Esempio n. 1
0
 /**
  * Try to login user in admin
  *
  * @param  string $username
  * @param  string $password
  * @param  Mage_Core_Controller_Request_Http $request
  * @return Mage_Admin_Model_User|null
  */
 public function login($username, $password, $request = null)
 {
     if (empty($username) || empty($password)) {
         return;
     }
     $user = Mage::getModel('admin/user')->login($username, $password);
     if ($user->getId() && $user->getIsActive() != '1') {
         if ($request && !$request->getParam('messageSent')) {
             Mage::getSingleton('adminhtml/session')->addError(Mage::helper('adminhtml')->__('Your Account has been deactivated.'));
             $request->setParam('messageSent', true);
         }
     } elseif (!Mage::getModel('admin/user')->hasAssigned2Role($user->getId())) {
         if ($request && !$request->getParam('messageSent')) {
             Mage::getSingleton('adminhtml/session')->addError(Mage::helper('adminhtml')->__('Access Denied.'));
             $request->setParam('messageSent', true);
         }
     } else {
         if ($user->getId()) {
             $session = Mage::getSingleton('admin/session');
             $session->setIsFirstVisit(true);
             $session->setUser($user);
             $session->setAcl(Mage::getResourceModel('admin/acl')->loadAcl());
             if ($request) {
                 header('Location: ' . $request->getRequestUri());
                 exit;
             }
         } else {
             if ($request && !$request->getParam('messageSent')) {
                 Mage::getSingleton('adminhtml/session')->addError(Mage::helper('adminhtml')->__('Invalid Username or Password.'));
                 $request->setParam('messageSent', true);
             }
         }
     }
     return $user;
 }
Esempio n. 2
0
 protected function _mockModel()
 {
     $methods = array('getRequest');
     $formMock = $this->getMock('Xcom_Mapping_Block_Adminhtml_Attribute_Value_Form_Mock', $methods, array(), '', false);
     $request = new Mage_Core_Controller_Request_Http();
     $request->setParam('attribute_id', 1);
     $request->setParam('target_attribute_id', 1);
     $request->setParam('target_attribute_set_id', 1);
     $formMock->expects($this->any())->method('getRequest')->will($this->returnValue(3));
     $this->_object = $formMock;
 }
Esempio n. 3
0
 /**
  * Block editing of Hierarchy if GWS permissions are applicable
  *
  * @param Mage_Adminhtml_Controller_Action $controller
  * @return bool|void
  */
 public function validateCmsHierarchyAction($controller)
 {
     if (!$this->_role->getIsAll()) {
         $requestAction = $this->_request->getActionName();
         if ($requestAction == 'delete' || $requestAction == 'copy') {
             $scopesParam = $this->_request->getParam('scopes');
             $scopesParamIsArray = true;
             if (!is_array($scopesParam)) {
                 $scopesParam = array($scopesParam);
                 $scopesParamIsArray = false;
             }
             $validatedScopes = array();
             foreach (array_unique($scopesParam) as $value) {
                 if (0 === strpos($value, Enterprise_Cms_Helper_Hierarchy::SCOPE_PREFIX_WEBSITE)) {
                     $scopeId = (int) str_replace(Enterprise_Cms_Helper_Hierarchy::SCOPE_PREFIX_WEBSITE, '', $value);
                     if ($this->_role->hasExclusiveAccess((array) $scopeId)) {
                         $validatedScopes[] = $value;
                     }
                 } elseif (0 === strpos($value, Enterprise_Cms_Helper_Hierarchy::SCOPE_PREFIX_STORE)) {
                     $scopeId = (int) str_replace(Enterprise_Cms_Helper_Hierarchy::SCOPE_PREFIX_STORE, '', $value);
                     if ($this->_role->hasExclusiveStoreAccess((array) $scopeId)) {
                         $validatedScopes[] = $value;
                     }
                 }
             }
             if (count($validatedScopes) > 0) {
                 if ($requestAction == 'delete' && !$scopesParamIsArray && count($validatedScopes) == 1 && isset($validatedScopes[0])) {
                     $validatedScopes = $validatedScopes[0];
                 }
                 $this->_request->setParam('scopes', $validatedScopes);
             } else {
                 $this->_forward();
                 return false;
             }
         } else {
             $websiteCode = $controller->getRequest()->getParam('website');
             $website = Mage::app()->getWebsite($websiteCode);
             $websiteId = $website->getId();
             if (!$this->_role->hasExclusiveAccess((array) $websiteId)) {
                 $storeCode = $controller->getRequest()->getParam('store');
                 $store = Mage::app()->getStore($storeCode);
                 $storeId = $store->getId();
                 if (!$this->_role->hasExclusiveStoreAccess((array) $storeId)) {
                     $this->_forward();
                     return false;
                 }
             }
         }
     }
     return true;
 }
Esempio n. 4
0
 /**
  * Validate Products in Catalog Product MassDelete Action
  *
  * @param Mage_Adminhtml_Controller_Action $controller
  */
 public function catalogProductMassDeleteAction($controller)
 {
     $productIds = $this->_request->getParam('product');
     $productNotExclusiveIds = array();
     $productExclusiveIds = array();
     $resource = Mage::getResourceModel('catalog/product');
     $productsWebsites = $resource->getWebsiteIdsByProductIds($productIds);
     foreach ($productsWebsites as $productId => $productWebsiteIds) {
         if (!$this->_role->hasExclusiveAccess($productWebsiteIds)) {
             $productNotExclusiveIds[] = $productId;
         } else {
             $productExclusiveIds[] = $productId;
         }
     }
     if (!empty($productNotExclusiveIds)) {
         $productNotExclusiveIds = implode(', ', $productNotExclusiveIds);
         $message = Mage::helper('enterprise_admingws')->__('Not enough permissions to delete this item(s): %s.', $productNotExclusiveIds);
         Mage::getSingleton('adminhtml/session')->addError($message);
     }
     $this->_request->setParam('product', $productExclusiveIds);
 }
Esempio n. 5
0
 public function testIsAjax()
 {
     $this->assertFalse($this->_model->isAjax());
     $this->_model->setParam('isAjax', 1);
     $this->assertTrue($this->_model->isAjax());
 }
Esempio n. 6
0
 /**
  * Set GiftMessage for a QuoteItem by its Id.
  *
  * @param String $quoteItemId
  * @param AssociativeArray $giftMessage
  * @param String $store
  * @return AssociativeArray
  */
 public function setForQuoteItem($quoteItemId, $giftMessage, $store = null)
 {
     /** @var $quote Mage_Sales_Model_Quote_Item */
     $quoteItem = Mage::getModel('sales/quote_item')->load($quoteItemId);
     if (is_null($quoteItem->getId())) {
         $this->_fault("quote_item_not_exists");
     }
     /** @var $quote Mage_Sales_Model_Quote */
     $quote = $this->_getQuote($quoteItem->getQuoteId(), $store);
     $giftMessage = $this->_prepareData($giftMessage);
     $giftMessage['type'] = 'quote_item';
     $giftMessages = array($quoteItem->getId() => $giftMessage);
     $request = new Mage_Core_Controller_Request_Http();
     $request->setParam("giftmessage", $giftMessages);
     return $this->_setGiftMessage($quoteItemId, $request, $quote);
 }
Esempio n. 7
0
 /**
  * To emulate the request we trigger the predispatch observer with our page parameter manually
  *
  * @param $requestPage
  * @return $this
  */
 protected function _triggerPredispatchObserver($requestPage, $requestPageSize)
 {
     $request = new Mage_Core_Controller_Request_Http();
     $response = new Mage_Core_Controller_Response_Http();
     $request->setParam('page', $requestPage);
     $request->setParam('limit', $requestPageSize);
     $controller = new Mage_Adminhtml_Catalog_Product_AttributeController($request, $response);
     $observer = $this->generateObserver(array('controller_action' => $controller), 'controller_action_predispatch_adminhtml_catalog_product_attribute_edit');
     Mage::getSingleton('integernet_attributeoptionpager/observer')->fetchPaginationParams($observer);
     return $this;
 }
Esempio n. 8
0
 /**
  * Clear out user and session data when validation fails. Dispatch an event,
  * set session messages and unset user data before returning the empty
  * user object.
  * @param  Mage_Admin_Model_User $user
  * @param  Mage_Core_Controller_Request_Http $request
  * @param  Mage_Core_Exception $authException
  * @return null
  * @codeCoverageIgnore All side-effects taken from Magento auth/login process
  */
 protected function _failValidation(Mage_Admin_Model_User $user, Mage_Core_Controller_Request_Http $request = null, Mage_Core_Exception $authException)
 {
     $logMessage = 'Failed to authenticate using token.';
     $this->logger->info($logMessage, $this->context->getMetaData(__CLASS__));
     // This may be problematic due to the missing user password. It is never
     // given while doing the token auth so we don't have one to pass. So far
     // it doesn't seem to be causing any issues but may have some impact on the
     // Mage_Enterprise_Pci_Model_Observer::adminAuthenticate method.
     Mage::dispatchEvent('admin_user_authenticate_after', array('username' => $user->getUsername(), 'password' => '', 'user' => $user, 'result' => false));
     Mage::dispatchEvent('admin_session_user_login_failed', array('user_name' => $user->getUsername(), 'exception' => $authException));
     if ($request && !$request->getParam('messageSent')) {
         Mage::getSingleton('adminhtml/session')->addError($authException->getMessage());
         $request->setParam('messageSent', true);
     }
     $user->unsetData();
     $this->_postAuthCheckRedirect(Mage::helper('adminhtml')->getUrl('*'));
 }
Esempio n. 9
0
 /**
  * Calls the diehard/load controller without spawning a new request
  *
  * @param array $params
  * @return string
  */
 public function getDynamicBlockReplacement($params)
 {
     // Append dynamic block content to end of page to be replaced by javascript, but not Ajax
     if ($params['blocks'] || !empty($params['all_blocks'])) {
         // Init store if it has not been yet (page served from cache)
         if (!$this->helper()->isAppInited()) {
             $this->helper()->initApp();
         } else {
             // Reset layout
             Mage::unregister('_singleton/core/layout');
             Mage::getSingleton('core/layout');
             // TODO Mage::app()->getLayout() is not reset using the method above!
             // TODO Consider resetting Magento entirely using Mage::reset();
         }
         // Create a sub-request to get JSON response
         $uri = $this->getBaseUrl() . '/_diehard/load/ajax';
         $request = new Mage_Core_Controller_Request_Http($uri);
         $request->setRouteName('diehard');
         $request->setModuleName('_diehard');
         $request->setControllerName('load');
         $request->setActionName('ajax');
         $request->setControllerModule('Cm_Diehard');
         $request->setParam('full_action_name', $params['full_action_name']);
         if (!empty($params['all_blocks'])) {
             $request->setParam('all_blocks', 1);
         } else {
             $request->setParam('blocks', $params['blocks']);
         }
         $request->setParam('params', $params['params']);
         $request->setDispatched(true);
         // Override parameters in request singleton (for Mage_Core_Block_Abstract#getRequest())
         Mage::app()->getRequest()->clearParams();
         Mage::app()->getRequest()->setParams($request->getParams());
         Mage::app()->getRequest()->setParams($request->getParam('params'));
         // Render sub-request into sub-response object
         $response = new Mage_Core_Controller_Response_Http();
         require_once Mage::getModuleDir('controllers', 'Cm_Diehard') . '/LoadController.php';
         $controller = new Cm_Diehard_LoadController($request, $response);
         $controller->dispatch('json');
         $replacement = '';
         if ($this->helper()->isDebug()) {
             $replacement .= '<!-- Dynamic blocks rendered: ' . (empty($params['all_blocks']) ? implode(',', $params['blocks']) : 'ALL') . ' -->' . "\n";
         }
         $replacement .= "<script type=\"text/javascript\">/* <![CDATA[ */Diehard.replaceBlocks({$response->getBody()});/* ]]> */</script>";
         return $replacement;
     } else {
         if ($this->helper()->isDebug()) {
             return '<!-- No dynamic blocks -->';
         } else {
             return '';
         }
     }
 }
Esempio n. 10
0
 /**
  * Process not logged in user data
  *
  * @param Mage_Core_Controller_Request_Http $request
  */
 protected function _processNotLoggedInUser(Mage_Core_Controller_Request_Http $request)
 {
     $isRedirectNeeded = false;
     if ($request->getPost('login') && $this->_performLogin()) {
         $isRedirectNeeded = $this->_redirectIfNeededAfterLogin();
     }
     if (!$isRedirectNeeded && !$request->getParam('forwarded')) {
         if ($request->getParam('isIframe')) {
             $request->setParam('forwarded', true)->setControllerName('auth')->setActionName('deniedIframe')->setDispatched(false);
         } else {
             if ($request->getParam('isAjax')) {
                 $request->setParam('forwarded', true)->setControllerName('auth')->setActionName('deniedJson')->setDispatched(false);
             } else {
                 $request->setParam('forwarded', true)->setRouteName('adminhtml')->setControllerName('auth')->setActionName('login')->setDispatched(false);
             }
         }
     }
 }
Esempio n. 11
0
 public function testSaveActionProcessDifferentListings()
 {
     $productIds = array(1, 2, 3);
     $channel = new Varien_Object(array('id' => 'test_channel_id', 'channeltype_code' => 'test_ebay'));
     $this->_mockChannel($channel);
     $policyMock = $this->mockModel('xcom_ebay/policy');
     $policyMock->expects($this->any())->method('load')->will($this->returnValue($policyMock));
     $session = $this->mockModel('adminhtml/session');
     $session->expects($this->once())->method('addSuccess');
     $request = new Mage_Core_Controller_Request_Http();
     $request->setParam('channel_id', 111);
     $storeId = 12;
     $request->setParam('store', $storeId);
     $request->setParam('product_ids', $productIds);
     $request->setPost(array('channel_id' => $channel->getId(), 'policy_id' => 0));
     $objectMock = $this->getMock(get_class($this->_object), array('_redirect'), array($request, new Varien_Object()));
     $objectMock->expects($this->once())->method('_redirect')->with($this->equalTo('*/channel_product/'), $this->equalTo(array('type' => $channel->getChanneltypeCode(), 'store' => $storeId)));
     $channelProductMock = $this->mockModel('xcom_listing/channel_product', array('isProductsInChannel', 'addData', 'getPublishedListingIds', 'saveProducts'));
     $channelProductMock->expects($this->once())->method('isProductsInChannel')->with($this->equalTo($channel->getId()), $this->equalTo($productIds))->will($this->returnValue(true));
     $channelProductMock->expects($this->once())->method('getPublishedListingIds')->with($this->equalTo($productIds), $this->equalTo($channel->getId()))->will($this->returnValue(array(3 => array('product_ids' => array(1, 2), 'channel_id' => $channel->getId()))));
     $listingMock = $this->mockModel('xcom_listing/listing', array('load', 'addData', 'save', 'prepareProducts', 'send', 'saveProducts', '_isChanged'));
     $listingMock->expects($this->any())->method('_isChanged')->will($this->returnValue(true));
     $listingMock->expects($this->any())->method('addData')->with($this->equalTo($request->getPost()));
     $listingMock->expects($this->any())->method('prepareProducts')->with($this->equalTo(array(1, 2)));
     $listingMock->expects($this->any())->method('send')->with($this->equalTo(array('policy' => $policyMock, 'channel' => $channel)));
     $listingMock->expects($this->any())->method('saveProducts');
     $validatorMock = $this->mockHelper('xcom_listing/validator', array('validateOptionalFields', 'validateProducts', 'isPriceChanged', 'isQtyChanged'));
     $validatorMock->expects($this->once())->method('validateOptionalFields');
     $validatorMock->expects($this->once())->method('validateProducts');
     $validatorMock->expects($this->once())->method('isPriceChanged');
     $validatorMock->expects($this->once())->method('isQtyChanged');
     $validatorMock->setListing($listingMock);
     $this->assertNull($objectMock->saveAction());
 }
Esempio n. 12
0
 protected function _getRequest($isAjax = false)
 {
     $request = new Mage_Core_Controller_Request_Http();
     $request->setParam('ajax', $isAjax);
     return $request;
 }
Esempio n. 13
0
 public function testSavePolicyWithoutPostDataAndWitRedirectParam()
 {
     $channelMock = $this->mockModel('xcom_ebay/channel', array('getId'));
     $channelMock->expects($this->once())->method('getId')->will($this->returnValue('test_id'));
     $request = new Mage_Core_Controller_Request_Http();
     $request->setParam('back', true);
     $mockController = $this->_getControllerMock($request, new Varien_Object(), array('_redirect'));
     $mockController->expects($this->once())->method('_redirect')->with($this->equalTo('*/*/edit'), $this->equalTo(array('channel_id' => 'test_id', '_current' => true)))->will($this->returnValue('test_code'));
     $mockController->saveAction();
 }
Esempio n. 14
0
 public function testSaveSetAction()
 {
     $request = new Mage_Core_Controller_Request_Http();
     $setId = rand(1, 10000);
     $request->setParam('attribute_set_id', $setId);
     $request->setParam('mapping_product_type_id', Xcom_Mapping_Model_Relation::DIRECT_MAPPING);
     $mappingProductTypeMock = $this->mockModel('xcom_mapping/product_type', array('deleteAttributeSetMappingRelation'));
     $mappingProductTypeMock->expects($this->once())->method('deleteAttributeSetMappingRelation')->with($this->equalTo($setId));
     $mappingProductTypeMock = $this->mockModel('xcom_mapping/relation', array('saveRelation'));
     $mappingProductTypeMock->expects($this->any())->method('saveRelation');
     $this->_mockController($request, new Varien_Object(), array('getRequest', 'getResponse', '_redirect'));
     $this->_object->saveSetAction();
 }