From 8bc41ea66bf31e597107639076f24d33ee79ad19 Mon Sep 17 00:00:00 2001 From: mage-eag Date: Thu, 9 Jul 2015 12:27:35 +0200 Subject: [PATCH] implemented missing _isAllowed() methods --- .../community/BL/CustomGrid/Controller/Grid/Action.php | 10 ++++++++++ .../Column/Renderer/AttributeController.php | 5 +++++ .../Column/Renderer/CollectionController.php | 5 +++++ .../CustomGrid/controllers/Config/FormController.php | 5 +++++ .../controllers/Custom/Column/ConfigController.php | 5 +++++ .../controllers/Grid/Column/FilterController.php | 5 +++++ .../controllers/Grid/Editor/ProductController.php | 5 +++++ .../CustomGrid/controllers/Grid/EditorController.php | 5 +++++ .../CustomGrid/controllers/Grid/ProfileController.php | 6 ++++++ .../BL/CustomGrid/controllers/GridController.php | 5 ++--- .../controllers/Options/SourceController.php | 4 +--- 11 files changed, 54 insertions(+), 6 deletions(-) diff --git a/app/code/community/BL/CustomGrid/Controller/Grid/Action.php b/app/code/community/BL/CustomGrid/Controller/Grid/Action.php index daceded..b37c3d8 100644 --- a/app/code/community/BL/CustomGrid/Controller/Grid/Action.php +++ b/app/code/community/BL/CustomGrid/Controller/Grid/Action.php @@ -15,6 +15,16 @@ class BL_CustomGrid_Controller_Grid_Action extends Mage_Adminhtml_Controller_Action { + /** + * Return the admin session model + * + * @return Mage_Admin_Model_Session + */ + protected function _getAdminSession() + { + return Mage::getSingleton('admin/session'); + } + /** * Return our own session model * diff --git a/app/code/community/BL/CustomGrid/controllers/Column/Renderer/AttributeController.php b/app/code/community/BL/CustomGrid/controllers/Column/Renderer/AttributeController.php index 85de0bc..a93137e 100644 --- a/app/code/community/BL/CustomGrid/controllers/Column/Renderer/AttributeController.php +++ b/app/code/community/BL/CustomGrid/controllers/Column/Renderer/AttributeController.php @@ -76,4 +76,9 @@ public function buildConfigAction() $params = $this->_getConfig()->encodeParameters($params); $this->_setActionSuccessJsonResponse(array('parameters' => $params)); } + + protected function _isAllowed() + { + return $this->_getAdminSession()->isAllowed('customgrid/customization/edit_columns'); + } } diff --git a/app/code/community/BL/CustomGrid/controllers/Column/Renderer/CollectionController.php b/app/code/community/BL/CustomGrid/controllers/Column/Renderer/CollectionController.php index 16ba100..6324758 100644 --- a/app/code/community/BL/CustomGrid/controllers/Column/Renderer/CollectionController.php +++ b/app/code/community/BL/CustomGrid/controllers/Column/Renderer/CollectionController.php @@ -76,4 +76,9 @@ public function buildConfigAction() $params = $this->_getConfig()->encodeParameters($params); $this->_setActionSuccessJsonResponse(array('parameters' => $params)); } + + protected function _isAllowed() + { + return $this->_getAdminSession()->isAllowed('customgrid/customization/edit_columns'); + } } diff --git a/app/code/community/BL/CustomGrid/controllers/Config/FormController.php b/app/code/community/BL/CustomGrid/controllers/Config/FormController.php index 43f7b8e..d9f8a71 100644 --- a/app/code/community/BL/CustomGrid/controllers/Config/FormController.php +++ b/app/code/community/BL/CustomGrid/controllers/Config/FormController.php @@ -26,4 +26,9 @@ public function saveFieldsetStateAction() $this->_setActionSuccessJsonResponse(); } } + + protected function _isAllowed() + { + return true; + } } diff --git a/app/code/community/BL/CustomGrid/controllers/Custom/Column/ConfigController.php b/app/code/community/BL/CustomGrid/controllers/Custom/Column/ConfigController.php index 3974aa5..2302f7c 100644 --- a/app/code/community/BL/CustomGrid/controllers/Custom/Column/ConfigController.php +++ b/app/code/community/BL/CustomGrid/controllers/Custom/Column/ConfigController.php @@ -68,4 +68,9 @@ public function buildConfigAction() $params = $this->_getGridTypeConfig()->encodeParameters($params); $this->_setActionSuccessJsonResponse(array('parameters' => $params)); } + + protected function _isAllowed() + { + return $this->_getAdminSession()->isAllowed('customgrid/customization/edit_columns'); + } } diff --git a/app/code/community/BL/CustomGrid/controllers/Grid/Column/FilterController.php b/app/code/community/BL/CustomGrid/controllers/Grid/Column/FilterController.php index e861f1b..6ce0967 100644 --- a/app/code/community/BL/CustomGrid/controllers/Grid/Column/FilterController.php +++ b/app/code/community/BL/CustomGrid/controllers/Grid/Column/FilterController.php @@ -41,4 +41,9 @@ public function categoriesJsonAction() $mainCategoryId = $this->getRequest()->getParam('category'); $this->getResponse()->setBody($chooserBlock->getCategoryChildrenJson($mainCategoryId)); } + + protected function _isAllowed() + { + return true; + } } diff --git a/app/code/community/BL/CustomGrid/controllers/Grid/Editor/ProductController.php b/app/code/community/BL/CustomGrid/controllers/Grid/Editor/ProductController.php index b3205be..a194b8b 100644 --- a/app/code/community/BL/CustomGrid/controllers/Grid/Editor/ProductController.php +++ b/app/code/community/BL/CustomGrid/controllers/Grid/Editor/ProductController.php @@ -38,4 +38,9 @@ public function wysiwygAction() $this->getResponse()->setBody($contentBlock->toHtml()); } + + protected function _isAllowed() + { + return $this->_getAdminSession()->isAllowed('customgrid/editor/edit_columns'); + } } diff --git a/app/code/community/BL/CustomGrid/controllers/Grid/EditorController.php b/app/code/community/BL/CustomGrid/controllers/Grid/EditorController.php index ebd1024..1faa13d 100644 --- a/app/code/community/BL/CustomGrid/controllers/Grid/EditorController.php +++ b/app/code/community/BL/CustomGrid/controllers/Grid/EditorController.php @@ -167,4 +167,9 @@ public function saveAction() $this->_setActionErrorJsonResponse($this->__('Failed to save the value : "%s"', $e->getMessage())); } } + + protected function _isAllowed() + { + return $this->_getAdminSession()->isAllowed('customgrid/editor/edit_columns'); + } } diff --git a/app/code/community/BL/CustomGrid/controllers/Grid/ProfileController.php b/app/code/community/BL/CustomGrid/controllers/Grid/ProfileController.php index 0be478b..01d7a01 100644 --- a/app/code/community/BL/CustomGrid/controllers/Grid/ProfileController.php +++ b/app/code/community/BL/CustomGrid/controllers/Grid/ProfileController.php @@ -320,4 +320,10 @@ public function deleteAction() $this->_setActionErrorJsonResponse($this->__('Invalid request')); } } + + protected function _isAllowed() + { + // Specific permissions are enforced by the models + return true; + } } diff --git a/app/code/community/BL/CustomGrid/controllers/GridController.php b/app/code/community/BL/CustomGrid/controllers/GridController.php index 6b68b14..3868aac 100644 --- a/app/code/community/BL/CustomGrid/controllers/GridController.php +++ b/app/code/community/BL/CustomGrid/controllers/GridController.php @@ -782,15 +782,14 @@ public function massDeleteAction() protected function _isAllowed() { + // Specific permissions are enforced by the models switch ($this->getRequest()->getActionName()) { case 'index': case 'grid': case 'massDelete': case 'massDisable': case 'massEnable': - /** @var $session Mage_Admin_Model_Session */ - $session = Mage::getSingleton('admin/session'); - return $session->isAllowed('customgrid/administration/view_grids_list'); + return $this->_getAdminSession()->isAllowed('customgrid/administration/view_grids_list'); } return true; } diff --git a/app/code/community/BL/CustomGrid/controllers/Options/SourceController.php b/app/code/community/BL/CustomGrid/controllers/Options/SourceController.php index 9a42c20..e3657c2 100644 --- a/app/code/community/BL/CustomGrid/controllers/Options/SourceController.php +++ b/app/code/community/BL/CustomGrid/controllers/Options/SourceController.php @@ -216,8 +216,6 @@ public function massDeleteAction() protected function _isAllowed() { - /** @var $session Mage_Admin_Model_Session */ - $session = Mage::getSingleton('admin/session'); - return $session->isAllowed('system/customgrid/options_source'); + return $this->_getAdminSession()->isAllowed('system/customgrid/options_source'); } }