TheCoreDev/sterivein
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

permission management

Browse Source
This commit is contained in:
Etienne Roudeix
2013-10-22 11:09:24 +02:00
parent cdeda0123e
commit b00f70fa24
97 changed files with 568 additions and 902 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
core/lib/Thelia/Controller/Admin/AbstractCrudController.php
View File

@@ -23,6 +23,7 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Security\AccessManager;
use Thelia\Form\Exception\FormValidationException;
use Thelia\Core\Event\UpdatePositionEvent;
@@ -40,10 +41,7 @@ abstract class AbstractCrudController extends BaseAdminController
protected $orderRequestParameterName;
// Permissions
protected $viewPermissionIdentifier;
protected $createPermissionIdentifier;
protected $updatePermissionIdentifier;
protected $deletePermissionIdentifier;
protected $resourceCode;
// Events
protected $createEventIdentifier;
@@ -58,10 +56,7 @@ abstract class AbstractCrudController extends BaseAdminController
* @param string $defaultListOrder the default object list order, or null if list is not sortable. Example: manual
* @param string $orderRequestParameterName Name of the request parameter that set the list order (null if list is not sortable)
*
* @param string $viewPermissionIdentifier the 'view' permission identifier. Example: "admin.configuration.message.view"
* @param string $createPermissionIdentifier the 'create' permission identifier. Example: "admin.configuration.message.create"
* @param string $updatePermissionIdentifier the 'update' permission identifier. Example: "admin.configuration.message.update"
* @param string $deletePermissionIdentifier the 'delete' permission identifier. Example: "admin.configuration.message.delete"
* @param string $resourceCode the 'resource' code. Example: "admin.configuration.message"
*
* @param string $createEventIdentifier the dispatched create TheliaEvent identifier. Example: TheliaEvents::MESSAGE_CREATE
* @param string $updateEventIdentifier the dispatched update TheliaEvent identifier. Example: TheliaEvents::MESSAGE_UPDATE
@@ -76,10 +71,7 @@ abstract class AbstractCrudController extends BaseAdminController
$defaultListOrder = null,
$orderRequestParameterName = null,
$viewPermissionIdentifier,
$createPermissionIdentifier,
$updatePermissionIdentifier,
$deletePermissionIdentifier,
$resourceCode,
$createEventIdentifier,
$updateEventIdentifier,
@@ -92,10 +84,7 @@ abstract class AbstractCrudController extends BaseAdminController
$this->defaultListOrder = $defaultListOrder;
$this->orderRequestParameterName = $orderRequestParameterName;
$this->viewPermissionIdentifier = $viewPermissionIdentifier;
$this->createPermissionIdentifier = $createPermissionIdentifier;
$this->updatePermissionIdentifier = $updatePermissionIdentifier;
$this->deletePermissionIdentifier = $deletePermissionIdentifier;
$this->resourceCode = $resourceCode;
$this->createEventIdentifier = $createEventIdentifier;
$this->updateEventIdentifier = $updateEventIdentifier;
@@ -278,7 +267,7 @@ abstract class AbstractCrudController extends BaseAdminController
*/
public function defaultAction()
{
if (null !== $response = $this->checkAuth($this->viewPermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::VIEW)) return $response;
return $this->renderList();
}
@@ -290,7 +279,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function createAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->createPermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::CREATE)) return $response;
$error_msg = false;
@@ -351,7 +340,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function updateAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
// Load the object
$object = $this->getExistingObject();
@@ -377,7 +366,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function processUpdateAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$error_msg = false;
@@ -442,7 +431,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function updatePositionAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
try {
$mode = $this->getRequest()->get('mode', null);
@@ -476,7 +465,7 @@ abstract class AbstractCrudController extends BaseAdminController
protected function genericUpdatePositionAction($object, $eventName, $doFinalRedirect = true)
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if ($object != null) {
@@ -510,7 +499,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function setToggleVisibilityAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$changeEvent = $this->createToggleVisibilityEvent($this->getRequest());
@@ -532,7 +521,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function deleteAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->deletePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::DELETE)) return $response;
// Get the currency id, and dispatch the delet request
$deleteEvent = $this->getDeleteEvent();

10
core/lib/Thelia/Controller/Admin/AddressController.php
View File

@@ -24,8 +24,9 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\Address\AddressCreateOrUpdateEvent;
use Thelia\Core\Event\Address\AddressEvent;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Security\AccessManager;
use Thelia\Form\AddressCreateForm;
use Thelia\Form\AddressUpdateForm;
use Thelia\Model\AddressQuery;
@@ -45,10 +46,7 @@ class AddressController extends AbstractCrudController
null,
null,
AdminResources::ADDRESS_VIEW,
AdminResources::ADDRESS_CREATE,
AdminResources::ADDRESS_UPDATE,
AdminResources::ADDRESS_DELETE,
AdminResources::ADDRESS,
TheliaEvents::ADDRESS_CREATE,
TheliaEvents::ADDRESS_UPDATE,
@@ -61,7 +59,7 @@ class AddressController extends AbstractCrudController
public function useAddressAction()
{
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$address_id = $this->getRequest()->request->get('address_id');

14
core/lib/Thelia/Controller/Admin/AreaController.php
View File

@@ -23,7 +23,7 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Area\AreaAddCountryEvent;
use Thelia\Core\Event\Area\AreaCreateEvent;
use Thelia\Core\Event\Area\AreaDeleteEvent;
@@ -31,6 +31,7 @@ use Thelia\Core\Event\Area\AreaRemoveCountryEvent;
use Thelia\Core\Event\Area\AreaUpdateEvent;
use Thelia\Core\Event\Area\AreaUpdatePostageEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Security\AccessManager;
use Thelia\Form\Area\AreaCountryForm;
use Thelia\Form\Area\AreaCreateForm;
use Thelia\Form\Area\AreaModificationForm;
@@ -53,10 +54,7 @@ class AreaController extends AbstractCrudController
null,
null,
AdminResources::AREA_VIEW,
AdminResources::AREA_CREATE,
AdminResources::AREA_UPDATE,
AdminResources::AREA_DELETE,
AdminResources::AREA,
TheliaEvents::AREA_CREATE,
TheliaEvents::AREA_UPDATE,
@@ -233,7 +231,7 @@ class AreaController extends AbstractCrudController
public function addCountry()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$areaCountryForm = new AreaCountryForm($this->getRequest());
$error_msg = null;
@@ -275,7 +273,7 @@ class AreaController extends AbstractCrudController
public function removeCountry()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$request = $this->getRequest();
$removeCountryEvent = new AreaRemoveCountryEvent($request->request->get('areai_id', 0), $request->request->get('country_id', 0));
@@ -286,7 +284,7 @@ class AreaController extends AbstractCrudController
public function updatePostageAction()
{
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$areaUpdateForm = new AreaPostageForm($this->getRequest());
$error_msg = null;

2
core/lib/Thelia/Controller/Admin/AttributeAvController.php
View File

@@ -23,7 +23,7 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Attribute\AttributeAvDeleteEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Event\Attribute\AttributeAvUpdateEvent;

10
core/lib/Thelia/Controller/Admin/AttributeController.php
View File

@@ -23,11 +23,12 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Attribute\AttributeDeleteEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Event\Attribute\AttributeUpdateEvent;
use Thelia\Core\Event\Attribute\AttributeCreateEvent;
use Thelia\Core\Security\AccessManager;
use Thelia\Model\AttributeQuery;
use Thelia\Form\AttributeModificationForm;
use Thelia\Form\AttributeCreationForm;
@@ -51,10 +52,7 @@ class AttributeController extends AbstractCrudController
'manual',
'order',
AdminResources::ATTRIBUTE_VIEW,
AdminResources::ATTRIBUTE_CREATE,
AdminResources::ATTRIBUTE_UPDATE,
AdminResources::ATTRIBUTE_DELETE,
AdminResources::ATTRIBUTE,
TheliaEvents::ATTRIBUTE_CREATE,
TheliaEvents::ATTRIBUTE_UPDATE,
@@ -254,7 +252,7 @@ class AttributeController extends AbstractCrudController
protected function addRemoveFromAllTemplates($eventType)
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
try {
if (null !== $object = $this->getExistingObject()) {

10
core/lib/Thelia/Controller/Admin/BaseAdminController.php
View File

@@ -111,16 +111,18 @@ class BaseAdminController extends BaseController
/**
* Check current admin user authorisations. An ADMIN role is assumed.
*
* @param mixed $permissions a single permission or an array of permissions.
* @param mixed $resources a single resource or an array of resources.
* @param mixed $accesses a single access or an array of accesses.
*
* @return mixed null if authorization is granted, or a Response object which contains the error page otherwise
*
*/
protected function checkAuth($permissions)
protected function checkAuth($resources, $accesses)
{
$permArr = is_array($permissions) ? $permissions : array($permissions);
$resources = is_array($resources) ? $resources : array($resources);
$accesses = is_array($accesses) ? $accesses : array($accesses);
if ($this->getSecurityContext()->isGranted(array("ADMIN"), $permArr)) {
if ($this->getSecurityContext()->isGranted(array("ADMIN"), $resources, $accesses)) {
// Okay !
return null;
}

16
core/lib/Thelia/Controller/Admin/CategoryController.php
View File

@@ -24,11 +24,12 @@
namespace Thelia\Controller\Admin;
use Symfony\Component\HttpFoundation\Response;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Category\CategoryDeleteEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Event\Category\CategoryUpdateEvent;
use Thelia\Core\Event\Category\CategoryCreateEvent;
use Thelia\Core\Security\AccessManager;
use Thelia\Model\CategoryQuery;
use Thelia\Form\CategoryModificationForm;
use Thelia\Form\CategoryCreationForm;
@@ -55,10 +56,7 @@ class CategoryController extends AbstractCrudController
'manual',
'category_order',
AdminResources::CATEGORY_VIEW,
AdminResources::CATEGORY_CREATE,
AdminResources::CATEGORY_UPDATE,
AdminResources::CATEGORY_DELETE,
AdminResources::CATEGORY,
TheliaEvents::CATEGORY_CREATE,
TheliaEvents::CATEGORY_UPDATE,
@@ -217,7 +215,7 @@ class CategoryController extends AbstractCrudController
public function setToggleVisibilityAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$event = new CategoryToggleVisibilityEvent($this->getExistingObject());
@@ -297,7 +295,7 @@ class CategoryController extends AbstractCrudController
public function addRelatedContentAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$content_id = intval($this->getRequest()->get('content_id'));
@@ -327,7 +325,7 @@ class CategoryController extends AbstractCrudController
public function addRelatedPictureAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) {
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) {
return $response;
}
@@ -355,7 +353,7 @@ class CategoryController extends AbstractCrudController
public function deleteRelatedContentAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$content_id = intval($this->getRequest()->get('content_id'));

10
core/lib/Thelia/Controller/Admin/ConfigController.php
View File

@@ -23,11 +23,12 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Config\ConfigDeleteEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Event\Config\ConfigUpdateEvent;
use Thelia\Core\Event\Config\ConfigCreateEvent;
use Thelia\Core\Security\AccessManager;
use Thelia\Model\ConfigQuery;
use Thelia\Form\ConfigModificationForm;
use Thelia\Form\ConfigCreationForm;
@@ -46,10 +47,7 @@ class ConfigController extends AbstractCrudController
'name',
'order',
AdminResources::CONFIG_VIEW,
AdminResources::CONFIG_CREATE,
AdminResources::CONFIG_UPDATE,
AdminResources::CONFIG_DELETE,
AdminResources::CONFIG,
TheliaEvents::CONFIG_CREATE,
TheliaEvents::CONFIG_UPDATE,
@@ -188,7 +186,7 @@ class ConfigController extends AbstractCrudController
public function changeValuesAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$variables = $this->getRequest()->get('variable', array());

12
core/lib/Thelia/Controller/Admin/ContentController.php
View File

@@ -22,7 +22,7 @@
/*************************************************************************************/
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Content\ContentAddFolderEvent;
use Thelia\Core\Event\Content\ContentCreateEvent;
use Thelia\Core\Event\Content\ContentDeleteEvent;
@@ -31,6 +31,7 @@ use Thelia\Core\Event\Content\ContentToggleVisibilityEvent;
use Thelia\Core\Event\Content\ContentUpdateEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Event\UpdatePositionEvent;
use Thelia\Core\Security\AccessManager;
use Thelia\Form\ContentCreationForm;
use Thelia\Form\ContentModificationForm;
use Thelia\Model\ContentQuery;
@@ -50,10 +51,7 @@ class ContentController extends AbstractCrudController
'manual',
'content_order',
AdminResources::CONTENT_VIEW,
AdminResources::CONTENT_CREATE,
AdminResources::CONTENT_UPDATE,
AdminResources::CONTENT_DELETE,
AdminResources::CONTENT,
TheliaEvents::CONTENT_CREATE,
TheliaEvents::CONTENT_UPDATE,
@@ -71,7 +69,7 @@ class ContentController extends AbstractCrudController
public function addAdditionalFolderAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$folder_id = intval($this->getRequest()->request->get('additional_folder_id'));
@@ -99,7 +97,7 @@ class ContentController extends AbstractCrudController
public function removeAdditionalFolderAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$folder_id = intval($this->getRequest()->request->get('additional_folder_id'));

10
core/lib/Thelia/Controller/Admin/CountryController.php
View File

@@ -22,12 +22,13 @@
/*************************************************************************************/
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Country\CountryCreateEvent;
use Thelia\Core\Event\Country\CountryDeleteEvent;
use Thelia\Core\Event\Country\CountryToggleDefaultEvent;
use Thelia\Core\Event\Country\CountryUpdateEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Security\AccessManager;
use Thelia\Form\CountryCreationForm;
use Thelia\Form\CountryModificationForm;
use Thelia\Model\CountryQuery;
@@ -47,10 +48,7 @@ class CountryController extends AbstractCrudController
'manual',
'country_order',
AdminResources::COUNTRY_VIEW,
AdminResources::COUNTRY_CREATE,
AdminResources::COUNTRY_UPDATE,
AdminResources::COUNTRY_DELETE,
AdminResources::COUNTRY,
TheliaEvents::COUNTRY_CREATE,
TheliaEvents::COUNTRY_UPDATE,
@@ -237,7 +235,7 @@ class CountryController extends AbstractCrudController
public function toggleDefaultAction()
{
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$content = null;
if (null !== $country_id = $this->getRequest()->get('country_id')) {
$toogleDefaultEvent = new CountryToggleDefaultEvent($country_id);

15
core/lib/Thelia/Controller/Admin/CouponController.php
View File

@@ -27,11 +27,12 @@ use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\Router;
use Thelia\Condition\ConditionFactory;
use Thelia\Condition\ConditionManagerInterface;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Condition\ConditionCreateOrUpdateEvent;
use Thelia\Core\Event\Coupon\CouponConsumeEvent;
use Thelia\Core\Event\Coupon\CouponCreateOrUpdateEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Security\AccessManager;
use Thelia\Coupon\CouponManager;
use Thelia\Coupon\ConditionCollection;
use Thelia\Coupon\Type\CouponInterface;
@@ -63,7 +64,7 @@ class CouponController extends BaseAdminController
*/
public function browseAction()
{
$this->checkAuth('ADMIN', AdminResources::COUPON_VIEW);
$this->checkAuth(AdminResources::COUPON, AccessManager::VIEW);
$args['urlReadCoupon'] = $this->getRoute(
'admin.coupon.read',
@@ -95,7 +96,7 @@ class CouponController extends BaseAdminController
*/
public function readAction($couponId)
{
$this->checkAuth('ADMIN', AdminResources::COUPON_VIEW);
$this->checkAuth(AdminResources::COUPON, AccessManager::VIEW);
// Database request repeated in the loop but cached
$search = CouponQuery::create();
@@ -123,7 +124,7 @@ class CouponController extends BaseAdminController
public function createAction()
{
// Check current user authorization
$response = $this->checkAuth(AdminResources::COUPON_CREATE);
$response = $this->checkAuth(AdminResources::COUPON, AccessManager::CREATE);
if ($response !== null) {
return $response;
}
@@ -171,7 +172,7 @@ class CouponController extends BaseAdminController
public function updateAction($couponId)
{
// Check current user authorization
$response = $this->checkAuth(AdminResources::COUPON_UPDATE);
$response = $this->checkAuth(AdminResources::COUPON, AccessManager::UPDATE);
if ($response !== null) {
return $response;
}
@@ -278,7 +279,7 @@ var_dump($coupon->getIsRemovingPostage());;
*/
public function getConditionInputAction($conditionId)
{
$this->checkAuth('ADMIN', AdminResources::COUPON_VIEW);
$this->checkAuth(AdminResources::COUPON, AccessManager::VIEW);
$this->checkXmlHttpRequest();
@@ -308,7 +309,7 @@ var_dump($coupon->getIsRemovingPostage());;
*/
public function updateConditionsAction($couponId)
{
$this->checkAuth('ADMIN', AdminResources::COUPON_VIEW);
$this->checkAuth(AdminResources::COUPON, AccessManager::VIEW);
$this->checkXmlHttpRequest();

11
core/lib/Thelia/Controller/Admin/CurrencyController.php
View File

@@ -23,7 +23,7 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Currency\CurrencyDeleteEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Event\Currency\CurrencyUpdateEvent;
@@ -47,10 +47,7 @@ class CurrencyController extends AbstractCrudController
'manual',
'order',
AdminResources::CURRENCY_VIEW,
AdminResources::CURRENCY_CREATE,
AdminResources::CURRENCY_UPDATE,
AdminResources::CURRENCY_DELETE,
AdminResources::CURRENCY,
TheliaEvents::CURRENCY_CREATE,
TheliaEvents::CURRENCY_UPDATE,
@@ -187,7 +184,7 @@ class CurrencyController extends AbstractCrudController
public function updateRatesAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
try {
$this->dispatch(TheliaEvents::CURRENCY_UPDATE_RATES);
@@ -205,7 +202,7 @@ class CurrencyController extends AbstractCrudController
public function setDefaultAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$changeEvent = new CurrencyUpdateEvent($this->getRequest()->get('currency_id', 0));

11
core/lib/Thelia/Controller/Admin/CustomerController.php
View File

@@ -24,11 +24,12 @@
namespace Thelia\Controller\Admin;
use Propel\Runtime\Exception\PropelException;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Customer\CustomerAddressEvent;
use Thelia\Core\Event\Customer\CustomerCreateOrUpdateEvent;
use Thelia\Core\Event\Customer\CustomerEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Security\AccessManager;
use Thelia\Form\CustomerModification;
use Thelia\Form\Exception\FormValidationException;
use Thelia\Model\CustomerQuery;
@@ -43,13 +44,13 @@ class CustomerController extends BaseAdminController
{
public function indexAction()
{
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER_VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, AccessManager::VIEW)) return $response;
return $this->render("customers", array("display_customer" => 20));
}
public function viewAction($customer_id)
{
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER_VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, AccessManager::VIEW)) return $response;
return $this->render("customer-edit", array(
"customer_id" => $customer_id
));
@@ -63,7 +64,7 @@ class CustomerController extends BaseAdminController
*/
public function updateAction($customer_id)
{
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER_UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, AccessManager::UPDATE)) return $response;
$message = false;
@@ -119,7 +120,7 @@ class CustomerController extends BaseAdminController
public function deleteAction()
{
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER_DELETE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::CUSTOMER, AccessManager::DELETE)) return $response;
$message = null;

2
core/lib/Thelia/Controller/Admin/FeatureAvController.php
View File

@@ -23,7 +23,7 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Feature\FeatureAvDeleteEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Event\Feature\FeatureAvUpdateEvent;

10
core/lib/Thelia/Controller/Admin/FeatureController.php
View File

@@ -23,11 +23,12 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Feature\FeatureDeleteEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Event\Feature\FeatureUpdateEvent;
use Thelia\Core\Event\Feature\FeatureCreateEvent;
use Thelia\Core\Security\AccessManager;
use Thelia\Model\FeatureQuery;
use Thelia\Form\FeatureModificationForm;
use Thelia\Form\FeatureCreationForm;
@@ -51,10 +52,7 @@ class FeatureController extends AbstractCrudController
'manual',
'order',
AdminResources::FEATURE_VIEW,
AdminResources::FEATURE_CREATE,
AdminResources::FEATURE_UPDATE,
AdminResources::FEATURE_DELETE,
AdminResources::FEATURE,
TheliaEvents::FEATURE_CREATE,
TheliaEvents::FEATURE_UPDATE,
@@ -254,7 +252,7 @@ class FeatureController extends AbstractCrudController
protected function addRemoveFromAllTemplates($eventType)
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
try {
if (null !== $object = $this->getExistingObject()) {

27
core/lib/Thelia/Controller/Admin/FileController.php
View File

@@ -26,12 +26,13 @@ namespace Thelia\Controller\Admin;
use Propel\Runtime\Exception\PropelException;
use Symfony\Component\HttpFoundation\File\UploadedFile;
use Symfony\Component\HttpFoundation\Response;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Document\DocumentCreateOrUpdateEvent;
use Thelia\Core\Event\Document\DocumentDeleteEvent;
use Thelia\Core\Event\Image\ImageCreateOrUpdateEvent;
use Thelia\Core\Event\Image\ImageDeleteEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Security\AccessManager;
use Thelia\Form\Exception\FormValidationException;
use Thelia\Log\Tlog;
use Thelia\Model\CategoryDocument;
@@ -70,7 +71,7 @@ class FileController extends BaseAdminController
*/
public function saveImageAjaxAction($parentId, $parentType)
{
$this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update'));
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
if ($this->isParentTypeValid($parentType)) {
@@ -146,7 +147,7 @@ class FileController extends BaseAdminController
*/
public function saveDocumentAjaxAction($parentId, $parentType)
{
$this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update'));
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
if ($this->isParentTypeValid($parentType)) {
@@ -210,7 +211,7 @@ class FileController extends BaseAdminController
*/
public function getImageListAjaxAction($parentId, $parentType)
{
$this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update'));
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$args = array('imageType' => $parentType, 'parentId' => $parentId);
@@ -227,7 +228,7 @@ class FileController extends BaseAdminController
*/
public function getDocumentListAjaxAction($parentId, $parentType)
{
$this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update'));
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$args = array('documentType' => $parentType, 'parentId' => $parentId);
@@ -244,7 +245,7 @@ class FileController extends BaseAdminController
*/
public function getImageFormAjaxAction($parentId, $parentType)
{
$this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update'));
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$args = array('imageType' => $parentType, 'parentId' => $parentId);
@@ -261,7 +262,7 @@ class FileController extends BaseAdminController
*/
public function getDocumentFormAjaxAction($parentId, $parentType)
{
$this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update'));
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$args = array('documentType' => $parentType, 'parentId' => $parentId);
@@ -278,7 +279,7 @@ class FileController extends BaseAdminController
*/
public function viewImageAction($imageId, $parentType)
{
if (null !== $response = $this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update'))) {
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE)) {
return $response;
}
try {
@@ -307,7 +308,7 @@ class FileController extends BaseAdminController
*/
public function viewDocumentAction($documentId, $parentType)
{
if (null !== $response = $this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update'))) {
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE)) {
return $response;
}
try {
@@ -336,7 +337,7 @@ class FileController extends BaseAdminController
*/
public function updateImageAction($imageId, $parentType)
{
if (null !== $response = $this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update'))) {
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE)) {
return $response;
}
@@ -413,7 +414,7 @@ class FileController extends BaseAdminController
*/
public function updateDocumentAction($documentId, $parentType)
{
if (null !== $response = $this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update'))) {
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE)) {
return $response;
}
@@ -490,7 +491,7 @@ class FileController extends BaseAdminController
*/
public function deleteImageAction($imageId, $parentType)
{
$this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update'));
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$fileManager = new FileManager($this->container);
@@ -533,7 +534,7 @@ class FileController extends BaseAdminController
*/
public function deleteDocumentAction($documentId, $parentType)
{
$this->checkAuth('ADMIN', AdminResources::retrieve($parentType, 'update'));
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$fileManager = new FileManager($this->container);

2
core/lib/Thelia/Controller/Admin/FolderController.php
View File

@@ -22,7 +22,7 @@
/*************************************************************************************/
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Folder\FolderCreateEvent;
use Thelia\Core\Event\Folder\FolderDeleteEvent;
use Thelia\Core\Event\Folder\FolderToggleVisibilityEvent;

5
core/lib/Thelia/Controller/Admin/LanguageController.php
View File

@@ -23,7 +23,8 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Security\AccessManager;
/**
* Class LanguageController
@@ -34,7 +35,7 @@ class LanguageController extends BaseAdminController
{
public function defaultAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE_VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::VIEW)) return $response;
return $this->render("languages");
}

5
core/lib/Thelia/Controller/Admin/MailingSystemController.php
View File

@@ -23,7 +23,8 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Security\AccessManager;
/**
* Class MailingSystemController
@@ -34,7 +35,7 @@ class MailingSystemController extends BaseAdminController
{
public function defaultAction()
{
if (null !== $response = $this->checkAuth(AdminResources::MAILING_SYSTEM_VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::MAILING_SYSTEM, AccessManager::VIEW)) return $response;
return $this->render("mailing-system");
}

2
core/lib/Thelia/Controller/Admin/MessageController.php
View File

@@ -23,7 +23,7 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Message\MessageDeleteEvent;
use Thelia\Core\Event\TheliaEvents;use Thelia\Core\Event\Message\MessageUpdateEvent;
use Thelia\Core\Event\Message\MessageCreateEvent;

9
core/lib/Thelia/Controller/Admin/ModuleController.php
View File

@@ -23,11 +23,12 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Module\ModuleDeleteEvent;
use Thelia\Core\Event\Module\ModuleToggleActivationEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Security\AccessManager;
use Thelia\Module\ModuleManagement;
/**
@@ -39,7 +40,7 @@ class ModuleController extends BaseAdminController
{
public function indexAction()
{
if (null !== $response = $this->checkAuth(AdminResources::MODULE_VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::MODULE, AccessManager::VIEW)) return $response;
$modulemanagement = new ModuleManagement();
$modulemanagement->updateModules();
@@ -56,7 +57,7 @@ class ModuleController extends BaseAdminController
public function toggleActivationAction($module_id)
{
if (null !== $response = $this->checkAuth("admin.module.update")) return $response;
if (null !== $response = $this->checkAuth(AdminResources::MODULE, AccessManager::UPDATE)) return $response;
$message = null;
try {
$event = new ModuleToggleActivationEvent($module_id);
@@ -88,7 +89,7 @@ class ModuleController extends BaseAdminController
public function deleteAction()
{
if (null !== $response = $this->checkAuth("admin.module.delete")) return $response;
if (null !== $response = $this->checkAuth(AdminResources::MODULE, AccessManager::DELETE)) return $response;
$message = null;
try {

13
core/lib/Thelia/Controller/Admin/OrderController.php
View File

@@ -24,11 +24,12 @@
namespace Thelia\Controller\Admin;
use Symfony\Component\HttpFoundation\Response;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Order\OrderAddressEvent;
use Thelia\Core\Event\Order\OrderEvent;
use Thelia\Core\Event\PdfEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Security\AccessManager;
use Thelia\Form\OrderUpdateAddress;
use Thelia\Model\ConfigQuery;
use Thelia\Model\Base\OrderAddressQuery;
@@ -45,7 +46,7 @@ class OrderController extends BaseAdminController
{
public function indexAction()
{
if (null !== $response = $this->checkAuth(AdminResources::ORDER_VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::VIEW)) return $response;
return $this->render("orders", array("display_order" => 20));
}
@@ -58,7 +59,7 @@ class OrderController extends BaseAdminController
public function updateStatus($order_id = null)
{
if (null !== $response = $this->checkAuth(AdminResources::ORDER_UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::UPDATE)) return $response;
$message = null;
@@ -109,7 +110,7 @@ class OrderController extends BaseAdminController
public function updateDeliveryRef($order_id)
{
if (null !== $response = $this->checkAuth(AdminResources::ORDER_UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::UPDATE)) return $response;
$message = null;
@@ -144,7 +145,7 @@ class OrderController extends BaseAdminController
public function updateAddress($order_id)
{
if (null !== $response = $this->checkAuth(AdminResources::ORDER_UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::UPDATE)) return $response;
$message = null;
@@ -210,7 +211,7 @@ class OrderController extends BaseAdminController
protected function generatePdf($order_id, $fileName)
{
if (null !== $response = $this->checkAuth(AdminResources::ORDER_UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::UPDATE)) return $response;
$html = $this->renderRaw(
$fileName,

28
core/lib/Thelia/Controller/Admin/ProductController.php
View File

@@ -23,13 +23,14 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Product\ProductAddCategoryEvent;
use Thelia\Core\Event\Product\ProductDeleteCategoryEvent;
use Thelia\Core\Event\Product\ProductDeleteEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Event\Product\ProductUpdateEvent;
use Thelia\Core\Event\Product\ProductCreateEvent;
use Thelia\Core\Security\AccessManager;
use Thelia\Model\ProductQuery;
use Thelia\Form\ProductModificationForm;
use Thelia\Form\ProductCreationForm;
@@ -62,10 +63,7 @@ class ProductController extends AbstractCrudController
'manual',
'product_order',
AdminResources::PRODUCT_VIEW,
AdminResources::PRODUCT_CREATE,
AdminResources::PRODUCT_UPDATE,
AdminResources::PRODUCT_DELETE,
AdminResources::PRODUCT,
TheliaEvents::PRODUCT_CREATE,
TheliaEvents::PRODUCT_UPDATE,
@@ -281,7 +279,7 @@ class ProductController extends AbstractCrudController
public function setToggleVisibilityAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$event = new ProductToggleVisibilityEvent($this->getExistingObject());
@@ -357,7 +355,7 @@ class ProductController extends AbstractCrudController
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$content_id = intval($this->getRequest()->get('content_id'));
@@ -383,7 +381,7 @@ class ProductController extends AbstractCrudController
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$content_id = intval($this->getRequest()->get('content_id'));
@@ -435,7 +433,7 @@ class ProductController extends AbstractCrudController
public function addAccessoryAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$accessory_id = intval($this->getRequest()->get('accessory_id'));
@@ -460,7 +458,7 @@ class ProductController extends AbstractCrudController
public function deleteAccessoryAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$accessory_id = intval($this->getRequest()->get('accessory_id'));
@@ -516,7 +514,7 @@ class ProductController extends AbstractCrudController
public function setProductTemplateAction($productId)
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$product = ProductQuery::create()->findPk($productId);
@@ -613,7 +611,7 @@ class ProductController extends AbstractCrudController
public function addAdditionalCategoryAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$category_id = intval($this->getRequest()->request->get('additional_category_id'));
@@ -638,7 +636,7 @@ class ProductController extends AbstractCrudController
public function deleteAdditionalCategoryAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$category_id = intval($this->getRequest()->get('additional_category_id'));
@@ -735,7 +733,7 @@ class ProductController extends AbstractCrudController
public function addCombinationAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$event = new ProductCreateCombinationEvent(
$this->getExistingObject(),
@@ -760,7 +758,7 @@ class ProductController extends AbstractCrudController
public function deleteCombinationAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$event = new ProductDeleteCombinationEvent(
$this->getExistingObject(),

7
core/lib/Thelia/Controller/Admin/ProfileController.php
View File

@@ -23,7 +23,7 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Profile\ProfileEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Form\ProfileCreationForm;
@@ -40,10 +40,7 @@ class ProfileController extends AbstractCrudController
'manual',
'order',
AdminResources::PRODUCT_VIEW,
AdminResources::PRODUCT_CREATE,
AdminResources::PRODUCT_UPDATE,
AdminResources::PRODUCT_DELETE,
AdminResources::PROFILE,
TheliaEvents::PROFILE_CREATE,
TheliaEvents::PROFILE_UPDATE,

11
core/lib/Thelia/Controller/Admin/ShippingZoneController.php
View File

@@ -22,10 +22,11 @@
/*************************************************************************************/
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\ShippingZone\ShippingZoneAddAreaEvent;
use Thelia\Core\Event\ShippingZone\ShippingZoneRemoveAreaEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Security\AccessManager;
use Thelia\Form\Exception\FormValidationException;
use Thelia\Form\ShippingZone\ShippingZoneAddArea;
use Thelia\Form\ShippingZone\ShippingZoneRemoveArea;
@@ -41,13 +42,13 @@ class ShippingZoneController extends BaseAdminController
public function indexAction()
{
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE_VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, AccessManager::VIEW)) return $response;
return $this->render("shipping-zones", array("display_shipping_zone" => 20));
}
public function updateAction($shipping_zones_id)
{
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE_VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, AccessManager::VIEW)) return $response;
return $this->render("shipping-zones-edit", array(
"shipping_zones_id" => $shipping_zones_id
));
@@ -58,7 +59,7 @@ class ShippingZoneController extends BaseAdminController
*/
public function addArea()
{
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE_UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, AccessManager::UPDATE)) return $response;
$shippingAreaForm = new ShippingZoneAddArea($this->getRequest());
$error_msg = null;
@@ -93,7 +94,7 @@ class ShippingZoneController extends BaseAdminController
public function removeArea()
{
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE_UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, AccessManager::UPDATE)) return $response;
$shippingAreaForm = new ShippingZoneRemoveArea($this->getRequest());
$error_msg = null;

2
core/lib/Thelia/Controller/Admin/TaxController.php
View File

@@ -23,7 +23,7 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Tax\TaxEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Form\TaxCreationForm;

14
core/lib/Thelia/Controller/Admin/TaxRuleController.php
View File

@@ -23,9 +23,10 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Tax\TaxRuleEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Security\AccessManager;
use Thelia\Form\TaxRuleCreationForm;
use Thelia\Form\TaxRuleModificationForm;
use Thelia\Form\TaxRuleTaxListUpdateForm;
@@ -41,10 +42,7 @@ class TaxRuleController extends AbstractCrudController
'manual',
'order',
AdminResources::TAX_VIEW,
AdminResources::TAX_CREATE,
AdminResources::TAX_UPDATE,
AdminResources::TAX_DELETE,
AdminResources::TAX,
TheliaEvents::TAX_RULE_CREATE,
TheliaEvents::TAX_RULE_UPDATE,
@@ -221,7 +219,7 @@ class TaxRuleController extends AbstractCrudController
public function updateAction()
{
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$object = $this->getExistingObject();
@@ -239,7 +237,7 @@ class TaxRuleController extends AbstractCrudController
public function setDefaultAction()
{
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$setDefaultEvent = new TaxRuleEvent();
@@ -257,7 +255,7 @@ class TaxRuleController extends AbstractCrudController
public function processUpdateTaxesAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->updatePermissionIdentifier)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
$error_msg = false;

16
core/lib/Thelia/Controller/Admin/TemplateController.php
View File

@@ -23,11 +23,12 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Template\TemplateDeleteEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Event\Template\TemplateUpdateEvent;
use Thelia\Core\Event\Template\TemplateCreateEvent;
use Thelia\Core\Security\AccessManager;
use Thelia\Model\TemplateQuery;
use Thelia\Form\TemplateModificationForm;
use Thelia\Form\TemplateCreationForm;
@@ -52,10 +53,7 @@ class TemplateController extends AbstractCrudController
null,
null,
AdminResources::TEMPLATE_VIEW,
AdminResources::TEMPLATE_CREATE,
AdminResources::TEMPLATE_UPDATE,
AdminResources::TEMPLATE_DELETE,
AdminResources::TEMPLATE,
TheliaEvents::TEMPLATE_CREATE,
TheliaEvents::TEMPLATE_UPDATE,
@@ -213,7 +211,7 @@ class TemplateController extends AbstractCrudController
public function addAttributeAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE_UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, AccessManager::UPDATE)) return $response;
$attribute_id = intval($this->getRequest()->get('attribute_id'));
@@ -237,7 +235,7 @@ class TemplateController extends AbstractCrudController
public function deleteAttributeAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE_UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, AccessManager::UPDATE)) return $response;
$event = new TemplateDeleteAttributeEvent(
$this->getExistingObject(),
@@ -272,7 +270,7 @@ class TemplateController extends AbstractCrudController
public function addFeatureAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE_UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, AccessManager::UPDATE)) return $response;
$feature_id = intval($this->getRequest()->get('feature_id'));
@@ -296,7 +294,7 @@ class TemplateController extends AbstractCrudController
public function deleteFeatureAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE_UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, AccessManager::UPDATE)) return $response;
$event = new TemplateDeleteFeatureEvent(
$this->getExistingObject(),

84
core/lib/Thelia/Core/Security/AccessManager.php Normal file
View File

@@ -0,0 +1,84 @@
<?php
/*************************************************************************************/
/* */
/* Thelia */
/* */
/* Copyright (c) OpenStudio */
/* email : info@thelia.net */
/* web : http://www.thelia.net */
/* */
/* This program is free software; you can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 3 of the License */
/* */
/* This program is distributed in the hope that it will be useful, */
/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
/* GNU General Public License for more details. */
/* */
/* You should have received a copy of the GNU General Public License */
/* along with this program. If not, see <http://www.gnu.org/licenses/>. */
/* */
/*************************************************************************************/
namespace Thelia\Core\Security;
use Propel\Runtime\ActiveQuery\Criteria;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Security\User\UserInterface;
use Thelia\Core\HttpFoundation\Request;
use Thelia\Model\ProfileQuery;
use Thelia\Model\ProfileResourceQuery;
/**
* A simple security manager, in charge of checking user
*
* @author Etienne Roudeix <eroudeix@openstudio.fr>
*/
class AccessManager
{
const VIEW = 'VIEW';
const CREATE = 'CREATE';
const UPDATE = 'UPDATE';
const DELETE = 'DELETE';
protected $accessGranted = array(
self::VIEW => false,
self::CREATE => false,
self::UPDATE => false,
self::DELETE => false,
);
protected $accessPows = array(
self::VIEW => 3,
self::CREATE => 2,
self::UPDATE => 1,
self::DELETE => 0,
);
protected $accessValue;
public function __construct($accessValue)
{
$this->accessValue = $accessValue;
foreach($this->accessPows as $type => $value) {
if($accessValue >= $value) {
$accessValue -= $value;
$this->accessGranted[$type] = true;
} else {
$this->accessGranted[$type] = false;
}
}
}
public function can($type)
{
if(!array_key_exists($type, $this->accessGranted)) {
return false;
}
return $this->accessGranted[$type];
}
}

121
core/lib/Thelia/Core/Security/Resource/AdminResources.php
View File

@@ -21,7 +21,7 @@
/* */
/*************************************************************************************/
namespace Thelia\Core\Event;
namespace Thelia\Core\Security\Resource;
use Thelia\Core\Security\Exception\ResourceException;
@@ -35,9 +35,9 @@ final class AdminResources
{
static private $selfReflection = null;
static public function retrieve($name, $action)
static public function retrieve($name)
{
$contantName = strtoupper($name . '_' . $action);
$contantName = strtoupper($name);
if(null === self::$selfReflection) {
self::$selfReflection = new \ReflectionClass(__CLASS__);
@@ -52,118 +52,49 @@ final class AdminResources
const SUPERADMINISTRATOR = "SUPERADMINISTRATOR";
const ADDRESS_VIEW = "admin.address.view";
const ADDRESS_CREATE = "admin.address.create";
const ADDRESS_UPDATE = "admin.address.update";
const ADDRESS_DELETE = "admin.address.delete";
const ADDRESS = "admin.address";
const ADMIN_VIEW = "admin.configuration.admin.view";
const ADMIN_CREATE = "admin.configuration.admin.create";
const ADMIN_UPDATE = "admin.configuration.admin.update";
const ADMIN_DELETE = "admin.configuration.admin.delete";
const ADMIN = "admin.configuration.admin";
const AREA_VIEW = "admin.configuration.area.view";
const AREA_CREATE = "admin.configuration.area.create";
const AREA_UPDATE = "admin.configuration.area.update";
const AREA_DELETE = "admin.configuration.area.delete";
const AREA = "admin.configuration.area";
const ATTRIBUTE_VIEW = "admin.configuration.attribute.view";
const ATTRIBUTE_CREATE = "admin.configuration.attribute.create";
const ATTRIBUTE_UPDATE = "admin.configuration.attribute.update";
const ATTRIBUTE_DELETE = "admin.configuration.attribute.delete";
const ATTRIBUTE = "admin.configuration.attribute";
const CATEGORY_VIEW = "admin.category.view";
const CATEGORY_CREATE = "admin.category.create";
const CATEGORY_UPDATE = "admin.category.update";
const CATEGORY_DELETE = "admin.category.delete";
const CATEGORY = "admin.category";
const CONFIG_VIEW = "admin.configuration.view";
const CONFIG_CREATE = "admin.configuration.create";
const CONFIG_UPDATE = "admin.configuration.update";
const CONFIG_DELETE = "admin.configuration.delete";
const CONFIG = "admin.configuration";
const CONTENT_VIEW = "admin.content.view";
const CONTENT_CREATE = "admin.content.create";
const CONTENT_UPDATE = "admin.content.update";
const CONTENT_DELETE = "admin.content.delete";
const CONTENT = "admin.content";
const COUNTRY_VIEW = "admin.configuration.country.view";
const COUNTRY_CREATE = "admin.configuration.country.create";
const COUNTRY_UPDATE = "admin.configuration.country.update";
const COUNTRY_DELETE = "admin.configuration.country.delete";
const COUNTRY = "admin.configuration.country";
const COUPON_VIEW = "admin.coupon.view";
const COUPON_CREATE = "admin.coupon.create";
const COUPON_UPDATE = "admin.coupon.update";
const COUPON_DELETE = "admin.coupon.delete";
const COUPON = "admin.coupon";
const CURRENCY_VIEW = "admin.configuration.currency.view";
const CURRENCY_CREATE = "admin.configuration.currency.create";
const CURRENCY_UPDATE = "admin.configuration.currency.update";
const CURRENCY_DELETE = "admin.configuration.currency.delete";
const CURRENCY = "admin.configuration.currency";
const CUSTOMER_VIEW = "admin.customer.view";
const CUSTOMER_CREATE = "admin.customer.create";
const CUSTOMER_UPDATE = "admin.customer.update";
const CUSTOMER_DELETE = "admin.customer.delete";
const CUSTOMER = "admin.customer";
const FEATURE_VIEW = "admin.configuration.feature.view";
const FEATURE_CREATE = "admin.configuration.feature.create";
const FEATURE_UPDATE = "admin.configuration.feature.update";
const FEATURE_DELETE = "admin.configuration.feature.delete";
const FEATURE = "admin.configuration.feature";
const FOLDER_VIEW = "admin.folder.view";
const FOLDER_CREATE = "admin.folder.create";
const FOLDER_UPDATE = "admin.folder.update";
const FOLDER_DELETE = "admin.folder.delete";
const FOLDER = "admin.folder";
const LANGUAGE_VIEW = "admin.configuration.language.view";
const LANGUAGE_CREATE = "admin.configuration.language.create";
const LANGUAGE_UPDATE = "admin.configuration.language.update";
const LANGUAGE_DELETE = "admin.configuration.language.delete";
const LANGUAGE = "admin.configuration.language";
const MAILING_SYSTEM_VIEW = "admin.configuration.mailing-system.view";
const MAILING_SYSTEM_CREATE = "admin.configuration.mailing-system.create";
const MAILING_SYSTEM_UPDATE = "admin.configuration.mailing-system.update";
const MAILING_SYSTEM_DELETE = "admin.configuration.mailing-system.delete";
const MAILING_SYSTEM = "admin.configuration.mailing-system";
const MESSAGE_VIEW = "admin.configuration.message.view";
const MESSAGE_CREATE = "admin.configuration.message.create";
const MESSAGE_UPDATE = "admin.configuration.message.update";
const MESSAGE_DELETE = "admin.configuration.message.delete";
const MESSAGE = "admin.configuration.message";
const MODULE_VIEW = "admin.configuration.module.view";
const MODULE_CREATE = "admin.configuration.module.create";
const MODULE_UPDATE = "admin.configuration.module.update";
const MODULE_DELETE = "admin.configuration.module.delete";
const MODULE = "admin.configuration.module";
const ORDER_VIEW = "admin.order.view";
const ORDER_CREATE = "admin.order.create";
const ORDER_UPDATE = "admin.order.update";
const ORDER_DELETE = "admin.order.delete";
const ORDER = "admin.order";
const PRODUCT_VIEW = "admin.product.view";
const PRODUCT_CREATE = "admin.product.create";
const PRODUCT_UPDATE = "admin.product.update";
const PRODUCT_DELETE = "admin.product.delete";
const PRODUCT = "admin.product";
const PROFILE_VIEW = "admin.configuration.profile.view";
const PROFILE_CREATE = "admin.configuration.profile.create";
const PROFILE_UPDATE = "admin.configuration.profile.update";
const PROFILE_DELETE = "admin.configuration.profile.delete";
const PROFILE = "admin.configuration.profile";
const SHIPPING_ZONE_VIEW = "admin.configuration.shipping-zone.view";
const SHIPPING_ZONE_CREATE = "admin.configuration.shipping-zone.create";
const SHIPPING_ZONE_UPDATE = "admin.configuration.shipping-zone.update";
const SHIPPING_ZONE_DELETE = "admin.configuration.shipping-zone.delete";
const SHIPPING_ZONE = "admin.configuration.shipping-zone";
const TAX_VIEW = "admin.configuration.tax.view";
const TAX_CREATE = "admin.configuration.tax.create";
const TAX_UPDATE = "admin.configuration.tax.update";
const TAX_DELETE = "admin.configuration.tax.delete";
const TAX = "admin.configuration.tax";
const TEMPLATE_VIEW = "admin.configuration.template.view";
const TEMPLATE_CREATE = "admin.configuration.template.create";
const TEMPLATE_UPDATE = "admin.configuration.template.update";
const TEMPLATE_DELETE = "admin.configuration.template.delete";
const TEMPLATE = "admin.configuration.template";
}

28
core/lib/Thelia/Core/Security/SecurityContext.php
View File

@@ -24,7 +24,7 @@
namespace Thelia\Core\Security;
use Propel\Runtime\ActiveQuery\Criteria;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Security\User\UserInterface;
use Thelia\Core\HttpFoundation\Request;
use Thelia\Model\ProfileQuery;
@@ -126,12 +126,8 @@ class SecurityContext
*
* @return Boolean
*/
final public function isGranted(array $roles, array $permissions)
final public function isGranted(array $roles, array $resources, array $accesses)
{
if (empty($permissions)) {
return true;
}
// Find a user which matches the required roles.
$user = $this->getCustomerUser();
@@ -147,7 +143,11 @@ class SecurityContext
return false;
}
if( !method_exists($user, 'getProfileId') ) {
if (empty($resources) || empty($accesses)) {
return true;
}
if( !method_exists($user, 'getPermissions') ) {
return false;
}
@@ -157,14 +157,22 @@ class SecurityContext
return true;
}
foreach($permissions as $permission) {
if($permission === '') {
foreach($resources as $resource) {
if($resource === '') {
continue;
}
if(! in_array($permission, $userPermissions)) {
$resource = strtolower($resource);
if(!array_key_exists($resource, $userPermissions)) {
return false;
}
foreach($accesses as $access) {
if(!$userPermissions[$resource]->can($access)) {
return false;
}
}
}
return true;

50
core/lib/Thelia/Core/Template/Loop/Auth.php
View File

@@ -29,6 +29,9 @@ use Thelia\Core\Template\Element\LoopResultRow;
use Thelia\Core\Template\Loop\Argument\ArgumentCollection;
use Thelia\Core\Template\Loop\Argument\Argument;
use Thelia\Type\AlphaNumStringListType;
use Thelia\Type\EnumListType;
use Thelia\Type\TypeCollection;
/**
*
@@ -41,40 +44,45 @@ class Auth extends BaseLoop
public function getArgDefinitions()
{
return new ArgumentCollection(
Argument::createAnyTypeArgument('roles', null, true),
Argument::createAnyTypeArgument('permissions'),
new Argument(
'roles',
new TypeCollection(
new AlphaNumStringListType()
),
null,
true
),
new Argument(
'resource',
new TypeCollection(
new AlphaNumStringListType()
)
),
new Argument(
'access',
new TypeCollection(
new EnumListType(array("view", "create", "update", "delete"))
)
),
Argument::createAnyTypeArgument('context', 'front', false)
);
}
private function _explode($commaSeparatedValues)
{
$array = explode(',', $commaSeparatedValues);
if (array_walk($array, function(&$item) {
$item = strtoupper(trim($item));
})) {
return $array;
}
return array();
}
/**
* @param $pagination
*
*
* @return \Thelia\Core\Template\Element\LoopResult
* @return LoopResult
*/
public function exec(&$pagination)
{
$roles = $this->_explode($this->getRoles());
$permissions = $this->_explode($this->getPermissions());
$roles = $this->getRoles();
$resource = $this->getResource();
$access = $this->getAccess();
$loopResult = new LoopResult();
try {
if (true === $this->securityContext->isGranted($roles, $permissions == null ? array() : $permissions)) {
if (true === $this->securityContext->isGranted($roles, $resource === null ? array() : $resource, $access === null ? array() : $access)) {
// Create an empty row: loop is no longer empty :)
$loopResult->addRow(new LoopResultRow());

4
core/lib/Thelia/Core/Template/Smarty/AbstractSmartyPlugin.php
View File

@@ -40,6 +40,10 @@ abstract class AbstractSmartyPlugin
*/
protected function _explode($commaSeparatedValues)
{
if(null === $commaSeparatedValues) {
return array();
}
$array = explode(',', $commaSeparatedValues);
if (array_walk($array, function(&$item) {

5
core/lib/Thelia/Core/Template/Smarty/Plugins/AdminUtilities.php
View File

@@ -45,7 +45,8 @@ class AdminUtilities extends AbstractSmartyPlugin
public function generatePositionChangeBlock($params, &$smarty)
{
// The required permissions
$permission = $this->getParam($params, 'permission');
$resource = $this->getParam($params, 'resource');
$access = $this->getParam($params, 'access');
// The base position change path
$path = $this->getParam($params, 'path');
@@ -68,7 +69,7 @@ class AdminUtilities extends AbstractSmartyPlugin
<a href="{url path='/admin/configuration/currencies/positionDown' currency_id=$ID}"><i class="icon-arrow-down"></i></a>
*/
if ($permissions == null || $this->securityContext->isGranted("ADMIN", array($permission))) {
if ($permissions == null || $this->securityContext->isGranted("ADMIN", array($resource), array($access))) {
return sprintf(
'<a href="%s"><i class="glyphicon glyphicon-arrow-up"></i></a><span class="%s" data-id="%s">%s</span><a href="%s"><i class="glyphicon glyphicon-arrow-down"></i></a>',
URL::getInstance()->absoluteUrl($path, array('mode' => 'up', $url_parameter => $id)),

11
core/lib/Thelia/Core/Template/Smarty/Plugins/Security.php
View File

@@ -53,14 +53,15 @@ class Security extends AbstractSmartyPlugin
*/
public function checkAuthFunction($params, &$smarty)
{
$roles = $this->_explode($this->getParam($params, 'roles'));
$permissions = $this->_explode($this->getParam($params, 'permissions'));
$roles = $this->_explode($this->getParam($params, 'role'));
$resources = $this->_explode($this->getParam($params, 'resource'));
$accesses = $this->_explode($this->getParam($params, 'access'));
if (! $this->securityContext->isGranted($roles, $permissions)) {
if (! $this->securityContext->isGranted($roles, $resources, $accesses)) {
$ex = new AuthenticationException(
sprintf("User not granted for roles '%s', permissions '%s' in context '%s'.",
implode(',', $roles), implode(',', $permissions), $context
sprintf("User not granted for roles '%s', to access resources '%s' with %s in context '%s'.",
implode(',', $roles), implode(',', $resources), implode(',', $accesses), $context
)
);

5
core/lib/Thelia/Model/Admin.php
View File

@@ -3,7 +3,8 @@
namespace Thelia\Model;
use Propel\Runtime\ActiveQuery\Criteria;
use Thelia\Core\Event\AdminResources;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Security\AccessManager;
use Thelia\Core\Security\User\UserInterface;
use Thelia\Core\Security\Role\Role;
@@ -39,7 +40,7 @@ class Admin extends BaseAdmin implements UserInterface
$userPermissions = array();
foreach($userPermissionsQuery as $userPermission) {
$userPermissions[] = $userPermission->getVirtualColumn('code');
$userPermissions[$userPermission->getVirtualColumn('code')] = new AccessManager($userPermission->getAccess());
}
return $userPermissions;

134
core/lib/Thelia/Model/Base/ProfileResource.php
View File

@@ -77,18 +77,11 @@ abstract class ProfileResource implements ActiveRecordInterface
protected $resource_id;
/**
* The value for the read field.
* The value for the access field.
* Note: this column has a database default value of: 0
* @var int
*/
protected $read;
/**
* The value for the write field.
* Note: this column has a database default value of: 0
* @var int
*/
protected $write;
protected $access;
/**
* The value for the created_at field.
@@ -128,8 +121,7 @@ abstract class ProfileResource implements ActiveRecordInterface
*/
public function applyDefaultValues()
{
$this->read = 0;
$this->write = 0;
$this->access = 0;
}
/**
@@ -426,25 +418,14 @@ abstract class ProfileResource implements ActiveRecordInterface
}
/**
* Get the [read] column value.
* Get the [access] column value.
*
* @return int
*/
public function getRead()
public function getAccess()
{
return $this->read;
}
/**
* Get the [write] column value.
*
* @return int
*/
public function getWrite()
{
return $this->write;
return $this->access;
}
/**
@@ -559,46 +540,25 @@ abstract class ProfileResource implements ActiveRecordInterface
} // setResourceId()
/**
* Set the value of [read] column.
* Set the value of [access] column.
*
* @param int $v new value
* @return \Thelia\Model\ProfileResource The current object (for fluent API support)
*/
public function setRead($v)
public function setAccess($v)
{
if ($v !== null) {
$v = (int) $v;
}
if ($this->read !== $v) {
$this->read = $v;
$this->modifiedColumns[] = ProfileResourceTableMap::READ;
if ($this->access !== $v) {
$this->access = $v;
$this->modifiedColumns[] = ProfileResourceTableMap::ACCESS;
}
return $this;
} // setRead()
/**
* Set the value of [write] column.
*
* @param int $v new value
* @return \Thelia\Model\ProfileResource The current object (for fluent API support)
*/
public function setWrite($v)
{
if ($v !== null) {
$v = (int) $v;
}
if ($this->write !== $v) {
$this->write = $v;
$this->modifiedColumns[] = ProfileResourceTableMap::WRITE;
}
return $this;
} // setWrite()
} // setAccess()
/**
* Sets the value of [created_at] column to a normalized version of the date/time value specified.
@@ -652,11 +612,7 @@ abstract class ProfileResource implements ActiveRecordInterface
*/
public function hasOnlyDefaultValues()
{
if ($this->read !== 0) {
return false;
}
if ($this->write !== 0) {
if ($this->access !== 0) {
return false;
}
@@ -696,19 +652,16 @@ abstract class ProfileResource implements ActiveRecordInterface
$col = $row[TableMap::TYPE_NUM == $indexType ? 2 + $startcol : ProfileResourceTableMap::translateFieldName('ResourceId', TableMap::TYPE_PHPNAME, $indexType)];
$this->resource_id = (null !== $col) ? (int) $col : null;
$col = $row[TableMap::TYPE_NUM == $indexType ? 3 + $startcol : ProfileResourceTableMap::translateFieldName('Read', TableMap::TYPE_PHPNAME, $indexType)];
$this->read = (null !== $col) ? (int) $col : null;
$col = $row[TableMap::TYPE_NUM == $indexType ? 3 + $startcol : ProfileResourceTableMap::translateFieldName('Access', TableMap::TYPE_PHPNAME, $indexType)];
$this->access = (null !== $col) ? (int) $col : null;
$col = $row[TableMap::TYPE_NUM == $indexType ? 4 + $startcol : ProfileResourceTableMap::translateFieldName('Write', TableMap::TYPE_PHPNAME, $indexType)];
$this->write = (null !== $col) ? (int) $col : null;
$col = $row[TableMap::TYPE_NUM == $indexType ? 5 + $startcol : ProfileResourceTableMap::translateFieldName('CreatedAt', TableMap::TYPE_PHPNAME, $indexType)];
$col = $row[TableMap::TYPE_NUM == $indexType ? 4 + $startcol : ProfileResourceTableMap::translateFieldName('CreatedAt', TableMap::TYPE_PHPNAME, $indexType)];
if ($col === '0000-00-00 00:00:00') {
$col = null;
}
$this->created_at = (null !== $col) ? PropelDateTime::newInstance($col, null, '\DateTime') : null;
$col = $row[TableMap::TYPE_NUM == $indexType ? 6 + $startcol : ProfileResourceTableMap::translateFieldName('UpdatedAt', TableMap::TYPE_PHPNAME, $indexType)];
$col = $row[TableMap::TYPE_NUM == $indexType ? 5 + $startcol : ProfileResourceTableMap::translateFieldName('UpdatedAt', TableMap::TYPE_PHPNAME, $indexType)];
if ($col === '0000-00-00 00:00:00') {
$col = null;
}
@@ -721,7 +674,7 @@ abstract class ProfileResource implements ActiveRecordInterface
$this->ensureConsistency();
}
return $startcol + 7; // 7 = ProfileResourceTableMap::NUM_HYDRATE_COLUMNS.
return $startcol + 6; // 6 = ProfileResourceTableMap::NUM_HYDRATE_COLUMNS.
} catch (Exception $e) {
throw new PropelException("Error populating \Thelia\Model\ProfileResource object", 0, $e);
@@ -977,11 +930,8 @@ abstract class ProfileResource implements ActiveRecordInterface
if ($this->isColumnModified(ProfileResourceTableMap::RESOURCE_ID)) {
$modifiedColumns[':p' . $index++] = 'RESOURCE_ID';
}
if ($this->isColumnModified(ProfileResourceTableMap::READ)) {
$modifiedColumns[':p' . $index++] = 'READ';
}
if ($this->isColumnModified(ProfileResourceTableMap::WRITE)) {
$modifiedColumns[':p' . $index++] = 'WRITE';
if ($this->isColumnModified(ProfileResourceTableMap::ACCESS)) {
$modifiedColumns[':p' . $index++] = 'ACCESS';
}
if ($this->isColumnModified(ProfileResourceTableMap::CREATED_AT)) {
$modifiedColumns[':p' . $index++] = 'CREATED_AT';
@@ -1009,11 +959,8 @@ abstract class ProfileResource implements ActiveRecordInterface
case 'RESOURCE_ID':
$stmt->bindValue($identifier, $this->resource_id, PDO::PARAM_INT);
break;
case 'READ':
$stmt->bindValue($identifier, $this->read, PDO::PARAM_INT);
break;
case 'WRITE':
$stmt->bindValue($identifier, $this->write, PDO::PARAM_INT);
case 'ACCESS':
$stmt->bindValue($identifier, $this->access, PDO::PARAM_INT);
break;
case 'CREATED_AT':
$stmt->bindValue($identifier, $this->created_at ? $this->created_at->format("Y-m-d H:i:s") : null, PDO::PARAM_STR);
@@ -1093,15 +1040,12 @@ abstract class ProfileResource implements ActiveRecordInterface
return $this->getResourceId();
break;
case 3:
return $this->getRead();
return $this->getAccess();
break;
case 4:
return $this->getWrite();
break;
case 5:
return $this->getCreatedAt();
break;
case 6:
case 5:
return $this->getUpdatedAt();
break;
default:
@@ -1136,10 +1080,9 @@ abstract class ProfileResource implements ActiveRecordInterface
$keys[0] => $this->getId(),
$keys[1] => $this->getProfileId(),
$keys[2] => $this->getResourceId(),
$keys[3] => $this->getRead(),
$keys[4] => $this->getWrite(),
$keys[5] => $this->getCreatedAt(),
$keys[6] => $this->getUpdatedAt(),
$keys[3] => $this->getAccess(),
$keys[4] => $this->getCreatedAt(),
$keys[5] => $this->getUpdatedAt(),
);
$virtualColumns = $this->virtualColumns;
foreach ($virtualColumns as $key => $virtualColumn) {
@@ -1197,15 +1140,12 @@ abstract class ProfileResource implements ActiveRecordInterface
$this->setResourceId($value);
break;
case 3:
$this->setRead($value);
$this->setAccess($value);
break;
case 4:
$this->setWrite($value);
break;
case 5:
$this->setCreatedAt($value);
break;
case 6:
case 5:
$this->setUpdatedAt($value);
break;
} // switch()
@@ -1235,10 +1175,9 @@ abstract class ProfileResource implements ActiveRecordInterface
if (array_key_exists($keys[0], $arr)) $this->setId($arr[$keys[0]]);
if (array_key_exists($keys[1], $arr)) $this->setProfileId($arr[$keys[1]]);
if (array_key_exists($keys[2], $arr)) $this->setResourceId($arr[$keys[2]]);
if (array_key_exists($keys[3], $arr)) $this->setRead($arr[$keys[3]]);
if (array_key_exists($keys[4], $arr)) $this->setWrite($arr[$keys[4]]);
if (array_key_exists($keys[5], $arr)) $this->setCreatedAt($arr[$keys[5]]);
if (array_key_exists($keys[6], $arr)) $this->setUpdatedAt($arr[$keys[6]]);
if (array_key_exists($keys[3], $arr)) $this->setAccess($arr[$keys[3]]);
if (array_key_exists($keys[4], $arr)) $this->setCreatedAt($arr[$keys[4]]);
if (array_key_exists($keys[5], $arr)) $this->setUpdatedAt($arr[$keys[5]]);
}
/**
@@ -1253,8 +1192,7 @@ abstract class ProfileResource implements ActiveRecordInterface
if ($this->isColumnModified(ProfileResourceTableMap::ID)) $criteria->add(ProfileResourceTableMap::ID, $this->id);
if ($this->isColumnModified(ProfileResourceTableMap::PROFILE_ID)) $criteria->add(ProfileResourceTableMap::PROFILE_ID, $this->profile_id);
if ($this->isColumnModified(ProfileResourceTableMap::RESOURCE_ID)) $criteria->add(ProfileResourceTableMap::RESOURCE_ID, $this->resource_id);
if ($this->isColumnModified(ProfileResourceTableMap::READ)) $criteria->add(ProfileResourceTableMap::READ, $this->read);
if ($this->isColumnModified(ProfileResourceTableMap::WRITE)) $criteria->add(ProfileResourceTableMap::WRITE, $this->write);
if ($this->isColumnModified(ProfileResourceTableMap::ACCESS)) $criteria->add(ProfileResourceTableMap::ACCESS, $this->access);
if ($this->isColumnModified(ProfileResourceTableMap::CREATED_AT)) $criteria->add(ProfileResourceTableMap::CREATED_AT, $this->created_at);
if ($this->isColumnModified(ProfileResourceTableMap::UPDATED_AT)) $criteria->add(ProfileResourceTableMap::UPDATED_AT, $this->updated_at);
@@ -1332,8 +1270,7 @@ abstract class ProfileResource implements ActiveRecordInterface
{
$copyObj->setProfileId($this->getProfileId());
$copyObj->setResourceId($this->getResourceId());
$copyObj->setRead($this->getRead());
$copyObj->setWrite($this->getWrite());
$copyObj->setAccess($this->getAccess());
$copyObj->setCreatedAt($this->getCreatedAt());
$copyObj->setUpdatedAt($this->getUpdatedAt());
if ($makeNew) {
@@ -1474,8 +1411,7 @@ abstract class ProfileResource implements ActiveRecordInterface
$this->id = null;
$this->profile_id = null;
$this->resource_id = null;
$this->read = null;
$this->write = null;
$this->access = null;
$this->created_at = null;
$this->updated_at = null;
$this->alreadyInSave = false;

79
core/lib/Thelia/Model/Base/ProfileResourceQuery.php
View File

@@ -24,16 +24,14 @@ use Thelia\Model\Map\ProfileResourceTableMap;
* @method ChildProfileResourceQuery orderById($order = Criteria::ASC) Order by the id column
* @method ChildProfileResourceQuery orderByProfileId($order = Criteria::ASC) Order by the profile_id column
* @method ChildProfileResourceQuery orderByResourceId($order = Criteria::ASC) Order by the resource_id column
* @method ChildProfileResourceQuery orderByRead($order = Criteria::ASC) Order by the read column
* @method ChildProfileResourceQuery orderByWrite($order = Criteria::ASC) Order by the write column
* @method ChildProfileResourceQuery orderByAccess($order = Criteria::ASC) Order by the access column
* @method ChildProfileResourceQuery orderByCreatedAt($order = Criteria::ASC) Order by the created_at column
* @method ChildProfileResourceQuery orderByUpdatedAt($order = Criteria::ASC) Order by the updated_at column
*
* @method ChildProfileResourceQuery groupById() Group by the id column
* @method ChildProfileResourceQuery groupByProfileId() Group by the profile_id column
* @method ChildProfileResourceQuery groupByResourceId() Group by the resource_id column
* @method ChildProfileResourceQuery groupByRead() Group by the read column
* @method ChildProfileResourceQuery groupByWrite() Group by the write column
* @method ChildProfileResourceQuery groupByAccess() Group by the access column
* @method ChildProfileResourceQuery groupByCreatedAt() Group by the created_at column
* @method ChildProfileResourceQuery groupByUpdatedAt() Group by the updated_at column
*
@@ -55,16 +53,14 @@ use Thelia\Model\Map\ProfileResourceTableMap;
* @method ChildProfileResource findOneById(int $id) Return the first ChildProfileResource filtered by the id column
* @method ChildProfileResource findOneByProfileId(int $profile_id) Return the first ChildProfileResource filtered by the profile_id column
* @method ChildProfileResource findOneByResourceId(int $resource_id) Return the first ChildProfileResource filtered by the resource_id column
* @method ChildProfileResource findOneByRead(int $read) Return the first ChildProfileResource filtered by the read column
* @method ChildProfileResource findOneByWrite(int $write) Return the first ChildProfileResource filtered by the write column
* @method ChildProfileResource findOneByAccess(int $access) Return the first ChildProfileResource filtered by the access column
* @method ChildProfileResource findOneByCreatedAt(string $created_at) Return the first ChildProfileResource filtered by the created_at column
* @method ChildProfileResource findOneByUpdatedAt(string $updated_at) Return the first ChildProfileResource filtered by the updated_at column
*
* @method array findById(int $id) Return ChildProfileResource objects filtered by the id column
* @method array findByProfileId(int $profile_id) Return ChildProfileResource objects filtered by the profile_id column
* @method array findByResourceId(int $resource_id) Return ChildProfileResource objects filtered by the resource_id column
* @method array findByRead(int $read) Return ChildProfileResource objects filtered by the read column
* @method array findByWrite(int $write) Return ChildProfileResource objects filtered by the write column
* @method array findByAccess(int $access) Return ChildProfileResource objects filtered by the access column
* @method array findByCreatedAt(string $created_at) Return ChildProfileResource objects filtered by the created_at column
* @method array findByUpdatedAt(string $updated_at) Return ChildProfileResource objects filtered by the updated_at column
*
@@ -155,7 +151,7 @@ abstract class ProfileResourceQuery extends ModelCriteria
*/
protected function findPkSimple($key, $con)
{
$sql = 'SELECT ID, PROFILE_ID, RESOURCE_ID, READ, WRITE, CREATED_AT, UPDATED_AT FROM profile_resource WHERE ID = :p0 AND PROFILE_ID = :p1 AND RESOURCE_ID = :p2';
$sql = 'SELECT ID, PROFILE_ID, RESOURCE_ID, ACCESS, CREATED_AT, UPDATED_AT FROM profile_resource WHERE ID = :p0 AND PROFILE_ID = :p1 AND RESOURCE_ID = :p2';
try {
$stmt = $con->prepare($sql);
$stmt->bindValue(':p0', $key[0], PDO::PARAM_INT);
@@ -388,16 +384,16 @@ abstract class ProfileResourceQuery extends ModelCriteria
}
/**
* Filter the query on the read column
* Filter the query on the access column
*
* Example usage:
* <code>
* $query->filterByRead(1234); // WHERE read = 1234
* $query->filterByRead(array(12, 34)); // WHERE read IN (12, 34)
* $query->filterByRead(array('min' => 12)); // WHERE read > 12
* $query->filterByAccess(1234); // WHERE access = 1234
* $query->filterByAccess(array(12, 34)); // WHERE access IN (12, 34)
* $query->filterByAccess(array('min' => 12)); // WHERE access > 12
* </code>
*
* @param mixed $read The value to use as filter.
* @param mixed $access The value to use as filter.
* Use scalar values for equality.
* Use array values for in_array() equivalent.
* Use associative array('min' => $minValue, 'max' => $maxValue) for intervals.
@@ -405,16 +401,16 @@ abstract class ProfileResourceQuery extends ModelCriteria
*
* @return ChildProfileResourceQuery The current query, for fluid interface
*/
public function filterByRead($read = null, $comparison = null)
public function filterByAccess($access = null, $comparison = null)
{
if (is_array($read)) {
if (is_array($access)) {
$useMinMax = false;
if (isset($read['min'])) {
$this->addUsingAlias(ProfileResourceTableMap::READ, $read['min'], Criteria::GREATER_EQUAL);
if (isset($access['min'])) {
$this->addUsingAlias(ProfileResourceTableMap::ACCESS, $access['min'], Criteria::GREATER_EQUAL);
$useMinMax = true;
}
if (isset($read['max'])) {
$this->addUsingAlias(ProfileResourceTableMap::READ, $read['max'], Criteria::LESS_EQUAL);
if (isset($access['max'])) {
$this->addUsingAlias(ProfileResourceTableMap::ACCESS, $access['max'], Criteria::LESS_EQUAL);
$useMinMax = true;
}
if ($useMinMax) {
@@ -425,48 +421,7 @@ abstract class ProfileResourceQuery extends ModelCriteria
}
}
return $this->addUsingAlias(ProfileResourceTableMap::READ, $read, $comparison);
}
/**
* Filter the query on the write column
*
* Example usage:
* <code>
* $query->filterByWrite(1234); // WHERE write = 1234
* $query->filterByWrite(array(12, 34)); // WHERE write IN (12, 34)
* $query->filterByWrite(array('min' => 12)); // WHERE write > 12
* </code>
*
* @param mixed $write The value to use as filter.
* Use scalar values for equality.
* Use array values for in_array() equivalent.
* Use associative array('min' => $minValue, 'max' => $maxValue) for intervals.
* @param string $comparison Operator to use for the column comparison, defaults to Criteria::EQUAL
*
* @return ChildProfileResourceQuery The current query, for fluid interface
*/
public function filterByWrite($write = null, $comparison = null)
{
if (is_array($write)) {
$useMinMax = false;
if (isset($write['min'])) {
$this->addUsingAlias(ProfileResourceTableMap::WRITE, $write['min'], Criteria::GREATER_EQUAL);
$useMinMax = true;
}
if (isset($write['max'])) {
$this->addUsingAlias(ProfileResourceTableMap::WRITE, $write['max'], Criteria::LESS_EQUAL);
$useMinMax = true;
}
if ($useMinMax) {
return $this;
}
if (null === $comparison) {
$comparison = Criteria::IN;
}
}
return $this->addUsingAlias(ProfileResourceTableMap::WRITE, $write, $comparison);
return $this->addUsingAlias(ProfileResourceTableMap::ACCESS, $access, $comparison);
}
/**

46
core/lib/Thelia/Model/Map/ProfileResourceTableMap.php
View File

@@ -57,7 +57,7 @@ class ProfileResourceTableMap extends TableMap
/**
* The total number of columns
*/
const NUM_COLUMNS = 7;
const NUM_COLUMNS = 6;
/**
* The number of lazy-loaded columns
@@ -67,7 +67,7 @@ class ProfileResourceTableMap extends TableMap
/**
* The number of columns to hydrate (NUM_COLUMNS - NUM_LAZY_LOAD_COLUMNS)
*/
const NUM_HYDRATE_COLUMNS = 7;
const NUM_HYDRATE_COLUMNS = 6;
/**
* the column name for the ID field
@@ -85,14 +85,9 @@ class ProfileResourceTableMap extends TableMap
const RESOURCE_ID = 'profile_resource.RESOURCE_ID';
/**
* the column name for the READ field
* the column name for the ACCESS field
*/
const READ = 'profile_resource.READ';
/**
* the column name for the WRITE field
*/
const WRITE = 'profile_resource.WRITE';
const ACCESS = 'profile_resource.ACCESS';
/**
* the column name for the CREATED_AT field
@@ -116,12 +111,12 @@ class ProfileResourceTableMap extends TableMap
* e.g. self::$fieldNames[self::TYPE_PHPNAME][0] = 'Id'
*/
protected static $fieldNames = array (
self::TYPE_PHPNAME => array('Id', 'ProfileId', 'ResourceId', 'Read', 'Write', 'CreatedAt', 'UpdatedAt', ),
self::TYPE_STUDLYPHPNAME => array('id', 'profileId', 'resourceId', 'read', 'write', 'createdAt', 'updatedAt', ),
self::TYPE_COLNAME => array(ProfileResourceTableMap::ID, ProfileResourceTableMap::PROFILE_ID, ProfileResourceTableMap::RESOURCE_ID, ProfileResourceTableMap::READ, ProfileResourceTableMap::WRITE, ProfileResourceTableMap::CREATED_AT, ProfileResourceTableMap::UPDATED_AT, ),
self::TYPE_RAW_COLNAME => array('ID', 'PROFILE_ID', 'RESOURCE_ID', 'READ', 'WRITE', 'CREATED_AT', 'UPDATED_AT', ),
self::TYPE_FIELDNAME => array('id', 'profile_id', 'resource_id', 'read', 'write', 'created_at', 'updated_at', ),
self::TYPE_NUM => array(0, 1, 2, 3, 4, 5, 6, )
self::TYPE_PHPNAME => array('Id', 'ProfileId', 'ResourceId', 'Access', 'CreatedAt', 'UpdatedAt', ),
self::TYPE_STUDLYPHPNAME => array('id', 'profileId', 'resourceId', 'access', 'createdAt', 'updatedAt', ),
self::TYPE_COLNAME => array(ProfileResourceTableMap::ID, ProfileResourceTableMap::PROFILE_ID, ProfileResourceTableMap::RESOURCE_ID, ProfileResourceTableMap::ACCESS, ProfileResourceTableMap::CREATED_AT, ProfileResourceTableMap::UPDATED_AT, ),
self::TYPE_RAW_COLNAME => array('ID', 'PROFILE_ID', 'RESOURCE_ID', 'ACCESS', 'CREATED_AT', 'UPDATED_AT', ),
self::TYPE_FIELDNAME => array('id', 'profile_id', 'resource_id', 'access', 'created_at', 'updated_at', ),
self::TYPE_NUM => array(0, 1, 2, 3, 4, 5, )
);
/**
@@ -131,12 +126,12 @@ class ProfileResourceTableMap extends TableMap
* e.g. self::$fieldKeys[self::TYPE_PHPNAME]['Id'] = 0
*/
protected static $fieldKeys = array (
self::TYPE_PHPNAME => array('Id' => 0, 'ProfileId' => 1, 'ResourceId' => 2, 'Read' => 3, 'Write' => 4, 'CreatedAt' => 5, 'UpdatedAt' => 6, ),
self::TYPE_STUDLYPHPNAME => array('id' => 0, 'profileId' => 1, 'resourceId' => 2, 'read' => 3, 'write' => 4, 'createdAt' => 5, 'updatedAt' => 6, ),
self::TYPE_COLNAME => array(ProfileResourceTableMap::ID => 0, ProfileResourceTableMap::PROFILE_ID => 1, ProfileResourceTableMap::RESOURCE_ID => 2, ProfileResourceTableMap::READ => 3, ProfileResourceTableMap::WRITE => 4, ProfileResourceTableMap::CREATED_AT => 5, ProfileResourceTableMap::UPDATED_AT => 6, ),
self::TYPE_RAW_COLNAME => array('ID' => 0, 'PROFILE_ID' => 1, 'RESOURCE_ID' => 2, 'READ' => 3, 'WRITE' => 4, 'CREATED_AT' => 5, 'UPDATED_AT' => 6, ),
self::TYPE_FIELDNAME => array('id' => 0, 'profile_id' => 1, 'resource_id' => 2, 'read' => 3, 'write' => 4, 'created_at' => 5, 'updated_at' => 6, ),
self::TYPE_NUM => array(0, 1, 2, 3, 4, 5, 6, )
self::TYPE_PHPNAME => array('Id' => 0, 'ProfileId' => 1, 'ResourceId' => 2, 'Access' => 3, 'CreatedAt' => 4, 'UpdatedAt' => 5, ),
self::TYPE_STUDLYPHPNAME => array('id' => 0, 'profileId' => 1, 'resourceId' => 2, 'access' => 3, 'createdAt' => 4, 'updatedAt' => 5, ),
self::TYPE_COLNAME => array(ProfileResourceTableMap::ID => 0, ProfileResourceTableMap::PROFILE_ID => 1, ProfileResourceTableMap::RESOURCE_ID => 2, ProfileResourceTableMap::ACCESS => 3, ProfileResourceTableMap::CREATED_AT => 4, ProfileResourceTableMap::UPDATED_AT => 5, ),
self::TYPE_RAW_COLNAME => array('ID' => 0, 'PROFILE_ID' => 1, 'RESOURCE_ID' => 2, 'ACCESS' => 3, 'CREATED_AT' => 4, 'UPDATED_AT' => 5, ),
self::TYPE_FIELDNAME => array('id' => 0, 'profile_id' => 1, 'resource_id' => 2, 'access' => 3, 'created_at' => 4, 'updated_at' => 5, ),
self::TYPE_NUM => array(0, 1, 2, 3, 4, 5, )
);
/**
@@ -159,8 +154,7 @@ class ProfileResourceTableMap extends TableMap
$this->addPrimaryKey('ID', 'Id', 'INTEGER', true, null, null);
$this->addForeignPrimaryKey('PROFILE_ID', 'ProfileId', 'INTEGER' , 'profile', 'ID', true, null, null);
$this->addForeignPrimaryKey('RESOURCE_ID', 'ResourceId', 'INTEGER' , 'resource', 'ID', true, null, null);
$this->addColumn('READ', 'Read', 'TINYINT', false, null, 0);
$this->addColumn('WRITE', 'Write', 'TINYINT', false, null, 0);
$this->addColumn('ACCESS', 'Access', 'INTEGER', true, null, 0);
$this->addColumn('CREATED_AT', 'CreatedAt', 'TIMESTAMP', false, null, null);
$this->addColumn('UPDATED_AT', 'UpdatedAt', 'TIMESTAMP', false, null, null);
} // initialize()
@@ -377,16 +371,14 @@ class ProfileResourceTableMap extends TableMap
$criteria->addSelectColumn(ProfileResourceTableMap::ID);
$criteria->addSelectColumn(ProfileResourceTableMap::PROFILE_ID);
$criteria->addSelectColumn(ProfileResourceTableMap::RESOURCE_ID);
$criteria->addSelectColumn(ProfileResourceTableMap::READ);
$criteria->addSelectColumn(ProfileResourceTableMap::WRITE);
$criteria->addSelectColumn(ProfileResourceTableMap::ACCESS);
$criteria->addSelectColumn(ProfileResourceTableMap::CREATED_AT);
$criteria->addSelectColumn(ProfileResourceTableMap::UPDATED_AT);
} else {
$criteria->addSelectColumn($alias . '.ID');
$criteria->addSelectColumn($alias . '.PROFILE_ID');
$criteria->addSelectColumn($alias . '.RESOURCE_ID');
$criteria->addSelectColumn($alias . '.READ');
$criteria->addSelectColumn($alias . '.WRITE');
$criteria->addSelectColumn($alias . '.ACCESS');
$criteria->addSelectColumn($alias . '.CREATED_AT');
$criteria->addSelectColumn($alias . '.UPDATED_AT');
}

2
core/lib/Thelia/Type/AlphaNumStringListType.php
View File

@@ -38,7 +38,7 @@ class AlphaNumStringListType extends BaseType
public function isValid($values)
{
foreach (explode(',', $values) as $value) {
if(!preg_match('#^[a-zA-Z0-9\-_]+$#', $value))
if(!preg_match('#^[a-zA-Z0-9\-_\.]+$#', $value))
return false;
}

2
core/lib/Thelia/Type/AlphaNumStringType.php
View File

@@ -37,7 +37,7 @@ class AlphaNumStringType extends BaseType
public function isValid($value)
{
return preg_match('#^[a-zA-Z0-9\-_]+$#', $value) ? true : false;
return preg_match('#^[a-zA-Z0-9\-_\.]+$#', $value) ? true : false;
}
public function getFormattedValue($value)