dynamically add resources to ACL, so reports can be individually assi…

…gned to roles (#82) * fix resources per report * bump version (minor update)
kalenjordan · Jun 7, 2017 · 4192e89 · 4192e89
1 parent 250535b
commit 4192e89
Show file tree

Hide file tree

Showing 7 changed files with 187 additions and 8 deletions.
diff --git a/app/code/community/Clean/SqlReports/Block/Adminhtml/Customreport/Grid.php b/app/code/community/Clean/SqlReports/Block/Adminhtml/Customreport/Grid.php
@@ -26,6 +26,19 @@ protected function _prepareCollection()
         return parent::_prepareCollection();
     }
 
+    protected function _afterLoadCollection()
+    {
+        parent::_afterLoadCollection();
+
+        foreach ($this->_collection as $index => $item) {
+            if (! Mage::helper('cleansql')->getAllowViewReport($item->getId())) {
+                $this->_collection->removeItemByKey($index);
+            }
+        }
+
+        return $this;
+    }
+
     protected function _prepareColumns()
     {
         $this->addColumn(

diff --git a/app/code/community/Clean/SqlReports/Block/Adminhtml/Page/Menu.php b/app/code/community/Clean/SqlReports/Block/Adminhtml/Page/Menu.php
@@ -24,14 +24,21 @@ protected function _appendCleanSqlReports(array &$menuArray)
         if (!isset($menuArray['children'])) {
             $menuArray['children'] = array();
         }
-        $maxReports       = (int)Mage::getStoreConfig('reports/cleansql/max_reports_in_menu');
+
+        $maxReports       = (int) Mage::getStoreConfig('reports/cleansql/max_reports_in_menu');
+        $helper           = Mage::helper('cleansql');
         $reportCollection = Mage::getModel('cleansql/report')->getCollection()->setOrder('title', 'ASC');
         $reportCount      = $reportCollection->count();
         $i                = 1;
+
         foreach ($reportCollection as $report) {
+            if (! $helper->getAllowViewReport($report->getId())) {
+                continue;
+            }
+
             /** @var $report Clean_SqlReports_Model_Report */
             $titleNodeName = $this->_getXmlTitle($report);
-            $route         = Mage::helper('cleansql')->getPrimaryReportRoute($report);
+            $route         = $helper->getPrimaryReportRoute($report);
 
             $menuArray['children'][$titleNodeName] = array(
                 'label'      => $report->getTitle(),
@@ -55,6 +62,6 @@ protected function _appendCleanSqlReports(array &$menuArray)
      */
     protected function _getXmlTitle(Clean_SqlReports_Model_Report $report)
     {
-        return strtolower(preg_replace('~[^a-z0-9]+~i', '', $report->getTitle()));
+        return 'report_' . $report->getId();
     }
 }
diff --git a/app/code/community/Clean/SqlReports/Helper/Data.php b/app/code/community/Clean/SqlReports/Helper/Data.php
@@ -6,6 +6,8 @@
  */
 class Clean_SqlReports_Helper_Data extends Mage_Core_Helper_Abstract
 {
+    const RESOURCE_VIEW_REPORT_PREFIX = 'admin/report/cleansql/report_';
+
     /**
      * Return a flag indicating if the currently logged in admin user can view reports
      *
@@ -18,6 +20,16 @@ public function getAllowView()
         return $this->getAdminSession()->isAllowed('report/cleansql');
     }
 
+    /**
+     * Return a flag indicating if the currently logged in admin user can view report with id $id
+     *
+     * @return bool
+     */
+    public function getAllowViewReport($id)
+    {
+        return $this->getAdminSession()->isAllowed(self::RESOURCE_VIEW_REPORT_PREFIX . $id);
+    }
+
     /**
      * Return a flag indicating if the currently logged in admin user can add/edit reports
      *

diff --git a/app/code/community/Clean/SqlReports/Model/Admin/Roles.php b/app/code/community/Clean/SqlReports/Model/Admin/Roles.php
@@ -0,0 +1,75 @@
+<?php
+
+/**
+ * This rewrite adds the custom reports as ACL paths to the resources tree
+ *
+ * Class Clean_SqlReports_Model_Admin_Roles
+ */
+class Clean_SqlReports_Model_Admin_Roles extends Mage_Admin_Model_Roles {
+
+    /**
+     * Return tree of acl resources
+     *
+     * @return array|null|Varien_Simplexml_Element
+     */
+    public function getResourcesTree()
+    {
+        $resourcesTreeArray = parent::getResourcesTree();
+        /** @var Varien_Simplexml_Element $node */
+        $node = $resourcesTreeArray->admin->children->report->children->cleansql->children;
+
+        // Get all reports
+        $reportCollection = Mage::getModel('cleansql/report')->getCollection()->setOrder('title', 'ASC');
+
+        // Add them to the roles structure
+        foreach ($reportCollection as $report) {
+            $reportChildNode = $node->addChild('report_' . $report->getId());
+            $reportChildNode->addAttribute('aclpath', Clean_SqlReports_Helper_Data::RESOURCE_VIEW_REPORT_PREFIX . $report->getId());
+            $reportChildNode->addChild('title', 'Report: ' . $report->getTitle());
+        }
+
+        return $resourcesTreeArray;
+    }
+
+    /**
+     * Return list of acl resources
+     *
+     * @return array|null|Varien_Simplexml_Element
+     */
+    public function getResourcesList()
+    {
+        $resourcesList = parent::getResourcesList();
+
+        // Get all reports
+        $reportCollection = Mage::getModel('cleansql/report')->getCollection()->setOrder('title', 'ASC');
+
+        // Add them to the roles structure
+        foreach ($reportCollection as $report) {
+            $resourcesList[Clean_SqlReports_Helper_Data::RESOURCE_VIEW_REPORT_PREFIX . $report->getId()] = [
+                'name' => 'Report: ' . $report->getTitle(),
+                'level' => null // not important
+            ];
+        }
+
+        return $resourcesList;
+    }
+
+    /**
+     * Return list of acl resources in 2D format
+     *
+     * @return array|null|Varien_Simplexml_Element
+     */
+    public function getResourcesList2D()
+    {
+        $resourcesList2D = parent::getResourcesList2D();
+
+        // Get all reports
+        $reportCollection = Mage::getModel('cleansql/report')->getCollection()->setOrder('title', 'ASC');
+
+        foreach ($reportCollection as $report) {
+            $resourcesList2D[] = Clean_SqlReports_Helper_Data::RESOURCE_VIEW_REPORT_PREFIX . $report->getId();
+        }
+
+        return $resourcesList2D;
+    }
+}
diff --git a/app/code/community/Clean/SqlReports/Model/Resource/Admin/Acl.php b/app/code/community/Clean/SqlReports/Model/Resource/Admin/Acl.php
@@ -0,0 +1,58 @@
+<?php
+
+class Clean_SqlReports_Model_Resource_Admin_Acl extends Mage_Admin_Model_Resource_Acl {
+
+    public function loadAcl()
+    {
+        $acl = Mage::getModel('admin/acl');
+
+        Mage::getSingleton('admin/config')->loadAclResources($acl);
+        $this->loadReportResources($acl);
+
+        $roleTable   = $this->getTable('admin/role');
+        $ruleTable   = $this->getTable('admin/rule');
+        $assertTable = $this->getTable('admin/assert');
+
+        $adapter = $this->_getReadAdapter();
+
+        $select = $adapter->select()
+            ->from($roleTable)
+            ->order('tree_level');
+
+        $rolesArr = $adapter->fetchAll($select);
+
+        $this->loadRoles($acl, $rolesArr);
+
+        $select = $adapter->select()
+            ->from(array('r' => $ruleTable))
+            ->joinLeft(
+                array('a' => $assertTable),
+                'a.assert_id = r.assert_id',
+                array('assert_type', 'assert_data')
+            );
+
+        $rulesArr = $adapter->fetchAll($select);
+
+        $this->loadRules($acl, $rulesArr);
+
+        return $acl;
+    }
+
+    /**
+     * Add report resources
+     *
+     * @param Mage_Admin_Model_Acl $acl
+     */
+    protected function loadReportResources(Mage_Admin_Model_Acl $acl)
+    {
+        $reportCollection = Mage::getModel('cleansql/report')->getCollection()->setOrder('title', 'ASC');
+
+        foreach ($reportCollection as $report) {
+            $acl->add(
+                Mage::getModel('admin/acl_resource',Clean_SqlReports_Helper_Data::RESOURCE_VIEW_REPORT_PREFIX . $report->getId()),
+                $acl->get('admin/report/cleansql')
+            );
+        }
+    }
+
+}
diff --git a/app/code/community/Clean/SqlReports/controllers/Adminhtml/CustomreportController.php b/app/code/community/Clean/SqlReports/controllers/Adminhtml/CustomreportController.php
@@ -156,11 +156,15 @@ protected function _getReport()
 
     protected function _isAllowed()
     {
-        $isView = in_array($this->getRequest()->getActionName(), array('index', 'view', 'viewtable', 'viewchart', 'getJson', 'exportCsv'));
-
-        /** @var $helper Clean_SqlReport_Helper_Data */
+        /** @var $helper Clean_SqlReports_Helper_Data */
         $helper = Mage::helper('cleansql');
 
-        return ($isView ? $helper->getAllowView() : $helper->getAllowEdit());
+        if ($this->getRequest()->getActionName() === 'index') {
+            return $helper->getAllowView();
+        }
+
+        $isView = in_array($this->getRequest()->getActionName(), array('view', 'viewtable', 'viewchart', 'getJson', 'exportCsv'));
+
+        return $isView ? $helper->getAllowViewReport($this->getRequest()->getParam('report_id')) : $helper->getAllowEdit();
     }
 }
diff --git a/app/code/community/Clean/SqlReports/etc/config.xml b/app/code/community/Clean/SqlReports/etc/config.xml
@@ -2,7 +2,7 @@
 <config>
     <modules>
         <Clean_SqlReports>
-            <version>0.1.13</version>
+            <version>0.2.0</version>
         </Clean_SqlReports>
     </modules>
 
@@ -30,6 +30,16 @@
                     </report>
                 </entities>
             </cleansql_mysql4>
+            <admin>
+                <rewrite>
+                    <roles>Clean_SqlReports_Model_Admin_Roles</roles>
+                </rewrite>
+            </admin>
+            <admin_resource>
+                <rewrite>
+                    <acl>Clean_SqlReports_Model_Resource_Admin_Acl</acl>
+                </rewrite>
+            </admin_resource>
         </models>
 
         <resources>