Refactor assigning role to admin user

OpenMage · Jan 3, 2023 · d0d3b1f · d0d3b1f
1 parent a264cde
commit d0d3b1f
Show file tree

Hide file tree

Showing 4 changed files with 93 additions and 99 deletions.
diff --git a/app/code/core/Mage/Admin/Model/Resource/User.php b/app/code/core/Mage/Admin/Model/Resource/User.php
@@ -211,56 +211,54 @@ public function delete(Mage_Core_Model_Abstract $user)
     }
 
     /**
-     * TODO: unify _saveRelations() and add() methods, they make same things
+     * Save admin user role
      *
      * @param Mage_Core_Model_Abstract|Mage_Admin_Model_User $user
-     * @return $this|Mage_Core_Model_Abstract
+     * @return $this
      */
     public function _saveRelations(Mage_Core_Model_Abstract $user)
     {
-        $rolesIds = $user->getRoleIds();
-        if (!is_array($rolesIds) || count($rolesIds) == 0) {
-            return $user;
+        $roleId = $user->getRoleId();
+        if (!$roleId) {
+            return $this;
         }
 
         $adapter = $this->_getWriteAdapter();
         $adapter->beginTransaction();
 
         try {
-            $conditions = [
-                'user_id = ?' => (int) $user->getId(),
-            ];
-
-            $adapter->delete($this->getTable('admin/role'), $conditions);
-            foreach ($rolesIds as $rid) {
-                $rid = (int) $rid;
-                if ($rid > 0) {
-                    $role = Mage::getModel('admin/role')->load($rid);
-                } else {
-                    $role = new Varien_Object(['tree_level' => 0]);
-                }
-
-                $data = new Varien_Object([
-                    'parent_id'  => $rid,
-                    'tree_level' => $role->getTreeLevel() + 1,
-                    'sort_order' => 0,
-                    'role_type'  => Mage_Admin_Model_Acl::ROLE_TYPE_USER,
-                    'user_id'    => $user->getId(),
-                    'role_name'  => $user->getFirstname()
-                ]);
-
-                $insertData = $this->_prepareDataForTable($data, $this->getTable('admin/role'));
-                $adapter->insert($this->getTable('admin/role'), $insertData);
+            $role = Mage::getModel('admin/role')->load($roleId);
+
+            $data = new Varien_Object([
+                'parent_id'  => $roleId,
+                'tree_level' => (int)$role->getTreeLevel() + 1,
+                'sort_order' => 0,
+                'role_type'  => Mage_Admin_Model_Acl::ROLE_TYPE_USER,
+                'user_id'    => $user->getId(),
+                'role_name'  => $user->getFirstname()
+            ]);
+
+            $select = $adapter->select()
+                ->from($this->getTable('admin/role'))
+                ->where('user_id = ?', $user->getId());
+
+            $preparedData = $this->_prepareDataForTable($data, $this->getTable('admin/role'));
+
+            if ($adapter->fetchOne($select) === false) {
+                $adapter->insert($this->getTable('admin/role'), $preparedData);
+            } else {
+                $adapter->update(
+                    $this->getTable('admin/role'),
+                    $preparedData,
+                    ['user_id = ?' => $user->getId()]
+                );
             }
 
             if ($user->getId() > 0) {
                 // reload acl on next user http request
                 $this->saveReloadAclFlag($user, 1);
             }
             $adapter->commit();
-        } catch (Mage_Core_Exception $e) {
-            $adapter->rollBack();
-            throw $e;
         } catch (Exception $e) {
             $adapter->rollBack();
             throw $e;

diff --git a/app/code/core/Mage/Adminhtml/Block/Permissions/User/Edit/Tab/Roles.php b/app/code/core/Mage/Adminhtml/Block/Permissions/User/Edit/Tab/Roles.php
@@ -71,19 +71,12 @@ protected function _prepareColumns()
             'header_css_class' => 'a-center',
             'header'    => Mage::helper('adminhtml')->__('Assigned'),
             'type'      => 'radio',
-            'html_name' => 'roles[]',
+            'html_name' => 'role',
             'values'    => $this->_getSelectedRoles(),
             'align'     => 'center',
             'index'     => 'role_id'
         ]);
 
-        /*$this->addColumn('role_id', array(
-            'header'    =>Mage::helper('adminhtml')->__('Role ID'),
-            'index'     =>'role_id',
-            'align'     => 'right',
-            'width'    => '50px'
-        ));*/
-
         $this->addColumn('role_name', [
             'header'    => Mage::helper('adminhtml')->__('Role Name'),
             'index'     => 'role_name'

diff --git a/app/code/core/Mage/Adminhtml/controllers/Permissions/UserController.php b/app/code/core/Mage/Adminhtml/controllers/Permissions/UserController.php
@@ -114,73 +114,76 @@ public function editAction()
 
     public function saveAction()
     {
-        if ($data = $this->getRequest()->getPost()) {
-            $id = $this->getRequest()->getParam('user_id');
-            $model = Mage::getModel('admin/user')->load($id);
-            // @var $isNew flag for detecting new admin user creation.
-            $isNew = !$model->getId() ? true : false;
-            if (!$model->getId() && $id) {
-                Mage::getSingleton('adminhtml/session')->addError($this->__('This user no longer exists.'));
-                $this->_redirect('*/*/');
-                return;
-            }
+        $data = $this->getRequest()->getPost();
 
-            //Validate current admin password
-            $currentPassword = $this->getRequest()->getParam('current_password', null);
-            $this->getRequest()->setParam('current_password', null);
-            unset($data['current_password']);
-            $result = $this->_validateCurrentPassword($currentPassword);
+        if (!$data) {
+            $this->_redirect('*/*/');
+            return;
+        }
 
-            $model->setData($data);
+        $id = $this->getRequest()->getParam('user_id');
+        $role = $this->getRequest()->getParam('role');
 
-            /*
-             * Unsetting new password and password confirmation if they are blank
-             */
-            if ($model->hasNewPassword() && $model->getNewPassword() === '') {
-                $model->unsNewPassword();
-            }
-            if ($model->hasPasswordConfirmation() && $model->getPasswordConfirmation() === '') {
-                $model->unsPasswordConfirmation();
-            }
+        $user = Mage::getModel('admin/user')->load($id);
+        $isNew = $user->isObjectNew();
+
+        if ($id && !$user->getId()) {
+            $this->_getSession()->addError($this->__('This user no longer exists.'));
+            $this->_redirect('*/*/');
+            return;
+        }
+
+        $currentPassword = $this->getRequest()->getParam('current_password');
+        $this->getRequest()->setParam('current_password', null);
+        unset($data['current_password']);
+        $result = $this->_validateCurrentPassword($currentPassword);
+
+        $user->setData($data);
 
-            if (!is_array($result)) {
-                $result = $model->validate();
+        /*
+         * Unsetting new password and password confirmation if they are blank
+         */
+        if ($user->hasNewPassword() && $user->getNewPassword() === '') {
+            $user->unsNewPassword();
+        }
+        if ($user->hasPasswordConfirmation() && $user->getPasswordConfirmation() === '') {
+            $user->unsPasswordConfirmation();
+        }
+
+        if (!is_array($result)) {
+            $result = $user->validate();
+        }
+
+        if (is_array($result)) {
+            $this->_getSession()->setUserData($data);
+            foreach ($result as $message) {
+                $this->_getSession()->addError($message);
             }
-            if (is_array($result)) {
-                Mage::getSingleton('adminhtml/session')->setUserData($data);
-                foreach ($result as $message) {
-                    Mage::getSingleton('adminhtml/session')->addError($message);
-                }
-                $this->_redirect('*/*/edit', ['_current' => true]);
-                return $this;
+            $this->_redirect('*/*/edit', ['_current' => true]);
+            return;
+        }
+
+        try {
+            $user->save();
+
+            // Send notification to General and additional contacts (if declared) that a new admin user was created.
+            if (Mage::getStoreConfigFlag('admin/security/crate_admin_user_notification') && $isNew) {
+                Mage::getModel('admin/user')->sendAdminNotification($user);
             }
 
-            try {
-                $model->save();
-                // Send notification to General and additional contacts (if declared) that a new admin user was created.
-                if (Mage::getStoreConfigFlag('admin/security/crate_admin_user_notification') && $isNew) {
-                    Mage::getModel('admin/user')->sendAdminNotification($model);
-                }
-                if ($uRoles = $this->getRequest()->getParam('roles', false)) {
-                    if (is_array($uRoles) && (count($uRoles) >= 1)) {
-                        // with fix for previous multi-roles logic
-                        $model->setRoleIds(array_slice($uRoles, 0, 1))
-                            ->setRoleUserId($model->getUserId())
-                            ->saveRelations();
-                    }
-                }
-                Mage::getSingleton('adminhtml/session')->addSuccess($this->__('The user has been saved.'));
-                Mage::getSingleton('adminhtml/session')->setUserData(false);
-                $this->_redirect('*/*/');
-                return;
-            } catch (Mage_Core_Exception $e) {
-                Mage::getSingleton('adminhtml/session')->addError($e->getMessage());
-                Mage::getSingleton('adminhtml/session')->setUserData($data);
-                $this->_redirect('*/*/edit', ['user_id' => $model->getUserId()]);
-                return;
+            if ($role) {
+                $user->setRoleId((int)$role)
+                    ->setRoleUserId($user->getUserId())
+                    ->saveRelations();
             }
+            $this->_getSession()->addSuccess($this->__('The user has been saved.'));
+            $this->_getSession()->setUserData(false);
+            $this->_redirect('*/*/');
+        } catch (Mage_Core_Exception $e) {
+            $this->_getSession()->addError($e->getMessage());
+            $this->_getSession()->setUserData($data);
+            $this->_redirect('*/*/edit', ['user_id' => $user->getUserId()]);
         }
-        $this->_redirect('*/*/');
     }
 
     public function deleteAction()

diff --git a/app/code/core/Mage/Install/Model/Installer.php b/app/code/core/Mage/Install/Model/Installer.php
@@ -237,7 +237,7 @@ public function createAdministrator($data)
         //run time flag to force saving entered password
         $data->setForceNewPassword(true);
         $data->save();
-        $data->setRoleIds([1])->saveRelations();
+        $data->setRoleId(1)->saveRelations();
 
         return true;
     }