Merge pull request #82 from zendesk/jose/MI-174-acl-patch

joseconsador · joseconsador · commit 8681f17152d6 · 2015-07-14T10:26:32.000+08:00
[MI-174] ACL Patch
diff --git a/src/app/code/community/Zendesk/Zendesk/Block/Adminhtml/Dashboard/Tab/Tickets/Grid/Abstract.php b/src/app/code/community/Zendesk/Zendesk/Block/Adminhtml/Dashboard/Tab/Tickets/Grid/Abstract.php
@@ -90,6 +90,11 @@ protected function _prepareCollection() {
     protected function _prepareMassaction() {
         parent::_prepareMassaction();
 
+        // Disable mass actions if not allowed for the current user's role
+        if ( ! Mage::getSingleton('admin/session')->isAllowed('zendesk/zendesk_dashboard/bulk_actions')) {
+            return;
+        }
+
         $this->setMassactionIdField('id');
         $this->getMassactionBlock()->setFormFieldName('id');
         
diff --git a/src/app/code/community/Zendesk/Zendesk/Block/Adminhtml/Menu.php b/src/app/code/community/Zendesk/Zendesk/Block/Adminhtml/Menu.php
@@ -27,7 +27,11 @@ public function __construct()
     public function isAllowed($target)
     {
         try {
-            return Mage::getSingleton('admin/session')->isAllowed('admin/zendesk/zendesk_' . $target);
+            if ($target == 'settings') {
+                return Mage::getSingleton('admin/session')->isAllowed('admin/system/config/zendesk');
+            } else {
+                return Mage::getSingleton('admin/session')->isAllowed('admin/zendesk/zendesk_' . $target);
+            }
         } catch (Exception $e) {
             return false;
         }
diff --git a/src/app/code/community/Zendesk/Zendesk/Model/Api/SupportAddresses.php b/src/app/code/community/Zendesk/Zendesk/Model/Api/SupportAddresses.php
@@ -7,8 +7,7 @@ public function all()
         $page = 1;
         $addresses = array();
 
-        while ($page) {
-            $response  = $this->_call('recipient_addresses.json?page=' . $page);
+        while ($page && $response = $this->_call('recipient_addresses.json?page=' . $page)) {
             $addresses = array_merge($addresses, $response['recipient_addresses']);
             $page      = is_null($response['next_page']) ? 0 : $page + 1;
         }
diff --git a/src/app/code/community/Zendesk/Zendesk/Model/Api/Tickets.php b/src/app/code/community/Zendesk/Zendesk/Model/Api/Tickets.php
@@ -191,4 +191,4 @@ public function create($data)
         return $response['ticket'];
     }
 
-}
+}
diff --git a/src/app/code/community/Zendesk/Zendesk/Model/Api/Users.php b/src/app/code/community/Zendesk/Zendesk/Model/Api/Users.php
@@ -56,8 +56,7 @@ public function all()
         $page = 1;
         $users = array();
         
-        while($page) {
-            $response   = $this->_call('users.json?page=' . $page);
+        while($page && $response = $this->_call('users.json?page=' . $page)) {
             $users      = array_merge($users, $response['users']);
             $page       = is_null($response['next_page']) ? 0 : $page + 1;
     }
@@ -109,6 +108,11 @@ public function create($user)
     public function createUserField($field)
     {
         $response = $this->_call('user_fields.json', null, 'POST', $field, true);
+
+        if(!isset($response['user_field'])) {
+            throw new Exception('No User Field specified.');
+        }
+ 
         return $response['user_field'];
     }
-}
+}
diff --git a/src/app/code/community/Zendesk/Zendesk/Model/Resource/Tickets/Collection.php b/src/app/code/community/Zendesk/Zendesk/Model/Resource/Tickets/Collection.php
@@ -35,16 +35,24 @@ public function addFieldToFilter($fieldName, $condition = null) {
             switch($fieldName) {
                 case 'subject':
                     $searchFields[] = array(
-                        'field' =>  'subject',
-                        'value' =>  '"'.$condition.'"'
+                        'field' => 'subject',
+                        'value' => '"'.$condition.'"'
                     );
                     break;
                 case 'requester':
                 case 'requester_id':
-                    $value = is_numeric($condition) ? $condition : '*' . $condition . '*';
+                    if (is_array($condition)) {
+                        break;
+                    }
+
+                    $searchFields[] = array(
+                        'field' => 'requester',
+                        'value' => '*' . $condition,
+                    );
+
                     $searchFields[] = array(
-                        'field' =>  'requester',
-                        'value' =>  $value
+                        'field' => 'requester',
+                        'value' => $condition . '*',
                     );
                     break;
                 case 'tags':
@@ -54,14 +62,14 @@ public function addFieldToFilter($fieldName, $condition = null) {
                 case 'group':
                 case 'assignee':
                     $searchFields[] = array(
-                        'field' =>  $fieldName,
-                        'value' =>  $condition
+                        'field' => $fieldName,
+                        'value' => $condition
                     );
                     break;
                 case 'type':
                     $searchFields[] = array(
-                        'field' =>  'ticket_type',
-                        'value' =>  $condition
+                        'field' => 'ticket_type',
+                        'value' => $condition
                     );
                     break;
                 case 'id':
diff --git a/src/app/code/community/Zendesk/Zendesk/controllers/Adminhtml/ZendeskController.php b/src/app/code/community/Zendesk/Zendesk/controllers/Adminhtml/ZendeskController.php
@@ -19,7 +19,64 @@
 
 class Zendesk_Zendesk_Adminhtml_ZendeskController extends Mage_Adminhtml_Controller_Action
 {
-    protected $_publicActions = array('redirect', 'logout');
+    protected $_publicActions = array('redirect', 'logout', 'authenticate', 'login');
+
+    protected function _isAllowed()
+    {
+        $action = strtolower($this->getRequest()->getActionName());
+
+        // Disable ACL check for public actions
+        if (in_array($action, $this->_publicActions)) {
+            return true;
+        }
+
+        switch ($action) {
+            case 'launch':
+                $aclAction = 'launch';
+                break;
+            // When users have access to the zendesk_dashboard they must also be able to access the viewing actions on this controller
+            case 'index':
+            case 'ticketsall':
+            case 'ticketsview':
+                $aclAction = 'dashboard';
+                break;
+            // User must have bulk_actions permission
+            case 'bulkchangepriority':
+            case 'bulkchangestatus':
+            case 'bulkchangetype':
+            case 'bulkdelete':
+            case 'bulkmarkspam':
+                $aclAction = 'dashboard/bulk_actions';
+                break;
+            // Actions accessible to roles with the zendesk_create permission
+            case 'autocomplete':
+            case 'create':
+            case 'getorder':
+            case 'getuser':
+            case 'loadblock':
+            case 'save':
+                $aclAction = 'create';
+                break;
+            // Configuration actions, role must have Configuration > Zendesk permissions
+            case 'checkoutbound':
+            case 'clearlog';
+            case 'configuration':
+            case 'generate':
+            case 'sync':
+                $aclAction = 'settings';
+                break;
+            default:
+                return false;
+        }
+
+        $acl = "zendesk/zendesk_$aclAction";
+
+        if ($acl == 'zendesk/zendesk_settings') {
+            $acl = 'admin/system/config/zendesk';
+        }
+
+        return Mage::getSingleton('admin/session')->isAllowed($acl);
+    }
 
     public function indexAction()
     {
@@ -402,7 +459,7 @@ public function checkOutboundAction()
 
         $this->getResponse()->clearHeaders()->setHeader('Content-type','application/json', true);
         $this->getResponse()->setBody(json_encode($connection));
-        }
+    }
 
     /**
      * Loading page block
diff --git a/src/app/code/community/Zendesk/Zendesk/etc/config.xml b/src/app/code/community/Zendesk/Zendesk/etc/config.xml
@@ -202,11 +202,12 @@
                         <action>adminhtml/zendesk/launch</action>
                         <sort_order>3</sort_order>
                     </zendesk_launch>
-                    <zendesk_configurations module="zendesk">
+                    <zendesk_configuration module="zendesk">
+                        <resource>system/config/zendesk</resource>
                         <title>Configuration</title>
                         <action>adminhtml/system_config/edit/section/zendesk</action>
                         <sort_order>4</sort_order>
-                    </zendesk_configurations>
+                    </zendesk_configuration>
                     <zendesk_log module="zendesk">
                         <title>Log Viewer</title>
                         <action>adminhtml/zendesk/log</action>
@@ -225,6 +226,12 @@
                                 <zendesk_dashboard translate="title" module="zendesk">
                                     <title>Dashboard</title>
                                     <sort_order>1</sort_order>
+                                    <children>
+                                        <bulk_actions>
+                                            <title>Bulk Actions</title>
+                                            <sort_order>1</sort_order>
+                                        </bulk_actions>
+                                    </children>
                                 </zendesk_dashboard>
                                 <zendesk_create translate="title" module="zendesk">
                                     <title>Create Ticket</title>
@@ -234,10 +241,10 @@
                                     <title>Launch Zendesk</title>
                                     <sort_order>3</sort_order>
                                 </zendesk_launch>
-                                <zendesk_settings translate="title" module="zendesk">
-                                    <title>Settings</title>
+                                <zendesk_log>
+                                    <title>View Logs</title>
                                     <sort_order>4</sort_order>
-                                </zendesk_settings>
+                                </zendesk_log>
                             </children>
                         </zendesk>
                         <system>
diff --git a/src/app/design/adminhtml/default/default/template/zendesk/left-menu.phtml b/src/app/design/adminhtml/default/default/template/zendesk/left-menu.phtml
@@ -44,6 +44,13 @@
             <span><?php echo $this->__('Configuration'); ?></span>
         </a>
     </li>
+    <?php } ?>
+        <?php if ($this->isAllowed('log')) { ?>
+    <li>
+        <a href="<?php echo $this->getUrl('adminhtml/zendesk/log'); ?>" class="tab-item-link">
+            <span><?php echo $this->__('Log Viewer'); ?></span>
+        </a>
+    </li>
     <?php } ?>
 </ul>
 

Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,11 @@ public function __construct()`
`27`	`27`	`public function isAllowed($target)`
`28`	`28`	`{`
`29`	`29`	`try {`
`30`		`- return Mage::getSingleton('admin/session')->isAllowed('admin/zendesk/zendesk_' . $target);`
	`30`	`+ if ($target == 'settings') {`
	`31`	`+ return Mage::getSingleton('admin/session')->isAllowed('admin/system/config/zendesk');`
	`32`	`+ } else {`
	`33`	`+ return Mage::getSingleton('admin/session')->isAllowed('admin/zendesk/zendesk_' . $target);`
	`34`	`+ }`
`31`	`35`	`} catch (Exception $e) {`
`32`	`36`	`return false;`
`33`	`37`	`}`
Original file line number	Diff line number	Diff line change
`@@ -7,8 +7,7 @@ public function all()`
`7`	`7`	`$page = 1;`
`8`	`8`	`$addresses = array();`
`9`	`9`
`10`		`- while ($page) {`
`11`		`- $response = $this->_call('recipient_addresses.json?page=' . $page);`
	`10`	`+ while ($page && $response = $this->_call('recipient_addresses.json?page=' . $page)) {`
`12`	`11`	`$addresses = array_merge($addresses, $response['recipient_addresses']);`
`13`	`12`	`$page = is_null($response['next_page']) ? 0 : $page + 1;`
`14`	`13`	`}`
Original file line number	Diff line number	Diff line change
`@@ -191,4 +191,4 @@ public function create($data)`
`191`	`191`	`return $response['ticket'];`
`192`	`192`	`}`
`193`	`193`
`194`		`-}`
	`194`	`+}`