作者:aies
项目:magento
/**
* Check whether survey question can show
*
* @return bool
*/
public function isDisplayed()
{
if ($this->_authSession->getHideSurveyQuestion() || false == $this->_authorization->isAllowed(null) || $this->_survey->isSurveyViewed() || false == $this->_survey->isSurveyUrlValid()) {
return false;
}
return true;
}
作者:shabbirvividad
项目:magento
/**
* Handler for all SOAP operations.
*
* @param string $operation
* @param array $arguments
* @return \stdClass|null
* @throws WebapiException
* @throws \LogicException
* @throws AuthorizationException
*/
public function __call($operation, $arguments)
{
$requestedServices = $this->_request->getRequestedServices();
$serviceMethodInfo = $this->_apiConfig->getServiceMethodInfo($operation, $requestedServices);
$serviceClass = $serviceMethodInfo[SoapConfig::KEY_CLASS];
$serviceMethod = $serviceMethodInfo[SoapConfig::KEY_METHOD];
// check if the operation is a secure operation & whether the request was made in HTTPS
if ($serviceMethodInfo[SoapConfig::KEY_IS_SECURE] && !$this->_request->isSecure()) {
throw new WebapiException(__("Operation allowed only in HTTPS"));
}
$isAllowed = false;
foreach ($serviceMethodInfo[SoapConfig::KEY_ACL_RESOURCES] as $resource) {
if ($this->_authorization->isAllowed($resource)) {
$isAllowed = true;
break;
}
}
if (!$isAllowed) {
throw new AuthorizationException(__(AuthorizationException::NOT_AUTHORIZED, ['resources' => implode(', ', $serviceMethodInfo[SoapConfig::KEY_ACL_RESOURCES])]));
}
$service = $this->_objectManager->get($serviceClass);
$inputData = $this->_prepareRequestData($serviceClass, $serviceMethod, $arguments);
$outputData = call_user_func_array([$service, $serviceMethod], $inputData);
return $this->_prepareResponseData($outputData, $serviceClass, $serviceMethod);
}
作者:shabbirvividad
项目:magento
/**
* Replace standard admin login form with HTTP Basic authentication
*
* @param AbstractAction $subject
* @param callable $proceed
* @param RequestInterface $request
* @return ResponseInterface
* @SuppressWarnings(PHPMD.UnusedFormalParameter)
* @SuppressWarnings(PHPMD.CyclomaticComplexity)
* @SuppressWarnings(PHPMD.NPathComplexity)
*/
public function aroundDispatch(AbstractAction $subject, \Closure $proceed, RequestInterface $request)
{
$resource = isset($this->aclResources[$request->getControllerName()]) ? isset($this->aclResources[$request->getControllerName()][$request->getActionName()]) ? $this->aclResources[$request->getControllerName()][$request->getActionName()] : $this->aclResources[$request->getControllerName()] : null;
$type = $request->getParam('type');
$resourceType = isset($this->aclResources[$type]) ? $this->aclResources[$type] : null;
if (!$resource || !$resourceType) {
return parent::aroundDispatch($subject, $proceed, $request);
}
$session = $this->_auth->getAuthStorage();
// Try to login using HTTP-authentication
if (!$session->isLoggedIn()) {
list($login, $password) = $this->httpAuthentication->getCredentials();
try {
$this->_auth->login($login, $password);
} catch (AuthenticationException $e) {
$this->logger->critical($e);
}
}
// Verify if logged in and authorized
if (!$session->isLoggedIn() || !$this->authorization->isAllowed($resource) || !$this->authorization->isAllowed($resourceType)) {
$this->httpAuthentication->setAuthenticationFailed('RSS Feeds');
return $this->_response;
}
return parent::aroundDispatch($subject, $proceed, $request);
}
作者:pradeep-wagent
项目:magento
/**
* Generate row url
* @param \Magento\Framework\DataObject $item
* @return bool|string
*/
public function getUrl($item)
{
if ($this->_authorization->isAllowed('Magento_Sales::actions_view')) {
return parent::getUrl($item);
}
return false;
}
作者:shabbirvividad
项目:magento
/**
* Create url for passed item using passed url model
* @param \Magento\Framework\Object $item
* @return string
*/
public function getUrl($item)
{
if ($this->_authorization->isAllowed('Magento_Customer::manage') && $item->getCustomerId()) {
return parent::getUrl($item);
}
return false;
}
作者:aies
项目:magento
/**
* Remove massaction items in case they disallowed for user
* @param mixed $argument
* @return mixed
*/
public function update($argument)
{
if (false === $this->authorization->isAllowed('Magento_Indexer::changeMode')) {
unset($argument['change_mode_onthefly']);
unset($argument['change_mode_changelog']);
}
return $argument;
}
作者:zhangjiacha
项目:magento
/**
* Block admin ability to use customer billing agreements
*
* @param EventObserver $observer
* @return void
*/
public function execute($observer)
{
$event = $observer->getEvent();
$methodInstance = $event->getMethodInstance();
if ($methodInstance instanceof \Magento\Paypal\Model\Payment\Method\Billing\AbstractAgreement && false == $this->_authorization->isAllowed('Magento_Paypal::use')) {
$event->getResult()->isAvailable = false;
}
}
作者:BlackIkeEagl
项目:magento2-continuousph
/**
* @return boolean
*/
protected function canAddAttributes()
{
$isWrapped = $this->registry->registry('use_wrapper');
if (!isset($isWrapped)) {
$isWrapped = true;
}
return $isWrapped && $this->authorization->isAllowed('Magento_Catalog::attributes_attributes');
}
作者:tingyee
项目:magento
/**
* @return array
*/
public function getButtonData()
{
$customerId = $this->getCustomerId();
$data = [];
if ($customerId && $this->authorization->isAllowed('Magento_Sales::create')) {
$data = ['label' => __('Create Order'), 'on_click' => sprintf("location.href = '%s';", $this->getCreateOrderUrl()), 'class' => 'add', 'sort_order' => 40];
}
return $data;
}
作者:Doabilit
项目:magento2de
/**
* Check if all ACL resources are allowed to be accessed by current API user.
*
* @param string[] $aclResources
* @return bool
*/
public function isAllowed($aclResources)
{
foreach ($aclResources as $resource) {
if (!$this->authorization->isAllowed($resource)) {
return false;
}
}
return true;
}
作者:kidaa3
项目:magento2-platforms
/**
* Block admin ability to use customer billing agreements
*
* @param EventObserver $observer
* @return void
*/
public function execute(EventObserver $observer)
{
$event = $observer->getEvent();
$methodInstance = $event->getMethodInstance();
if ($methodInstance instanceof \Magento\Paypal\Model\Payment\Method\Billing\AbstractAgreement && false == $this->_authorization->isAllowed('Magento_Paypal::use')) {
/** @var \Magento\Framework\DataObject $result */
$result = $observer->getEvent()->getResult();
$result->setData('is_available', false);
}
}
作者:magefa
项目:module-login-as-custome
/**
* @return array
*/
public function getButtonData()
{
$customerId = $this->getCustomerId();
$data = [];
$canModify = $customerId && $this->_authorization->isAllowed('Magefan_LoginAsCustomer::login_button');
if ($canModify) {
$data = ['label' => __('Login As Customer'), 'class' => 'login login-button', 'on_click' => 'window.open( \'' . $this->getInvalidateTokenUrl() . '\')', 'sort_order' => 70];
}
return $data;
}
作者:zhangjiacha
项目:magento
/**
* @param object $methodInstance
* @param bool $isAllowed
* @param bool $isAvailable
* @dataProvider restrictAdminBillingAgreementUsageDataProvider
*/
public function testExecute($methodInstance, $isAllowed, $isAvailable)
{
$this->_event->setMethodInstance($methodInstance);
$this->_authorization->expects($this->any())->method('isAllowed')->with('Magento_Paypal::use')->will($this->returnValue($isAllowed));
$result = new \stdClass();
$result->isAvailable = true;
$this->_event->setResult($result);
$this->_model->execute($this->_observer);
$this->assertEquals($isAvailable, $result->isAvailable);
}
作者:magefa
项目:module-login-as-custome
/**
* Prepare Data Source
*
* @param array $dataSource
* @return array
*/
public function prepareDataSource(array $dataSource)
{
if (isset($dataSource['data']['items'])) {
$hidden = !$this->_authorization->isAllowed('Magefan_LoginAsCustomer::login_button');
foreach ($dataSource['data']['items'] as &$item) {
$item[$this->getData('name')]['edit'] = ['href' => $this->urlBuilder->getUrl('loginascustomer/login/login', ['customer_id' => $item['entity_id']]), 'label' => __('Login As Customer'), 'hidden' => $hidden, 'target' => '_blank'];
}
}
return $dataSource;
}
作者:kidaa3
项目:magento2-platforms
/**
* Delete elements that have "acl" attribute but value is "not allowed"
* In any case, the "acl" attribute will be unset
*
* @param ScheduledStructure $scheduledStructure
* @param Structure $structure
*/
public function filterAclElements(ScheduledStructure $scheduledStructure, Structure $structure)
{
foreach ($scheduledStructure->getElements() as $name => $data) {
list(, $data) = $data;
if (isset($data['attributes']['acl']) && $data['attributes']['acl']) {
if (!$this->authorization->isAllowed($data['attributes']['acl'])) {
$this->removeElement($scheduledStructure, $structure, $name);
}
}
}
}
作者:aies
项目:magento
/**
* Delete nodes that have "acl" attribute but value is "not allowed"
* In any case, the "acl" attribute will be unset
*
* @param \Magento\Framework\Simplexml\Element $xml
* @return void
*/
public function filterAclNodes(\Magento\Framework\Simplexml\Element $xml)
{
$limitations = $xml->xpath('//*[@acl]') ?: array();
foreach ($limitations as $node) {
if (!$this->_authorization->isAllowed($node['acl'])) {
$node->unsetSelf();
} else {
unset($node['acl']);
}
}
}
作者:kidaa3
项目:magento2-platforms
public function testFilterAclElements()
{
$scheduledStructureMock = $this->getMockBuilder('Magento\\Framework\\View\\Layout\\ScheduledStructure')->disableOriginalConstructor()->getMock();
$structureMock = $this->getMockBuilder('Magento\\Framework\\View\\Layout\\Data\\Structure')->disableOriginalConstructor()->getMock();
$elements = ['element_0' => [0 => '', 1 => ['attributes' => ['name' => 'element_0']]], 'element_1' => [0 => '', 1 => ['attributes' => ['name' => 'element_1', 'acl' => 'acl_authorised']]], 'element_2' => [0 => '', 1 => ['attributes' => ['name' => 'element_2', 'acl' => 'acl_non_authorised']]], 'element_3' => [0 => '', 1 => ['attributes' => ['name' => 'element_3', 'acl' => 'acl_non_authorised']]]];
$scheduledStructureMock->expects($this->once())->method('getElements')->willReturn($elements);
$this->authorizationMock->expects($this->exactly(3))->method('isAllowed')->willReturnMap([['acl_authorised', null, true], ['acl_non_authorised', null, false]]);
$structureMock->expects($this->exactly(3))->method('getChildren')->willReturnMap([['element_2', ['element_2_child' => []]], ['element_2_child', []], ['element_3', []]]);
$scheduledStructureMock->expects($this->exactly(3))->method('unsetElement')->willReturnMap([['element_2', null], ['element_2_child', null], ['element_3', null]]);
$structureMock->expects($this->exactly(2))->method('unsetElement')->willReturnMap([['element_2', true, true], ['element_3', true, true]]);
$this->model->filterAclElements($scheduledStructureMock, $structureMock);
}
作者:kidaa3
项目:magento2-platforms
/**
* Remove massaction items in case they disallowed for user
* @param mixed $argument
* @return mixed
*/
public function update($argument)
{
if (false === $this->_authorization->isAllowed('Magento_Sales::cancel')) {
unset($argument['cancel_order']);
}
if (false === $this->_authorization->isAllowed('Magento_Sales::hold')) {
unset($argument['hold_order']);
}
if (false === $this->_authorization->isAllowed('Magento_Sales::unhold')) {
unset($argument['unhold_order']);
}
return $argument;
}
作者:pradeep-wagent
项目:magento
/**
* Force admin to change password
*
* @param EventObserver $observer
* @return void
*/
public function execute(EventObserver $observer)
{
if (!$this->observerConfig->isPasswordChangeForced()) {
return;
}
if (!$this->authSession->isLoggedIn()) {
return;
}
$actionList = ['adminhtml_system_account_index', 'adminhtml_system_account_save', 'adminhtml_auth_logout'];
/** @var \Magento\Framework\App\Action\Action $controller */
$controller = $observer->getEvent()->getControllerAction();
/** @var \Magento\Framework\App\RequestInterface $request */
$request = $observer->getEvent()->getRequest();
if ($this->authSession->getPciAdminUserIsPasswordExpired()) {
if (!in_array($request->getFullActionName(), $actionList)) {
if ($this->authorization->isAllowed('Magento_Backend::myaccount')) {
$controller->getResponse()->setRedirect($this->url->getUrl('adminhtml/system_account/'));
$this->actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true);
$this->actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_POST_DISPATCH, true);
} else {
/*
* if admin password is expired and access to 'My Account' page is denied
* than we need to do force logout with error message
*/
$this->authSession->clearStorage();
$this->session->clearStorage();
$this->messageManager->addErrorMessage(__('Your password has expired; please contact your administrator.'));
$controller->getRequest()->setDispatched(false);
}
}
}
}
作者:kidaa3
项目:magento2-platforms
/**
* Check whether item is allowed to the user
*
* @return bool
*/
public function isAllowed()
{
try {
return $this->_acl->isAllowed((string) $this->_resource);
} catch (\Exception $e) {
return false;
}
}