mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-17 15:03:25 +00:00
Add firewalls
This commit is contained in:
Romain Neutron
@@ -26,7 +26,8 @@ class Collection implements ControllerProviderInterface
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireRightOnBase($app['request']->attributes->get('bas_id'), 'canadmin');
|
||||
$app['firewall']->requireAccessToModule('admin')
|
||||
->requireRightOnBase($app['request']->attributes->get('bas_id'), 'canadmin');
|
||||
});
|
||||
|
||||
/**
|
||||
|
||||
@@ -30,7 +30,7 @@ class Databoxes implements ControllerProviderInterface
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAdmin();
|
||||
$app['firewall']->requireAccessToModule('admin');
|
||||
});
|
||||
|
||||
|
||||
@@ -65,7 +65,10 @@ class Databoxes implements ControllerProviderInterface
|
||||
* return : Redirect Response
|
||||
*/
|
||||
$controllers->post('/', $this->call('createDatabase'))
|
||||
->bind('admin_database_new');
|
||||
->bind('admin_database_new')
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAdmin();
|
||||
});
|
||||
|
||||
/**
|
||||
* Mount a database
|
||||
@@ -81,7 +84,10 @@ class Databoxes implements ControllerProviderInterface
|
||||
* return : Redirect Response
|
||||
*/
|
||||
$controllers->post('/mount/', $this->call('databaseMount'))
|
||||
->bind('admin_database_mount');
|
||||
->bind('admin_database_mount')
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAdmin();
|
||||
});
|
||||
|
||||
/**
|
||||
* Upgrade all databases
|
||||
@@ -97,7 +103,10 @@ class Databoxes implements ControllerProviderInterface
|
||||
* return : Redirect Response
|
||||
*/
|
||||
$controllers->post('/upgrade/', $this->call('databasesUpgrade'))
|
||||
->bind('admin_databases_upgrade');
|
||||
->bind('admin_databases_upgrade')
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAdmin();
|
||||
});
|
||||
|
||||
return $controllers;
|
||||
}
|
||||
@@ -111,11 +120,7 @@ class Databoxes implements ControllerProviderInterface
|
||||
*/
|
||||
public function getDatabases(Application $app, Request $request)
|
||||
{
|
||||
$createBase = $mountBase = $upgradeAvailable = false;
|
||||
|
||||
if ($app['phraseanet.appbox']->upgradeavailable()) {
|
||||
$upgradeAvailable = true;
|
||||
}
|
||||
$createBase = $mountBase = false;
|
||||
|
||||
$sbasIds = array_merge(
|
||||
array_keys($app['phraseanet.user']->ACL()->get_granted_sbas(array('bas_manage')))
|
||||
@@ -133,9 +138,6 @@ class Databoxes implements ControllerProviderInterface
|
||||
|
||||
try {
|
||||
$databox = $app['phraseanet.appbox']->get_databox($sbasId);
|
||||
if ($databox->upgradeavailable()) {
|
||||
$upgradeAvailable = true;
|
||||
}
|
||||
|
||||
$sbas[$sbasId] = array(
|
||||
'version' => $databox->get_version(),
|
||||
@@ -183,7 +185,6 @@ class Databoxes implements ControllerProviderInterface
|
||||
return $app['twig']->render('admin/databases.html.twig', array(
|
||||
'files' => new \DirectoryIterator($app['phraseanet.registry']->get('GV_RootPath') . 'lib/conf.d/data_templates'),
|
||||
'sbas' => $sbas,
|
||||
'upgrade_available' => $upgradeAvailable,
|
||||
'error_msg' => $errorMsg,
|
||||
'recommendations' => $upgrader->getRecommendations(),
|
||||
'advices' => $request->query->get('advices', array()),
|
||||
|
||||
@@ -30,23 +30,18 @@ class Description implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAccessToModule('admin')
|
||||
->requireRightOnSbas($request->attributes->get('sbas_id'), 'bas_modify_struct');
|
||||
});
|
||||
|
||||
$controllers->get('/metadatas/search/', $this->call('metadataTypeAhead'));
|
||||
|
||||
$controllers->post('/{sbas_id}/', $this->call('updateDataboxStructure'))
|
||||
->before(function(Request $request) use ($app) {
|
||||
if (false === $app['phraseanet.user']->ACL()
|
||||
->has_right_on_sbas($request->attributes->get('sbas_id'), 'bas_modify_struct')) {
|
||||
throw new AccessDeniedHttpException('You are not allowed to access this zone');
|
||||
}
|
||||
})->assert('sbas_id', '\d+');
|
||||
->assert('sbas_id', '\d+');
|
||||
|
||||
$controllers->get('/{sbas_id}/', $this->call('getDataboxStructure'))
|
||||
->before(function(Request $request) use ($app) {
|
||||
if (false === $app['phraseanet.user']->ACL()
|
||||
->has_right_on_sbas($request->attributes->get('sbas_id'), 'bas_modify_struct')) {
|
||||
throw new AccessDeniedHttpException('You are not allowed to access this zone');
|
||||
}
|
||||
})->assert('sbas_id', '\d+');
|
||||
->assert('sbas_id', '\d+');
|
||||
|
||||
return $controllers;
|
||||
}
|
||||
|
||||
@@ -28,6 +28,10 @@ class Fields implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAccessToModule('admin');
|
||||
});
|
||||
|
||||
$controllers->get('/checkmulti/', function(PhraseaApplication $app, Request $request) {
|
||||
$multi = ($request->query->get('multi') === 'true');
|
||||
|
||||
|
||||
@@ -28,6 +28,13 @@ class Publications implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
/**
|
||||
* TODO NEUTRON verifier correlation avec tree
|
||||
*/
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAccessToModule('admin');
|
||||
});
|
||||
|
||||
$controllers->get('/list/', function(PhraseaApplication $app) {
|
||||
|
||||
$feeds = \Feed_Collection::load_all(
|
||||
|
||||
@@ -28,6 +28,11 @@ class Subdefs implements ControllerProviderInterface
|
||||
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAccessToModule('admin')
|
||||
->requireRightOnSbas($request->attributes->get('sbas_id'), 'bas_modify_struct');
|
||||
});
|
||||
|
||||
$controllers->get('/{sbas_id}/', function(Application $app, $sbas_id) {
|
||||
$databox = $app['phraseanet.appbox']->get_databox((int) $sbas_id);
|
||||
|
||||
|
||||
@@ -24,6 +24,10 @@ class TaskManager implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAdmin();
|
||||
});
|
||||
|
||||
$controllers->get('/', function(Application $app, Request $request) {
|
||||
return $app->redirect('/admin/task-manager/tasks/');
|
||||
});
|
||||
|
||||
@@ -29,6 +29,11 @@ class Users implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAccessToModule('admin')
|
||||
->requireRight('manageusers');
|
||||
});
|
||||
|
||||
$controllers->post('/rights/', function(Application $app) {
|
||||
$rights = new UserHelper\Edit($app, $app['request']);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user