/** * Checks whether route/controller action is allowed to be reached depending on initializer state * * @param Mage_Core_Controller_Request_Http $request * @return bool */ public function isAllowed(Mage_Core_Controller_Request_Http $request) { if ($this->isDataCollected()) { return true; } if (count($this->_restrictions) == 1) { $initializerAclNode = Mage::getConfig()->getNode('default/xcom/initializer_acl'); if ($initializerAclNode) { $this->_restrictions += $initializerAclNode->asArray(); } } $parts = array('module' => str_replace('_adminhtml', '', strtolower($request->getControllerModule())), 'controller' => strtolower($request->getControllerName()), 'action' => strtolower($request->getActionName()), 'urn' => trim(strtolower($request->getRequestString()), '/')); $moduleParts = explode('_', $parts['module']); $parts['namespace'] = $moduleParts[0]; $this->_currentMatch = array('scopeWeight' => 0, 'directionWeight' => 2, 'urn' => ''); foreach ($this->_restrictions as $issuer => $rules) { if ($issuer != '*') { if (!Mage::getResourceModel('xcom_initializer/job')->hasJobsLeft($issuer)) { continue; } } foreach (array('allowed', 'denied') as $direction) { if (empty($rules[$direction])) { continue; } foreach ($rules[$direction] as $scope => $values) { if (!is_array($values)) { Mage::log(printf('Invalid configuration for scope node %s', $scope)); continue; } foreach ($values as $value) { $value = strtolower(is_array($value) ? current($value) : $value); $hasMatched = false; if (empty($value)) { Mage::log(printf('Empty node inside scope %s', $scope)); continue; } switch (strtolower($scope)) { case 'namespace': if ('denied' == $direction) { $hasMatched = $value == $parts['namespace']; } else { Mage::log('<namespace> node allowed in <denied> section only'); } break; case 'action': case 'controller': $pattern = '(?P<module>.+)/(?P<controller>.+)'; $scopes = array('module', 'controller'); if ('action' == $scope) { $pattern .= '::(?P<action>.+)'; $scopes[] = 'action'; } if (preg_match('#' . $pattern . '#', $value, $matches)) { // Split value into module and controller (and action, if it's 'action' rule) $hasMatched = true; foreach ($scopes as $_scope) { if (!in_array($matches[$_scope], array('*', $parts[$_scope]))) { // Value part doesn't match corresponding part of current request or '*' $hasMatched = false; break; } } } else { Mage::log(printf('Invalid action/controller definition: %s. Allowed pattern: namespace_module/controller::action', $value)); } break; case 'module': $hasMatched = $value == $parts['module']; break; case 'urn': $value = trim($value, '/'); $hasMatched = 0 === strpos($parts['urn'], $value); break; default: Mage::log(printf('Unknown rule scope: %s', $scope)); } if ($hasMatched) { $this->_matched($scope, $direction, 'urn' == $scope ? $value : ''); } } } } } return $this->_isAllowed(); }
/** * @param Mage_Core_Controller_Request_Http $request * @param $route * @return bool */ public function isMatchedRequestRoute($request, $route) { $this->debug('Testing route : ' . $route . ' with ' . $request->getControllerModule() . '/' . $request->getControllerName() . '/' . $request->getActionName()); $route = trim($route); $route_parts = explode('/', $route); if (isset($route_parts[0])) { $module = $route_parts[0]; $module_name = strtolower($request->getControllerModule()); if (strtolower($module) == strtolower($module_name)) { if (isset($route_parts[1])) { $controller = $route_parts[1]; $controller_name = strtolower($request->getControllerName()); if (strtolower($controller) == strtolower($controller_name)) { if (isset($route_parts[2])) { $action = $route_parts[2]; $action_name = strtolower($request->getActionName()); if (strtolower($action) == strtolower($action_name)) { return true; } } else { return true; } } } else { return true; } } } return false; }