fix typo in method name

documentation/api/files/Admin/Controller/BaseAdminController.php.txt

@@ -38,6 +38,9 @@ use Thelia\Tools\URL;
 use Thelia\Tools\Redirect;
 use Thelia\Core\Template\ParserContext;
 use Thelia\Core\Event\ActionEvent;
+use Symfony\Component\EventDispatcher\EventDispatcher;
+use Thelia\Core\Factory\ActionEventFactory;
+use Thelia\Core\Security\Exception\AuthorizationException;
 
 /**
  *
@@ -70,9 +73,30 @@ class BaseAdminController extends ContainerAware
 		return new Response($this->renderRaw(self::TEMPLATE_404), 404);
 	}
 
+	/**
+	 * Check current admin user authorisations. An ADMIN role is assumed.
+	 *
+	 * @param unknown $permissions a single permission or an array of permissions.
+	 *
+	 * @throws AuthenticationException if permissions are not granted ti the current user.
+	 */
+	protected function checkAuth($permissions) {
+
+		if (! $this->getSecurityContext()->isGranted(array("ADMIN"), is_array($permissions) ? $permissions : array($permissions))) {
+			throw new AuthorizationException("Sorry, you're not allowed to perform this action");
+		}
+	}
+
+	/**
+	 * Return an empty response (after an ajax request, for example)
+	 */
+	protected function nullResponse()
+	{
+		return new Response();
+	}
 
     /**
-     * Render the givent template, and returns the result as an Http Response.
+     * Render the given template, and returns the result as an Http Response.
      *
      * @param $templateName the complete template name, with extension
      * @param array $args the template arguments
@@ -118,12 +142,54 @@ class BaseAdminController extends ContainerAware
         }
     }
 
+    /**
+     * Create an action event,
+     *
+     * @return EventDispatcher
+     */
+    protected function dispatchEvent($action)
+    {
+    	// Create the
+    	$eventFactory = new ActionEventFactory($this->getRequest(), $action, $this->container->getParameter("thelia.actionEvent"));
+
+    	$actionEvent = $eventFactory->createActionEvent();
+
+    	$this->dispatch("action.$action", $actionEvent);
+
+    	if ($actionEvent->hasErrorForm()) {
+    		$this->getParserContext()->setErrorForm($actionEvent->getErrorForm());
+    	}
+
+    	return $actionEvent;
+    }
+
+    /**
+     * Dispatch a Thelia event to modules
+     *
+     * @param string $eventName a TheliaEvent name, as defined in TheliaEvents class
+     * @param ActionEvent $event the event
+     */
+    protected function dispatch($eventName, ActionEvent $event = null) {
+
+    	$this->getDispatcher()->dispatch($eventName, $event);
+    }
+
+    /**
+     * Return the event dispatcher,
+     *
+     * @return EventDispatcherInterface
+     */
+    protected function getDispatcher()
+    {
+    	return $this->container->get('event_dispatcher');
+    }
+
     /**
      * Return the parser context,
      *
      * @return ParserContext
      */
-    protected function getParserContext($context = false)
+    protected function getParserContext()
     {
     	return $this->container->get('thelia.parser.context');
     }
@@ -150,17 +216,6 @@ class BaseAdminController extends ContainerAware
         return $this->container->get('request');
     }
 
-    /**
-     * Dispatch a Thelia event to modules
-     *
-     * @param string $eventName a TheliaEvent name, as defined in TheliaEvents class
-     * @param ActionEvent $event the event
-     */
-    protected function dispatch($eventName, ActionEvent $event = null) {
-
-    	$this->container->get("event_dispatcher")->dispatch($eventName, $event);
-    }
-
     /**
      * Returns the session from the current request
      *

documentation/api/files/Admin/Controller/CategoryController.php.txt

@@ -23,8 +23,68 @@
 
 namespace Thelia\Admin\Controller;
 
+use Thelia\Model\CategoryQuery;
+use Thelia\Core\Security\Exception\AuthenticationException;
+
 class CategoryController extends BaseAdminController {
 
+	protected function createNewCategory($args) {
+
+		$this->checkAuth("ADMIN", "admin.category.create");
+
+		$this->dispatchEvent("createCategory");
+
+		// At this point, the form has error, and should be redisplayed.
+		return $this->render('categories', $args);
+	}
+
+	protected function editCategory($args) {
+
+		$this->checkAuth("AMIN", "admin.category.edit");
+
+		return $this->render('edit_category', $args);
+	}
+
+	protected function deleteCategory($category_id) {
+
+		$this->checkAuth("AMIN", "admin.category.delete");
+
+		$category = CategoryQuery::create()->findPk($category_id);
+
+		$this->dispatchEvent("deleteCategory");
+
+		// Something was wrong, category was not deleted. Display parent category list
+		return $this->render(
+			'categories',
+			array('current_category_id' => $category->getParent())
+		);
+	}
+
+	protected function browseCategory($args) {
+
+		$this->checkAuth("AMIN", "admin.catalog.view");
+
+		return $this->render('categories', $args);
+	}
+
+	protected function visibilityToggle($args) {
+
+		$this->checkAuth("AMIN", "admin.category.edit");
+
+		$this->dispatchEvent("toggleCategoryVisibility");
+
+		return $this->nullResponse();
+	}
+
+	protected function changePosition($args) {
+
+		$this->checkAuth("AMIN", "admin.category.edit");
+
+		$this->dispatchEvent("changeCategoryPosition");
+
+		return $this->render('categories', $args);
+	}
+
 	public function indexAction()
 	{
 		// Show top level categories and products
@@ -33,31 +93,47 @@ class CategoryController extends BaseAdminController {
 				'current_category_id' => 0
 		);
 
-		return $this->render('categories', $args);
+		return $this->browseCategory($args);
 	}
 
-    public function processAction($action)
+    public function processAction()
     {
-    	list($action, $id) = explode('/', $action);
+    	// Get the current action
+    	$action = $this->getRequest()->get('action', 'browse');
+
+    	// Get the category ID
+    	$id = $this->getRequest()->get('id', 0);
 
     	$args = array(
     		'action' 			  => $action,
     		'current_category_id' => $id
     	);
 
-    	// Browe categories
-    	if ($action == 'browse') {
-    		return $this->render('categories', $args);
-    	}
-    	// Create a new category
-    	else if ($action = 'create') {
-    		return $this->render('edit_category', $args);
-    	}
-    	// Edit an existing category
-    	else if ($action = 'edit') {
-    		return $this->render('edit_category', $args);
-    	}
+    	try {
+    		switch($action) {
+	    		case 'browse' : // Browse categories
+	    			return $this->browseCategory($args);
 
-    	//return $this->render("categories");
+	    		case 'create' : // Create a new category
+	    			return $this->createNewCategory($args);
+
+	        	case 'edit' : // Edit an existing category
+	    			return $this->editCategory($args);
+
+	    		case 'delete' : // Delete an existing category
+	    			return $this->deleteCategory($id);
+
+    			case 'visibilityToggle' : // Toggle visibility
+	    			return $this->visibilityToggle($id);
+
+    	    	case 'changePosition' : // Change position
+	    			return $this->changePosition($args);
+	    	}
+    	}
+    	catch(AuthenticationException $ex) {
+    		return $this->render('general_error', array(
+    			"error_message" => $ex->getMessage())
+    		);
+    	}
     }
 }

documentation/api/files/Admin/Controller/SessionController.php.txt

@@ -65,7 +65,7 @@ class SessionController extends BaseAdminController {
     		$this->getSecurityContext()->setUser($user);
 
     		// Log authentication success
-    		AdminLog::append("Authentication successuful", $request, $user);
+    		AdminLog::append("Authentication successful", $request, $user);
 
     		$this->dispatch(TheliaEvents::ADMIN_LOGIN);