Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Update as of 8/1/2012

* Refactored ACL for the backend
  * ACL resources
    * Strict configuration format, validated by XSD schema
    * ACL configuration relocation from `app/code/<pool>/<namespace>/<module>/etc/adminhtml.xml` to `app/code/<pool>/<namespace>/<module>/etc/adminhtml/acl.xml`
    * Renamed ACL resource identifiers according to the format `<namespace>_<module>::<resource>` throughout the system
      * Backend menu configuration requires to specify ACL resource identifier in the new format
      * Explicit declaration of ACL resources in `app/code/<pool>/<namespace>/<module>/etc/system.xml` instead of implicit relation by XPath
    * Migration tool `dev/tools/migration/acl.php` to convert ACL configuration from 1.x to 2.x
  * Declaration of ACL resource/role/rule loaders through the area configuration
    * Module `Mage_Backend` declares loader for ACL resources in backend area
    * Module `Mage_User` declares loaders for ACL roles and rules (relations between roles and resources) in backend area
  * Implemented integrity and legacy tests for ACL
* Fixed issues:
  * Losing qty and visibility information when importing products
  * Impossibility to reload captcha on backend
  * Temporary excluded from execution integration test `Mage_Review_Model_Resource_Review_Product_CollectionTest::testGetResultingIds()` and corresponding fixture script, which cause occasional `segmentation fault` (exit code 139)
* Refactored methods with high cyclomatic complexity:
  * `Mage_Adminhtml_Block_System_Store_Edit_Form::_prepareForm()`
  * `Mage_Adminhtml_Block_System_Config_Form::initForm()`
  * `Mage_Adminhtml_Block_System_Config_Form::initFields()`
* GitHub requests:
  * [#32](#32) -- fixed declaration of localization CSV files
  * [#35](#35) -- removed non-used `Mage_Core_Block_Flush` block
  * [#41](#41) -- implemented ability to extends `app/etc/local.xml` by specifying additional config file via `MAGE_LOCAL_CONFIG` environment variable
  • Loading branch information...
commit 7fec10a1d6238d8e0058f9907535d98898b7f3d0 1 parent a27835b
@mage2-team mage2-team authored
Showing with 3,872 additions and 3,383 deletions.
  1. +27 −0 CHANGELOG.markdown
  2. +7 −15 app/code/community/Phoenix/Moneybookers/etc/{adminhtml.xml → adminhtml/acl.xml}
  3. +1 −0  app/code/community/Phoenix/Moneybookers/etc/system.xml
  4. +0 −215 app/code/core/Mage/Admin/Model/Config.php
  5. +0 −171 app/code/core/Mage/Admin/Model/Resource/Acl.php
  6. +0 −63 app/code/core/Mage/AdminNotification/etc/adminhtml.xml
  7. +11 −17 app/code/core/Mage/{DesignEditor/etc/adminhtml.xml → AdminNotification/etc/adminhtml/acl.xml}
  8. +1 −1  app/code/core/Mage/AdminNotification/etc/adminhtml/menu.xml
  9. +1 −1  app/code/core/Mage/Adminhtml/Block/Cache/Notifications.php
  10. +1 −1  app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tab/Attributes.php
  11. +2 −2 app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tabs.php
  12. +1 −1  app/code/core/Mage/Adminhtml/Block/Catalog/Product/Grid.php
  13. +4 −4 app/code/core/Mage/Adminhtml/Block/Cms/Page.php
  14. +5 −5 app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit.php
  15. +4 −4 app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit/Tab/Content.php
  16. +4 −4 app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit/Tab/Design.php
  17. +4 −4 app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit/Tab/Main.php
  18. +4 −4 app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit/Tab/Meta.php
  19. +1 −1  app/code/core/Mage/Adminhtml/Block/Customer/Edit.php
  20. +4 −4 app/code/core/Mage/Adminhtml/Block/Customer/Edit/Tabs.php
  21. +1 −1  app/code/core/Mage/Adminhtml/Block/Customer/Online/Grid.php
  22. +2 −1  app/code/core/Mage/Adminhtml/Block/Notification/Survey.php
  23. +1 −1  app/code/core/Mage/Adminhtml/Block/Notification/Window.php
  24. +3 −1 app/code/core/Mage/Adminhtml/Block/Sales/Creditmemo/Grid.php
  25. +3 −1 app/code/core/Mage/Adminhtml/Block/Sales/Invoice/Grid.php
  26. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Items/Abstract.php
  27. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Order.php
  28. +4 −4 app/code/core/Mage/Adminhtml/Block/Sales/Order/Creditmemo/View.php
  29. +5 −5 app/code/core/Mage/Adminhtml/Block/Sales/Order/Grid.php
  30. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Order/Invoice/Create/Items.php
  31. +7 −7 app/code/core/Mage/Adminhtml/Block/Sales/Order/Invoice/View.php
  32. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Order/Shipment/View.php
  33. +13 −13 app/code/core/Mage/Adminhtml/Block/Sales/Order/View.php
  34. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Order/View/History.php
  35. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Order/View/Tab/Transactions.php
  36. +3 −1 app/code/core/Mage/Adminhtml/Block/Sales/Shipment/Grid.php
  37. +1 −1  app/code/core/Mage/Adminhtml/Block/Sales/Transactions/Detail.php
  38. +289 −187 app/code/core/Mage/Adminhtml/Block/System/Config/Form.php
  39. +5 −7 app/code/core/Mage/Adminhtml/Block/System/Config/Tabs.php
  40. +22 −3 app/code/core/Mage/Adminhtml/Block/System/Store/Edit.php
  41. +0 −346 app/code/core/Mage/Adminhtml/Block/System/Store/Edit/Form.php
  42. +120 −0 app/code/core/Mage/Adminhtml/Block/System/Store/Edit/Form/Group.php
  43. +148 −0 app/code/core/Mage/Adminhtml/Block/System/Store/Edit/Form/Store.php
  44. +111 −0 app/code/core/Mage/Adminhtml/Block/System/Store/Edit/Form/Website.php
  45. +90 −0 app/code/core/Mage/Adminhtml/Block/System/Store/Edit/FormAbstract.php
  46. +1 −1  app/code/core/Mage/Adminhtml/Controller/Sales/Creditmemo.php
  47. +1 −1  app/code/core/Mage/Adminhtml/Controller/Sales/Invoice.php
  48. +1 −1  app/code/core/Mage/Adminhtml/Controller/Sales/Shipment.php
  49. +1 −1  app/code/core/Mage/Adminhtml/controllers/Api/RoleController.php
  50. +1 −1  app/code/core/Mage/Adminhtml/controllers/Api/UserController.php
  51. +1 −1  app/code/core/Mage/Adminhtml/controllers/CacheController.php
  52. +1 −1  app/code/core/Mage/Adminhtml/controllers/Catalog/CategoryController.php
  53. +1 −1  app/code/core/Mage/Adminhtml/controllers/Catalog/Product/Action/AttributeController.php
  54. +1 −1  app/code/core/Mage/Adminhtml/controllers/Catalog/Product/AttributeController.php
  55. +1 −1  app/code/core/Mage/Adminhtml/controllers/Catalog/Product/GalleryController.php
  56. +1 −1  app/code/core/Mage/Adminhtml/controllers/Catalog/Product/GroupController.php
  57. +2 −2 app/code/core/Mage/Adminhtml/controllers/Catalog/Product/ReviewController.php
  58. +1 −1  app/code/core/Mage/Adminhtml/controllers/Catalog/Product/SetController.php
  59. +1 −1  app/code/core/Mage/Adminhtml/controllers/Catalog/ProductController.php
  60. +1 −1  app/code/core/Mage/Adminhtml/controllers/Catalog/SearchController.php
  61. +1 −1  app/code/core/Mage/Adminhtml/controllers/Checkout/AgreementController.php
  62. +1 −1  app/code/core/Mage/Adminhtml/controllers/Cms/BlockController.php
  63. +3 −3 app/code/core/Mage/Adminhtml/controllers/Cms/PageController.php
  64. +1 −1  app/code/core/Mage/Adminhtml/controllers/Cms/Wysiwyg/ImagesController.php
  65. +1 −1  app/code/core/Mage/Adminhtml/controllers/Customer/Cart/Product/Composite/CartController.php
  66. +1 −1  app/code/core/Mage/Adminhtml/controllers/Customer/GroupController.php
  67. +1 −1  app/code/core/Mage/Adminhtml/controllers/Customer/OnlineController.php
  68. +1 −1  app/code/core/Mage/Adminhtml/controllers/Customer/Wishlist/Product/Composite/WishlistController.php
  69. +3 −2 app/code/core/Mage/Adminhtml/controllers/CustomerController.php
  70. +1 −1  app/code/core/Mage/Adminhtml/controllers/DashboardController.php
  71. +1 −1  app/code/core/Mage/Adminhtml/controllers/IndexController.php
  72. +3 −1 app/code/core/Mage/Adminhtml/controllers/Media/EditorController.php
  73. +2 −1  app/code/core/Mage/Adminhtml/controllers/Media/UploaderController.php
  74. +1 −1  app/code/core/Mage/Adminhtml/controllers/Newsletter/ProblemController.php
  75. +1 −1  app/code/core/Mage/Adminhtml/controllers/Newsletter/QueueController.php
  76. +1 −1  app/code/core/Mage/Adminhtml/controllers/Newsletter/SubscriberController.php
  77. +1 −1  app/code/core/Mage/Adminhtml/controllers/Newsletter/TemplateController.php
  78. +5 −5 app/code/core/Mage/Adminhtml/controllers/NotificationController.php
  79. +1 −1  app/code/core/Mage/Adminhtml/controllers/Poll/AnswerController.php
  80. +1 −1  app/code/core/Mage/Adminhtml/controllers/PollController.php
  81. +1 −1  app/code/core/Mage/Adminhtml/controllers/Promo/CatalogController.php
  82. +1 −1  app/code/core/Mage/Adminhtml/controllers/Promo/QuoteController.php
  83. +1 −1  app/code/core/Mage/Adminhtml/controllers/Promo/WidgetController.php
  84. +1 −1  app/code/core/Mage/Adminhtml/controllers/PromoController.php
  85. +1 −1  app/code/core/Mage/Adminhtml/controllers/RatingController.php
  86. +4 −4 app/code/core/Mage/Adminhtml/controllers/Report/CustomerController.php
  87. +4 −4 app/code/core/Mage/Adminhtml/controllers/Report/ProductController.php
  88. +3 −3 app/code/core/Mage/Adminhtml/controllers/Report/ReviewController.php
  89. +9 −9 app/code/core/Mage/Adminhtml/controllers/Report/SalesController.php
  90. +5 −4 app/code/core/Mage/Adminhtml/controllers/Report/ShopcartController.php
  91. +1 −1  app/code/core/Mage/Adminhtml/controllers/Report/StatisticsController.php
  92. +5 −5 app/code/core/Mage/Adminhtml/controllers/Report/TagController.php
  93. +2 −2 app/code/core/Mage/Adminhtml/controllers/ReportController.php
  94. +3 −3 app/code/core/Mage/Adminhtml/controllers/Sales/Billing/AgreementController.php
  95. +5 −5 app/code/core/Mage/Adminhtml/controllers/Sales/Order/CreateController.php
  96. +1 −1  app/code/core/Mage/Adminhtml/controllers/Sales/Order/EditController.php
  97. +1 −1  app/code/core/Mage/Adminhtml/controllers/Sales/Order/StatusController.php
  98. +9 −9 app/code/core/Mage/Adminhtml/controllers/Sales/OrderController.php
  99. +2 −2 app/code/core/Mage/Adminhtml/controllers/Sales/TransactionsController.php
  100. +1 −1  app/code/core/Mage/Adminhtml/controllers/SitemapController.php
  101. +2 −1  app/code/core/Mage/Adminhtml/controllers/SurveyController.php
  102. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/AccountController.php
  103. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/BackupController.php
  104. +4 −4 app/code/core/Mage/Adminhtml/controllers/System/ConfigController.php
  105. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/Convert/GuiController.php
  106. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/Convert/ProfileController.php
  107. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/CurrencyController.php
  108. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/DesignController.php
  109. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/Email/TemplateController.php
  110. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/StoreController.php
  111. +1 −1  app/code/core/Mage/Adminhtml/controllers/System/VariableController.php
  112. +1 −1  app/code/core/Mage/Adminhtml/controllers/SystemController.php
  113. +3 −3 app/code/core/Mage/Adminhtml/controllers/TagController.php
  114. +1 −1  app/code/core/Mage/Adminhtml/controllers/Tax/Class/CustomerController.php
  115. +1 −1  app/code/core/Mage/Adminhtml/controllers/Tax/Class/ProductController.php
  116. +2 −2 app/code/core/Mage/Adminhtml/controllers/Tax/ClassController.php
  117. +3 −3 app/code/core/Mage/Adminhtml/controllers/Tax/RateController.php
  118. +1 −1  app/code/core/Mage/Adminhtml/controllers/Tax/RuleController.php
  119. +1 −1  app/code/core/Mage/Adminhtml/controllers/UrlrewriteController.php
  120. +0 −177 app/code/core/Mage/Adminhtml/etc/adminhtml.xml
  121. +70 −0 app/code/core/Mage/Adminhtml/etc/adminhtml/acl.xml
  122. +15 −15 app/code/core/Mage/Adminhtml/etc/adminhtml/menu.xml
  123. +3 −3 app/code/core/Mage/Adminhtml/etc/config.xml
  124. +2 −2 app/code/core/Mage/Adminhtml/view/adminhtml/adminnotification.xml
  125. +1 −1  app/code/core/Mage/Adminhtml/view/adminhtml/page/header.phtml
  126. +1 −1  app/code/core/Mage/Adminhtml/view/adminhtml/system/config/switcher.phtml
  127. +0 −62 app/code/core/Mage/Api/etc/adminhtml.xml
  128. +12 −16 app/code/core/Mage/{CatalogInventory/etc/adminhtml.xml → Api/etc/adminhtml/acl.xml}
  129. +3 −3 app/code/core/Mage/Api/etc/adminhtml/menu.xml
  130. +1 −0  app/code/core/Mage/Api/etc/system.xml
  131. +1 −1  app/code/core/Mage/Api2/Block/Adminhtml/Attribute/Grid.php
  132. +1 −1  app/code/core/Mage/Api2/Block/Adminhtml/Roles.php
  133. +1 −1  app/code/core/Mage/Api2/Block/Adminhtml/Roles/Grid.php
  134. +1 −1  app/code/core/Mage/Api2/controllers/Adminhtml/Api2/RoleController.php
  135. +0 −73 app/code/core/Mage/Api2/etc/adminhtml.xml
  136. +15 −21 app/code/core/Mage/{Backup/etc/adminhtml.xml → Api2/etc/adminhtml/acl.xml}
  137. +2 −2 app/code/core/Mage/Api2/etc/adminhtml/menu.xml
  138. +1 −1  app/code/core/Mage/Backend/Block/Menu/Item.php
  139. +19 −8 app/code/core/Mage/Backend/Block/Widget/Form/Container.php
  140. +133 −0 app/code/core/Mage/Backend/Model/Acl/Config.php
  141. +110 −0 app/code/core/Mage/Backend/Model/Acl/Config/Reader.php
  142. +13 −18 app/code/core/Mage/{Core/Block/Flush.php → Backend/Model/Acl/Config/Reader/Dom.php}
  143. +43 −0 app/code/core/Mage/Backend/Model/Acl/Config/ReaderInterface.php
  144. +112 −0 app/code/core/Mage/Backend/Model/Acl/Config/acl.xsd
  145. +87 −0 app/code/core/Mage/Backend/Model/Acl/Loader/Resource.php
  146. +7 −7 app/code/core/Mage/Backend/Model/Auth.php
  147. +22 −9 app/code/core/Mage/Backend/Model/Auth/Session.php
  148. +0 −25 app/code/core/Mage/Backend/Model/Menu.php
  149. +2 −1  app/code/core/Mage/Backend/Model/Menu/Builder/Command/Add.php
  150. +2 −2 app/code/core/Mage/Backend/Model/Menu/Config/menu.xsd
  151. +2 −44 app/code/core/Mage/Backend/Model/Menu/Item.php
  152. +8 −3 app/code/core/Mage/Backend/Model/Menu/Item/Validator.php
  153. +3 −4 app/code/core/Mage/Backend/Model/Url.php
  154. +4 −3 app/code/core/Mage/Backend/etc/config.xml
  155. +1 −1  app/code/core/Mage/Backup/Helper/Data.php
  156. +42 −0 app/code/core/Mage/Backup/etc/adminhtml/acl.xml
  157. +1 −1  app/code/core/Mage/Backup/etc/adminhtml/menu.xml
  158. +9 −4 app/code/core/Mage/Captcha/Block/Captcha/Zend.php
  159. +26 −0 app/code/core/Mage/Captcha/etc/config.xml
  160. +0 −77 app/code/core/Mage/Catalog/etc/adminhtml.xml
  161. +50 −0 app/code/core/Mage/Catalog/etc/adminhtml/acl.xml
  162. +7 −7 app/code/core/Mage/Catalog/etc/adminhtml/menu.xml
  163. +1 −0  app/code/core/Mage/Catalog/etc/system.xml
  164. +40 −0 app/code/core/Mage/CatalogInventory/etc/adminhtml/acl.xml
  165. +1 −0  app/code/core/Mage/CatalogInventory/etc/system.xml
  166. +0 −46 app/code/core/Mage/CatalogRule/etc/adminhtml.xml
  167. +38 −0 app/code/core/Mage/CatalogRule/etc/adminhtml/acl.xml
  168. +2 −2 app/code/core/Mage/CatalogRule/etc/adminhtml/menu.xml
  169. +38 −0 app/code/core/Mage/CatalogSearch/etc/adminhtml/acl.xml
  170. +1 −1  app/code/core/Mage/CatalogSearch/etc/adminhtml/menu.xml
  171. +1 −0  app/code/core/Mage/Centinel/etc/system.xml
  172. +0 −57 app/code/core/Mage/Checkout/etc/adminhtml.xml
  173. +43 −0 app/code/core/Mage/Checkout/etc/adminhtml/acl.xml
  174. +1 −1  app/code/core/Mage/Checkout/etc/adminhtml/menu.xml
  175. +1 −0  app/code/core/Mage/Checkout/etc/system.xml
  176. +1 −1  app/code/core/Mage/Cms/Model/Wysiwyg/Config.php
  177. +48 −0 app/code/core/Mage/Cms/etc/adminhtml/acl.xml
  178. +3 −3 app/code/core/Mage/Cms/etc/adminhtml/menu.xml
  179. +1 −0  app/code/core/Mage/Cms/etc/system.xml
  180. +1 −1  app/code/core/Mage/Connect/controllers/Adminhtml/Extension/CustomController.php
  181. +32 −0 app/code/core/Mage/Connect/etc/adminhtml/acl.xml
  182. +3 −3 app/code/core/Mage/Connect/etc/adminhtml/menu.xml
  183. +9 −0 app/code/core/Mage/Connect/etc/config.xml
  184. +40 −0 app/code/core/Mage/Contacts/etc/adminhtml/acl.xml
  185. +1 −0  app/code/core/Mage/Contacts/etc/system.xml
  186. +98 −0 app/code/core/Mage/Core/Model/Acl/Builder.php
  187. +37 −5 app/code/core/Mage/Core/Model/Config.php
  188. +8 −0 app/code/core/Mage/Core/etc/system.xml
  189. +1 −1  app/code/core/Mage/CurrencySymbol/controllers/Adminhtml/System/CurrencysymbolController.php
  190. +0 −54 app/code/core/Mage/CurrencySymbol/etc/adminhtml.xml
  191. +41 −0 app/code/core/Mage/CurrencySymbol/etc/adminhtml/acl.xml
  192. +3 −3 app/code/core/Mage/CurrencySymbol/etc/adminhtml/menu.xml
  193. +45 −0 app/code/core/Mage/Customer/etc/adminhtml/acl.xml
  194. +4 −4 app/code/core/Mage/Customer/etc/adminhtml/menu.xml
  195. +1 −0  app/code/core/Mage/Customer/etc/system.xml
  196. +11 −0 app/code/core/Mage/Dataflow/etc/config.xml
  197. +1 −1  app/code/core/Mage/DesignEditor/controllers/Adminhtml/System/Design/EditorController.php
  198. +40 −0 app/code/core/Mage/DesignEditor/etc/adminhtml/acl.xml
  199. +1 −1  app/code/core/Mage/DesignEditor/etc/adminhtml/menu.xml
  200. +1 −0  app/code/core/Mage/Directory/etc/system.xml
  201. +1 −1  app/code/core/Mage/Downloadable/controllers/Adminhtml/Downloadable/FileController.php
  202. +0 −48 app/code/core/Mage/Downloadable/etc/adminhtml.xml
  203. +40 −0 app/code/core/Mage/Downloadable/etc/adminhtml/acl.xml
  204. +1 −1  app/code/core/Mage/Downloadable/etc/adminhtml/menu.xml
  205. +2 −5 app/code/core/Mage/Eav/Model/Entity/Abstract.php
  206. +17 −0 app/code/core/Mage/Eav/Model/Entity/Attribute.php
  207. +40 −0 app/code/core/Mage/GoogleAnalytics/etc/adminhtml/acl.xml
  208. +1 −0  app/code/core/Mage/GoogleAnalytics/etc/system.xml
  209. +0 −48 app/code/core/Mage/GoogleCheckout/etc/adminhtml.xml
  210. +40 −0 app/code/core/Mage/GoogleCheckout/etc/adminhtml/acl.xml
  211. +1 −0  app/code/core/Mage/GoogleCheckout/etc/system.xml
  212. +4 −4 app/code/core/Mage/GoogleOptimizer/Block/Adminhtml/Cms/Page/Edit/Tab/Googleoptimizer.php
  213. +1 −1  app/code/core/Mage/GoogleShopping/controllers/Adminhtml/Googleshopping/ItemsController.php
  214. +1 −1  app/code/core/Mage/GoogleShopping/controllers/Adminhtml/Googleshopping/TypesController.php
  215. +0 −55 app/code/core/Mage/GoogleShopping/etc/adminhtml.xml
  216. +41 −0 app/code/core/Mage/GoogleShopping/etc/adminhtml/acl.xml
  217. +3 −3 app/code/core/Mage/GoogleShopping/etc/adminhtml/menu.xml
  218. +22 −7 app/code/core/Mage/ImportExport/Model/Import/Entity/Product.php
  219. +24 −5 app/code/core/Mage/ImportExport/Model/Import/Entity/Product/Type/Abstract.php
  220. +1 −1  app/code/core/Mage/ImportExport/controllers/Adminhtml/ExportController.php
  221. +1 −1  app/code/core/Mage/ImportExport/controllers/Adminhtml/ImportController.php
  222. +0 −53 app/code/core/Mage/ImportExport/etc/adminhtml.xml
  223. +41 −0 app/code/core/Mage/ImportExport/etc/adminhtml/acl.xml
  224. +2 −2 app/code/core/Mage/ImportExport/etc/adminhtml/menu.xml
  225. +9 −0 app/code/core/Mage/ImportExport/etc/config.xml
  226. +1 −1  app/code/core/Mage/Index/Block/Adminhtml/Notifications.php
  227. +1 −1  app/code/core/Mage/Index/controllers/Adminhtml/ProcessController.php
  228. +38 −0 app/code/core/Mage/Index/etc/adminhtml/acl.xml
  229. +1 −1  app/code/core/Mage/Index/etc/adminhtml/menu.xml
  230. +0 −66 app/code/core/Mage/Newsletter/etc/adminhtml.xml
  231. +46 −0 app/code/core/Mage/Newsletter/etc/adminhtml/acl.xml
  232. +5 −5 app/code/core/Mage/Newsletter/etc/adminhtml/menu.xml
  233. +1 −0  app/code/core/Mage/Newsletter/etc/system.xml
  234. +1 −1  app/code/core/Mage/Oauth/Block/Adminhtml/Oauth/AuthorizedTokens/Grid.php
  235. +1 −1  app/code/core/Mage/Oauth/Block/Adminhtml/Oauth/Consumer.php
  236. +1 −1  app/code/core/Mage/Oauth/Block/Adminhtml/Oauth/Consumer/Edit.php
  237. +1 −1  app/code/core/Mage/Oauth/Block/Adminhtml/Oauth/Consumer/Grid.php
  238. +1 −1  app/code/core/Mage/Oauth/controllers/Adminhtml/Oauth/Admin/TokenController.php
  239. +1 −1  app/code/core/Mage/Oauth/controllers/Adminhtml/Oauth/AuthorizedTokensController.php
  240. +16 −8 app/code/core/Mage/Oauth/controllers/Adminhtml/Oauth/ConsumerController.php
  241. +0 −75 app/code/core/Mage/Oauth/etc/adminhtml.xml
  242. +48 −0 app/code/core/Mage/Oauth/etc/adminhtml/acl.xml
  243. +3 −3 app/code/core/Mage/Oauth/etc/adminhtml/menu.xml
  244. +1 −0  app/code/core/Mage/Oauth/etc/system.xml
  245. +9 −0 app/code/core/Mage/Ogone/etc/config.xml
  246. +1 −1  app/code/core/Mage/PageCache/Block/Adminhtml/Cache/Additional.php
  247. +1 −1  app/code/core/Mage/PageCache/controllers/Adminhtml/PageCacheController.php
  248. +36 −0 app/code/core/Mage/PageCache/etc/adminhtml/acl.xml
  249. +0 −51 app/code/core/Mage/Payment/etc/adminhtml.xml
  250. +41 −0 app/code/core/Mage/Payment/etc/adminhtml/acl.xml
  251. +1 −0  app/code/core/Mage/Payment/etc/system.xml
  252. +3 −3 app/code/core/Mage/Paypal/controllers/Adminhtml/Paypal/ReportsController.php
  253. +0 −67 app/code/core/Mage/Paypal/etc/adminhtml.xml
  254. +48 −0 app/code/core/Mage/Paypal/etc/adminhtml/acl.xml
  255. +1 −1  app/code/core/Mage/Paypal/etc/adminhtml/menu.xml
  256. +0 −48 app/code/core/Mage/Persistent/etc/adminhtml.xml
  257. +40 −0 app/code/core/Mage/Persistent/etc/adminhtml/acl.xml
  258. +1 −1  app/code/core/Mage/Persistent/etc/system.xml
  259. +38 −0 app/code/core/Mage/Poll/etc/adminhtml/acl.xml
  260. +1 −1  app/code/core/Mage/Poll/etc/adminhtml/menu.xml
  261. +0 −48 app/code/core/Mage/Rating/etc/adminhtml.xml
  262. +40 −0 app/code/core/Mage/Rating/etc/adminhtml/acl.xml
  263. +0 −153 app/code/core/Mage/Reports/etc/adminhtml.xml
  264. +77 −0 app/code/core/Mage/Reports/etc/adminhtml/acl.xml
  265. +22 −22 app/code/core/Mage/Reports/etc/adminhtml/menu.xml
  266. +1 −0  app/code/core/Mage/Reports/etc/system.xml
  267. +0 −57 app/code/core/Mage/Review/etc/adminhtml.xml
  268. +11 −16 app/code/core/Mage/{Contacts/etc/adminhtml.xml → Review/etc/adminhtml/acl.xml}
  269. +8 −8 app/code/core/Mage/Review/etc/adminhtml/menu.xml
  270. +1 −1  app/code/core/Mage/Rss/controllers/OrderController.php
  271. +0 −49 app/code/core/Mage/Rss/etc/adminhtml.xml
  272. +40 −0 app/code/core/Mage/Rss/etc/adminhtml/acl.xml
  273. +1 −0  app/code/core/Mage/Rss/etc/system.xml
  274. +5 −5 app/code/core/Mage/Sales/Block/Adminhtml/Billing/Agreement/View.php
  275. +1 −1  app/code/core/Mage/Sales/Block/Adminhtml/Recurring/Profile/View/Tab/Orders.php
  276. +1 −1  app/code/core/Mage/Sales/Model/Observer.php
  277. +0 −139 app/code/core/Mage/Sales/etc/adminhtml.xml
  278. +78 −0 app/code/core/Mage/Sales/etc/adminhtml/acl.xml
  279. +9 −9 app/code/core/Mage/Sales/etc/adminhtml/menu.xml
  280. +3 −0  app/code/core/Mage/Sales/etc/system.xml
  281. +43 −0 app/code/core/Mage/SalesRule/etc/adminhtml/acl.xml
  282. +1 −1  app/code/core/Mage/SalesRule/etc/adminhtml/menu.xml
  283. +1 −0  app/code/core/Mage/Sendfriend/etc/system.xml
  284. +0 −53 app/code/core/Mage/Shipping/etc/adminhtml.xml
  285. +41 −0 app/code/core/Mage/Shipping/etc/adminhtml/acl.xml
  286. +2 −0  app/code/core/Mage/Shipping/etc/system.xml
  287. +0 −55 app/code/core/Mage/Sitemap/etc/adminhtml.xml
  288. +43 −0 app/code/core/Mage/Sitemap/etc/adminhtml/acl.xml
  289. +1 −1  app/code/core/Mage/Sitemap/etc/adminhtml/menu.xml
  290. +1 −0  app/code/core/Mage/Sitemap/etc/system.xml
  291. +0 −52 app/code/core/Mage/Tag/etc/adminhtml.xml
  292. +41 −0 app/code/core/Mage/Tag/etc/adminhtml/acl.xml
  293. +7 −7 app/code/core/Mage/Tag/etc/adminhtml/menu.xml
  294. +0 −79 app/code/core/Mage/Tax/etc/adminhtml.xml
  295. +49 −0 app/code/core/Mage/Tax/etc/adminhtml/acl.xml
  296. +6 −6 app/code/core/Mage/Tax/etc/adminhtml/menu.xml
  297. +1 −0  app/code/core/Mage/Tax/etc/system.xml
  298. +18 −34 app/code/core/Mage/User/Block/Role/Tab/Edit.php
  299. +84 −0 app/code/core/Mage/User/Model/Acl/Loader/Role.php
  300. +72 −0 app/code/core/Mage/User/Model/Acl/Loader/Rule.php
Sorry, we could not display the entire diff because too many files (445) changed.
View
27 CHANGELOG.markdown
@@ -1,3 +1,30 @@
+Update as of 8/1/2012
+=====================
+* Refactored ACL for the backend
+ * ACL resources
+ * Strict configuration format, validated by XSD schema
+ * ACL configuration relocation from `app/code/<pool>/<namespace>/<module>/etc/adminhtml.xml` to `app/code/<pool>/<namespace>/<module>/etc/adminhtml/acl.xml`
+ * Renamed ACL resource identifiers according to the format `<namespace>_<module>::<resource>` throughout the system
+ * Backend menu configuration requires to specify ACL resource identifier in the new format
+ * Explicit declaration of ACL resources in `app/code/<pool>/<namespace>/<module>/etc/system.xml` instead of implicit relation by XPath
+ * Migration tool `dev/tools/migration/acl.php` to convert ACL configuration from 1.x to 2.x
+ * Declaration of ACL resource/role/rule loaders through the area configuration
+ * Module `Mage_Backend` declares loader for ACL resources in backend area
+ * Module `Mage_User` declares loaders for ACL roles and rules (relations between roles and resources) in backend area
+ * Implemented integrity and legacy tests for ACL
+* Fixed issues:
+ * Losing qty and visibility information when importing products
+ * Impossibility to reload captcha on backend
+ * Temporary excluded from execution integration test `Mage_Review_Model_Resource_Review_Product_CollectionTest::testGetResultingIds()` and corresponding fixture script, which cause occasional `segmentation fault` (exit code 139)
+* Refactored methods with high cyclomatic complexity:
+ * `Mage_Adminhtml_Block_System_Store_Edit_Form::_prepareForm()`
+ * `Mage_Adminhtml_Block_System_Config_Form::initForm()`
+ * `Mage_Adminhtml_Block_System_Config_Form::initFields()`
+* GitHub requests:
+ * [#32](https://github.com/magento/magento2/pull/32) -- fixed declaration of localization CSV files
+ * [#35](https://github.com/magento/magento2/issues/35) -- removed non-used `Mage_Core_Block_Flush` block
+ * [#41](https://github.com/magento/magento2/pull/41) -- implemented ability to extends `app/etc/local.xml` by specifying additional config file via `MAGE_LOCAL_CONFIG` environment variable
+
Update as of 7/26/2012
=====================
* Implemented Magento Validator library in order to have clear solid mechanism and formal rules of input data validation
View
22 .../community/Phoenix/Moneybookers/etc/adminhtml.xml → ...munity/Phoenix/Moneybookers/etc/adminhtml/acl.xml
@@ -28,21 +28,13 @@
<config>
<acl>
<resources>
- <admin>
- <children>
- <system>
- <children>
- <config>
- <children>
- <moneybookers translate="title" module="Phoenix_Moneybookers">
- <title>Moneybookers Settings</title>
- </moneybookers>
- </children>
- </config>
- </children>
- </system>
- </children>
- </admin>
+ <resource id="Mage_Adminhtml::admin">
+ <resource id="Mage_Adminhtml::system">
+ <resource id="Mage_Adminhtml::config">
+ <resource id="Phoenix_Moneybookers::moneybookers" module="Phoenix_Moneybookers" title="Moneybookers Settings" />
+ </resource>
+ </resource>
+ </resource>
</resources>
</acl>
</config>
View
1  app/code/community/Phoenix/Moneybookers/etc/system.xml
@@ -35,6 +35,7 @@
<show_in_default>1</show_in_default>
<show_in_website>1</show_in_website>
<show_in_store>1</show_in_store>
+ <resource>Phoenix_Moneybookers::moneybookers</resource>
<groups>
<settings translate="label">
<label>Moneybookers Settings</label>
View
215 app/code/core/Mage/Admin/Model/Config.php
@@ -110,221 +110,6 @@ protected function _getHelper($module)
}
/**
- * Load Acl resources from config
- *
- * @param Mage_Admin_Model_Acl $acl
- * @param Mage_Core_Model_Config_Element $resource
- * @param string $parentName
- * @return Mage_Admin_Model_Config
- */
- public function loadAclResources(Mage_Admin_Model_Acl $acl, $resource = null, $parentName = null)
- {
- if (is_null($resource)) {
- $resource = $this->getAdminhtmlConfig()->getNode("acl/resources");
- $resourceName = null;
- } else {
- $resourceName = (is_null($parentName) ? '' : $parentName . '/') . $resource->getName();
- $acl->add(Mage::getModel('Mage_Admin_Model_Acl_Resource', $resourceName), $parentName);
- }
-
- if (isset($resource->all)) {
- $acl->add(Mage::getModel('Mage_Admin_Model_Acl_Resource', 'all'), null);
- }
-
- if (isset($resource->admin)) {
- $children = $resource->admin;
- } elseif (isset($resource->children)){
- $children = $resource->children->children();
- }
-
-
-
- if (empty($children)) {
- return $this;
- }
-
- foreach ($children as $res) {
- if (1 == $res->disabled) {
- continue;
- }
- $this->loadAclResources($acl, $res, $resourceName);
- }
- return $this;
- }
-
- /**
- * Retrieve Acl Resource Tree with module and path information
- *
- * @return Varien_Simplexml_Element
- */
- public function getAclResourceTree()
- {
- return $this->_walkResourceTree();
- }
-
- /**
- * Retrieve flat Acl Resource list with level information
- * @param bool $shortFormat
- * @return array
- */
- public function getAclResourceList($shortFormat = false)
- {
- return $this->_flattenResourceTree(null, null, 0, 'Mage_Backend', $shortFormat);
- }
-
- /**
- * Decorate acl resource tree
- *
- * @param Varien_Simplexml_Element $resource
- * @param null $parentName
- * @param string $module
- * @return Varien_Simplexml_Element
- */
- protected function _walkResourceTree(Varien_Simplexml_Element $resource = null,
- $parentName = null, $module = 'Mage_Backend')
- {
- $resourceName = $parentName;
- if (is_null($resource)) {
- $resource = $this->getAdminhtmlConfig()->getNode('acl/resources');
- $resourceName = null;
- $level = -1;
- } else {
- if (!$this->_isServiceElement($resource)) {
- $resourceName = $this->_buildFullResourceName($resource, $parentName);
- //assigning module for its' children nodes
- if ($resource->getAttribute('module')) {
- $module = (string)$resource->getAttribute('module');
-
- }
- $resource->addAttribute('aclpath', $resourceName);
- $resource->addAttribute('module_c', $module);
- }
- }
-
- //check children and run recursion if they exists
- $children = $resource->children();
- foreach ($children as $key => $child) {
- if (1 == $child->disabled) {
- $resource->{$key} = null;
- continue;
- }
- $this->_walkResourceTree($child, $resourceName, $module);
- }
- return $resource;
- }
-
- /**
- * Flatten acl resources tree
- *
- * @param null|Varien_Simplexml_Element $resource
- * @param null $parentName
- * @param int $level
- * @param string $module
- * @param bool $shortFormat
- * @return array
- */
- protected function _flattenResourceTree(Varien_Simplexml_Element $resource = null,
- $parentName = null, $level = 0, $module = 'Mage_Backend', $shortFormat = false)
- {
- $result = array();
- $resourceName = $parentName;
- if (is_null($resource)) {
- $resource = $this->getAdminhtmlConfig()->getNode('acl/resources');
- $resourceName = null;
- $level = -1;
- } else {
- if (!$this->_isServiceElement($resource)) {
- $resourceName = $this->_buildFullResourceName($resource, $parentName);
-
- if ($shortFormat) {
- $result[] = $resourceName;
- } else {
- if ($resource->getAttribute('module')) {
- $module = (string)$resource->getAttribute('module');
- }
- $result[$resourceName]['name'] = $this->_getHelper($module)->__((string)$resource->title);
- $result[$resourceName]['level'] = $level;
- }
- }
- }
- //check children and run recursion if they exists
- $children = $resource->children();
- foreach ($children as $key => $child) {
- if (1 == $child->disabled) {
- continue;
- }
- $result = array_merge(
- $this->_flattenResourceTree($child, $resourceName, $level + 1, $module, $shortFormat),
- $result
- );
- }
- return $result;
- }
-
- /**
- * Check whether provided element is a service element of Admin Xml configuration
- *
- * @param Varien_Simplexml_Element $resource
- * @return bool
- */
- protected function _isServiceElement(Varien_Simplexml_Element $resource)
- {
- return in_array($resource->getName(), array('title', 'sort_order', 'children', 'disabled'));
- }
-
- /**
- * Build acl resource name with path to parent
- *
- * @param Varien_Simplexml_Element $resource
- * @param string $path
- * @return string
- */
- protected function _buildFullResourceName(Varien_Simplexml_Element $resource, $path = null)
- {
- return (is_null($path) ? '' : $path . '/') . $resource->getName();
- }
-
- /**
- * Get acl assert config
- *
- * @param string $name
- * @return Mage_Core_Model_Config_Element|boolean
- */
- public function getAclAssert($name = '')
- {
- $asserts = $this->getNode("admin/acl/asserts");
- if ('' === $name) {
- return $asserts;
- }
-
- if (isset($asserts->$name)) {
- return $asserts->$name;
- }
-
- return false;
- }
-
- /**
- * Retrieve privilege set by name
- *
- * @param string $name
- * @return Mage_Core_Model_Config_Element|boolean
- */
- public function getAclPrivilegeSet($name = '')
- {
- $sets = $this->getNode("admin/acl/privilegeSets");
- if ('' === $name) {
- return $sets;
- }
-
- if (isset($sets->$name)) {
- return $sets->$name;
- }
-
- return false;
- }
-
- /**
* Retrieve xml config
*
* @return Varien_Simplexml_Config
View
171 app/code/core/Mage/Admin/Model/Resource/Acl.php
@@ -1,171 +0,0 @@
-<?php
-/**
- * Magento
- *
- * NOTICE OF LICENSE
- *
- * This source file is subject to the Open Software License (OSL 3.0)
- * that is bundled with this package in the file LICENSE.txt.
- * It is also available through the world-wide-web at this URL:
- * http://opensource.org/licenses/osl-3.0.php
- * If you did not receive a copy of the license and are unable to
- * obtain it through the world-wide-web, please send an email
- * to license@magentocommerce.com so we can send you a copy immediately.
- *
- * DISCLAIMER
- *
- * Do not edit or add to this file if you wish to upgrade Magento to newer
- * versions in the future. If you wish to customize Magento for your
- * needs please refer to http://www.magentocommerce.com for more information.
- *
- * @category Mage
- * @package Mage_Admin
- * @copyright Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
- * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
- */
-
-
-/**
- * Resource model for admin ACL
- *
- * @category Mage
- * @package Mage_Admin
- * @author Magento Core Team <core@magentocommerce.com>
- */
-class Mage_Admin_Model_Resource_Acl extends Mage_Core_Model_Resource_Db_Abstract
-{
- const ACL_ALL_RULES = 'all';
-
- /**
- * Initialize resource
- *
- */
- protected function _construct()
- {
- $this->_init('admin_role', 'role_id');
- }
-
- /**
- * Load ACL for the user
- *
- * @return Mage_Admin_Model_Acl
- */
- public function loadAcl()
- {
- $acl = Mage::getModel('Mage_Admin_Model_Acl');
-
- Mage::getSingleton('Mage_Admin_Model_Config')->loadAclResources($acl);
-
- $roleTable = $this->getTable('admin_role');
- $ruleTable = $this->getTable('admin_rule');
- $assertTable = $this->getTable('admin_assert');
-
- $adapter = $this->_getReadAdapter();
-
- $select = $adapter->select()
- ->from($roleTable)
- ->order('tree_level');
-
- $rolesArr = $adapter->fetchAll($select);
-
- $this->loadRoles($acl, $rolesArr);
-
- $select = $adapter->select()
- ->from(array('r' => $ruleTable))
- ->joinLeft(
- array('a' => $assertTable),
- 'a.assert_id = r.assert_id',
- array('assert_type', 'assert_data')
- );
-
- $rulesArr = $adapter->fetchAll($select);
-
- $this->loadRules($acl, $rulesArr);
-
- return $acl;
- }
-
- /**
- * Load roles
- *
- * @param Mage_Admin_Model_Acl $acl
- * @param array $rolesArr
- * @return Mage_Admin_Model_Resource_Acl
- */
- public function loadRoles(Mage_Admin_Model_Acl $acl, array $rolesArr)
- {
- foreach ($rolesArr as $role) {
- $parent = ($role['parent_id'] > 0) ? Mage_Admin_Model_Acl::ROLE_TYPE_GROUP . $role['parent_id'] : null;
- switch ($role['role_type']) {
- case Mage_Admin_Model_Acl::ROLE_TYPE_GROUP:
- $roleId = $role['role_type'] . $role['role_id'];
- $acl->addRole(Mage::getModel('Mage_Admin_Model_Acl_Role_Group', $roleId), $parent);
- break;
-
- case Mage_Admin_Model_Acl::ROLE_TYPE_USER:
- $roleId = $role['role_type'] . $role['user_id'];
- if (!$acl->hasRole($roleId)) {
- $acl->addRole(Mage::getModel('Mage_Admin_Model_Acl_Role_User', $roleId), $parent);
- } else {
- $acl->addRoleParent($roleId, $parent);
- }
- break;
- }
- }
-
- return $this;
- }
-
- /**
- * Load rules
- *
- * @param Mage_Admin_Model_Acl $acl
- * @param array $rulesArr
- * @return Mage_Admin_Model_Resource_Acl
- */
- public function loadRules(Mage_Admin_Model_Acl $acl, array $rulesArr)
- {
- foreach ($rulesArr as $rule) {
- $role = $rule['role_type'] . $rule['role_id'];
- $resource = $rule['resource_id'];
- $privileges = !empty($rule['privileges']) ? explode(',', $rule['privileges']) : null;
-
- $assert = null;
- if (0 != $rule['assert_id']) {
- $assertClass = Mage::getSingleton('Mage_Admin_Model_Config')->getAclAssert($rule['assert_type'])->getClassName();
- $assert = new $assertClass(unserialize($rule['assert_data']));
- }
- try {
- if ( $rule['permission'] == 'allow' ) {
- if ($resource === self::ACL_ALL_RULES) {
- $acl->allow($role, null, $privileges, $assert);
- }
- $acl->allow($role, $resource, $privileges, $assert);
- } else if ( $rule['permission'] == 'deny' ) {
- $acl->deny($role, $resource, $privileges, $assert);
- }
- } catch (Exception $e) {
- //$m = $e->getMessage();
- //if ( eregi("^Resource '(.*)' not found", $m) ) {
- // Deleting non existent resource rule from rules table
- //$cond = $this->_write->quoteInto('resource_id = ?', $resource);
- //$this->_write->delete(Mage::getSingleton('Mage_Core_Model_Resource')->getTableName('admin_rule'), $cond);
- //} else {
- //TODO: We need to log such exceptions to somewhere like a system/errors.log
- //}
- }
- /*
- switch ($rule['permission']) {
- case Mage_Admin_Model_Acl::RULE_PERM_ALLOW:
- $acl->allow($role, $resource, $privileges, $assert);
- break;
-
- case Mage_Admin_Model_Acl::RULE_PERM_DENY:
- $acl->deny($role, $resource, $privileges, $assert);
- break;
- }
- */
- }
- return $this;
- }
-}
View
63 app/code/core/Mage/AdminNotification/etc/adminhtml.xml
@@ -1,63 +0,0 @@
-<?xml version="1.0"?>
-<!--
-/**
- * Magento
- *
- * NOTICE OF LICENSE
- *
- * This source file is subject to the Academic Free License (AFL 3.0)
- * that is bundled with this package in the file LICENSE_AFL.txt.
- * It is also available through the world-wide-web at this URL:
- * http://opensource.org/licenses/afl-3.0.php
- * If you did not receive a copy of the license and are unable to
- * obtain it through the world-wide-web, please send an email
- * to license@magentocommerce.com so we can send you a copy immediately.
- *
- * DISCLAIMER
- *
- * Do not edit or add to this file if you wish to upgrade Magento to newer
- * versions in the future. If you wish to customize Magento for your
- * needs please refer to http://www.magentocommerce.com for more information.
- *
- * @category Mage
- * @package Mage_AdminNotification
- * @copyright Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
- * @license http://opensource.org/licenses/afl-3.0.php Academic Free License (AFL 3.0)
- */
--->
-<config>
- <acl>
- <resources>
- <admin>
- <children>
- <system>
- <children>
- <adminnotification translate="title" module="Mage_AdminNotification">
- <title>Notifications</title>
- <sort_order>10</sort_order>
- <children>
- <show_toolbar translate="title">
- <title>Show Toolbar</title>
- <sort_order>10</sort_order>
- </show_toolbar>
- <show_list translate="title">
- <title>Show List</title>
- <sort_order>20</sort_order>
- </show_list>
- <mark_as_read translate="title">
- <title>Mark as read</title>
- <sort_order>30</sort_order>
- </mark_as_read>
- <remove translate="title">
- <title>Remove</title>
- <sort_order>40</sort_order>
- </remove>
- </children>
- </adminnotification>
- </children>
- </system>
- </children>
- </admin>
- </resources>
- </acl>
-</config>
View
28 app/code/core/Mage/DesignEditor/etc/adminhtml.xml → ...core/Mage/AdminNotification/etc/adminhtml/acl.xml
@@ -20,7 +20,7 @@
* needs please refer to http://www.magentocommerce.com for more information.
*
* @category Mage
- * @package Mage_DesignEditor
+ * @package Mage_AdminNotification
* @copyright Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
* @license http://opensource.org/licenses/afl-3.0.php Academic Free License (AFL 3.0)
*/
@@ -28,22 +28,16 @@
<config>
<acl>
<resources>
- <admin>
- <children>
- <system>
- <children>
- <design>
- <children>
- <editor translate="title" module="Mage_DesignEditor">
- <title>Editor</title>
- <sort_order>20</sort_order>
- </editor>
- </children>
- </design>
- </children>
- </system>
- </children>
- </admin>
+ <resource id="Mage_Adminhtml::admin">
+ <resource id="Mage_Adminhtml::system">
+ <resource id="Mage_AdminNotification::adminnotification" module="Mage_AdminNotification" title="Notifications" sortOrder="10">
+ <resource id="Mage_AdminNotification::show_toolbar" title="Show Toolbar" sortOrder="10" />
+ <resource id="Mage_AdminNotification::show_list" title="Show List" sortOrder="20" />
+ <resource id="Mage_AdminNotification::mark_as_read" title="Mark as read" sortOrder="30" />
+ <resource id="Mage_AdminNotification::adminnotification_remove" title="Remove" sortOrder="40" />
+ </resource>
+ </resource>
+ </resource>
</resources>
</acl>
</config>
View
2  app/code/core/Mage/AdminNotification/etc/adminhtml/menu.xml
@@ -27,6 +27,6 @@
-->
<config>
<menu>
- <add id="Mage_AdminNotification::system_adminnotification" title="Notifications" module="Mage_AdminNotification" sortOrder="15" parent="Mage_Adminhtml::system" action="adminhtml/notification" />
+ <add id="Mage_AdminNotification::system_adminnotification" title="Notifications" module="Mage_AdminNotification" sortOrder="15" parent="Mage_Adminhtml::system" action="adminhtml/notification" resource="Mage_AdminNotification::adminnotification"/>
</menu>
</config>
View
2  app/code/core/Mage/Adminhtml/Block/Cache/Notifications.php
@@ -58,7 +58,7 @@ public function getManageUrl()
*/
protected function _toHtml()
{
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('system/cache')) {
+ if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Adminhtml::cache')) {
return parent::_toHtml();
}
return '';
View
2  app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tab/Attributes.php
@@ -99,7 +99,7 @@ protected function _prepareForm()
// Add new attribute button if it is not an image tab
if (!$form->getElement('media_gallery')
- && Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('catalog/attributes/attributes')
+ && Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Catalog::attributes_attributes')
) {
$headerBar = $this->getLayout()->createBlock('Mage_Adminhtml_Block_Catalog_Product_Edit_Tab_Attributes_Create');
View
4 app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tabs.php
@@ -146,7 +146,7 @@ protected function _prepareLayout()
if( $this->getRequest()->getParam('id', false) ) {
if (Mage::helper('Mage_Catalog_Helper_Data')->isModuleEnabled('Mage_Review')) {
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('admin/catalog/reviews_ratings')){
+ if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Review::reviews_ratings')){
$this->addTab('reviews', array(
'label' => Mage::helper('Mage_Catalog_Helper_Data')->__('Product Reviews'),
'url' => $this->getUrl('*/*/reviews', array('_current' => true)),
@@ -155,7 +155,7 @@ protected function _prepareLayout()
}
}
if (Mage::helper('Mage_Catalog_Helper_Data')->isModuleEnabled('Mage_Tag')) {
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('admin/catalog/tag')){
+ if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Tag::tag')){
$this->addTab('tags', array(
'label' => Mage::helper('Mage_Catalog_Helper_Data')->__('Product Tags'),
'url' => $this->getUrl('*/*/tagGrid', array('_current' => true)),
View
2  app/code/core/Mage/Adminhtml/Block/Catalog/Product/Grid.php
@@ -301,7 +301,7 @@ protected function _prepareMassaction()
)
));
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('catalog/update_attributes')){
+ if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Catalog::update_attributes')){
$this->getMassactionBlock()->addItem('attributes', array(
'label' => Mage::helper('Mage_Catalog_Helper_Data')->__('Update Attributes'),
'url' => $this->getUrl('*/catalog_product_action_attribute/edit', array('_current'=>true))
View
8 app/code/core/Mage/Adminhtml/Block/Cms/Page.php
@@ -45,7 +45,7 @@ public function __construct()
parent::__construct();
- if ($this->_isAllowedAction('save')) {
+ if ($this->_isAllowedAction('Mage_Cms::save')) {
$this->_updateButton('add', 'label', Mage::helper('Mage_Cms_Helper_Data')->__('Add New Page'));
} else {
$this->_removeButton('add');
@@ -56,12 +56,12 @@ public function __construct()
/**
* Check permission for passed action
*
- * @param string $action
+ * @param string $resourceId
* @return bool
*/
- protected function _isAllowedAction($action)
+ protected function _isAllowedAction($resourceId)
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('cms/page/' . $action);
+ return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed($resourceId);
}
}
View
10 app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit.php
@@ -45,7 +45,7 @@ public function __construct()
parent::__construct();
- if ($this->_isAllowedAction('save')) {
+ if ($this->_isAllowedAction('Mage_Cms::save')) {
$this->_updateButton('save', 'label', Mage::helper('Mage_Cms_Helper_Data')->__('Save Page'));
$this->_addButton('saveandcontinue', array(
'label' => Mage::helper('Mage_Adminhtml_Helper_Data')->__('Save and Continue Edit'),
@@ -56,7 +56,7 @@ public function __construct()
$this->_removeButton('save');
}
- if ($this->_isAllowedAction('delete')) {
+ if ($this->_isAllowedAction('Mage_Cms::page_delete')) {
$this->_updateButton('delete', 'label', Mage::helper('Mage_Cms_Helper_Data')->__('Delete Page'));
} else {
$this->_removeButton('delete');
@@ -81,12 +81,12 @@ public function getHeaderText()
/**
* Check permission for passed action
*
- * @param string $action
+ * @param string $resourceId
* @return bool
*/
- protected function _isAllowedAction($action)
+ protected function _isAllowedAction($resourceId)
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('cms/page/' . $action);
+ return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed($resourceId);
}
/**
View
8 app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit/Tab/Content.php
@@ -55,7 +55,7 @@ protected function _prepareForm()
/*
* Checking if user have permissions to save information
*/
- if ($this->_isAllowedAction('save')) {
+ if ($this->_isAllowedAction('Mage_Cms::save')) {
$isElementDisabled = false;
} else {
$isElementDisabled = true;
@@ -143,11 +143,11 @@ public function isHidden()
/**
* Check permission for passed action
*
- * @param string $action
+ * @param string $resourceId
* @return bool
*/
- protected function _isAllowedAction($action)
+ protected function _isAllowedAction($resourceId)
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('cms/page/' . $action);
+ return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed($resourceId);
}
}
View
8 app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit/Tab/Design.php
@@ -38,7 +38,7 @@ protected function _prepareForm()
/*
* Checking if user have permissions to save information
*/
- if ($this->_isAllowedAction('save')) {
+ if ($this->_isAllowedAction('Mage_Cms::save')) {
$isElementDisabled = false;
} else {
$isElementDisabled = true;
@@ -176,11 +176,11 @@ public function isHidden()
/**
* Check permission for passed action
*
- * @param string $action
+ * @param string $resourceId
* @return bool
*/
- protected function _isAllowedAction($action)
+ protected function _isAllowedAction($resourceId)
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('cms/page/' . $action);
+ return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed($resourceId);
}
}
View
8 app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit/Tab/Main.php
@@ -44,7 +44,7 @@ protected function _prepareForm()
/*
* Checking if user have permissions to save information
*/
- if ($this->_isAllowedAction('save')) {
+ if ($this->_isAllowedAction('Mage_Cms::save')) {
$isElementDisabled = false;
} else {
$isElementDisabled = true;
@@ -167,11 +167,11 @@ public function isHidden()
/**
* Check permission for passed action
*
- * @param string $action
+ * @param string $resourceId
* @return bool
*/
- protected function _isAllowedAction($action)
+ protected function _isAllowedAction($resourceId)
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('cms/page/' . $action);
+ return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed($resourceId);
}
}
View
8 app/code/core/Mage/Adminhtml/Block/Cms/Page/Edit/Tab/Meta.php
@@ -45,7 +45,7 @@ protected function _prepareForm()
/*
* Checking if user have permissions to save information
*/
- if ($this->_isAllowedAction('save')) {
+ if ($this->_isAllowedAction('Mage_Cms::save')) {
$isElementDisabled = false;
} else {
$isElementDisabled = true;
@@ -125,11 +125,11 @@ public function isHidden()
/**
* Check permission for passed action
*
- * @param string $action
+ * @param string $resourceId
* @return bool
*/
- protected function _isAllowedAction($action)
+ protected function _isAllowedAction($resourceId)
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('cms/page/' . $action);
+ return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed($resourceId);
}
}
View
2  app/code/core/Mage/Adminhtml/Block/Customer/Edit.php
@@ -39,7 +39,7 @@ public function __construct()
$this->_controller = 'customer';
if ($this->getCustomerId() &&
- Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/actions/create')) {
+ Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::create')) {
$this->_addButton('order', array(
'label' => Mage::helper('Mage_Customer_Helper_Data')->__('Create Order'),
'onclick' => 'setLocation(\'' . $this->getCreateOrderUrl() . '\')',
View
8 app/code/core/Mage/Adminhtml/Block/Customer/Edit/Tabs.php
@@ -71,7 +71,7 @@ protected function _beforeToHtml()
if (Mage::registry('current_customer')->getId()) {
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/actions/view')) {
+ if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::actions_view')) {
$this->addTab('orders', array(
'label' => Mage::helper('Mage_Customer_Helper_Data')->__('Orders'),
'class' => 'ajax',
@@ -91,7 +91,7 @@ protected function _beforeToHtml()
'url' => $this->getUrl('*/*/wishlist', array('_current' => true)),
));
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('newsletter/subscriber')) {
+ if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Newsletter::subscriber')) {
$this->addTab('newsletter', array(
'label' => Mage::helper('Mage_Customer_Helper_Data')->__('Newsletter'),
'content' => $this->getLayout()
@@ -99,7 +99,7 @@ protected function _beforeToHtml()
));
}
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('catalog/reviews_ratings')) {
+ if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Review::reviews_ratings')) {
$this->addTab('reviews', array(
'label' => Mage::helper('Mage_Customer_Helper_Data')->__('Product Reviews'),
'class' => 'ajax',
@@ -107,7 +107,7 @@ protected function _beforeToHtml()
));
}
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('catalog/tag')) {
+ if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Tag::tag')) {
$this->addTab('tags', array(
'label' => Mage::helper('Mage_Customer_Helper_Data')->__('Product Tags'),
'class' => 'ajax',
View
2  app/code/core/Mage/Adminhtml/Block/Customer/Online/Grid.php
@@ -160,7 +160,7 @@ protected function _prepareColumns()
*/
public function getRowUrl($row)
{
- return (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('customer/manage') && $row->getCustomerId())
+ return (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Customer::manage') && $row->getCustomerId())
? $this->getUrl('*/customer/edit', array('id' => $row->getCustomerId())) : '';
}
}
View
3  app/code/core/Mage/Adminhtml/Block/Notification/Survey.php
@@ -42,7 +42,8 @@ public function canShow()
{
$adminSession = Mage::getSingleton('Mage_Backend_Model_Auth_Session');
$seconds = intval(date('s', time()));
- if ($adminSession->getHideSurveyQuestion() || !$adminSession->isAllowed('all')
+ if ($adminSession->getHideSurveyQuestion()
+ || !$adminSession->isAllowed(Mage_Backend_Model_Acl_Config::ACL_RESOURCE_ALL)
|| Mage_AdminNotification_Model_Survey::isSurveyViewed()
|| !Mage_AdminNotification_Model_Survey::isSurveyUrlValid())
{
View
2  app/code/core/Mage/Adminhtml/Block/Notification/Window.php
@@ -173,6 +173,6 @@ public function getSeverityText()
protected function _isAllowed()
{
return Mage::getSingleton('Mage_Backend_Model_Auth_Session')
- ->isAllowed('admin/system/adminnotification/show_toolbar');
+ ->isAllowed('Mage_AdminNotification::show_toolbar');
}
}
View
4 app/code/core/Mage/Adminhtml/Block/Sales/Creditmemo/Grid.php
@@ -144,7 +144,9 @@ protected function _prepareMassaction()
public function getRowUrl($row)
{
- if (!Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/creditmemo')) {
+ if (!Mage::getSingleton('Mage_Backend_Model_Auth_Session')
+ ->isAllowed(Mage_Backend_Model_Acl_Config::ACL_RESOURCE_ALL)
+ ) {
return false;
}
View
4 app/code/core/Mage/Adminhtml/Block/Sales/Invoice/Grid.php
@@ -145,7 +145,9 @@ protected function _prepareMassaction()
public function getRowUrl($row)
{
- if (!Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/invoice')) {
+ if (!Mage::getSingleton('Mage_Backend_Model_Auth_Session')
+ ->isAllowed(Mage_Backend_Model_Acl_Config::ACL_RESOURCE_ALL)
+ ) {
return false;
}
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Items/Abstract.php
@@ -486,7 +486,7 @@ public function canEditQty()
public function canCapture()
{
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/actions/capture')) {
+ if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::capture')) {
return $this->getInvoice()->canCapture();
}
return false;
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Order.php
@@ -40,7 +40,7 @@ public function __construct()
$this->_headerText = Mage::helper('Mage_Sales_Helper_Data')->__('Orders');
$this->_addButtonLabel = Mage::helper('Mage_Sales_Helper_Data')->__('Create New Order');
parent::__construct();
- if (!Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/actions/create')) {
+ if (!Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::create')) {
$this->_removeButton('add');
}
}
View
8 app/code/core/Mage/Adminhtml/Block/Sales/Order/Creditmemo/View.php
@@ -63,7 +63,7 @@ public function __construct()
);
}
- if ($this->_isAllowedAction('emails')) {
+ if ($this->_isAllowedAction('Mage_Sales::emails')) {
$this->addButton('send_notification', array(
'label' => Mage::helper('Mage_Sales_Helper_Data')->__('Send Email'),
'onclick' => 'confirmSetLocation(\''
@@ -224,11 +224,11 @@ public function updateBackButtonUrl($flag)
/**
* Check whether action is allowed
*
- * @param string $action
+ * @param string $resourceId
* @return bool
*/
- public function _isAllowedAction($action)
+ public function _isAllowedAction($resourceId)
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/actions/' . $action);
+ return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed($resourceId);
}
}
View
10 app/code/core/Mage/Adminhtml/Block/Sales/Order/Grid.php
@@ -120,7 +120,7 @@ protected function _prepareColumns()
'options' => Mage::getSingleton('Mage_Sales_Model_Order_Config')->getStatuses(),
));
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/actions/view')) {
+ if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::actions_view')) {
$this->addColumn('action',
array(
'header' => Mage::helper('Mage_Sales_Helper_Data')->__('Action'),
@@ -154,21 +154,21 @@ protected function _prepareMassaction()
$this->getMassactionBlock()->setFormFieldName('order_ids');
$this->getMassactionBlock()->setUseSelectAll(false);
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/actions/cancel')) {
+ if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::cancel')) {
$this->getMassactionBlock()->addItem('cancel_order', array(
'label'=> Mage::helper('Mage_Sales_Helper_Data')->__('Cancel'),
'url' => $this->getUrl('*/sales_order/massCancel'),
));
}
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/actions/hold')) {
+ if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::hold')) {
$this->getMassactionBlock()->addItem('hold_order', array(
'label'=> Mage::helper('Mage_Sales_Helper_Data')->__('Hold'),
'url' => $this->getUrl('*/sales_order/massHold'),
));
}
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/actions/unhold')) {
+ if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::unhold')) {
$this->getMassactionBlock()->addItem('unhold_order', array(
'label'=> Mage::helper('Mage_Sales_Helper_Data')->__('Unhold'),
'url' => $this->getUrl('*/sales_order/massUnhold'),
@@ -205,7 +205,7 @@ protected function _prepareMassaction()
public function getRowUrl($row)
{
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/actions/view')) {
+ if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::actions_view')) {
return $this->getUrl('*/sales_order/view', array('order_id' => $row->getId()));
}
return false;
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Order/Invoice/Create/Items.php
@@ -194,7 +194,7 @@ public function canEditQty()
*/
public function isCaptureAllowed()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/actions/capture');
+ return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::capture');
}
/**
View
14 app/code/core/Mage/Adminhtml/Block/Sales/Order/Invoice/View.php
@@ -57,7 +57,7 @@ public function __construct()
return;
}
- if ($this->_isAllowedAction('cancel') && $this->getInvoice()->canCancel()) {
+ if ($this->_isAllowedAction('Mage_Sales::cancel') && $this->getInvoice()->canCancel()) {
$this->_addButton('cancel', array(
'label' => Mage::helper('Mage_Sales_Helper_Data')->__('Cancel'),
'class' => 'delete',
@@ -66,7 +66,7 @@ public function __construct()
);
}
- if ($this->_isAllowedAction('emails')) {
+ if ($this->_isAllowedAction('Mage_Sales::emails')) {
$this->addButton('send_notification', array(
'label' => Mage::helper('Mage_Sales_Helper_Data')->__('Send Email'),
'onclick' => 'confirmSetLocation(\''
@@ -77,7 +77,7 @@ public function __construct()
$orderPayment = $this->getInvoice()->getOrder()->getPayment();
- if ($this->_isAllowedAction('creditmemo') && $this->getInvoice()->getOrder()->canCreditmemo()) {
+ if ($this->_isAllowedAction('Mage_Sales::creditmemo') && $this->getInvoice()->getOrder()->canCreditmemo()) {
if (($orderPayment->canRefundPartialPerInvoice()
&& $this->getInvoice()->canRefund()
&& $orderPayment->getAmountPaid() > $orderPayment->getAmountRefunded())
@@ -91,7 +91,7 @@ public function __construct()
}
}
- if ($this->_isAllowedAction('capture') && $this->getInvoice()->canCapture()) {
+ if ($this->_isAllowedAction('Mage_Sales::capture') && $this->getInvoice()->canCapture()) {
$this->_addButton('capture', array(
'label' => Mage::helper('Mage_Sales_Helper_Data')->__('Capture'),
'class' => 'save',
@@ -202,11 +202,11 @@ public function updateBackButtonUrl($flag)
/**
* Check whether is allowed action
*
- * @param string $action
+ * @param string $resourceId
* @return bool
*/
- protected function _isAllowedAction($action)
+ protected function _isAllowedAction($resourceId)
{
- return $this->_session->isAllowed('sales/order/actions/' . $action);
+ return $this->_session->isAllowed($resourceId);
}
}
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Order/Shipment/View.php
@@ -48,7 +48,7 @@ public function __construct()
return;
}
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/actions/emails')) {
+ if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::emails')) {
$this->_updateButton('save', 'label', Mage::helper('Mage_Sales_Helper_Data')->__('Send Tracking Information'));
$this->_updateButton('save',
'onclick', "deleteConfirm('"
View
26 app/code/core/Mage/Adminhtml/Block/Sales/Order/View.php
@@ -52,7 +52,7 @@ public function __construct()
return;
}
- if ($this->_isAllowedAction('edit') && $order->canEdit()) {
+ if ($this->_isAllowedAction('Mage_Sales::actions_edit') && $order->canEdit()) {
$onclickJs = 'deleteConfirm(\''
. Mage::helper('Mage_Sales_Helper_Data')->__('Are you sure? This order will be canceled and a new one will be created instead')
. '\', \'' . $this->getEditUrl() . '\');';
@@ -77,7 +77,7 @@ public function __construct()
}
}
- if ($this->_isAllowedAction('cancel') && $order->canCancel()) {
+ if ($this->_isAllowedAction('Mage_Sales::cancel') && $order->canCancel()) {
$message = Mage::helper('Mage_Sales_Helper_Data')->__('Are you sure you want to cancel this order?');
$this->_addButton('order_cancel', array(
'label' => Mage::helper('Mage_Sales_Helper_Data')->__('Cancel'),
@@ -85,7 +85,7 @@ public function __construct()
));
}
- if ($this->_isAllowedAction('emails') && !$order->isCanceled()) {
+ if ($this->_isAllowedAction('Mage_Sales::emails') && !$order->isCanceled()) {
$message = Mage::helper('Mage_Sales_Helper_Data')->__('Are you sure you want to send order email to customer?');
$this->addButton('send_notification', array(
'label' => Mage::helper('Mage_Sales_Helper_Data')->__('Send Email'),
@@ -93,7 +93,7 @@ public function __construct()
));
}
- if ($this->_isAllowedAction('creditmemo') && $order->canCreditmemo()) {
+ if ($this->_isAllowedAction('Mage_Sales::creditmemo') && $order->canCreditmemo()) {
$message = Mage::helper('Mage_Sales_Helper_Data')->__('This will create an offline refund. To create an online refund, open an invoice and create credit memo for it. Do you wish to proceed?');
$onClick = "setLocation('{$this->getCreditmemoUrl()}')";
if ($order->getPayment()->getMethodInstance()->isGateway()) {
@@ -107,7 +107,7 @@ public function __construct()
}
// invoice action intentionally
- if ($this->_isAllowedAction('invoice') && $order->canVoidPayment()) {
+ if ($this->_isAllowedAction('Mage_Sales::invoice') && $order->canVoidPayment()) {
$message = Mage::helper('Mage_Sales_Helper_Data')->__('Are you sure you want to void the payment?');
$this->addButton('void_payment', array(
'label' => Mage::helper('Mage_Sales_Helper_Data')->__('Void'),
@@ -115,21 +115,21 @@ public function __construct()
));
}
- if ($this->_isAllowedAction('hold') && $order->canHold()) {
+ if ($this->_isAllowedAction('Mage_Sales::hold') && $order->canHold()) {
$this->_addButton('order_hold', array(
'label' => Mage::helper('Mage_Sales_Helper_Data')->__('Hold'),
'onclick' => 'setLocation(\'' . $this->getHoldUrl() . '\')',
));
}
- if ($this->_isAllowedAction('unhold') && $order->canUnhold()) {
+ if ($this->_isAllowedAction('Mage_Sales::unhold') && $order->canUnhold()) {
$this->_addButton('order_unhold', array(
'label' => Mage::helper('Mage_Sales_Helper_Data')->__('Unhold'),
'onclick' => 'setLocation(\'' . $this->getUnholdUrl() . '\')',
));
}
- if ($this->_isAllowedAction('review_payment')) {
+ if ($this->_isAllowedAction('Mage_Sales::review_payment')) {
if ($order->canReviewPayment()) {
$message = Mage::helper('Mage_Sales_Helper_Data')->__('Are you sure you want to accept this payment?');
$this->_addButton('accept_payment', array(
@@ -150,7 +150,7 @@ public function __construct()
}
}
- if ($this->_isAllowedAction('invoice') && $order->canInvoice()) {
+ if ($this->_isAllowedAction('Mage_Sales::invoice') && $order->canInvoice()) {
$_label = $order->getForcedShipmentWithInvoice() ?
Mage::helper('Mage_Sales_Helper_Data')->__('Invoice and Ship') :
Mage::helper('Mage_Sales_Helper_Data')->__('Invoice');
@@ -161,7 +161,7 @@ public function __construct()
));
}
- if ($this->_isAllowedAction('ship') && $order->canShip()
+ if ($this->_isAllowedAction('Mage_Sales::ship') && $order->canShip()
&& !$order->getForcedShipmentWithInvoice()) {
$this->_addButton('order_ship', array(
'label' => Mage::helper('Mage_Sales_Helper_Data')->__('Ship'),
@@ -170,7 +170,7 @@ public function __construct()
));
}
- if ($this->_isAllowedAction('reorder')
+ if ($this->_isAllowedAction('Mage_Sales::reorder')
&& $this->helper('Mage_Sales_Helper_Reorder')->isAllowed($order->getStore())
&& $order->canReorderIgnoreSalable()
) {
@@ -276,9 +276,9 @@ public function getVoidPaymentUrl()
return $this->getUrl('*/*/voidPayment');
}
- protected function _isAllowedAction($action)
+ protected function _isAllowedAction($resourceId)
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/actions/' . $action);
+ return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed($resourceId);
}
/**
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Order/View/History.php
@@ -70,7 +70,7 @@ public function getOrder()
public function canAddComment()
{
- return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/actions/comment') &&
+ return Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::comment') &&
$this->getOrder()->canComment();
}
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Order/View/Tab/Transactions.php
@@ -93,6 +93,6 @@ public function canShowTab()
*/
public function isHidden()
{
- return !Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/transactions/fetch');
+ return !Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::transactions_fetch');
}
}
View
4 app/code/core/Mage/Adminhtml/Block/Sales/Shipment/Grid.php
@@ -139,7 +139,9 @@ protected function _prepareColumns()
*/
public function getRowUrl($row)
{
- if (!Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/order/shipment')) {
+ if (!Mage::getSingleton('Mage_Backend_Model_Auth_Session')
+ ->isAllowed(Mage_Backend_Model_Acl_Config::ACL_RESOURCE_ALL)
+ ) {
return false;
}
View
2  app/code/core/Mage/Adminhtml/Block/Sales/Transactions/Detail.php
@@ -60,7 +60,7 @@ public function __construct()
'class' => 'back'
));
- if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('sales/transactions/fetch')
+ if (Mage::getSingleton('Mage_Backend_Model_Auth_Session')->isAllowed('Mage_Sales::transactions_fetch')
&& $this->_txn->getOrderPaymentObject()->getMethodInstance()->canFetchTransactionInfo()) {
$fetchUrl = $this->getUrl('*/*/fetch' , array('_current' => true));
$this->_addButton('fetch', array(
View
476 app/code/core/Mage/Adminhtml/Block/System/Config/Form.php
@@ -167,52 +167,7 @@ public function initForm()
continue;
}
- if ($group->frontend_model) {
- $fieldsetRenderer = Mage::getBlockSingleton((string)$group->frontend_model);
- } else {
- $fieldsetRenderer = $this->_defaultFieldsetRenderer;
- }
-
- $fieldsetRenderer->setForm($this);
- $fieldsetRenderer->setConfigData($this->_configData);
- $fieldsetRenderer->setGroup($group);
-
- if ($this->_configFields->hasChildren($group, $this->getWebsiteCode(), $this->getStoreCode())) {
-
- $helperName = $this->_configFields->getAttributeModule($section, $group);
-
- $fieldsetConfig = array('legend' => Mage::helper($helperName)->__((string)$group->label));
- if (!empty($group->comment)) {
- $fieldsetConfig['comment'] = Mage::helper($helperName)->__((string)$group->comment);
- }
- if (!empty($group->expanded)) {
- $fieldsetConfig['expanded'] = (bool)$group->expanded;
- }
-
- $fieldset = $form->addFieldset(
- $section->getName() . '_' . $group->getName(), $fieldsetConfig)
- ->setRenderer($fieldsetRenderer);
- $this->_prepareFieldOriginalData($fieldset, $group);
- $this->_addElementTypes($fieldset);
-
- if ($group->clone_fields) {
- if ($group->clone_model) {
- $cloneModel = Mage::getModel((string)$group->clone_model);
- } else {
- Mage::throwException(
- 'Config form fieldset clone model required to be able to clone fields'
- );
- }
- foreach ($cloneModel->getPrefixes() as $prefix) {
- $this->initFields($fieldset, $group, $section, $prefix['field'], $prefix['label']);
- }
- } else {
- $this->initFields($fieldset, $group, $section);
- }
-
- $this->_fieldsets[$group->getName()] = $fieldset;
-
- }
+ $this->_initGroup($group, $section, $form);
}
}
}
@@ -222,6 +177,62 @@ public function initForm()
}
/**
+ * Initialize element group
+ *
+ * @param Varien_SimpleXml_Element $group
+ * @param Varien_SimpleXml_Element $section
+ * @param Varien_Data_Form $form
+ */
+ protected function _initGroup($group, $section, $form)
+ {
+ if ($group->frontend_model) {
+ $fieldsetRenderer = Mage::getBlockSingleton((string)$group->frontend_model);
+ } else {
+ $fieldsetRenderer = $this->_defaultFieldsetRenderer;
+ }
+
+ $fieldsetRenderer->setForm($this);
+ $fieldsetRenderer->setConfigData($this->_configData);
+ $fieldsetRenderer->setGroup($group);
+
+ if ($this->_configFields->hasChildren($group, $this->getWebsiteCode(), $this->getStoreCode())) {
+
+ $helperName = $this->_configFields->getAttributeModule($section, $group);
+
+ $fieldsetConfig = array('legend' => Mage::helper($helperName)->__((string)$group->label));
+ if (!empty($group->comment)) {
+ $fieldsetConfig['comment'] = Mage::helper($helperName)->__((string)$group->comment);
+ }
+ if (!empty($group->expanded)) {
+ $fieldsetConfig['expanded'] = (bool)$group->expanded;
+ }
+
+ $fieldset = $form->addFieldset(
+ $section->getName() . '_' . $group->getName(), $fieldsetConfig)
+ ->setRenderer($fieldsetRenderer);
+ $this->_prepareFieldOriginalData($fieldset, $group);
+ $this->_addElementTypes($fieldset);
+
+ if ($group->clone_fields) {
+ if ($group->clone_model) {
+ $cloneModel = Mage::getModel((string)$group->clone_model);
+ } else {
+ Mage::throwException(
+ 'Config form fieldset clone model required to be able to clone fields'
+ );
+ }
+ foreach ($cloneModel->getPrefixes() as $prefix) {
+ $this->initFields($fieldset, $group, $section, $prefix['field'], $prefix['label']);
+ }
+ } else {
+ $this->initFields($fieldset, $group, $section);
+ }
+
+ $this->_fieldsets[$group->getName()] = $fieldset;
+ }
+ }
+
+ /**
* Return dependency block object
*
* @return Mage_Adminhtml_Block_Widget_Form_Element_Dependence
@@ -256,27 +267,20 @@ public function initFields($fieldset, $group, $section, $fieldPrefix='', $labelP
foreach ($group->fields as $elements) {
- $elements = (array)$elements;
// sort either by sort_order or by child node values bypassing the sort_order
- if ($group->sort_fields && $group->sort_fields->by) {
- $fieldset->setSortElementsByAttribute((string)$group->sort_fields->by,
- ($group->sort_fields->direction_desc ? SORT_DESC : SORT_ASC)
- );
- } else {
- usort($elements, array($this, '_sortForm'));
- }
+ $elements = $this->_sortElements($group, $fieldset, (array) $elements);
- foreach ($elements as $e) {
- if (!$this->_canShowField($e)) {
+ foreach ($elements as $element) {
+ if (!$this->_canShowField($element)) {
continue;
}