1: <?php
  2: /**
  3:  * Magento
  4:  *
  5:  * NOTICE OF LICENSE
  6:  *
  7:  * This source file is subject to the Open Software License (OSL 3.0)
  8:  * that is bundled with this package in the file LICENSE.txt.
  9:  * It is also available through the world-wide-web at this URL:
 10:  * http://opensource.org/licenses/osl-3.0.php
 11:  * If you did not receive a copy of the license and are unable to
 12:  * obtain it through the world-wide-web, please send an email
 13:  * to license@magentocommerce.com so we can send you a copy immediately.
 14:  *
 15:  * DISCLAIMER
 16:  *
 17:  * Do not edit or add to this file if you wish to upgrade Magento to newer
 18:  * versions in the future. If you wish to customize Magento for your
 19:  * needs please refer to http://www.magentocommerce.com for more information.
 20:  *
 21:  * @category    Mage
 22:  * @package     Mage_Api2
 23:  * @copyright   Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
 24:  * @license     http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
 25:  */
 26: 
 27: /**
 28:  * API2 attribute controller
 29:  *
 30:  * @category   Mage
 31:  * @package    Mage_Api2
 32:  * @author     Magento Core Team <core@magentocommerce.com>
 33:  */
 34: class Mage_Api2_Adminhtml_Api2_AttributeController extends Mage_Adminhtml_Controller_Action
 35: {
 36:     /**
 37:      * Show user types grid
 38:      */
 39:     public function indexAction()
 40:     {
 41:         $this->_title($this->__('System'))
 42:              ->_title($this->__('Web Services'))
 43:              ->_title($this->__('REST Attributes'));
 44: 
 45:         $this->loadLayout()->_setActiveMenu('system/services/attributes');
 46: 
 47:         $this->_addBreadcrumb($this->__('Web services'), $this->__('Web services'))
 48:             ->_addBreadcrumb($this->__('REST Attributes'), $this->__('REST Attributes'))
 49:             ->_addBreadcrumb($this->__('Attributes'), $this->__('Attributes'));
 50: 
 51:         $this->renderLayout();
 52:     }
 53: 
 54:     /**
 55:      * Edit role
 56:      */
 57:     public function editAction()
 58:     {
 59:         $this->loadLayout()
 60:             ->_setActiveMenu('system/services/attributes');
 61: 
 62:         $type = $this->getRequest()->getParam('type');
 63: 
 64:         $userTypes = Mage_Api2_Model_Auth_User::getUserTypes();
 65:         if (!isset($userTypes[$type])) {
 66:             $this->_getSession()->addError($this->__('User type "%s" not found.', $type));
 67:             $this->_redirect('*/*/');
 68:             return;
 69:         }
 70: 
 71:         $this->_title($this->__('System'))
 72:             ->_title($this->__('Web Services'))
 73:             ->_title($this->__('REST ACL Attributes'));
 74: 
 75:         $title = $this->__('Edit %s ACL attribute rules', $userTypes[$type]);
 76:         $this->_title($title);
 77:         $this->_addBreadcrumb($title, $title);
 78: 
 79:         $this->renderLayout();
 80:     }
 81: 
 82:     /**
 83:      * Save role
 84:      */
 85:     public function saveAction()
 86:     {
 87:         $request = $this->getRequest();
 88: 
 89:         $type = $request->getParam('type');
 90: 
 91:         if (!$type) {
 92:             $this->_getSession()->addError(
 93:                 $this->__('User type "%s" no longer exists', $type));
 94:             $this->_redirect('*/*/');
 95:             return;
 96:         }
 97: 
 98:         /** @var $session Mage_Adminhtml_Model_Session */
 99:         $session = $this->_getSession();
100: 
101:         try {
102:             /** @var $ruleTree Mage_Api2_Model_Acl_Global_Rule_Tree */
103:             $ruleTree = Mage::getSingleton(
104:                 'api2/acl_global_rule_tree',
105:                 array('type' => Mage_Api2_Model_Acl_Global_Rule_Tree::TYPE_ATTRIBUTE)
106:             );
107: 
108:             /** @var $attribute Mage_Api2_Model_Acl_Filter_Attribute */
109:             $attribute = Mage::getModel('api2/acl_filter_attribute');
110: 
111:             /** @var $collection Mage_Api2_Model_Resource_Acl_Filter_Attribute_Collection */
112:             $collection = $attribute->getCollection();
113:             $collection->addFilterByUserType($type);
114: 
115:             /** @var $model Mage_Api2_Model_Acl_Filter_Attribute */
116:             foreach ($collection as $model) {
117:                 $model->delete();
118:             }
119: 
120:             foreach ($ruleTree->getPostResources() as $resourceId => $operations) {
121:                 if (Mage_Api2_Model_Acl_Global_Rule::RESOURCE_ALL === $resourceId) {
122:                     $attribute->setUserType($type)
123:                         ->setResourceId($resourceId)
124:                         ->save();
125:                 } else {
126:                     foreach ($operations as $operation => $attributes) {
127:                         $attribute->setId(null)
128:                             ->isObjectNew(true);
129: 
130:                         $attribute->setUserType($type)
131:                             ->setResourceId($resourceId)
132:                             ->setOperation($operation)
133:                             ->setAllowedAttributes(implode(',', array_keys($attributes)))
134:                             ->save();
135:                     }
136:                 }
137:             }
138: 
139:             $session->addSuccess($this->__('The attribute rules were saved.'));
140:         } catch (Mage_Core_Exception $e) {
141:             $session->addError($e->getMessage());
142:         } catch (Exception $e) {
143:             $session->addException($e, $this->__('An error occurred while saving attribute rules.'));
144:         }
145: 
146:         $this->_redirect('*/*/edit', array('type' => $type));
147:     }
148: }
149: