From 421f9f319dcff528989462bd8af169777460417f Mon Sep 17 00:00:00 2001
From: Lars Dieckow <ldieckow@sipwise.com>
Date: Wed, 12 Jun 2013 19:43:14 +0200
Subject: [PATCH] centralised ACL roles for all controllers

---
 lib/NGCP/Panel/Controller/Billing.pm  |  6 +++++
 lib/NGCP/Panel/Controller/Contact.pm  |  6 +++++
 lib/NGCP/Panel/Controller/Contract.pm |  6 +++++
 lib/NGCP/Panel/Controller/Domain.pm   | 39 ++++++++++++---------------
 lib/NGCP/Panel/Controller/Peering.pm  |  6 +++++
 lib/NGCP/Panel/Controller/Reseller.pm |  6 +++++
 lib/NGCP/Panel/Controller/Rewrite.pm  |  6 +++++
 7 files changed, 53 insertions(+), 22 deletions(-)

diff --git a/lib/NGCP/Panel/Controller/Billing.pm b/lib/NGCP/Panel/Controller/Billing.pm
index 23496fd0f7..eff83affe1 100644
--- a/lib/NGCP/Panel/Controller/Billing.pm
+++ b/lib/NGCP/Panel/Controller/Billing.pm
@@ -17,6 +17,12 @@ use NGCP::Panel::Form::BillingFeeUpload;
 my @WEEKDAYS = map { langinfo($_) } (DAY_2, DAY_3, DAY_4, DAY_5, DAY_6, DAY_7, DAY_1);
 #Monday Tuesday Wednesday Thursday Friday Saturday Sunday
 
+sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+    my ($self, $c) = @_;
+    $c->log->debug(__PACKAGE__ . '::auto');
+    return 1;
+}
+
 sub profile_list :Chained('/') :PathPart('billing') :CaptureArgs(0) :Args(0) {
     my ( $self, $c ) = @_;
     
diff --git a/lib/NGCP/Panel/Controller/Contact.pm b/lib/NGCP/Panel/Controller/Contact.pm
index b226bfa36a..8e14f86a23 100644
--- a/lib/NGCP/Panel/Controller/Contact.pm
+++ b/lib/NGCP/Panel/Controller/Contact.pm
@@ -16,6 +16,12 @@ Catalyst Controller.
 
 =cut
 
+sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+    my ($self, $c) = @_;
+    $c->log->debug(__PACKAGE__ . '::auto');
+    return 1;
+}
+
 sub list :Chained('/') :PathPart('contact') :CaptureArgs(0) {
     my ($self, $c) = @_;
 
diff --git a/lib/NGCP/Panel/Controller/Contract.pm b/lib/NGCP/Panel/Controller/Contract.pm
index 547a682a83..aae3572c36 100644
--- a/lib/NGCP/Panel/Controller/Contract.pm
+++ b/lib/NGCP/Panel/Controller/Contract.pm
@@ -5,6 +5,12 @@ BEGIN { extends 'Catalyst::Controller'; }
 use NGCP::Panel::Form::Contract;
 use NGCP::Panel::Utils;
 
+sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+    my ($self, $c) = @_;
+    $c->log->debug(__PACKAGE__ . '::auto');
+    return 1;
+}
+
 sub contract_list :Chained('/') :PathPart('contract') :CaptureArgs(0) {
     my ($self, $c) = @_;
     
diff --git a/lib/NGCP/Panel/Controller/Domain.pm b/lib/NGCP/Panel/Controller/Domain.pm
index e4b341c6f4..80e31e3596 100644
--- a/lib/NGCP/Panel/Controller/Domain.pm
+++ b/lib/NGCP/Panel/Controller/Domain.pm
@@ -6,21 +6,24 @@ BEGIN { extends 'Catalyst::Controller'; }
 
 use NGCP::Panel::Form::Domain;
 
-sub dom_list :Chained('/') :PathPart('domain') :CaptureArgs(0) :Args(0)
-  :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+    my ($self, $c) = @_;
+    $c->log->debug(__PACKAGE__ . '::auto');
+    return 1;
+}
+
+sub dom_list :Chained('/') :PathPart('domain') :CaptureArgs(0) :Args(0) {
     my ($self, $c) = @_;
 
     $c->stash(has_edit => 0);
     $c->stash(template => 'domain/list.tt');
 }
 
-sub root :Chained('dom_list') :PathPart('') :Args(0)
-  :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub root :Chained('dom_list') :PathPart('') :Args(0) {
     my ($self, $c) = @_;
 }
 
-sub create :Chained('dom_list') :PathPart('create') :Args(0)
-  :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub create :Chained('dom_list') :PathPart('create') :Args(0) {
     my ($self, $c) = @_;
 
     my $form = NGCP::Panel::Form::Domain->new;
@@ -48,8 +51,7 @@ sub create :Chained('dom_list') :PathPart('create') :Args(0)
     $c->stash(form => $form);
 }
 
-sub base :Chained('/domain/dom_list') :PathPart('') :CaptureArgs(1) :Args(0)
-  :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub base :Chained('/domain/dom_list') :PathPart('') :CaptureArgs(1) :Args(0) {
     my ($self, $c, $domain_id) = @_;
 
     unless($domain_id && $domain_id->is_integer) {
@@ -68,8 +70,7 @@ sub base :Chained('/domain/dom_list') :PathPart('') :CaptureArgs(1) :Args(0)
     $c->stash(domain_result => $res);
 }
 
-sub edit :Chained('base') :PathPart('edit') :Args(0)
-  :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub edit :Chained('base') :PathPart('edit') :Args(0) {
     my ($self, $c) = @_;
 
     my $posted = ($c->request->method eq 'POST');
@@ -95,8 +96,7 @@ sub edit :Chained('base') :PathPart('edit') :Args(0)
     $c->stash(edit_flag => 1);
 }
 
-sub delete :Chained('base') :PathPart('delete') :Args(0)
-  :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub delete :Chained('base') :PathPart('delete') :Args(0) {
     my ($self, $c) = @_;
     
     unless ( defined($c->stash->{'domain_result'}) ) {
@@ -118,8 +118,7 @@ sub delete :Chained('base') :PathPart('delete') :Args(0)
     $c->response->redirect($c->uri_for());
 }
 
-sub ajax :Chained('dom_list') :PathPart('ajax') :Args(0)
-  :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub ajax :Chained('dom_list') :PathPart('ajax') :Args(0) {
     my ($self, $c) = @_;
     my $dispatch_to = '_ajax_resultset_' . $c->user->auth_realm;
     my $resultset = $self->$dispatch_to($c);
@@ -149,8 +148,7 @@ sub _ajax_resultset_reseller {
     );
 }
 
-sub preferences :Chained('base') :PathPart('preferences') :Args(0)
-  :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub preferences :Chained('base') :PathPart('preferences') :Args(0) {
     my ($self, $c) = @_;
     
     my $domain_name = $c->stash->{domain}->{domain};
@@ -163,8 +161,7 @@ sub preferences :Chained('base') :PathPart('preferences') :Args(0)
     $c->stash(template => 'domain/preferences.tt');
 }
 
-sub preferences_base :Chained('base') :PathPart('preferences') :CaptureArgs(1) :Args(0)
-  :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub preferences_base :Chained('base') :PathPart('preferences') :CaptureArgs(1) :Args(0) {
     my ($self, $c, $pref_id) = @_;
 
     $self->load_preference_list($c);
@@ -188,8 +185,7 @@ sub preferences_base :Chained('base') :PathPart('preferences') :CaptureArgs(1) :
     $c->stash(template => 'domain/preferences.tt');
 }
 
-sub preferences_edit :Chained('preferences_base') :PathPart('edit') :Args(0)
-  :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub preferences_edit :Chained('preferences_base') :PathPart('edit') :Args(0) {
     my ($self, $c) = @_;
    
     $c->stash(edit_preference => 1);
@@ -203,8 +199,7 @@ sub preferences_edit :Chained('preferences_base') :PathPart('edit') :Args(0)
     );
 }
 
-sub load_preference_list : Private
-  :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub load_preference_list :Private {
     my ($self, $c) = @_;
     
     my $dom_pref_values = $c->model('provisioning')
diff --git a/lib/NGCP/Panel/Controller/Peering.pm b/lib/NGCP/Panel/Controller/Peering.pm
index bf20f53911..7292fbcf71 100644
--- a/lib/NGCP/Panel/Controller/Peering.pm
+++ b/lib/NGCP/Panel/Controller/Peering.pm
@@ -9,6 +9,12 @@ use NGCP::Panel::Form::PeeringGroup;
 use NGCP::Panel::Form::PeeringRule;
 use NGCP::Panel::Form::PeeringServer;
 
+sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) {
+    my ($self, $c) = @_;
+    $c->log->debug(__PACKAGE__ . '::auto');
+    return 1;
+}
+
 sub group_list :Chained('/') :PathPart('peering') :CaptureArgs(0) :Args(0) {
     my ( $self, $c ) = @_;
     
diff --git a/lib/NGCP/Panel/Controller/Reseller.pm b/lib/NGCP/Panel/Controller/Reseller.pm
index fde6fc7bf4..1c3d45dcc0 100644
--- a/lib/NGCP/Panel/Controller/Reseller.pm
+++ b/lib/NGCP/Panel/Controller/Reseller.pm
@@ -19,6 +19,12 @@ Catalyst Controller.
 
 =cut
 
+sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) {
+    my ($self, $c) = @_;
+    $c->log->debug(__PACKAGE__ . '::auto');
+    return 1;
+}
+
 sub list_reseller :Chained('/') :PathPart('reseller') :CaptureArgs(0) {
     my ($self, $c) = @_;
 
diff --git a/lib/NGCP/Panel/Controller/Rewrite.pm b/lib/NGCP/Panel/Controller/Rewrite.pm
index 2d0a9ff9a4..d22a32376b 100644
--- a/lib/NGCP/Panel/Controller/Rewrite.pm
+++ b/lib/NGCP/Panel/Controller/Rewrite.pm
@@ -7,6 +7,12 @@ BEGIN { extends 'Catalyst::Controller'; }
 use NGCP::Panel::Form::RewriteRuleSet;
 use NGCP::Panel::Form::RewriteRule;
 
+sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+    my ($self, $c) = @_;
+    $c->log->debug(__PACKAGE__ . '::auto');
+    return 1;
+}
+
 sub set_list :Chained('/') :PathPart('rewrite') :CaptureArgs(0) {
     my ( $self, $c ) = @_;