55using SmartStore . Admin . Models . Security ;
66using SmartStore . Core ;
77using SmartStore . Core . Logging ;
8+ using SmartStore . Core . Security ;
89using SmartStore . Services . Customers ;
910using SmartStore . Services . Security ;
1011using SmartStore . Web . Framework . Controllers ;
@@ -15,16 +16,10 @@ namespace SmartStore.Admin.Controllers
1516 [ AdminAuthorize ]
1617 public class SecurityController : AdminControllerBase
1718 {
18- #region Fields
19-
2019 private readonly IWorkContext _workContext ;
2120 private readonly IPermissionService _permissionService ;
2221 private readonly ICustomerService _customerService ;
2322
24- #endregion
25-
26- #region Constructors
27-
2823 public SecurityController (
2924 IWorkContext workContext ,
3025 IPermissionService permissionService ,
@@ -35,31 +30,9 @@ public SecurityController(
3530 _customerService = customerService ;
3631 }
3732
38- #endregion
39-
40- #region Methods
41-
42- //GP: remove and use method AllAccessPermissions2 below.
4333 // Ajax.
34+ [ Permission ( Core . Security . Permissions . Configuration . Acl . Read ) ]
4435 public ActionResult AllAccessPermissions ( string selected )
45- {
46- var permissions = _permissionService . GetAllPermissionRecords ( ) ;
47- var selectedArr = selected . SplitSafe ( "," ) ;
48-
49- var data = permissions
50- . Select ( x => new
51- {
52- id = x . SystemName ,
53- text = x . Name ,
54- selected = selectedArr . Contains ( x . SystemName )
55- } )
56- . ToList ( ) ;
57-
58- return new JsonResult { Data = data , JsonRequestBehavior = JsonRequestBehavior . AllowGet } ;
59- }
60-
61- // Ajax.
62- public ActionResult AllAccessPermissions2 ( string selected )
6336 {
6437 var systemNames = Services . Permissions2 . GetAllSystemNames ( ) ;
6538 var selectedArr = selected . SplitSafe ( "," ) ;
@@ -78,25 +51,23 @@ public ActionResult AllAccessPermissions2(string selected)
7851
7952 public ActionResult AccessDenied ( string pageUrl )
8053 {
81- var currentCustomer = _workContext . CurrentCustomer ;
54+ var customer = _workContext . CurrentCustomer ;
8255
83- if ( currentCustomer == null || currentCustomer . IsGuest ( ) )
56+ if ( customer == null || customer . IsGuest ( ) )
8457 {
8558 Logger . Info ( T ( "Admin.System.Warnings.AccessDeniedToAnonymousRequest" , pageUrl . NaIfEmpty ( ) ) ) ;
8659 return View ( ) ;
8760 }
8861
8962 Logger . Info ( T ( "Admin.System.Warnings.AccessDeniedToUser" ,
90- currentCustomer . Email . NaIfEmpty ( ) , currentCustomer . Email . NaIfEmpty ( ) , pageUrl . NaIfEmpty ( ) ) ) ;
63+ customer . Email . NaIfEmpty ( ) , customer . Email . NaIfEmpty ( ) , pageUrl . NaIfEmpty ( ) ) ) ;
9164
9265 return View ( ) ;
9366 }
9467
68+ //GP: remove (old permission list).
9569 public ActionResult Permissions ( )
9670 {
97- if ( ! _permissionService . Authorize ( StandardPermissionProvider . ManageAcl ) )
98- return AccessDeniedView ( ) ;
99-
10071 var model = new PermissionMappingModel ( ) ;
10172
10273 var permissionRecords = _permissionService . GetAllPermissionRecords ( ) ;
@@ -137,12 +108,10 @@ public ActionResult Permissions()
137108 return View ( model ) ;
138109 }
139110
111+ //GP: remove (old permission list).
140112 [ HttpPost , ActionName ( "Permissions" ) ]
141113 public ActionResult PermissionsSave ( FormCollection form )
142114 {
143- if ( ! _permissionService . Authorize ( StandardPermissionProvider . ManageAcl ) )
144- return AccessDeniedView ( ) ;
145-
146115 var permissionRecords = _permissionService . GetAllPermissionRecords ( ) ;
147116 var customerRoles = _customerService . GetAllCustomerRoles ( true ) ;
148117
@@ -177,7 +146,5 @@ public ActionResult PermissionsSave(FormCollection form)
177146
178147 return RedirectToAction ( "Permissions" ) ;
179148 }
180-
181- #endregion
182149 }
183150}
0 commit comments