From cec592552d9f136bfdafe80bef10ef341ece982b Mon Sep 17 00:00:00 2001
From: Julio Montoya <gugli100@gmail.com>
Date: Fri, 6 Sep 2013 19:05:18 +0200
Subject: [PATCH] Now the admin page is generated depending of your roles only
 works for admin and question manager, in order to add more roles create a new
 template in: default/admin/xxx/role_index.php and add the role in the array:
 $app['allow_admin_toolbar']

---
 main/admin/index.php                          |  2 +-
 main/inc/lib/template.lib.php                 | 60 +++++++++----------
 main/inc/routes.php                           |  1 +
 main/inc/services.php                         |  8 ++-
 .../{index.tpl => role_index.tpl}             |  5 --
 main/template/default/admin/index.tpl         |  6 ++
 .../admin/questionmanager/role_index.tpl      |  3 +
 ...atorController.php => AdminController.php} | 25 +++++++-
 8 files changed, 69 insertions(+), 41 deletions(-)
 rename main/template/default/admin/administrator/{index.tpl => role_index.tpl} (95%)
 create mode 100644 main/template/default/admin/index.tpl
 create mode 100644 main/template/default/admin/questionmanager/role_index.tpl
 rename src/ChamiloLMS/Controller/Admin/{AdministratorController.php => AdminController.php} (96%)

diff --git a/main/admin/index.php b/main/admin/index.php
index 309946a629..55f7c40dd7 100644
--- a/main/admin/index.php
+++ b/main/admin/index.php
@@ -1,4 +1,4 @@
 <?php
-$url = api_get_path(WEB_PUBLIC_PATH).'admin/administrator';
+$url = api_get_path(WEB_PUBLIC_PATH).'admin';
 header('Location: '.$url);
 exit;
diff --git a/main/inc/lib/template.lib.php b/main/inc/lib/template.lib.php
index 045ae8df9a..a10639cd14 100644
--- a/main/inc/lib/template.lib.php
+++ b/main/inc/lib/template.lib.php
@@ -966,7 +966,6 @@ class Template
             $navigation['session_my_progress']['title'] = get_lang('MyProgress');
         }
 
-
         // Social
         if (api_get_setting('allow_social_tool') == 'true') {
             $navigation['social']['url'] = api_get_path(WEB_CODE_PATH).'social/home.php';
@@ -979,13 +978,6 @@ class Template
             $navigation['dashboard']['title'] = get_lang('Dashboard');
         }
 
-        // Reports
-        /*
-        if (api_is_platform_admin() || api_is_drh() || api_is_session_admin()) {
-            $navigation['reports']['url'] = api_get_path(WEB_CODE_PATH).'reports/index.php';
-            $navigation['reports']['title'] = get_lang('Reports');
-        }*/
-
         // Custom tabs
         for ($i = 1; $i <= 3; $i++) {
             if (api_get_setting('custom_tab_'.$i.'_name') && api_get_setting('custom_tab_'.$i.'_url')) {
@@ -994,19 +986,34 @@ class Template
             }
         }
 
-        // Platform administration
-        if (api_is_platform_admin(true)) {
-            $navigation['platform_admin']['url'] = api_get_path(WEB_PUBLIC_PATH).'admin/administrator';
-            $navigation['platform_admin']['title'] = get_lang('PlatformAdmin');
-        } else {
-            if (api_is_question_manager()) {
-                $navigation['question_manager']['url'] = api_get_path(WEB_PUBLIC_PATH).'admin/questionmanager';
-                $navigation['question_manager']['title'] = get_lang('PlatformAdmin');
+        // Adding block settings for each role
+        if (isset($this->app['allow_admin_toolbar'])) {
+            /** @var  \Symfony\Component\Security\Core\SecurityContext  $security */
+            $security = $this->app['security'];
+
+            $roleTemplate = array();
+            foreach ($this->app['allow_admin_toolbar'] as $role) {
+                if ($security->isGranted($role)) {
+                    // Fixes in order to match the templates
+                    if ($role == 'ROLE_ADMIN') {
+                        $role = 'administrator';
+                    }
+                    if ($role == 'ROLE_QUESTION_MANAGER') {
+                        $role = 'QUESTIONMANAGER';
+                    }
+                    $stripRole = strtolower(str_replace('ROLE_', '', $role));
+                    $roleTemplate[] = $stripRole;
+                }
             }
-            /*$token = $this->app['security']->getToken();
-            $user = $token->getUser();*/
-        }
 
+            if (!empty($roleTemplate)) {
+                if (api_get_setting('show_tabs', 'platform_administration') == 'true') {
+                    $navigation['admin']['url'] = api_get_path(WEB_PUBLIC_PATH).'admin';
+                    $navigation['admin']['title'] = get_lang('PlatformAdmin');
+                }
+            }
+            $this->app['admin_toolbar_roles'] = $roleTemplate;
+        }
         return $navigation;
     }
 
@@ -1230,18 +1237,9 @@ class Template
                 $menu_navigation['dashboard'] = isset($possible_tabs['dashboard']) ? $possible_tabs['dashboard'] : null;
             }
 
-            // Administration
-            if (api_is_platform_admin(true)) {
-                if (api_get_setting('show_tabs', 'platform_administration') == 'true') {
-                    $navigation['platform_admin'] = $possible_tabs['platform_admin'];
-                } else {
-                    $menu_navigation['platform_admin'] = $possible_tabs['platform_admin'];
-                }
-            } else {
-
-                if (api_is_question_manager()) {
-                    $navigation['question_manager'] = $possible_tabs['question_manager'];
-                }
+            if (isset($possible_tabs['admin'])) {
+                $navigation['platform_admin'] = $possible_tabs['admin'];
+                $navigation['platform_admin'] = $possible_tabs['admin'];
             }
 
             // Reports
diff --git a/main/inc/routes.php b/main/inc/routes.php
index c1a71dd15e..042bd78c65 100644
--- a/main/inc/routes.php
+++ b/main/inc/routes.php
@@ -651,6 +651,7 @@ $app->match('/ajax', 'model_ajax.controller:indexAction', 'GET')
     ->bind('model_ajax');
 
 if ($alreadyInstalled) {
+    $app->mount('/admin/', new ChamiloLMS\Provider\ReflectionControllerProvider('admin.controller'));
     $app->mount('/admin/administrator/upgrade', new ChamiloLMS\Provider\ReflectionControllerProvider('upgrade.controller'));
     $app->mount('/admin/administrator/roles', new ChamiloLMS\Provider\ReflectionControllerProvider('role.controller'));
     $app->mount('/admin/administrator/question_scores', new ChamiloLMS\Provider\ReflectionControllerProvider('question_score.controller'));
diff --git a/main/inc/services.php b/main/inc/services.php
index 1ff3d3d707..2730af865f 100644
--- a/main/inc/services.php
+++ b/main/inc/services.php
@@ -153,6 +153,12 @@ $app['security.access_rules'] = array(
     //array('^.*$', 'ROLE_USER'),
 );
 
+// Roles that have an admin toolbar
+$app['allow_admin_toolbar'] = array(
+    'ROLE_ADMIN',
+    'ROLE_QUESTION_MANAGER'
+);
+
 /**
 $app['security.access_manager'] = $app->share(function($app) {
     return new AccessDecisionManager($app['security.voters'], 'unanimous');
@@ -639,7 +645,7 @@ $app['exercise_manager.controller'] = $app->share(
 
 $app['admin.controller'] = $app->share(
     function () use ($app) {
-        return new ChamiloLMS\Controller\Admin\AdministratorController($app);
+        return new ChamiloLMS\Controller\Admin\AdminController($app);
     }
 );
 $app['role.controller'] = $app->share(
diff --git a/main/template/default/admin/administrator/index.tpl b/main/template/default/admin/administrator/role_index.tpl
similarity index 95%
rename from main/template/default/admin/administrator/index.tpl
rename to main/template/default/admin/administrator/role_index.tpl
index 9de3cda6c1..2a1ac2e6de 100644
--- a/main/template/default/admin/administrator/index.tpl
+++ b/main/template/default/admin/administrator/role_index.tpl
@@ -1,5 +1,3 @@
-{% extends app.template_style ~ "/layout/layout_1_col.tpl" %}
-{% block content %}
 <script>
 $(function() {
     //$("#settings").tabs();
@@ -61,6 +59,3 @@ $(function() {
         </div>
     </div>
 </div>
-
-
-{% endblock %}
diff --git a/main/template/default/admin/index.tpl b/main/template/default/admin/index.tpl
new file mode 100644
index 0000000000..71c0ece65c
--- /dev/null
+++ b/main/template/default/admin/index.tpl
@@ -0,0 +1,6 @@
+{% extends app.template_style ~ "/layout/layout_1_col.tpl" %}
+{% block content %}
+    {% for role in app.admin_toolbar_roles %}
+        {% include app.template_style ~ "/admin/" ~ role ~ "/role_index.tpl" %}
+    {% endfor %}
+{% endblock %}
diff --git a/main/template/default/admin/questionmanager/role_index.tpl b/main/template/default/admin/questionmanager/role_index.tpl
new file mode 100644
index 0000000000..eeadbdbcdc
--- /dev/null
+++ b/main/template/default/admin/questionmanager/role_index.tpl
@@ -0,0 +1,3 @@
+<div class="well">
+    {{ 'Question manager role' | trans }}
+</div>
diff --git a/src/ChamiloLMS/Controller/Admin/AdministratorController.php b/src/ChamiloLMS/Controller/Admin/AdminController.php
similarity index 96%
rename from src/ChamiloLMS/Controller/Admin/AdministratorController.php
rename to src/ChamiloLMS/Controller/Admin/AdminController.php
index 86d119749d..e7a3b7c6e3 100644
--- a/src/ChamiloLMS/Controller/Admin/AdministratorController.php
+++ b/src/ChamiloLMS/Controller/Admin/AdminController.php
@@ -18,7 +18,7 @@ use ChamiloLMS\Form\QuestionScoreType;
  * @package ChamiloLMS\Controller
  * @author Julio Montoya <gugli100@gmail.com>
  */
-class AdministratorController extends CommonController
+class AdminController extends CommonController
 {
     /**
      *
@@ -28,6 +28,27 @@ class AdministratorController extends CommonController
      */
     public function indexAction()
     {
+        $template = $this->getTemplate();
+        /** @var  \Symfony\Component\Security\Core\SecurityContext  $security */
+        $security = $this->get('security');
+
+        if (!$security->isGranted($this->app['allow_admin_toolbar'])) {
+            return $this->abort(403, 'Access denied');
+        }
+
+        if ($security->isGranted('ROLE_ADMIN')) {
+            $this->loadAdminMenu();
+        }
+        $response = $template->render_template('admin/index.tpl');
+        return new Response($response, 200, array());
+    }
+
+    /**
+     * Move in template.lib
+     */
+    private function loadAdminMenu()
+    {
+
         $template = $this->get('template');
 
         // Access restrictions.
@@ -268,8 +289,6 @@ class AdministratorController extends CommonController
 
         $template->assign('web_admin_ajax_url', $admin_ajax_url);
         $template->assign('blocks', $blocks);
-        $response = $template->render_template('admin/administrator/index.tpl');
-        return new Response($response, 200, array());
     }
 
 }