/**
* @dataProvider dataProviderIsAllowed
* @param string $config
* @param string $module
* @param string $controller
* @param string $action
* @param array $issuersWithJobs
* @param bool $isAllowed
* @param string $urn
*/
public function testIsAllowed($config, $module, $controller, $action, $issuersWithJobs, $isAllowed, $urn = '')
{
$configMock = $this->getMock('Mage_Core_Model_Config', array('getNode'));
$configMock->expects($this->any())->method('getNode')->with($this->equalTo('default/xcom/initializer_acl'))->will($this->returnValue(new Varien_Simplexml_Element($config)));
$request = new Mage_Core_Controller_Request_Http();
$request->setControllerModule($module)->setControllerName($controller)->setActionName($action);
$request->setRequestUri($urn)->setPathInfo();
$fabricHelper = $this->mockHelper('xcom_xfabric', array('getNodeByXpath'));
$fabricHelper->expects($this->any())->method('getNodeByXpath')->will($this->returnValue(1));
$jobResource = $this->mockResource('xcom_initializer/job', array('hasJobsLeft', 'isDataCollected'));
$jobResource->expects($this->any())->method('isDataCollected')->will($this->returnValue(empty($issuersWithJobs)));
if (empty($issuersWithJobs)) {
$jobResource->expects($this->never())->method('hasJobsLeft');
} else {
$i = 1;
foreach (array('xcom_mapping', 'xcom_other') as $issuer) {
$jobResource->expects($this->at($i))->method('hasJobsLeft')->with($this->equalTo($issuer))->will($this->returnValue((int) in_array($issuer, $issuersWithJobs)));
$i++;
}
}
Mage::setConfigMock($configMock);
$result = $this->_object->isAllowed($request);
Mage::setUseMockConfig(false);
$this->assertEquals($isAllowed, $result);
}
/**
* Test that Mage_Core_Controller_Varien_Action_Forward::dispatch() does not change dispatched flag
*/
public function testDispatch()
{
$this->_request->setDispatched(true);
$this->assertTrue($this->_request->isDispatched());
$this->_object->dispatch('any action');
$this->assertFalse($this->_request->isDispatched());
}
/**
*
* @param Mage_Core_Controller_Request_Http $request
* @return string
*/
public function getCurrentUnSecureUrl($request)
{
if ($alias = $request->getAlias(Mage_Core_Model_Url_Rewrite::REWRITE_REQUEST_PATH_ALIAS)) {
return Mage::getBaseUrl('link', false) . ltrim($alias, '/');
}
return Mage::getBaseUrl('link', false) . ltrim($request->getPathInfo(), '/');
}
public function construct(Mage_Core_Controller_Request_Http $request)
{
$this->request = $request;
if ($request->getPost('message')) {
$this->msg = unserialize($this->AC_decode_base64($request->getPost('message')));
}
}
/**
* Perform an export according to the given request.
*
* @param Mage_Core_Controller_Request_Http $request
* @param Mage_Core_Controller_Response_Http $response
* @throws Exception
*/
public function process(Mage_Core_Controller_Request_Http $request, Mage_Core_Controller_Response_Http $response)
{
// In case store is part of URL path use it to choose config.
$store = $request->get('store');
if ($store) {
$store = Mage::app()->getStore($store);
}
$apiConfigCharset = Mage::getStoreConfig("api/config/charset", $store);
$start_date = strtotime($request->getParam('start_date'));
$end_date = strtotime($request->getParam('end_date'));
if (!$start_date || !$end_date) {
throw new Exception('Start and end dates are required', 400);
}
$page = (int) $request->getParam('page');
/* @var $orders Mage_Sales_Model_Mysql4_Order_Collection */
$orders = Mage::getResourceModel('sales/order_collection');
// might use 'created_at' attribute instead
$orders->addAttributeToFilter('updated_at', array('from' => date('Y-m-d H:i:s', $start_date), 'to' => date('Y-m-d H:i:s', $end_date)));
if ($store) {
$orders->addAttributeToFilter('store_id', $store->getId());
}
if ($page > 0) {
$orders->setPage($page, $this->_getExportPageSize());
}
$xml = new XMLWriter();
$xml->openMemory();
$xml->startDocument('1.0', $apiConfigCharset);
$this->_writeOrders($orders, $xml, $store ? $store->getId() : 0);
$xml->endDocument();
$response->clearHeaders()->setHeader('Content-Type', 'text/xml; charset=' . $apiConfigCharset)->setBody($xml->outputMemory(true));
}
public function testGetFullActionName()
{
$this->_request->expects($this->once())->method('getRequestedRouteName')->will($this->returnValue('adminhtml'));
$this->_request->expects($this->once())->method('getRequestedControllerName')->will($this->returnValue('index'));
$this->_request->expects($this->once())->method('getRequestedActionName')->will($this->returnValue('index'));
$this->assertEquals('adminhtml_index_index', $this->_actionAbstract->getFullActionName());
}
/**
* @param Mage_Core_Controller_Request_Http $request
*
* @return bool
*/
public function isApiKeyValid(Mage_Core_Controller_Request_Http $request)
{
$apiKeyName = $this->getApiKeyName();
$postApiKey = $request->getParam($apiKeyName, NULL);
$key = $this->getApiKey();
return !empty($key) && $key === $postApiKey;
}
/**
* Validate and Match Cms Page and modify request
*
* @param Mage_Core_Controller_Request_Http $request
* @return bool
*
* @SuppressWarnings(PHPMD.ExitExpression)
*/
public function match(Mage_Core_Controller_Request_Http $request)
{
if (!Mage::isInstalled()) {
Mage::app()->getFrontController()->getResponse()->setRedirect(Mage::getUrl('install'))->sendResponse();
exit;
}
$identifier = trim($request->getPathInfo(), '/');
$condition = new Varien_Object(array('identifier' => $identifier, 'continue' => true));
$this->_eventManager->dispatch('cms_controller_router_match_before', array('router' => $this, 'condition' => $condition));
$identifier = $condition->getIdentifier();
if ($condition->getRedirectUrl()) {
Mage::app()->getFrontController()->getResponse()->setRedirect($condition->getRedirectUrl())->sendResponse();
$request->setDispatched(true);
return $this->_controllerFactory->createController('Mage_Core_Controller_Varien_Action_Redirect', array('request' => $request));
}
if (!$condition->getContinue()) {
return null;
}
$page = Mage::getModel('Mage_Cms_Model_Page');
$pageId = $page->checkIdentifier($identifier, Mage::app()->getStore()->getId());
if (!$pageId) {
return null;
}
$request->setModuleName('cms')->setControllerName('page')->setActionName('view')->setParam('page_id', $pageId);
$request->setAlias(Mage_Core_Model_Url_Rewrite::REWRITE_REQUEST_PATH_ALIAS, $identifier);
return $this->_controllerFactory->createController('Mage_Core_Controller_Varien_Action_Forward', array('request' => $request));
}
protected function setUp()
{
$this->_layout = $this->getMockBuilder('Mage_Core_Model_Layout')->disableOriginalConstructor()->setMethods(array('helper', 'getChildBlock', 'getChildName'))->getMock();
$this->_request = $this->getMockBuilder('Mage_Core_Controller_Request_Http')->disableOriginalConstructor()->setMethods(array('getParam'))->getMock();
$this->_request->expects($this->any())->method('getParam')->with('user_id')->will($this->returnValue(1));
$helper = new Magento_Test_Helper_ObjectManager($this);
$this->_block = $helper->getBlock('Mage_Webapi_Block_Adminhtml_User_Edit', array('urlBuilder' => $this->getMockBuilder('Mage_Backend_Model_Url')->disableOriginalConstructor()->getMock(), 'layout' => $this->_layout, 'request' => $this->_request));
}
/**
* @magentoAppIsolation enabled
*/
public function testMatch()
{
$request = new Mage_Core_Controller_Request_Http();
//Open Node
$request->setPathInfo('parent_node');
$controller = $this->_model->match($request);
$this->assertInstanceOf('Mage_Core_Controller_Varien_Action_Redirect', $controller);
}
/**
* @param Mage_Core_Controller_Request_Http $request
*
* @return string $query
*/
private function getSearchQuery(Mage_Core_Controller_Request_Http $request)
{
$maxQueryLength = (int) Mage::getStoreConfig('catalog/search/max_query_length') > 0 ? (int) Mage::getStoreConfig('catalog/search/max_query_length') : 128;
$query = preg_replace('/(\\W|html|php)+/', ' ', $request->getRequestString());
if (count($request->getQuery()) > 0) {
$query .= implode(' ', $request->getQuery());
}
return substr($query, 0, $maxQueryLength);
}
public function getCookiePath()
{
$path = Mage::getStoreConfig('web/cookie/cookie_path');
if (empty($path)) {
$request = new Mage_Core_Controller_Request_Http();
$path = $request->getBasePath();
}
return $path;
}
/**
* Read settings
*
* @param Mage_Core_Controller_Request_Http $request
* @return $this
*/
public function setPageFromRequest(Mage_Core_Controller_Request_Http $request)
{
$this->_currentPage = max(1, $request->getParam('page'));
$limit = $request->getParam('limit', null);
if ($limit !== null) {
$this->_pageSize = (int) $limit;
}
return $this;
}
/**
* Perform a notify using POSTed data.
*
* See Auctane API specification.
*
* @param Mage_Core_Controller_Request_Http $request
* @throws Exception
*/
public function process(Mage_Core_Controller_Request_Http $request)
{
// Raw XML is POSTed to this stream
$xml = simplexml_load_file('php://input');
// load some objects
$order = $this->_getOrder($xml->OrderNumber);
$qtys = $this->_getOrderItemQtys(@$xml->Items, $order);
$shipment = $this->_getOrderShipment($order, $qtys);
// this is where tracking is actually added
$track = Mage::getModel('sales/order_shipment_track')->setNumber($xml->TrackingNumber)->setCarrierCode($xml->Carrier)->setTitle($xml->Service);
$shipment->addTrack($track);
// 'NotifyCustomer' must be "true" or "yes" to trigger an email
$notify = filter_var(@$xml->NotifyCustomer, FILTER_VALIDATE_BOOLEAN);
$capture = filter_var($request->getParam('capture'), FILTER_VALIDATE_BOOLEAN);
if ($capture && $order->canInvoice()) {
$invoice = $order->prepareInvoice($qtys);
$invoice->setRequestedCaptureCase($invoice->canCapture() ? 'online' : 'offline')->register()->addComment($this->_getInvoiceComment(), $notify)->sendEmail($notify);
// always send to store manager, and optionally notify customer too
$order->setIsInProcess(true);
// updates status on save
}
// Internal notes are only visible to admin
if (@$xml->InternalNotes) {
$shipment->addComment($xml->InternalNotes);
}
// Customer notes have 'Visible On Frontend' set
if ($notify) {
// if no NotesToCustomer then comment is empty string
$shipment->sendEmail(true, (string) @$xml->NotesToCustomer)->setEmailSent(true);
}
if (@$xml->NotesToCustomer) {
$shipment->addComment($xml->NotesToCustomer, $notify, true);
}
$transaction = Mage::getModel('core/resource_transaction');
$transaction->addObject($shipment)->addObject($track);
if (isset($invoice)) {
// order has been captured, therefore has been modified
$transaction->addObject($invoice)->addObject($order);
}
$transaction->save();
if ($order->canInvoice() && !$order->canShip()) {
// then silently invoice if order is shipped to move status to "Complete")
$invoice = $order->prepareInvoice();
$invoice->setRequestedCaptureCase($invoice->canCapture() ? 'online' : 'offline')->register()->addComment($this->_getInvoiceComment(), false)->sendEmail(false);
// always send to store manager, and optionally notify customer too
$order->setIsInProcess(true);
// updates status on save
$transaction = Mage::getModel('core/resource_transaction');
if (isset($invoice)) {
// order has been captured, therefore has been modified
$transaction->addObject($invoice)->addObject($order);
}
$transaction->save();
}
}
/**
* Parse $_inRoleUsersFilter value from request
*
* @param Mage_Core_Controller_Request_Http $request
* @param Mage_Backend_Helper_Data $backendHelper
* @return int
*/
protected function _parseInRoleUsersFilter(Mage_Core_Controller_Request_Http $request, Mage_Backend_Helper_Data $backendHelper)
{
$result = self::IN_ROLE_USERS_ANY;
$filter = $backendHelper->prepareFilterString($request->getParam('filter', ''));
if (isset($filter[self::IN_ROLE_USERS_PARAMETER])) {
$result = $filter[self::IN_ROLE_USERS_PARAMETER] ? self::IN_ROLE_USERS_YES : self::IN_ROLE_USERS_NO;
} elseif (!$request->isAjax()) {
$result = self::IN_ROLE_USERS_YES;
}
return $result;
}
protected function _mockModel()
{
$methods = array('getRequest');
$formMock = $this->getMock('Xcom_Mapping_Block_Adminhtml_Attribute_Value_Form_Mock', $methods, array(), '', false);
$request = new Mage_Core_Controller_Request_Http();
$request->setParam('attribute_id', 1);
$request->setParam('target_attribute_id', 1);
$request->setParam('target_attribute_set_id', 1);
$formMock->expects($this->any())->method('getRequest')->will($this->returnValue(3));
$this->_object = $formMock;
}
/**
* observer will only be called at
* controller_action_postdispatch_customer_account_loginPost
* because the logged in customer object is not available in the pre dispatch!
*
* @param Varien_Event_Observer $observer
*/
public function restrictCmsPageAfterLogin(Varien_Event_Observer $observer)
{
$this->_initProperties($observer);
/* we keep these two var just to be sure it is called correctly :-| */
$isMageCustomerAccountController = $this->_controller instanceof Mage_Customer_AccountController;
$isCustomerLoginPost = $this->_request->getActionName() === 'loginPost';
if ($isMageCustomerAccountController && $isCustomerLoginPost && $this->_hasSessionRedirectUrl()) {
$this->_pageIdentifier = $this->_getSessionRedirectUrl();
$url = TRUE === Mage::helper('schumacherfm_cmsrestriction')->isCustomerAllowed($this->_getPageModelInstance()) ? $this->_pageIdentifier : Mage::helper('schumacherfm_cmsrestriction')->getAccessDeniedUrl();
$this->_unsSessionRedirectUrl();
$this->_handleRedirect($url);
}
}
/**
* @dataProvider updateDataProvider
* @param int $roleId
* @param array $filters
* @param bool $isAjax
* @param mixed $param
*/
public function testUpdate($roleId, $filters, $isAjax, $param)
{
$this->_request->expects($this->any())->method('getParam')->will($this->returnValueMap(array(array('role_id', null, $roleId), array('filter', '', $filters))));
$this->_request->expects($this->any())->method('isAjax')->will($this->returnValue($isAjax));
if ($param) {
$this->_collection->expects($this->once())->method('addFieldToFilter')->with('role_id', $param);
} else {
$this->_collection->expects($this->never())->method('addFieldToFilter');
}
/** @var Mage_Webapi_Model_Acl_Role_UsersUpdater $model */
$model = $this->_helper->getModel('Mage_Webapi_Model_Acl_Role_UsersUpdater', array('request' => $this->_request, 'backendHelper' => $this->_backendHelper));
$this->assertEquals($this->_collection, $model->update($this->_collection));
}
public function decode($encodedParameters, $version)
{
// The !empty() ensures that rows without a version number can be
// executed (not without any risk).
if (!empty($version) && $this->_getVersion() != $version) {
throw new Exception(sprintf("Can't decode the Action encoded with %s Tracker v %s; current System Config Tracker is v %s ", $this->_code, $version, $this->_getVersion()));
}
$parameters = $this->_decodeParams($encodedParameters);
$request = new Mage_Core_Controller_Request_Http();
$request->setPost($parameters);
$request->setQuery($parameters);
// @todo $_FILE?
return $request;
}
public function getMethod()
{
if ($this->_method) {
return $this->_method;
}
return parent::getMethod();
}
/**
* Test for _beforeToHtml method
*
* @dataProvider beforeToHtmlDataProvider
* @param object $apiRole
* @param array $expectedTabIds
*/
public function testBeforeToHtml($apiRole, $expectedTabIds)
{
$this->_block->setApiRole($apiRole);
$mainBlock = $this->_helper->getBlock('Mage_Core_Block_Text');
$resourceBlock = $this->_helper->getBlock('Mage_Core_Block_Text');
$userBlock = $this->_helper->getBlock('Mage_Core_Block_Text');
$this->_layout->expects($this->any())->method('getBlock')->will($this->returnValueMap(array(array('webapi.role.edit.tab.main', $mainBlock), array('webapi.role.edit.tab.resource', $resourceBlock), array('webapi.role.edit.tab.users.grid', $userBlock))));
$this->_request->expects($this->any())->method('getParam')->will($this->returnValueMap(array(array('active_tab', null, 'main_section'))));
// todo: do checks using toHtml() when DI is implemented for abstract blocks
$toHtmlMethod = new ReflectionMethod($this->_block, '_beforeToHtml');
$toHtmlMethod->setAccessible(true);
$toHtmlMethod->invoke($this->_block);
$this->assertEquals($expectedTabIds, $this->_block->getTabsIds());
$this->assertEquals($apiRole, $mainBlock->getApiRole());
$this->assertEquals($apiRole, $resourceBlock->getApiRole());
}
public function setNeverExpireBrowserCacheHeader(Mage_Core_Controller_Request_Http $httpRequest, Mage_Core_Controller_Response_Http $response)
{
if (!Mage::app()->useCache('config')) {
return $this;
}
if (!$httpRequest->has(self::FUZE_VALUE_CACHE_KEY)) {
Mage::log("MegaMenu cache problem: You cannot set never expire browser cache, because this http request has not been secured by the fuze url param.");
return $this;
}
$expires = gmdate('D, d M Y H:i:s \\G\\M\\T', time() + 3600 * self::HOURS_IN_BROWSER_CACHE);
$maxAge = self::HOURS_IN_BROWSER_CACHE * 3600;
$response->setHeader('Pragma', 'public', true);
$response->setHeader('Expires', $expires, true);
$response->setHeader('Cache-Control', "public, max-age={$maxAge}", true);
return $this;
}
/**
* @param Mage_Core_Controller_Request_Http $request
* @return string
* @throws Mage_Core_Exception
*/
public function initFromRequest(Mage_Core_Controller_Request_Http $request)
{
if ($request->getParam('expert_mode') == 'on') {
$cronExpression = $request->getParam('cron_expr');
return $cronExpression;
}
try {
// easy mapping
$params = $request->getParams();
$data = new Noovias_Cron_Data_CronExpression($params);
//
$cronExpression = $this->getGenerationService()->generateCronExprFromDataObject($data);
return $cronExpression;
} catch (Exception $e) {
throw new Mage_Core_Exception($e->getMessage());
}
}
/**
* Try to login user in admin
*
* @param string $username
* @param string $password
* @param Mage_Core_Controller_Request_Http $request
* @return Mage_Admin_Model_User|null
*/
public function login($username, $password, $request = null)
{
if (empty($username) || empty($password)) {
return;
}
$user = Mage::getModel('admin/user')->login($username, $password);
if ($user->getId() && $user->getIsActive() != '1') {
if ($request && !$request->getParam('messageSent')) {
Mage::getSingleton('adminhtml/session')->addError(Mage::helper('adminhtml')->__('Your Account has been deactivated.'));
$request->setParam('messageSent', true);
}
} elseif (!Mage::getModel('admin/user')->hasAssigned2Role($user->getId())) {
if ($request && !$request->getParam('messageSent')) {
Mage::getSingleton('adminhtml/session')->addError(Mage::helper('adminhtml')->__('Access Denied.'));
$request->setParam('messageSent', true);
}
} else {
if ($user->getId()) {
$session = Mage::getSingleton('admin/session');
$session->setIsFirstVisit(true);
$session->setUser($user);
$session->setAcl(Mage::getResourceModel('admin/acl')->loadAcl());
if ($request) {
header('Location: ' . $request->getRequestUri());
exit;
}
} else {
if ($request && !$request->getParam('messageSent')) {
Mage::getSingleton('adminhtml/session')->addError(Mage::helper('adminhtml')->__('Invalid Username or Password.'));
$request->setParam('messageSent', true);
}
}
}
return $user;
}
/**
* Modify request and set to no-route action
* If store is admin and specified different admin front name,
* change store to default (Possible when enabled Store Code in URL)
*
* @param Mage_Core_Controller_Request_Http $request
* @return boolean
*/
public function match(Mage_Core_Controller_Request_Http $request)
{
$noRoute = explode('/', Mage::app()->getStore()->getConfig('web/default/no_route'));
$moduleName = isset($noRoute[0]) ? $noRoute[0] : 'core';
$controllerName = isset($noRoute[1]) ? $noRoute[1] : 'index';
$actionName = isset($noRoute[2]) ? $noRoute[2] : 'index';
if (Mage::app()->getStore()->isAdmin()) {
$adminFrontName = (string) Mage::getConfig()->getNode('admin/routers/adminhtml/args/frontName');
if ($adminFrontName != $moduleName) {
$moduleName = 'core';
$controllerName = 'index';
$actionName = 'noRoute';
Mage::app()->setCurrentStore(Mage::app()->getDefaultStoreView());
}
}
$request->setModuleName($moduleName)->setControllerName($controllerName)->setActionName($actionName);
return $this->_controllerFactory->createController('Mage_Core_Controller_Varien_Action_Forward', array('request' => $request));
}
/**
* Initializes forward data
*
* @see Mage_Core_Controller_Request_Http::initForward()
*/
public function initForward()
{
if (empty($this->_beforeForwardInfo)) {
parent::initForward();
$this->_beforeForwardInfo['route_name'] = $this->getRouteName();
return $this;
}
return parent::initForward();
}
/**
* Validate customer attribute actions
*
* @param Mage_Adminhtml_Controller_Action $controller
* @return bool
*/
public function validateCustomerAttributeActions($controller)
{
$actionName = strtolower($this->_request->getActionName());
$attributeId = $this->_request->getParam('attribute_id');
$websiteId = $this->_request->getParam('website');
if (in_array($actionName, array('new', 'delete')) || in_array($actionName, array('edit', 'save')) && !$attributeId || $websiteId && !$this->_role->hasWebsiteAccess($websiteId, true)) {
$this->_forward();
return false;
}
return true;
}
/**
* Block editing of Hierarchy if GWS permissions are applicable
*
* @param Mage_Adminhtml_Controller_Action $controller
* @return bool|void
*/
public function validateCmsHierarchyAction($controller)
{
if (!$this->_role->getIsAll()) {
$requestAction = $this->_request->getActionName();
if ($requestAction == 'delete' || $requestAction == 'copy') {
$scopesParam = $this->_request->getParam('scopes');
$scopesParamIsArray = true;
if (!is_array($scopesParam)) {
$scopesParam = array($scopesParam);
$scopesParamIsArray = false;
}
$validatedScopes = array();
foreach (array_unique($scopesParam) as $value) {
if (0 === strpos($value, Enterprise_Cms_Helper_Hierarchy::SCOPE_PREFIX_WEBSITE)) {
$scopeId = (int) str_replace(Enterprise_Cms_Helper_Hierarchy::SCOPE_PREFIX_WEBSITE, '', $value);
if ($this->_role->hasExclusiveAccess((array) $scopeId)) {
$validatedScopes[] = $value;
}
} elseif (0 === strpos($value, Enterprise_Cms_Helper_Hierarchy::SCOPE_PREFIX_STORE)) {
$scopeId = (int) str_replace(Enterprise_Cms_Helper_Hierarchy::SCOPE_PREFIX_STORE, '', $value);
if ($this->_role->hasExclusiveStoreAccess((array) $scopeId)) {
$validatedScopes[] = $value;
}
}
}
if (count($validatedScopes) > 0) {
if ($requestAction == 'delete' && !$scopesParamIsArray && count($validatedScopes) == 1 && isset($validatedScopes[0])) {
$validatedScopes = $validatedScopes[0];
}
$this->_request->setParam('scopes', $validatedScopes);
} else {
$this->_forward();
return false;
}
} else {
$websiteCode = $controller->getRequest()->getParam('website');
$website = Mage::app()->getWebsite($websiteCode);
$websiteId = $website->getId();
if (!$this->_role->hasExclusiveAccess((array) $websiteId)) {
$storeCode = $controller->getRequest()->getParam('store');
$store = Mage::app()->getStore($storeCode);
$storeId = $store->getId();
if (!$this->_role->hasExclusiveStoreAccess((array) $storeId)) {
$this->_forward();
return false;
}
}
}
}
return true;
}
/**
* Hide price elements on Price Tab of Product Edit Page if needed
*
* @param Mage_Core_Block_Abstract $block
* @return void
*/
protected function _hidePriceElements($block)
{
/** @var $product Mage_Catalog_Model_Product */
$product = Mage::registry('product');
$form = $block->getForm();
$group = $block->getGroup();
$fieldset = null;
if (!is_null($form) && !is_null($group)) {
$fieldset = $form->getElement('group_fields' . $group->getId());
}
if (!is_null($product) && !is_null($form) && !is_null($group) && !is_null($fieldset)) {
$priceElementIds = array('special_price', 'tier_price', 'group_price', 'special_from_date', 'special_to_date', 'cost', 'open_amount_max', 'open_amount_min', 'allow_open_amount', 'giftcard_amounts', 'msrp_enabled', 'msrp_display_actual_price_type', 'msrp');
// Leave price element for bundle product active in order to change/view price type when product is created
if (Mage::registry('product')->getTypeId() != Mage_Catalog_Model_Product_Type::TYPE_BUNDLE) {
array_push($priceElementIds, 'price');
}
// Remove price elements or disable them if needed
foreach ($priceElementIds as &$priceId) {
if (!$this->_canReadProductPrice) {
$fieldset->removeField($priceId);
} elseif (!$this->_canEditProductPrice) {
$priceElement = $form->getElement($priceId);
if (!is_null($priceElement)) {
$priceElement->setReadonly(true, true);
}
}
}
if (!$this->_canEditProductPrice) {
// Handle Recurring Profile tab
if ($form->getElement('recurring_profile')) {
$form->getElement('recurring_profile')->setReadonly(true, true)->getForm()->setReadonly(true, true);
}
}
if ($product->isObjectNew()) {
if (!$this->_canEditProductPrice) {
// For each type of products accept except Bundle products, set default value for price if allowed
$priceElement = $form->getElement('price');
if (!is_null($priceElement) && $this->_canReadProductPrice && Mage::registry('product')->getTypeId() != Mage_Catalog_Model_Product_Type::TYPE_BUNDLE) {
$priceElement->setValue($this->_defaultProductPriceString);
}
// For giftcard products set default amount
$amountsElement = $form->getElement('giftcard_amounts');
if (!is_null($amountsElement)) {
$storeId = (int) $this->_request->getParam('store', 0);
$websiteId = Mage::app()->getStore($storeId)->getWebsiteId();
$amountsElement->setValue(array(array('website_id' => $websiteId, 'value' => $this->_defaultProductPriceString, 'website_value' => (double) $this->_defaultProductPriceString)));
}
}
}
}
}
/**
* Forward current request
*
* @param string $action
* @param string $module
* @param string $controller
* @return void
*/
protected function _forward($action = 'denied', $module = null, $controller = null)
{
if ($this->_request->getActionName() === $action && (null === $module || $this->_request->getModuleName() === $module) && (null === $controller || $this->_request->getControllerName() === $controller)) {
return;
}
$this->_request->initForward();
if ($module) {
$this->_request->setModuleName($module);
}
if ($controller) {
$this->_request->setControllerName($controller);
}
$this->_request->setActionName($action)->setDispatched(false);
}
