/**
* Handler check_acl smarty function
*
* @param array $params Parameters
* @param \Smarty_Internal_Template $template Smarty template
*
* @throws \Thelia\Core\Security\Exception\AuthenticationException
*
* @return null
*/
public function checkAclPage($params, $template)
{
list($codes, $accesses, $accessOr, $entityId) = $this->checkParameters($params);
if ($this->customerGroupAclTool->checkAcl($this->explode($codes), $this->explode($accesses), $accessOr, $entityId)) {
return null;
}
$exception = new AuthenticationException('User not granted for action');
$loginTpl = $this->getParam($params, 'login_tpl');
if ($loginTpl !== null) {
$exception->setLoginTemplate($loginTpl);
}
throw $exception;
}
/**
* Process security check function
*
* @param array $params
* @param unknown $smarty
* @return string no text is returned.
* @throws \Thelia\Core\Security\Exception\AuthenticationException
*/
public function checkAuthFunction($params, &$smarty)
{
$roles = $this->explode($this->getParam($params, 'role'));
$resources = $this->explode($this->getParam($params, 'resource'));
$modules = $this->explode($this->getParam($params, 'module'));
$accesses = $this->explode($this->getParam($params, 'access'));
if (!$this->securityContext->isGranted($roles, $resources, $modules, $accesses)) {
$ex = new AuthenticationException(sprintf("User not granted for roles '%s', to access resources '%s' with %s.", implode(',', $roles), implode(',', $resources), implode(',', $accesses)));
$loginTpl = $this->getParam($params, 'login_tpl');
if (null != $loginTpl) {
$ex->setLoginTemplate($loginTpl);
}
throw $ex;
}
return '';
}
/**
* Process security check function
*
* @param array $params
* @param \Smarty $smarty
* @return string no text is returned.
* @throws \Thelia\Core\Security\Exception\AuthenticationException
* @throws AuthenticationException
* @throws AuthorizationException
*/
public function checkAuthFunction($params, &$smarty)
{
$roles = $this->explode($this->getParam($params, 'role'));
$resources = $this->explode($this->getParam($params, 'resource'));
$modules = $this->explode($this->getParam($params, 'module'));
$accesses = $this->explode($this->getParam($params, 'access'));
if (!$this->securityContext->isGranted($roles, $resources, $modules, $accesses)) {
if (null === $this->securityContext->checkRole($roles)) {
// The current user is not logged-in.
$ex = new AuthenticationException(sprintf("User not granted for roles '%s', to access resources '%s' with %s.", implode(',', $roles), implode(',', $resources), implode(',', $accesses)));
$loginTpl = $this->getParam($params, 'login_tpl');
if (null != $loginTpl) {
$ex->setLoginTemplate($loginTpl);
}
} else {
// We have a logged-in user, who do not have the proper permission. Issue an AuthorizationException.
$ex = new AuthorizationException(sprintf("User not granted for roles '%s', to access resources '%s' with %s.", implode(',', $roles), implode(',', $resources), implode(',', $accesses)));
}
throw $ex;
}
return '';
}
