How can you override Mage_Adminhtml_Controller_Action
https://magento.stackexchange.com/questions/419
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Specifically I'm interested in potentially overriding _isAllowed() so that it defaults to false instead of true. Most of the things I've found related to overriding controllers deal with how to override a specific route's controller, but I don't think that applies here.
The reason I want to do this is so that in case 3rd party modules that I haven't developed haven't implemented _isAllowed() in their controllers, they will default to not being accessible.
I know this is a pretty low-level change to make and could break things in the core, in which case I might not be able to do it. But I'll obviously test that once I implement it.
I looked a bit at the logic inside Mage_Core_Controller_Varien_Router_Standard::match() but not seeing anything that helps.
Solution
This is a class that many other classes extend so it can't be easily overloaded (similar to base models or abstract classes).
If you really wanted to change this behavior you would have to copy and paste the entire source and place it inside of app/code/local/Mage/Adminhtml/Controller/Action.php.
It is recommend to follow "proper" Magento convention and implement the _isAllowed method in your custom controller classes. For securing 3rd party modules, the above approach will work but you will purposely make upgrading more difficult. A "cleaner" approach would be as you mentioned to rewrite each specific route's controller. This could involve a lot of effort and time, you have to draw the line appropriately for each project.
