/** * Handler check_acl smarty function * * @param array $params Parameters * @param \Smarty_Internal_Template $template Smarty template * * @throws \Thelia\Core\Security\Exception\AuthenticationException * * @return null */ public function checkAclPage($params, $template) { list($codes, $accesses, $accessOr, $entityId) = $this->checkParameters($params); if ($this->customerGroupAclTool->checkAcl($this->explode($codes), $this->explode($accesses), $accessOr, $entityId)) { return null; } $exception = new AuthenticationException('User not granted for action'); $loginTpl = $this->getParam($params, 'login_tpl'); if ($loginTpl !== null) { $exception->setLoginTemplate($loginTpl); } throw $exception; }
/** * Process security check function * * @param array $params * @param unknown $smarty * @return string no text is returned. * @throws \Thelia\Core\Security\Exception\AuthenticationException */ public function checkAuthFunction($params, &$smarty) { $roles = $this->explode($this->getParam($params, 'role')); $resources = $this->explode($this->getParam($params, 'resource')); $modules = $this->explode($this->getParam($params, 'module')); $accesses = $this->explode($this->getParam($params, 'access')); if (!$this->securityContext->isGranted($roles, $resources, $modules, $accesses)) { $ex = new AuthenticationException(sprintf("User not granted for roles '%s', to access resources '%s' with %s.", implode(',', $roles), implode(',', $resources), implode(',', $accesses))); $loginTpl = $this->getParam($params, 'login_tpl'); if (null != $loginTpl) { $ex->setLoginTemplate($loginTpl); } throw $ex; } return ''; }
/** * Process security check function * * @param array $params * @param \Smarty $smarty * @return string no text is returned. * @throws \Thelia\Core\Security\Exception\AuthenticationException * @throws AuthenticationException * @throws AuthorizationException */ public function checkAuthFunction($params, &$smarty) { $roles = $this->explode($this->getParam($params, 'role')); $resources = $this->explode($this->getParam($params, 'resource')); $modules = $this->explode($this->getParam($params, 'module')); $accesses = $this->explode($this->getParam($params, 'access')); if (!$this->securityContext->isGranted($roles, $resources, $modules, $accesses)) { if (null === $this->securityContext->checkRole($roles)) { // The current user is not logged-in. $ex = new AuthenticationException(sprintf("User not granted for roles '%s', to access resources '%s' with %s.", implode(',', $roles), implode(',', $resources), implode(',', $accesses))); $loginTpl = $this->getParam($params, 'login_tpl'); if (null != $loginTpl) { $ex->setLoginTemplate($loginTpl); } } else { // We have a logged-in user, who do not have the proper permission. Issue an AuthorizationException. $ex = new AuthorizationException(sprintf("User not granted for roles '%s', to access resources '%s' with %s.", implode(',', $roles), implode(',', $resources), implode(',', $accesses))); } throw $ex; } return ''; }