-
Notifications
You must be signed in to change notification settings - Fork 9.3k
/
OrderController.php
105 lines (98 loc) · 3.55 KB
/
OrderController.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
<?php
/**
* Magento
*
* NOTICE OF LICENSE
*
* This source file is subject to the Open Software License (OSL 3.0)
* that is bundled with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://opensource.org/licenses/osl-3.0.php
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@magentocommerce.com so we can send you a copy immediately.
*
* DISCLAIMER
*
* Do not edit or add to this file if you wish to upgrade Magento to newer
* versions in the future. If you wish to customize Magento for your
* needs please refer to http://www.magentocommerce.com for more information.
*
* @category Mage
* @package Mage_Rss
* @copyright Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
* @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
*/
/**
* Customer reviews controller
*
* @category Mage
* @package Mage_Rss
* @author Magento Core Team <core@magentocommerce.com>
*/
class Mage_Rss_OrderController extends Mage_Core_Controller_Front_Action
{
public function preDispatch()
{
if ('new' === $this->getRequest()->getActionName()) {
$this->setCurrentArea('adminhtml');
if (!self::authenticateAndAuthorizeAdmin($this, 'sales/order')) {
return;
}
}
parent::preDispatch();
}
/**
* Check if admin is logged in and authorized to access resource by specified ACL path
*
* If not authenticated, will try to do it using credentials from HTTP-request
*
* @param Mage_Core_Controller_Front_Action $controller
* @param string $aclResource
* @return bool
*/
public static function authenticateAndAuthorizeAdmin(Mage_Core_Controller_Front_Action $controller, $aclResource)
{
/** @var $auth Mage_Backend_Model_Auth */
$auth = Mage::getModel('Mage_Backend_Model_Auth');
$session = $auth->getAuthStorage();
// try to login using HTTP-authentication
if (!$session->isLoggedIn()) {
list($login, $password) = Mage::helper('Mage_Core_Helper_Http')
->getHttpAuthCredentials($controller->getRequest());
try {
$auth->login($login, $password);
} catch (Mage_Backend_Model_Auth_Exception $e) {
Mage::logException($e);
}
}
// verify if logged in and authorized
if (!$session->isLoggedIn() || !$session->isAllowed($aclResource)) {
Mage::helper('Mage_Core_Helper_Http')->failHttpAuthentication($controller->getResponse(), 'RSS Feeds');
$controller->setFlag('', self::FLAG_NO_DISPATCH, true);
return false;
}
return true;
}
public function newAction()
{
$this->getResponse()->setHeader('Content-type', 'text/xml; charset=UTF-8');
$this->loadLayout(false);
$this->renderLayout();
}
/**
* Order status action
*/
public function statusAction()
{
$order = Mage::helper('Mage_Rss_Helper_Order')->getOrderByStatusUrlKey((string)$this->getRequest()->getParam('data'));
if (!is_null($order)) {
Mage::register('current_order', $order);
$this->getResponse()->setHeader('Content-type', 'text/xml; charset=UTF-8');
$this->loadLayout(false);
$this->renderLayout();
return;
}
$this->_forward('nofeed', 'index', 'rss');
}
}