1: <?php
  2: /**
  3:  * Magento
  4:  *
  5:  * NOTICE OF LICENSE
  6:  *
  7:  * This source file is subject to the Open Software License (OSL 3.0)
  8:  * that is bundled with this package in the file LICENSE.txt.
  9:  * It is also available through the world-wide-web at this URL:
 10:  * http://opensource.org/licenses/osl-3.0.php
 11:  * If you did not receive a copy of the license and are unable to
 12:  * obtain it through the world-wide-web, please send an email
 13:  * to license@magentocommerce.com so we can send you a copy immediately.
 14:  *
 15:  * DISCLAIMER
 16:  *
 17:  * Do not edit or add to this file if you wish to upgrade Magento to newer
 18:  * versions in the future. If you wish to customize Magento for your
 19:  * needs please refer to http://www.magentocommerce.com for more information.
 20:  *
 21:  * @category    Mage
 22:  * @package     Mage_Oauth
 23:  * @copyright   Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
 24:  * @license     http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
 25:  */
 26: 
 27: /**
 28:  * Manage authorized tokens controller
 29:  *
 30:  * @category    Mage
 31:  * @package     Mage_Oauth
 32:  * @author      Magento Core Team <core@magentocommerce.com>
 33:  */
 34: class Mage_Oauth_Adminhtml_Oauth_AuthorizedTokensController extends Mage_Adminhtml_Controller_Action
 35: {
 36:     /**
 37:      * Init titles
 38:      *
 39:      * @return Mage_Oauth_Adminhtml_Oauth_AuthorizedTokensController
 40:      */
 41:     public function preDispatch()
 42:     {
 43:         $this->_title($this->__('System'))
 44:                 ->_title($this->__('OAuth'))
 45:                 ->_title($this->__('Authorized Tokens'));
 46:         parent::preDispatch();
 47:         return $this;
 48:     }
 49: 
 50:     /**
 51:      * Render grid page
 52:      */
 53:     public function indexAction()
 54:     {
 55:         $this->loadLayout()->_setActiveMenu('system/oauth');
 56:         $this->renderLayout();
 57:     }
 58: 
 59:     /**
 60:      * Render grid AJAX request
 61:      */
 62:     public function gridAction()
 63:     {
 64:         $this->loadLayout();
 65:         $this->renderLayout();
 66:     }
 67: 
 68:     /**
 69:      * Update revoke status action
 70:      */
 71:     public function revokeAction()
 72:     {
 73:         $ids = $this->getRequest()->getParam('items');
 74:         $status = $this->getRequest()->getParam('status');
 75: 
 76:         if (!is_array($ids) || !$ids) {
 77:             // No rows selected
 78:             $this->_getSession()->addError($this->__('Please select needed row(s).'));
 79:             $this->_redirect('*/*/index');
 80:             return;
 81:         }
 82: 
 83:         if (null === $status) {
 84:             // No status selected
 85:             $this->_getSession()->addError($this->__('Please select revoke status.'));
 86:             $this->_redirect('*/*/index');
 87:             return;
 88:         }
 89: 
 90:         try {
 91:             /** @var $collection Mage_Oauth_Model_Resource_Token_Collection */
 92:             $collection = Mage::getModel('oauth/token')->getCollection();
 93:             $collection->joinConsumerAsApplication()
 94:                     ->addFilterByType(Mage_Oauth_Model_Token::TYPE_ACCESS)
 95:                     ->addFilterById($ids)
 96:                     ->addFilterByRevoked(!$status);
 97: 
 98:             /** @var $item Mage_Oauth_Model_Token */
 99:             foreach ($collection as $item) {
100:                 $item->load($item->getId());
101:                 $item->setRevoked($status)->save();
102: 
103:                 $this->_sendTokenStatusChangeNotification($item, $status ? $this->__('revoked') : $this->__('enabled'));
104:             }
105:             if ($status) {
106:                 $message = $this->__('Selected entries revoked.');
107:             } else {
108:                 $message = $this->__('Selected entries enabled.');
109:             }
110:             $this->_getSession()->addSuccess($message);
111:         } catch (Mage_Core_Exception $e) {
112:             $this->_getSession()->addError($e->getMessage());
113:         } catch (Exception $e) {
114:             $this->_getSession()->addError($this->__('An error occurred on update revoke status.'));
115:             Mage::logException($e);
116:         }
117:         $this->_redirect('*/*/index');
118:     }
119: 
120:     /**
121:      * Delete action
122:      */
123:     public function deleteAction()
124:     {
125:         $ids = $this->getRequest()->getParam('items');
126: 
127:         if (!is_array($ids) || !$ids) {
128:             // No rows selected
129:             $this->_getSession()->addError($this->__('Please select needed row(s).'));
130:             $this->_redirect('*/*/index');
131:             return;
132:         }
133: 
134:         try {
135:             /** @var $collection Mage_Oauth_Model_Resource_Token_Collection */
136:             $collection = Mage::getModel('oauth/token')->getCollection();
137:             $collection->joinConsumerAsApplication()
138:                     ->addFilterByType(Mage_Oauth_Model_Token::TYPE_ACCESS)
139:                     ->addFilterById($ids);
140: 
141:             /** @var $item Mage_Oauth_Model_Token */
142:             foreach ($collection as $item) {
143:                 $item->delete();
144: 
145:                 $this->_sendTokenStatusChangeNotification($item, $this->__('deleted'));
146:             }
147:             $this->_getSession()->addSuccess($this->__('Selected entries has been deleted.'));
148:         } catch (Mage_Core_Exception $e) {
149:             $this->_getSession()->addError($e->getMessage());
150:         } catch (Exception $e) {
151:             $this->_getSession()->addError($this->__('An error occurred on delete action.'));
152:             Mage::logException($e);
153:         }
154:         $this->_redirect('*/*/index');
155:     }
156: 
157:     /**
158:      * Check admin permissions for this controller
159:      *
160:      * @return boolean
161:      */
162:     protected function _isAllowed()
163:     {
164:         /** @var $session Mage_Admin_Model_Session */
165:         $session = Mage::getSingleton('admin/session');
166:         return $session->isAllowed('system/oauth/authorizedTokens');
167:     }
168: 
169:     /**
170:      * Send email notification to user about token status change
171:      *
172:      * @param Mage_Oauth_Model_Token $token Token object
173:      * @param string $newStatus Name of new token status
174:      */
175:     protected function _sendTokenStatusChangeNotification($token, $newStatus)
176:     {
177:         if (($adminId = $token->getAdminId())) {
178:             /** @var $session Mage_Admin_Model_Session */
179:             $session = Mage::getSingleton('admin/session');
180: 
181:             /** @var $admin Mage_Admin_Model_User */
182:             $admin = $session->getUser();
183: 
184:             if ($admin->getId() == $adminId) { // skip own tokens
185:                 return;
186:             }
187:             $email = $admin->getEmail();
188:             $name  = $admin->getName(' ');
189:         } else {
190:             /** @var $customer Mage_Customer_Model_Customer */
191:             $customer = Mage::getModel('customer/customer');
192: 
193:             $customer->load($token->getCustomerId());
194: 
195:             $email = $customer->getEmail();
196:             $name  = $customer->getName();
197:         }
198:         /** @var $helper Mage_Oauth_Helper_Data */
199:         $helper = Mage::helper('oauth');
200: 
201:         $helper->sendNotificationOnTokenStatusChange($email, $name, $token->getConsumer()->getName(), $newStatus);
202:     }
203: }
204: