/** * Check whether survey question can show * * @return bool */ public function isDisplayed() { if ($this->_authSession->getHideSurveyQuestion() || false == $this->_authorization->isAllowed(null) || $this->_survey->isSurveyViewed() || false == $this->_survey->isSurveyUrlValid()) { return false; } return true; }
/** * Replace standard admin login form with HTTP Basic authentication * * @param AbstractAction $subject * @param callable $proceed * @param RequestInterface $request * @return ResponseInterface * @SuppressWarnings(PHPMD.UnusedFormalParameter) * @SuppressWarnings(PHPMD.CyclomaticComplexity) * @SuppressWarnings(PHPMD.NPathComplexity) */ public function aroundDispatch(AbstractAction $subject, \Closure $proceed, RequestInterface $request) { $resource = isset($this->aclResources[$request->getControllerName()]) ? isset($this->aclResources[$request->getControllerName()][$request->getActionName()]) ? $this->aclResources[$request->getControllerName()][$request->getActionName()] : $this->aclResources[$request->getControllerName()] : null; $type = $request->getParam('type'); $resourceType = isset($this->aclResources[$type]) ? $this->aclResources[$type] : null; if (!$resource || !$resourceType) { return parent::aroundDispatch($subject, $proceed, $request); } $session = $this->_auth->getAuthStorage(); // Try to login using HTTP-authentication if (!$session->isLoggedIn()) { list($login, $password) = $this->httpAuthentication->getCredentials(); try { $this->_auth->login($login, $password); } catch (AuthenticationException $e) { $this->logger->critical($e); } } // Verify if logged in and authorized if (!$session->isLoggedIn() || !$this->authorization->isAllowed($resource) || !$this->authorization->isAllowed($resourceType)) { $this->httpAuthentication->setAuthenticationFailed('RSS Feeds'); return $this->_response; } return parent::aroundDispatch($subject, $proceed, $request); }
/** * Generate row url * @param \Magento\Framework\DataObject $item * @return bool|string */ public function getUrl($item) { if ($this->_authorization->isAllowed('Magento_Sales::actions_view')) { return parent::getUrl($item); } return false; }
/** * Handler for all SOAP operations. * * @param string $operation * @param array $arguments * @return \stdClass|null * @throws WebapiException * @throws \LogicException * @throws AuthorizationException */ public function __call($operation, $arguments) { $requestedServices = $this->_request->getRequestedServices(); $serviceMethodInfo = $this->_apiConfig->getServiceMethodInfo($operation, $requestedServices); $serviceClass = $serviceMethodInfo[SoapConfig::KEY_CLASS]; $serviceMethod = $serviceMethodInfo[SoapConfig::KEY_METHOD]; // check if the operation is a secure operation & whether the request was made in HTTPS if ($serviceMethodInfo[SoapConfig::KEY_IS_SECURE] && !$this->_request->isSecure()) { throw new WebapiException(__("Operation allowed only in HTTPS")); } $isAllowed = false; foreach ($serviceMethodInfo[SoapConfig::KEY_ACL_RESOURCES] as $resource) { if ($this->_authorization->isAllowed($resource)) { $isAllowed = true; break; } } if (!$isAllowed) { throw new AuthorizationException(__(AuthorizationException::NOT_AUTHORIZED, ['resources' => implode(', ', $serviceMethodInfo[SoapConfig::KEY_ACL_RESOURCES])])); } $service = $this->_objectManager->get($serviceClass); $inputData = $this->_prepareRequestData($serviceClass, $serviceMethod, $arguments); $outputData = call_user_func_array([$service, $serviceMethod], $inputData); return $this->_prepareResponseData($outputData, $serviceClass, $serviceMethod); }
/** * Create url for passed item using passed url model * @param \Magento\Framework\Object $item * @return string */ public function getUrl($item) { if ($this->_authorization->isAllowed('Magento_Customer::manage') && $item->getCustomerId()) { return parent::getUrl($item); } return false; }
/** * Remove massaction items in case they disallowed for user * @param mixed $argument * @return mixed */ public function update($argument) { if (false === $this->authorization->isAllowed('Magento_Indexer::changeMode')) { unset($argument['change_mode_onthefly']); unset($argument['change_mode_changelog']); } return $argument; }
/** * Block admin ability to use customer billing agreements * * @param EventObserver $observer * @return void */ public function execute($observer) { $event = $observer->getEvent(); $methodInstance = $event->getMethodInstance(); if ($methodInstance instanceof \Magento\Paypal\Model\Payment\Method\Billing\AbstractAgreement && false == $this->_authorization->isAllowed('Magento_Paypal::use')) { $event->getResult()->isAvailable = false; } }
/** * @return boolean */ protected function canAddAttributes() { $isWrapped = $this->registry->registry('use_wrapper'); if (!isset($isWrapped)) { $isWrapped = true; } return $isWrapped && $this->authorization->isAllowed('Magento_Catalog::attributes_attributes'); }
/** * @return array */ public function getButtonData() { $customerId = $this->getCustomerId(); $data = []; if ($customerId && $this->authorization->isAllowed('Magento_Sales::create')) { $data = ['label' => __('Create Order'), 'on_click' => sprintf("location.href = '%s';", $this->getCreateOrderUrl()), 'class' => 'add', 'sort_order' => 40]; } return $data; }
/** * Check if all ACL resources are allowed to be accessed by current API user. * * @param string[] $aclResources * @return bool */ public function isAllowed($aclResources) { foreach ($aclResources as $resource) { if (!$this->authorization->isAllowed($resource)) { return false; } } return true; }
/** * @return array */ public function getButtonData() { $customerId = $this->getCustomerId(); $data = []; $canModify = $customerId && $this->_authorization->isAllowed('Magefan_LoginAsCustomer::login_button'); if ($canModify) { $data = ['label' => __('Login As Customer'), 'class' => 'login login-button', 'on_click' => 'window.open( \'' . $this->getInvalidateTokenUrl() . '\')', 'sort_order' => 70]; } return $data; }
/** * Prepare Data Source * * @param array $dataSource * @return array */ public function prepareDataSource(array $dataSource) { if (isset($dataSource['data']['items'])) { $hidden = !$this->_authorization->isAllowed('Magefan_LoginAsCustomer::login_button'); foreach ($dataSource['data']['items'] as &$item) { $item[$this->getData('name')]['edit'] = ['href' => $this->urlBuilder->getUrl('loginascustomer/login/login', ['customer_id' => $item['entity_id']]), 'label' => __('Login As Customer'), 'hidden' => $hidden, 'target' => '_blank']; } } return $dataSource; }
/** * Block admin ability to use customer billing agreements * * @param EventObserver $observer * @return void */ public function execute(EventObserver $observer) { $event = $observer->getEvent(); $methodInstance = $event->getMethodInstance(); if ($methodInstance instanceof \Magento\Paypal\Model\Payment\Method\Billing\AbstractAgreement && false == $this->_authorization->isAllowed('Magento_Paypal::use')) { /** @var \Magento\Framework\DataObject $result */ $result = $observer->getEvent()->getResult(); $result->setData('is_available', false); } }
/** * Delete nodes that have "acl" attribute but value is "not allowed" * In any case, the "acl" attribute will be unset * * @param \Magento\Framework\Simplexml\Element $xml * @return void */ public function filterAclNodes(\Magento\Framework\Simplexml\Element $xml) { $limitations = $xml->xpath('//*[@acl]') ?: array(); foreach ($limitations as $node) { if (!$this->_authorization->isAllowed($node['acl'])) { $node->unsetSelf(); } else { unset($node['acl']); } } }
/** * Delete elements that have "acl" attribute but value is "not allowed" * In any case, the "acl" attribute will be unset * * @param ScheduledStructure $scheduledStructure * @param Structure $structure */ public function filterAclElements(ScheduledStructure $scheduledStructure, Structure $structure) { foreach ($scheduledStructure->getElements() as $name => $data) { list(, $data) = $data; if (isset($data['attributes']['acl']) && $data['attributes']['acl']) { if (!$this->authorization->isAllowed($data['attributes']['acl'])) { $this->removeElement($scheduledStructure, $structure, $name); } } } }
/** * Remove massaction items in case they disallowed for user * @param mixed $argument * @return mixed */ public function update($argument) { if (false === $this->_authorization->isAllowed('Magento_Sales::cancel')) { unset($argument['cancel_order']); } if (false === $this->_authorization->isAllowed('Magento_Sales::hold')) { unset($argument['hold_order']); } if (false === $this->_authorization->isAllowed('Magento_Sales::unhold')) { unset($argument['unhold_order']); } return $argument; }
/** * Force admin to change password * * @param EventObserver $observer * @return void */ public function execute(EventObserver $observer) { if (!$this->observerConfig->isPasswordChangeForced()) { return; } if (!$this->authSession->isLoggedIn()) { return; } $actionList = ['adminhtml_system_account_index', 'adminhtml_system_account_save', 'adminhtml_auth_logout']; /** @var \Magento\Framework\App\Action\Action $controller */ $controller = $observer->getEvent()->getControllerAction(); /** @var \Magento\Framework\App\RequestInterface $request */ $request = $observer->getEvent()->getRequest(); if ($this->authSession->getPciAdminUserIsPasswordExpired()) { if (!in_array($request->getFullActionName(), $actionList)) { if ($this->authorization->isAllowed('Magento_Backend::myaccount')) { $controller->getResponse()->setRedirect($this->url->getUrl('adminhtml/system_account/')); $this->actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true); $this->actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_POST_DISPATCH, true); } else { /* * if admin password is expired and access to 'My Account' page is denied * than we need to do force logout with error message */ $this->authSession->clearStorage(); $this->session->clearStorage(); $this->messageManager->addErrorMessage(__('Your password has expired; please contact your administrator.')); $controller->getRequest()->setDispatched(false); } } } }
/** * Check whether item is allowed to the user * * @return bool */ public function isAllowed() { try { return $this->_acl->isAllowed((string) $this->_resource); } catch (\Exception $e) { return false; } }
/** * @param string $dataObjectType * @param string $attributeCode * @return bool */ private function isAttributePermissionValid($dataObjectType, $attributeCode) { $typeName = $this->getRegularTypeForExtensionAttributesType($dataObjectType); $permissions = $this->getPermissionsForTypeAndMethod($typeName, $attributeCode); foreach ($permissions as $permission) { if (!$this->authorization->isAllowed($permission)) { return false; } } return true; }
/** * Check whether notification is displayed * * @return bool */ public function isDisplayed() { // Check configuration to see if this should be evaluated further if ($this->avaTaxConfig->isModuleEnabled() == false || $this->avaTaxConfig->getTaxMode($this->storeManager->getDefaultStoreView()) != Config::TAX_MODE_ESTIMATE_AND_SUBMIT || $this->avaTaxConfig->getQueueAdminNotificationEnabled() == false) { return false; } // Query the database to get some stats about the queue $this->loadQueueStats(); // Determine if we need to notify the admin user if ($this->authorization->isAllowed('ClassyLlama_AvaTax::manage_avatax') && $this->statQueueCount > 0) { return true; } else { return false; } }
/** * Return Wysiwyg config as \Magento\Framework\DataObject * * Config options description: * * enabled: Enabled Visual Editor or not * hidden: Show Visual Editor on page load or not * use_container: Wrap Editor contents into div or not * no_display: Hide Editor container or not (related to use_container) * translator: Helper to translate phrases in lib * files_browser_*: Files Browser (media, images) settings * encode_directives: Encode template directives with JS or not * * @param array|\Magento\Framework\DataObject $data Object constructor params to override default config values * @return \Magento\Framework\DataObject */ public function getConfig($data = []) { $config = new \Magento\Framework\DataObject(); $config->setData(['enabled' => $this->isEnabled(), 'hidden' => $this->isHidden(), 'use_container' => false, 'add_variables' => true, 'add_widgets' => true, 'no_display' => false, 'encode_directives' => true, 'baseStaticUrl' => $this->_assetRepo->getStaticViewFileContext()->getBaseUrl(), 'baseStaticDefaultUrl' => str_replace('index.php/', '', $this->_backendUrl->getBaseUrl()) . $this->filesystem->getUri(DirectoryList::STATIC_VIEW) . '/', 'directives_url' => $this->_backendUrl->getUrl('cms/wysiwyg/directive'), 'popup_css' => $this->_assetRepo->getUrl('mage/adminhtml/wysiwyg/tiny_mce/themes/advanced/skins/default/dialog.css'), 'content_css' => $this->_assetRepo->getUrl('mage/adminhtml/wysiwyg/tiny_mce/themes/advanced/skins/default/content.css'), 'width' => '100%', 'height' => '500px', 'plugins' => []]); $config->setData('directives_url_quoted', preg_quote($config->getData('directives_url'))); if ($this->_authorization->isAllowed('Magento_Cms::media_gallery')) { $config->addData(['add_images' => true, 'files_browser_window_url' => $this->_backendUrl->getUrl('cms/wysiwyg_images/index'), 'files_browser_window_width' => $this->_windowSize['width'], 'files_browser_window_height' => $this->_windowSize['height']]); } if (is_array($data)) { $config->addData($data); } if ($config->getData('add_variables')) { $settings = $this->_variableConfig->getWysiwygPluginSettings($config); $config->addData($settings); } if ($config->getData('add_widgets')) { $settings = $this->_widgetConfig->getPluginSettings($config); $config->addData($settings); } return $config; }
/** * Return Wysiwyg config as \Magento\Framework\Object * * Config options description: * * enabled: Enabled Visual Editor or not * hidden: Show Visual Editor on page load or not * use_container: Wrap Editor contents into div or not * no_display: Hide Editor container or not (related to use_container) * translator: Helper to translate phrases in lib * files_browser_*: Files Browser (media, images) settings * encode_directives: Encode template directives with JS or not * * @param array|\Magento\Framework\Object $data Object constructor params to override default config values * @return \Magento\Framework\Object */ public function getConfig($data = array()) { $config = new \Magento\Framework\Object(); $config->setData(array('enabled' => $this->isEnabled(), 'hidden' => $this->isHidden(), 'use_container' => false, 'add_variables' => true, 'add_widgets' => true, 'no_display' => false, 'encode_directives' => true, 'directives_url' => $this->_backendUrl->getUrl('cms/wysiwyg/directive'), 'popup_css' => $this->_assetRepo->getUrl('mage/adminhtml/wysiwyg/tiny_mce/themes/advanced/skins/default/dialog.css'), 'content_css' => $this->_assetRepo->getUrl('mage/adminhtml/wysiwyg/tiny_mce/themes/advanced/skins/default/content.css'), 'width' => '100%', 'plugins' => array())); $config->setData('directives_url_quoted', preg_quote($config->getData('directives_url'))); if ($this->_authorization->isAllowed('Magento_Cms::media_gallery')) { $config->addData(array('add_images' => true, 'files_browser_window_url' => $this->_backendUrl->getUrl('cms/wysiwyg_images/index'), 'files_browser_window_width' => $this->_windowSize['width'], 'files_browser_window_height' => $this->_windowSize['height'])); } if (is_array($data)) { $config->addData($data); } if ($config->getData('add_variables')) { $settings = $this->_variableConfig->getWysiwygPluginSettings($config); $config->addData($settings); } if ($config->getData('add_widgets')) { $settings = $this->_widgetConfig->getPluginSettings($config); $config->addData($settings); } return $config; }
/** * Check whether * * @return bool */ public function isDisplayed() { return $this->_authorization->isAllowed('Magento_Adminhtml::cache') && count($this->_getCacheTypesForRefresh()) > 0; }
/** * {@inheritdoc} */ public function isHidden() { return !$this->_authorization->isAllowed('Magento_Sales::transactions_fetch'); }
/** * Check whether section is allowed for current user * * @return bool */ public function isAllowed() { return isset($this->_data['resource']) ? $this->_authorization->isAllowed($this->_data['resource']) : false; }
/** * Check Permission for Rollback * * @return bool */ public function isRollbackAllowed() { return $this->_authorization->isAllowed('Magento_Backup::rollback'); }
/** * Check whether * * @return bool */ public function isDisplayed() { return $this->_authorization->isAllowed('Magento_Index::index') && $this->_getProcessesForReindex(); }
public function testIsAllowedReturnNegativeValue() { $this->_policyMock->expects($this->once())->method('isAllowed')->will($this->returnValue(false)); $this->assertFalse($this->_model->isAllowed('Magento_Module::acl_resource')); }
/** * Whether permission is granted * * @return bool */ protected function isAllowed() { return $this->authorization->isAllowed('Magento_Catalog::categories'); }
/** * Get no display * * @return bool * @SuppressWarnings(PHPMD.BooleanGetMethodName) */ public function getNoDisplay() { $isNotAllowed = !$this->authorization->isAllowed('Magento_Catalog::categories'); return $this->getData('no_display') || $isNotAllowed; }