Some internal reorg

classes/Auth/ORM.php

@@ -0,0 +1,4 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+class Auth_ORM extends lnApp_Auth_ORM {}
+?>

classes/Controller/User/Welcome.php

@@ -0,0 +1,4 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+class Controller_User_Welcome extends lnApp_Controller_User_Welcome {}
+?>

classes/Controller/Welcome.php

@@ -1,9 +1,4 @@
-<?php defined('SYSPATH') or die('No direct script access.');
+<?php defined('SYSPATH') or die('No direct access allowed.');
 
-class Controller_Welcome extends Controller_TemplateDefault {
-	protected $auth_required = FALSE;
-
-	public function action_index() {
-		throw HTTP_Exception::factory(500,'Site not setup!');
-	}
-} // End Welcome
+class Controller_Welcome extends lnApp_Controller_Welcome {}
+?>

classes/Model/Account.php

@@ -0,0 +1,4 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+class Model_Account extends lnApp_Model_Account {}
+?>

classes/Model/Auth/UserDefault.php

@@ -0,0 +1,4 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+abstract class Model_Auth_UserDefault extends lnApp_Model_Auth_UserDefault {}
+?>

classes/Model/Country.php

@@ -0,0 +1,4 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+class Model_Country extends lnApp_Model_Country {}
+?>

classes/Model/Language.php

@@ -0,0 +1,4 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+class Model_Language extends lnApp_Model_Language {}
+?>

classes/StaticList/Title.php

@@ -0,0 +1,4 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+class StaticList_Title extends lnApp_StaticList_Title {}
+?>

classes/lnApp/Auth/ORM.php

@@ -0,0 +1,140 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+/**
+ * Auth driver.
+ *
+ * @package    lnApp
+ * @category   Classes
+ * @author     Deon George
+ * @copyright  (c) 2014 Deon George
+ * @license    http://dev.leenooks.net/license.html
+ */
+abstract class lnApp_Auth_ORM extends Kohana_Auth_ORM {
+	/**
+	 * We need to override Kohana's __construct(), for tasks, which attempt to open a session
+	 * and probably dont have access to PHP sessions path.
+	 * Tasks dont need sessions anyway?
+	 */
+	public function __construct($config = array()) {
+		// Save the config in the object
+		$this->_config = $config;
+
+		if (PHP_SAPI !== 'cli')
+			parent::__construct($config);
+	}
+
+	/**
+	 * Logs a user in.
+	 *
+	 * @param   string   username
+	 * @param   string   password
+	 * @param   boolean  enable autologin
+	 * @return  boolean
+	 */
+	protected function _login($user,$password,$remember) {
+		if (! is_object($user)) {
+			$username = $user;
+
+			// Load the user
+			$user = ORM::factory($this->_model);
+			$user->where('email','=',$username)->find();
+
+			// If no user loaded, return
+			if (! $user->loaded())
+				return FALSE;
+		}
+
+		// Create a hashed password
+		if (is_string($password))
+			$password = $this->hash($password);
+
+		// If we have the right password, we'll check the status of the account
+		if ($user->password === $password AND $user->active) {
+			// Record our session ID, we may need to update our DB when we get a new ID
+			$oldsess = session_id();
+
+			// Finish the login
+			$this->complete_login($user);
+
+			// Do we need to update databases with our new sesion ID
+			$sct = Kohana::$config->load('config')->session_change_trigger;
+			if (session_id() != $oldsess AND count($sct))
+				foreach ($sct as $t => $c)
+					if (Config::module_exist($t))
+						foreach (ORM::factory(ucwords($t))->where($c,'=',$oldsess)->find_all() as $o)
+							$o->set('session_id',session_id())
+								->update();
+
+//@TODO
+			if (! $user->has_any('group',ORM::factory('Group',array('name'=>'Registered Users'))->list_childgrps(TRUE)))
+				HTTP::redirect(URL::link('user','account/activate'));
+
+			return TRUE;
+		}
+
+		// Login failed
+		return FALSE;
+	}
+
+	/**
+	 * Determine if a user is authorised to view an account
+	 *
+	 * @param Model_Account Account Ojbect to validate if the current user has access
+	 * @return boolean TRUE if authorised, FALSE if not.
+	 */
+	public function authorised(Model_Account $ao) {
+		return (($uo = $this->get_user()) AND $uo->loaded() AND ($uo == $ao OR in_array($ao->id,$uo->RTM->customers($uo->RTM))));
+	}
+
+	public function get_groups() {
+		return is_null($x=$this->get_user()) ? ORM::factory('Group')->where('id','=',0)->find_all() : $x->groups();
+	}
+
+	// Override Kohana Auth requirement to have a hash_key
+	public function hash($str) {
+		switch ($this->_config['hash_method']) {
+			case '' : return $str;
+			case 'md5': return md5($str);
+			default: return hash_hmac($this->_config['hash_method'], $str, $this->_config['hash_key']);
+		}
+	}
+
+	/**
+	 * OSB authentication is controlled via database queries.
+	 *
+	 * This method can be used to test two situations:
+	 * 1) Is the user logged in? ($role == FALSE)
+	 * 2) Can the user run the current controller->action ($role == TRUE)
+	 *
+	 * @param   boolean If authentication should be done for this module:method (ie: controller:action).
+	 * @return  boolean
+	 */
+	public function logged_in($role=NULL,$debug=NULL) {
+		$status = FALSE;
+
+		// If we are a CLI, we are not logged in
+		if (PHP_SAPI === 'cli')
+			return $status;
+
+		// Get the user from the session
+		$uo = $this->get_user();
+
+		// If we are not a valid user object, then we are not logged in
+		if (is_object($uo) AND ($uo instanceof Model_Account) AND $uo->loaded())
+			if (! empty($role)) {
+				if (($x = Request::current()->mmo()) instanceof Model)
+					// If the role has the authorisation to run the method
+					foreach ($x->group->find_all() as $go)
+						if ($go->id == 0 OR $uo->has_any('group',$go->list_childgrps(TRUE))) {
+							$status = TRUE;
+							break;
+						}
+
+			// There is no role, so the method should be allowed to run as anonymous
+			} else
+				$status = TRUE;
+
+		return $status;
+	}
+}
+?>

classes/lnApp/Controller/TemplateDefault.php

@@ -56,7 +56,9 @@ abstract class lnApp_Controller_TemplateDefault extends Kohana_Controller_Templa
 	 * @return boolean
 	 */
 	protected function _auth_required() {
-		return FALSE;
+		return (($this->auth_required !== FALSE && Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__) === FALSE) ||
+			(is_array($this->secure_actions) && array_key_exists($this->request->action(),$this->secure_actions) &&
+			! Auth::instance()->logged_in($this->secure_actions[$this->request->action()],get_class($this).'|'.__METHOD__)));
 	}
 
 	/**

classes/lnApp/Controller/User/Welcome.php

@@ -0,0 +1,19 @@
+<?php defined('SYSPATH') or die('No direct script access.');
+
+/**
+ * Main home page
+ *
+ * @package    lnApp
+ * @category   Controllers/User
+ * @author     Deon George
+ * @copyright  (c) 2009-2013 Deon George
+ * @license    http://dev.leenooks.net/license.html
+ */
+abstract class lnApp_Controller_User_Welcome extends Controller_Welcome {
+	protected $auth_required = TRUE;
+
+	public function action_index() {
+		throw HTTP_Exception::factory(500,'Site not setup!');
+	}
+}
+?>

classes/lnApp/Controller/Welcome.php

@@ -0,0 +1,19 @@
+<?php defined('SYSPATH') or die('No direct script access.');
+
+/**
+ * Main home page for un-authenticated users
+ *
+ * @package    lnApp
+ * @category   Controllers
+ * @author     Deon George
+ * @copyright  (c) 2009-2013 Deon George
+ * @license    http://dev.leenooks.net/license.html
+ */
+abstract class lnApp_Controller_Welcome extends Controller_TemplateDefault {
+	protected $auth_required = FALSE;
+
+	public function action_index() {
+		throw HTTP_Exception::factory(500,'Site not setup!');
+	}
+}
+?>

classes/lnApp/Model/Account.php

@@ -0,0 +1,152 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+/**
+ * This Model manages both the accounts that users use to login to the system, as well as the account where services are owned.
+ *
+ * @package    lnApp
+ * @category   Models
+ * @author     Deon George
+ * @copyright  (c) 2014 Deon George
+ * @license    http://dev.leenooks.net/license.html
+ */
+abstract class lnApp_Model_Account extends Model_Auth_UserDefault {
+	// Relationships
+	protected $_has_many = array(
+		'email_log'=>array('far_key'=>'id'),
+		'group'=>array('through'=>'account_group'),
+	);
+
+	protected $_has_one = array(
+		'country'=>array('foreign_key'=>'id'),
+		'currency'=>array('foreign_key'=>'id'),
+		'language'=>array('foreign_key'=>'id'),
+	);
+
+	protected $_display_filters = array(
+		'date_orig'=>array(
+			array('Site::Date',array(':value')),
+		),
+		'date_last'=>array(
+			array('Site::Date',array(':value')),
+		),
+		'active'=>array(
+			array('StaticList_YesNo::get',array(':value',TRUE)),
+		),
+	);
+
+	protected $_form = array('id'=>'id','value'=>'name(TRUE)');
+
+	protected $_save_message = TRUE;
+
+	/**
+	 * Our account number format
+	 */
+	public function accnum() {
+		return sprintf('%s-%04s',Company::instance()->site(TRUE),$this->id);
+	}
+
+	public function activate_code() {
+		return md5(sprintf('%s-%s-%s-%s',$this->accnum(),$this->date_orig,$this->date_last,$this->email));
+	}
+
+	public function activated() {
+		return $this->has_any('group',ORM::factory('Group',array('name'=>'Registered Users'))->list_childgrps(TRUE));
+	}
+
+	/**
+	 * Get the groups that an account belongs to
+	 */
+	public function groups() {
+		$result = array();
+
+		foreach ($this->group->where_active()->find_all() as $go)
+			foreach ($go->list_parentgrps(TRUE) as $cgo)
+				if (empty($result[$cgo->id]))
+					$result[$cgo->id] = $cgo;
+
+		return $result;
+	}
+
+	public function log($message) {
+		// Log a message for this account
+		$alo = ORM::factory('Account_Log');
+		$alo->account_id = $this->id;
+		$alo->ip = Request::$client_ip;
+		$alo->details = $message;
+		$alo->save();
+
+		return $alo->saved();
+	}
+
+	public function isAdmin() {
+		return FALSE;
+	}
+
+	/**
+	 * This function will extract the available methods for this account
+	 * This is used both for menu options and method security
+	 */
+	public function methods() {
+		static $result = array();
+
+		// @todo We may want to optimise this with some session caching.
+		if ($result)
+			return $result;
+
+		foreach ($this->groups() as $go)
+			foreach ($go->module_method->find_all() as $mmo)
+				if (empty($result[$mmo->id]))
+					$result[$mmo->id] = $mmo;
+
+		Sort::MAsort($result,'module->name,menu_display');
+
+		return $result;
+	}
+
+	/**
+	 * Return an account name
+	 */
+	public function name() {
+		return trim(sprintf('%s %s',$this->first_name,$this->last_name));
+	}
+
+	/**
+	 * Search for accounts matching a term
+	 */
+	public function list_autocomplete($term,$index,$value,array $label,array $limit=array(),array $options=NULL) {
+		$ao = Auth::instance()->get_user();
+
+		$this->clear();
+		$this->where_active();
+
+		// Build our where clause
+		// First Name, Last name
+		if (preg_match('/\ /',$term)) {
+			list($fn,$ln) = explode(' ',$term,2);
+
+			$this->where_open()
+				->where('first_name','like','%'.$fn.'%')
+				->and_where('last_name','like','%'.$ln.'%')
+				->where_close();
+
+		} elseif (is_numeric($term)) {
+			$this->where('id','like','%'.$term.'%');
+
+		} elseif (preg_match('/\@/',$term)) {
+			$this->where('email','like','%'.$term.'%');
+
+		} else {
+			$this->where_open()
+				->or_where('first_name','like','%'.$term.'%')
+				->or_where('last_name','like','%'.$term.'%')
+				->or_where('email','like','%'.$term.'%')
+				->where_close();
+		}
+
+		// Restrict results to authorised accounts
+		// @todo
+
+		return parent::list_autocomplete($term,$index,$value,$label,$limit,$options);
+	}
+}
+?>

classes/lnApp/Model/Auth/UserDefault.php

@@ -0,0 +1,40 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+/**
+ * Default ORM profile for Authentication Accounts
+ *
+ * @package    lnApp
+ * @category   Models
+ * @author     Deon George
+ * @copyright  (c) 2014 Deon George
+ * @license    http://dev.leenooks.net/license.html
+ */
+abstract class lnApp_Model_Auth_UserDefault extends Model_Auth_User {
+	// Validation rules
+	public function rules() {
+		return array(
+			'email' => array(
+				array('not_empty'),
+				array('min_length', array(':value', 4)),
+				array('max_length', array(':value', 127)),
+				array('email'),
+			),
+		);
+	}
+
+	/**
+	 * Complete our login
+	 *
+	 * For some database logins, we may not want to record the user last login
+	 * details in the repository, so we just override that parent function
+	 * here.
+	 *
+	 * We can also do some other post-login actions here.
+	 */
+	public function complete_login() {
+		return $this->log('Logged In');
+	}
+
+	abstract public function isAdmin();
+}
+?>

classes/lnApp/Model/Country.php

@@ -0,0 +1,23 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+/**
+ * Country Model
+ *
+ * @package    lnApp
+ * @category   Models
+ * @author     Deon George
+ * @copyright  (c) 2014 Deon George
+ * @license    http://dev.leenooks.net/license.html
+ */
+abstract class lnApp_Model_Country extends ORM {
+	protected $_sorting = array(
+		'name'=>'ASC',
+	);
+
+	protected $_form = array('id'=>'id','value'=>'name');
+
+	public static function icon() {
+		return HTML::image(sprintf('media/img/country/%s.png',strtolower($this->two_code)),array('alt'=>$this->currency->symbol));
+	}
+}
+?>

classes/lnApp/Model/Language.php

@@ -0,0 +1,19 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+/**
+ * Language Model
+ *
+ * @package    lnApp
+ * @category   Models
+ * @author     Deon George
+ * @copyright  (c) 2014 Deon George
+ * @license    http://dev.leenooks.net/license.html
+ */
+abstract class lnApp_Model_Language extends ORM {
+	protected $_sorting = array(
+		'name'=>'ASC',
+	);
+
+	protected $_form = array('id'=>'id','value'=>'name');
+}
+?>

classes/lnApp/Site.php

@@ -33,7 +33,7 @@ abstract class lnApp_Site {
 	}
 
 	/**
-	 * Return the site configured language
+	 * Return the site configured id
 	 */
 	public static function ID($format=FALSE) {
 		return $format ? sprintf('%02s',Kohana::$config->load('config')->id) : Kohana::$config->load('config')->id;
@@ -43,6 +43,19 @@ abstract class lnApp_Site {
 	 * Return the site configured language
 	 */
 	public static function Language() {
+		foreach (Request::factory()->accept_lang() as $k=>$v) {
+			if (strlen($k) == 2)
+				$k = sprintf('%s_%s',strtolower($k),strtoupper($k));
+			else {
+				list($k,$v) = preg_split('/[-_]/',$k,2);
+				$k = sprintf('%s_%s',strtolower($k),strtoupper($v));
+			}
+
+			if ($x=ORM::factory('Language',array('iso'=>$k)))
+				return $x;
+		}
+
+		// @todo Return Default Language
 		return Kohana::$config->load('config')->language;
 	}
 

classes/lnApp/StaticList/Title.php

@@ -0,0 +1,28 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+/**
+ * This is class renders Person Title responses and forms.
+ *
+ * @package    lnApp
+ * @category   Helpers
+ * @author     Deon George
+ * @copyright  (c) 2014 Deon George
+ * @license    http://dev.leenooks.net/license.html
+ */
+abstract class lnApp_StaticList_Title extends StaticList {
+	protected function _table() {
+		return array(
+			'mr'=>_('Mr'),
+			'ms'=>_('Ms'),
+			'mrs'=>_('Mrs'),
+			'miss'=>_('Miss'),
+			'dr'=>_('Dr'),
+			'prof'=>_('Prof')
+		);
+	}
+
+	public static function get($value) {
+		return self::factory()->_get($value);
+	}
+}
+?>

classes/lnApp/URL.php

@@ -62,7 +62,7 @@ abstract class lnApp_URL extends Kohana_URL {
 				case 'admin': $result[$k] = array('name'=>'Administrator','icon'=>'fa-globe');
 					break;
 
-				case 'user': $result[$k] = array('name'=>array_key_exists('auth',Kohana::modules()) ? Auth::instance()->get_user()->name() : 'Guest','icon'=>'fa-user');
+				case 'user': $result[$k] = array('name'=>(array_key_exists('auth',Kohana::modules()) AND $x=Auth::instance()->get_user()) ? $x->name() : 'Guest','icon'=>'icon-user');
 					break;
 
 				default: $result[$k] = array('name'=>$k,'icon'=>'fa-question-sign');