TheCoreDev/sterivein
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/thelia/thelia

Browse Source 
Conflicts:
	core/lib/Thelia/Controller/Admin/CustomerController.php
This commit is contained in:
Franck Allimant
2013-11-09 18:31:52 +01:00
parent ac74c1d61d be9aba9fb8
commit f6fc886d06
53 changed files with 601 additions and 309 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
core/lib/Thelia/Action/Module.php
View File

@@ -27,6 +27,7 @@ use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\Filesystem\Filesystem;
use Thelia\Core\Event\Cache\CacheEvent;
use Thelia\Core\Event\Module\ModuleDeleteEvent;
use Thelia\Core\Event\Module\ModuleEvent;
use Thelia\Core\Event\Module\ModuleToggleActivationEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Model\Map\ModuleTableMap;
@@ -99,6 +100,28 @@ class Module extends BaseAction implements EventSubscriberInterface
}
}
/**
* @param ModuleEvent $event
*/
public function update(ModuleEvent $event)
{
if (null !== $module = ModuleQuery::create()->findPk($event->getId())) {
$module
->setDispatcher($this->getDispatcher())
->setLocale($event->getLocale())
->setTitle($event->getTitle())
->setChapo($event->getChapo())
->setDescription($event->getDescription())
->setPostscriptum($event->getPostscriptum())
;
$module->save();
$event->setModule($module);
}
}
protected function cacheClear()
{
$cacheEvent = new CacheEvent($this->container->getParameter('kernel.cache_dir'));
@@ -130,7 +153,8 @@ class Module extends BaseAction implements EventSubscriberInterface
{
return array(
TheliaEvents::MODULE_TOGGLE_ACTIVATION => array('toggleActivation', 128),
TheliaEvents::MODULE_DELETE => array('delete', 128)
TheliaEvents::MODULE_DELETE => array('delete', 128),
TheliaEvents::MODULE_UPDATE => array('update', 128),
);
}
}

2
core/lib/Thelia/Config/Resources/form.xml
View File

@@ -122,6 +122,8 @@
<form name="thelia.lang.url" class="Thelia\Form\Lang\LangUrlForm"/>
<form name="thelia.system-logs.configuration" class="Thelia\Form\SystemLogConfigurationForm"/>
<form name="thelia.admin.module.modification" class="Thelia\Form\ModuleModificationForm"/>
</forms>
</config>

15
core/lib/Thelia/Config/Resources/routing/admin.xml
View File

@@ -921,16 +921,25 @@
<!-- Modules rule management -->
<route id="admin.module" path="/admin/configuration/modules">
<route id="admin.module" path="/admin/modules">
<default key="_controller">Thelia\Controller\Admin\ModuleController::indexAction</default>
</route>
<route id="admin.module.toggle-activation" path="/admin/configuration/modules/toggle-activation/{module_id}">
<route id="admin.module.update" path="/admin/module/update/{module_id}">
<default key="_controller">Thelia\Controller\Admin\ModuleController::updateAction</default>
<requirement key="module_id">\d+</requirement>
</route>
<route id="admin.module.save" path="/admin/module/save">
<default key="_controller">Thelia\Controller\Admin\ModuleController::processUpdateAction</default>
</route>
<route id="admin.module.toggle-activation" path="/admin/modules/toggle-activation/{module_id}">
<default key="_controller">Thelia\Controller\Admin\ModuleController::toggleActivationAction</default>
<requirement key="module_id">\d+</requirement>
</route>
<route id="admin.module.delete" path="/admin/configuration/modules/delete">
<route id="admin.module.delete" path="/admin/modules/delete">
<default key="_controller">Thelia\Controller\Admin\ModuleController::deleteAction</default>
</route>

16
core/lib/Thelia/Controller/Admin/AbstractCrudController.php
View File

@@ -267,7 +267,7 @@ abstract class AbstractCrudController extends BaseAdminController
*/
public function defaultAction()
{
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::VIEW)) return $response;
return $this->renderList();
}
@@ -279,7 +279,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function createAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::CREATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::CREATE)) return $response;
$error_msg = false;
@@ -340,7 +340,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function updateAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
// Load the object
$object = $this->getExistingObject();
@@ -366,7 +366,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function processUpdateAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;
@@ -431,7 +431,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function updatePositionAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
try {
$mode = $this->getRequest()->get('mode', null);
@@ -465,7 +465,7 @@ abstract class AbstractCrudController extends BaseAdminController
protected function genericUpdatePositionAction($object, $eventName, $doFinalRedirect = true)
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
if ($object != null) {
@@ -499,7 +499,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function setToggleVisibilityAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$changeEvent = $this->createToggleVisibilityEvent($this->getRequest());
@@ -521,7 +521,7 @@ abstract class AbstractCrudController extends BaseAdminController
public function deleteAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::DELETE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::DELETE)) return $response;
// Get the currency id, and dispatch the delet request
$deleteEvent = $this->getDeleteEvent();

2
core/lib/Thelia/Controller/Admin/AddressController.php
View File

@@ -56,7 +56,7 @@ class AddressController extends AbstractCrudController
public function useAddressAction()
{
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$address_id = $this->getRequest()->request->get('address_id');

2
core/lib/Thelia/Controller/Admin/AdminLogsController.php
View File

@@ -32,7 +32,7 @@ class AdminLogsController extends BaseAdminController
public function defaultAction()
{
if (null !== $response = $this->checkAuth(self::RESOURCE_CODE, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(self::RESOURCE_CODE, array(), AccessManager::VIEW)) return $response;
// Render the edition template.
return $this->render('admin-logs');

6
core/lib/Thelia/Controller/Admin/AreaController.php
View File

@@ -231,7 +231,7 @@ class AreaController extends AbstractCrudController
public function addCountry()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$areaCountryForm = new AreaCountryForm($this->getRequest());
$error_msg = null;
@@ -273,7 +273,7 @@ class AreaController extends AbstractCrudController
public function removeCountry()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$request = $this->getRequest();
$removeCountryEvent = new AreaRemoveCountryEvent($request->request->get('areai_id', 0), $request->request->get('country_id', 0));
@@ -284,7 +284,7 @@ class AreaController extends AbstractCrudController
public function updatePostageAction()
{
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$areaUpdateForm = new AreaPostageForm($this->getRequest());
$error_msg = null;

2
core/lib/Thelia/Controller/Admin/AttributeController.php
View File

@@ -235,7 +235,7 @@ class AttributeController extends AbstractCrudController
protected function addRemoveFromAllTemplates($eventType)
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
try {
if (null !== $object = $this->getExistingObject()) {

7
core/lib/Thelia/Controller/Admin/BaseAdminController.php
View File

@@ -118,17 +118,18 @@ class BaseAdminController extends BaseController
* Check current admin user authorisations. An ADMIN role is assumed.
*
* @param mixed $resources a single resource or an array of resources.
* @param mixed $modules a single module or an array of modules.
* @param mixed $accesses a single access or an array of accesses.
*
* @return mixed null if authorization is granted, or a Response object which contains the error page otherwise
*
*/
protected function checkAuth($resources, $accesses)
protected function checkAuth($resources, $modules, $accesses)
{
$resources = is_array($resources) ? $resources : array($resources);
$modules = is_array($modules) ? $modules : array($modules);
$accesses = is_array($accesses) ? $accesses : array($accesses);
if ($this->getSecurityContext()->isGranted(array("ADMIN"), $resources, $accesses)) {
if ($this->getSecurityContext()->isGranted(array("ADMIN"), $resources, $modules, $accesses)) {
// Okay !
return null;
}

8
core/lib/Thelia/Controller/Admin/CategoryController.php
View File

@@ -215,7 +215,7 @@ class CategoryController extends AbstractCrudController
public function setToggleVisibilityAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$event = new CategoryToggleVisibilityEvent($this->getExistingObject());
@@ -295,7 +295,7 @@ class CategoryController extends AbstractCrudController
public function addRelatedContentAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$content_id = intval($this->getRequest()->get('content_id'));
@@ -325,7 +325,7 @@ class CategoryController extends AbstractCrudController
public function addRelatedPictureAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) {
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) {
return $response;
}
@@ -353,7 +353,7 @@ class CategoryController extends AbstractCrudController
public function deleteRelatedContentAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$content_id = intval($this->getRequest()->get('content_id'));

2
core/lib/Thelia/Controller/Admin/ConfigController.php
View File

@@ -186,7 +186,7 @@ class ConfigController extends AbstractCrudController
public function changeValuesAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$variables = $this->getRequest()->get('variable', array());

4
core/lib/Thelia/Controller/Admin/ContentController.php
View File

@@ -69,7 +69,7 @@ class ContentController extends AbstractCrudController
public function addAdditionalFolderAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$folder_id = intval($this->getRequest()->request->get('additional_folder_id'));
@@ -97,7 +97,7 @@ class ContentController extends AbstractCrudController
public function removeAdditionalFolderAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$folder_id = intval($this->getRequest()->request->get('additional_folder_id'));

2
core/lib/Thelia/Controller/Admin/CountryController.php
View File

@@ -235,7 +235,7 @@ class CountryController extends AbstractCrudController
public function toggleDefaultAction()
{
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$content = null;
if (null !== $country_id = $this->getRequest()->get('country_id')) {
$toogleDefaultEvent = new CountryToggleDefaultEvent($country_id);

12
core/lib/Thelia/Controller/Admin/CouponController.php
View File

@@ -62,7 +62,7 @@ class CouponController extends BaseAdminController
*/
public function browseAction()
{
$this->checkAuth(AdminResources::COUPON, AccessManager::VIEW);
$this->checkAuth(AdminResources::COUPON, array(), AccessManager::VIEW);
$args['urlReadCoupon'] = $this->getRoute(
'admin.coupon.read',
@@ -94,7 +94,7 @@ class CouponController extends BaseAdminController
*/
public function readAction($couponId)
{
$this->checkAuth(AdminResources::COUPON, AccessManager::VIEW);
$this->checkAuth(AdminResources::COUPON, array(), AccessManager::VIEW);
// Database request repeated in the loop but cached
$search = CouponQuery::create();
@@ -122,7 +122,7 @@ class CouponController extends BaseAdminController
public function createAction()
{
// Check current user authorization
$response = $this->checkAuth(AdminResources::COUPON, AccessManager::CREATE);
$response = $this->checkAuth(AdminResources::COUPON, array(), AccessManager::CREATE);
if ($response !== null) {
return $response;
}
@@ -170,7 +170,7 @@ class CouponController extends BaseAdminController
public function updateAction($couponId)
{
// Check current user authorization
$response = $this->checkAuth(AdminResources::COUPON, AccessManager::UPDATE);
$response = $this->checkAuth(AdminResources::COUPON, array(), AccessManager::UPDATE);
if ($response !== null) {
return $response;
}
@@ -274,7 +274,7 @@ class CouponController extends BaseAdminController
*/
public function getConditionInputAction($conditionId)
{
$this->checkAuth(AdminResources::COUPON, AccessManager::VIEW);
$this->checkAuth(AdminResources::COUPON, array(), AccessManager::VIEW);
$this->checkXmlHttpRequest();
@@ -304,7 +304,7 @@ class CouponController extends BaseAdminController
*/
public function updateConditionsAction($couponId)
{
$this->checkAuth(AdminResources::COUPON, AccessManager::VIEW);
$this->checkAuth(AdminResources::COUPON, array(), AccessManager::VIEW);
$this->checkXmlHttpRequest();

4
core/lib/Thelia/Controller/Admin/CurrencyController.php
View File

@@ -185,7 +185,7 @@ class CurrencyController extends AbstractCrudController
public function updateRatesAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
try {
$this->dispatch(TheliaEvents::CURRENCY_UPDATE_RATES);
@@ -203,7 +203,7 @@ class CurrencyController extends AbstractCrudController
public function setDefaultAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$changeEvent = new CurrencyUpdateEvent($this->getRequest()->get('currency_id', 0));

1
core/lib/Thelia/Controller/Admin/CustomerController.php
View File

@@ -47,6 +47,7 @@ class CustomerController extends AbstractCrudController
{
public function __construct()
{
parent::__construct(
'customer',
'lastname',

2
core/lib/Thelia/Controller/Admin/FeatureController.php
View File

@@ -235,7 +235,7 @@ class FeatureController extends AbstractCrudController
protected function addRemoveFromAllTemplates($eventType)
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
try {
if (null !== $object = $this->getExistingObject()) {

24
core/lib/Thelia/Controller/Admin/FileController.php
View File

@@ -71,7 +71,7 @@ class FileController extends BaseAdminController
*/
public function saveImageAjaxAction($parentId, $parentType)
{
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
if ($this->isParentTypeValid($parentType)) {
@@ -161,7 +161,7 @@ class FileController extends BaseAdminController
*/
public function saveDocumentAjaxAction($parentId, $parentType)
{
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
if ($this->isParentTypeValid($parentType)) {
@@ -239,7 +239,7 @@ class FileController extends BaseAdminController
*/
public function getImageListAjaxAction($parentId, $parentType)
{
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$args = array('imageType' => $parentType, 'parentId' => $parentId);
@@ -256,7 +256,7 @@ class FileController extends BaseAdminController
*/
public function getDocumentListAjaxAction($parentId, $parentType)
{
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$args = array('documentType' => $parentType, 'parentId' => $parentId);
@@ -273,7 +273,7 @@ class FileController extends BaseAdminController
*/
public function getImageFormAjaxAction($parentId, $parentType)
{
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$args = array('imageType' => $parentType, 'parentId' => $parentId);
@@ -290,7 +290,7 @@ class FileController extends BaseAdminController
*/
public function getDocumentFormAjaxAction($parentId, $parentType)
{
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$args = array('documentType' => $parentType, 'parentId' => $parentId);
@@ -307,7 +307,7 @@ class FileController extends BaseAdminController
*/
public function viewImageAction($imageId, $parentType)
{
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE)) {
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE)) {
return $response;
}
try {
@@ -336,7 +336,7 @@ class FileController extends BaseAdminController
*/
public function viewDocumentAction($documentId, $parentType)
{
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE)) {
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE)) {
return $response;
}
try {
@@ -365,7 +365,7 @@ class FileController extends BaseAdminController
*/
public function updateImageAction($imageId, $parentType)
{
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE)) {
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE)) {
return $response;
}
@@ -442,7 +442,7 @@ class FileController extends BaseAdminController
*/
public function updateDocumentAction($documentId, $parentType)
{
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE)) {
if (null !== $response = $this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE)) {
return $response;
}
@@ -519,7 +519,7 @@ class FileController extends BaseAdminController
*/
public function deleteImageAction($imageId, $parentType)
{
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$fileManager = new FileManager($this->container);
@@ -591,7 +591,7 @@ class FileController extends BaseAdminController
*/
public function deleteDocumentAction($documentId, $parentType)
{
$this->checkAuth(AdminResources::retrieve($parentType), AccessManager::UPDATE);
$this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE);
$this->checkXmlHttpRequest();
$fileManager = new FileManager($this->container);

2
core/lib/Thelia/Controller/Admin/HomeController.php
View File

@@ -33,7 +33,7 @@ class HomeController extends BaseAdminController
public function defaultAction()
{
if (null !== $response = $this->checkAuth(self::RESOURCE_CODE, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(self::RESOURCE_CODE, array(), AccessManager::VIEW)) return $response;
// Render the edition template.
return $this->render('home');

18
core/lib/Thelia/Controller/Admin/LangController.php
View File

@@ -51,7 +51,7 @@ class LangController extends BaseAdminController
public function defaultAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::VIEW)) return $response;
return $this->renderDefault();
}
@@ -72,7 +72,7 @@ class LangController extends BaseAdminController
public function updateAction($lang_id)
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::UPDATE)) return $response;
$this->checkXmlHttpRequest();
@@ -96,7 +96,7 @@ class LangController extends BaseAdminController
public function processUpdateAction($lang_id)
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;
@@ -138,7 +138,7 @@ class LangController extends BaseAdminController
public function toggleDefaultAction($lang_id)
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::UPDATE)) return $response;
$this->checkXmlHttpRequest();
$error = false;
@@ -169,7 +169,7 @@ class LangController extends BaseAdminController
public function addAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::CREATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::CREATE)) return $response;
$createForm = new LangCreateForm($this->getRequest());
@@ -211,7 +211,7 @@ class LangController extends BaseAdminController
public function deleteAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::DELETE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::DELETE)) return $response;
$error_msg = false;
@@ -235,7 +235,7 @@ class LangController extends BaseAdminController
public function defaultBehaviorAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;
@@ -267,7 +267,7 @@ class LangController extends BaseAdminController
public function domainAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;
$langUrlForm = new LangUrlForm($this->getRequest());
@@ -314,7 +314,7 @@ class LangController extends BaseAdminController
private function domainActivation($activate)
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;

2
core/lib/Thelia/Controller/Admin/LanguageController.php
View File

@@ -35,7 +35,7 @@ class LanguageController extends BaseAdminController
{
public function defaultAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::VIEW)) return $response;
return $this->render("languages");
}

4
core/lib/Thelia/Controller/Admin/MailingSystemController.php
View File

@@ -36,7 +36,7 @@ class MailingSystemController extends BaseAdminController
public function defaultAction()
{
if (null !== $response = $this->checkAuth(self::RESOURCE_CODE, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(self::RESOURCE_CODE, array(), AccessManager::VIEW)) return $response;
// Hydrate the form abd pass it to the parser
$data = array(
@@ -64,7 +64,7 @@ class MailingSystemController extends BaseAdminController
public function updateAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth(self::RESOURCE_CODE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(self::RESOURCE_CODE, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;

159
core/lib/Thelia/Controller/Admin/ModuleController.php
View File

@@ -23,12 +23,15 @@
namespace Thelia\Controller\Admin;
use Thelia\Core\Event\Module\ModuleEvent;
use Thelia\Core\Security\Resource\AdminResources;
use Thelia\Core\Event\Module\ModuleDeleteEvent;
use Thelia\Core\Event\Module\ModuleToggleActivationEvent;
use Thelia\Core\Event\TheliaEvents;
use Thelia\Core\Security\AccessManager;
use Thelia\Form\ModuleModificationForm;
use Thelia\Model\ModuleQuery;
use Thelia\Module\ModuleManagement;
/**
@@ -36,28 +39,158 @@ use Thelia\Module\ModuleManagement;
* @package Thelia\Controller\Admin
* @author Manuel Raynaud <mraynaud@openstudio.fr>
*/
class ModuleController extends BaseAdminController
class ModuleController extends AbstractCrudController
{
public function __construct()
{
parent::__construct(
'module',
null,
null,
AdminResources::MODULE,
null,
TheliaEvents::MODULE_UPDATE,
null
);
}
protected function getCreationForm()
{
return null;
}
protected function getUpdateForm()
{
return new ModuleModificationForm($this->getRequest());
}
protected function getCreationEvent($formData)
{
return null;
}
protected function getUpdateEvent($formData)
{
$event = new ModuleEvent();
$event->setLocale($formData['locale']);
$event->setId($formData['id']);
$event->setTitle($formData['title']);
$event->setChapo($formData['chapo']);
$event->setDescription($formData['description']);
$event->setPostscriptum($formData['postscriptum']);
return $event;
}
protected function getDeleteEvent()
{
return null;
}
protected function eventContainsObject($event)
{
return $event->hasModule();
}
protected function hydrateObjectForm($object)
{
$object->setLocale($this->getCurrentEditionLocale());
$data = array(
'id' => $object->getId(),
'locale' => $object->getLocale(),
'title' => $object->getTitle(),
'chapo' => $object->getChapo(),
'description' => $object->getDescription(),
'postscriptum' => $object->getPostscriptum(),
);
// Setup the object form
return new ModuleModificationForm($this->getRequest(), "form", $data);
}
protected function getObjectFromEvent($event)
{
return $event->hasModule() ? $event->getModule() : null;
}
protected function getExistingObject()
{
return ModuleQuery::create()
->joinWithI18n($this->getCurrentEditionLocale())
->findOneById($this->getRequest()->get('module_id'));
}
protected function getObjectLabel($object)
{
return $object->getTitle();
}
protected function getObjectId($object)
{
return $object->getId();
}
protected function getViewArguments()
{
return array();
}
protected function getRouteArguments($module_id = null)
{
return array(
'module_id' => $module_id === null ? $this->getRequest()->get('module_id') : $module_id,
);
}
protected function renderListTemplate($currentOrder)
{
// We always return to the feature edition form
return $this->render(
'modules',
array()
);
}
protected function renderEditionTemplate()
{
// We always return to the feature edition form
return $this->render('module-edit', array_merge($this->getViewArguments(), $this->getRouteArguments()));
}
protected function redirectToEditionTemplate($request = null, $country = null)
{
// We always return to the module edition form
$this->redirectToRoute(
"admin.module.update",
$this->getViewArguments(),
$this->getRouteArguments()
);
}
protected function redirectToListTemplate()
{
$this->redirectToRoute(
"admin.module"
);
}
public function indexAction()
{
if (null !== $response = $this->checkAuth(AdminResources::MODULE, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::MODULE, array(), AccessManager::VIEW)) return $response;
$modulemanagement = new ModuleManagement();
$modulemanagement->updateModules();
$moduleManagement = new ModuleManagement();
$moduleManagement->updateModules();
return $this->render("modules");
}
public function updateAction($module_id)
{
return $this->render("module-edit", array(
"module_id" => $module_id
));
}
public function toggleActivationAction($module_id)
{
if (null !== $response = $this->checkAuth(AdminResources::MODULE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::MODULE, array(), AccessManager::UPDATE)) return $response;
$message = null;
try {
$event = new ModuleToggleActivationEvent($module_id);
@@ -89,7 +222,7 @@ class ModuleController extends BaseAdminController
public function deleteAction()
{
if (null !== $response = $this->checkAuth(AdminResources::MODULE, AccessManager::DELETE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::MODULE, array(), AccessManager::DELETE)) return $response;
$message = null;
try {

10
core/lib/Thelia/Controller/Admin/OrderController.php
View File

@@ -47,7 +47,7 @@ class OrderController extends BaseAdminController
{
public function indexAction()
{
if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::ORDER, array(), AccessManager::VIEW)) return $response;
return $this->render("orders", array("display_order" => 20));
}
@@ -60,7 +60,7 @@ class OrderController extends BaseAdminController
public function updateStatus($order_id = null)
{
if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::ORDER, array(), AccessManager::UPDATE)) return $response;
$message = null;
@@ -111,7 +111,7 @@ class OrderController extends BaseAdminController
public function updateDeliveryRef($order_id)
{
if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::ORDER, array(), AccessManager::UPDATE)) return $response;
$message = null;
@@ -146,7 +146,7 @@ class OrderController extends BaseAdminController
public function updateAddress($order_id)
{
if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::ORDER, array(), AccessManager::UPDATE)) return $response;
$message = null;
@@ -212,7 +212,7 @@ class OrderController extends BaseAdminController
protected function generatePdf($order_id, $fileName)
{
if (null !== $response = $this->checkAuth(AdminResources::ORDER, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::ORDER, array(), AccessManager::UPDATE)) return $response;
$html = $this->renderRaw(
$fileName,

24
core/lib/Thelia/Controller/Admin/ProductController.php
View File

@@ -407,7 +407,7 @@ class ProductController extends AbstractCrudController
public function setToggleVisibilityAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$event = new ProductToggleVisibilityEvent($this->getExistingObject());
@@ -483,7 +483,7 @@ class ProductController extends AbstractCrudController
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$content_id = intval($this->getRequest()->get('content_id'));
@@ -509,7 +509,7 @@ class ProductController extends AbstractCrudController
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$content_id = intval($this->getRequest()->get('content_id'));
@@ -561,7 +561,7 @@ class ProductController extends AbstractCrudController
public function addAccessoryAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$accessory_id = intval($this->getRequest()->get('accessory_id'));
@@ -586,7 +586,7 @@ class ProductController extends AbstractCrudController
public function deleteAccessoryAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$accessory_id = intval($this->getRequest()->get('accessory_id'));
@@ -642,7 +642,7 @@ class ProductController extends AbstractCrudController
public function setProductTemplateAction($productId)
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$product = ProductQuery::create()->findPk($productId);
@@ -739,7 +739,7 @@ class ProductController extends AbstractCrudController
public function addAdditionalCategoryAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$category_id = intval($this->getRequest()->request->get('additional_category_id'));
@@ -764,7 +764,7 @@ class ProductController extends AbstractCrudController
public function deleteAdditionalCategoryAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$category_id = intval($this->getRequest()->get('additional_category_id'));
@@ -861,7 +861,7 @@ class ProductController extends AbstractCrudController
public function addProductSaleElementAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$event = new ProductSaleElementCreateEvent(
$this->getExistingObject(),
@@ -885,7 +885,7 @@ class ProductController extends AbstractCrudController
public function deleteProductSaleElementAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$event = new ProductSaleElementDeleteEvent(
$this->getRequest()->get('product_sale_element_id',0),
@@ -944,7 +944,7 @@ class ProductController extends AbstractCrudController
protected function processProductSaleElementUpdate($changeForm)
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;
@@ -1053,7 +1053,7 @@ class ProductController extends AbstractCrudController
public function buildCombinationsAction() {
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;

6
core/lib/Thelia/Controller/Admin/ProfileController.php
View File

@@ -221,7 +221,7 @@ class ProfileController extends AbstractCrudController
public function updateAction()
{
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$object = $this->getExistingObject();
@@ -306,7 +306,7 @@ class ProfileController extends AbstractCrudController
public function processUpdateResourceAccess()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;
@@ -355,7 +355,7 @@ class ProfileController extends AbstractCrudController
public function processUpdateModuleAccess()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;

8
core/lib/Thelia/Controller/Admin/ShippingZoneController.php
View File

@@ -42,13 +42,13 @@ class ShippingZoneController extends BaseAdminController
public function indexAction()
{
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, array(), AccessManager::VIEW)) return $response;
return $this->render("shipping-zones", array("display_shipping_zone" => 20));
}
public function updateAction($shipping_zones_id)
{
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, array(), AccessManager::VIEW)) return $response;
return $this->render("shipping-zones-edit", array(
"shipping_zones_id" => $shipping_zones_id
));
@@ -59,7 +59,7 @@ class ShippingZoneController extends BaseAdminController
*/
public function addArea()
{
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, array(), AccessManager::UPDATE)) return $response;
$shippingAreaForm = new ShippingZoneAddArea($this->getRequest());
$error_msg = null;
@@ -94,7 +94,7 @@ class ShippingZoneController extends BaseAdminController
public function removeArea()
{
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::SHIPPING_ZONE, array(), AccessManager::UPDATE)) return $response;
$shippingAreaForm = new ShippingZoneRemoveArea($this->getRequest());
$error_msg = null;

4
core/lib/Thelia/Controller/Admin/SystemLogController.php
View File

@@ -86,7 +86,7 @@ class SystemLogController extends BaseAdminController
public function defaultAction()
{
if (null !== $response = $this->checkAuth(AdminResources::SYSTEM_LOG, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::SYSTEM_LOG, array(), AccessManager::VIEW)) return $response;
/*
const VAR_LEVEL = "tlog_level";
@@ -121,7 +121,7 @@ class SystemLogController extends BaseAdminController
public function saveAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;

6
core/lib/Thelia/Controller/Admin/TaxRuleController.php
View File

@@ -219,7 +219,7 @@ class TaxRuleController extends AbstractCrudController
public function updateAction()
{
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$object = $this->getExistingObject();
@@ -237,7 +237,7 @@ class TaxRuleController extends AbstractCrudController
public function setDefaultAction()
{
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$setDefaultEvent = new TaxRuleEvent();
@@ -255,7 +255,7 @@ class TaxRuleController extends AbstractCrudController
public function processUpdateTaxesAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth($this->resourceCode, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth($this->resourceCode, array(), AccessManager::UPDATE)) return $response;
$error_msg = false;

8
core/lib/Thelia/Controller/Admin/TemplateController.php
View File

@@ -211,7 +211,7 @@ class TemplateController extends AbstractCrudController
public function addAttributeAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, array(), AccessManager::UPDATE)) return $response;
$attribute_id = intval($this->getRequest()->get('attribute_id'));
@@ -235,7 +235,7 @@ class TemplateController extends AbstractCrudController
public function deleteAttributeAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, array(), AccessManager::UPDATE)) return $response;
$event = new TemplateDeleteAttributeEvent(
$this->getExistingObject(),
@@ -270,7 +270,7 @@ class TemplateController extends AbstractCrudController
public function addFeatureAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, array(), AccessManager::UPDATE)) return $response;
$feature_id = intval($this->getRequest()->get('feature_id'));
@@ -294,7 +294,7 @@ class TemplateController extends AbstractCrudController
public function deleteFeatureAction()
{
// Check current user authorization
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::TEMPLATE, array(), AccessManager::UPDATE)) return $response;
$event = new TemplateDeleteFeatureEvent(
$this->getExistingObject(),

4
core/lib/Thelia/Controller/Admin/TranslationsController.php
View File

@@ -161,14 +161,14 @@ class TranslationsController extends BaseAdminController
public function defaultAction()
{
if (null !== $response = $this->checkAuth(AdminResources::TRANSLATIONS, AccessManager::VIEW)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::TRANSLATIONS, array(), AccessManager::VIEW)) return $response;
return $this->renderTemplate();
}
public function updateAction()
{
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, AccessManager::UPDATE)) return $response;
if (null !== $response = $this->checkAuth(AdminResources::LANGUAGE, array(), AccessManager::UPDATE)) return $response;
return $this->renderTemplate();
}

103
core/lib/Thelia/Core/Event/Module/ModuleEvent.php
View File

@@ -37,6 +37,109 @@ class ModuleEvent extends ActionEvent
*/
protected $module;
protected $id;
protected $locale;
protected $title;
protected $chapo;
protected $description;
protected $postscriptum;
/**
* @param mixed $chapo
*/
public function setChapo($chapo)
{
$this->chapo = $chapo;
}
/**
* @return mixed
*/
public function getChapo()
{
return $this->chapo;
}
/**
* @param mixed $description
*/
public function setDescription($description)
{
$this->description = $description;
}
/**
* @return mixed
*/
public function getDescription()
{
return $this->description;
}
/**
* @param mixed $id
*/
public function setId($id)
{
$this->id = $id;
}
/**
* @return mixed
*/
public function getId()
{
return $this->id;
}
/**
* @param mixed $locale
*/
public function setLocale($locale)
{
$this->locale = $locale;
}
/**
* @return mixed
*/
public function getLocale()
{
return $this->locale;
}
/**
* @param mixed $postscriptum
*/
public function setPostscriptum($postscriptum)
{
$this->postscriptum = $postscriptum;
}
/**
* @return mixed
*/
public function getPostscriptum()
{
return $this->postscriptum;
}
/**
* @param mixed $title
*/
public function setTitle($title)
{
$this->title = $title;
}
/**
* @return mixed
*/
public function getTitle()
{
return $this->title;
}
public function __construct(Module $module = null)
{
$this->module = $module;

3
core/lib/Thelia/Core/Event/TheliaEvents.php
View File

@@ -693,8 +693,9 @@ final class TheliaEvents
const MODULE_TOGGLE_ACTIVATION = 'thelia.module.toggleActivation';
/**
* sent when a module is deleted
* module
*/
const MODULE_UPDATE = 'thelia.module.update';
const MODULE_DELETE = 'thelia.module.delete';
/**

2
core/lib/Thelia/Core/Security/Resource/AdminResources.php
View File

@@ -84,7 +84,7 @@ final class AdminResources
const MESSAGE = "admin.configuration.message";
const MODULE = "admin.configuration.module";
const MODULE = "admin.module";
const ORDER = "admin.order";

26
core/lib/Thelia/Core/Security/SecurityContext.php
View File

@@ -123,7 +123,7 @@ class SecurityContext
*
* @return Boolean
*/
final public function isGranted(array $roles, array $resources, array $accesses)
final public function isGranted(array $roles, array $resources, array $modules, array $accesses)
{
// Find a user which matches the required roles.
$user = $this->getCustomerUser();
@@ -140,7 +140,7 @@ class SecurityContext
return false;
}
if (empty($resources) || empty($accesses)) {
if ((empty($resources) && empty($modules)) || empty($accesses)) {
return true;
}
@@ -172,6 +172,28 @@ class SecurityContext
}
}
foreach ($modules as $module) {
if ($module === '') {
continue;
}
if(!array_key_exists('module', $userPermissions)) {
return false;
}
$module = strtolower($module);
if (!array_key_exists($module, $userPermissions['module'])) {
return false;
}
foreach ($accesses as $access) {
if (!$userPermissions['module'][$module]->can($access)) {
return false;
}
}
}
return true;
}

18
core/lib/Thelia/Core/Template/Loop/Auth.php
View File

@@ -60,6 +60,12 @@ class Auth extends BaseLoop implements ArraySearchLoopInterface
new AlphaNumStringListType()
)
),
new Argument(
'module',
new TypeCollection(
new AlphaNumStringListType()
)
),
new Argument(
'access',
new TypeCollection(
@@ -79,10 +85,20 @@ class Auth extends BaseLoop implements ArraySearchLoopInterface
{
$roles = $this->getRole();
$resource = $this->getResource();
$module = $this->getModule();
$access = $this->getAccess();
if(null !== $module) {
$in = true;
}
try {
if (true === $this->securityContext->isGranted($roles, $resource === null ? array() : $resource, $access === null ? array() : $access)) {
if (true === $this->securityContext->isGranted(
$roles,
$resource === null ? array() : $resource,
$module === null ? array() : $module,
$access === null ? array() : $access)
) {
// Create an empty row: loop is no longer empty :)
$loopResult->addRow(new LoopResultRow());

6
core/lib/Thelia/Core/Template/Loop/FolderPath.php
View File

@@ -102,9 +102,9 @@ class FolderPath extends BaseI18nLoop implements ArraySearchLoopInterface
if ($folder != null) {
$results[] = array(
"ID" => $result->getId(),
"TITLE" => $result->getVirtualColumn('i18n_TITLE'),
"URL" => $result->getUrl($this->locale),
"ID" => $folder->getId(),
"TITLE" => $folder->getVirtualColumn('i18n_TITLE'),
"URL" => $folder->getUrl($this->locale),
"LOCALE" => $this->locale,
);

8
core/lib/Thelia/Core/Template/Smarty/Plugins/AdminUtilities.php
View File

@@ -69,6 +69,7 @@ class AdminUtilities extends AbstractSmartyPlugin
{
// The required permissions
$resource = $this->getParam($params, 'resource');
$module = $this->getParam($params, 'module');
$access = $this->getParam($params, 'access');
// The base position change path
@@ -92,7 +93,12 @@ class AdminUtilities extends AbstractSmartyPlugin
<a href="{url path='/admin/configuration/currencies/positionDown' currency_id=$ID}"><i class="icon-arrow-down"></i></a>
*/
if ($permissions == null || $this->securityContext->isGranted("ADMIN", array($resource), array($access))) {
if ($permissions == null || $this->securityContext->isGranted(
"ADMIN",
$resource === null ? array() : array($resource),
$module === null ? array() : array($module),
array($access))
) {
return $this->fetch_snippet($smarty, 'includes/admin-utilities-position-block', array(
'admin_utilities_go_up_url' => URL::getInstance()->absoluteUrl($path, array('mode' => 'up', $url_parameter => $id)),

3
core/lib/Thelia/Core/Template/Smarty/Plugins/Security.php
View File

@@ -55,9 +55,10 @@ class Security extends AbstractSmartyPlugin
{
$roles = $this->_explode($this->getParam($params, 'role'));
$resources = $this->_explode($this->getParam($params, 'resource'));
$modules = $this->_explode($this->getParam($params, 'module'));
$accesses = $this->_explode($this->getParam($params, 'access'));
if (! $this->securityContext->isGranted($roles, $resources, $accesses)) {
if (! $this->securityContext->isGranted($roles, $resources, $modules, $accesses)) {
$ex = new AuthenticationException(
sprintf("User not granted for roles '%s', to access resources '%s' with %s in context '%s'.",

57
local/modules/FakeCB/Tests/FakeCBTest.php → core/lib/Thelia/Form/ModuleModificationForm.php
View File

@@ -4,7 +4,7 @@
/* Thelia */
/* */
/* Copyright (c) OpenStudio */
/* email : info@thelia.net */
/* email : info@thelia.net */
/* web : http://www.thelia.net */
/* */
/* This program is free software; you can redistribute it and/or modify */
@@ -21,32 +21,55 @@
/* */
/*************************************************************************************/
namespace FakeCB\Tests;
namespace Thelia\Form;
use FakeCB\FakeCB;
use Thelia\Tests\Module\BaseModuleTestor;
use Symfony\Component\Validator\Constraints;
use Symfony\Component\Validator\ExecutionContextInterface;
use Thelia\Model\ModuleQuery;
/**
*
* @author Etienne Roudeix <eroudeix@openstudio.fr>
*
*/
class FakeCBTest extends BaseModuleTestor
class ModuleModificationForm extends BaseForm
{
public function getTestedClassName()
use StandardDescriptionFieldsTrait;
protected function buildForm()
{
return 'FakeCB\FakeCB';
$this->addStandardDescFields();
$this->formBuilder
->add("id", "hidden", array(
"required" => true,
"constraints" => array(
new Constraints\NotBlank(),
new Constraints\Callback(
array(
"methods" => array(
array($this, "verifyModuleId"),
),
)
),
),
"attr" => array(
"id" => "module_update_id",
),
))
;
}
public function getTestedInstance()
/**
* @return string the name of you form. This name must be unique
*/
public function getName()
{
return new FakeCB();
return "thelia_admin_module_modification";
}
public function testInstall()
public function verifyModuleId($value, ExecutionContextInterface $context)
{
//$fakeCB = new FakeCB();
$module = ModuleQuery::create()
->findPk($value);
//$fakeCB->install();
if (null === $module) {
$context->addViolation("Module ID not found");
}
}
}

15
core/lib/Thelia/Model/Admin.php
View File

@@ -35,15 +35,24 @@ class Admin extends BaseAdmin implements UserInterface
return AdminResources::SUPERADMINISTRATOR;
}
$userPermissionsQuery = ProfileResourceQuery::create()
$userResourcePermissionsQuery = ProfileResourceQuery::create()
->joinResource("resource", Criteria::LEFT_JOIN)
->withColumn('resource.code', 'code')
->filterByProfileId($profileId)
->find();
$userModulePermissionsQuery = ProfileModuleQuery::create()
->joinModule("module", Criteria::LEFT_JOIN)
->withColumn('module.code', 'code')
->filterByProfileId($profileId)
->find();
$userPermissions = array();
foreach($userPermissionsQuery as $userPermission) {
$userPermissions[$userPermission->getVirtualColumn('code')] = new AccessManager($userPermission->getAccess());
foreach($userResourcePermissionsQuery as $userResourcePermission) {
$userPermissions[$userResourcePermission->getVirtualColumn('code')] = new AccessManager($userResourcePermission->getAccess());
}
foreach($userModulePermissionsQuery as $userModulePermission) {
$userPermissions['module'][strtolower($userModulePermission->getVirtualColumn('code'))] = new AccessManager($userModulePermission->getAccess());
}
return $userPermissions;

7
core/lib/Thelia/Model/Module.php
View File

@@ -4,8 +4,11 @@ namespace Thelia\Model;
use Propel\Runtime\Connection\ConnectionInterface;
use Thelia\Model\Base\Module as BaseModule;
use Thelia\Model\Tools\ModelEventDispatcherTrait;
class Module extends BaseModule {
class Module extends BaseModule
{
use ModelEventDispatcherTrait;
public function postSave(ConnectionInterface $con = null)
{
@@ -32,4 +35,4 @@ class Module extends BaseModule {
public function getI18nPath() {
return $this->getBaseDir() . DS . "I18n";
}
}
}

5
install/insert.sql
View File

@@ -47,8 +47,7 @@ INSERT INTO `config` (`name`, `value`, `secured`, `hidden`, `created_at`, `updat
INSERT INTO `module` (`id`, `code`, `type`, `activate`, `position`, `full_namespace`, `created_at`, `updated_at`) VALUES
(1, 'TheliaDebugBar', 1, 1, 1, 'TheliaDebugBar\\TheliaDebugBar', NOW(), NOW()),
(2, 'Colissimo', 2, 0, 1, 'Colissimo\\Colissimo', NOW(), NOW()),
(3, 'Cheque', 3, 0, 1, 'Cheque\\Cheque', NOW(), NOW()),
(4, 'FakeCB', 3, 0, 2, 'FakeCB\\FakeCB', NOW(), NOW());
(3, 'Cheque', 3, 0, 1, 'Cheque\\Cheque', NOW(), NOW());
INSERT INTO `module_i18n` (`id`, `locale`, `title`, `description`, `chapo`, `postscriptum`) VALUES
('1', 'en_US', 'Debug bar', NULL, NULL, NULL),
@@ -1225,7 +1224,7 @@ INSERT INTO resource (`id`, `code`, `created_at`, `updated_at`) VALUES
(14, 'admin.configuration.language', NOW(), NOW()),
(15, 'admin.configuration.mailing-system', NOW(), NOW()),
(16, 'admin.configuration.message', NOW(), NOW()),
(17, 'admin.configuration.module', NOW(), NOW()),
(17, 'admin.module', NOW(), NOW()),
(18, 'admin.order', NOW(), NOW()),
(19, 'admin.product', NOW(), NOW()),
(20, 'admin.configuration.profile', NOW(), NOW()),

36
local/modules/FakeCB/Config/config.xml
View File

@@ -1,36 +0,0 @@
<?xml version="1.0" encoding="UTF-8" ?>
<config xmlns="http://thelia.net/schema/dic/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://thelia.net/schema/dic/config http://thelia.net/schema/dic/config/thelia-1.0.xsd">
<loops>
<!-- sample definition
<loop name="MySuperLoop" class="MyModule\Loop\MySuperLoop" />
-->
</loops>
<forms>
<!--
<form name="MyFormName" class="MyModule\Form\MySuperForm" />
-->
</forms>
<commands>
<!--
<command class="MyModule\Command\MySuperCommand" />
-->
</commands>
<templateDirectives>
<!-- Sample definition
<templateDirectives class="MyModule\Directive\MyTemplateDirective" name="my_filter"/>
-->
</templateDirectives>
<!--
<services>
</services>
-->
</config>

18
local/modules/FakeCB/Config/module.xml
View File

@@ -1,18 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<module>
<fullnamespace>FakeCB\FakeCB</fullnamespace>
<descriptive locale="en_US">
<title>fake cb</title>
</descriptive>
<descriptive locale="fr_FR">
<title>simulation cb</title>
</descriptive>
<version>1.0</version>
<author>
<name>Manuel Raynaud</name>
<email>mraynaud@openstudio.fr</email>
</author>
<type>payment</type>
<thelia>2.0.0</thelia>
<stability>alpha</stability>
</module>

88
local/modules/FakeCB/FakeCB.php
View File

@@ -1,88 +0,0 @@
<?php
/*************************************************************************************/
/* */
/* Thelia */
/* */
/* Copyright (c) OpenStudio */
/* email : info@thelia.net */
/* web : http://www.thelia.net */
/* */
/* This program is free software; you can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 3 of the License */
/* */
/* This program is distributed in the hope that it will be useful, */
/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
/* GNU General Public License for more details. */
/* */
/* You should have received a copy of the GNU General Public License */
/* along with this program. If not, see <http://www.gnu.org/licenses/>. */
/* */
/*************************************************************************************/
namespace FakeCB;
use Propel\Runtime\Connection\ConnectionInterface;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use Symfony\Component\HttpFoundation\Request;
use Thelia\Model\Base\ModuleImageQuery;
use Thelia\Module\BaseModule;
use Thelia\Module\PaymentModuleInterface;
class FakeCB extends BaseModule implements PaymentModuleInterface
{
protected $request;
protected $dispatcher;
public function setRequest(Request $request)
{
$this->request = $request;
}
public function getRequest()
{
return $this->request;
}
public function setDispatcher(EventDispatcherInterface $dispatcher)
{
$this->dispatcher = $dispatcher;
}
public function getDispatcher()
{
return $this->dispatcher;
}
public function pay()
{
// TODO: Implement pay() method.
}
public function postActivation(ConnectionInterface $con = null)
{
/* insert the images from image folder if first module activation */
$module = $this->getModuleModel();
if(ModuleImageQuery::create()->filterByModule($module)->count() == 0) {
$this->deployImageFolder($module, sprintf('%s/images', __DIR__));
}
/* set module title */
$this->setTitle(
$module,
array(
"en_US" => "Credit Card",
"fr_FR" => "Carte de crédit",
)
);
}
public function getCode()
{
return 'FakeCB';
}
}

BIN
local/modules/FakeCB/images/mastercard.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 3.6 KiB

BIN
local/modules/FakeCB/images/visa.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 3.1 KiB

3
reset_install.sh
View File

@@ -42,6 +42,5 @@ php Thelia module:activate Colissimo
echo -e "\n\033[01;34m[INFO] Activating Payment Module(s)\033[00m\n"
php Thelia module:activate Cheque
php Thelia module:activate FakeCB
echo -e "\n\033[00;32m[SUCCESS] Reset done\033[00m\n"
echo -e "\n\033[00;32m[SUCCESS] Reset done\033[00m\n"

7
templates/admin/default/configuration.html
View File

@@ -116,13 +116,6 @@
{module_include location='system_configuration_top'}
{loop type="auth" name="pcc1" role="ADMIN" resource="admin.configuration.module" access="VIEW"}
<tr>
<td><a href="{url path='/admin/configuration/modules'}">{intl l='Modules activation'}</a></td>
<td><a class="btn btn-default btn-xs" href="{url path='/admin/configuration/modules'}"><i class="glyphicon glyphicon-edit"></i></a></td>
</tr>
{/loop}
{loop type="auth" name="pcc2" role="ADMIN" resource="admin.configuration.variable" access="VIEW"}
<tr>
<td><a href="{url path='/admin/configuration/variables'}">{intl l='System variables'}</a></td>

23
templates/admin/default/includes/module-block.html
View File

@@ -27,9 +27,9 @@
</div>
<noscript>
{if $ACTIVE}
<a title="{intl l="Deactivate %title module" title=$TITLE}" href="{url path="/admin/configuration/modules/toggle-activation/{$ID}"}">{intl l="deactivation"}</a>
<a title="{intl l="Deactivate %title module" title=$TITLE}" href="{url path="/admin/modules/toggle-activation/{$ID}"}">{intl l="deactivation"}</a>
{else}
<a title="{intl l="activate %title module" title=$TITLE}" href="{url path="/admin/configuration/modules/toggle-activation/{$ID}"}">{intl l="activation"}</a>
<a title="{intl l="activate %title module" title=$TITLE}" href="{url path="/admin/modules/toggle-activation/{$ID}"}">{intl l="activation"}</a>
{/if}
</noscript>
</td>
@@ -39,16 +39,23 @@
<td class="text-right">
<div class="btn-group">
{* {loop type="auth" name="can_change" role="ADMIN" resource="admin.modules" access="VIEW"}
<a class="btn btn-default btn-xs" title="{intl l='Read the documentation of this module'}" href="{url path="/admin/module/documentation/$ID"}"><span class="glyphicon glyphicon-book"></span></a>
{/loop}*}
{loop type="auth" name="can_change" role="ADMIN" resource="admin.modules" access="UPDATE"}
{loop type="auth" name="can_change" role="ADMIN" module=$CODE access="VIEW"}
<a class="btn btn-primary btn-xs" title="{intl l='Configure this module'}" href="{url path="/admin/module/update/$CODE"}">{intl l="Configure"}</a>
{/loop}
{*loop type="auth" name="can_change" role="ADMIN" resource="admin.modules" access="VIEW"}
<a class="btn btn-default btn-xs" title="{intl l='Read the documentation of this module'}" href="{url path="/admin/module/documentation/$ID"}"><span class="glyphicon glyphicon-book"></span></a>
{/loop*}
{loop type="auth" name="can_change" role="ADMIN" resource="admin.module" access="UPDATE"}
<a class="btn btn-default btn-xs" title="{intl l='Edit this module'}" href="{url path="/admin/module/update/$ID"}"><span class="glyphicon glyphicon-edit"></span></a>
{/loop}
{loop type="auth" name="can_delete" role="ADMIN" resource="admin.modules" access="DELETE"}
<a class="btn btn-default btn-xs module-delete-action" title="{intl l='Delete this module'}" href="#delete_module_dialog" data-id="{$ID}" data-toggle="modal"><span class="glyphicon glyphicon-trash"></span></a>
{loop type="auth" name="can_delete" role="ADMIN" resource="admin.module" access="DELETE"}
<a class="btn btn-default btn-xs module-delete-action" title="{intl l='Delete this module'}" href="#delete_module_dialog" data-id="{$ID}" data-toggle="modal"><span class="glyphicon glyphicon-trash"></span></a>
{/loop}
</div>
</td>

82
templates/admin/default/module-edit.html Normal file
View File

@@ -0,0 +1,82 @@
{extends file="admin-layout.tpl"}
{block name="page-title"}{intl l='Edit a module'}{/block}
{block name="check-resource"}admin.module{/block}
{block name="check-access"}update{/block}
{block name="main-content"}
<div class="edit-module">
<div id="wrapper" class="container">
<ul class="breadcrumb">
<li><a href="{url path='/admin/home'}">{intl l="Home"}</a></li>
<li><a href="{url path='/admin/modules'}">{intl l="Modules"}</a></li>
<li>{intl l='Editing module'}</li>
</ul>
{loop type="module" name="module" id=$module_id backend_context="1" lang=$edit_language_id}
<div class="row">
<div class="col-md-12 general-block-decorator clearfix">
<div class="form-container">
{form name="thelia.admin.module.modification"}
<form method="POST" action="{url path="/admin/module/save"}" {form_enctype form=$form} >
{include
file = "includes/inner-form-toolbar.html"
hide_submit_buttons = false
page_url = {url path="/admin/module/update/$module_id"}
close_url = {url path="/admin/modules"}
}
{* Be sure to get the product ID, even if the form could not be validated *}
<input type="hidden" name="module_id" value="{$ID}" />
{form_hidden_fields form=$form}
{form_field form=$form field='success_url'}
<input type="hidden" name="{$name}" value="{url path="/admin/modules"}" />
{/form_field}
{if $form_error}<div class="alert alert-danger">{$form_error_message}</div>{/if}
{include file="includes/standard-description-form-fields.html" form=$form}
<div class="row">
<div class="col-md-12">
<div class="control-group">
<label>&nbsp;</label>
<div class="controls">
<p>{intl l='Module created on %date_create. Last modification: %date_change' date_create={format_date date=$CREATE_DATE} date_change={format_date date=$UPDATE_DATE}}</p>
</div>
</div>
</div>
</div>
</form>
{/form}
</div>
</div>
</div>
{/loop}
</div>
</div>
{/block}
{block name="javascript-initialization"}
{/block}

8
templates/admin/default/modules.html
View File

@@ -2,7 +2,7 @@
{block name="page-title"}{intl l='Modules'}{/block}
{block name="check-resource"}admin.configuration.module{/block}
{block name="check-resource"}admin.module{/block}
{block name="check-access"}view{/block}
{block name="main-content"}
@@ -53,7 +53,7 @@
dialog_title = {intl l="Delete a module"}
dialog_message = {intl l="Do you really want to delete this module ?"}
form_action = {url path='/admin/configuration/modules/delete'}
form_action = {url path='/admin/modules/delete'}
form_content = {$smarty.capture.delete_module_dialog nofilter}
}
@@ -81,8 +81,8 @@
{/javascripts}
<script>
$(document).ready(function(){
var url_management = "{url path="/admin/configuration/modules/toggle-activation/"}";
$(document).ready(function() {
var url_management = "{url path="/admin/modules/toggle-activation/"}";
$(".module-activation").on("switch-change", function(e, data){
$('body').append('<div class="modal-backdrop fade in" id="loading-event"><div class="loading"></div></div>');
$.ajax({