Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Update as of 8/15/2012

* Refactored ACL functionality:
  * Implementation is not bound to backend area anymore and moved to `Mage_Core` module
  * Covered backwards-incompatible changes with additional migration tool (`dev/tools/migration/Acl`)
* Implemented "move" layout directive and slightly modified behavior of "remove"
* A failure in DB cleanup by integration testing framework is articulated more clearly by throwing `Magento_Exception`
* Fixed security vulnerability of exploiting Magento "cookie restriction" feature
* Fixed caching mechanism of loading modules declaration to not cause additional performance overhead
* Adjusted include path in unit tests to use the original include path at the end, rather than at the beginning
  • Loading branch information...
commit 37bf8f24f6b0ce307e0e0520c2f5c758df70f3fc 1 parent e0f1c29
@mage2-team mage2-team authored
Showing with 5,088 additions and 911 deletions.
  1. +11 −0 CHANGELOG.markdown
  2. +1 −1  app/code/core/Mage/Adminhtml/Block/Cache/Notifications.php
  3. +1 −1  app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tab/Attributes.php
  4. +2 −2 app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tabs.php
  5. +1 −1  app/code/core/Mage/Adminhtml/Block/Catalog/Product/Grid.php
  6. +1 −1  app/code/core/Mage/Adminhtml/Block/Cms/Page.php
  7. +1 −1  app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit.php
  8. +1 −1  app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit/Tab/Content.php
  9. +1 −1  app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit/Tab/Design.php
  10. +1 −1  app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit/Tab/Main.php
  11. +1 −1  app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit/Tab/Meta.php
  12. +1 −1  app/code/core/Mage/Adminhtml/Block/Customer/Edit.php
  13. +15 −13 app/code/core/Mage/Adminhtml/Block/Customer/Edit/Tabs.php
  14. +1 −1  app/code/core/Mage/Adminhtml/Block/Customer/Online/Grid.php
  15. +2 −1  app/code/core/Mage/Adminhtml/Block/Notification/Survey.php
  16. +0 −17 app/code/core/Mage/Adminhtml/Block/Notification/Window.php
  17. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Creditmemo/Grid.php
  18. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Invoice/Grid.php
  19. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Items/Abstract.php
  20. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Order.php
  21. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Order/Creditmemo/View.php
  22. +5 −5 app/code/core/Mage/Adminhtml/Block/Sales/Order/Grid.php
  23. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Order/Invoice/Create/Items.php
  24. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Order/Invoice/View.php
  25. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Order/Shipment/View.php
  26. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Order/View.php
  27. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Order/View/History.php
  28. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Order/View/Tab/Transactions.php
  29. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Shipment/Grid.php
  30. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Transactions/Detail.php
  31. +1 −1  app/code/core/Mage/Adminhtml/Block/System/Config/Tabs.php
  32. +35 −1 app/code/core/Mage/Adminhtml/Controller/Action.php
  33. +1 −1  app/code/core/Mage/Adminhtml/Controller/Sales/Creditmemo.php
  34. +1 −1  app/code/core/Mage/Adminhtml/Controller/Sales/Invoice.php
  35. +1 −1  app/code/core/Mage/Adminhtml/Controller/Sales/Shipment.php
  36. +1 −1  app/code/core/Mage/Adminhtml/controllers/Api/RoleController.php
  37. +1 −1  app/code/core/Mage/Adminhtml/controllers/Api/UserController.php
  38. +1 −1  app/code/core/Mage/Adminhtml/controllers/CacheController.php
  39. +1 −1  app/code/core/Mage/Adminhtml/controllers/Catalog/CategoryController.php
  40. +1 −1  app/code/core/Mage/Adminhtml/controllers/Catalog/Product/Action/AttributeController.php
  41. +1 −1  app/code/core/Mage/Adminhtml/controllers/Catalog/Product/AttributeController.php
  42. +1 −1  app/code/core/Mage/Adminhtml/controllers/Catalog/Product/GalleryController.php
  43. +1 −1  app/code/core/Mage/Adminhtml/controllers/Catalog/Product/GroupController.php
  44. +2 −2 app/code/core/Mage/Adminhtml/controllers/Catalog/Product/ReviewController.php
  45. +1 −1  app/code/core/Mage/Adminhtml/controllers/Catalog/Product/SetController.php
  46. +1 −1  app/code/core/Mage/Adminhtml/controllers/Catalog/ProductController.php
  47. +1 −1  app/code/core/Mage/Adminhtml/controllers/Catalog/SearchController.php
  48. +1 −1  app/code/core/Mage/Adminhtml/controllers/Checkout/AgreementController.php
  49. +1 −1  app/code/core/Mage/Adminhtml/controllers/Cms/BlockController.php
  50. +3 −3 app/code/core/Mage/Adminhtml/controllers/Cms/PageController.php
  51. +1 −1  app/code/core/Mage/Adminhtml/controllers/Cms/Wysiwyg/ImagesController.php
  52. +1 −1  app/code/core/Mage/Adminhtml/controllers/Customer/Cart/Product/Composite/CartController.php
  53. +1 −1  app/code/core/Mage/Adminhtml/controllers/Customer/GroupController.php
  54. +1 −1  app/code/core/Mage/Adminhtml/controllers/Customer/OnlineController.php
  55. +1 −1  app/code/core/Mage/Adminhtml/controllers/Customer/Wishlist/Product/Composite/WishlistController.php
  56. +346 −202 app/code/core/Mage/Adminhtml/controllers/CustomerController.php
  57. +1 −1  app/code/core/Mage/Adminhtml/controllers/DashboardController.php
  58. +2 −2 app/code/core/Mage/Adminhtml/controllers/IndexController.php
  59. +1 −1  app/code/core/Mage/Adminhtml/controllers/Media/EditorController.php
  60. +1 −1  app/code/core/Mage/Adminhtml/controllers/Media/UploaderController.php
  61. +1 −1  app/code/core/Mage/Adminhtml/controllers/Newsletter/ProblemController.php
  62. +1 −1  app/code/core/Mage/Adminhtml/controllers/Newsletter/QueueController.php
  63. +1 −1  app/code/core/Mage/Adminhtml/controllers/Newsletter/SubscriberController.php
  64. +1 −1  app/code/core/Mage/Adminhtml/controllers/Newsletter/TemplateController.php
  65. +1 −1  app/code/core/Mage/Adminhtml/controllers/NotificationController.php
  66. +1 −1  app/code/core/Mage/Adminhtml/controllers/Poll/AnswerController.php
  67. +1 −1  app/code/core/Mage/Adminhtml/controllers/PollController.php
  68. +1 −1  app/code/core/Mage/Adminhtml/controllers/Promo/CatalogController.php
  69. +1 −1  app/code/core/Mage/Adminhtml/controllers/Promo/QuoteController.php
  70. +1 −1  app/code/core/Mage/Adminhtml/controllers/Promo/WidgetController.php
  71. +1 −1  app/code/core/Mage/Adminhtml/controllers/PromoController.php
  72. +1 −1  app/code/core/Mage/Adminhtml/controllers/RatingController.php
  73. +4 −4 app/code/core/Mage/Adminhtml/controllers/Report/CustomerController.php
  74. +4 −4 app/code/core/Mage/Adminhtml/controllers/Report/ProductController.php
  75. +3 −3 app/code/core/Mage/Adminhtml/controllers/Report/ReviewController.php
  76. +9 −9 app/code/core/Mage/Adminhtml/controllers/Report/SalesController.php
  77. +4 −4 app/code/core/Mage/Adminhtml/controllers/Report/ShopcartController.php
  78. +1 −1  app/code/core/Mage/Adminhtml/controllers/Report/StatisticsController.php
  79. +5 −5 app/code/core/Mage/Adminhtml/controllers/Report/TagController.php
  80. +2 −2 app/code/core/Mage/Adminhtml/controllers/ReportController.php
  81. +3 −3 app/code/core/Mage/Adminhtml/controllers/Sales/Billing/AgreementController.php
  82. +2 −2 app/code/core/Mage/Adminhtml/controllers/Sales/Order/CreateController.php
  83. +1 −1  app/code/core/Mage/Adminhtml/controllers/Sales/Order/EditController.php
  84. +1 −1  app/code/core/Mage/Adminhtml/controllers/Sales/Order/StatusController.php
  85. +1 −1  app/code/core/Mage/Adminhtml/controllers/Sales/OrderController.php
  86. +2 −2 app/code/core/Mage/Adminhtml/controllers/Sales/TransactionsController.php
  87. +1 −1  app/code/core/Mage/Adminhtml/controllers/SitemapController.php
  88. +1 −1  app/code/core/Mage/Adminhtml/controllers/SurveyController.php
  89. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/AccountController.php
  90. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/BackupController.php
  91. +6 −9 app/code/core/Mage/Adminhtml/controllers/System/ConfigController.php
  92. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/Convert/GuiController.php
  93. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/Convert/ProfileController.php
  94. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/CurrencyController.php
  95. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/DesignController.php
  96. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/Email/TemplateController.php
  97. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/StoreController.php
  98. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/VariableController.php
  99. +1 −1  app/code/core/Mage/Adminhtml/controllers/SystemController.php
  100. +3 −3 app/code/core/Mage/Adminhtml/controllers/TagController.php
  101. +1 −1  app/code/core/Mage/Adminhtml/controllers/Tax/Class/CustomerController.php
  102. +1 −1  app/code/core/Mage/Adminhtml/controllers/Tax/Class/ProductController.php
  103. +2 −2 app/code/core/Mage/Adminhtml/controllers/Tax/ClassController.php
  104. +3 −3 app/code/core/Mage/Adminhtml/controllers/Tax/RateController.php
  105. +1 −1  app/code/core/Mage/Adminhtml/controllers/Tax/RuleController.php
  106. +1 −1  app/code/core/Mage/Adminhtml/controllers/UrlrewriteController.php
  107. +1 −1  app/code/core/Mage/Adminhtml/view/adminhtml/page/header.phtml
  108. +1 −1  app/code/core/Mage/Adminhtml/view/adminhtml/system/config/switcher.phtml
  109. +1 −3 app/code/core/Mage/Api2/Block/Adminhtml/Attribute/Grid.php
  110. +1 −3 app/code/core/Mage/Api2/Block/Adminhtml/Roles.php
  111. +1 −4 app/code/core/Mage/Api2/Block/Adminhtml/Roles/Grid.php
  112. +1 −3 app/code/core/Mage/Api2/controllers/Adminhtml/Api2/RoleController.php
  113. +55 −6 app/code/core/Mage/Backend/Controller/ActionAbstract.php
  114. +2 −2 app/code/core/Mage/Backend/Helper/Data.php
  115. +3 −3 app/code/core/Mage/Backend/Model/Acl/Config.php
  116. +3 −3 app/code/core/Mage/Backend/Model/Auth/Session.php
  117. +56 −0 app/code/core/Mage/Backend/Model/Authorization/RoleLocator.php
  118. +1 −1  app/code/core/Mage/Backend/Model/Menu/Item.php
  119. +3 −3 app/code/core/Mage/Backend/Model/Menu/Item/Factory.php
  120. +1 −1  app/code/core/Mage/Backend/Model/Menu/Item/Validator.php
  121. +2 −0  app/code/core/Mage/Backend/etc/config.xml
  122. +1 −1  app/code/core/Mage/Backup/Helper/Data.php
  123. +62 −73 app/code/core/Mage/Centinel/Model/State/Jcb.php
  124. +1 −1  app/code/core/Mage/Cms/Model/Wysiwyg/Config.php
  125. +1 −1  app/code/core/Mage/Connect/controllers/Adminhtml/Extension/CustomController.php
  126. +14 −2 app/code/core/Mage/Core/Controller/Varien/Action.php
  127. +21 −19 app/code/core/Mage/Core/Controller/Varien/Router/Base.php
  128. +49 −8 app/code/core/Mage/Core/Helper/Cookie.php
  129. +18 −9 app/code/core/Mage/Core/Model/Acl/Builder.php
  130. +137 −0 app/code/core/Mage/Core/Model/Authorization.php
  131. +84 −19 app/code/core/Mage/Core/Model/Config.php
  132. +205 −76 app/code/core/Mage/Core/Model/Layout.php
  133. +65 −0 app/code/core/Mage/Core/Model/Registry.php
  134. +1 −1  app/code/core/Mage/CurrencySymbol/controllers/Adminhtml/System/CurrencysymbolController.php
  135. +1 −1  app/code/core/Mage/DesignEditor/controllers/Adminhtml/System/Design/EditorController.php
  136. +1 −1  app/code/core/Mage/Downloadable/controllers/Adminhtml/Downloadable/FileController.php
  137. +1 −1  app/code/core/Mage/GoogleOptimizer/Block/Adminhtml/Cms/Page/Edit/Tab/Googleoptimizer.php
  138. +1 −1  app/code/core/Mage/GoogleShopping/controllers/Adminhtml/Googleshopping/ItemsController.php
  139. +1 −1  app/code/core/Mage/GoogleShopping/controllers/Adminhtml/Googleshopping/TypesController.php
  140. +1 −1  app/code/core/Mage/ImportExport/controllers/Adminhtml/ExportController.php
  141. +1 −1  app/code/core/Mage/ImportExport/controllers/Adminhtml/ImportController.php
  142. +1 −1  app/code/core/Mage/Index/Block/Adminhtml/Notifications.php
  143. +1 −1  app/code/core/Mage/Index/controllers/Adminhtml/ProcessController.php
  144. +1 −3 app/code/core/Mage/Oauth/Block/Adminhtml/Oauth/AuthorizedTokens/Grid.php
  145. +1 −3 app/code/core/Mage/Oauth/Block/Adminhtml/Oauth/Consumer.php
  146. +3 −3 app/code/core/Mage/Oauth/Block/Adminhtml/Oauth/Consumer/Edit.php
  147. +1 −3 app/code/core/Mage/Oauth/Block/Adminhtml/Oauth/Consumer/Grid.php
  148. +1 −3 app/code/core/Mage/Oauth/controllers/Adminhtml/Oauth/Admin/TokenController.php
  149. +1 −3 app/code/core/Mage/Oauth/controllers/Adminhtml/Oauth/AuthorizedTokensController.php
  150. +1 −3 app/code/core/Mage/Oauth/controllers/Adminhtml/Oauth/ConsumerController.php
  151. +1 −1  app/code/core/Mage/PageCache/Block/Adminhtml/Cache/Additional.php
  152. +1 −1  app/code/core/Mage/PageCache/controllers/Adminhtml/PageCacheController.php
  153. +7 −5 app/code/core/Mage/Paypal/Block/Adminhtml/Settlement/Report.php
  154. +3 −3 app/code/core/Mage/Paypal/controllers/Adminhtml/Paypal/ReportsController.php
  155. +4 −1 app/code/core/Mage/Rss/controllers/CatalogController.php
  156. +1 −1  app/code/core/Mage/Rss/controllers/OrderController.php
  157. +1 −1  app/code/core/Mage/Sales/Block/Adminhtml/Billing/Agreement/View.php
  158. +1 −1  app/code/core/Mage/Sales/Block/Adminhtml/Recurring/Profile/View/Tab/Orders.php
  159. +1 −1  app/code/core/Mage/Sales/Model/Observer.php
  160. +9 −4 app/code/core/Mage/User/Block/Role/Tab/Edit.php
  161. +1 −1  app/code/core/Mage/User/Model/Resource/Rules.php
  162. +1 −1  app/code/core/Mage/User/controllers/Adminhtml/User/RoleController.php
  163. +1 −1  app/code/core/Mage/User/controllers/Adminhtml/UserController.php
  164. +1 −1  app/code/core/Mage/Widget/controllers/Adminhtml/Widget/InstanceController.php
  165. +1 −1  app/code/core/Mage/XmlConnect/controllers/Adminhtml/MobileController.php
  166. +3 −1 dev/tests/integration/framework/Magento/Test/Bootstrap.php
  167. +14 −0 dev/tests/integration/framework/tests/unit/testsuite/Magento/Test/BootstrapTest.php
  168. +1 −0  dev/tests/integration/testsuite/Mage/Adminhtml/Block/Catalog/Product/Edit/TabsTest.php
  169. +286 −0 dev/tests/integration/testsuite/Mage/Adminhtml/controllers/CustomerControllerTest.php
  170. +87 −0 dev/tests/integration/testsuite/Mage/Adminhtml/controllers/_files/customer_sample.php
  171. +52 −0 dev/tests/integration/testsuite/Mage/Backend/Controller/ActionAbstractTest.php
  172. +1 −0  dev/tests/integration/testsuite/Mage/Backend/Model/MenuTest.php
  173. +1 −0  dev/tests/integration/testsuite/Mage/Cms/Model/Wysiwyg/ConfigTest.php
  174. +1 −0  dev/tests/integration/testsuite/Mage/Core/Controller/Varien/ActionTest.php
  175. +101 −1 dev/tests/integration/testsuite/Mage/Core/Model/LayoutTest.php
  176. +8 −5 dev/tests/integration/testsuite/Mage/Core/Model/_files/_layout_update.xml
  177. +95 −2 dev/tests/integration/testsuite/Mage/Core/Model/_files/design/frontend/test/default/Mage_Core/layout.xml
  178. +1 −2  dev/tests/integration/testsuite/Mage/User/Block/Role/Tab/EditTest.php
  179. +4 −4 dev/tests/integration/testsuite/integrity/modular/AclConfigFilesTest.php
  180. +34 −8 dev/tests/integration/testsuite/integrity/modular/TemplateFilesTest.php
  181. +9 −3 dev/tests/static/testsuite/Legacy/ObsoleteCodeTest.php
  182. +1 −0  dev/tests/static/testsuite/Php/_files/blacklist/core.txt
  183. +1 −0  dev/tests/static/testsuite/Php/_files/whitelist/core.txt
  184. +2 −2 dev/tests/unit/framework/bootstrap.php
  185. +4 −4 dev/tests/unit/testsuite/Mage/Backend/Model/Acl/ConfigTest.php
  186. +59 −0 dev/tests/unit/testsuite/Mage/Backend/Model/Authorization/RoleLocatorTest.php
  187. +1 −1  dev/tests/unit/testsuite/Mage/Backend/Model/Menu/Item/FactoryTest.php
  188. +1 −1  dev/tests/unit/testsuite/Mage/Backend/Model/Menu/Item/ValidatorTest.php
  189. +1 −1  dev/tests/unit/testsuite/Mage/Backend/Model/Menu/ItemTest.php
  190. +0 −10 dev/tests/unit/testsuite/Mage/Backend/Model/UrlTest.php
  191. +619 −0 dev/tests/unit/testsuite/Mage/Centinel/Model/State/JcbTest.php
  192. +151 −0 dev/tests/unit/testsuite/Mage/Core/Helper/CookieTest.php
  193. +74 −0 dev/tests/unit/testsuite/Mage/Core/Model/AuthorizationTest.php
  194. +2 −1  dev/tests/unit/testsuite/Mage/Eav/Model/Resource/Entity/AttributeTest.php
  195. +7 −7 dev/tests/unit/testsuite/{Mage/Backend/Model → Magento}/Acl/Config/ReaderTest.php
  196. +40 −0 dev/tests/unit/testsuite/Magento/Acl/_files/acl_1.xml
  197. +42 −0 dev/tests/unit/testsuite/Magento/Acl/_files/acl_2.xml
  198. +45 −0 dev/tests/unit/testsuite/Magento/Acl/_files/acl_merged.xml
  199. +86 −0 dev/tests/unit/testsuite/Magento/Authorization/Policy/AclTest.php
  200. +43 −0 dev/tests/unit/testsuite/Magento/Authorization/Policy/DefaultTest.php
  201. +62 −0 dev/tests/unit/testsuite/Varien/Simplexml/ElementTest.php
  202. +9 −8 ...s/unit/testsuite/{tools/migration/Acl/_files/template_document.xml → Varien/Simplexml/_files/data.xml}
  203. +87 −0 dev/tests/unit/testsuite/tools/migration/Acl/Db/Adapter/FactoryTest.php
  204. +63 −0 dev/tests/unit/testsuite/tools/migration/Acl/Db/FileReaderTest.php
  205. +39 −0 dev/tests/unit/testsuite/tools/migration/Acl/Db/Logger/ConsoleTest.php
  206. +80 −0 dev/tests/unit/testsuite/tools/migration/Acl/Db/Logger/FactoryTest.php
  207. +45 −0 dev/tests/unit/testsuite/tools/migration/Acl/Db/Logger/FileTest.php
  208. +73 −0 dev/tests/unit/testsuite/tools/migration/Acl/Db/LoggerAbstractTest.php
  209. +79 −0 dev/tests/unit/testsuite/tools/migration/Acl/Db/ReaderTest.php
  210. +107 −0 dev/tests/unit/testsuite/tools/migration/Acl/Db/UpdaterTest.php
  211. +69 −0 dev/tests/unit/testsuite/tools/migration/Acl/Db/WriterTest.php
  212. +5 −5 dev/tests/unit/testsuite/tools/migration/Acl/GeneratorRemoveTest.php
  213. +6 −6 dev/tests/unit/testsuite/tools/migration/Acl/GeneratorSaveTest.php
  214. +38 −71 dev/tests/unit/testsuite/tools/migration/Acl/GeneratorTest.php
  215. +8 −8 dev/tests/unit/testsuite/tools/migration/Acl/Menu/GeneratorTest.php
  216. 0  ...s/unit/testsuite/tools/migration/Acl/_files/app/code/core/{Mage → ANamespace}/Module/etc/adminhtml.xml
  217. 0  ...t/testsuite/tools/migration/Acl/_files/app/code/core/{Mage → ANamespace}/Module/etc/adminhtml/menu.xml
  218. 0  .../testsuite/tools/migration/Acl/_files/app/code/core/{Enterprise → BNamespace}/Module/etc/adminhtml.xml
  219. 0  ...suite/tools/migration/Acl/_files/app/code/core/{Enterprise → BNamespace}/Module/etc/adminhtml/menu.xml
  220. +1 −0  dev/tests/unit/testsuite/tools/migration/Acl/_files/log/AclXPathToAclId.log
  221. +59 −0 dev/tools/migration/Acl/Db/Adapter/Factory.php
  222. +53 −0 dev/tools/migration/Acl/Db/FileReader.php
  223. +39 −0 dev/tools/migration/Acl/Db/Logger/Console.php
  224. +68 −0 dev/tools/migration/Acl/Db/Logger/Factory.php
  225. +63 −0 dev/tools/migration/Acl/Db/Logger/File.php
  226. +116 −0 dev/tools/migration/Acl/Db/LoggerAbstract.php
  227. +72 −0 dev/tools/migration/Acl/Db/Reader.php
  228. +96 −0 dev/tools/migration/Acl/Db/Updater.php
  229. +66 −0 dev/tools/migration/Acl/Db/Writer.php
  230. +12 −1 dev/tools/migration/Acl/{FileWriter.php → FileManager.php}
  231. +28 −44 dev/tools/migration/Acl/Generator.php
  232. +6 −6 dev/tools/migration/Acl/Menu/Generator.php
  233. +81 −0 dev/tools/migration/Acl/db.php
  234. +2 −2 dev/tools/migration/acl.php
  235. +1 −1  downloader/Maged/Model/Session.php
  236. +9 −8 {app/code/core/Mage/Backend/Model → lib/Magento}/Acl/Config/Reader.php
  237. +6 −5 {app/code/core/Mage/Backend/Model → lib/Magento}/Acl/Config/Reader/Dom.php
  238. +6 −5 {app/code/core/Mage/Backend/Model → lib/Magento}/Acl/Config/ReaderInterface.php
  239. 0  {app/code/core/Mage/Backend/Model → lib/Magento}/Acl/Config/acl.xsd
  240. +40 −0 lib/Magento/Authorization/Policy.php
  241. +69 −0 lib/Magento/Authorization/Policy/Acl.php
  242. +45 −0 lib/Magento/Authorization/Policy/Default.php
  243. +36 −0 lib/Magento/Authorization/RoleLocator.php
  244. +39 −0 lib/Magento/Authorization/RoleLocator/Default.php
  245. +4 −4 lib/Magento/Data/Structure.php
  246. +25 −2 lib/Varien/Simplexml/Element.php
View
11 CHANGELOG.markdown
@@ -1,3 +1,14 @@
+Update as of 8/15/2012
+======================
+* Refactored ACL functionality:
+ * Implementation is not bound to backend area anymore and moved to `Mage_Core` module
+ * Covered backwards-incompatible changes with additional migration tool (`dev/tools/migration/Acl`)
+* Implemented "move" layout directive and slightly modified behavior of "remove"
+* A failure in DB cleanup by integration testing framework is articulated more clearly by throwing `Magento_Exception`
+* Fixed security vulnerability of exploiting Magento "cookie restriction" feature
+* Fixed caching mechanism of loading modules declaration to not cause additional performance overhead
+* Adjusted include path in unit tests to use the original include path at the end, rather than at the beginning
+
Update as of 8/9/2012
=====================
* Improvements:
View
2  app/code/core/Mage/Adminhtml/Block/Cache/Notifications.php
@@ -58,7 +58,7 @@ public function getManageUrl()
*/
protected function _toHtml()
{
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Adminhtml::cache')) {
+ if (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Adminhtml::cache')) {
return parent::_toHtml();
}
return '';
View
2  app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tab/Attributes.php
@@ -99,7 +99,7 @@ protected function _prepareForm()
// Add new attribute button if it is not an image tab
if (!$form->getElement('media_gallery')
- && Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Catalog::attributes_attributes')
+ && Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Catalog::attributes_attributes')
) {
$headerBar = $this->getLayout()->createBlock('Mage_Adminhtml_Block_Catalog_Product_Edit_Tab_Attributes_Create');
View
4 app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tabs.php
@@ -146,7 +146,7 @@ protected function _prepareLayout()
if( $this->getRequest()->getParam('id', false) ) {
if (Mage::helper('Mage_Catalog_Helper_Data')->isModuleEnabled('Mage_Review')) {
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Review::reviews_ratings')){
+ if (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Review::reviews_ratings')){
$this->addTab('reviews', array(
'label' => Mage::helper('Mage_Catalog_Helper_Data')->__('Product Reviews'),
'url' => $this->getUrl('*/*/reviews', array('_current' => true)),
@@ -155,7 +155,7 @@ protected function _prepareLayout()
}
}
if (Mage::helper('Mage_Catalog_Helper_Data')->isModuleEnabled('Mage_Tag')) {
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Tag::tag')){
+ if (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Tag::tag')){
$this->addTab('tags', array(
'label' => Mage::helper('Mage_Catalog_Helper_Data')->__('Product Tags'),
'url' => $this->getUrl('*/*/tagGrid', array('_current' => true)),
View
2  app/code/core/Mage/Adminhtml/Block/Catalog/Product/Grid.php
@@ -301,7 +301,7 @@ protected function _prepareMassaction()
)
));
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Catalog::update_attributes')){
+ if (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Catalog::update_attributes')){
$this->getMassactionBlock()->addItem('attributes', array(
'label' => Mage::helper('Mage_Catalog_Helper_Data')->__('Update Attributes'),
'url' => $this->getUrl('*/catalog_product_action_attribute/edit', array('_current'=>true))
View
2  app/code/core/Mage/Adminhtml/Block/Cms/Page.php
@@ -61,7 +61,7 @@ public function __construct()
*/
protected function _isAllowedAction($resourceId)
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed($resourceId);
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed($resourceId);
}
}
View
2  app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit.php
@@ -86,7 +86,7 @@ public function getHeaderText()
*/
protected function _isAllowedAction($resourceId)
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed($resourceId);
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed($resourceId);
}
/**
View
2  app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit/Tab/Content.php
@@ -148,6 +148,6 @@ public function isHidden()
*/
protected function _isAllowedAction($resourceId)
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed($resourceId);
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed($resourceId);
}
}
View
2  app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit/Tab/Design.php
@@ -181,6 +181,6 @@ public function isHidden()
*/
protected function _isAllowedAction($resourceId)
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed($resourceId);
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed($resourceId);
}
}
View
2  app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit/Tab/Main.php
@@ -172,6 +172,6 @@ public function isHidden()
*/
protected function _isAllowedAction($resourceId)
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed($resourceId);
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed($resourceId);
}
}
View
2  app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit/Tab/Meta.php
@@ -130,6 +130,6 @@ public function isHidden()
*/
protected function _isAllowedAction($resourceId)
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed($resourceId);
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed($resourceId);
}
}
View
2  app/code/core/Mage/Adminhtml/Block/Customer/Edit.php
@@ -39,7 +39,7 @@ public function __construct()
$this->_controller = 'customer';
if ($this->getCustomerId() &&
- Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::create')) {
+ Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::create')) {
$this->_addButton('order', array(
'label' => Mage::helper('Mage_Customer_Helper_Data')->__('Create Order'),
'onclick' => 'setLocation(\'' . $this->getCreateOrderUrl() . '\')',
View
28 app/code/core/Mage/Adminhtml/Block/Customer/Edit/Tabs.php
@@ -44,15 +44,17 @@ public function __construct()
protected function _beforeToHtml()
{
-/*
- if (Mage::registry('current_customer')->getId()) {
- $this->addTab('view', array(
- 'label' => Mage::helper('Mage_Customer_Helper_Data')->__('Customer View'),
- 'content' => $this->getLayout()->createBlock('Mage_Adminhtml_Block_Customer_Edit_Tab_View')->toHtml(),
- 'active' => true
- ));
- }
-*/
+ Magento_Profiler::start('customer/tabs');
+
+ /*
+ if (Mage::registry('current_customer')->getId()) {
+ $this->addTab('view', array(
+ 'label' => Mage::helper('Mage_Customer_Helper_Data')->__('Customer View'),
+ 'content' => $this->getLayout()->createBlock('Mage_Adminhtml_Block_Customer_Edit_Tab_View')->toHtml(),
+ 'active' => true
+ ));
+ }
+ */
$this->addTab('account', array(
'label' => Mage::helper('Mage_Customer_Helper_Data')->__('Account Information'),
'content' => $this->getLayout()
@@ -71,7 +73,7 @@ protected function _beforeToHtml()
if (Mage::registry('current_customer')->getId()) {
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::actions_view')) {
+ if (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::actions_view')) {
$this->addTab('orders', array(
'label' => Mage::helper('Mage_Customer_Helper_Data')->__('Orders'),
'class' => 'ajax',
@@ -91,7 +93,7 @@ protected function _beforeToHtml()
'url' => $this->getUrl('*/*/wishlist', array('_current' => true)),
));
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Newsletter::subscriber')) {
+ if (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Newsletter::subscriber')) {
$this->addTab('newsletter', array(
'label' => Mage::helper('Mage_Customer_Helper_Data')->__('Newsletter'),
'content' => $this->getLayout()
@@ -99,7 +101,7 @@ protected function _beforeToHtml()
));
}
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Review::reviews_ratings')) {
+ if (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Review::reviews_ratings')) {
$this->addTab('reviews', array(
'label' => Mage::helper('Mage_Customer_Helper_Data')->__('Product Reviews'),
'class' => 'ajax',
@@ -107,7 +109,7 @@ protected function _beforeToHtml()
));
}
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Tag::tag')) {
+ if (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Tag::tag')) {
$this->addTab('tags', array(
'label' => Mage::helper('Mage_Customer_Helper_Data')->__('Product Tags'),
'class' => 'ajax',
View
2  app/code/core/Mage/Adminhtml/Block/Customer/Online/Grid.php
@@ -160,7 +160,7 @@ protected function _prepareColumns()
*/
public function getRowUrl($row)
{
- return (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Customer::manage') && $row->getCustomerId())
+ return (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Customer::manage') && $row->getCustomerId())
? $this->getUrl('*/customer/edit', array('id' => $row->getCustomerId())) : '';
}
}
View
3  app/code/core/Mage/Adminhtml/Block/Notification/Survey.php
@@ -43,7 +43,8 @@ public function canShow()
$adminSession = Mage::getSingleton('Mage_Backend_Model_Auth_Session');
$seconds = intval(date('s', time()));
if ($adminSession->getHideSurveyQuestion()
- || !$adminSession->isAllowed(Mage_Backend_Model_Acl_Config::ACL_RESOURCE_ALL)
+ || !Mage::getSingleton('Mage_Core_Model_Authorization')
+ ->isAllowed(Mage_Backend_Model_Acl_Config::ACL_RESOURCE_ALL)
|| Mage_AdminNotification_Model_Survey::isSurveyViewed()
|| !Mage_AdminNotification_Model_Survey::isSurveyUrlValid())
{
View
17 app/code/core/Mage/Adminhtml/Block/Notification/Window.php
@@ -105,11 +105,6 @@ public function canShow()
return false;
}
- if (!$this->_isAllowed()) {
- $this->_available = false;
- return false;
- }
-
if (is_null($this->_available)) {
$this->_available = $this->isShow();
}
@@ -163,16 +158,4 @@ public function getSeverityText()
{
return strtolower(str_replace('SEVERITY_', '', $this->getNoticeSeverity()));
}
-
- /**
- * Check if current block allowed in ACL
- *
- * @param string $resourcePath
- * @return bool
- */
- protected function _isAllowed()
- {
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')
- ->isAllowed('Mage_AdminNotification::show_toolbar');
- }
}
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Creditmemo/Grid.php
@@ -144,7 +144,7 @@ protected function _prepareMassaction()
public function getRowUrl($row)
{
- if (!Mage::getSingleton('Mage_Backend_Model_Auth_Session')
+ if (!Mage::getSingleton('Mage_Core_Model_Authorization')
->isAllowed(Mage_Backend_Model_Acl_Config::ACL_RESOURCE_ALL)
) {
return false;
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Invoice/Grid.php
@@ -145,7 +145,7 @@ protected function _prepareMassaction()
public function getRowUrl($row)
{
- if (!Mage::getSingleton('Mage_Backend_Model_Auth_Session')
+ if (!Mage::getSingleton('Mage_Core_Model_Authorization')
->isAllowed(Mage_Backend_Model_Acl_Config::ACL_RESOURCE_ALL)
) {
return false;
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Items/Abstract.php
@@ -486,7 +486,7 @@ public function canEditQty()
public function canCapture()
{
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::capture')) {
+ if (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::capture')) {
return $this->getInvoice()->canCapture();
}
return false;
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Order.php
@@ -40,7 +40,7 @@ public function __construct()
$this->_headerText = Mage::helper('Mage_Sales_Helper_Data')->__('Orders');
$this->_addButtonLabel = Mage::helper('Mage_Sales_Helper_Data')->__('Create New Order');
parent::__construct();
- if (!Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::create')) {
+ if (!Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::create')) {
$this->_removeButton('add');
}
}
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Order/Creditmemo/View.php
@@ -229,6 +229,6 @@ public function updateBackButtonUrl($flag)
*/
public function _isAllowedAction($resourceId)
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed($resourceId);
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed($resourceId);
}
}
View
10 app/code/core/Mage/Adminhtml/Block/Sales/Order/Grid.php
@@ -120,7 +120,7 @@ protected function _prepareColumns()
'options' => Mage::getSingleton('Mage_Sales_Model_Order_Config')->getStatuses(),
));
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::actions_view')) {
+ if (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::actions_view')) {
$this->addColumn('action',
array(
'header' => Mage::helper('Mage_Sales_Helper_Data')->__('Action'),
@@ -154,21 +154,21 @@ protected function _prepareMassaction()
$this->getMassactionBlock()->setFormFieldName('order_ids');
$this->getMassactionBlock()->setUseSelectAll(false);
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::cancel')) {
+ if (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::cancel')) {
$this->getMassactionBlock()->addItem('cancel_order', array(
'label'=> Mage::helper('Mage_Sales_Helper_Data')->__('Cancel'),
'url' => $this->getUrl('*/sales_order/massCancel'),
));
}
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::hold')) {
+ if (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::hold')) {
$this->getMassactionBlock()->addItem('hold_order', array(
'label'=> Mage::helper('Mage_Sales_Helper_Data')->__('Hold'),
'url' => $this->getUrl('*/sales_order/massHold'),
));
}
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::unhold')) {
+ if (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::unhold')) {
$this->getMassactionBlock()->addItem('unhold_order', array(
'label'=> Mage::helper('Mage_Sales_Helper_Data')->__('Unhold'),
'url' => $this->getUrl('*/sales_order/massUnhold'),
@@ -205,7 +205,7 @@ protected function _prepareMassaction()
public function getRowUrl($row)
{
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::actions_view')) {
+ if (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::actions_view')) {
return $this->getUrl('*/sales_order/view', array('order_id' => $row->getId()));
}
return false;
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Order/Invoice/Create/Items.php
@@ -194,7 +194,7 @@ public function canEditQty()
*/
public function isCaptureAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::capture');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::capture');
}
/**
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Order/Invoice/View.php
@@ -207,6 +207,6 @@ public function updateBackButtonUrl($flag)
*/
protected function _isAllowedAction($resourceId)
{
- return $this->_session->isAllowed($resourceId);
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed($resourceId);
}
}
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Order/Shipment/View.php
@@ -48,7 +48,7 @@ public function __construct()
return;
}
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::emails')) {
+ if (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::emails')) {
$this->_updateButton('save', 'label', Mage::helper('Mage_Sales_Helper_Data')->__('Send Tracking Information'));
$this->_updateButton('save',
'onclick', "deleteConfirm('"
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Order/View.php
@@ -278,7 +278,7 @@ public function getVoidPaymentUrl()
protected function _isAllowedAction($resourceId)
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed($resourceId);
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed($resourceId);
}
/**
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Order/View/History.php
@@ -70,7 +70,7 @@ public function getOrder()
public function canAddComment()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::comment') &&
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::comment') &&
$this->getOrder()->canComment();
}
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Order/View/Tab/Transactions.php
@@ -93,6 +93,6 @@ public function canShowTab()
*/
public function isHidden()
{
- return !Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::transactions_fetch');
+ return !Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::transactions_fetch');
}
}
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Shipment/Grid.php
@@ -139,7 +139,7 @@ protected function _prepareColumns()
*/
public function getRowUrl($row)
{
- if (!Mage::getSingleton('Mage_Backend_Model_Auth_Session')
+ if (!Mage::getSingleton('Mage_Core_Model_Authorization')
->isAllowed(Mage_Backend_Model_Acl_Config::ACL_RESOURCE_ALL)
) {
return false;
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Transactions/Detail.php
@@ -60,7 +60,7 @@ public function __construct()
'class' => 'back'
));
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::transactions_fetch')
+ if (Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::transactions_fetch')
&& $this->_txn->getOrderPaymentObject()->getMethodInstance()->canFetchTransactionInfo()) {
$fetchUrl = $this->getUrl('*/*/fetch' , array('_current' => true));
$this->_addButton('fetch', array(
View
2  app/code/core/Mage/Adminhtml/Block/System/Config/Tabs.php
@@ -327,7 +327,7 @@ public function checkSectionPermissions($aclResourceId=null)
}
if (!$permissions) {
- $permissions = Mage::getSingleton('Mage_Backend_Model_Auth_Session');
+ $permissions = Mage::getSingleton('Mage_Core_Model_Authorization');
}
$showTab = false;
View
36 app/code/core/Mage/Adminhtml/Controller/Action.php
@@ -43,6 +43,27 @@ class Mage_Adminhtml_Controller_Action extends Mage_Backend_Controller_ActionAbs
protected $_currentArea = 'adminhtml';
/**
+ * @var Mage_Core_Model_Translate
+ */
+ protected $_translator;
+
+ /**
+ * Constructor
+ *
+ * @param Zend_Controller_Request_Abstract $request
+ * @param Zend_Controller_Response_Abstract $response
+ * @param array $invokeArgs
+ */
+ public function __construct(Zend_Controller_Request_Abstract $request,
+ Zend_Controller_Response_Abstract $response,
+ array $invokeArgs = array()
+ ) {
+ parent::__construct($request, $response, $invokeArgs);
+
+ $this->_translator = isset($invokeArgs['translator']) ? $invokeArgs['translator'] : $this->_getTranslator();
+ }
+
+ /**
* Translate a phrase
*
* @return string
@@ -52,7 +73,20 @@ public function __()
$args = func_get_args();
$expr = new Mage_Core_Model_Translate_Expr(array_shift($args), $this->getUsedModuleName());
array_unshift($args, $expr);
- return Mage::app()->getTranslator()->translate($args);
+ return $this->_getTranslator()->translate($args);
+ }
+
+ /**
+ * Get translator model
+ *
+ * @return Mage_Core_Model_Translate
+ */
+ protected function _getTranslator()
+ {
+ if (null === $this->_translator) {
+ $this->_translator = Mage::app()->getTranslator();
+ }
+ return $this->_translator;
}
/**
View
2  app/code/core/Mage/Adminhtml/Controller/Sales/Creditmemo.php
@@ -136,6 +136,6 @@ public function printAction()
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::sales_creditmemo');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::sales_creditmemo');
}
}
View
2  app/code/core/Mage/Adminhtml/Controller/Sales/Invoice.php
@@ -148,7 +148,7 @@ public function pdfinvoicesAction(){
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::sales_invoice');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::sales_invoice');
}
}
View
2  app/code/core/Mage/Adminhtml/Controller/Sales/Shipment.php
@@ -114,6 +114,6 @@ public function printAction()
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::shipment');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Sales::shipment');
}
}
View
2  app/code/core/Mage/Adminhtml/controllers/Api/RoleController.php
@@ -212,6 +212,6 @@ protected function _addUserToRole($userId, $roleId)
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Api::roles');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Api::roles');
}
}
View
2  app/code/core/Mage/Adminhtml/controllers/Api/UserController.php
@@ -184,7 +184,7 @@ public function roleGridAction()
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Api::users');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Api::users');
}
}
View
2  app/code/core/Mage/Adminhtml/controllers/CacheController.php
@@ -190,6 +190,6 @@ public function cleanImagesAction()
*/
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Adminhtml::cache');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Adminhtml::cache');
}
}
View
2  app/code/core/Mage/Adminhtml/controllers/Catalog/CategoryController.php
@@ -509,6 +509,6 @@ public function refreshPathAction()
*/
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Catalog::categories');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Catalog::categories');
}
}
View
2  app/code/core/Mage/Adminhtml/controllers/Catalog/Product/Action/AttributeController.php
@@ -216,7 +216,7 @@ protected function _getHelper()
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Catalog::update_attributes');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Catalog::update_attributes');
}
/**
View
2  app/code/core/Mage/Adminhtml/controllers/Catalog/Product/AttributeController.php
@@ -401,6 +401,6 @@ public function deleteAction()
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Catalog::attributes_attributes');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Catalog::attributes_attributes');
}
}
View
2  app/code/core/Mage/Adminhtml/controllers/Catalog/Product/GalleryController.php
@@ -78,6 +78,6 @@ public function uploadAction()
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Catalog::products');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Catalog::products');
}
} // Class Mage_Adminhtml_Catalog_Product_GalleryController End
View
2  app/code/core/Mage/Adminhtml/controllers/Catalog/Product/GroupController.php
@@ -46,6 +46,6 @@ public function saveAction()
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Catalog::products');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Catalog::products');
}
}
View
4 app/code/core/Mage/Adminhtml/controllers/Catalog/Product/ReviewController.php
@@ -381,10 +381,10 @@ protected function _isAllowed()
{
switch ($this->getRequest()->getActionName()) {
case 'pending':
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Review::pending');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Review::pending');
break;
default:
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Review::reviews_all');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Review::reviews_all');
break;
}
}
View
2  app/code/core/Mage/Adminhtml/controllers/Catalog/Product/SetController.php
@@ -226,7 +226,7 @@ protected function _setTypeId()
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Catalog::sets');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Catalog::sets');
}
/**
View
2  app/code/core/Mage/Adminhtml/controllers/Catalog/ProductController.php
@@ -1075,7 +1075,7 @@ public function quickCreateAction()
*/
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Catalog::products');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Catalog::products');
}
/**
View
2  app/code/core/Mage/Adminhtml/controllers/Catalog/SearchController.php
@@ -190,6 +190,6 @@ public function massDeleteAction()
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_CatalogSearch::search');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_CatalogSearch::search');
}
}
View
2  app/code/core/Mage/Adminhtml/controllers/Checkout/AgreementController.php
@@ -162,6 +162,6 @@ protected function _initAction()
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Checkout::checkoutagreement');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Checkout::checkoutagreement');
}
}
View
2  app/code/core/Mage/Adminhtml/controllers/Cms/BlockController.php
@@ -200,6 +200,6 @@ public function deleteAction()
*/
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Cms::block');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Cms::block');
}
}
View
6 app/code/core/Mage/Adminhtml/controllers/Cms/PageController.php
@@ -225,13 +225,13 @@ protected function _isAllowed()
switch ($this->getRequest()->getActionName()) {
case 'new':
case 'save':
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Cms::save');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Cms::save');
break;
case 'delete':
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Cms::page_delete');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Cms::page_delete');
break;
default:
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Cms::page');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Cms::page');
break;
}
}
View
2  app/code/core/Mage/Adminhtml/controllers/Cms/Wysiwyg/ImagesController.php
@@ -229,6 +229,6 @@ protected function _saveSessionCurrentPath()
*/
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Cms::media_gallery');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Cms::media_gallery');
}
}
View
2  app/code/core/Mage/Adminhtml/controllers/Customer/Cart/Product/Composite/CartController.php
@@ -155,6 +155,6 @@ public function updateAction()
*/
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Customer::manage');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Customer::manage');
}
}
View
2  app/code/core/Mage/Adminhtml/controllers/Customer/GroupController.php
@@ -154,6 +154,6 @@ public function deleteAction()
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Customer::group');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Customer::group');
}
}
View
2  app/code/core/Mage/Adminhtml/controllers/Customer/OnlineController.php
@@ -49,6 +49,6 @@ public function indexAction()
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Customer::online');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Customer::online');
}
}
View
2  ...ore/Mage/Adminhtml/controllers/Customer/Wishlist/Product/Composite/WishlistController.php
@@ -142,6 +142,6 @@ public function updateAction()
*/
protected function _isAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Customer::manage');
+ return Mage::getSingleton('Mage_Core_Model_Authorization')->isAllowed('Mage_Customer::manage');
}
}
View
548 app/code/core/Mage/Adminhtml/controllers/CustomerController.php
@@ -34,18 +34,72 @@
class Mage_Adminhtml_CustomerController extends Mage_Adminhtml_Controller_Action
{
+ /**
+ * @var Mage_Core_Model_Config
+ */
+ protected $_objectFactory;
+
+ /**
+ * Event manager
+ *
+ * @var Mage_Core_Model_Event_Manager
+ */
+ protected $_eventManager;
+
+ /**
+ * Registry model
+ *
+ * @var Mage_Core_Model_Registry
+ */
+ protected $_registryManager;
+
+ /**
+ * ACL
+ *
+ * @var Mage_Backend_Model_Auth_Session
+ */
+ protected $_acl;
+
+ /**
+ * Constructor
+ *
+ * @param Zend_Controller_Request_Abstract $request
+ * @param Zend_Controller_Response_Abstract $response
+ * @param array $invokeArgs
+ */
+ public function __construct(Zend_Controller_Request_Abstract $request,
+ Zend_Controller_Response_Abstract $response,
+ array $invokeArgs = array()
+ ) {
+ parent::__construct($request, $response, $invokeArgs);
+
+ $this->_objectFactory = isset($invokeArgs['objectFactory']) ? $invokeArgs['objectFactory'] : Mage::getConfig();
+
+ $this->_registryManager = isset($invokeArgs['registry']) ?
+ $invokeArgs['registry'] :
+ Mage::getSingleton('Mage_Core_Model_Registry');
+
+ $this->_acl = isset($invokeArgs['acl']) ?
+ $invokeArgs['acl'] :
+ Mage::getSingleton('Mage_Core_Model_Authorization');
+
+ $this->_eventManager = isset($invokeArgs['eventManager']) ?
+ $invokeArgs['eventManager'] :
+ Mage::getSingleton('Mage_Core_Model_Event_Manager');
+ }
+
protected function _initCustomer($idFieldName = 'id')
{
$this->_title($this->__('Customers'))->_title($this->__('Manage Customers'));
$customerId = (int) $this->getRequest()->getParam($idFieldName);
- $customer = Mage::getModel('Mage_Customer_Model_Customer');
+ $customer = $this->_objectFactory->getModelInstance('Mage_Customer_Model_Customer');
if ($customerId) {
$customer->load($customerId);
}
- Mage::register('current_customer', $customer);
+ $this->_registryManager->register('current_customer', $customer);
return $this;
}
@@ -77,8 +131,8 @@ public function indexAction()
/**
* Add breadcrumb item
*/
- $this->_addBreadcrumb(Mage::helper('Mage_Adminhtml_Helper_Data')->__('Customers'), Mage::helper('Mage_Adminhtml_Helper_Data')->__('Customers'));
- $this->_addBreadcrumb(Mage::helper('Mage_Adminhtml_Helper_Data')->__('Manage Customers'), Mage::helper('Mage_Adminhtml_Helper_Data')->__('Manage Customers'));
+ $this->_addBreadcrumb($this->_getHelper()->__('Customers'), $this->_getHelper()->__('Customers'));
+ $this->_addBreadcrumb($this->_getHelper()->__('Manage Customers'), $this->_getHelper()->__('Manage Customers'));
$this->renderLayout();
}
@@ -98,10 +152,10 @@ public function editAction()
$this->loadLayout();
/* @var $customer Mage_Customer_Model_Customer */
- $customer = Mage::registry('current_customer');
+ $customer = $this->_registryManager->registry('current_customer');
// set entered data if was error when we do save
- $data = Mage::getSingleton('Mage_Adminhtml_Model_Session')->getCustomerData(true);
+ $data = $this->_getSession()->getCustomerData(true);
// restore data from SESSION
if ($data) {
@@ -110,7 +164,7 @@ public function editAction()
if (isset($data['account'])) {
/* @var $customerForm Mage_Customer_Model_Form */
- $customerForm = Mage::getModel('Mage_Customer_Model_Form');
+ $customerForm = $this->_objectFactory->getModelInstance('Mage_Customer_Model_Form');
$customerForm->setEntity($customer)
->setFormCode('adminhtml_customer')
->setIsAjaxRequest(true);
@@ -120,7 +174,7 @@ public function editAction()
if (isset($data['address']) && is_array($data['address'])) {
/* @var $addressForm Mage_Customer_Model_Form */
- $addressForm = Mage::getModel('Mage_Customer_Model_Form');
+ $addressForm = $this->_objectFactory->getModelInstance('Mage_Customer_Model_Form');
$addressForm->setFormCode('adminhtml_customer_address');
foreach (array_keys($data['address']) as $addressId) {
@@ -130,7 +184,7 @@ public function editAction()
$address = $customer->getAddressItemById($addressId);
if (!$address) {
- $address = Mage::getModel('Mage_Customer_Model_Address');
+ $address = $this->_objectFactory->getModelInstance('Mage_Customer_Model_Address');
$customer->addAddress($address);
}
@@ -165,15 +219,15 @@ public function newAction()
public function deleteAction()
{
$this->_initCustomer();
- $customer = Mage::registry('current_customer');
+ $customer = $this->_registryManager->registry('current_customer');
if ($customer->getId()) {
try {
$customer->load($customer->getId());
$customer->delete();
- Mage::getSingleton('Mage_Adminhtml_Model_Session')->addSuccess(Mage::helper('Mage_Adminhtml_Helper_Data')->__('The customer has been deleted.'));
+ $this->_getSession()->addSuccess($this->_getHelper()->__('The customer has been deleted.'));
}
catch (Exception $e){
- Mage::getSingleton('Mage_Adminhtml_Model_Session')->addError($e->getMessage());
+ $this->_getSession()->addError($e->getMessage());
}
}
$this->_redirect('*/customer');
@@ -186,184 +240,64 @@ public function saveAction()
{
$data = $this->getRequest()->getPost();
if ($data) {
- $redirectBack = $this->getRequest()->getParam('back', false);
- $this->_initCustomer('customer_id');
/** @var $customer Mage_Customer_Model_Customer */
- $customer = Mage::registry('current_customer');
-
- /** @var $customerForm Mage_Customer_Model_Form */
- $customerForm = Mage::getModel('Mage_Customer_Model_Form');
- $customerForm->setEntity($customer)
- ->setFormCode('adminhtml_customer')
- ->ignoreInvisible(false)
- ;
-
- $formData = $customerForm->extractData($this->getRequest(), 'account');
-
- // Handle 'disable auto_group_change' attribute
- if (isset($formData['disable_auto_group_change'])) {
- $formData['disable_auto_group_change'] = empty($formData['disable_auto_group_change']) ? '0' : '1';
- }
-
- $errors = $customerForm->validateData($formData);
- if ($errors !== true) {
- foreach ($errors as $error) {
- $this->_getSession()->addError($error);
- }
- $this->_getSession()->setCustomerData($data);
- $this->getResponse()->setRedirect($this->getUrl('*/customer/edit', array('id' => $customer->getId())));
+ $this->_initCustomer('customer_id');
+ $customer = $this->_registryManager->registry('current_customer');
+ if (!$this->_processData($customer, $data)) {
return;
}
- $customerForm->compactData($formData);
-
// Unset template data
if (isset($data['address']['_template_'])) {
unset($data['address']['_template_']);
}
- $modifiedAddresses = array();
- if (!empty($data['address'])) {
- /** @var $addressForm Mage_Customer_Model_Form */
- $addressForm = Mage::getModel('Mage_Customer_Model_Form');
- $addressForm->setFormCode('adminhtml_customer_address')->ignoreInvisible(false);
-
- foreach (array_keys($data['address']) as $index) {
- $address = $customer->getAddressItemById($index);
- if (!$address) {
- $address = Mage::getModel('Mage_Customer_Model_Address');
- }
-
- $requestScope = sprintf('address/%s', $index);
- $formData = $addressForm->setEntity($address)
- ->extractData($this->getRequest(), $requestScope);
-
- // Set default billing and shipping flags to address
- $isDefaultBilling = isset($data['account']['default_billing'])
- && $data['account']['default_billing'] == $index;
- $address->setIsDefaultBilling($isDefaultBilling);
- $isDefaultShipping = isset($data['account']['default_shipping'])
- && $data['account']['default_shipping'] == $index;
- $address->setIsDefaultShipping($isDefaultShipping);
-
- $errors = $addressForm->validateData($formData);
- if ($errors !== true) {
- foreach ($errors as $error) {
- $this->_getSession()->addError($error);
- }
- $this->_getSession()->setCustomerData($data);
- $this->getResponse()->setRedirect($this->getUrl('*/customer/edit', array(
- 'id' => $customer->getId())
- ));
- return;
- }
-
- $addressForm->compactData($formData);
-
- // Set post_index for detect default billing and shipping addresses
- $address->setPostIndex($index);
-
- if ($address->getId()) {
- $modifiedAddresses[] = $address->getId();
- } else {
- $customer->addAddress($address);
- }
- }
- }
-
- // Default billing and shipping
- if (isset($data['account']['default_billing'])) {
- $customer->setData('default_billing', $data['account']['default_billing']);
- }
- if (isset($data['account']['default_shipping'])) {
- $customer->setData('default_shipping', $data['account']['default_shipping']);
- }
- if (isset($data['account']['confirmation'])) {
- $customer->setData('confirmation', $data['account']['confirmation']);
- }
-
- // Mark not modified customer addresses for delete
- foreach ($customer->getAddressesCollection() as $customerAddress) {
- if ($customerAddress->getId() && !in_array($customerAddress->getId(), $modifiedAddresses)) {
- $customerAddress->setData('_deleted', true);
- }
- }
-
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')
- ->isAllowed(Mage_Backend_Model_Acl_Config::ACL_RESOURCE_ALL)
- && !$customer->getConfirmation()
- ) {
- $customer->setIsSubscribed(isset($data['subscription']));
+ if (!$this->_processAddress($customer, $data)) {
+ return;
}
- if (isset($data['account']['sendemail_store_id'])) {
- $customer->setSendemailStoreId($data['account']['sendemail_store_id']);
- }
+ $this->_processSubscriptionOptions($customer, $data);
$isNewCustomer = $customer->isObjectNew();
try {
$sendPassToEmail = false;
// Force new customer confirmation
if ($isNewCustomer) {
- $customer->setPassword($data['account']['password']);
- $customer->setForceConfirmed(true);
- if ($customer->getPassword() == 'auto') {
- $sendPassToEmail = true;
- $customer->setPassword($customer->generatePassword());
- }
+ $sendPassToEmail = $this->_processPassword($customer, $data);
}
- Mage::dispatchEvent('adminhtml_customer_prepare_save', array(
- 'customer' => $customer,
- 'request' => $this->getRequest()
- ));
+ $this->_eventManager->dispatch(
+ 'adminhtml_customer_prepare_save',
+ array('customer' => $customer, 'request' => $this->getRequest())
+ );
$customer->save();
// Send welcome email
- if ($customer->getWebsiteId() && (isset($data['account']['sendemail']) || $sendPassToEmail)) {
- $storeId = $customer->getSendemailStoreId();
- if ($isNewCustomer) {
- $customer->sendNewAccountEmail('registered', '', $storeId);
- } elseif ((!$customer->getConfirmation())) {
- // Confirm not confirmed customer
- $customer->sendNewAccountEmail('confirmed', '', $storeId);
- }
- }
+ $data = $this->_sendWelcomeEmail($customer, $data, $sendPassToEmail, $isNewCustomer);
- if (!empty($data['account']['new_password'])) {
- $newPassword = $data['account']['new_password'];
- if ($newPassword == 'auto') {
- $newPassword = $customer->generatePassword();
- }
- $customer->changePassword($newPassword);
- $customer->sendPasswordReminderEmail();
- }
+ $data = $this->_changePassword($customer, $data);
- Mage::getSingleton('Mage_Adminhtml_Model_Session')->addSuccess(
- Mage::helper('Mage_Adminhtml_Helper_Data')->__('The customer has been saved.')
+ $this->_session->addSuccess($this->_getHelper()->__('The customer has been saved.'));
+ $this->_eventManager->dispatch(
+ 'adminhtml_customer_save_after',
+ array('customer' => $customer, 'request' => $this->getRequest())
);
- Mage::dispatchEvent('adminhtml_customer_save_after', array(
- 'customer' => $customer,
- 'request' => $this->getRequest()
- ));
- if ($redirectBack) {
- $this->_redirect('*/*/edit', array(
- 'id' => $customer->getId(),
- '_current' => true
- ));
+ if ($this->getRequest()->getParam('back', false)) {
+ $this->_redirect('*/*/edit', array( 'id' => $customer->getId(), '_current' => true));
return;
}
} catch (Mage_Core_Exception $e) {
- $this->_getSession()->addError($e->getMessage());
- $this->_getSession()->setCustomerData($data);
+ $this->_session->addError($e->getMessage());
+ $this->_session->setCustomerData($data);
$this->getResponse()->setRedirect($this->getUrl('*/customer/edit', array('id' => $customer->getId())));
+ return;
} catch (Exception $e) {
- $this->_getSession()->addException($e,
- Mage::helper('Mage_Adminhtml_Helper_Data')->__('An error occurred while saving the customer.'));
- $this->_getSession()->setCustomerData($data);
+ $this->_session->addException($e,
+ $this->_getHelper()->__('An error occurred while saving the customer.'));
+ $this->_session->setCustomerData($data);
$this->getResponse()->setRedirect($this->getUrl('*/customer/edit', array('id'=>$customer->getId())));
return;
}
@@ -372,6 +306,211 @@ public function saveAction()
}
/**
+ * Set customer password
+ *
+ * @param Mage_Customer_Model_Customer $customer
+ * @param array $data
+ * @return bool
+ */
+ protected function _processPassword($customer, $data)
+ {
+ $customer->setPassword($data['account']['password']);
+ $customer->setForceConfirmed(true);
+ if ($customer->getPassword() == 'auto') {
+ $customer->setPassword($customer->generatePassword());
+ return true;
+ }
+ return false;
+ }
+
+ /**
+ * Process subscription options
+ *
+ * @param Mage_Customer_Model_Customer $customer
+ * @param array $data
+ */
+ protected function _processSubscriptionOptions($customer, $data)
+ {
+ if (isset($data['account']['confirmation'])) {
+ $customer->setData('confirmation', $data['account']['confirmation']);
+ }
+
+ if ($this->_acl->isAllowed(Mage_Backend_Model_Acl_Config::ACL_RESOURCE_ALL)
+ && !$customer->getConfirmation()
+ ) {
+ $customer->setIsSubscribed(isset($data['subscription']));
+ }
+
+ if (isset($data['account']['sendemail_store_id'])) {
+ $customer->setSendemailStoreId($data['account']['sendemail_store_id']);
+ }
+ }
+
+ /**
+ * Change Password
+ *
+ * @param Mage_Customer_Model_Customer $customer
+ * @param array $data
+ * @return mixed
+ */
+ protected function _changePassword($customer, $data)
+ {
+ if (!empty($data['account']['new_password'])) {
+ $newPassword = $data['account']['new_password'];
+ if ($newPassword == 'auto') {
+ $newPassword = $customer->generatePassword();
+ }
+ $customer->changePassword($newPassword);
+ $customer->sendPasswordReminderEmail();
+ return $data;
+ }
+ return $data;
+ }
+
+ /**
+ * @param Mage_Customer_Model_Customer $customer
+ * @param array $data
+ * @param bool $sendPassToEmail
+ * @param bool $isNewCustomer
+ * @return mixed
+ */
+ protected function _sendWelcomeEmail($customer, $data, $sendPassToEmail, $isNewCustomer)
+ {
+ if ($customer->getWebsiteId() && (isset($data['account']['sendemail']) || $sendPassToEmail)) {
+ $storeId = $customer->getSendemailStoreId();
+ if ($isNewCustomer) {
+ $customer->sendNewAccountEmail('registered', '', $storeId);
+ return $data;
+ } elseif ((!$customer->getConfirmation())) {
+ // Confirm not confirmed customer
+ $customer->sendNewAccountEmail('confirmed', '', $storeId);
+ return $data;
+ }
+ return $data;
+ }
+ return $data;
+ }
+
+ /**
+ * Process customer address
+ *
+ * @param Mage_Customer_Model_Customer $customer
+ * @param array $data
+ * @return bool
+ */
+ protected function _processAddress($customer, $data)
+ {
+ $modifiedAddresses = array();
+ if (!empty($data['address'])) {
+ $modifiedAddresses = $this->_processAddresses($customer, $data);
+ if ($modifiedAddresses === false) {
+ return false;
+ }
+ }
+
+ // Default billing and shipping
+ if (isset($data['account']['default_billing'])) {
+ $customer->setData('default_billing', $data['account']['default_billing']);
+ }
+ if (isset($data['account']['default_shipping'])) {
+ $customer->setData('default_shipping', $data['account']['default_shipping']);
+ }
+
+ // Mark not modified customer addresses for delete
+ /** @var $customerAddress Mage_Customer_Model_Address */
+ foreach ($customer->getAddressesCollection() as $customerAddress) {
+ if ($customerAddress->getId() && !in_array($customerAddress->getId(), $modifiedAddresses)) {
+ $customerAddress->setData('_deleted', true);
+ }
+ }
+ return true;
+ }
+
+ protected function _processData($customer, $data)
+ {
+ /** @var $customerForm Mage_Customer_Model_Form */
+ $customerForm = $this->_objectFactory->getModelInstance('Mage_Customer_Model_Form');
+ $customerForm->setEntity($customer)
+ ->setFormCode('adminhtml_customer')
+ ->ignoreInvisible(false);
+
+ $formData = $customerForm->extractData($this->getRequest(), 'account');
+
+ // Handle 'disable auto_group_change' attribute
+ if (isset($formData['disable_auto_group_change'])) {
+ $formData['disable_auto_group_change'] = empty($formData['disable_auto_group_change']) ? '0' : '1';
+ }
+
+ $errors = $customerForm->validateData($formData);
+ if ($errors !== true) {
+ foreach ($errors as $error) {
+ $this->_session->addError($error);
+ }
+ $this->_session->setCustomerData($data);
+ $this->getResponse()->setRedirect($this->getUrl('*/customer/edit', array('id' => $customer->getId())));
+ return false;
+ }
+
+ $customerForm->compactData($formData);
+ return true;
+ }
+
+ /**
+ * @param array $data
+ * @param Mage_Customer_Model_Customer $customer
+ * @return array
+ */
+ protected function _processAddresses($customer, $data)
+ {
+ /** @var $addressForm Mage_Customer_Model_Form */
+ $addressForm = $this->_objectFactory->getModelInstance('Mage_Customer_Model_Form');
+ $addressForm->setFormCode('adminhtml_customer_address')->ignoreInvisible(false);
+
+ $modifiedAddresses = array();
+ foreach (array_keys($data['address']) as $index) {
+ $address = $customer->getAddressItemById($index);
+ if (!$address) {
+ $address = $this->_objectFactory->getModelInstance('Mage_Customer_Model_Address');
+ }
+
+ $requestScope = sprintf('address/%s', $index);
+ $formData = $addressForm->setEntity($address)
+ ->extractData($this->getRequest(), $requestScope);
+
+ // Set default billing and shipping flags to address
+ $isDefaultBilling = isset($data['account']['default_billing'])
+ && $data['account']['default_billing'] == $index;
+ $address->setIsDefaultBilling($isDefaultBilling);
+ $isDefaultShipping = isset($data['account']['default_shipping'])
+ && $data['account']['default_shipping'] == $index;
+ $address->setIsDefaultShipping($isDefaultShipping);
+
+ $errors = $addressForm->validateData($formData);
+ if ($errors !== true) {
+ foreach ($errors as $error) {
+ $this->_session->addError($error);
+ }
+ $this->_session->setCustomerData($data);
+ $this->getResponse()->setRedirect($this->getUrl('*/customer/edit', array(
+ 'id' => $customer->getId())
+ ));
+ return false;
+ }
+
+ $addressForm->compactData($formData);
+
+ // Set post_index for detect default billing and shipping addresses
+ $address->setPostIndex($index);
+ if ($address->getId()) {
+ $modifiedAddresses[] = $address->getId();
+ } else {
+ $customer->addAddress($address);
+ }
+ }
+ return $modifiedAddresses;
+ }
+
+ /**
* Export customer grid to CSV format
*/
public function exportCsvAction()
@@ -399,7 +538,8 @@ public function exportXmlAction()
* Customer orders grid
*
*/
- public function ordersAction() {
+ public function ordersAction()
+ {
$this->_initCustomer();
$this->loadLayout();
$this->renderLayout();
@@ -409,7 +549,8 @@ public function ordersAction() {
* Customer last orders grid for ajax
*
*/
- public function lastOrdersAction() {
+ public function lastOrdersAction()
+ {
$this->_initCustomer();
$this->loadLayout();
$this->renderLayout();
@@ -422,10 +563,10 @@ public function lastOrdersAction() {
public function newsletterAction()
{
$this->_initCustomer();
- $subscriber = Mage::getModel('Mage_Newsletter_Model_Subscriber')
- ->loadByCustomer(Mage::registry('current_customer'));
+ $subscriber = $this->_objectFactory->getModelInstance('Mage_Newsletter_Model_Subscriber')
+ ->loadByCustomer($this->_registryManager->registry('current_customer'));
- Mage::register('subscriber', $subscriber);
+ $this->_registryManager->register('subscriber', $subscriber);
$this->loadLayout()
->renderLayout();
}
@@ -433,11 +574,11 @@ public function newsletterAction()
public function wishlistAction()
{
$this->_initCustomer();
- $customer = Mage::registry('current_customer');
+ $customer = $this->_registryManager->registry('current_customer');
if ($customer->getId()) {
- if($itemId = (int) $this->getRequest()->getParam('delete')) {
+ if ($itemId = (int) $this->getRequest()->getParam('delete')) {
try {
- Mage::getModel('Mage_Wishlist_Model_Item')->load($itemId)
+ $this->_objectFactory->getModelInstance('Mage_Wishlist_Model_Item')->load($itemId)
->delete();
}
catch (Exception $e) {
@@ -477,9 +618,9 @@ public function cartAction()
// delete an item from cart
$deleteItemId = $this->getRequest()->getPost('delete');
if ($deleteItemId) {
- $quote = Mage::getModel('Mage_Sales_Model_Quote')
+ $quote = $this->_objectFactory->getModelInstance('Mage_Sales_Model_Quote')
->setWebsite(Mage::app()->getWebsite($websiteId))
- ->loadByCustomer(Mage::registry('current_customer'));
+ ->loadByCustomer($this->_registryManager->registry('current_customer'));
$item = $quote->getItemById($deleteItemId);
if ($item && $item->getId()) {
$quote->removeItem($deleteItemId);
@@ -499,7 +640,7 @@ public function cartAction()
public function viewCartAction()
{
$this->_initCustomer();
- $layout = $this->loadLayout()
+ $this->loadLayout()
->getLayout()
->getBlock('admin.customer.view.cart')
->setWebsiteId();
@@ -527,7 +668,7 @@ public function productReviewsAction()
$this->loadLayout()
->getLayout()
->getBlock('admin.customer.reviews')
- ->setCustomerId(Mage::registry('current_customer')->getId())
+ ->setCustomerId($this->_registryManager->registry('current_customer')->getId())
->setUseAjax(true);
$this->renderLayout();
}
@@ -542,7 +683,7 @@ public function productTagsAction()
$this->loadLayout()
->getLayout()
->getBlock('admin.customer.tags')
- ->setCustomerId(Mage::registry('current_customer')->getId())
+ ->setCustomerId($this->_registryManager->registry('current_customer')->getId())
->setUseAjax(true);
$this->renderLayout();
}
@@ -552,7 +693,7 @@ public function tagGridAction()
$this->_initCustomer();
$this->loadLayout();
$this->getLayout()->getBlock('admin.customer.tags')->setCustomerId(
- Mage::registry('current_customer')
+ $this->_registryManager->registry('current_customer')
);
$this->renderLayout();
}
@@ -564,7 +705,7 @@ public function validateAction()
$websiteId = Mage::app()->getStore()->getWebsiteId();
$accountData = $this->getRequest()->getPost('account');
- $customer = Mage::getModel('Mage_Customer_Model_Customer');
+ $customer = $this->_objectFactory->getModelInstance('Mage_Customer_Model_Customer');
$customerId = $this->getRequest()->getParam('id');
if ($customerId) {
$customer->load($customerId);
@@ -574,7 +715,7 @@ public function validateAction()
}
/* @var $customerForm Mage_Customer_Model_Form */
- $customerForm = Mage::getModel('Mage_Customer_Model_Form');
+ $customerForm = $this->_objectFactory->getModelInstance('Mage_Customer_Model_Form');
$customerForm->setEntity($customer)
->setFormCode('adminhtml_customer')
->setIsAjaxRequest(true)
@@ -594,13 +735,13 @@ public function validateAction()
if (!$response->getError()) {
# Trying to load customer with the same email and return error message
# if customer with the same email address exisits
- $checkCustomer = Mage::getModel('Mage_Customer_Model_Customer')
+ $checkCustomer = $this->_objectFactory->getModelInstance('Mage_Customer_Model_Customer')
->setWebsiteId($websiteId);
$checkCustomer->loadByEmail($accountData['email']);
if ($checkCustomer->getId() && ($checkCustomer->getId() != $customer->getId())) {
$response->setError(1);
$this->_getSession()->addError(
- Mage::helper('Mage_Adminhtml_Helper_Data')->__('Customer with the same email already exists.')
+ $this->_getHelper()->__('Customer with the same email already exists.')
);
}
}
@@ -608,7 +749,7 @@ public function validateAction()
$addressesData = $this->getRequest()->getParam('address');
if (is_array($addressesData)) {
/* @var $addressForm Mage_Customer_Model_Form */
- $addressForm = Mage::getModel('Mage_Customer_Model_Form');
+ $addressForm = $this->_objectFactory->getModelInstance('Mage_Customer_Model_Form');
$addressForm->setFormCode('adminhtml_customer_address')->ignoreInvisible(false);
foreach (array_keys($addressesData) as $index) {
if ($index == '_template_') {
@@ -616,7 +757,7 @@ public function validateAction()
}
$address = $customer->getAddressItemById($index);
if (!$address) {
- $address = Mage::getModel('Mage_Customer_Model_Address');
+ $address = $this->_objectFactory->getModelInstance('Mage_Customer_Model_Address');
}
$requestScope = sprintf('address/%s', $index);
@@ -644,21 +785,22 @@ public function validateAction()
public function massSubscribeAction()
{
$customersIds = $this->getRequest()->getParam('customer');
- if(!is_array($customersIds)) {
- Mage::getSingleton('Mage_Adminhtml_Model_Session')->addError(Mage::helper('Mage_Adminhtml_Helper_Data')->__('Please select customer(s).'));
+ if (!is_array($customersIds)) {
+ $this->_getSession()->addError($this->_getHelper()->__('Please select customer(s).'));
} else {
try {
foreach ($customersIds as $customerId) {
- $customer = Mage::getModel('Mage_Customer_Model_Customer')->load($customerId);
+ $customer = $this->_objectFactory->getModelInstance('Mage_Customer_Model_Customer')
+ ->load($customerId);
$customer->setIsSubscribed(true);
$customer->save();
}
- Mage::getSingleton('Mage_Adminhtml_Model_Session')->addSuccess(
- Mage::helper('Mage_Adminhtml_Helper_Data')->__('Total of %d record(s) were updated.', count($customersIds))
+ $this->_getSession()->addSuccess(
+ $this->_getHelper()->__('Total of %d record(s) were updated.', count($customersIds))
);
} catch (Exception $e) {
- Mage::getSingleton('Mage_Adminhtml_Model_Session')->addError($e->getMessage());
+ $this->_getSession()->addError($e->getMessage());
}
}
$this->_redirect('*/*/index');
@@ -667,20 +809,21 @@ public function massSubscribeAction()
public function massUnsubscribeAction()
{
$customersIds = $this->getRequest()->getParam('customer');
- if(!is_array($customersIds)) {
- Mage::getSingleton('Mage_Adminhtml_Model_Session')->addError(Mage::helper('Mage_Adminhtml_Helper_Data')->__('Please select customer(s).'));
+ if (!is_array($customersIds)) {
+ $this->_getSession()->addError($this->_getHelper()->__('Please select customer(s).'));
} else {
try {
foreach ($customersIds as $customerId) {
- $customer = Mage::getModel('Mage_Customer_Model_Customer')->load($customerId);
+ $customer = $this->_objectFactory->getModelInstance('Mage_Customer_Model_Customer')
+ ->load($customerId);
$customer->setIsSubscribed(false);
$customer->save();
}
- Mage::getSingleton('Mage_Adminhtml_Model_Session')->addSuccess(
- Mage::helper('Mage_Adminhtml_Helper_Data')->__('Total of %d record(s) were updated.', count($customersIds))
+ $this->_getSession()->addSuccess(
+ $this->_getHelper()->__('Total of %d record(s) were updated.', count($customersIds))
);
} catch (Exception $e) {
- Mage::getSingleton('Mage_Adminhtml_Model_Session')->addError($e->getMessage());
+ $this->_getSession()->addError($e->getMessage());
}
}
@@ -690,21 +833,21 @@ public function massUnsubscribeAction()
public function massDeleteAction()
{
$customersIds = $this->getRequest()->getParam('customer');
- if(!is_array($customersIds)) {
- Mage::getSingleton('Mage_Adminhtml_Model_Session')->addError(Mage::helper('Mage_Adminhtml_Helper_Data')->__('Please select customer(s).'));
+ if (!is_array($customersIds)) {
+ $this->_getSession()->addError($this->_getHelper()->__('Please select customer(s).'));
} else {
try {
- $customer = Mage::getModel('Mage_Customer_Model_Customer');
+ $customer = $this->_objectFactory->getModelInstance('Mage_Customer_Model_Customer');
foreach ($customersIds as $customerId) {
$customer->reset()