Mage_Core_Adminhtml - Version 1.9.2.0

Version Notes

1.9.2.0

Download this release

Release Info

Developer Magento Core Team
Extension Mage_Core_Adminhtml
Version 1.9.2.0
Comparing to
See all releases


Code changes from version 1.9.1.1 to 1.9.2.0

Files changed (76) hide show
  1. app/code/core/Mage/Adminhtml/Block/Api/Buttons.php +8 -1
  2. app/code/core/Mage/Adminhtml/Block/Cache.php +5 -2
  3. app/code/core/Mage/Adminhtml/Block/Catalog/Product/Attribute/Set/Grid.php +1 -1
  4. app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit.php +7 -3
  5. app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tab/Alerts/Price.php +6 -0
  6. app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tab/Alerts/Stock.php +5 -0
  7. app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tab/Categories.php +11 -14
  8. app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tab/Tag/Customer.php +5 -0
  9. app/code/core/Mage/Adminhtml/Block/Cms/Page/Grid/Renderer/Action.php +13 -8
  10. app/code/core/Mage/Adminhtml/Block/Customer/Edit/Tab/Account.php +3 -1
  11. app/code/core/Mage/Adminhtml/Block/Customer/Online/Grid.php +6 -0
  12. app/code/core/Mage/Adminhtml/Block/Customer/Online/Grid/Renderer/Ip.php +7 -2
  13. app/code/core/Mage/Adminhtml/Block/Newsletter/Subscriber/Grid.php +6 -0
  14. app/code/core/Mage/Adminhtml/Block/Permissions/Buttons.php +7 -1
  15. app/code/core/Mage/Adminhtml/Block/Permissions/Roles.php +10 -0
  16. app/code/core/Mage/Adminhtml/Block/Permissions/Tab/Rolesedit.php +29 -3
  17. app/code/core/Mage/Adminhtml/Block/Report/Grid/Column/Renderer/Currency.php +3 -2
  18. app/code/core/Mage/Adminhtml/Block/Review/Edit.php +5 -1
  19. app/code/core/Mage/Adminhtml/Block/Review/Edit/Form.php +1 -1
  20. app/code/core/Mage/Adminhtml/Block/Review/Main.php +1 -2
  21. app/code/core/Mage/Adminhtml/Block/Review/Rating/Detailed.php +1 -1
  22. app/code/core/Mage/Adminhtml/Block/Sales/Order/Create/Sidebar/Cart.php +3 -1
  23. app/code/core/Mage/Adminhtml/Block/Sales/Order/Creditmemo/View.php +4 -3
  24. app/code/core/Mage/Adminhtml/Block/Sales/Order/Invoice/View.php +6 -4
  25. app/code/core/Mage/Adminhtml/Block/Sales/Order/Shipment/View.php +6 -4
  26. app/code/core/Mage/Adminhtml/Block/Sales/Order/View.php +37 -17
  27. app/code/core/Mage/Adminhtml/Block/Store/Switcher.php +1 -1
  28. app/code/core/Mage/Adminhtml/Block/System/Design/Edit.php +5 -1
  29. app/code/core/Mage/Adminhtml/Block/Tag/Customer/Grid.php +5 -0
  30. app/code/core/Mage/Adminhtml/Block/Tag/Grid/Customers.php +28 -21
  31. app/code/core/Mage/Adminhtml/Block/Tag/Tag/Edit.php +11 -4
  32. app/code/core/Mage/Adminhtml/Block/Tax/Rate/Toolbar/Save.php +7 -1
  33. app/code/core/Mage/Adminhtml/Block/Urlrewrite/Edit.php +10 -3
  34. app/code/core/Mage/Adminhtml/Block/Widget/Form/Container.php +15 -3
  35. app/code/core/Mage/Adminhtml/Block/Widget/Grid/Column/Filter/Price.php +15 -7
  36. app/code/core/Mage/Adminhtml/Block/Widget/Grid/Column/Renderer/Currency.php +1 -1
  37. app/code/core/Mage/Adminhtml/Block/Widget/Grid/Column/Renderer/Ip.php +5 -1
  38. app/code/core/Mage/Adminhtml/Block/Widget/Grid/Column/Renderer/Price.php +1 -1
  39. app/code/core/Mage/Adminhtml/Controller/Action.php +1 -1
  40. app/code/core/Mage/Adminhtml/Helper/Sales.php +1 -0
  41. app/code/core/Mage/Adminhtml/Model/Sales/Order/Create.php +40 -35
  42. app/code/core/Mage/Adminhtml/Model/System/Config/Backend/Baseurl.php +16 -0
  43. app/code/core/Mage/Adminhtml/controllers/AjaxController.php +10 -0
  44. app/code/core/Mage/Adminhtml/controllers/Catalog/Category/WidgetController.php +10 -0
  45. app/code/core/Mage/Adminhtml/controllers/Catalog/Product/DatafeedsController.php +10 -0
  46. app/code/core/Mage/Adminhtml/controllers/Catalog/Product/ReviewController.php +2 -1
  47. app/code/core/Mage/Adminhtml/controllers/Catalog/Product/WidgetController.php +10 -0
  48. app/code/core/Mage/Adminhtml/controllers/Catalog/ProductController.php +1 -0
  49. app/code/core/Mage/Adminhtml/controllers/Cms/Block/WidgetController.php +10 -0
  50. app/code/core/Mage/Adminhtml/controllers/Cms/Page/WidgetController.php +11 -0
  51. app/code/core/Mage/Adminhtml/controllers/Cms/PageController.php +2 -1
  52. app/code/core/Mage/Adminhtml/controllers/Cms/WysiwygController.php +10 -0
  53. app/code/core/Mage/Adminhtml/controllers/Customer/System/Config/ValidatevatController.php +10 -0
  54. app/code/core/Mage/Adminhtml/controllers/CustomerController.php +1 -0
  55. app/code/core/Mage/Adminhtml/controllers/JsonController.php +10 -0
  56. app/code/core/Mage/Adminhtml/controllers/NotificationController.php +5 -4
  57. app/code/core/Mage/Adminhtml/controllers/Permissions/RoleController.php +46 -5
  58. app/code/core/Mage/Adminhtml/controllers/Report/CustomerController.php +2 -1
  59. app/code/core/Mage/Adminhtml/controllers/Report/ProductController.php +2 -1
  60. app/code/core/Mage/Adminhtml/controllers/Report/ReviewController.php +2 -1
  61. app/code/core/Mage/Adminhtml/controllers/Report/SalesController.php +2 -1
  62. app/code/core/Mage/Adminhtml/controllers/Report/ShopcartController.php +2 -1
  63. app/code/core/Mage/Adminhtml/controllers/Report/TagController.php +3 -2
  64. app/code/core/Mage/Adminhtml/controllers/ReportController.php +2 -1
  65. app/code/core/Mage/Adminhtml/controllers/Rss/CatalogController.php +10 -6
  66. app/code/core/Mage/Adminhtml/controllers/Rss/OrderController.php +10 -6
  67. app/code/core/Mage/Adminhtml/controllers/Sales/Billing/AgreementController.php +2 -1
  68. app/code/core/Mage/Adminhtml/controllers/Sales/Order/View/GiftmessageController.php +10 -0
  69. app/code/core/Mage/Adminhtml/controllers/Sales/Recurring/ProfileController.php +10 -0
  70. app/code/core/Mage/Adminhtml/controllers/Sales/TransactionsController.php +2 -1
  71. app/code/core/Mage/Adminhtml/controllers/System/Config/System/StorageController.php +10 -0
  72. app/code/core/Mage/Adminhtml/controllers/TagController.php +2 -1
  73. app/code/core/Mage/Adminhtml/controllers/Tax/RateController.php +5 -4
  74. app/code/core/Mage/Adminhtml/controllers/TaxController.php +10 -0
  75. app/locale/en_US/Mage_Adminhtml.csv +6 -1
  76. package.xml +6 -6
app/code/core/Mage/Adminhtml/Block/Api/Buttons.php CHANGED
@@ -65,7 +65,14 @@ class Mage_Adminhtml_Block_Api_Buttons extends Mage_Adminhtml_Block_Template
65
$this->getLayout()->createBlock('adminhtml/widget_button')
66
->setData(array(
67
'label' => Mage::helper('adminhtml')->__('Delete Role'),
68
- 'onclick' => 'deleteConfirm(\'' . Mage::helper('adminhtml')->__('Are you sure you want to do this?') . '\', \'' . $this->getUrl('*/*/delete', array('rid' => $this->getRequest()->getParam('rid'))) . '\')',
69
'class' => 'delete'
70
))
71
);
65
$this->getLayout()->createBlock('adminhtml/widget_button')
66
->setData(array(
67
'label' => Mage::helper('adminhtml')->__('Delete Role'),
68
+ 'onclick' => 'deleteConfirm(\''
69
+ . Mage::helper('core')->jsQuoteEscape(
70
+ Mage::helper('adminhtml')->__('Are you sure you want to do this?'),
71
+ true
72
+ )
73
+ . '\', \''
74
+ . $this->getUrl('*/*/delete', array('rid' => $this->getRequest()->getParam('rid')))
75
+ . '\')',
76
'class' => 'delete'
77
))
78
);
app/code/core/Mage/Adminhtml/Block/Cache.php CHANGED
@@ -41,10 +41,13 @@ class Mage_Adminhtml_Block_Cache extends Mage_Adminhtml_Block_Widget_Grid_Contai
41
'class' => 'delete',
42
));
43
44
- $message = Mage::helper('core')->__('Cache storage may contain additional data. Are you sure that you want flush it?');
45
$this->_addButton('flush_system', array(
46
'label' => Mage::helper('core')->__('Flush Cache Storage'),
47
- 'onclick' => 'confirmSetLocation(\''.$message.'\', \'' . $this->getFlushStorageUrl() .'\')',
48
'class' => 'delete',
49
));
50
}
41
'class' => 'delete',
42
));
43
44
+ $confirmationMessage = Mage::helper('core')->jsQuoteEscape(
45
+ Mage::helper('core')->__('Cache storage may contain additional data. Are you sure that you want flush it?')
46
+ );
47
$this->_addButton('flush_system', array(
48
'label' => Mage::helper('core')->__('Flush Cache Storage'),
49
+ 'onclick' => 'confirmSetLocation(\'' . $confirmationMessage . '\', \'' . $this->getFlushStorageUrl()
50
+ . '\')',
51
'class' => 'delete',
52
));
53
}
app/code/core/Mage/Adminhtml/Block/Catalog/Product/Attribute/Set/Grid.php CHANGED
@@ -38,7 +38,7 @@ class Mage_Adminhtml_Block_Catalog_Product_Attribute_Set_Grid extends Mage_Admin
38
{
39
parent::__construct();
40
$this->setId('setGrid');
41
- $this->setDefaultSort('set_id');
42
$this->setDefaultDir('ASC');
43
$this->setSaveParametersInSession(true);
44
}
38
{
39
parent::__construct();
40
$this->setId('setGrid');
41
+ $this->setDefaultSort('set_name');
42
$this->setDefaultDir('ASC');
43
$this->setSaveParametersInSession(true);
44
}
app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit.php CHANGED
@@ -104,12 +104,16 @@ class Mage_Adminhtml_Block_Catalog_Product_Edit extends Mage_Adminhtml_Block_Wid
104
);
105
}
106
if ($this->getProduct()->isDeleteable()) {
107
$this->setChild('delete_button',
108
- $this->getLayout()->createBlock('adminhtml/widget_button')
109
->setData(array(
110
'label' => Mage::helper('catalog')->__('Delete'),
111
- 'onclick' => 'confirmSetLocation(\''
112
- . Mage::helper('catalog')->__('Are you sure?').'\', \''.$this->getDeleteUrl().'\')',
113
'class' => 'delete'
114
))
115
);
104
);
105
}
106
if ($this->getProduct()->isDeleteable()) {
107
+
108
+ $confirmationMessage = Mage::helper('core')->jsQuoteEscape(
109
+ Mage::helper('catalog')->__('Are you sure?')
110
+ );
111
$this->setChild('delete_button',
112
+ $this->getLayout()->createBlock('adminhtml/widget_button')
113
->setData(array(
114
'label' => Mage::helper('catalog')->__('Delete'),
115
+ 'onclick' => 'confirmSetLocation(\'' . $confirmationMessage
116
+ . '\', \'' . $this->getDeleteUrl() . '\')',
117
'class' => 'delete'
118
))
119
);
app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tab/Alerts/Price.php CHANGED
@@ -69,6 +69,12 @@ class Mage_Adminhtml_Block_Catalog_Product_Edit_Tab_Alerts_Price extends Mage_Ad
69
'index' => 'firstname',
70
));
71
72
$this->addColumn('lastname', array(
73
'header' => Mage::helper('catalog')->__('Last Name'),
74
'index' => 'lastname',
69
'index' => 'firstname',
70
));
71
72
+ $this->addColumn('middlename', array(
73
+ 'header' => Mage::helper('catalog')->__('Middle Name'),
74
+ 'index' => 'middlename',
75
+ ));
76
+
77
+
78
$this->addColumn('lastname', array(
79
'header' => Mage::helper('catalog')->__('Last Name'),
80
'index' => 'lastname',
app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tab/Alerts/Stock.php CHANGED
@@ -69,6 +69,11 @@ class Mage_Adminhtml_Block_Catalog_Product_Edit_Tab_Alerts_Stock extends Mage_Ad
69
'index' => 'firstname',
70
));
71
72
$this->addColumn('lastname', array(
73
'header' => Mage::helper('catalog')->__('Last Name'),
74
'index' => 'lastname',
69
'index' => 'firstname',
70
));
71
72
+ $this->addColumn('middlename', array(
73
+ 'header' => Mage::helper('catalog')->__('Middle Name'),
74
+ 'index' => 'middlename',
75
+ ));
76
+
77
$this->addColumn('lastname', array(
78
'header' => Mage::helper('catalog')->__('Last Name'),
79
'index' => 'lastname',
app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tab/Categories.php CHANGED
@@ -185,22 +185,16 @@ class Mage_Adminhtml_Block_Catalog_Product_Edit_Tab_Categories extends Mage_Admi
185
*/
186
protected function _isParentSelectedCategory($node)
187
{
188
- $result = false;
189
- // Contains string with all category IDs of children (not exactly direct) of the node
190
- $allChildren = $node->getAllChildren();
191
- if ($allChildren) {
192
- $selectedCategoryIds = $this->getCategoryIds();
193
- $allChildrenArr = explode(',', $allChildren);
194
- for ($i = 0, $cnt = count($selectedCategoryIds); $i < $cnt; $i++) {
195
- $isSelf = $node->getId() == $selectedCategoryIds[$i];
196
- if (!$isSelf && in_array($selectedCategoryIds[$i], $allChildrenArr)) {
197
- $result = true;
198
- break;
199
}
200
}
201
}
202
203
- return $result;
204
}
205
206
/**
@@ -273,9 +267,12 @@ class Mage_Adminhtml_Block_Catalog_Product_Edit_Tab_Categories extends Mage_Admi
273
$collection = Mage::getResourceModel('catalog/category_collection');
274
275
if ($rootId) {
276
- $collection->addFieldToFilter('parent_id', $rootId);
277
} else {
278
- $collection->addFieldToFilter('entity_id', array('in'=>$categoryIds));
279
}
280
281
foreach ($collection as $item) {
185
*/
186
protected function _isParentSelectedCategory($node)
187
{
188
+ foreach ($this->_getSelectedNodes() as $selected) {
189
+ if ($selected) {
190
+ $pathIds = explode('/', $selected->getPathId());
191
+ if (in_array($node->getId(), $pathIds)) {
192
+ return true;
193
}
194
}
195
}
196
197
+ return false;
198
}
199
200
/**
267
$collection = Mage::getResourceModel('catalog/category_collection');
268
269
if ($rootId) {
270
+ $collection->addFieldToFilter(array(
271
+ array('attribute' => 'parent_id', 'eq' => $rootId),
272
+ array('attribute' => 'entity_id', 'in' => $categoryIds)
273
+ ));
274
} else {
275
+ $collection->addFieldToFilter('entity_id', array('in' => $categoryIds));
276
}
277
278
foreach ($collection as $item) {
app/code/core/Mage/Adminhtml/Block/Catalog/Product/Edit/Tab/Tag/Customer.php CHANGED
@@ -69,6 +69,11 @@ class Mage_Adminhtml_Block_Catalog_Product_Edit_Tab_Tag_Customer extends Mage_Ad
69
'index' => 'firstname',
70
));
71
72
$this->addColumn('lastname', array(
73
'header' => Mage::helper('catalog')->__('Last Name'),
74
'index' => 'lastname',
69
'index' => 'firstname',
70
));
71
72
+ $this->addColumn('middlename', array(
73
+ 'header' => Mage::helper('catalog')->__('Middle Name'),
74
+ 'index' => 'middlename',
75
+ ));
76
+
77
$this->addColumn('lastname', array(
78
'header' => Mage::helper('catalog')->__('Last Name'),
79
'index' => 'lastname',
app/code/core/Mage/Adminhtml/Block/Cms/Page/Grid/Renderer/Action.php CHANGED
@@ -29,13 +29,18 @@ class Mage_Adminhtml_Block_Cms_Page_Grid_Renderer_Action
29
{
30
public function render(Varien_Object $row)
31
{
32
- $urlModel = Mage::getModel('core/url')->setStore($row->getData('_first_store_id'));
33
- $href = $urlModel->getUrl(
34
- $row->getIdentifier(), array(
35
- '_current' => false,
36
- '_query' => '___store='.$row->getStoreCode()
37
- )
38
- );
39
- return '<a href="'.$href.'" target="_blank">'.$this->__('Preview').'</a>';
40
}
41
}
29
{
30
public function render(Varien_Object $row)
31
{
32
+ Mage::dispatchEvent('adminhtml_cms_page_grid_renderer_action_before_render', array('row' => $row));
33
+ if ($row->getPreviewUrl()) {
34
+ $href = $row->getPreviewUrl();
35
+ } else {
36
+ $urlModel = Mage::getModel('core/url')->setStore($row->getData('_first_store_id'));
37
+ $href = $urlModel->getUrl(
38
+ $row->getIdentifier(), array(
39
+ '_current' => false,
40
+ '_query' => '___store=' . $row->getStoreCode(),
41
+ )
42
+ );
43
+ }
44
+ return '<a href="' . $href . '" target="_blank">' . $this->__('Preview') . '</a>';
45
}
46
}
app/code/core/Mage/Adminhtml/Block/Customer/Edit/Tab/Account.php CHANGED
@@ -98,7 +98,9 @@ class Mage_Adminhtml_Block_Customer_Edit_Tab_Account extends Mage_Adminhtml_Bloc
98
var {$prefix}_websites = " . Mage::helper('core')->jsonEncode($websites) .";
99
Validation.add(
100
'validate-website-has-store',
101
- '" . Mage::helper('customer')->__('Please select a website which contains store view') . "',
102
function(v, elem){
103
return {$prefix}_websites[elem.value] == true;
104
}
98
var {$prefix}_websites = " . Mage::helper('core')->jsonEncode($websites) .";
99
Validation.add(
100
'validate-website-has-store',
101
+ '" . Mage::helper('core')->jsQuoteEscape(
102
+ Mage::helper('customer')->__('Please select a website which contains store view')
103
+ ) . "',
104
function(v, elem){
105
return {$prefix}_websites[elem.value] == true;
106
}
app/code/core/Mage/Adminhtml/Block/Customer/Online/Grid.php CHANGED
@@ -87,6 +87,12 @@ class Mage_Adminhtml_Block_Customer_Online_Grid extends Mage_Adminhtml_Block_Wid
87
'index' => 'customer_firstname'
88
));
89
90
$this->addColumn('lastname', array(
91
'header' => Mage::helper('customer')->__('Last Name'),
92
'default' => Mage::helper('customer')->__('n/a'),
87
'index' => 'customer_firstname'
88
));
89
90
+ $this->addColumn('middlename', array(
91
+ 'header' => Mage::helper('customer')->__('Middle Name'),
92
+ 'default' => Mage::helper('customer')->__('n/a'),
93
+ 'index' => 'customer_middlename'
94
+ ));
95
+
96
$this->addColumn('lastname', array(
97
'header' => Mage::helper('customer')->__('Last Name'),
98
'default' => Mage::helper('customer')->__('n/a'),
app/code/core/Mage/Adminhtml/Block/Customer/Online/Grid/Renderer/Ip.php CHANGED
@@ -31,12 +31,17 @@
31
* @package Mage_Adminhtml
32
* @author Magento Core Team <core@magentocommerce.com>
33
*/
34
- class Mage_Adminhtml_Block_Customer_Online_Grid_Renderer_Ip extends Mage_Adminhtml_Block_Widget_Grid_Column_Renderer_Abstract
35
{
36
37
public function render(Varien_Object $row)
38
{
39
- return long2ip($row->getData($this->getColumn()->getIndex()));
40
}
41
42
}
31
* @package Mage_Adminhtml
32
* @author Magento Core Team <core@magentocommerce.com>
33
*/
34
+ class Mage_Adminhtml_Block_Customer_Online_Grid_Renderer_Ip
35
+ extends Mage_Adminhtml_Block_Widget_Grid_Column_Renderer_Abstract
36
{
37
38
public function render(Varien_Object $row)
39
{
40
+ /**
41
+ * The output of the "inet_ntop" function was disabled to prevent an error throwing
42
+ * in case when the database value is not an ipv6 or an ipv4 binary representation (ex. NULL).
43
+ */
44
+ return @inet_ntop($row->getData($this->getColumn()->getIndex()));
45
}
46
47
}
app/code/core/Mage/Adminhtml/Block/Newsletter/Subscriber/Grid.php CHANGED
@@ -99,6 +99,12 @@ class Mage_Adminhtml_Block_Newsletter_Subscriber_Grid extends Mage_Adminhtml_Blo
99
'default' => '----'
100
));
101
102
$this->addColumn('lastname', array(
103
'header' => Mage::helper('newsletter')->__('Customer Last Name'),
104
'index' => 'customer_lastname',
99
'default' => '----'
100
));
101
102
+ $this->addColumn('middlename', array(
103
+ 'header' => Mage::helper('newsletter')->__('Customer Middle Name'),
104
+ 'index' => 'customer_middlename',
105
+ 'default' => '----'
106
+ ));
107
+
108
$this->addColumn('lastname', array(
109
'header' => Mage::helper('newsletter')->__('Customer Last Name'),
110
'index' => 'customer_lastname',
app/code/core/Mage/Adminhtml/Block/Permissions/Buttons.php CHANGED
@@ -65,7 +65,13 @@ class Mage_Adminhtml_Block_Permissions_Buttons extends Mage_Adminhtml_Block_Temp
65
$this->getLayout()->createBlock('adminhtml/widget_button')
66
->setData(array(
67
'label' => Mage::helper('adminhtml')->__('Delete Role'),
68
- 'onclick' => 'deleteConfirm(\'' . Mage::helper('adminhtml')->__('Are you sure you want to do this?') . '\', \'' . $this->getUrl('*/*/delete', array('rid' => $this->getRequest()->getParam('rid'))) . '\')',
69
'class' => 'delete'
70
))
71
);
65
$this->getLayout()->createBlock('adminhtml/widget_button')
66
->setData(array(
67
'label' => Mage::helper('adminhtml')->__('Delete Role'),
68
+ 'onclick' => 'deleteConfirm(\''
69
+ . MAge::helper('core')->jsQuoteEscape(
70
+ Mage::helper('adminhtml')->__('Are you sure you want to do this?')
71
+ )
72
+ . '\', \''
73
+ . $this->getUrl('*/*/delete', array('rid' => $this->getRequest()->getParam('rid')))
74
+ . '\')',
75
'class' => 'delete'
76
))
77
);
app/code/core/Mage/Adminhtml/Block/Permissions/Roles.php CHANGED
@@ -43,6 +43,16 @@ class Mage_Adminhtml_Block_Permissions_Roles extends Mage_Adminhtml_Block_Templa
43
return $this->getUrl('*/*/editrole');
44
}
45
46
/**
47
* Get grid HTML
48
*
43
return $this->getUrl('*/*/editrole');
44
}
45
46
+ /**
47
+ * Get URL for refreshing role-rule relations
48
+ *
49
+ * @return string
50
+ */
51
+ public function getRefreshRolesUrl()
52
+ {
53
+ return $this->getUrl('*/*/refreshroles');
54
+ }
55
+
56
/**
57
* Get grid HTML
58
*
app/code/core/Mage/Adminhtml/Block/Permissions/Tab/Rolesedit.php CHANGED
@@ -34,6 +34,15 @@
34
class Mage_Adminhtml_Block_Permissions_Tab_Rolesedit extends Mage_Adminhtml_Block_Widget_Form
35
implements Mage_Adminhtml_Block_Widget_Tab_Interface
36
{
37
/**
38
* Get tab label
39
*
@@ -90,14 +99,31 @@ class Mage_Adminhtml_Block_Permissions_Tab_Rolesedit extends Mage_Adminhtml_Bloc
90
91
$selrids = array();
92
93
foreach ($rules_set->getItems() as $item) {
94
$itemResourceId = $item->getResource_id();
95
- if (array_key_exists(strtolower($itemResourceId), $resources) && $item->getPermission() == 'allow') {
96
- $resources[$itemResourceId]['checked'] = true;
97
- array_push($selrids, $itemResourceId);
98
}
99
}
100
101
$this->setSelectedResources($selrids);
102
103
$this->setTemplate('permissions/rolesedit.phtml');
34
class Mage_Adminhtml_Block_Permissions_Tab_Rolesedit extends Mage_Adminhtml_Block_Widget_Form
35
implements Mage_Adminhtml_Block_Widget_Tab_Interface
36
{
37
+ /**
38
+ * Retrieve an instance of the fallback helper
39
+ * @return Mage_Admin_Helper_Rules_Fallback
40
+ */
41
+ protected function _getFallbackHelper()
42
+ {
43
+ return Mage::helper('admin/rules_fallback');
44
+ }
45
+
46
/**
47
* Get tab label
48
*
99
100
$selrids = array();
101
102
+ /** @var $item Mage_Admin_Model_Rules */
103
foreach ($rules_set->getItems() as $item) {
104
$itemResourceId = $item->getResource_id();
105
+ if (array_key_exists(strtolower($itemResourceId), $resources)) {
106
+ if ($item->isAllowed()) {
107
+ $resources[$itemResourceId]['checked'] = true;
108
+ array_push($selrids, $itemResourceId);
109
+ }
110
}
111
}
112
113
+ $resourcesPermissionsMap = $rules_set->getResourcesPermissionsArray();
114
+ $undefinedResources = array_diff(array_keys($resources), array_keys($resourcesPermissionsMap));
115
+
116
+ foreach ($undefinedResources as $undefinedResourceId) {
117
+ if ($this->_getFallbackHelper()->fallbackResourcePermissions(
118
+ $resourcesPermissionsMap,
119
+ $undefinedResourceId
120
+ ) == Mage_Admin_Model_Rules::RULE_PERMISSION_ALLOWED
121
+ ) {
122
+ array_push($selrids, $undefinedResourceId);
123
+ }
124
+ }
125
+
126
+
127
$this->setSelectedResources($selrids);
128
129
$this->setTemplate('permissions/rolesedit.phtml');
app/code/core/Mage/Adminhtml/Block/Report/Grid/Column/Renderer/Currency.php CHANGED
@@ -32,7 +32,8 @@
32
* @author Magento Core Team <core@magentocommerce.com>
33
*/
34
35
- class Mage_Adminhtml_Block_Report_Grid_Column_Renderer_Currency extends Mage_Adminhtml_Block_Widget_Grid_Column_Renderer_Currency
36
{
37
/**
38
* Renders grid column
@@ -50,7 +51,7 @@ class Mage_Adminhtml_Block_Report_Grid_Column_Renderer_Currency extends Mage_Adm
50
}
51
52
$data = floatval($data) * $this->_getRate($row);
53
- $data = sprintf("%f", $data);
54
$data = Mage::app()->getLocale()->currency($currency_code)->toCurrency($data);
55
return $data;
56
}
32
* @author Magento Core Team <core@magentocommerce.com>
33
*/
34
35
+ class Mage_Adminhtml_Block_Report_Grid_Column_Renderer_Currency
36
+ extends Mage_Adminhtml_Block_Widget_Grid_Column_Renderer_Currency
37
{
38
/**
39
* Renders grid column
51
}
52
53
$data = floatval($data) * $this->_getRate($row);
54
+ $data = sprintf("%F", $data);
55
$data = Mage::app()->getLocale()->currency($currency_code)->toCurrency($data);
56
return $data;
57
}
app/code/core/Mage/Adminhtml/Block/Review/Edit.php CHANGED
@@ -77,7 +77,11 @@ class Mage_Adminhtml_Block_Review_Edit extends Mage_Adminhtml_Block_Widget_Form_
77
'delete',
78
'onclick',
79
'deleteConfirm('
80
- . '\'' . Mage::helper('review')->__('Are you sure you want to do this?').'\', '
81
. '\'' . $this->getUrl(
82
'*/*/delete',
83
array(
77
'delete',
78
'onclick',
79
'deleteConfirm('
80
+ . '\''
81
+ . Mage::helper('core')->jsQuoteEscape(
82
+ Mage::helper('review')->__('Are you sure you want to do this?')
83
+ )
84
+ . '\', '
85
. '\'' . $this->getUrl(
86
'*/*/delete',
87
array(
app/code/core/Mage/Adminhtml/Block/Review/Edit/Form.php CHANGED
@@ -54,7 +54,7 @@ class Mage_Adminhtml_Block_Review_Edit_Form extends Mage_Adminhtml_Block_Widget_
54
));
55
56
if ($customer->getId()) {
57
- $customerText = Mage::helper('review')->__('<a href="%1$s" onclick="this.target=\'blank\'">%2$s %3$s</a> <a href="mailto:%4$s">(%4$s)</a>', $this->getUrl('*/customer/edit', array('id' => $customer->getId(), 'active_tab'=>'review')), $this->escapeHtml($customer->getFirstname()), $this->escapeHtml($customer->getLastname()), $this->escapeHtml($customer->getEmail()));
58
} else {
59
if (is_null($review->getCustomerId())) {
60
$customerText = Mage::helper('review')->__('Guest');
54
));
55
56
if ($customer->getId()) {
57
+ $customerText = Mage::helper('review')->__('<a href="%1$s" onclick="this.target=\'blank\'">%2$s</a> <a href="mailto:%3$s">(%3$s)</a>', $this->getUrl('*/customer/edit', array('id' => $customer->getId(), 'active_tab' => 'review')), $this->escapeHtml($customer->getName()), $this->escapeHtml($customer->getEmail()));
58
} else {
59
if (is_null($review->getCustomerId())) {
60
$customerText = Mage::helper('review')->__('Guest');
app/code/core/Mage/Adminhtml/Block/Review/Main.php CHANGED
@@ -46,8 +46,7 @@ class Mage_Adminhtml_Block_Review_Main extends Mage_Adminhtml_Block_Widget_Grid_
46
$customerName = '';
47
if ($customerId) {
48
$customer = Mage::getModel('customer/customer')->load($customerId);
49
- $customerName = $customer->getFirstname() . ' ' . $customer->getLastname();
50
- $customerName = $this->escapeHtml($customerName);
51
}
52
$productId = $this->getRequest()->getParam('productId', false);
53
$productName = null;
46
$customerName = '';
47
if ($customerId) {
48
$customer = Mage::getModel('customer/customer')->load($customerId);
49
+ $customerName = $this->escapeHtml($customer->getName());
50
}
51
$productId = $this->getRequest()->getParam('productId', false);
52
$productName = null;
app/code/core/Mage/Adminhtml/Block/Review/Rating/Detailed.php CHANGED
@@ -71,7 +71,7 @@ class Mage_Adminhtml_Block_Review_Rating_Detailed extends Mage_Adminhtml_Block_T
71
$ratingCollection = Mage::getModel('rating/rating')
72
->getResourceCollection()
73
->addEntityFilter('product')
74
- ->setStoreFilter(Mage::app()->getStore('default')->getId())
75
->setPositionOrder()
76
->load()
77
->addOptionToItems();
71
$ratingCollection = Mage::getModel('rating/rating')
72
->getResourceCollection()
73
->addEntityFilter('product')
74
+ ->setStoreFilter(Mage::app()->getDefaultStoreView()->getId())
75
->setPositionOrder()
76
->load()
77
->addOptionToItems();
app/code/core/Mage/Adminhtml/Block/Sales/Order/Create/Sidebar/Cart.php CHANGED
@@ -104,7 +104,9 @@ class Mage_Adminhtml_Block_Sales_Order_Create_Sidebar_Cart
104
*/
105
protected function _prepareLayout()
106
{
107
- $deleteAllConfirmString = Mage::helper('sales')->__('Are you sure you want to delete all items from shopping cart?');
108
$button = $this->getLayout()->createBlock('adminhtml/widget_button')->setData(array(
109
'label' => Mage::helper('sales')->__('Clear Shopping Cart'),
110
'onclick' => 'order.clearShoppingCart(\'' . $deleteAllConfirmString . '\')',
104
*/
105
protected function _prepareLayout()
106
{
107
+ $deleteAllConfirmString = Mage::helper('core')->jsQuoteEscape(
108
+ Mage::helper('sales')->__('Are you sure you want to delete all items from shopping cart?')
109
+ );
110
$button = $this->getLayout()->createBlock('adminhtml/widget_button')->setData(array(
111
'label' => Mage::helper('sales')->__('Clear Shopping Cart'),
112
'onclick' => 'order.clearShoppingCart(\'' . $deleteAllConfirmString . '\')',
app/code/core/Mage/Adminhtml/Block/Sales/Order/Creditmemo/View.php CHANGED
@@ -60,11 +60,12 @@ class Mage_Adminhtml_Block_Sales_Order_Creditmemo_View extends Mage_Adminhtml_Bl
60
}
61
62
if ($this->_isAllowedAction('emails')) {
63
$this->addButton('send_notification', array(
64
'label' => Mage::helper('sales')->__('Send Email'),
65
- 'onclick' => 'confirmSetLocation(\''
66
- . Mage::helper('sales')->__('Are you sure you want to send Creditmemo email to customer?')
67
- . '\', \'' . $this->getEmailUrl() . '\')'
68
));
69
}
70
60
}
61
62
if ($this->_isAllowedAction('emails')) {
63
+ $confirmationMessage = Mage::helper('core')->jsQuoteEscape(
64
+ Mage::helper('sales')->__('Are you sure you want to send Creditmemo email to customer?')
65
+ );
66
$this->addButton('send_notification', array(
67
'label' => Mage::helper('sales')->__('Send Email'),
68
+ 'onclick' => 'confirmSetLocation(\'' . $confirmationMessage . '\', \'' . $this->getEmailUrl() . '\')'
69
));
70
}
71
app/code/core/Mage/Adminhtml/Block/Sales/Order/Invoice/View.php CHANGED
@@ -63,11 +63,12 @@ class Mage_Adminhtml_Block_Sales_Order_Invoice_View extends Mage_Adminhtml_Block
63
}
64
65
if ($this->_isAllowedAction('emails')) {
66
$this->addButton('send_notification', array(
67
'label' => Mage::helper('sales')->__('Send Email'),
68
- 'onclick' => 'confirmSetLocation(\''
69
- . Mage::helper('sales')->__('Are you sure you want to send Invoice email to customer?')
70
- . '\', \'' . $this->getEmailUrl() . '\')'
71
));
72
}
73
@@ -188,7 +189,8 @@ class Mage_Adminhtml_Block_Sales_Order_Invoice_View extends Mage_Adminhtml_Block
188
{
189
if ($flag) {
190
if ($this->getInvoice()->getBackUrl()) {
191
- return $this->_updateButton('back', 'onclick', 'setLocation(\'' . $this->getInvoice()->getBackUrl() . '\')');
192
}
193
return $this->_updateButton('back', 'onclick', 'setLocation(\'' . $this->getUrl('*/sales_invoice/') . '\')');
194
}
63
}
64
65
if ($this->_isAllowedAction('emails')) {
66
+ $confirmationMessage = Mage::helper('core')->jsQuoteEscape(
67
+ Mage::helper('sales')->__('Are you sure you want to send Invoice email to customer?')
68
+ );
69
$this->addButton('send_notification', array(
70
'label' => Mage::helper('sales')->__('Send Email'),
71
+ 'onclick' => 'confirmSetLocation(\'' . $confirmationMessage . '\', \'' . $this->getEmailUrl() . '\')'
72
));
73
}
74
189
{
190
if ($flag) {
191
if ($this->getInvoice()->getBackUrl()) {
192
+ return $this->_updateButton('back', 'onclick', 'setLocation(\'' . $this->getInvoice()->getBackUrl()
193
+ . '\')');
194
}
195
return $this->_updateButton('back', 'onclick', 'setLocation(\'' . $this->getUrl('*/sales_invoice/') . '\')');
196
}
app/code/core/Mage/Adminhtml/Block/Sales/Order/Shipment/View.php CHANGED
@@ -46,10 +46,11 @@ class Mage_Adminhtml_Block_Sales_Order_Shipment_View extends Mage_Adminhtml_Bloc
46
$this->_removeButton('delete');
47
if (Mage::getSingleton('admin/session')->isAllowed('sales/order/actions/emails')) {
48
$this->_updateButton('save', 'label', Mage::helper('sales')->__('Send Tracking Information'));
49
$this->_updateButton('save',
50
- 'onclick', "deleteConfirm('"
51
- . Mage::helper('sales')->__('Are you sure you want to send Shipment email to customer?')
52
- . "', '" . $this->getEmailUrl() . "')"
53
);
54
}
55
@@ -110,7 +111,8 @@ class Mage_Adminhtml_Block_Sales_Order_Shipment_View extends Mage_Adminhtml_Bloc
110
{
111
if ($flag) {
112
if ($this->getShipment()->getBackUrl()) {
113
- return $this->_updateButton('back', 'onclick', 'setLocation(\'' . $this->getShipment()->getBackUrl() . '\')');
114
}
115
return $this->_updateButton('back', 'onclick', 'setLocation(\'' . $this->getUrl('*/sales_shipment/') . '\')');
116
}
46
$this->_removeButton('delete');
47
if (Mage::getSingleton('admin/session')->isAllowed('sales/order/actions/emails')) {
48
$this->_updateButton('save', 'label', Mage::helper('sales')->__('Send Tracking Information'));
49
+ $confirmationMessage = Mage::helper('core')->jsQuoteEscape(
50
+ Mage::helper('sales')->__('Are you sure you want to send Shipment email to customer?')
51
+ );
52
$this->_updateButton('save',
53
+ 'onclick', "deleteConfirm('" . $confirmationMessage . "', '" . $this->getEmailUrl() . "')"
54
);
55
}
56
111
{
112
if ($flag) {
113
if ($this->getShipment()->getBackUrl()) {
114
+ return $this->_updateButton('back', 'onclick', 'setLocation(\'' . $this->getShipment()->getBackUrl()
115
+ . '\')');
116
}
117
return $this->_updateButton('back', 'onclick', 'setLocation(\'' . $this->getUrl('*/sales_shipment/') . '\')');
118
}
app/code/core/Mage/Adminhtml/Block/Sales/Order/View.php CHANGED
@@ -47,11 +47,13 @@ class Mage_Adminhtml_Block_Sales_Order_View extends Mage_Adminhtml_Block_Widget_
47
$this->_removeButton('save');
48
$this->setId('sales_order_view');
49
$order = $this->getOrder();
50
51
if ($this->_isAllowedAction('edit') && $order->canEdit()) {
52
- $onclickJs = 'deleteConfirm(\''
53
- . Mage::helper('sales')->__('Are you sure? This order will be canceled and a new one will be created instead')
54
- . '\', \'' . $this->getEditUrl() . '\');';
55
$this->_addButton('order_edit', array(
56
'label' => Mage::helper('sales')->__('Edit'),
57
'onclick' => $onclickJs,
@@ -66,34 +68,44 @@ class Mage_Adminhtml_Block_Sales_Order_View extends Mage_Adminhtml_Block_Widget_
66
false
67
));
68
if ($nonEditableTypes) {
69
$this->_updateButton('order_edit', 'onclick',
70
- 'if (!confirm(\'' .
71
- Mage::helper('sales')->__('This order contains (%s) items and therefore cannot be edited through the admin interface at this time, if you wish to continue editing the (%s) items will be removed, the order will be canceled and a new order will be placed.', implode(', ', $nonEditableTypes), implode(', ', $nonEditableTypes)) . '\')) return false;' . $onclickJs
72
);
73
}
74
}
75
76
if ($this->_isAllowedAction('cancel') && $order->canCancel()) {
77
- $message = Mage::helper('sales')->__('Are you sure you want to cancel this order?');
78
$this->_addButton('order_cancel', array(
79
'label' => Mage::helper('sales')->__('Cancel'),
80
- 'onclick' => 'deleteConfirm(\''.$message.'\', \'' . $this->getCancelUrl() . '\')',
81
));
82
}
83
84
if ($this->_isAllowedAction('emails') && !$order->isCanceled()) {
85
- $message = Mage::helper('sales')->__('Are you sure you want to send order email to customer?');
86
$this->addButton('send_notification', array(
87
'label' => Mage::helper('sales')->__('Send Email'),
88
- 'onclick' => "confirmSetLocation('{$message}', '{$this->getEmailUrl()}')",
89
));
90
}
91
92
if ($this->_isAllowedAction('creditmemo') && $order->canCreditmemo()) {
93
- $message = Mage::helper('sales')->__('This will create an offline refund. To create an online refund, open an invoice and create credit memo for it. Do you wish to proceed?');
94
$onClick = "setLocation('{$this->getCreditmemoUrl()}')";
95
if ($order->getPayment()->getMethodInstance()->isGateway()) {
96
- $onClick = "confirmSetLocation('{$message}', '{$this->getCreditmemoUrl()}')";
97
}
98
$this->_addButton('order_creditmemo', array(
99
'label' => Mage::helper('sales')->__('Credit Memo'),
@@ -104,10 +116,12 @@ class Mage_Adminhtml_Block_Sales_Order_View extends Mage_Adminhtml_Block_Widget_
104
105
// invoice action intentionally
106
if ($this->_isAllowedAction('invoice') && $order->canVoidPayment()) {
107
- $message = Mage::helper('sales')->__('Are you sure you want to void the payment?');
108
$this->addButton('void_payment', array(
109
'label' => Mage::helper('sales')->__('Void'),
110
- 'onclick' => "confirmSetLocation('{$message}', '{$this->getVoidPaymentUrl()}')",
111
));
112
}
113
@@ -127,15 +141,21 @@ class Mage_Adminhtml_Block_Sales_Order_View extends Mage_Adminhtml_Block_Widget_
127
128
if ($this->_isAllowedAction('review_payment')) {
129
if ($order->canReviewPayment()) {
130
- $message = Mage::helper('sales')->__('Are you sure you want to accept this payment?');
131
$this->_addButton('accept_payment', array(
132
'label' => Mage::helper('sales')->__('Accept Payment'),
133
- 'onclick' => "confirmSetLocation('{$message}', '{$this->getReviewPaymentUrl('accept')}')",
134
));
135
- $message = Mage::helper('sales')->__('Are you sure you want to deny this payment?');
136
$this->_addButton('deny_payment', array(
137
'label' => Mage::helper('sales')->__('Deny Payment'),
138
- 'onclick' => "confirmSetLocation('{$message}', '{$this->getReviewPaymentUrl('deny')}')",
139
));
140
}
141
if ($order->canFetchPaymentReviewUpdate()) {
47
$this->_removeButton('save');
48
$this->setId('sales_order_view');
49
$order = $this->getOrder();
50
+ $coreHelper = Mage::helper('core');
51
52
if ($this->_isAllowedAction('edit') && $order->canEdit()) {
53
+ $confirmationMessage = $coreHelper->jsQuoteEscape(
54
+ Mage::helper('sales')->__('Are you sure? This order will be canceled and a new one will be created instead')
55
+ );
56
+ $onclickJs = 'deleteConfirm(\'' . $confirmationMessage . '\', \'' . $this->getEditUrl() . '\');';
57
$this->_addButton('order_edit', array(
58
'label' => Mage::helper('sales')->__('Edit'),
59
'onclick' => $onclickJs,
68
false
69
));
70
if ($nonEditableTypes) {
71
+ $confirmationMessage = $coreHelper->jsQuoteEscape(
72
+ Mage::helper('sales')
73
+ ->__('This order contains (%s) items and therefore cannot be edited through the admin interface at this time, if you wish to continue editing the (%s) items will be removed, the order will be canceled and a new order will be placed.',
74
+ implode(', ', $nonEditableTypes), implode(', ', $nonEditableTypes))
75
+ );
76
$this->_updateButton('order_edit', 'onclick',
77
+ 'if (!confirm(\'' . $confirmationMessage . '\')) return false;' . $onclickJs
78
);
79
}
80
}
81
82
if ($this->_isAllowedAction('cancel') && $order->canCancel()) {
83
+ $confirmationMessage = $coreHelper->jsQuoteEscape(
84
+ Mage::helper('sales')->__('Are you sure you want to cancel this order?')
85
+ );
86
$this->_addButton('order_cancel', array(
87
'label' => Mage::helper('sales')->__('Cancel'),
88
+ 'onclick' => 'deleteConfirm(\'' . $confirmationMessage . '\', \'' . $this->getCancelUrl() . '\')',
89
));
90
}
91
92
if ($this->_isAllowedAction('emails') && !$order->isCanceled()) {
93
+ $confirmationMessage = $coreHelper->jsQuoteEscape(
94
+ Mage::helper('sales')->__('Are you sure you want to send order email to customer?')
95
+ );
96
$this->addButton('send_notification', array(
97
'label' => Mage::helper('sales')->__('Send Email'),
98
+ 'onclick' => "confirmSetLocation('{$confirmationMessage}', '{$this->getEmailUrl()}')",
99
));
100
}
101
102
if ($this->_isAllowedAction('creditmemo') && $order->canCreditmemo()) {
103
+ $confirmationMessage = $coreHelper->jsQuoteEscape(
104
+ Mage::helper('sales')->__('This will create an offline refund. To create an online refund, open an invoice and create credit memo for it. Do you wish to proceed?')
105
+ );
106
$onClick = "setLocation('{$this->getCreditmemoUrl()}')";
107
if ($order->getPayment()->getMethodInstance()->isGateway()) {
108
+ $onClick = "confirmSetLocation('{$confirmationMessage}', '{$this->getCreditmemoUrl()}')";
109
}
110
$this->_addButton('order_creditmemo', array(
111
'label' => Mage::helper('sales')->__('Credit Memo'),
116
117
// invoice action intentionally
118
if ($this->_isAllowedAction('invoice') && $order->canVoidPayment()) {
119
+ $confirmationMessage = $coreHelper->jsQuoteEscape(
120
+ Mage::helper('sales')->__('Are you sure you want to void the payment?')
121
+ );
122
$this->addButton('void_payment', array(
123
'label' => Mage::helper('sales')->__('Void'),
124
+ 'onclick' => "confirmSetLocation('{$confirmationMessage}', '{$this->getVoidPaymentUrl()}')",
125
));
126
}
127
141
142
if ($this->_isAllowedAction('review_payment')) {
143
if ($order->canReviewPayment()) {
144
+ $confirmationMessage = $coreHelper->jsQuoteEscape(
145
+ Mage::helper('sales')->__('Are you sure you want to accept this payment?')
146
+ );
147
+ $onClick = "confirmSetLocation('{$confirmationMessage}', '{$this->getReviewPaymentUrl('accept')}')";
148
$this->_addButton('accept_payment', array(
149
'label' => Mage::helper('sales')->__('Accept Payment'),
150
+ 'onclick' => $onClick,
151
));
152
+ $confirmationMessage = $coreHelper->jsQuoteEscape(
153
+ Mage::helper('sales')->__('Are you sure you want to deny this payment?')
154
+ );
155
+ $onClick = "confirmSetLocation('{$confirmationMessage}', '{$this->getReviewPaymentUrl('deny')}')";
156
$this->_addButton('deny_payment', array(
157
'label' => Mage::helper('sales')->__('Deny Payment'),
158
+ 'onclick' => $onClick,
159
));
160
}
161
if ($order->canFetchPaymentReviewUpdate()) {
app/code/core/Mage/Adminhtml/Block/Store/Switcher.php CHANGED
@@ -250,7 +250,7 @@ class Mage_Adminhtml_Block_Store_Switcher extends Mage_Adminhtml_Block_Template
250
$html = '<a'
251
. ' href="'. $this->escapeUrl($url) . '"'
252
. ' onclick="this.target=\'_blank\'"'
253
- . ' title="' . $this->__('What is this?') . '"'
254
. ' class="link-store-scope">'
255
. $this->__('What is this?')
256
. '</a>';
250
$html = '<a'
251
. ' href="'. $this->escapeUrl($url) . '"'
252
. ' onclick="this.target=\'_blank\'"'
253
+ . ' title="' . Mage::helper('core')->quoteEscape($this->__('What is this?')) . '"'
254
. ' class="link-store-scope">'
255
. $this->__('What is this?')
256
. '</a>';
app/code/core/Mage/Adminhtml/Block/System/Design/Edit.php CHANGED
@@ -53,11 +53,15 @@ class Mage_Adminhtml_Block_System_Design_Edit extends Mage_Adminhtml_Block_Widge
53
))
54
);
55
56
$this->setChild('delete_button',
57
$this->getLayout()->createBlock('adminhtml/widget_button')
58
->setData(array(
59
'label' => Mage::helper('core')->__('Delete'),
60
- 'onclick' => 'confirmSetLocation(\''.Mage::helper('core')->__('Are you sure?').'\', \''.$this->getDeleteUrl().'\')',
61
'class' => 'delete'
62
))
63
);
53
))
54
);
55
56
+ $confirmationMessage = Mage::helper('core')->jsQuoteEscape(
57
+ Mage::helper('core')->__('Are you sure?')
58
+ );
59
$this->setChild('delete_button',
60
$this->getLayout()->createBlock('adminhtml/widget_button')
61
->setData(array(
62
'label' => Mage::helper('core')->__('Delete'),
63
+ 'onclick' => 'confirmSetLocation(\'' . $confirmationMessage . '\', \'' . $this->getDeleteUrl()
64
+ . '\')',
65
'class' => 'delete'
66
))
67
);
app/code/core/Mage/Adminhtml/Block/Tag/Customer/Grid.php CHANGED
@@ -87,6 +87,11 @@ class Mage_Adminhtml_Block_Tag_Customer_Grid extends Mage_Adminhtml_Block_Widget
87
'index' => 'firstname',
88
));
89
90
$this->addColumn('lastname', array(
91
'header' => Mage::helper('tag')->__('Last Name'),
92
'index' => 'lastname',
87
'index' => 'firstname',
88
));
89
90
+ $this->addColumn('middlename', array(
91
+ 'header' => Mage::helper('tag')->__('Middle Name'),
92
+ 'index' => 'middlename',
93
+ ));
94
+
95
$this->addColumn('lastname', array(
96
'header' => Mage::helper('tag')->__('Last Name'),
97
'index' => 'lastname',
app/code/core/Mage/Adminhtml/Block/Tag/Grid/Customers.php CHANGED
@@ -38,6 +38,7 @@ class Mage_Adminhtml_Block_Tag_Grid_Customers extends Mage_Adminhtml_Block_Widge
38
//TODO: add full name logic
39
$collection = Mage::getResourceModel('tag_customer/collection')
40
->addAttributeToSelect('firstname')
41
->addAttributeToSelect('lastname')
42
// ->addAttributeToSelect('email')
43
// ->addAttributeToSelect('created_at')
@@ -45,7 +46,8 @@ class Mage_Adminhtml_Block_Tag_Grid_Customers extends Mage_Adminhtml_Block_Widge
45
// ->joinAttribute('billing_city', 'customer_address/city', 'default_billing')
46
// ->joinAttribute('billing_telephone', 'customer_address/telephone', 'default_billing')
47
// ->joinAttribute('billing_country_id', 'customer_address/country_id', 'default_billing')
48
- // ->joinField('billing_country_name', 'directory/country_name', 'name', 'country_id=billing_country_id', array('language_code'=>'en'))
49
;
50
51
if ($productId = $this->getRequest()->getParam('product_id')) {
@@ -63,19 +65,23 @@ class Mage_Adminhtml_Block_Tag_Grid_Customers extends Mage_Adminhtml_Block_Widge
63
protected function _prepareColumns()
64
{
65
$this->addColumn('entity_id', array(
66
- 'header' =>Mage::helper('tag')->__('ID'),
67
- 'width' => '40px',
68
- 'align' =>'center',
69
- 'sortable' =>true,
70
- 'index' =>'entity_id'
71
));
72
$this->addColumn('firstname', array(
73
- 'header' =>Mage::helper('tag')->__('First Name'),
74
- 'index' =>'firstname'
75
));
76
$this->addColumn('lastname', array(
77
- 'header' =>Mage::helper('tag')->__('Last Name'),
78
- 'index' =>'lastname'
79
));
80
// $this->addColumn('email', array(
81
// 'header' =>Mage::helper('tag')->__('Email'),
@@ -104,25 +110,26 @@ class Mage_Adminhtml_Block_Tag_Grid_Customers extends Mage_Adminhtml_Block_Widge
104
// 'index' =>'created_at',
105
// ));
106
$this->addColumn('tags', array(
107
- 'header' => Mage::helper('tag')->__('Tags'),
108
- 'index' => 'tags',
109
- 'sortable' => false,
110
- 'filter' => false,
111
- 'renderer' => 'adminhtml/tag_grid_column_renderer_tags'
112
));
113
$this->addColumn('action', array(
114
- 'header' =>Mage::helper('tag')->__('Action'),
115
- 'align' =>'center',
116
'width' => '120px',
117
- 'format' =>'<a href="'.$this->getUrl('*/*/products/customer_id/$entity_id').'">'.Mage::helper('tag')->__('View Products').'</a>',
118
- 'filter' =>false,
119
- 'sortable' =>false,
120
- 'is_system' =>true
121
));
122
123
$this->setColumnFilter('entity_id')
124
->setColumnFilter('email')
125
->setColumnFilter('firstname')
126
->setColumnFilter('lastname');
127
128
// $this->addExportType('*/*/exportCsv', Mage::helper('tag')->__('CSV'));
38
//TODO: add full name logic
39
$collection = Mage::getResourceModel('tag_customer/collection')
40
->addAttributeToSelect('firstname')
41
+ ->addAttributeToSelect('middlename')
42
->addAttributeToSelect('lastname')
43
// ->addAttributeToSelect('email')
44
// ->addAttributeToSelect('created_at')
46
// ->joinAttribute('billing_city', 'customer_address/city', 'default_billing')
47
// ->joinAttribute('billing_telephone', 'customer_address/telephone', 'default_billing')
48
// ->joinAttribute('billing_country_id', 'customer_address/country_id', 'default_billing')
49
+ // ->joinField('billing_country_name', 'directory/country_name', 'name',
50
+ // 'country_id=billing_country_id', array('language_code'=>'en'))
51
;
52
53
if ($productId = $this->getRequest()->getParam('product_id')) {
65
protected function _prepareColumns()
66
{
67
$this->addColumn('entity_id', array(
68
+ 'header' => Mage::helper('tag')->__('ID'),
69
+ 'width' => '40px',
70
+ 'align' => 'center',
71
+ 'sortable' => true,
72
+ 'index' => 'entity_id',
73
));
74
$this->addColumn('firstname', array(
75
+ 'header' => Mage::helper('tag')->__('First Name'),
76
+ 'index' => 'firstname',
77
+ ));
78
+ $this->addColumn('middlename', array(
79
+ 'header' => Mage::helper('tag')->__('Middle Name'),
80
+ 'index' => 'middlename',
81
));
82
$this->addColumn('lastname', array(
83
+ 'header' => Mage::helper('tag')->__('Last Name'),
84
+ 'index' => 'lastname',
85
));
86
// $this->addColumn('email', array(
87
// 'header' =>Mage::helper('tag')->__('Email'),
110
// 'index' =>'created_at',
111
// ));
112
$this->addColumn('tags', array(
113
+ 'header' => Mage::helper('tag')->__('Tags'),
114
+ 'index' => 'tags',
115
+ 'sortable' => false,
116
+ 'filter' => false,
117
+ 'renderer' => 'adminhtml/tag_grid_column_renderer_tags',
118
));
119
$this->addColumn('action', array(
120
+ 'header' => Mage::helper('tag')->__('Action'),
121
+ 'align' => 'center',
122
'width' => '120px',
123
+ 'format' => '<a href="' . $this->getUrl('*/*/products/customer_id/$entity_id') . '">' . Mage::helper('tag')->__('View Products') . '</a>',
124
+ 'filter' => false,
125
+ 'sortable' => false,
126
+ 'is_system' => true,
127
));
128
129
$this->setColumnFilter('entity_id')
130
->setColumnFilter('email')
131
->setColumnFilter('firstname')
132
+ ->setColumnFilter('middlename')
133
->setColumnFilter('lastname');
134
135
// $this->addExportType('*/*/exportCsv', Mage::helper('tag')->__('CSV'));
app/code/core/Mage/Adminhtml/Block/Tag/Tag/Edit.php CHANGED
@@ -53,10 +53,17 @@ class Mage_Adminhtml_Block_Tag_Tag_Edit extends Mage_Adminhtml_Block_Widget_Form
53
54
if( $this->getRequest()->getParam('ret', false) == 'pending' ) {
55
$this->_updateButton('back', 'onclick', 'setLocation(\'' . $this->getUrl('*/*/pending') .'\')' );
56
- $this->_updateButton('delete', 'onclick', 'deleteConfirm(\'' . Mage::helper('tag')->__('Are you sure you want to do this?') . '\', \'' . $this->getUrl('*/*/delete', array(
57
- $this->_objectId => $this->getRequest()->getParam($this->_objectId),
58
- 'ret' => 'pending',
59
- )) .'\')' );
60
Mage::register('ret', 'pending');
61
}
62
53
54
if( $this->getRequest()->getParam('ret', false) == 'pending' ) {
55
$this->_updateButton('back', 'onclick', 'setLocation(\'' . $this->getUrl('*/*/pending') .'\')' );
56
+ $this->_updateButton('delete', 'onclick', 'deleteConfirm(\''
57
+ . Mage::helper('core')->jsQuoteEscape(
58
+ Mage::helper('tag')->__('Are you sure you want to do this?')
59
+ )
60
+ . '\', \''
61
+ . $this->getUrl('*/*/delete',
62
+ array($this->_objectId => $this->getRequest()->getParam($this->_objectId), 'ret' => 'pending',
63
+ )
64
+ )
65
+ .'\')'
66
+ );
67
Mage::register('ret', 'pending');
68
}
69
app/code/core/Mage/Adminhtml/Block/Tax/Rate/Toolbar/Save.php CHANGED
@@ -73,7 +73,13 @@ class Mage_Adminhtml_Block_Tax_Rate_Toolbar_Save extends Mage_Adminhtml_Block_Te
73
$this->getLayout()->createBlock('adminhtml/widget_button')
74
->setData(array(
75
'label' => Mage::helper('tax')->__('Delete Rate'),
76
- 'onclick' => 'deleteConfirm(\'' . Mage::helper('tax')->__('Are you sure you want to do this?') . '\', \'' . $this->getUrl('*/*/delete', array('rate' => $this->getRequest()->getParam('rate'))) . '\')',
77
'class' => 'delete'
78
))
79
);
73
$this->getLayout()->createBlock('adminhtml/widget_button')
74
->setData(array(
75
'label' => Mage::helper('tax')->__('Delete Rate'),
76
+ 'onclick' => 'deleteConfirm(\''
77
+ . Mage::helper('core')->jsQuoteEscape(
78
+ Mage::helper('tax')->__('Are you sure you want to do this?')
79
+ )
80
+ . '\', \''
81
+ . $this->getUrl('*/*/delete', array('rate' => $this->getRequest()->getParam('rate')))
82
+ . '\')',
83
'class' => 'delete'
84
))
85
);
app/code/core/Mage/Adminhtml/Block/Urlrewrite/Edit.php CHANGED
@@ -103,7 +103,9 @@ class Mage_Adminhtml_Block_Urlrewrite_Edit extends Mage_Adminhtml_Block_Widget_C
103
}
104
// categories selector & skip categories button
105
else {
106
- $this->setChild('categories_tree', $this->getLayout()->createBlock('adminhtml/urlrewrite_category_tree'));
107
$this->setChild('skip_categories',
108
$this->getLayout()->createBlock('adminhtml/widget_button')->setData(array(
109
'label' => Mage::helper('adminhtml')->__('Skip Category Selection'),
@@ -160,8 +162,13 @@ class Mage_Adminhtml_Block_Urlrewrite_Edit extends Mage_Adminhtml_Block_Widget_C
160
));
161
$this->_addButton('delete', array(
162
'label' => Mage::helper('adminhtml')->__('Delete'),
163
- 'onclick' => 'deleteConfirm(\'' . Mage::helper('adminhtml')->__('Are you sure you want to do this?')
164
- . '\', \'' . Mage::helper('adminhtml')->getUrl('*/*/delete', array('id' => $this->getUrlrewriteId())) . '\')',
165
'class' => 'scalable delete',
166
'level' => -1
167
));
103
}
104
// categories selector & skip categories button
105
else {
106
+ $this->setChild('categories_tree',
107
+ $this->getLayout()->createBlock('adminhtml/urlrewrite_category_tree')
108
+ );
109
$this->setChild('skip_categories',
110
$this->getLayout()->createBlock('adminhtml/widget_button')->setData(array(
111
'label' => Mage::helper('adminhtml')->__('Skip Category Selection'),
162
));
163
$this->_addButton('delete', array(
164
'label' => Mage::helper('adminhtml')->__('Delete'),
165
+ 'onclick' => 'deleteConfirm(\''
166
+ . Mage::helper('core')->jsQuoteEscape(
167
+ Mage::helper('adminhtml')->__('Are you sure you want to do this?')
168
+ )
169
+ . '\', \''
170
+ . Mage::helper('adminhtml')->getUrl('*/*/delete', array('id' => $this->getUrlrewriteId()))
171
+ . '\')',
172
'class' => 'scalable delete',
173
'level' => -1
174
));
app/code/core/Mage/Adminhtml/Block/Widget/Form/Container.php CHANGED
@@ -64,8 +64,13 @@ class Mage_Adminhtml_Block_Widget_Form_Container extends Mage_Adminhtml_Block_Wi
64
$this->_addButton('delete', array(
65
'label' => Mage::helper('adminhtml')->__('Delete'),
66
'class' => 'delete',
67
- 'onclick' => 'deleteConfirm(\''. Mage::helper('adminhtml')->__('Are you sure you want to do this?')
68
- .'\', \'' . $this->getDeleteUrl() . '\')',
69
));
70
}
71
@@ -79,7 +84,14 @@ class Mage_Adminhtml_Block_Widget_Form_Container extends Mage_Adminhtml_Block_Wi
79
protected function _prepareLayout()
80
{
81
if ($this->_blockGroup && $this->_controller && $this->_mode) {
82
- $this->setChild('form', $this->getLayout()->createBlock($this->_blockGroup . '/' . $this->_controller . '_' . $this->_mode . '_form'));
83
}
84
return parent::_prepareLayout();
85
}
64
$this->_addButton('delete', array(
65
'label' => Mage::helper('adminhtml')->__('Delete'),
66
'class' => 'delete',
67
+ 'onclick' => 'deleteConfirm(\''
68
+ . Mage::helper('core')->jsQuoteEscape(
69
+ Mage::helper('adminhtml')->__('Are you sure you want to do this?')
70
+ )
71
+ .'\', \''
72
+ . $this->getDeleteUrl()
73
+ . '\')',
74
));
75
}
76
84
protected function _prepareLayout()
85
{
86
if ($this->_blockGroup && $this->_controller && $this->_mode) {
87
+ $this->setChild('form', $this->getLayout()->createBlock($this->_blockGroup
88
+ . '/'
89
+ . $this->_controller
90
+ . '_'
91
+ . $this->_mode
92
+ . '_form'
93
+ )
94
+ );
95
}
96
return parent::_prepareLayout();
97
}
app/code/core/Mage/Adminhtml/Block/Widget/Grid/Column/Filter/Price.php CHANGED
@@ -31,7 +31,8 @@
31
* @package Mage_Adminhtml
32
* @author Magento Core Team <core@magentocommerce.com>
33
*/
34
- class Mage_Adminhtml_Block_Widget_Grid_Column_Filter_Price extends Mage_Adminhtml_Block_Widget_Grid_Column_Filter_Abstract
35
{
36
protected $_currencyList = null;
37
protected $_currencyModel = null;
@@ -84,7 +85,8 @@ class Mage_Adminhtml_Block_Widget_Grid_Column_Filter_Price extends Mage_Adminhtm
84
$html = '';
85
$html .= '<select name="'.$this->_getHtmlName().'[currency]" id="'.$this->_getHtmlId().'_currency">';
86
foreach ($this->_getCurrencyList() as $currency) {
87
- $html .= '<option value="' . $currency . '" '.($currency == $value ? 'selected="selected"' : '').'>' . $currency . '</option>';
88
}
89
$html .= '</select>';
90
return $html;
@@ -104,7 +106,9 @@ class Mage_Adminhtml_Block_Widget_Grid_Column_Filter_Price extends Mage_Adminhtm
104
return $this->getData('value', $index);
105
}
106
$value = $this->getData('value');
107
- if ((isset($value['from']) && strlen($value['from']) > 0) || (isset($value['to']) && strlen($value['to']) > 0)) {
108
return $value;
109
}
110
return null;
@@ -122,11 +126,15 @@ class Mage_Adminhtml_Block_Widget_Grid_Column_Filter_Price extends Mage_Adminhtm
122
}
123
$rate = $this->_getRate($displayCurrency, $this->getColumn()->getCurrencyCode());
124
125
- if (isset($value['from']))
126
- $value['from'] *= $rate;
127
128
- if (isset($value['to']))
129
- $value['to'] *= $rate;
130
131
$this->prepareRates($displayCurrency);
132
return $value;
31
* @package Mage_Adminhtml
32
* @author Magento Core Team <core@magentocommerce.com>
33
*/
34
+ class Mage_Adminhtml_Block_Widget_Grid_Column_Filter_Price
35
+ extends Mage_Adminhtml_Block_Widget_Grid_Column_Filter_Abstract
36
{
37
protected $_currencyList = null;
38
protected $_currencyModel = null;
85
$html = '';
86
$html .= '<select name="'.$this->_getHtmlName().'[currency]" id="'.$this->_getHtmlId().'_currency">';
87
foreach ($this->_getCurrencyList() as $currency) {
88
+ $html .= '<option value="' . $currency . '" '.($currency == $value ? 'selected="selected"' : '').'>'
89
+ . $currency . '</option>';
90
}
91
$html .= '</select>';
92
return $html;
106
return $this->getData('value', $index);
107
}
108
$value = $this->getData('value');
109
+ if ((isset($value['from']) && strlen($value['from']) > 0)
110
+ || (isset($value['to']) && strlen($value['to']) > 0)
111
+ ) {
112
return $value;
113
}
114
return null;
126
}
127
$rate = $this->_getRate($displayCurrency, $this->getColumn()->getCurrencyCode());
128
129
+ if (isset($value['from'])) {
130
+ $from = $value['from'] * $rate;
131
+ $value['from'] = sprintf('%F', $from);
132
+ }
133
134
+ if (isset($value['to'])) {
135
+ $to = $value['to'] * $rate;
136
+ $value['to'] = sprintf('%F', $to);
137
+ }
138
139
$this->prepareRates($displayCurrency);
140
return $value;
app/code/core/Mage/Adminhtml/Block/Widget/Grid/Column/Renderer/Currency.php CHANGED
@@ -59,7 +59,7 @@ class Mage_Adminhtml_Block_Widget_Grid_Column_Renderer_Currency
59
60
$data = floatval($data) * $this->_getRate($row);
61
$sign = (bool)(int)$this->getColumn()->getShowNumberSign() && ($data > 0) ? '+' : '';
62
- $data = sprintf("%f", $data);
63
$data = Mage::app()->getLocale()->currency($currency_code)->toCurrency($data);
64
return $sign . $data;
65
}
59
60
$data = floatval($data) * $this->_getRate($row);
61
$sign = (bool)(int)$this->getColumn()->getShowNumberSign() && ($data > 0) ? '+' : '';
62
+ $data = sprintf("%F", $data);
63
$data = Mage::app()->getLocale()->currency($currency_code)->toCurrency($data);
64
return $sign . $data;
65
}
app/code/core/Mage/Adminhtml/Block/Widget/Grid/Column/Renderer/Ip.php CHANGED
@@ -42,6 +42,10 @@ class Mage_Adminhtml_Block_Widget_Grid_Column_Renderer_Ip
42
*/
43
public function render(Varien_Object $row)
44
{
45
- return long2ip($row->getData($this->getColumn()->getIndex()));
46
}
47
}
42
*/
43
public function render(Varien_Object $row)
44
{
45
+ /**
46
+ * The output of the "inet_ntop" function was disabled to prevent an error throwing
47
+ * in case when the database value is not an ipv6 or an ipv4 binary representation (ex. NULL).
48
+ */
49
+ return @inet_ntop($row->getData($this->getColumn()->getIndex()));
50
}
51
}
app/code/core/Mage/Adminhtml/Block/Widget/Grid/Column/Renderer/Price.php CHANGED
@@ -56,7 +56,7 @@ class Mage_Adminhtml_Block_Widget_Grid_Column_Renderer_Price
56
}
57
58
$data = floatval($data) * $this->_getRate($row);
59
- $data = sprintf("%f", $data);
60
$data = Mage::app()->getLocale()->currency($currency_code)->toCurrency($data);
61
return $data;
62
}
56
}
57
58
$data = floatval($data) * $this->_getRate($row);
59
+ $data = sprintf("%F", $data);
60
$data = Mage::app()->getLocale()->currency($currency_code)->toCurrency($data);
61
return $data;
62
}
app/code/core/Mage/Adminhtml/Controller/Action.php CHANGED
@@ -71,7 +71,7 @@ class Mage_Adminhtml_Controller_Action extends Mage_Core_Controller_Varien_Actio
71
72
protected function _isAllowed()
73
{
74
- return true;
75
}
76
77
/**
71
72
protected function _isAllowed()
73
{
74
+ return Mage::getSingleton('admin/session')->isAllowed('admin');
75
}
76
77
/**
app/code/core/Mage/Adminhtml/Helper/Sales.php CHANGED
@@ -123,6 +123,7 @@ class Mage_Adminhtml_Helper_Sales extends Mage_Core_Helper_Abstract
123
if (is_string($data) && is_array($allowedTags) && in_array('a', $allowedTags)) {
124
$links = array();
125
$i = 1;
126
$regexp = '@(<a[^>]*>(?:[^<]|<[^/]|</[^a]|</a[^>])*</a>)@';
127
while (preg_match($regexp, $data, $matches)) {
128
$links[] = $matches[1];
123
if (is_string($data) && is_array($allowedTags) && in_array('a', $allowedTags)) {
124
$links = array();
125
$i = 1;
126
+ $data = str_replace('%', '%%', $data);
127
$regexp = '@(<a[^>]*>(?:[^<]|<[^/]|</[^a]|</a[^>])*</a>)@';
128
while (preg_match($regexp, $data, $matches)) {
129
$links[] = $matches[1];
app/code/core/Mage/Adminhtml/Model/Sales/Order/Create.php CHANGED
@@ -266,27 +266,28 @@ class Mage_Adminhtml_Model_Sales_Order_Create extends Varien_Object implements M
266
*/
267
public function initFromOrder(Mage_Sales_Model_Order $order)
268
{
269
if (!$order->getReordered()) {
270
- $this->getSession()->setOrderId($order->getId());
271
} else {
272
- $this->getSession()->setReordered($order->getId());
273
}
274
275
/**
276
* Check if we edit quest order
277
*/
278
- $this->getSession()->setCurrencyId($order->getOrderCurrencyCode());
279
if ($order->getCustomerId()) {
280
- $this->getSession()->setCustomerId($order->getCustomerId());
281
} else {
282
- $this->getSession()->setCustomerId(false);
283
}
284
285
- $this->getSession()->setStoreId($order->getStoreId());
286
287
//Notify other modules about the session quote
288
Mage::dispatchEvent('init_from_order_session_quote_initialized',
289
- array('session_quote' => $this->getSession()));
290
291
/**
292
* Initialize catalog rule data with new session values
@@ -313,52 +314,53 @@ class Mage_Adminhtml_Model_Sales_Order_Create extends Varien_Object implements M
313
}
314
}
315
316
- $shippingAddress = $order->getShippingAddress();
317
- if ($shippingAddress) {
318
- $addressDiff = array_diff_assoc($shippingAddress->getData(), $order->getBillingAddress()->getData());
319
unset($addressDiff['address_type'], $addressDiff['entity_id']);
320
- $shippingAddress->setSameAsBilling(empty($addressDiff));
321
}
322
323
$this->_initBillingAddressFromOrder($order);
324
$this->_initShippingAddressFromOrder($order);
325
326
- if (!$this->getQuote()->isVirtual() && $this->getShippingAddress()->getSameAsBilling()) {
327
$this->setShippingAsBilling(1);
328
}
329
330
$this->setShippingMethod($order->getShippingMethod());
331
- $this->getQuote()->getShippingAddress()->setShippingDescription($order->getShippingDescription());
332
333
- $this->getQuote()->getPayment()->addData($order->getPayment()->getData());
334
335
336
$orderCouponCode = $order->getCouponCode();
337
if ($orderCouponCode) {
338
- $this->getQuote()->setCouponCode($orderCouponCode);
339
}
340
341
- if ($this->getQuote()->getCouponCode()) {
342
- $this->getQuote()->collectTotals();
343
}
344
345
Mage::helper('core')->copyFieldset(
346
'sales_copy_order',
347
'to_edit',
348
$order,
349
- $this->getQuote()
350
);
351
352
Mage::dispatchEvent('sales_convert_order_to_quote', array(
353
'order' => $order,
354
- 'quote' => $this->getQuote()
355
));
356
357
if (!$order->getCustomerId()) {
358
- $this->getQuote()->setCustomerIsGuest(true);
359
}
360
361
- if ($this->getSession()->getUseOldShippingMethod(true)) {
362
/*
363
* if we are making reorder or editing old order
364
* we need to show old shipping as preselected
@@ -377,7 +379,7 @@ class Mage_Adminhtml_Model_Sales_Order_Create extends Varien_Object implements M
377
// $this->getQuote()->getShippingAddress()->setCollectShippingRates(true);
378
// $this->getQuote()->getShippingAddress()->collectShippingRates();
379
380
- $this->getQuote()->save();
381
382
return $this;
383
}
@@ -1151,6 +1153,7 @@ class Mage_Adminhtml_Model_Sales_Order_Create extends Varien_Object implements M
1151
->unsAddressType();
1152
$data = $tmpAddress->getData();
1153
$data['save_in_address_book'] = 0; // Do not duplicate address (billing address will do saving too)
1154
$this->getShippingAddress()->addData($data);
1155
}
1156
$this->getShippingAddress()->setSameAsBilling($flag);
@@ -1492,7 +1495,7 @@ class Mage_Adminhtml_Model_Sales_Order_Create extends Varien_Object implements M
1492
}
1493
1494
/**
1495
- * Prepare item otions
1496
*/
1497
protected function _prepareQuoteItems()
1498
{
@@ -1525,8 +1528,9 @@ class Mage_Adminhtml_Model_Sales_Order_Create extends Varien_Object implements M
1525
$this->_prepareQuoteItems();
1526
1527
$service = Mage::getModel('sales/service_quote', $quote);
1528
- if ($this->getSession()->getOrder()->getId()) {
1529
- $oldOrder = $this->getSession()->getOrder();
1530
$originalId = $oldOrder->getOriginalIncrementId();
1531
if (!$originalId) {
1532
$originalId = $oldOrder->getIncrementId();
@@ -1540,24 +1544,25 @@ class Mage_Adminhtml_Model_Sales_Order_Create extends Varien_Object implements M
1540
);
1541
$quote->setReservedOrderId($orderData['increment_id']);
1542
$service->setOrderData($orderData);
1543
}
1544
1545
$order = $service->submit();
1546
- if ((!$quote->getCustomer()->getId() || !$quote->getCustomer()->isInStore($this->getSession()->getStore()))
1547
&& !$quote->getCustomerIsGuest()
1548
) {
1549
- $quote->getCustomer()->setCreatedAt($order->getCreatedAt());
1550
- $quote->getCustomer()
1551
->save()
1552
->sendNewAccountEmail('registered', '', $quote->getStoreId());;
1553
}
1554
- if ($this->getSession()->getOrder()->getId()) {
1555
- $oldOrder = $this->getSession()->getOrder();
1556
-
1557
- $oldOrder->setRelationChildId($order->getId())
1558
- ->setRelationChildRealId($order->getIncrementId())
1559
- ->cancel()
1560
- ->save();
1561
$order->save();
1562
}
1563
if ($this->getSendConfirmation()) {
266
*/
267
public function initFromOrder(Mage_Sales_Model_Order $order)
268
{
269
+ $session = $this->getSession();
270
if (!$order->getReordered()) {
271
+ $session->setOrderId($order->getId());
272
} else {
273
+ $session->setReordered($order->getId());
274
}
275
276
/**
277
* Check if we edit quest order
278
*/
279
+ $session->setCurrencyId($order->getOrderCurrencyCode());
280
if ($order->getCustomerId()) {
281
+ $session->setCustomerId($order->getCustomerId());
282
} else {
283
+ $session->setCustomerId(false);
284
}
285
286
+ $session->setStoreId($order->getStoreId());
287
288
//Notify other modules about the session quote
289
Mage::dispatchEvent('init_from_order_session_quote_initialized',
290
+ array('session_quote' => $session));
291
292
/**
293
* Initialize catalog rule data with new session values
314
}
315
}
316
317
+ $orderShippingAddress = $order->getShippingAddress();
318
+ if ($orderShippingAddress) {
319
+ $addressDiff = array_diff_assoc($orderShippingAddress->getData(), $order->getBillingAddress()->getData());
320
unset($addressDiff['address_type'], $addressDiff['entity_id']);
321
+ $orderShippingAddress->setSameAsBilling(empty($addressDiff));
322
}
323
324
$this->_initBillingAddressFromOrder($order);
325
$this->_initShippingAddressFromOrder($order);
326
327
+ $quote = $this->getQuote();
328
+ if (!$quote->isVirtual() && $this->getShippingAddress()->getSameAsBilling()) {
329
$this->setShippingAsBilling(1);
330
}
331
332
$this->setShippingMethod($order->getShippingMethod());
333
+ $quote->getShippingAddress()->setShippingDescription($order->getShippingDescription());
334
335
+ $quote->getPayment()->addData($order->getPayment()->getData());
336
337
338
$orderCouponCode = $order->getCouponCode();
339
if ($orderCouponCode) {
340
+ $quote->setCouponCode($orderCouponCode);
341
}
342
343
+ if ($quote->getCouponCode()) {
344
+ $quote->collectTotals();
345
}
346
347
Mage::helper('core')->copyFieldset(
348
'sales_copy_order',
349
'to_edit',
350
$order,
351
+ $quote
352
);
353
354
Mage::dispatchEvent('sales_convert_order_to_quote', array(
355
'order' => $order,
356
+ 'quote' => $quote
357
));
358
359
if (!$order->getCustomerId()) {
360
+ $quote->setCustomerIsGuest(true);
361
}
362
363
+ if ($session->getUseOldShippingMethod(true)) {
364
/*
365
* if we are making reorder or editing old order
366
* we need to show old shipping as preselected
379
// $this->getQuote()->getShippingAddress()->setCollectShippingRates(true);
380
// $this->getQuote()->getShippingAddress()->collectShippingRates();
381
382
+ $quote->save();
383
384
return $this;
385
}
1153
->unsAddressType();
1154
$data = $tmpAddress->getData();
1155
$data['save_in_address_book'] = 0; // Do not duplicate address (billing address will do saving too)
1156
+ unset($data['shipping_method']); // Do not reset shipping method to be able to recollect totals
1157
$this->getShippingAddress()->addData($data);
1158
}
1159
$this->getShippingAddress()->setSameAsBilling($flag);
1495
}
1496
1497
/**
1498
+ * Prepare item options
1499
*/
1500
protected function _prepareQuoteItems()
1501
{
1528
$this->_prepareQuoteItems();
1529
1530
$service = Mage::getModel('sales/service_quote', $quote);
1531
+ /** @var Mage_Sales_Model_Order $oldOrder */
1532
+ $oldOrder = $this->getSession()->getOrder();
1533
+ if ($oldOrder->getId()) {
1534
$originalId = $oldOrder->getOriginalIncrementId();
1535
if (!$originalId) {
1536
$originalId = $oldOrder->getIncrementId();
1544
);
1545
$quote->setReservedOrderId($orderData['increment_id']);
1546
$service->setOrderData($orderData);
1547
+
1548
+ $oldOrder->cancel();
1549
}
1550
1551
+ /** @var Mage_Sales_Model_Order $order */
1552
$order = $service->submit();
1553
+ $customer = $quote->getCustomer();
1554
+ if ((!$customer->getId() || !$customer->isInStore($this->getSession()->getStore()))
1555
&& !$quote->getCustomerIsGuest()
1556
) {
1557
+ $customer->setCreatedAt($order->getCreatedAt());
1558
+ $customer
1559
->save()
1560
->sendNewAccountEmail('registered', '', $quote->getStoreId());;
1561
}
1562
+ if ($oldOrder->getId()) {
1563
+ $oldOrder->setRelationChildId($order->getId());
1564
+ $oldOrder->setRelationChildRealId($order->getIncrementId());
1565
+ $oldOrder->save();
1566
$order->save();
1567
}
1568
if ($this->getSendConfirmation()) {
app/code/core/Mage/Adminhtml/Model/System/Config/Backend/Baseurl.php CHANGED
@@ -32,6 +32,7 @@ class Mage_Adminhtml_Model_System_Config_Backend_Baseurl extends Mage_Core_Model
32
$value = $this->getValue();
33
34
if (!preg_match('#^{{((un)?secure_)?base_url}}#', $value)) {
35
$parsedUrl = parse_url($value);
36
if (!isset($parsedUrl['scheme']) || !isset($parsedUrl['host'])) {
37
Mage::throwException(Mage::helper('core')->__('The %s you entered is invalid. Please make sure that it follows "http://domain.com/" format.', $this->getFieldConfig()->label));
@@ -60,4 +61,19 @@ class Mage_Adminhtml_Model_System_Config_Backend_Baseurl extends Mage_Core_Model
60
Mage::getModel('core/design_package')->cleanMergedJsCss();
61
}
62
}
63
}
32
$value = $this->getValue();
33
34
if (!preg_match('#^{{((un)?secure_)?base_url}}#', $value)) {
35
+ $value = Mage::helper('core/url')->encodePunycode($value);
36
$parsedUrl = parse_url($value);
37
if (!isset($parsedUrl['scheme']) || !isset($parsedUrl['host'])) {
38
Mage::throwException(Mage::helper('core')->__('The %s you entered is invalid. Please make sure that it follows "http://domain.com/" format.', $this->getFieldConfig()->label));
61
Mage::getModel('core/design_package')->cleanMergedJsCss();
62
}
63
}
64
+
65
+ /**
66
+ * Processing object after load data
67
+ *
68
+ * @return Mage_Core_Model_Abstract
69
+ */
70
+ protected function _afterLoad()
71
+ {
72
+ $value = $this->getValue();
73
+ if (!preg_match('#^{{((un)?secure_)?base_url}}#', $value)) {
74
+ $value = Mage::helper('core/url')->decodePunycode($value);
75
+ }
76
+ $this->setValue($value);
77
+ return parent::_afterLoad();
78
+ }
79
}
app/code/core/Mage/Adminhtml/controllers/AjaxController.php CHANGED
@@ -52,4 +52,14 @@ class Mage_Adminhtml_AjaxController extends Mage_Adminhtml_Controller_Action
52
echo Mage::helper('core/translate')->apply($translation, $area);
53
exit();
54
}
55
}
52
echo Mage::helper('core/translate')->apply($translation, $area);
53
exit();
54
}
55
+
56
+ /**
57
+ * Check is allowed access to action
58
+ *
59
+ * @return bool
60
+ */
61
+ protected function _isAllowed()
62
+ {
63
+ return true;
64
+ }
65
}
app/code/core/Mage/Adminhtml/controllers/Catalog/Category/WidgetController.php CHANGED
@@ -69,4 +69,14 @@ class Mage_Adminhtml_Catalog_Category_WidgetController extends Mage_Adminhtml_Co
69
'use_massaction' => $this->getRequest()->getParam('use_massaction', false)
70
));
71
}
72
}
69
'use_massaction' => $this->getRequest()->getParam('use_massaction', false)
70
));
71
}
72
+
73
+ /**
74
+ * Check is allowed access to action
75
+ *
76
+ * @return bool
77
+ */
78
+ protected function _isAllowed()
79
+ {
80
+ return Mage::getSingleton('admin/session')->isAllowed('cms/widget_instance');
81
+ }
82
}
app/code/core/Mage/Adminhtml/controllers/Catalog/Product/DatafeedsController.php CHANGED
@@ -32,4 +32,14 @@ class Mage_Adminhtml_Catalog_DatafeedsController extends Mage_Adminhtml_Controll
32
{
33
34
}
35
}
32
{
33
34
}
35
+
36
+ /**
37
+ * Check is allowed access to action
38
+ *
39
+ * @return bool
40
+ */
41
+ protected function _isAllowed()
42
+ {
43
+ return true;
44
+ }
45
}
app/code/core/Mage/Adminhtml/controllers/Catalog/Product/ReviewController.php CHANGED
@@ -367,7 +367,8 @@ class Mage_Adminhtml_Catalog_Product_ReviewController extends Mage_Adminhtml_Con
367
368
protected function _isAllowed()
369
{
370
- switch ($this->getRequest()->getActionName()) {
371
case 'pending':
372
return Mage::getSingleton('admin/session')->isAllowed('catalog/reviews_ratings/reviews/pending');
373
break;
367
368
protected function _isAllowed()
369
{
370
+ $action = strtolower($this->getRequest()->getActionName());
371
+ switch ($action) {
372
case 'pending':
373
return Mage::getSingleton('admin/session')->isAllowed('catalog/reviews_ratings/reviews/pending');
374
break;
app/code/core/Mage/Adminhtml/controllers/Catalog/Product/WidgetController.php CHANGED
@@ -67,4 +67,14 @@ class Mage_Adminhtml_Catalog_Product_WidgetController extends Mage_Adminhtml_Con
67
68
$this->getResponse()->setBody($html);
69
}
70
}
67
68
$this->getResponse()->setBody($html);
69
}
70
+
71
+ /**
72
+ * Check is allowed access to action
73
+ *
74
+ * @return bool
75
+ */
76
+ protected function _isAllowed()
77
+ {
78
+ return Mage::getSingleton('admin/session')->isAllowed('cms/widget_instance');
79
+ }
80
}
app/code/core/Mage/Adminhtml/controllers/Catalog/ProductController.php CHANGED
@@ -932,6 +932,7 @@ class Mage_Adminhtml_Catalog_ProductController extends Mage_Adminhtml_Controller
932
$this->_validateMassStatus($productIds, $status);
933
Mage::getSingleton('catalog/product_action')
934
->updateAttributes($productIds, array('status' => $status), $storeId);
935
936
$this->_getSession()->addSuccess(
937
$this->__('Total of %d record(s) have been updated.', count($productIds))
932
$this->_validateMassStatus($productIds, $status);
933
Mage::getSingleton('catalog/product_action')
934
->updateAttributes($productIds, array('status' => $status), $storeId);
935
+ Mage::dispatchEvent('catalog_controller_product_mass_status', array('product_ids' => $productIds));
936
937
$this->_getSession()->addSuccess(
938
$this->__('Total of %d record(s) have been updated.', count($productIds))
app/code/core/Mage/Adminhtml/controllers/Cms/Block/WidgetController.php CHANGED
@@ -45,4 +45,14 @@ class Mage_Adminhtml_Cms_Block_WidgetController extends Mage_Adminhtml_Controlle
45
));
46
$this->getResponse()->setBody($pagesGrid->toHtml());
47
}
48
}
45
));
46
$this->getResponse()->setBody($pagesGrid->toHtml());
47
}
48
+
49
+ /**
50
+ * Check is allowed access to action
51
+ *
52
+ * @return bool
53
+ */
54
+ protected function _isAllowed()
55
+ {
56
+ return Mage::getSingleton('admin/session')->isAllowed('cms/widget_instance');
57
+ }
58
}
app/code/core/Mage/Adminhtml/controllers/Cms/Page/WidgetController.php CHANGED
@@ -45,4 +45,15 @@ class Mage_Adminhtml_Cms_Page_WidgetController extends Mage_Adminhtml_Controller
45
));
46
$this->getResponse()->setBody($pagesGrid->toHtml());
47
}
48
}
45
));
46
$this->getResponse()->setBody($pagesGrid->toHtml());
47
}
48
+
49
+ /**
50
+ * Check is allowed access to action
51
+ *
52
+ * @return bool
53
+ */
54
+ protected function _isAllowed()
55
+ {
56
+ return Mage::getSingleton('admin/session')->isAllowed('cms/widget_instance');
57
+ }
58
+
59
}
app/code/core/Mage/Adminhtml/controllers/Cms/PageController.php CHANGED
@@ -222,7 +222,8 @@ class Mage_Adminhtml_Cms_PageController extends Mage_Adminhtml_Controller_Action
222
*/
223
protected function _isAllowed()
224
{
225
- switch ($this->getRequest()->getActionName()) {
226
case 'new':
227
case 'save':
228
return Mage::getSingleton('admin/session')->isAllowed('cms/page/save');
222
*/
223
protected function _isAllowed()
224
{
225
+ $action = strtolower($this->getRequest()->getActionName());
226
+ switch ($action) {
227
case 'new':
228
case 'save':
229
return Mage::getSingleton('admin/session')->isAllowed('cms/page/save');
app/code/core/Mage/Adminhtml/controllers/Cms/WysiwygController.php CHANGED
@@ -63,4 +63,14 @@ class Mage_Adminhtml_Cms_WysiwygController extends Mage_Adminhtml_Controller_Act
63
*/
64
}
65
}
66
}
63
*/
64
}
65
}
66
+
67
+ /**
68
+ * Check the permission to run it
69
+ *
70
+ * @return boolean
71
+ */
72
+ protected function _isAllowed()
73
+ {
74
+ return Mage::getSingleton('admin/session')->isAllowed('cms');
75
+ }
76
}
app/code/core/Mage/Adminhtml/controllers/Customer/System/Config/ValidatevatController.php CHANGED
@@ -88,4 +88,14 @@ class Mage_Adminhtml_Customer_System_Config_ValidatevatController extends Mage_A
88
));
89
$this->getResponse()->setBody($body);
90
}
91
}
88
));
89
$this->getResponse()->setBody($body);
90
}
91
+
92
+ /**
93
+ * Check is allowed access to action
94
+ *
95
+ * @return bool
96
+ */
97
+ protected function _isAllowed()
98
+ {
99
+ return Mage::getSingleton('admin/session')->isAllowed('system/config');
100
+ }
101
}
app/code/core/Mage/Adminhtml/controllers/CustomerController.php CHANGED
@@ -376,6 +376,7 @@ class Mage_Adminhtml_CustomerController extends Mage_Adminhtml_Controller_Action
376
$this->_getSession()->addError($e->getMessage());
377
$this->_getSession()->setCustomerData($data);
378
$this->getResponse()->setRedirect($this->getUrl('*/customer/edit', array('id' => $customer->getId())));
379
} catch (Exception $e) {
380
$this->_getSession()->addException($e,
381
Mage::helper('adminhtml')->__('An error occurred while saving the customer.'));
376
$this->_getSession()->addError($e->getMessage());
377
$this->_getSession()->setCustomerData($data);
378
$this->getResponse()->setRedirect($this->getUrl('*/customer/edit', array('id' => $customer->getId())));
379
+ return;
380
} catch (Exception $e) {
381
$this->_getSession()->addException($e,
382
Mage::helper('adminhtml')->__('An error occurred while saving the customer.'));
app/code/core/Mage/Adminhtml/controllers/JsonController.php CHANGED
@@ -56,4 +56,14 @@ class Mage_Adminhtml_JsonController extends Mage_Adminhtml_Controller_Action
56
57
$this->getResponse()->setBody(Mage::helper('core')->jsonEncode($arrRes));
58
}
59
}
56
57
$this->getResponse()->setBody(Mage::helper('core')->jsonEncode($arrRes));
58
}
59
+
60
+ /**
61
+ * Check is allowed access to action
62
+ *
63
+ * @return bool
64
+ */
65
+ protected function _isAllowed()
66
+ {
67
+ return true;
68
+ }
69
}
app/code/core/Mage/Adminhtml/controllers/NotificationController.php CHANGED
@@ -160,12 +160,13 @@ class Mage_Adminhtml_NotificationController extends Mage_Adminhtml_Controller_Ac
160
161
protected function _isAllowed()
162
{
163
- switch ($this->getRequest()->getActionName()) {
164
- case 'markAsRead':
165
$acl = 'system/adminnotification/mark_as_read';
166
break;
167
168
- case 'massMarkAsRead':
169
$acl = 'system/adminnotification/mark_as_read';
170
break;
171
@@ -173,7 +174,7 @@ class Mage_Adminhtml_NotificationController extends Mage_Adminhtml_Controller_Ac
173
$acl = 'system/adminnotification/remove';
174
break;
175
176
- case 'massRemove':
177
$acl = 'system/adminnotification/remove';
178
break;
179
160
161
protected function _isAllowed()
162
{
163
+ $action = strtolower($this->getRequest()->getActionName());
164
+ switch ($action) {
165
+ case 'markasread':
166
$acl = 'system/adminnotification/mark_as_read';
167
break;
168
169
+ case 'massmarkasread':
170
$acl = 'system/adminnotification/mark_as_read';
171
break;
172
174
$acl = 'system/adminnotification/remove';
175
break;
176
177
+ case 'massremove':
178
$acl = 'system/adminnotification/remove';
179
break;
180
app/code/core/Mage/Adminhtml/controllers/Permissions/RoleController.php CHANGED
@@ -154,7 +154,7 @@ class Mage_Adminhtml_Permissions_RoleController extends Mage_Adminhtml_Controlle
154
Mage::getSingleton('adminhtml/session')->addError($this->__('An error occurred while deleting this role.'));
155
}
156
157
- $this->_redirect("*/*/");
158
}
159
160
/**
@@ -175,7 +175,7 @@ class Mage_Adminhtml_Permissions_RoleController extends Mage_Adminhtml_Controlle
175
176
$isAll = $this->getRequest()->getParam('all');
177
if ($isAll)
178
- $resource = array("all");
179
180
$role = $this->_initRole('role_id');
181
if (!$role->getId() && $rid) {
@@ -209,7 +209,7 @@ class Mage_Adminhtml_Permissions_RoleController extends Mage_Adminhtml_Controlle
209
);
210
$role->save();
211
212
- Mage::getModel("admin/rules")
213
->setRoleId($role->getId())
214
->setResources($resource)
215
->saveRel();
@@ -256,7 +256,7 @@ class Mage_Adminhtml_Permissions_RoleController extends Mage_Adminhtml_Controlle
256
protected function _deleteUserFromRole($userId, $roleId)
257
{
258
try {
259
- Mage::getModel("admin/user")
260
->setRoleId($roleId)
261
->setUserId($userId)
262
->deleteFromRole();
@@ -276,7 +276,7 @@ class Mage_Adminhtml_Permissions_RoleController extends Mage_Adminhtml_Controlle
276
*/
277
protected function _addUserToRole($userId, $roleId)
278
{
279
- $user = Mage::getModel("admin/user")->load($userId);
280
$user->setRoleId($roleId)->setUserId($userId);
281
282
if( $user->roleUserExists() === true ) {
@@ -296,4 +296,45 @@ class Mage_Adminhtml_Permissions_RoleController extends Mage_Adminhtml_Controlle
296
{
297
return Mage::getSingleton('admin/session')->isAllowed('system/acl/roles');
298
}
299
}
154
Mage::getSingleton('adminhtml/session')->addError($this->__('An error occurred while deleting this role.'));
155
}
156
157
+ $this->_redirect('*/*/');
158
}
159
160
/**
175
176
$isAll = $this->getRequest()->getParam('all');
177
if ($isAll)
178
+ $resource = array('all');
179
180
$role = $this->_initRole('role_id');
181
if (!$role->getId() && $rid) {
209
);
210
$role->save();
211
212
+ Mage::getModel('admin/rules')
213
->setRoleId($role->getId())
214
->setResources($resource)
215
->saveRel();
256
protected function _deleteUserFromRole($userId, $roleId)
257
{
258
try {
259
+ Mage::getModel('admin/user')
260
->setRoleId($roleId)
261
->setUserId($userId)
262
->deleteFromRole();
276
*/
277
protected function _addUserToRole($userId, $roleId)
278
{
279
+ $user = Mage::getModel('admin/user')->load($userId);
280
$user->setRoleId($roleId)->setUserId($userId);
281
282
if( $user->roleUserExists() === true ) {
296
{
297
return Mage::getSingleton('admin/session')->isAllowed('system/acl/roles');
298
}
299
+
300
+ /**
301
+ * Action to refresh role-rule relations.
302
+ * This method will make sure the rendered ACL resource tree checkboxes match the actual ACL permissions.
303
+ * To be used after adding a new ACL resource via config
304
+ */
305
+ public function refreshRolesAction()
306
+ {
307
+ $resourceAcl = Mage::getResourceModel('admin/acl')->loadAcl();
308
+ $roles = Mage::getResourceModel('admin/role_collection')->setRolesFilter()->getItems();
309
+ try {
310
+ foreach ($roles as $role) {
311
+ $roleTypeId = $role->getRoleType() . $role->getRoleId();
312
+ $selectedResourceIds = array();
313
+ if ($resourceAcl->isAllowed($roleTypeId, 'all')) {
314
+ $selectedResourceIds = array('all');
315
+ } else {
316
+ foreach ($resourceAcl->getResources() as $resource) {
317
+ if ($resourceAcl->isAllowed($roleTypeId, $resource)) {
318
+ array_push($selectedResourceIds, $resource);
319
+ }
320
+ }
321
+ }
322
+
323
+ Mage::getModel('admin/rules')
324
+ ->setRoleId($role->getId())
325
+ ->setResources($selectedResourceIds)
326
+ ->saveRel();
327
+ }
328
+
329
+ Mage::getSingleton('adminhtml/session')->addSuccess($this->__('The roles have been refreshed.'));
330
+ } catch (Mage_Core_Exception $e) {
331
+ Mage::getSingleton('adminhtml/session')->addError($e->getMessage());
332
+ } catch (Exception $e) {
333
+ Mage::logException($e);
334
+ Mage::getSingleton('adminhtml/session')->addError($this->__('An error occurred while refreshing roles.'));
335
+ }
336
+
337
+ $this->_redirect('*/*/');
338
+ return;
339
+ }
340
}
app/code/core/Mage/Adminhtml/controllers/Report/CustomerController.php CHANGED
@@ -161,7 +161,8 @@ class Mage_Adminhtml_Report_CustomerController extends Mage_Adminhtml_Controller
161
162
protected function _isAllowed()
163
{
164
- switch ($this->getRequest()->getActionName()) {
165
case 'accounts':
166
return Mage::getSingleton('admin/session')->isAllowed('report/customers/accounts');
167
break;
161
162
protected function _isAllowed()
163
{
164
+ $action = strtolower($this->getRequest()->getActionName());
165
+ switch ($action) {
166
case 'accounts':
167
return Mage::getSingleton('admin/session')->isAllowed('report/customers/accounts');
168
break;
app/code/core/Mage/Adminhtml/controllers/Report/ProductController.php CHANGED
@@ -267,7 +267,8 @@ class Mage_Adminhtml_Report_ProductController extends Mage_Adminhtml_Controller_
267
*/
268
protected function _isAllowed()
269
{
270
- switch ($this->getRequest()->getActionName()) {
271
case 'viewed':
272
return Mage::getSingleton('admin/session')->isAllowed('report/products/viewed');
273
break;
267
*/
268
protected function _isAllowed()
269
{
270
+ $action = strtolower($this->getRequest()->getActionName());
271
+ switch ($action) {
272
case 'viewed':
273
return Mage::getSingleton('admin/session')->isAllowed('report/products/viewed');
274
break;
app/code/core/Mage/Adminhtml/controllers/Report/ReviewController.php CHANGED
@@ -160,7 +160,8 @@ class Mage_Adminhtml_Report_ReviewController extends Mage_Adminhtml_Controller_A
160
161
protected function _isAllowed()
162
{
163
- switch ($this->getRequest()->getActionName()) {
164
case 'customer':
165
return Mage::getSingleton('admin/session')->isAllowed('report/review/customer');
166
break;
160
161
protected function _isAllowed()
162
{
163
+ $action = strtolower($this->getRequest()->getActionName());
164
+ switch ($action) {
165
case 'customer':
166
return Mage::getSingleton('admin/session')->isAllowed('report/review/customer');
167
break;
app/code/core/Mage/Adminhtml/controllers/Report/SalesController.php CHANGED
@@ -389,7 +389,8 @@ class Mage_Adminhtml_Report_SalesController extends Mage_Adminhtml_Controller_Re
389
390
protected function _isAllowed()
391
{
392
- switch ($this->getRequest()->getActionName()) {
393
case 'sales':
394
return $this->_getSession()->isAllowed('report/salesroot/sales');
395
break;
389
390
protected function _isAllowed()
391
{
392
+ $action = strtolower($this->getRequest()->getActionName());
393
+ switch ($action) {
394
case 'sales':
395
return $this->_getSession()->isAllowed('report/salesroot/sales');
396
break;
app/code/core/Mage/Adminhtml/controllers/Report/ShopcartController.php CHANGED
@@ -155,7 +155,8 @@ class Mage_Adminhtml_Report_ShopcartController extends Mage_Adminhtml_Controller
155
156
protected function _isAllowed()
157
{
158
- switch ($this->getRequest()->getActionName()) {
159
case 'customer':
160
return Mage::getSingleton('admin/session')->isAllowed('report/shopcart/customer');
161
break;
155
156
protected function _isAllowed()
157
{
158
+ $action = strtolower($this->getRequest()->getActionName());
159
+ switch ($action) {
160
case 'customer':
161
return Mage::getSingleton('admin/session')->isAllowed('report/shopcart/customer');
162
break;
app/code/core/Mage/Adminhtml/controllers/Report/TagController.php CHANGED
@@ -282,14 +282,15 @@ class Mage_Adminhtml_Report_TagController extends Mage_Adminhtml_Controller_Acti
282
283
protected function _isAllowed()
284
{
285
- switch ($this->getRequest()->getActionName()) {
286
case 'customer':
287
return Mage::getSingleton('admin/session')->isAllowed('report/tags/customer');
288
break;
289
case 'product':
290
return Mage::getSingleton('admin/session')->isAllowed('report/tags/product');
291
break;
292
- case 'productAll':
293
return Mage::getSingleton('admin/session')->isAllowed('report/tags/product');
294
break;
295
case 'popular':
282
283
protected function _isAllowed()
284
{
285
+ $action = strtolower($this->getRequest()->getActionName());
286
+ switch ($action) {
287
case 'customer':
288
return Mage::getSingleton('admin/session')->isAllowed('report/tags/customer');
289
break;
290
case 'product':
291
return Mage::getSingleton('admin/session')->isAllowed('report/tags/product');
292
break;
293
+ case 'productall':
294
return Mage::getSingleton('admin/session')->isAllowed('report/tags/product');
295
break;
296
case 'popular':
app/code/core/Mage/Adminhtml/controllers/ReportController.php CHANGED
@@ -131,7 +131,8 @@ class Mage_Adminhtml_ReportController extends Mage_Adminhtml_Controller_Action
131
132
protected function _isAllowed()
133
{
134
- switch ($this->getRequest()->getActionName()) {
135
case 'search':
136
return Mage::getSingleton('admin/session')->isAllowed('report/search');
137
break;
131
132
protected function _isAllowed()
133
{
134
+ $action = strtolower($this->getRequest()->getActionName());
135
+ switch ($action) {
136
case 'search':
137
return Mage::getSingleton('admin/session')->isAllowed('report/search');
138
break;
app/code/core/Mage/Adminhtml/controllers/Rss/CatalogController.php CHANGED
@@ -34,17 +34,21 @@
34
35
class Mage_Adminhtml_Rss_CatalogController extends Mage_Adminhtml_Controller_Action
36
{
37
- public function preDispatch()
38
{
39
$path = '';
40
- if ($this->getRequest()->getActionName() == 'review') {
41
$path = 'catalog/reviews_ratings';
42
- } elseif ($this->getRequest()->getActionName() == 'notifystock') {
43
$path = 'catalog/products';
44
}
45
- Mage::helper('adminhtml/rss')->authAdmin($path);
46
- parent::preDispatch();
47
- return $this;
48
}
49
50
public function notifystockAction()
34
35
class Mage_Adminhtml_Rss_CatalogController extends Mage_Adminhtml_Controller_Action
36
{
37
+ /**
38
+ * Check is allowed access to action
39
+ *
40
+ * @return bool
41
+ */
42
+ protected function _isAllowed()
43
{
44
$path = '';
45
+ $action = strtolower($this->getRequest()->getActionName());
46
+ if ($action == 'review') {
47
$path = 'catalog/reviews_ratings';
48
+ } elseif ($action == 'notifystock') {
49
$path = 'catalog/products';
50
}
51
+ return Mage::getSingleton('admin/session')->isAllowed($path);
52
}
53
54
public function notifystockAction()
app/code/core/Mage/Adminhtml/controllers/Rss/OrderController.php CHANGED
@@ -34,12 +34,6 @@
34
35
class Mage_Adminhtml_Rss_OrderController extends Mage_Adminhtml_Controller_Action
36
{
37
- public function preDispatch()
38
- {
39
- Mage::helper('adminhtml/rss')->authAdmin('catalog/reviews_ratings');
40
- parent::preDispatch();
41
- return $this;
42
- }
43
44
public function newAction()
45
{
@@ -48,4 +42,14 @@ class Mage_Adminhtml_Rss_OrderController extends Mage_Adminhtml_Controller_Actio
48
$this->loadLayout(false);
49
$this->renderLayout();
50
}
51
}
34
35
class Mage_Adminhtml_Rss_OrderController extends Mage_Adminhtml_Controller_Action
36
{
37
38
public function newAction()
39
{
42
$this->loadLayout(false);
43
$this->renderLayout();
44
}
45
+
46
+ /**
47
+ * Check is allowed access to action
48
+ *
49
+ * @return bool
50
+ */
51
+ protected function _isAllowed()
52
+ {
53
+ return Mage::getSingleton('admin/session')->isAllowed('sales/order/actions/view');
54
+ }
55
}
app/code/core/Mage/Adminhtml/controllers/Sales/Billing/AgreementController.php CHANGED
@@ -203,7 +203,8 @@ class Mage_Adminhtml_Sales_Billing_AgreementController extends Mage_Adminhtml_Co
203
*/
204
protected function _isAllowed()
205
{
206
- switch ($this->getRequest()->getActionName()) {
207
case 'index':
208
case 'grid' :
209
case 'view' :
203
*/
204
protected function _isAllowed()
205
{
206
+ $action = strtolower($this->getRequest()->getActionName());
207
+ switch ($action) {
208
case 'index':
209
case 'grid' :
210
case 'view' :
app/code/core/Mage/Adminhtml/controllers/Sales/Order/View/GiftmessageController.php CHANGED
@@ -76,4 +76,14 @@ class Mage_Adminhtml_Sales_Order_View_GiftmessageController extends Mage_Adminht
76
return Mage::getSingleton('adminhtml/giftmessage_save');
77
}
78
79
}
76
return Mage::getSingleton('adminhtml/giftmessage_save');
77
}
78
79
+ /**
80
+ * Acl check for admin
81
+ *
82
+ * @return bool
83
+ */
84
+ protected function _isAllowed()
85
+ {
86
+ return Mage::getSingleton('admin/session')->isAllowed('sales/order');
87
+ }
88
+
89
}
app/code/core/Mage/Adminhtml/controllers/Sales/Recurring/ProfileController.php CHANGED
@@ -202,4 +202,14 @@ class Mage_Adminhtml_Sales_Recurring_ProfileController extends Mage_Adminhtml_Co
202
Mage::register('current_recurring_profile', $profile);
203
return $profile;
204
}
205
}
202
Mage::register('current_recurring_profile', $profile);
203
return $profile;
204
}
205
+
206
+ /**
207
+ * Check is allowed access to action
208
+ *
209
+ * @return bool
210
+ */
211
+ protected function _isAllowed()
212
+ {
213
+ return Mage::getSingleton('admin/session')->isAllowed('sales/recurring_profile');
214
+ }
215
}
app/code/core/Mage/Adminhtml/controllers/Sales/TransactionsController.php CHANGED
@@ -130,7 +130,8 @@ class Mage_Adminhtml_Sales_TransactionsController extends Mage_Adminhtml_Control
130
*/
131
protected function _isAllowed()
132
{
133
- switch ($this->getRequest()->getActionName()) {
134
case 'fetch':
135
return Mage::getSingleton('admin/session')->isAllowed('sales/transactions/fetch');
136
break;
130
*/
131
protected function _isAllowed()
132
{
133
+ $action = strtolower($this->getRequest()->getActionName());
134
+ switch ($action) {
135
case 'fetch':
136
return Mage::getSingleton('admin/session')->isAllowed('sales/transactions/fetch');
137
break;
app/code/core/Mage/Adminhtml/controllers/System/Config/System/StorageController.php CHANGED
@@ -180,4 +180,14 @@ class Mage_Adminhtml_System_Config_System_StorageController extends Mage_Adminht
180
$result = Mage::helper('core')->jsonEncode($result);
181
Mage::app()->getResponse()->setBody($result);
182
}
183
}
180
$result = Mage::helper('core')->jsonEncode($result);
181
Mage::app()->getResponse()->setBody($result);
182
}
183
+
184
+ /**
185
+ * Check is allowed access to action
186
+ *
187
+ * @return bool
188
+ */
189
+ protected function _isAllowed()
190
+ {
191
+ return Mage::getSingleton('admin/session')->isAllowed('system/config');
192
+ }
193
}
app/code/core/Mage/Adminhtml/controllers/TagController.php CHANGED
@@ -345,7 +345,8 @@ class Mage_Adminhtml_TagController extends Mage_Adminhtml_Controller_Action
345
*/
346
protected function _isAllowed()
347
{
348
- switch ($this->getRequest()->getActionName()) {
349
case 'pending':
350
return Mage::getSingleton('admin/session')->isAllowed('catalog/tag/pending');
351
break;
345
*/
346
protected function _isAllowed()
347
{
348
+ $action = strtolower($this->getRequest()->getActionName());
349
+ switch ($action) {
350
case 'pending':
351
return Mage::getSingleton('admin/session')->isAllowed('catalog/tag/pending');
352
break;
app/code/core/Mage/Adminhtml/controllers/Tax/RateController.php CHANGED
@@ -371,11 +371,11 @@ class Mage_Adminhtml_Tax_RateController extends Mage_Adminhtml_Controller_Action
371
'code' => $v[0],
372
'tax_country_id' => $v[1],
373
'tax_region_id' => ($regions[$v[1]][$v[2]] == '*') ? 0 : $regions[$v[1]][$v[2]],
374
- 'tax_postcode' => (empty($v[3]) || $v[3]=='*') ? null : $v[3],
375
'rate' => $v[4],
376
'zip_is_range' => $v[5],
377
'zip_from' => $v[6],
378
- 'zip_to' => $v[7]
379
);
380
381
$rateModel = Mage::getModel('tax/calculation_rate')->loadByCode($rateData['code']);
@@ -466,8 +466,9 @@ class Mage_Adminhtml_Tax_RateController extends Mage_Adminhtml_Controller_Action
466
protected function _isAllowed()
467
{
468
469
- switch ($this->getRequest()->getActionName()) {
470
- case 'importExport':
471
return Mage::getSingleton('admin/session')->isAllowed('sales/tax/import_export');
472
break;
473
case 'index':
371
'code' => $v[0],
372
'tax_country_id' => $v[1],
373
'tax_region_id' => ($regions[$v[1]][$v[2]] == '*') ? 0 : $regions[$v[1]][$v[2]],
374
+ 'tax_postcode' => empty($v[3]) ? null : $v[3],
375
'rate' => $v[4],
376
'zip_is_range' => $v[5],
377
'zip_from' => $v[6],
378
+ 'zip_to' => $v[7],
379
);
380
381
$rateModel = Mage::getModel('tax/calculation_rate')->loadByCode($rateData['code']);
466
protected function _isAllowed()
467
{
468
469
+ $action = strtolower($this->getRequest()->getActionName());
470
+ switch ($action) {
471
+ case 'importexport':
472
return Mage::getSingleton('admin/session')->isAllowed('sales/tax/import_export');
473
break;
474
case 'index':
app/code/core/Mage/Adminhtml/controllers/TaxController.php CHANGED
@@ -50,4 +50,14 @@ class Mage_Adminhtml_TaxController extends Mage_Adminhtml_Controller_Action
50
}
51
$this->_redirectReferer();
52
}
53
}
50
}
51
$this->_redirectReferer();
52
}
53
+
54
+ /**
55
+ * Check is allowed access to action
56
+ *
57
+ * @return bool
58
+ */
59
+ protected function _isAllowed()
60
+ {
61
+ return true;
62
+ }
63
}