1: <?php
2: /**
3: * Magento
4: *
5: * NOTICE OF LICENSE
6: *
7: * This source file is subject to the Open Software License (OSL 3.0)
8: * that is bundled with this package in the file LICENSE.txt.
9: * It is also available through the world-wide-web at this URL:
10: * http://opensource.org/licenses/osl-3.0.php
11: * If you did not receive a copy of the license and are unable to
12: * obtain it through the world-wide-web, please send an email
13: * to license@magentocommerce.com so we can send you a copy immediately.
14: *
15: * DISCLAIMER
16: *
17: * Do not edit or add to this file if you wish to upgrade Magento to newer
18: * versions in the future. If you wish to customize Magento for your
19: * needs please refer to http://www.magentocommerce.com for more information.
20: *
21: * @category Mage
22: * @package Mage_Oauth
23: * @copyright Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
24: * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
25: */
26:
27: /**
28: * Manage "My Applications" controller
29: *
30: * Applications for logged admin user
31: *
32: * @category Mage
33: * @package Mage_Oauth
34: * @author Magento Core Team <core@magentocommerce.com>
35: */
36: class Mage_Oauth_Adminhtml_Oauth_Admin_TokenController extends Mage_Adminhtml_Controller_Action
37: {
38: /**
39: * Init titles
40: *
41: * @return Mage_Oauth_Adminhtml_Oauth_Admin_TokenController
42: */
43: public function preDispatch()
44: {
45: $this->_title($this->__('System'))
46: ->_title($this->__('Permissions'))
47: ->_title($this->__('My Applications'));
48: parent::preDispatch();
49: return $this;
50: }
51:
52: /**
53: * Render grid page
54: */
55: public function indexAction()
56: {
57: $this->loadLayout();
58: $this->renderLayout();
59: }
60:
61: /**
62: * Render grid AJAX request
63: */
64: public function gridAction()
65: {
66: $this->loadLayout();
67: $this->renderLayout();
68: }
69:
70: /**
71: * Update revoke status action
72: */
73: public function revokeAction()
74: {
75: $ids = $this->getRequest()->getParam('items');
76: $status = $this->getRequest()->getParam('status');
77:
78: if (!is_array($ids) || !$ids) {
79: // No rows selected
80: $this->_getSession()->addError($this->__('Please select needed row(s).'));
81: $this->_redirect('*/*/index');
82: return;
83: }
84:
85: if (null === $status) {
86: // No status selected
87: $this->_getSession()->addError($this->__('Please select revoke status.'));
88: $this->_redirect('*/*/index');
89: return;
90: }
91:
92: try {
93: /** @var $user Mage_Admin_Model_User */
94: $user = Mage::getSingleton('admin/session')->getData('user');
95:
96: /** @var $collection Mage_Oauth_Model_Resource_Token_Collection */
97: $collection = Mage::getModel('oauth/token')->getCollection();
98: $collection->joinConsumerAsApplication()
99: ->addFilterByAdminId($user->getId())
100: ->addFilterByType(Mage_Oauth_Model_Token::TYPE_ACCESS)
101: ->addFilterById($ids)
102: ->addFilterByRevoked(!$status);
103:
104: /** @var $item Mage_Oauth_Model_Token */
105: foreach ($collection as $item) {
106: $item->load($item->getId());
107: $item->setRevoked($status)->save();
108: }
109: if ($status) {
110: $message = $this->__('Selected entries revoked.');
111: } else {
112: $message = $this->__('Selected entries enabled.');
113: }
114: $this->_getSession()->addSuccess($message);
115: } catch (Mage_Core_Exception $e) {
116: $this->_getSession()->addError($e->getMessage());
117: } catch (Exception $e) {
118: $this->_getSession()->addError($this->__('An error occurred on update revoke status.'));
119: Mage::logException($e);
120: }
121: $this->_redirect('*/*/index');
122: }
123:
124: /**
125: * Delete action
126: */
127: public function deleteAction()
128: {
129: $ids = $this->getRequest()->getParam('items');
130:
131: if (!is_array($ids) || !$ids) {
132: // No rows selected
133: $this->_getSession()->addError($this->__('Please select needed row(s).'));
134: $this->_redirect('*/*/index');
135: return;
136: }
137:
138: try {
139: /** @var $user Mage_Admin_Model_User */
140: $user = Mage::getSingleton('admin/session')->getData('user');
141:
142: /** @var $collection Mage_Oauth_Model_Resource_Token_Collection */
143: $collection = Mage::getModel('oauth/token')->getCollection();
144: $collection->joinConsumerAsApplication()
145: ->addFilterByAdminId($user->getId())
146: ->addFilterByType(Mage_Oauth_Model_Token::TYPE_ACCESS)
147: ->addFilterById($ids);
148:
149: /** @var $item Mage_Oauth_Model_Token */
150: foreach ($collection as $item) {
151: $item->delete();
152: }
153: $this->_getSession()->addSuccess($this->__('Selected entries has been deleted.'));
154: } catch (Mage_Core_Exception $e) {
155: $this->_getSession()->addError($e->getMessage());
156: } catch (Exception $e) {
157: $this->_getSession()->addError($this->__('An error occurred on delete action.'));
158: Mage::logException($e);
159: }
160: $this->_redirect('*/*/index');
161: }
162:
163: /**
164: * Check admin permissions for this controller
165: *
166: * @return boolean
167: */
168: protected function _isAllowed()
169: {
170: /** @var $session Mage_Admin_Model_Session */
171: $session = Mage::getSingleton('admin/session');
172: return $session->isAllowed('system/acl/admin_token');
173: }
174: }
175: