Merge branch 'cc-5709-airtime-analyzer' into saas

Conflicts: airtime_mvc/application/configs/ACL.php
2015-02-06 16:06:32 -05:00 · 2015-02-06 16:06:32 -05:00 · 2cf0f7da7a
parent a20f90cd2d 2a9790adf3
commit 2cf0f7da7a
2 changed files with 23 additions and 18 deletions
--- a/airtime_mvc/application/configs/ACL.php
+++ b/airtime_mvc/application/configs/ACL.php
@ -54,8 +54,9 @@ $ccAcl->allow('G', 'index')
      ->allow('G', 'upgrade')
      ->allow('G', 'provisioning')
      ->allow('G', 'downgrade')
-      ->allow('G', 'rest:media')
      ->allow('G', 'rest:show-image')
+      ->allow('G', 'rest:media', 'get')
+      ->allow('H', 'rest:media')
      ->allow('H', 'preference', 'is-import-in-progress')
      ->allow('H', 'usersettings')
      ->allow('H', 'plupload')
--- a/airtime_mvc/application/controllers/plugins/Acl_plugin.php
+++ b/airtime_mvc/application/controllers/plugins/Acl_plugin.php
@ -127,7 +127,9 @@ class Zend_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
                    throw new Zend_Controller_Exception("hi", 401);
                }
            }
-
+            else  //Non-REST, regular Airtime web app requests
+            {
+                //Redirect you to the login screen since you have no session.
                if ($controller !== 'login') {

                    if ($request->isXmlHttpRequest()) {
@ -148,7 +150,9 @@ class Zend_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
                        $r->gotoSimpleAndExit('index', 'login', $request->getModuleName());
                   }
                }
-        } else {
+            }
+        } else { //We have a session/identity.
+
            // If we have an identity and we're making a RESTful request,
            // we need to check the CSRF token
            if ($request->_action != "get" && $request->getModuleName() == "rest") {