1, 'resource_id' => 2, 'read' => 3, 'write' => 4, 'created_at' => 5, 'updated_at' => 6, ), - self::TYPE_NUM => array(0, 1, 2, 3, 4, 5, 6, ) + self::TYPE_PHPNAME => array('Id' => 0, 'ProfileId' => 1, 'ResourceId' => 2, 'Access' => 3, 'CreatedAt' => 4, 'UpdatedAt' => 5, ), + self::TYPE_STUDLYPHPNAME => array('id' => 0, 'profileId' => 1, 'resourceId' => 2, 'access' => 3, 'createdAt' => 4, 'updatedAt' => 5, ), + self::TYPE_COLNAME => array(ProfileResourceTableMap::ID => 0, ProfileResourceTableMap::PROFILE_ID => 1, ProfileResourceTableMap::RESOURCE_ID => 2, ProfileResourceTableMap::ACCESS => 3, ProfileResourceTableMap::CREATED_AT => 4, ProfileResourceTableMap::UPDATED_AT => 5, ), + self::TYPE_RAW_COLNAME => array('ID' => 0, 'PROFILE_ID' => 1, 'RESOURCE_ID' => 2, 'ACCESS' => 3, 'CREATED_AT' => 4, 'UPDATED_AT' => 5, ), + self::TYPE_FIELDNAME => array('id' => 0, 'profile_id' => 1, 'resource_id' => 2, 'access' => 3, 'created_at' => 4, 'updated_at' => 5, ), + self::TYPE_NUM => array(0, 1, 2, 3, 4, 5, ) ); /** @@ -159,8 +154,7 @@ class ProfileResourceTableMap extends TableMap $this->addPrimaryKey('ID', 'Id', 'INTEGER', true, null, null); $this->addForeignPrimaryKey('PROFILE_ID', 'ProfileId', 'INTEGER' , 'profile', 'ID', true, null, null); $this->addForeignPrimaryKey('RESOURCE_ID', 'ResourceId', 'INTEGER' , 'resource', 'ID', true, null, null); - $this->addColumn('READ', 'Read', 'TINYINT', false, null, 0); - $this->addColumn('WRITE', 'Write', 'TINYINT', false, null, 0); + $this->addColumn('ACCESS', 'Access', 'INTEGER', true, null, 0); $this->addColumn('CREATED_AT', 'CreatedAt', 'TIMESTAMP', false, null, null); $this->addColumn('UPDATED_AT', 'UpdatedAt', 'TIMESTAMP', false, null, null); } // initialize() @@ -377,16 +371,14 @@ class ProfileResourceTableMap extends TableMap $criteria->addSelectColumn(ProfileResourceTableMap::ID); $criteria->addSelectColumn(ProfileResourceTableMap::PROFILE_ID); $criteria->addSelectColumn(ProfileResourceTableMap::RESOURCE_ID); - $criteria->addSelectColumn(ProfileResourceTableMap::READ); - $criteria->addSelectColumn(ProfileResourceTableMap::WRITE); + $criteria->addSelectColumn(ProfileResourceTableMap::ACCESS); $criteria->addSelectColumn(ProfileResourceTableMap::CREATED_AT); $criteria->addSelectColumn(ProfileResourceTableMap::UPDATED_AT); } else { $criteria->addSelectColumn($alias . '.ID'); $criteria->addSelectColumn($alias . '.PROFILE_ID'); $criteria->addSelectColumn($alias . '.RESOURCE_ID'); - $criteria->addSelectColumn($alias . '.READ'); - $criteria->addSelectColumn($alias . '.WRITE'); + $criteria->addSelectColumn($alias . '.ACCESS'); $criteria->addSelectColumn($alias . '.CREATED_AT'); $criteria->addSelectColumn($alias . '.UPDATED_AT'); } diff --git a/core/lib/Thelia/Type/AlphaNumStringListType.php b/core/lib/Thelia/Type/AlphaNumStringListType.php index ccf21606d..474a615db 100755 --- a/core/lib/Thelia/Type/AlphaNumStringListType.php +++ b/core/lib/Thelia/Type/AlphaNumStringListType.php @@ -38,7 +38,7 @@ class AlphaNumStringListType extends BaseType public function isValid($values) { foreach (explode(',', $values) as $value) { - if(!preg_match('#^[a-zA-Z0-9\-_]+$#', $value)) + if(!preg_match('#^[a-zA-Z0-9\-_\.]+$#', $value)) return false; } diff --git a/core/lib/Thelia/Type/AlphaNumStringType.php b/core/lib/Thelia/Type/AlphaNumStringType.php index ad9595f20..db788d4d6 100755 --- a/core/lib/Thelia/Type/AlphaNumStringType.php +++ b/core/lib/Thelia/Type/AlphaNumStringType.php @@ -37,7 +37,7 @@ class AlphaNumStringType extends BaseType public function isValid($value) { - return preg_match('#^[a-zA-Z0-9\-_]+$#', $value) ? true : false; + return preg_match('#^[a-zA-Z0-9\-_\.]+$#', $value) ? true : false; } public function getFormattedValue($value) diff --git a/install/insert.sql b/install/insert.sql index 7a5b34ca9..80ab5a844 100755 --- a/install/insert.sql +++ b/install/insert.sql @@ -1198,95 +1198,26 @@ INSERT INTO `order_status_i18n` (`id`, `locale`, `title`, `description`, `chapo` generated with command : php Thelia thelia:generate-resources --output sql */ INSERT INTO resource (`id`, `code`, `created_at`, `updated_at`) VALUES -(NULL, 'admin.address.view', NOW(), NOW()), -(NULL, 'admin.address.create', NOW(), NOW()), -(NULL, 'admin.address.update', NOW(), NOW()), -(NULL, 'admin.address.delete', NOW(), NOW()), -(NULL, 'admin.configuration.admin.view', NOW(), NOW()), -(NULL, 'admin.configuration.admin.create', NOW(), NOW()), -(NULL, 'admin.configuration.admin.update', NOW(), NOW()), -(NULL, 'admin.configuration.admin.delete', NOW(), NOW()), -(NULL, 'admin.configuration.area.view', NOW(), NOW()), -(NULL, 'admin.configuration.area.create', NOW(), NOW()), -(NULL, 'admin.configuration.area.update', NOW(), NOW()), -(NULL, 'admin.configuration.area.delete', NOW(), NOW()), -(NULL, 'admin.configuration.attribute.view', NOW(), NOW()), -(NULL, 'admin.configuration.attribute.create', NOW(), NOW()), -(NULL, 'admin.configuration.attribute.update', NOW(), NOW()), -(NULL, 'admin.configuration.attribute.delete', NOW(), NOW()), -(NULL, 'admin.category.view', NOW(), NOW()), -(NULL, 'admin.category.create', NOW(), NOW()), -(NULL, 'admin.category.update', NOW(), NOW()), -(NULL, 'admin.category.delete', NOW(), NOW()), -(NULL, 'admin.configuration.view', NOW(), NOW()), -(NULL, 'admin.configuration.create', NOW(), NOW()), -(NULL, 'admin.configuration.update', NOW(), NOW()), -(NULL, 'admin.configuration.delete', NOW(), NOW()), -(NULL, 'admin.content.view', NOW(), NOW()), -(NULL, 'admin.content.create', NOW(), NOW()), -(NULL, 'admin.content.update', NOW(), NOW()), -(NULL, 'admin.content.delete', NOW(), NOW()), -(NULL, 'admin.configuration.country.view', NOW(), NOW()), -(NULL, 'admin.configuration.country.create', NOW(), NOW()), -(NULL, 'admin.configuration.country.update', NOW(), NOW()), -(NULL, 'admin.configuration.country.delete', NOW(), NOW()), -(NULL, 'admin.coupon.view', NOW(), NOW()), -(NULL, 'admin.coupon.create', NOW(), NOW()), -(NULL, 'admin.coupon.update', NOW(), NOW()), -(NULL, 'admin.coupon.delete', NOW(), NOW()), -(NULL, 'admin.configuration.currency.view', NOW(), NOW()), -(NULL, 'admin.configuration.currency.create', NOW(), NOW()), -(NULL, 'admin.configuration.currency.update', NOW(), NOW()), -(NULL, 'admin.configuration.currency.delete', NOW(), NOW()), -(NULL, 'admin.customer.view', NOW(), NOW()), -(NULL, 'admin.customer.create', NOW(), NOW()), -(NULL, 'admin.customer.update', NOW(), NOW()), -(NULL, 'admin.customer.delete', NOW(), NOW()), -(NULL, 'admin.configuration.feature.view', NOW(), NOW()), -(NULL, 'admin.configuration.feature.create', NOW(), NOW()), -(NULL, 'admin.configuration.feature.update', NOW(), NOW()), -(NULL, 'admin.configuration.feature.delete', NOW(), NOW()), -(NULL, 'admin.folder.view', NOW(), NOW()), -(NULL, 'admin.folder.create', NOW(), NOW()), -(NULL, 'admin.folder.update', NOW(), NOW()), -(NULL, 'admin.folder.delete', NOW(), NOW()), -(NULL, 'admin.configuration.language.view', NOW(), NOW()), -(NULL, 'admin.configuration.language.create', NOW(), NOW()), -(NULL, 'admin.configuration.language.update', NOW(), NOW()), -(NULL, 'admin.configuration.language.delete', NOW(), NOW()), -(NULL, 'admin.configuration.mailing-system.view', NOW(), NOW()), -(NULL, 'admin.configuration.mailing-system.create', NOW(), NOW()), -(NULL, 'admin.configuration.mailing-system.update', NOW(), NOW()), -(NULL, 'admin.configuration.mailing-system.delete', NOW(), NOW()), -(NULL, 'admin.configuration.message.view', NOW(), NOW()), -(NULL, 'admin.configuration.message.create', NOW(), NOW()), -(NULL, 'admin.configuration.message.update', NOW(), NOW()), -(NULL, 'admin.configuration.message.delete', NOW(), NOW()), -(NULL, 'admin.configuration.module.view', NOW(), NOW()), -(NULL, 'admin.configuration.module.create', NOW(), NOW()), -(NULL, 'admin.configuration.module.update', NOW(), NOW()), -(NULL, 'admin.configuration.module.delete', NOW(), NOW()), -(NULL, 'admin.order.view', NOW(), NOW()), -(NULL, 'admin.order.create', NOW(), NOW()), -(NULL, 'admin.order.update', NOW(), NOW()), -(NULL, 'admin.order.delete', NOW(), NOW()), -(NULL, 'admin.product.view', NOW(), NOW()), -(NULL, 'admin.product.create', NOW(), NOW()), -(NULL, 'admin.product.update', NOW(), NOW()), -(NULL, 'admin.product.delete', NOW(), NOW()), -(NULL, 'admin.configuration.profile.view', NOW(), NOW()), -(NULL, 'admin.configuration.profile.create', NOW(), NOW()), -(NULL, 'admin.configuration.profile.update', NOW(), NOW()), -(NULL, 'admin.configuration.profile.delete', NOW(), NOW()), -(NULL, 'admin.configuration.shipping-zone.view', NOW(), NOW()), -(NULL, 'admin.configuration.shipping-zone.create', NOW(), NOW()), -(NULL, 'admin.configuration.shipping-zone.update', NOW(), NOW()), -(NULL, 'admin.configuration.shipping-zone.delete', NOW(), NOW()), -(NULL, 'admin.configuration.tax.view', NOW(), NOW()), -(NULL, 'admin.configuration.tax.create', NOW(), NOW()), -(NULL, 'admin.configuration.tax.update', NOW(), NOW()), -(NULL, 'admin.configuration.tax.delete', NOW(), NOW()), -(NULL, 'admin.configuration.template.view', NOW(), NOW()), -(NULL, 'admin.configuration.template.create', NOW(), NOW()), -(NULL, 'admin.configuration.template.update', NOW(), NOW()), -(NULL, 'admin.configuration.template.delete', NOW(), NOW()); +(NULL, 'admin.address', NOW(), NOW()), +(NULL, 'admin.configuration.admin', NOW(), NOW()), +(NULL, 'admin.configuration.area', NOW(), NOW()), +(NULL, 'admin.configuration.attribute', NOW(), NOW()), +(NULL, 'admin.category', NOW(), NOW()), +(NULL, 'admin.configuration', NOW(), NOW()), +(NULL, 'admin.content', NOW(), NOW()), +(NULL, 'admin.configuration.country', NOW(), NOW()), +(NULL, 'admin.coupon', NOW(), NOW()), +(NULL, 'admin.configuration.currency', NOW(), NOW()), +(NULL, 'admin.customer', NOW(), NOW()), +(NULL, 'admin.configuration.feature', NOW(), NOW()), +(NULL, 'admin.folder', NOW(), NOW()), +(NULL, 'admin.configuration.language', NOW(), NOW()), +(NULL, 'admin.configuration.mailing-system', NOW(), NOW()), +(NULL, 'admin.configuration.message', NOW(), NOW()), +(NULL, 'admin.configuration.module', NOW(), NOW()), +(NULL, 'admin.order', NOW(), NOW()), +(NULL, 'admin.product', NOW(), NOW()), +(NULL, 'admin.configuration.profile', NOW(), NOW()), +(NULL, 'admin.configuration.shipping-zone', NOW(), NOW()), +(NULL, 'admin.configuration.tax', NOW(), NOW()), +(NULL, 'admin.configuration.template', NOW(), NOW()) diff --git a/install/thelia.sql b/install/thelia.sql index 1e96ee783..d8e0422cd 100755 --- a/install/thelia.sql +++ b/install/thelia.sql @@ -1002,8 +1002,7 @@ CREATE TABLE `profile_resource` `id` INTEGER NOT NULL AUTO_INCREMENT, `profile_id` INTEGER NOT NULL, `resource_id` INTEGER NOT NULL, - `read` TINYINT DEFAULT 0, - `write` TINYINT DEFAULT 0, + `access` INTEGER DEFAULT 0 NOT NULL, `created_at` DATETIME, `updated_at` DATETIME, PRIMARY KEY (`id`,`profile_id`,`resource_id`), diff --git a/local/config/schema.xml b/local/config/schema.xml index 7c2cf4b97..e7f7801f1 100755 --- a/local/config/schema.xml +++ b/local/config/schema.xml @@ -776,8 +776,7 @@ - - + diff --git a/templates/admin/default/admin-layout.tpl b/templates/admin/default/admin-layout.tpl index f66cc17e1..743264d7a 100644 --- a/templates/admin/default/admin-layout.tpl +++ b/templates/admin/default/admin-layout.tpl @@ -1,7 +1,7 @@ {* -- By default, check admin login ----------------------------------------- *} {block name="check-auth"} - {check_auth roles="ADMIN" permissions="{block name="check-permissions"}{/block}" login_tpl="/admin/login"} + {check_auth role="ADMIN" resource="{block name="check-resource"}{/block}" access="{block name="check-access"}{/block}" login_tpl="/admin/login"} {/block} {* -- Define some stuff for Smarty ----------------------------------------- *} diff --git a/templates/admin/default/admin-profiles.html b/templates/admin/default/admin-profiles.html deleted file mode 100644 index b0d84b04a..000000000 --- a/templates/admin/default/admin-profiles.html +++ /dev/null @@ -1,219 +0,0 @@ -{extends file="admin-layout.tpl"} - -{block name="page-title"}{intl l='Admin profiles'}{/block} - -{block name="check-permissions"}admin.admin-profiles.view{/block} - -{block name="main-content"} -
- -
- -
- - {loop type="auth" name="can_create" roles="ADMIN" permissions="admin.admin-profiles.create"} - - - - {/loop} -
- - {module_include location='admin_profiles_top'} - -
-
-
-
-
- - - - - - - - - - - - - - - - - - - - - - - - - -
- {intl l="Profile"} -
- -
-
- - -
-
-
-
-
-
-
- -
-
-
-
-
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- {intl l="General rights"} -
{intl l="Authorization"}{intl l="Description"}{intl l="Access"}
Access to customers - Lorem ipsum dolor sit amet, consectetur adipisicing elit. Aspernatur, saepe, libero, veniam ab quod. - -
- -
-
Access to orders - Lorem ipsum dolor sit amet, consectetur adipisicing elit. Aspernatur, saepe, libero, veniam ab quod. - -
- -
-
Access to catalog - Lorem ipsum dolor sit amet, consectetur adipisicing elit. Aspernatur, saepe, libero, veniam ab quod. - -
- -
-
- -
-
-
-
-
-
- - {module_include location='admin_profiles_bottom'} - -
-
- -{* Creation dialog *} - -{form name="thelia.admin.admin-profile.creation"} - - {* Capture the dialog body, to pass it to the generic dialog *} - {capture "creation_dialog"} - - {form_hidden_fields form=$form} - - {* Be sure to get the language_id, even if the form could not be validated *} - - - {form_field form=$form field='success_url'} - {* on success, redirect to the edition page, _ID_ is replaced with the created object ID, see controller *} - - {/form_field} - - {form_field form=$form field='wording'} -
- - -
- {/form_field} - - {form_field form=$form field='name'} -
- - -
- {/form_field} - - {form_field form=$form field='description'} -
- - -
- {/form_field} - - {module_include location='admin_profile_create_form'} - - {/capture} - - {include - file = "includes/generic-create-dialog.html" - - dialog_id = "creation_dialog" - dialog_title = {intl l="Create a new admin profile"} - dialog_body = {$smarty.capture.creation_dialog nofilter} - - dialog_ok_label = {intl l="Create this admin profile"} - - form_action = {url path='/admin/configuration/admin_profile/create'} - form_enctype = {form_enctype form=$form} - form_error_message = $form_error_message - } -{/form} - -{/block} - -{block name="javascript-initialization"} - - {javascripts file='assets/js/bootstrap-switch/bootstrap-switch.js'} - - {/javascripts} - - {javascripts file='assets/js/bootstrap-select/bootstrap-select.js'} - - {/javascripts} - - {javascripts file='assets/js/main.js'} - - {/javascripts} -{/block} \ No newline at end of file diff --git a/templates/admin/default/ajax/product-related-tab.html b/templates/admin/default/ajax/product-related-tab.html index 3c909b390..24c8b71a1 100644 --- a/templates/admin/default/ajax/product-related-tab.html +++ b/templates/admin/default/ajax/product-related-tab.html @@ -90,7 +90,8 @@ {admin_position_block - permission="admin.products.edit" + resource="admin.product" + access="update" path={url path='/admin/product/update-content-position' product_id=$product_id current_tab="related"} url_parameter="content_id" in_place_edit_class="contentPositionChange" @@ -210,7 +211,8 @@ {admin_position_block - permission="admin.products.edit" + resource="admin.product" + access="update" path={url path='/admin/product/update-accessory-position' product_id=$product_id current_tab="related"} url_parameter="accessory_id" in_place_edit_class="accessoryPositionChange" diff --git a/templates/admin/default/ajax/template-attribute-list.html b/templates/admin/default/ajax/template-attribute-list.html index 7c0c2fdb9..27d4f9831 100644 --- a/templates/admin/default/ajax/template-attribute-list.html +++ b/templates/admin/default/ajax/template-attribute-list.html @@ -50,7 +50,8 @@ {admin_position_block - permission="admin.templates.edit" + resource="admin.configuration.template" + access="update" path={url path="admin/template/update-attribute-position" template_id=$template_id} url_parameter="attribute_id" in_place_edit_class="attributePositionChange" diff --git a/templates/admin/default/ajax/template-feature-list.html b/templates/admin/default/ajax/template-feature-list.html index 5c69f96ce..26b09baea 100644 --- a/templates/admin/default/ajax/template-feature-list.html +++ b/templates/admin/default/ajax/template-feature-list.html @@ -52,7 +52,8 @@ {admin_position_block - permission="admin.templates.edit" + resource="admin.configuration.template" + access="update" path={url path="/admin/template/update-feature-position" template_id=$template_id} url_parameter="feature_id" in_place_edit_class="featurePositionChange" diff --git a/templates/admin/default/attribute-edit.html b/templates/admin/default/attribute-edit.html index d15703910..1b3417ef6 100644 --- a/templates/admin/default/attribute-edit.html +++ b/templates/admin/default/attribute-edit.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Edit an attribute'}{/block} -{block name="check-permissions"}admin.configuration.attributes.edit{/block} +{block name="check-resource"}admin.configuration.attribute{/block} +{block name="check-access"}update{/block} {block name="main-content"}
@@ -133,7 +134,8 @@ {admin_position_block - permission="admin.attributes.edit" + resource="admin.configuration.attribute" + access="update" path={url path='/admin/configuration/attributes-av/update-position' attribute_id=$attribute_id} url_parameter="attributeav_id" in_place_edit_class="positionChange" diff --git a/templates/admin/default/attributes.html b/templates/admin/default/attributes.html index dd2572a2b..28a927920 100644 --- a/templates/admin/default/attributes.html +++ b/templates/admin/default/attributes.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Thelia Product Attributes'}{/block} -{block name="check-permissions"}admin.configuration.attributes.view{/block} +{block name="check-resource"}admin.configuration.attribute{/block} +{block name="check-access"}view{/block} {block name="main-content"}
@@ -86,7 +87,8 @@ {admin_position_block - permission="admin.attributes.edit" + resource="admin.configuration.attribute" + access="update" path="/admin/configuration/attributes/update-position" url_parameter="attribute_id" in_place_edit_class="positionChange" diff --git a/templates/admin/default/categories.html b/templates/admin/default/categories.html index 21161a386..89c0e6923 100755 --- a/templates/admin/default/categories.html +++ b/templates/admin/default/categories.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Categories'}{/block} -{block name="check-permissions"}admin.categories.view{/block} +{block name="check-resource"}admin.category{/block} +{block name="check-access"}view{/block} {block name="main-content"}
@@ -127,7 +128,8 @@ {admin_position_block - permission="admin.categories.edit" + resource="admin.category" + access="update" path={url path='admin/categories/update-position' category_id=$ID} url_parameter="category_id" in_place_edit_class="categoryPositionChange" @@ -294,7 +296,8 @@ {admin_position_block - permission="admin.product.edit" + resource="admin.product" + access="update" path={url path='/admin/products/update-position' product_id=$ID} url_parameter="product_id" in_place_edit_class="productPositionChange" diff --git a/templates/admin/default/category-edit.html b/templates/admin/default/category-edit.html index 78cb7b681..ceefa53bb 100755 --- a/templates/admin/default/category-edit.html +++ b/templates/admin/default/category-edit.html @@ -1,6 +1,7 @@ {extends file="admin-layout.tpl"} -{block name="check-permissions"}admin.catalog.view{/block} +{block name="check-resource"}admin.category{/block} +{block name="check-access"}update{/block} {block name="page-title"}{intl l='Edit category'}{/block} diff --git a/templates/admin/default/configuration.html b/templates/admin/default/configuration.html index f95b623da..16c09bac2 100644 --- a/templates/admin/default/configuration.html +++ b/templates/admin/default/configuration.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Configuration'}{/block} -{block name="check-permissions"}admin.configuration.view{/block} +{block name="check-resource"}admin.configuration{/block} +{block name="check-access"}view{/block} {block name="main-content"}
diff --git a/templates/admin/default/content-edit.html b/templates/admin/default/content-edit.html index a4a80acf8..c0d010287 100644 --- a/templates/admin/default/content-edit.html +++ b/templates/admin/default/content-edit.html @@ -1,6 +1,7 @@ {extends file="admin-layout.tpl"} -{block name="check-permissions"}admin.content.view{/block} +{block name="check-resource"}admin.content{/block} +{block name="check-access"}view{/block} {block name="page-title"}{intl l='Edit content'}{/block} diff --git a/templates/admin/default/countries.html b/templates/admin/default/countries.html index 6791131df..ec89063ee 100644 --- a/templates/admin/default/countries.html +++ b/templates/admin/default/countries.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Countries'}{/block} -{block name="check-permissions"}admin.configuration.countries.view{/block} +{block name="check-resource"}admin.configuration.country{/block} +{block name="check-access"}view{/block} {block name="main-content"}
diff --git a/templates/admin/default/country-edit.html b/templates/admin/default/country-edit.html index 447a6b355..524070ce4 100644 --- a/templates/admin/default/country-edit.html +++ b/templates/admin/default/country-edit.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Edit a country'}{/block} -{block name="check-permissions"}admin.configuration.countries.edit{/block} +{block name="check-resource"}admin.configuration.country{/block} +{block name="check-access"}update{/block} {block name="main-content"}
diff --git a/templates/admin/default/coupon-create.html b/templates/admin/default/coupon-create.html index a5bb21c67..f82501916 100755 --- a/templates/admin/default/coupon-create.html +++ b/templates/admin/default/coupon-create.html @@ -1,5 +1,8 @@ {extends file="admin-layout.tpl"} -{block name="check-permissions"}admin.coupon.create{/block} + +{block name="check-resource"}admin.coupon{/block} +{block name="check-access"}create{/block} + {block name="page-title"}{intl l='Create coupon'}{/block} {block name="main-content"} diff --git a/templates/admin/default/coupon-list.html b/templates/admin/default/coupon-list.html index 73b108bd6..fb4005fb1 100755 --- a/templates/admin/default/coupon-list.html +++ b/templates/admin/default/coupon-list.html @@ -1,5 +1,8 @@ {extends file="admin-layout.tpl"} -{block name="check-permissions"}admin.coupon.view{/block} + +{block name="check-resource"}admin.coupon{/block} +{block name="check-access"}view{/block} + {block name="page-title"}{intl l='Coupons'}{/block} {block name="main-content"} diff --git a/templates/admin/default/coupon-read.html b/templates/admin/default/coupon-read.html index 6143fbded..75fd7f550 100755 --- a/templates/admin/default/coupon-read.html +++ b/templates/admin/default/coupon-read.html @@ -1,5 +1,8 @@ {extends file="admin-layout.tpl"} -{block name="check-permissions"}admin.coupon.view{/block} + +{block name="check-resource"}admin.coupon{/block} +{block name="check-access"}view{/block} + {block name="page-title"}{intl l='Coupon'}{/block} {block name="main-content"} diff --git a/templates/admin/default/coupon-update.html b/templates/admin/default/coupon-update.html index be9354362..9f5730ac3 100755 --- a/templates/admin/default/coupon-update.html +++ b/templates/admin/default/coupon-update.html @@ -1,5 +1,8 @@ {extends file="admin-layout.tpl"} -{block name="check-permissions"}admin.coupon.update{/block} + +{block name="check-resource"}admin.coupon{/block} +{block name="check-access"}update{/block} + {block name="page-title"}{intl l='Update coupon'}{/block} {block name="main-content"} diff --git a/templates/admin/default/currencies.html b/templates/admin/default/currencies.html index e53d86277..aeebad06a 100644 --- a/templates/admin/default/currencies.html +++ b/templates/admin/default/currencies.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Currencies'}{/block} -{block name="check-permissions"}admin.configuration.currencies.view{/block} +{block name="check-resource"}admin.configuration.currency{/block} +{block name="check-access"}view{/block} {block name="main-content"}
@@ -137,12 +138,13 @@ {admin_position_block - permission="admin.currencies.edit" - path="/admin/configuration/currencies/update-position" - url_parameter="currency_id" - in_place_edit_class="currencyPositionChange" - position="$POSITION" - id="$ID" + resource="admin.configuration.currency" + access="update" + path="/admin/configuration/currencies/update-position" + url_parameter="currency_id" + in_place_edit_class="currencyPositionChange" + position="$POSITION" + id="$ID" } diff --git a/templates/admin/default/currency-edit.html b/templates/admin/default/currency-edit.html index 57b511903..092a4283f 100644 --- a/templates/admin/default/currency-edit.html +++ b/templates/admin/default/currency-edit.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Edit a currency'}{/block} -{block name="check-permissions"}admin.configuration.currencies.edit{/block} +{block name="check-resource"}admin.configuration.currency{/block} +{block name="check-access"}update{/block} {block name="main-content"}
diff --git a/templates/admin/default/customer-edit.html b/templates/admin/default/customer-edit.html index 69e1815f3..87b372ea5 100644 --- a/templates/admin/default/customer-edit.html +++ b/templates/admin/default/customer-edit.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Edit a customer'}{/block} -{block name="check-permissions"}admin.customer.edit{/block} +{block name="check-resource"}admin.customer{/block} +{block name="check-access"}update{/block} {block name="main-content"}
diff --git a/templates/admin/default/customers.html b/templates/admin/default/customers.html index cfa332ae4..80f5e317f 100644 --- a/templates/admin/default/customers.html +++ b/templates/admin/default/customers.html @@ -3,7 +3,8 @@ {block name="page-title"}{intl l='Customer'}{/block} -{block name="check-permissions"}admin.customer.view{/block} +{block name="check-resource"}admin.customer{/block} +{block name="check-access"}view{/block} {block name="main-content"} {assign var=customer_page value={$smarty.get.page|default:1}} diff --git a/templates/admin/default/document-edit.html b/templates/admin/default/document-edit.html index 793fd14cf..79e2607c7 100644 --- a/templates/admin/default/document-edit.html +++ b/templates/admin/default/document-edit.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Edit a document'}{/block} -{block name="check-permissions"}admin.document.edit{/block} +{block name="check-resource"}admin.document{/block} +{block name="check-access"}update{/block} {block name="main-content"}
diff --git a/templates/admin/default/feature-edit.html b/templates/admin/default/feature-edit.html index 25c2d6017..1d03e17ae 100644 --- a/templates/admin/default/feature-edit.html +++ b/templates/admin/default/feature-edit.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Edit a feature'}{/block} -{block name="check-permissions"}admin.configuration.features.edit{/block} +{block name="check-resource"}admin.configuration.feature{/block} +{block name="check-access"}update{/block} {block name="main-content"}
@@ -133,12 +134,13 @@ {admin_position_block - permission="admin.features.edit" - path={url path='/admin/configuration/features-av/update-position' feature_id=$feature_id} - url_parameter="featureav_id" - in_place_edit_class="positionChange" - position="$POSITION" - id="$ID" + resource="admin.configuration.feature" + access="update" + path={url path='/admin/configuration/features-av/update-position' feature_id=$feature_id} + url_parameter="featureav_id" + in_place_edit_class="positionChange" + position="$POSITION" + id="$ID" } diff --git a/templates/admin/default/features.html b/templates/admin/default/features.html index f58a19bc2..649f7a9a3 100644 --- a/templates/admin/default/features.html +++ b/templates/admin/default/features.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Thelia Product Features'}{/block} -{block name="check-permissions"}admin.configuration.features.view{/block} +{block name="check-resource"}admin.configuration.feature{/block} +{block name="check-access"}view{/block} {block name="main-content"}
@@ -86,12 +87,13 @@ {admin_position_block - permission="admin.features.edit" - path="/admin/configuration/features/update-position" - url_parameter="feature_id" - in_place_edit_class="positionChange" - position="$POSITION" - id="$ID" + resource="admin.configuration.feature" + access="update" + path="/admin/configuration/features/update-position" + url_parameter="feature_id" + in_place_edit_class="positionChange" + position="$POSITION" + id="$ID" } diff --git a/templates/admin/default/folder-edit.html b/templates/admin/default/folder-edit.html index 6a0b962e4..ed1c89830 100644 --- a/templates/admin/default/folder-edit.html +++ b/templates/admin/default/folder-edit.html @@ -1,6 +1,7 @@ {extends file="admin-layout.tpl"} -{block name="check-permissions"}admin.folder.view{/block} +{block name="check-resource"}admin.folder{/block} +{block name="check-access"}update{/block} {block name="page-title"}{intl l='Edit folder'}{/block} diff --git a/templates/admin/default/folders.html b/templates/admin/default/folders.html index 7a68d5bf0..ba5fc7b8b 100644 --- a/templates/admin/default/folders.html +++ b/templates/admin/default/folders.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Folders'}{/block} -{block name="check-permissions"}admin.folders.view{/block} +{block name="check-resource"}admin.folder{/block} +{block name="check-access"}view{/block} {block name="main-content"}
@@ -132,12 +133,13 @@ {admin_position_block - permission="admin.folders.edit" - path={url path='admin/folders/update-position' folder_id=$ID} - url_parameter="folder_id" - in_place_edit_class="folderPositionChange" - position=$POSITION - id=$ID + resource="admin.folder" + access="update" + path={url path='admin/folders/update-position' folder_id=$ID} + url_parameter="folder_id" + in_place_edit_class="folderPositionChange" + position=$POSITION + id=$ID } @@ -287,12 +289,13 @@ {admin_position_block - permission="admin.content.edit" - path={url path='/admin/content/update-position' content_id=$ID} - url_parameter="content_id" - in_place_edit_class="contentPositionChange" - position=$POSITION - id=$ID + resource="admin.content" + access="update" + path={url path='/admin/content/update-position' content_id=$ID} + url_parameter="content_id" + in_place_edit_class="contentPositionChange" + position=$POSITION + id=$ID } diff --git a/templates/admin/default/image-edit.html b/templates/admin/default/image-edit.html index f95d2645f..810e8b445 100644 --- a/templates/admin/default/image-edit.html +++ b/templates/admin/default/image-edit.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Edit an image'}{/block} -{block name="check-permissions"}admin.image.edit{/block} +{block name="check-resource"}admin.image{/block} +{block name="check-access"}update{/block} {block name="main-content"}
diff --git a/templates/admin/default/languages.html b/templates/admin/default/languages.html index 499e903d7..f6b259197 100644 --- a/templates/admin/default/languages.html +++ b/templates/admin/default/languages.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Thelia Languages'}{/block} -{block name="check-permissions"}admin.configuration.languages.view{/block} +{block name="check-resource"}admin.configuration.language{/block} +{block name="check-access"}view{/block} {block name="main-content"}
diff --git a/templates/admin/default/mailing-system.html b/templates/admin/default/mailing-system.html index 4f826e954..984dfd8bd 100644 --- a/templates/admin/default/mailing-system.html +++ b/templates/admin/default/mailing-system.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Thelia Mailing System'}{/block} -{block name="check-permissions"}admin.configuration.mailing-system.view{/block} +{block name="check-resource"}admin.configuration.mailing-system{/block} +{block name="check-access"}view{/block} {block name="main-content"}
diff --git a/templates/admin/default/message-edit.html b/templates/admin/default/message-edit.html index 51e97d61d..3911cf255 100644 --- a/templates/admin/default/message-edit.html +++ b/templates/admin/default/message-edit.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Edit a mailing template'}{/block} -{block name="check-permissions"}admin.configuration.messages.edit{/block} +{block name="check-resource"}admin.configuration.message{/block} +{block name="check-access"}update{/block} {block name="main-content"}
diff --git a/templates/admin/default/messages.html b/templates/admin/default/messages.html index cf2a0d9e1..48d3383f1 100644 --- a/templates/admin/default/messages.html +++ b/templates/admin/default/messages.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Thelia Mailing Templates'}{/block} -{block name="check-permissions"}admin.configuration.messages.view{/block} +{block name="check-resource"}admin.configuration.message{/block} +{block name="check-access"}view{/block} {block name="main-content"}
diff --git a/templates/admin/default/modules.html b/templates/admin/default/modules.html index 86c336a04..9f9664e22 100644 --- a/templates/admin/default/modules.html +++ b/templates/admin/default/modules.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Modules'}{/block} -{block name="check-permissions"}admin.modules.view{/block} +{block name="check-resource"}admin.configuration.module{/block} +{block name="check-access"}view{/block} {block name="main-content"}
diff --git a/templates/admin/default/order-edit.html b/templates/admin/default/order-edit.html index f05bc2a05..1d5abf358 100644 --- a/templates/admin/default/order-edit.html +++ b/templates/admin/default/order-edit.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Edit an order'}{/block} -{block name="check-permissions"}admin.order.edit{/block} +{block name="check-resource"}admin.order{/block} +{block name="check-access"}update{/block} {block name="main-content"} diff --git a/templates/admin/default/orders.html b/templates/admin/default/orders.html index 057a7610c..9edc56e9b 100644 --- a/templates/admin/default/orders.html +++ b/templates/admin/default/orders.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Orders'}{/block} -{block name="check-permissions"}admin.orders.view{/block} +{block name="check-resource"}admin.order{/block} +{block name="check-access"}view{/block} {block name="main-content"} {assign order_page {$smarty.get.page|default:1}} diff --git a/templates/admin/default/product-edit.html b/templates/admin/default/product-edit.html index 2e3ef3615..75b85c82b 100644 --- a/templates/admin/default/product-edit.html +++ b/templates/admin/default/product-edit.html @@ -1,6 +1,7 @@ {extends file="admin-layout.tpl"} -{block name="check-permissions"}admin.catalog.view{/block} +{block name="check-resource"}admin.product{/block} +{block name="check-access"}update{/block} {block name="page-title"}{intl l='Edit product'}{/block} diff --git a/templates/admin/default/profile-edit.html b/templates/admin/default/profile-edit.html index b2d5fd2a4..db3cbd0e2 100644 --- a/templates/admin/default/profile-edit.html +++ b/templates/admin/default/profile-edit.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Edit a profile'}{/block} -{block name="check-permissions"}admin.configuration.profiles.edit{/block} +{block name="check-resource"}admin.configuration.profile{/block} +{block name="check-access"}update{/block} {block name="main-content"} diff --git a/templates/admin/default/profiles.html b/templates/admin/default/profiles.html index b076413d0..3bb18be31 100644 --- a/templates/admin/default/profiles.html +++ b/templates/admin/default/profiles.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Taxes rules'}{/block} -{block name="check-permissions"}admin.profile.view{/block} +{block name="check-resource"}admin.configuration.profile{/block} +{block name="check-access"}view{/block} {block name="main-content"}
diff --git a/templates/admin/default/shipping-configuration-edit.html b/templates/admin/default/shipping-configuration-edit.html index 9e0268d0f..8c24d2ff7 100644 --- a/templates/admin/default/shipping-configuration-edit.html +++ b/templates/admin/default/shipping-configuration-edit.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Edit a shipping configuration'}{/block} -{block name="check-permissions"}admin.configuration.shipping-configuration.edit{/block} +{block name="check-resource"}admin.configuration.shipping-configuration{/block} +{block name="check-access"}update{/block} {block name="main-content"}
diff --git a/templates/admin/default/shipping-configuration.html b/templates/admin/default/shipping-configuration.html index d4c8147c2..b488b5eb1 100644 --- a/templates/admin/default/shipping-configuration.html +++ b/templates/admin/default/shipping-configuration.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Thelia Shipping configuration'}{/block} -{block name="check-permissions"}admin.configuration.shipping-configuration.view{/block} +{block name="check-resource"}admin.configuration.shipping-configuration{/block} +{block name="check-access"}view{/block} {block name="main-content"}
diff --git a/templates/admin/default/shipping-zones-edit.html b/templates/admin/default/shipping-zones-edit.html index 139e3d164..d18c4eea2 100644 --- a/templates/admin/default/shipping-zones-edit.html +++ b/templates/admin/default/shipping-zones-edit.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Edit a shipping zone'}{/block} -{block name="check-permissions"}admin.configuration.shipping-zones.edit{/block} +{block name="check-resource"}admin.configuration.shipping-zone{/block} +{block name="check-access"}update{/block} {block name="main-content"}
diff --git a/templates/admin/default/shipping-zones.html b/templates/admin/default/shipping-zones.html index 5eeed61c4..bff616cf8 100644 --- a/templates/admin/default/shipping-zones.html +++ b/templates/admin/default/shipping-zones.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Thelia Shipping zones'}{/block} -{block name="check-permissions"}admin.configuration.shipping-zones.view{/block} +{block name="check-resource"}admin.configuration.shipping-zone{/block} +{block name="check-access"}view{/block} {block name="main-content"}
diff --git a/templates/admin/default/tax-edit.html b/templates/admin/default/tax-edit.html index 556955519..03c40b0a5 100644 --- a/templates/admin/default/tax-edit.html +++ b/templates/admin/default/tax-edit.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Edit a tax'}{/block} -{block name="check-permissions"}admin.configuration.taxes.edit{/block} +{block name="check-resource"}admin.configuration.tax{/block} +{block name="check-access"}update{/block} {block name="main-content"} diff --git a/templates/admin/default/tax-rule-edit.html b/templates/admin/default/tax-rule-edit.html index 3996f4a61..0af295e63 100644 --- a/templates/admin/default/tax-rule-edit.html +++ b/templates/admin/default/tax-rule-edit.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Edit a tax rule'}{/block} -{block name="check-permissions"}admin.configuration.taxes-rules.edit{/block} +{block name="check-resource"}admin.configuration.tax{/block} +{block name="check-access"}update{/block} {block name="main-content"} diff --git a/templates/admin/default/taxes-rules.html b/templates/admin/default/taxes-rules.html index 063cf564d..0a48d18a1 100644 --- a/templates/admin/default/taxes-rules.html +++ b/templates/admin/default/taxes-rules.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Taxes rules'}{/block} -{block name="check-permissions"}admin.taxes-rules.view{/block} +{block name="check-resource"}admin.configuration.tax{/block} +{block name="check-access"}view{/block} {block name="main-content"}
diff --git a/templates/admin/default/template-edit.html b/templates/admin/default/template-edit.html index 17e48b950..f9e1fd139 100644 --- a/templates/admin/default/template-edit.html +++ b/templates/admin/default/template-edit.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Edit a template'}{/block} -{block name="check-permissions"}admin.configuration.templates.edit{/block} +{block name="check-resource"}admin.configuration.template{/block} +{block name="check-access"}update{/block} {block name="main-content"}
diff --git a/templates/admin/default/templates.html b/templates/admin/default/templates.html index 839f8b5ed..95d92d1a9 100644 --- a/templates/admin/default/templates.html +++ b/templates/admin/default/templates.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Thelia Product Templates'}{/block} -{block name="check-permissions"}admin.configuration.templates.view{/block} +{block name="check-resource"}admin.configuration.template{/block} +{block name="check-access"}view{/block} {block name="main-content"}
diff --git a/templates/admin/default/variable-edit.html b/templates/admin/default/variable-edit.html index 30d9ea7c5..dfc572ec2 100644 --- a/templates/admin/default/variable-edit.html +++ b/templates/admin/default/variable-edit.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Edit a system variable'}{/block} -{block name="check-permissions"}admin.configuration.variables.edit{/block} +{block name="check-resource"}admin.configuration.variable{/block} +{block name="check-access"}update{/block} {block name="main-content"}
diff --git a/templates/admin/default/variables.html b/templates/admin/default/variables.html index 0ce47727d..a7a2b9c09 100644 --- a/templates/admin/default/variables.html +++ b/templates/admin/default/variables.html @@ -2,7 +2,8 @@ {block name="page-title"}{intl l='Thelia System Variables'}{/block} -{block name="check-permissions"}admin.configuration.variables.view{/block} +{block name="check-resource"}admin.configuration.variable{/block} +{block name="check-access"}view{/block} {block name="main-content"}
diff --git a/templates/default/account.html b/templates/default/account.html index adbb4bf9e..50d37e7d3 100644 --- a/templates/default/account.html +++ b/templates/default/account.html @@ -1,7 +1,7 @@ {extends file="layout.tpl"} {block name="no-return-functions" prepend} - {check_auth context="front" roles="CUSTOMER" login_tpl="login"} + {check_auth context="front" role="CUSTOMER" login_tpl="login"} {/block} {* Breadcrumb *} diff --git a/templates/default/address-update.html b/templates/default/address-update.html index cd64ade1d..b2508610e 100644 --- a/templates/default/address-update.html +++ b/templates/default/address-update.html @@ -1,7 +1,7 @@ {extends file="layout.tpl"} {block name="no-return-functions"} - {check_auth context="front" roles="CUSTOMER" login_tpl="login"} + {check_auth context="front" role="CUSTOMER" login_tpl="login"} {/block} {* Body Class *} diff --git a/templates/default/address.html b/templates/default/address.html index 6b0245956..98363eb98 100644 --- a/templates/default/address.html +++ b/templates/default/address.html @@ -1,7 +1,7 @@ {extends file="layout.tpl"} {block name="no-return-functions"} - {check_auth context="front" roles="CUSTOMER" login_tpl="login"} + {check_auth context="front" role="CUSTOMER" login_tpl="login"} {/block} {* Body Class *} diff --git a/templates/default/order-delivery.html b/templates/default/order-delivery.html index ac8812fec..baf4cf9a7 100644 --- a/templates/default/order-delivery.html +++ b/templates/default/order-delivery.html @@ -1,7 +1,7 @@ {extends file="layout.tpl"} {block name="no-return-functions"} - {check_auth context="front" roles="CUSTOMER" login_tpl="login"} + {check_auth context="front" role="CUSTOMER" login_tpl="login"} {check_cart_not_empty} {/block} diff --git a/templates/default/order-invoice.html b/templates/default/order-invoice.html index 1037f0fe3..ce9b9a71a 100644 --- a/templates/default/order-invoice.html +++ b/templates/default/order-invoice.html @@ -1,7 +1,7 @@ {extends file="layout.tpl"} {block name="no-return-functions"} - {check_auth context="front" roles="CUSTOMER" login_tpl="login"} + {check_auth context="front" role="CUSTOMER" login_tpl="login"} {check_cart_not_empty} {check_valid_delivery} {/block}