From d0d3b1fc072ac68f3df5e0e80ffc826738783e6c Mon Sep 17 00:00:00 2001 From: Mohamed ELIDRISSI <67818913+elidrissidev@users.noreply.github.com> Date: Tue, 3 Jan 2023 12:22:46 +0100 Subject: [PATCH] Refactor assigning role to admin user --- .../core/Mage/Admin/Model/Resource/User.php | 62 +++++---- .../Block/Permissions/User/Edit/Tab/Roles.php | 9 +- .../Permissions/UserController.php | 119 +++++++++--------- .../core/Mage/Install/Model/Installer.php | 2 +- 4 files changed, 93 insertions(+), 99 deletions(-) diff --git a/app/code/core/Mage/Admin/Model/Resource/User.php b/app/code/core/Mage/Admin/Model/Resource/User.php index 2181f6f8868..60775217f5e 100644 --- a/app/code/core/Mage/Admin/Model/Resource/User.php +++ b/app/code/core/Mage/Admin/Model/Resource/User.php @@ -211,46 +211,47 @@ public function delete(Mage_Core_Model_Abstract $user) } /** - * TODO: unify _saveRelations() and add() methods, they make same things + * Save admin user role * * @param Mage_Core_Model_Abstract|Mage_Admin_Model_User $user - * @return $this|Mage_Core_Model_Abstract + * @return $this */ public function _saveRelations(Mage_Core_Model_Abstract $user) { - $rolesIds = $user->getRoleIds(); - if (!is_array($rolesIds) || count($rolesIds) == 0) { - return $user; + $roleId = $user->getRoleId(); + if (!$roleId) { + return $this; } $adapter = $this->_getWriteAdapter(); $adapter->beginTransaction(); try { - $conditions = [ - 'user_id = ?' => (int) $user->getId(), - ]; - - $adapter->delete($this->getTable('admin/role'), $conditions); - foreach ($rolesIds as $rid) { - $rid = (int) $rid; - if ($rid > 0) { - $role = Mage::getModel('admin/role')->load($rid); - } else { - $role = new Varien_Object(['tree_level' => 0]); - } - - $data = new Varien_Object([ - 'parent_id' => $rid, - 'tree_level' => $role->getTreeLevel() + 1, - 'sort_order' => 0, - 'role_type' => Mage_Admin_Model_Acl::ROLE_TYPE_USER, - 'user_id' => $user->getId(), - 'role_name' => $user->getFirstname() - ]); - - $insertData = $this->_prepareDataForTable($data, $this->getTable('admin/role')); - $adapter->insert($this->getTable('admin/role'), $insertData); + $role = Mage::getModel('admin/role')->load($roleId); + + $data = new Varien_Object([ + 'parent_id' => $roleId, + 'tree_level' => (int)$role->getTreeLevel() + 1, + 'sort_order' => 0, + 'role_type' => Mage_Admin_Model_Acl::ROLE_TYPE_USER, + 'user_id' => $user->getId(), + 'role_name' => $user->getFirstname() + ]); + + $select = $adapter->select() + ->from($this->getTable('admin/role')) + ->where('user_id = ?', $user->getId()); + + $preparedData = $this->_prepareDataForTable($data, $this->getTable('admin/role')); + + if ($adapter->fetchOne($select) === false) { + $adapter->insert($this->getTable('admin/role'), $preparedData); + } else { + $adapter->update( + $this->getTable('admin/role'), + $preparedData, + ['user_id = ?' => $user->getId()] + ); } if ($user->getId() > 0) { @@ -258,9 +259,6 @@ public function _saveRelations(Mage_Core_Model_Abstract $user) $this->saveReloadAclFlag($user, 1); } $adapter->commit(); - } catch (Mage_Core_Exception $e) { - $adapter->rollBack(); - throw $e; } catch (Exception $e) { $adapter->rollBack(); throw $e; diff --git a/app/code/core/Mage/Adminhtml/Block/Permissions/User/Edit/Tab/Roles.php b/app/code/core/Mage/Adminhtml/Block/Permissions/User/Edit/Tab/Roles.php index 003861d2e15..2079853c3e7 100644 --- a/app/code/core/Mage/Adminhtml/Block/Permissions/User/Edit/Tab/Roles.php +++ b/app/code/core/Mage/Adminhtml/Block/Permissions/User/Edit/Tab/Roles.php @@ -71,19 +71,12 @@ protected function _prepareColumns() 'header_css_class' => 'a-center', 'header' => Mage::helper('adminhtml')->__('Assigned'), 'type' => 'radio', - 'html_name' => 'roles[]', + 'html_name' => 'role', 'values' => $this->_getSelectedRoles(), 'align' => 'center', 'index' => 'role_id' ]); - /*$this->addColumn('role_id', array( - 'header' =>Mage::helper('adminhtml')->__('Role ID'), - 'index' =>'role_id', - 'align' => 'right', - 'width' => '50px' - ));*/ - $this->addColumn('role_name', [ 'header' => Mage::helper('adminhtml')->__('Role Name'), 'index' => 'role_name' diff --git a/app/code/core/Mage/Adminhtml/controllers/Permissions/UserController.php b/app/code/core/Mage/Adminhtml/controllers/Permissions/UserController.php index 9e32be34ef2..ff26aed9b23 100644 --- a/app/code/core/Mage/Adminhtml/controllers/Permissions/UserController.php +++ b/app/code/core/Mage/Adminhtml/controllers/Permissions/UserController.php @@ -114,73 +114,76 @@ public function editAction() public function saveAction() { - if ($data = $this->getRequest()->getPost()) { - $id = $this->getRequest()->getParam('user_id'); - $model = Mage::getModel('admin/user')->load($id); - // @var $isNew flag for detecting new admin user creation. - $isNew = !$model->getId() ? true : false; - if (!$model->getId() && $id) { - Mage::getSingleton('adminhtml/session')->addError($this->__('This user no longer exists.')); - $this->_redirect('*/*/'); - return; - } + $data = $this->getRequest()->getPost(); - //Validate current admin password - $currentPassword = $this->getRequest()->getParam('current_password', null); - $this->getRequest()->setParam('current_password', null); - unset($data['current_password']); - $result = $this->_validateCurrentPassword($currentPassword); + if (!$data) { + $this->_redirect('*/*/'); + return; + } - $model->setData($data); + $id = $this->getRequest()->getParam('user_id'); + $role = $this->getRequest()->getParam('role'); - /* - * Unsetting new password and password confirmation if they are blank - */ - if ($model->hasNewPassword() && $model->getNewPassword() === '') { - $model->unsNewPassword(); - } - if ($model->hasPasswordConfirmation() && $model->getPasswordConfirmation() === '') { - $model->unsPasswordConfirmation(); - } + $user = Mage::getModel('admin/user')->load($id); + $isNew = $user->isObjectNew(); + + if ($id && !$user->getId()) { + $this->_getSession()->addError($this->__('This user no longer exists.')); + $this->_redirect('*/*/'); + return; + } + + $currentPassword = $this->getRequest()->getParam('current_password'); + $this->getRequest()->setParam('current_password', null); + unset($data['current_password']); + $result = $this->_validateCurrentPassword($currentPassword); + + $user->setData($data); - if (!is_array($result)) { - $result = $model->validate(); + /* + * Unsetting new password and password confirmation if they are blank + */ + if ($user->hasNewPassword() && $user->getNewPassword() === '') { + $user->unsNewPassword(); + } + if ($user->hasPasswordConfirmation() && $user->getPasswordConfirmation() === '') { + $user->unsPasswordConfirmation(); + } + + if (!is_array($result)) { + $result = $user->validate(); + } + + if (is_array($result)) { + $this->_getSession()->setUserData($data); + foreach ($result as $message) { + $this->_getSession()->addError($message); } - if (is_array($result)) { - Mage::getSingleton('adminhtml/session')->setUserData($data); - foreach ($result as $message) { - Mage::getSingleton('adminhtml/session')->addError($message); - } - $this->_redirect('*/*/edit', ['_current' => true]); - return $this; + $this->_redirect('*/*/edit', ['_current' => true]); + return; + } + + try { + $user->save(); + + // Send notification to General and additional contacts (if declared) that a new admin user was created. + if (Mage::getStoreConfigFlag('admin/security/crate_admin_user_notification') && $isNew) { + Mage::getModel('admin/user')->sendAdminNotification($user); } - try { - $model->save(); - // Send notification to General and additional contacts (if declared) that a new admin user was created. - if (Mage::getStoreConfigFlag('admin/security/crate_admin_user_notification') && $isNew) { - Mage::getModel('admin/user')->sendAdminNotification($model); - } - if ($uRoles = $this->getRequest()->getParam('roles', false)) { - if (is_array($uRoles) && (count($uRoles) >= 1)) { - // with fix for previous multi-roles logic - $model->setRoleIds(array_slice($uRoles, 0, 1)) - ->setRoleUserId($model->getUserId()) - ->saveRelations(); - } - } - Mage::getSingleton('adminhtml/session')->addSuccess($this->__('The user has been saved.')); - Mage::getSingleton('adminhtml/session')->setUserData(false); - $this->_redirect('*/*/'); - return; - } catch (Mage_Core_Exception $e) { - Mage::getSingleton('adminhtml/session')->addError($e->getMessage()); - Mage::getSingleton('adminhtml/session')->setUserData($data); - $this->_redirect('*/*/edit', ['user_id' => $model->getUserId()]); - return; + if ($role) { + $user->setRoleId((int)$role) + ->setRoleUserId($user->getUserId()) + ->saveRelations(); } + $this->_getSession()->addSuccess($this->__('The user has been saved.')); + $this->_getSession()->setUserData(false); + $this->_redirect('*/*/'); + } catch (Mage_Core_Exception $e) { + $this->_getSession()->addError($e->getMessage()); + $this->_getSession()->setUserData($data); + $this->_redirect('*/*/edit', ['user_id' => $user->getUserId()]); } - $this->_redirect('*/*/'); } public function deleteAction() diff --git a/app/code/core/Mage/Install/Model/Installer.php b/app/code/core/Mage/Install/Model/Installer.php index def5d59ee9a..774325f22a7 100644 --- a/app/code/core/Mage/Install/Model/Installer.php +++ b/app/code/core/Mage/Install/Model/Installer.php @@ -237,7 +237,7 @@ public function createAdministrator($data) //run time flag to force saving entered password $data->setForceNewPassword(true); $data->save(); - $data->setRoleIds([1])->saveRelations(); + $data->setRoleId(1)->saveRelations(); return true; }