CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
_isAllowed example
if (empty($params['categoryId'])) {
$params['categoryId'] = null;
}
if (empty($params['customerGroupId'])) {
$params['customerGroupId'] = null;
}
if (empty($params['languageId'])) {
$params['languageId'] = null;
}
if (!$this->_isAllowed('sqli') && !empty($params['ownFilter'])) {
unset($params['ownFilter']);
}
// Save data of the category tree $params['categories'] = $this->prepareAssociationDataForSaving('categories', Category::class, $params);
// Save data of the supplier filter $params['suppliers'] = $this->prepareAssociationDataForSaving('suppliers', Supplier::class, $params);
// Save data of the article filter $params['articles'] = $this->prepareAssociationDataForSaving('articles', Article::class, $params);
$params['shopIds'] = null;
}
// This was a javascript array // Change it back to the actual db format $params['grouping'] = str_replace(',', '|', $params['grouping']);
// Check whether we create a new site or are updating one // Also, check if we have the necessary rights try {
if (!empty($siteId)) {
if (!$this->_isAllowed('updateSite', 'site')) {
$this->View()->assign(['success' => false, 'message' => 'Permission denied.']);
return;
}
$site = $this->getSiteRepository()->find($siteId);
if (!$site instanceof Site) {
throw new ModelNotFoundException(Site::class, $siteId);
}
} else {
if (!$this->_isAllowed('createSite', 'site')) {
}
// This was a javascript array // Change it back to the actual db format $params['grouping'] = str_replace(',', '|', $params['grouping']);
// Check whether we create a new site or are updating one // Also, check if we have the necessary rights try {
if (!empty($siteId)) {
if (!$this->_isAllowed('updateSite', 'site')) {
$this->View()->assign(['success' => false, 'message' => 'Permission denied.']);
return;
}
$site = $this->getSiteRepository()->find($siteId);
if (!$site instanceof Site) {
throw new ModelNotFoundException(Site::class, $siteId);
}
} else {
if (!$this->_isAllowed('createSite', 'site')) {
/** * Event listener method which fires when the customer order store is loaded. * Returns an array of all customer orders to display them in an Ext.grid.Panel. * Grants by the limit and start parameter a paging for the customer order data. * The filter parameter allows the user a full text search * over the displayed fields. */
public function getOrdersAction()
{
if (!$this->_isAllowed('read', 'order')) {
/** @var Enlight_Components_Snippet_Namespace $namespace */
$namespace = Shopware()->Snippets()->getNamespace('backend/customer');
$this->View()->assign([
'success' => false,
'data' => $this->Request()->getParams(),
'message' => $namespace->get('no_order_rights', 'You do not have sufficient rights to view customer orders.'),
]);
return;
}
class Shopware_Controllers_Backend_CustomerQuickView extends Shopware_Controllers_Backend_Application
{
protected $model = Customer::class;
protected $alias = 'customer';
/** * {@inheritdoc} */
public function deleteAction()
{
if (!$this->_isAllowed('delete', 'customer')) {
throw new Enlight_Controller_Exception('You do not have sufficient rights to delete a customer.', 401);
}
parent::deleteAction();
}
/** * {@inheritdoc} */
public function save($data)
{
if (!$this->_isAllowed('save', 'customer')) {
{
protected $model = Customer::class;
protected $alias = 'customer';
/** * {@inheritdoc} */
public function deleteAction()
{
if (!$this->_isAllowed('delete', 'customer')) {
throw new Enlight_Controller_Exception('You do not have sufficient rights to delete a customer.', 401);
}
parent::deleteAction();
}
/** * {@inheritdoc} */
public function save($data)
{
if (!$this->_isAllowed('save', 'customer')) {
/**
* Creates a new voucher with the passed values
*
* @return void
*/
public function saveVoucherAction()
{
$params = $this->Request()->getParams();
$voucherId = empty($params['voucherID']) ? $params['id'] ?? null : $params['voucherID'];
if (!empty($voucherId)) {
if (!$this->_isAllowed('update', 'voucher')) {
return;
}
// edit voucher $voucher = $this->getVoucherRepository()->find($voucherId);
if (!$voucher instanceof Voucher) {
throw new ModelNotFoundException(Voucher::class, $voucherId);
}
} else {
if (!$this->_isAllowed('create', 'voucher')) {
return;
}
public function saveVoucherAction()
{
$params = $this->Request()->getParams();
$voucherId = empty($params['voucherID']) ? $params['id'] ?? null : $params['voucherID'];
if (!empty($voucherId)) {
if (!$this->_isAllowed('update', 'voucher')) {
return;
}
// edit voucher $voucher = $this->getVoucherRepository()->find($voucherId);
if (!$voucher instanceof Voucher) {
throw new ModelNotFoundException(Voucher::class, $voucherId);
}
} else {
if (!$this->_isAllowed('create', 'voucher')) {
return;
}
'data' => $previewData,
]);
}
/** * @throws Enlight_Controller_Exception * * @return void */
public function loadPresetAction()
{
if (!$this->_isAllowed('save', 'emotion')) {
throw new Enlight_Controller_Exception('You do not have sufficient rights to load a preset.', 401);
}
$id = $this->Request()->getParam('id');
if (!$id) {
$this->View()->assign([
'success' => false,
]);
return;
}
]);
}
/** * @throws Enlight_Controller_Exception * * @return void */
public function loadPresetAction()
{
if (!$this->_isAllowed('save', 'emotion')) {
throw new Enlight_Controller_Exception('You do not have sufficient rights to load a preset.', 401);
}
$id = $this->Request()->getParam('id');
if (!$id) {
$this->View()->assign([
'success' => false,
]);
return;
}
if (!empty($params['bindTimeTo'])) {
$bindTimeTo = new Zend_Date();
$bindTimeTo->set((string) $params['bindTimeTo'], Zend_Date::TIME_SHORT);
$bindTimeTo = (int) $bindTimeTo->get(Zend_Date::MINUTE) * 60 + (int) $bindTimeTo->get(Zend_Date::HOUR) * 60 * 60;
$params['bindTimeTo'] = $bindTimeTo;
} else {
$params['bindTimeTo'] = null;
}
if (!$this->_isAllowed('sql_rule', 'shipping')) {
unset($params['calculationSql'], $params['bindSql']);
}
// Convert params to model $dispatchModel->fromArray($params);
// Convert the payment array to the payment model foreach ($payments as $paymentMethod) {
if (empty($paymentMethod['id'])) {
continue;
}
public function getUserDetailsAction()
{
$params = $this->Request()->getParams();
$id = $params['id'];
if (empty($id)) {
throw new Enlight_Exception('Empty id given');
}
$data = $this->getUserRepository()
->getUserDetailQuery($id)
->getOneOrNullResult(AbstractQuery::HYDRATE_ARRAY);
if (!$this->_isAllowed('create') && !$this->_isAllowed('update')) {
unset($data['apiKey'], $data['sessionId']);
}
unset($data['password']); // Do not send password hash to client $this->View()->assign(['success' => true, 'data' => $data, 'total' => 1]);
}
/** * Get a list of all backend users * Returns a JSON string from all registered backend users */
{
$params = $this->Request()->getParams();
$id = $params['id'];
if (empty($id)) {
throw new Enlight_Exception('Empty id given');
}
$data = $this->getUserRepository()
->getUserDetailQuery($id)
->getOneOrNullResult(AbstractQuery::HYDRATE_ARRAY);
if (!$this->_isAllowed('create') && !$this->_isAllowed('update')) {
unset($data['apiKey'], $data['sessionId']);
}
unset($data['password']); // Do not send password hash to client $this->View()->assign(['success' => true, 'data' => $data, 'total' => 1]);
}
/** * Get a list of all backend users * Returns a JSON string from all registered backend users */
->leftJoin('widget.plugin', 'plugin')
->orderBy('view.position')
->where('widget.plugin IS NULL OR plugin.active = 1')
->setParameter(1, $userID);
$data = $builder->getQuery()->getArrayResult();
$snippets = $this->get('snippets')->getNamespace('backend/widget/labels');
$widgets = [];
foreach ($data as &$widgetData) {
if (!$this->_isAllowed($widgetData['name'], 'widgets')) {
continue;
}
// fallback: translation -> name $widgetData['label'] = $snippets->get($widgetData['name'], $widgetData['name']);
$widgets[] = $widgetData;
}
$this->View()->assign(['success' => !empty($data), 'authId' => $userID, 'data' => $widgets]);
}
->orderBy('view.position')
->where('widget.plugin IS NULL OR plugin.active = 1')
->setParameter(1, $userID);
$data = $builder->getQuery()->getArrayResult();
$snippets = $this->get('snippets')->getNamespace('backend/widget/labels');
$widgets = [];
foreach ($data as &$widgetData) {
if (!$this->_isAllowed($widgetData['name'], 'widgets')) {
continue;
}
// fallback: translation -> name $widgetData['label'] = $snippets->get($widgetData['name'], $widgetData['name']);
$widgets[] = $widgetData;
}
$this->View()->assign(['success' => !empty($data), 'authId' => $userID, 'data' => $widgets]);
}
$tmpId = $this->Request()->get('id');
$id = null;
// Collecting form data if (!empty($tmpId)) {
$id = (int) $tmpId;
} else {
$createMode = true;
}
unset($tmpId);
// Check if we are allowed to create a new db entry if (!$this->_isAllowed('create') && $createMode) {
$this->View()->assign([
'success' => false,
'data' => $this->namespace->get('no_create_rights', 'Create access denied.'), ]);
}
// Check if we are allowed to update a db entry if (!$this->_isAllowed('update')) {
$this->View()->assign([
'success' => false,
'errorMsg' => $this->namespace->get('no_update_rights', 'Update access denied.'), ]);
}
$id = null;
// Collecting form data if (!empty($tmpId)) {
$id = (int) $tmpId;
} else {
$createMode = true;
}
unset($tmpId);
// Check if we are allowed to create a new db entry if (!$this->_isAllowed('create') && $createMode) {
$this->View()->assign([
'success' => false,
'data' => $this->namespace->get('no_create_rights', 'Create access denied.'), ]);
}
// Check if we are allowed to update a db entry if (!$this->_isAllowed('update')) {
$this->View()->assign([
'success' => false,
'errorMsg' => $this->namespace->get('no_update_rights', 'Update access denied.'), ]);
}
$term = preg_replace('/[^\\w0-9]+/u', ' ', $term);
$term = trim((string) preg_replace('/\s+/', '%', $term), '%');
if ($term === '') {
return;
}
$search = $this->container->get(GlobalSearch::class);
$result = $search->search($term);
if (!$this->_isAllowed('read', 'article')) {
$result['articles'] = [];
}
if (!$this->_isAllowed('read', 'customer')) {
$result['customers'] = [];
}
if (!$this->_isAllowed('read', 'order')) {
$result['orders'] = [];
}
$term = trim((string) preg_replace('/\s+/', '%', $term), '%');
if ($term === '') {
return;
}
$search = $this->container->get(GlobalSearch::class);
$result = $search->search($term);
if (!$this->_isAllowed('read', 'article')) {
$result['articles'] = [];
}
if (!$this->_isAllowed('read', 'customer')) {
$result['customers'] = [];
}
if (!$this->_isAllowed('read', 'order')) {
$result['orders'] = [];
}