Congegni/sintonia
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

SAAS-1062 - Podcast skeleton work; slight rework to backend functionality

Browse source
This commit is contained in:
Duncan Sommerville 2015-09-18 15:39:12 -04:00
parent 6934bcfdab
commit 6de6e2767c
6 changed files with 140 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

20
airtime_mvc/application/controllers/RenderController.php Normal file
View file

@ -0,0 +1,20 @@
<?php
class RenderController extends Zend_Controller_Action {
public function init() {
$this->view->layout()->disableLayout();
$this->_helper->viewRenderer->setNoRender(true);
$csrf_namespace = new Zend_Session_Namespace('csrf_namespace');
$csrf_element = new Zend_Form_Element_Hidden('csrf_token');
$csrf_element->setValue($csrf_namespace->authtoken)->setRequired('true')->removeDecorator('HtmlTag')->removeDecorator('Label');
$this->view->csrf = $csrf_element;
}
public function podcastUrlDialogAction() {
$path = 'podcast/podcast_url_dialog.phtml';
$this->_helper->json->sendJson(array("html"=>$this->view->render($path)));
}
}

3
airtime_mvc/application/controllers/plugins/Acl_plugin.php
View file

@ -200,7 +200,7 @@ class Zend_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
/** Check if the controller/action can be accessed by the current user */
if (!$this->getAcl()->has($resourceName)
|| !$this->getAcl()->isAllowed($this->_roleName,
|| !$this->getAcl()->isAllowed($this->_roleName,
$resourceName,
$request->getActionName())) {
/** Redirect to access denied page */
@ -226,7 +226,6 @@ class Zend_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
$current_namespace = new Zend_Session_Namespace('csrf_namespace');
$observed_csrf_token = $token;
$expected_csrf_token = $current_namespace->authtoken;
return ($observed_csrf_token == $expected_csrf_token);
}