/** * @return bool */ protected function _isAllowed() { $backendApp = $this->backendAppList->getBackendApp($this->getRequest()->getParam('app')); if ($backendApp) { return $this->_authorization->isAllowed($backendApp->getAclResource()); } return true; }
/** * Determine the admin path * * @return string */ private function extractAdminPath() { $backendApp = $this->backendAppList->getCurrentApp(); $cookiePath = null; $baseUrl = parse_url($this->backendUrlFactory->create()->getBaseUrl(), PHP_URL_PATH); if (!$backendApp) { $cookiePath = $baseUrl . $this->_frontNameResolver->getFrontName(); return $cookiePath; } //In case of application authenticating through the admin login, the script name should be removed //from the path, because application has own script. $baseUrl = \Magento\Framework\App\Request\Http::getUrlNoScript($baseUrl); $cookiePath = $baseUrl . $backendApp->getCookiePath(); return $cookiePath; }
/** * @param \Magento\Backend\App\AbstractAction $subject * @param callable $proceed * @param \Magento\Framework\App\RequestInterface $request * * @return mixed * @SuppressWarnings(PHPMD.UnusedFormalParameter) */ public function aroundDispatch(\Magento\Backend\App\AbstractAction $subject, \Closure $proceed, \Magento\Framework\App\RequestInterface $request) { $requestedActionName = $request->getActionName(); if (in_array($requestedActionName, $this->_openActions)) { $request->setDispatched(true); } else { if ($this->_auth->getUser()) { $this->_auth->getUser()->reload(); } if (!$this->_auth->isLoggedIn()) { $this->_processNotLoggedInUser($request); } else { $this->_auth->getAuthStorage()->prolong(); $backendApp = null; if ($request->getParam('app')) { $backendApp = $this->backendAppList->getCurrentApp(); } if ($backendApp) { $resultRedirect = $this->resultRedirectFactory->create(); $baseUrl = \Magento\Framework\App\Request\Http::getUrlNoScript($this->backendUrl->getBaseUrl()); $baseUrl = $baseUrl . $backendApp->getStartupPage(); return $resultRedirect->setUrl($baseUrl); } } } $this->_auth->getAuthStorage()->refreshAcl(); return $proceed($request); }