/** * Try to login user in admin * * @param string $username * @param string $password * @param Mage_Core_Controller_Request_Http $request * @return Mage_Admin_Model_User|null */ public function login($username, $password, $request = null) { if (empty($username) || empty($password)) { return; } $user = Mage::getModel('admin/user')->login($username, $password); if ($user->getId() && $user->getIsActive() != '1') { if ($request && !$request->getParam('messageSent')) { Mage::getSingleton('adminhtml/session')->addError(Mage::helper('adminhtml')->__('Your Account has been deactivated.')); $request->setParam('messageSent', true); } } elseif (!Mage::getModel('admin/user')->hasAssigned2Role($user->getId())) { if ($request && !$request->getParam('messageSent')) { Mage::getSingleton('adminhtml/session')->addError(Mage::helper('adminhtml')->__('Access Denied.')); $request->setParam('messageSent', true); } } else { if ($user->getId()) { $session = Mage::getSingleton('admin/session'); $session->setIsFirstVisit(true); $session->setUser($user); $session->setAcl(Mage::getResourceModel('admin/acl')->loadAcl()); if ($request) { header('Location: ' . $request->getRequestUri()); exit; } } else { if ($request && !$request->getParam('messageSent')) { Mage::getSingleton('adminhtml/session')->addError(Mage::helper('adminhtml')->__('Invalid Username or Password.')); $request->setParam('messageSent', true); } } } return $user; }
protected function _mockModel() { $methods = array('getRequest'); $formMock = $this->getMock('Xcom_Mapping_Block_Adminhtml_Attribute_Value_Form_Mock', $methods, array(), '', false); $request = new Mage_Core_Controller_Request_Http(); $request->setParam('attribute_id', 1); $request->setParam('target_attribute_id', 1); $request->setParam('target_attribute_set_id', 1); $formMock->expects($this->any())->method('getRequest')->will($this->returnValue(3)); $this->_object = $formMock; }
/** * Block editing of Hierarchy if GWS permissions are applicable * * @param Mage_Adminhtml_Controller_Action $controller * @return bool|void */ public function validateCmsHierarchyAction($controller) { if (!$this->_role->getIsAll()) { $requestAction = $this->_request->getActionName(); if ($requestAction == 'delete' || $requestAction == 'copy') { $scopesParam = $this->_request->getParam('scopes'); $scopesParamIsArray = true; if (!is_array($scopesParam)) { $scopesParam = array($scopesParam); $scopesParamIsArray = false; } $validatedScopes = array(); foreach (array_unique($scopesParam) as $value) { if (0 === strpos($value, Enterprise_Cms_Helper_Hierarchy::SCOPE_PREFIX_WEBSITE)) { $scopeId = (int) str_replace(Enterprise_Cms_Helper_Hierarchy::SCOPE_PREFIX_WEBSITE, '', $value); if ($this->_role->hasExclusiveAccess((array) $scopeId)) { $validatedScopes[] = $value; } } elseif (0 === strpos($value, Enterprise_Cms_Helper_Hierarchy::SCOPE_PREFIX_STORE)) { $scopeId = (int) str_replace(Enterprise_Cms_Helper_Hierarchy::SCOPE_PREFIX_STORE, '', $value); if ($this->_role->hasExclusiveStoreAccess((array) $scopeId)) { $validatedScopes[] = $value; } } } if (count($validatedScopes) > 0) { if ($requestAction == 'delete' && !$scopesParamIsArray && count($validatedScopes) == 1 && isset($validatedScopes[0])) { $validatedScopes = $validatedScopes[0]; } $this->_request->setParam('scopes', $validatedScopes); } else { $this->_forward(); return false; } } else { $websiteCode = $controller->getRequest()->getParam('website'); $website = Mage::app()->getWebsite($websiteCode); $websiteId = $website->getId(); if (!$this->_role->hasExclusiveAccess((array) $websiteId)) { $storeCode = $controller->getRequest()->getParam('store'); $store = Mage::app()->getStore($storeCode); $storeId = $store->getId(); if (!$this->_role->hasExclusiveStoreAccess((array) $storeId)) { $this->_forward(); return false; } } } } return true; }
/** * Validate Products in Catalog Product MassDelete Action * * @param Mage_Adminhtml_Controller_Action $controller */ public function catalogProductMassDeleteAction($controller) { $productIds = $this->_request->getParam('product'); $productNotExclusiveIds = array(); $productExclusiveIds = array(); $resource = Mage::getResourceModel('catalog/product'); $productsWebsites = $resource->getWebsiteIdsByProductIds($productIds); foreach ($productsWebsites as $productId => $productWebsiteIds) { if (!$this->_role->hasExclusiveAccess($productWebsiteIds)) { $productNotExclusiveIds[] = $productId; } else { $productExclusiveIds[] = $productId; } } if (!empty($productNotExclusiveIds)) { $productNotExclusiveIds = implode(', ', $productNotExclusiveIds); $message = Mage::helper('enterprise_admingws')->__('Not enough permissions to delete this item(s): %s.', $productNotExclusiveIds); Mage::getSingleton('adminhtml/session')->addError($message); } $this->_request->setParam('product', $productExclusiveIds); }
public function testIsAjax() { $this->assertFalse($this->_model->isAjax()); $this->_model->setParam('isAjax', 1); $this->assertTrue($this->_model->isAjax()); }
/** * Set GiftMessage for a QuoteItem by its Id. * * @param String $quoteItemId * @param AssociativeArray $giftMessage * @param String $store * @return AssociativeArray */ public function setForQuoteItem($quoteItemId, $giftMessage, $store = null) { /** @var $quote Mage_Sales_Model_Quote_Item */ $quoteItem = Mage::getModel('sales/quote_item')->load($quoteItemId); if (is_null($quoteItem->getId())) { $this->_fault("quote_item_not_exists"); } /** @var $quote Mage_Sales_Model_Quote */ $quote = $this->_getQuote($quoteItem->getQuoteId(), $store); $giftMessage = $this->_prepareData($giftMessage); $giftMessage['type'] = 'quote_item'; $giftMessages = array($quoteItem->getId() => $giftMessage); $request = new Mage_Core_Controller_Request_Http(); $request->setParam("giftmessage", $giftMessages); return $this->_setGiftMessage($quoteItemId, $request, $quote); }
/** * To emulate the request we trigger the predispatch observer with our page parameter manually * * @param $requestPage * @return $this */ protected function _triggerPredispatchObserver($requestPage, $requestPageSize) { $request = new Mage_Core_Controller_Request_Http(); $response = new Mage_Core_Controller_Response_Http(); $request->setParam('page', $requestPage); $request->setParam('limit', $requestPageSize); $controller = new Mage_Adminhtml_Catalog_Product_AttributeController($request, $response); $observer = $this->generateObserver(array('controller_action' => $controller), 'controller_action_predispatch_adminhtml_catalog_product_attribute_edit'); Mage::getSingleton('integernet_attributeoptionpager/observer')->fetchPaginationParams($observer); return $this; }
/** * Clear out user and session data when validation fails. Dispatch an event, * set session messages and unset user data before returning the empty * user object. * @param Mage_Admin_Model_User $user * @param Mage_Core_Controller_Request_Http $request * @param Mage_Core_Exception $authException * @return null * @codeCoverageIgnore All side-effects taken from Magento auth/login process */ protected function _failValidation(Mage_Admin_Model_User $user, Mage_Core_Controller_Request_Http $request = null, Mage_Core_Exception $authException) { $logMessage = 'Failed to authenticate using token.'; $this->logger->info($logMessage, $this->context->getMetaData(__CLASS__)); // This may be problematic due to the missing user password. It is never // given while doing the token auth so we don't have one to pass. So far // it doesn't seem to be causing any issues but may have some impact on the // Mage_Enterprise_Pci_Model_Observer::adminAuthenticate method. Mage::dispatchEvent('admin_user_authenticate_after', array('username' => $user->getUsername(), 'password' => '', 'user' => $user, 'result' => false)); Mage::dispatchEvent('admin_session_user_login_failed', array('user_name' => $user->getUsername(), 'exception' => $authException)); if ($request && !$request->getParam('messageSent')) { Mage::getSingleton('adminhtml/session')->addError($authException->getMessage()); $request->setParam('messageSent', true); } $user->unsetData(); $this->_postAuthCheckRedirect(Mage::helper('adminhtml')->getUrl('*')); }
/** * Calls the diehard/load controller without spawning a new request * * @param array $params * @return string */ public function getDynamicBlockReplacement($params) { // Append dynamic block content to end of page to be replaced by javascript, but not Ajax if ($params['blocks'] || !empty($params['all_blocks'])) { // Init store if it has not been yet (page served from cache) if (!$this->helper()->isAppInited()) { $this->helper()->initApp(); } else { // Reset layout Mage::unregister('_singleton/core/layout'); Mage::getSingleton('core/layout'); // TODO Mage::app()->getLayout() is not reset using the method above! // TODO Consider resetting Magento entirely using Mage::reset(); } // Create a sub-request to get JSON response $uri = $this->getBaseUrl() . '/_diehard/load/ajax'; $request = new Mage_Core_Controller_Request_Http($uri); $request->setRouteName('diehard'); $request->setModuleName('_diehard'); $request->setControllerName('load'); $request->setActionName('ajax'); $request->setControllerModule('Cm_Diehard'); $request->setParam('full_action_name', $params['full_action_name']); if (!empty($params['all_blocks'])) { $request->setParam('all_blocks', 1); } else { $request->setParam('blocks', $params['blocks']); } $request->setParam('params', $params['params']); $request->setDispatched(true); // Override parameters in request singleton (for Mage_Core_Block_Abstract#getRequest()) Mage::app()->getRequest()->clearParams(); Mage::app()->getRequest()->setParams($request->getParams()); Mage::app()->getRequest()->setParams($request->getParam('params')); // Render sub-request into sub-response object $response = new Mage_Core_Controller_Response_Http(); require_once Mage::getModuleDir('controllers', 'Cm_Diehard') . '/LoadController.php'; $controller = new Cm_Diehard_LoadController($request, $response); $controller->dispatch('json'); $replacement = ''; if ($this->helper()->isDebug()) { $replacement .= '<!-- Dynamic blocks rendered: ' . (empty($params['all_blocks']) ? implode(',', $params['blocks']) : 'ALL') . ' -->' . "\n"; } $replacement .= "<script type=\"text/javascript\">/* <![CDATA[ */Diehard.replaceBlocks({$response->getBody()});/* ]]> */</script>"; return $replacement; } else { if ($this->helper()->isDebug()) { return '<!-- No dynamic blocks -->'; } else { return ''; } } }
/** * Process not logged in user data * * @param Mage_Core_Controller_Request_Http $request */ protected function _processNotLoggedInUser(Mage_Core_Controller_Request_Http $request) { $isRedirectNeeded = false; if ($request->getPost('login') && $this->_performLogin()) { $isRedirectNeeded = $this->_redirectIfNeededAfterLogin(); } if (!$isRedirectNeeded && !$request->getParam('forwarded')) { if ($request->getParam('isIframe')) { $request->setParam('forwarded', true)->setControllerName('auth')->setActionName('deniedIframe')->setDispatched(false); } else { if ($request->getParam('isAjax')) { $request->setParam('forwarded', true)->setControllerName('auth')->setActionName('deniedJson')->setDispatched(false); } else { $request->setParam('forwarded', true)->setRouteName('adminhtml')->setControllerName('auth')->setActionName('login')->setDispatched(false); } } } }
public function testSaveActionProcessDifferentListings() { $productIds = array(1, 2, 3); $channel = new Varien_Object(array('id' => 'test_channel_id', 'channeltype_code' => 'test_ebay')); $this->_mockChannel($channel); $policyMock = $this->mockModel('xcom_ebay/policy'); $policyMock->expects($this->any())->method('load')->will($this->returnValue($policyMock)); $session = $this->mockModel('adminhtml/session'); $session->expects($this->once())->method('addSuccess'); $request = new Mage_Core_Controller_Request_Http(); $request->setParam('channel_id', 111); $storeId = 12; $request->setParam('store', $storeId); $request->setParam('product_ids', $productIds); $request->setPost(array('channel_id' => $channel->getId(), 'policy_id' => 0)); $objectMock = $this->getMock(get_class($this->_object), array('_redirect'), array($request, new Varien_Object())); $objectMock->expects($this->once())->method('_redirect')->with($this->equalTo('*/channel_product/'), $this->equalTo(array('type' => $channel->getChanneltypeCode(), 'store' => $storeId))); $channelProductMock = $this->mockModel('xcom_listing/channel_product', array('isProductsInChannel', 'addData', 'getPublishedListingIds', 'saveProducts')); $channelProductMock->expects($this->once())->method('isProductsInChannel')->with($this->equalTo($channel->getId()), $this->equalTo($productIds))->will($this->returnValue(true)); $channelProductMock->expects($this->once())->method('getPublishedListingIds')->with($this->equalTo($productIds), $this->equalTo($channel->getId()))->will($this->returnValue(array(3 => array('product_ids' => array(1, 2), 'channel_id' => $channel->getId())))); $listingMock = $this->mockModel('xcom_listing/listing', array('load', 'addData', 'save', 'prepareProducts', 'send', 'saveProducts', '_isChanged')); $listingMock->expects($this->any())->method('_isChanged')->will($this->returnValue(true)); $listingMock->expects($this->any())->method('addData')->with($this->equalTo($request->getPost())); $listingMock->expects($this->any())->method('prepareProducts')->with($this->equalTo(array(1, 2))); $listingMock->expects($this->any())->method('send')->with($this->equalTo(array('policy' => $policyMock, 'channel' => $channel))); $listingMock->expects($this->any())->method('saveProducts'); $validatorMock = $this->mockHelper('xcom_listing/validator', array('validateOptionalFields', 'validateProducts', 'isPriceChanged', 'isQtyChanged')); $validatorMock->expects($this->once())->method('validateOptionalFields'); $validatorMock->expects($this->once())->method('validateProducts'); $validatorMock->expects($this->once())->method('isPriceChanged'); $validatorMock->expects($this->once())->method('isQtyChanged'); $validatorMock->setListing($listingMock); $this->assertNull($objectMock->saveAction()); }
protected function _getRequest($isAjax = false) { $request = new Mage_Core_Controller_Request_Http(); $request->setParam('ajax', $isAjax); return $request; }
public function testSavePolicyWithoutPostDataAndWitRedirectParam() { $channelMock = $this->mockModel('xcom_ebay/channel', array('getId')); $channelMock->expects($this->once())->method('getId')->will($this->returnValue('test_id')); $request = new Mage_Core_Controller_Request_Http(); $request->setParam('back', true); $mockController = $this->_getControllerMock($request, new Varien_Object(), array('_redirect')); $mockController->expects($this->once())->method('_redirect')->with($this->equalTo('*/*/edit'), $this->equalTo(array('channel_id' => 'test_id', '_current' => true)))->will($this->returnValue('test_code')); $mockController->saveAction(); }
public function testSaveSetAction() { $request = new Mage_Core_Controller_Request_Http(); $setId = rand(1, 10000); $request->setParam('attribute_set_id', $setId); $request->setParam('mapping_product_type_id', Xcom_Mapping_Model_Relation::DIRECT_MAPPING); $mappingProductTypeMock = $this->mockModel('xcom_mapping/product_type', array('deleteAttributeSetMappingRelation')); $mappingProductTypeMock->expects($this->once())->method('deleteAttributeSetMappingRelation')->with($this->equalTo($setId)); $mappingProductTypeMock = $this->mockModel('xcom_mapping/relation', array('saveRelation')); $mappingProductTypeMock->expects($this->any())->method('saveRelation'); $this->_mockController($request, new Varien_Object(), array('getRequest', 'getResponse', '_redirect')); $this->_object->saveSetAction(); }