Skip to content
This repository has been archived by the owner on Sep 14, 2020. It is now read-only.

Commit

Permalink
implemented missing _isAllowed() methods
Browse files Browse the repository at this point in the history
  • Loading branch information
mage-eag committed Jul 9, 2015
1 parent a1b97df commit 8bc41ea
Show file tree
Hide file tree
Showing 11 changed files with 54 additions and 6 deletions.
10 changes: 10 additions & 0 deletions app/code/community/BL/CustomGrid/Controller/Grid/Action.php
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,16 @@

class BL_CustomGrid_Controller_Grid_Action extends Mage_Adminhtml_Controller_Action
{
/**
* Return the admin session model
*
* @return Mage_Admin_Model_Session
*/
protected function _getAdminSession()
{
return Mage::getSingleton('admin/session');
}

/**
* Return our own session model
*
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -76,4 +76,9 @@ public function buildConfigAction()
$params = $this->_getConfig()->encodeParameters($params);
$this->_setActionSuccessJsonResponse(array('parameters' => $params));
}

protected function _isAllowed()
{
return $this->_getAdminSession()->isAllowed('customgrid/customization/edit_columns');
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -76,4 +76,9 @@ public function buildConfigAction()
$params = $this->_getConfig()->encodeParameters($params);
$this->_setActionSuccessJsonResponse(array('parameters' => $params));
}

protected function _isAllowed()
{
return $this->_getAdminSession()->isAllowed('customgrid/customization/edit_columns');
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -26,4 +26,9 @@ public function saveFieldsetStateAction()
$this->_setActionSuccessJsonResponse();
}
}

protected function _isAllowed()
{
return true;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -68,4 +68,9 @@ public function buildConfigAction()
$params = $this->_getGridTypeConfig()->encodeParameters($params);
$this->_setActionSuccessJsonResponse(array('parameters' => $params));
}

protected function _isAllowed()
{
return $this->_getAdminSession()->isAllowed('customgrid/customization/edit_columns');
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -41,4 +41,9 @@ public function categoriesJsonAction()
$mainCategoryId = $this->getRequest()->getParam('category');
$this->getResponse()->setBody($chooserBlock->getCategoryChildrenJson($mainCategoryId));
}

protected function _isAllowed()
{
return true;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -38,4 +38,9 @@ public function wysiwygAction()

$this->getResponse()->setBody($contentBlock->toHtml());
}

protected function _isAllowed()
{
return $this->_getAdminSession()->isAllowed('customgrid/editor/edit_columns');
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -167,4 +167,9 @@ public function saveAction()
$this->_setActionErrorJsonResponse($this->__('Failed to save the value : "%s"', $e->getMessage()));
}
}

protected function _isAllowed()
{
return $this->_getAdminSession()->isAllowed('customgrid/editor/edit_columns');
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -320,4 +320,10 @@ public function deleteAction()
$this->_setActionErrorJsonResponse($this->__('Invalid request'));
}
}

protected function _isAllowed()
{
// Specific permissions are enforced by the models
return true;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -782,15 +782,14 @@ public function massDeleteAction()

protected function _isAllowed()
{
// Specific permissions are enforced by the models
switch ($this->getRequest()->getActionName()) {
case 'index':
case 'grid':
case 'massDelete':
case 'massDisable':
case 'massEnable':
/** @var $session Mage_Admin_Model_Session */
$session = Mage::getSingleton('admin/session');
return $session->isAllowed('customgrid/administration/view_grids_list');
return $this->_getAdminSession()->isAllowed('customgrid/administration/view_grids_list');
}
return true;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -216,8 +216,6 @@ public function massDeleteAction()

protected function _isAllowed()
{
/** @var $session Mage_Admin_Model_Session */
$session = Mage::getSingleton('admin/session');
return $session->isAllowed('system/customgrid/options_source');
return $this->_getAdminSession()->isAllowed('system/customgrid/options_source');
}
}

0 comments on commit 8bc41ea

Please sign in to comment.