From 09add35c57acad9632a75223154c59e4f59e22e1 Mon Sep 17 00:00:00 2001 From: Andrey Kutejko Date: Sun, 4 Jan 2015 01:37:46 +0200 Subject: [PATCH] isolate component related methods --- ipf/admin/app.php | 31 ---------------------------- ipf/admin/component.php | 14 ++++++++++++- ipf/admin/controllers/components.php | 12 ++++++++++- 3 files changed, 24 insertions(+), 33 deletions(-) diff --git a/ipf/admin/app.php b/ipf/admin/app.php index 2b2e9c5..69a8b87 100644 --- a/ipf/admin/app.php +++ b/ipf/admin/app.php @@ -106,37 +106,6 @@ class IPF_Admin_App extends IPF_Application throw new IPF_Admin_LoginRequired; } - public static function isAccessible($request, $component, $requiredPermissions) - { - if (count(array_diff($requiredPermissions, $component->getPerms($request)))) - return false; - - if ($request->user->is_superuser || !\PFF\Container::auth()->arePermissionsEnabled()) - return true; - - $authPermissions = F::bind('array_map', - F::bind('sprintf', '%s|%s|%s', $component->app->slug(), $component->slug(), P::p()), - P::p()) - ->call($requiredPermissions); - - return $request->user->can($authPermissions); - } - - public static function getComponent($request, $requiredPermissions) - { - self::ensureUserIsStaff($request); - - $component = self::getComponentBySlugs($request->params[1], $request->params[2]); - if (!$component) - throw new IPF_HTTP_Error404; - - if (!IPF_Admin_App::isAccessible($request, $component, $requiredPermissions)) - throw new IPF_Admin_AccessDenied; - - $component->request = $request; - return $component; - } - public static function getApplicationBySlug($slug) { foreach (IPF_Project::getInstance()->appList() as $app) diff --git a/ipf/admin/component.php b/ipf/admin/component.php index 48b47a5..69fcd19 100644 --- a/ipf/admin/component.php +++ b/ipf/admin/component.php @@ -39,7 +39,19 @@ abstract class IPF_Admin_Component $request = $this->request; if (!$request) throw new IPF_Exception('No request.'); - return IPF_Admin_App::isAccessible($request, $this, $what); + + if (count(array_diff($what, $this->getPerms($request)))) + return false; + + if ($request->user->is_superuser || !\PFF\Container::auth()->arePermissionsEnabled()) + return true; + + $authPermissions = F::bind('array_map', + F::bind('sprintf', '%s|%s|%s', $this->app->slug(), $this->slug(), P::p()), + P::p()) + ->call($what); + + return $request->user->can($authPermissions); } protected function context($request) diff --git a/ipf/admin/controllers/components.php b/ipf/admin/controllers/components.php index 8bb39de..4d80bfb 100644 --- a/ipf/admin/controllers/components.php +++ b/ipf/admin/controllers/components.php @@ -63,7 +63,17 @@ class IPF_Admin_Controller extends IPF_Admin_Base_Controller protected function getComponent($requiredPermissions) { - return \PFF\Container::admin()->getComponent($this->request, $requiredPermissions); + IPF_Admin_App::ensureUserIsStaff($this->request); + + $component = IPF_Admin_App::getComponentBySlugs($this->request->params[1], $this->request->params[2]); + if (!$component) + throw new IPF_HTTP_Error404; + + if (!$component->isAccessible($requiredPermissions, $this->request)) + throw new IPF_Admin_AccessDenied; + + $component->request = $this->request; + return $component; } } -- 2.49.0