Initial Commit
This commit is contained in:
commit
f8490ed97e
4
classes/Auth/ORM.php
Normal file
4
classes/Auth/ORM.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Auth_ORM extends lnAuth_Auth_ORM {}
|
||||||
|
?>
|
4
classes/Controller/Account.php
Normal file
4
classes/Controller/Account.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Controller_Account extends lnAuth_Controller_Account {}
|
||||||
|
?>
|
4
classes/Controller/Admin/Module.php
Normal file
4
classes/Controller/Admin/Module.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Controller_Admin_Module extends lnAuth_Controller_Admin_Module {}
|
||||||
|
?>
|
4
classes/Controller/Admin/Module/Method.php
Normal file
4
classes/Controller/Admin/Module/Method.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Controller_Admin_Module_Method extends lnAuth_Controller_Admin_Module_Method {}
|
||||||
|
?>
|
4
classes/Controller/Module.php
Normal file
4
classes/Controller/Module.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Controller_Module extends lnAuth_Controller_Module {}
|
||||||
|
?>
|
4
classes/Controller/TemplateDefault.php
Normal file
4
classes/Controller/TemplateDefault.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Controller_TemplateDefault extends lnAuth_Controller_TemplateDefault {}
|
||||||
|
?>
|
4
classes/Controller/User/Account.php
Normal file
4
classes/Controller/User/Account.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Controller_User_Account extends lnAuth_Controller_User_Account {}
|
||||||
|
?>
|
4
classes/DB.php
Normal file
4
classes/DB.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class DB extends lnAuth_DB {}
|
||||||
|
?>
|
4
classes/Menu.php
Normal file
4
classes/Menu.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Menu extends lnAuth_Menu {}
|
||||||
|
?>
|
4
classes/Model/Account.php
Normal file
4
classes/Model/Account.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Model_Account extends lnAuth_Model_Account {}
|
||||||
|
?>
|
4
classes/Model/Account/Group.php
Normal file
4
classes/Model/Account/Group.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Model_Account_Group extends lnAuth_Model_Account_Group {}
|
||||||
|
?>
|
4
classes/Model/Account/Log.php
Normal file
4
classes/Model/Account/Log.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Model_Account_Log extends lnAuth_Model_Account_Log {}
|
||||||
|
?>
|
4
classes/Model/Auth/UserDefault.php
Normal file
4
classes/Model/Auth/UserDefault.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
abstract class Model_Auth_UserDefault extends lnAuth_Model_Auth_UserDefault {}
|
||||||
|
?>
|
4
classes/Model/Group.php
Normal file
4
classes/Model/Group.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Model_Group extends lnAuth_Model_Group {}
|
||||||
|
?>
|
4
classes/Model/Group/Method.php
Normal file
4
classes/Model/Group/Method.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Model_Group_Method extends lnAuth_Model_Group_Method {}
|
||||||
|
?>
|
4
classes/Model/Module.php
Normal file
4
classes/Model/Module.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Model_Module extends lnAuth_Model_Module {}
|
||||||
|
?>
|
4
classes/Model/Module/Method.php
Normal file
4
classes/Model/Module/Method.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Model_Module_Method extends lnAuth_Model_Module_Method {}
|
||||||
|
?>
|
4
classes/Model/Module/Method/Token.php
Normal file
4
classes/Model/Module/Method/Token.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Model_Method_Token extends lnAuth_Model_Method_Token {}
|
||||||
|
?>
|
4
classes/Model/Record/ID.php
Normal file
4
classes/Model/Record/ID.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
class Model_Record_ID extends lnAuth_Model_Record_ID {}
|
||||||
|
?>
|
4
classes/ORM.php
Normal file
4
classes/ORM.php
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
abstract class ORM extends lnAuth_ORM {}
|
||||||
|
?>
|
226
classes/lnAuth/Auth/ORM.php
Normal file
226
classes/lnAuth/Auth/ORM.php
Normal file
@ -0,0 +1,226 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Auth driver.
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Classes
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
class lnAuth_Auth_ORM extends Kohana_Auth_ORM {
|
||||||
|
/**
|
||||||
|
* We need to override Kohana's __construct(), for tasks, which attempt to open a session
|
||||||
|
* and probably dont have access to PHP sessions path.
|
||||||
|
* Tasks dont need sessions anyway?
|
||||||
|
*/
|
||||||
|
public function __construct($config = array()) {
|
||||||
|
// Save the config in the object
|
||||||
|
$this->_config = $config;
|
||||||
|
|
||||||
|
if (PHP_SAPI !== 'cli')
|
||||||
|
parent::__construct($config);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the user that a token applies to
|
||||||
|
*
|
||||||
|
* This will check that the token is valid (not expired and for the request)
|
||||||
|
*
|
||||||
|
* @param $token The token
|
||||||
|
* @return Model_Account|NULL The user that the token is valid for.
|
||||||
|
*/
|
||||||
|
private function _get_token_user($token) {
|
||||||
|
// This has been implemented, as we sometimes we seem to come here twice
|
||||||
|
static $uo = NULL;
|
||||||
|
|
||||||
|
if (! is_null($uo))
|
||||||
|
return $uo;
|
||||||
|
|
||||||
|
$mmto = ORM::factory('Module_Method_Token',array('token'=>$token));
|
||||||
|
|
||||||
|
// Ignore the token if it doesnt exist.
|
||||||
|
if ($mmto->loaded()) {
|
||||||
|
// Check that the token is for this URI
|
||||||
|
$mo = ORM::factory('Module',array('name'=>Request::current()->controller()));
|
||||||
|
$mmo = $mo->module_method
|
||||||
|
->where('name','=',strtolower(Request::current()->directory() ? sprintf('%s:%s',Request::current()->directory(),Request::current()->action()) : Request::current()->action()))
|
||||||
|
->find();
|
||||||
|
|
||||||
|
// Ignore the token if this is not the right method.
|
||||||
|
if ($mmo->id == $mmto->method_id) {
|
||||||
|
if (! is_null($mmto->date_expire) AND $mmto->date_expire < time()) {
|
||||||
|
SystemMessage::factory()
|
||||||
|
->title(_('Token Not Valid'))
|
||||||
|
->type('warning')
|
||||||
|
->body(_('Token expired'));
|
||||||
|
|
||||||
|
Session::instance()->delete('token');
|
||||||
|
$mmto->delete();
|
||||||
|
|
||||||
|
} elseif (! is_null($mmto->uses) AND $mmto->uses < 1) {
|
||||||
|
SystemMessage::factory()
|
||||||
|
->title(_('Token Not Valid'))
|
||||||
|
->type('warning')
|
||||||
|
->body(_('Token expired'));
|
||||||
|
|
||||||
|
Session::instance()->delete('token');
|
||||||
|
$mmto->delete();
|
||||||
|
|
||||||
|
} else {
|
||||||
|
// If this is a usage count token, reduce the count.
|
||||||
|
if (! is_null($mmto->uses))
|
||||||
|
$mmto->uses -= 1;
|
||||||
|
|
||||||
|
// Record the date this token was used
|
||||||
|
$mmto->date_last = time();
|
||||||
|
$mmto->save();
|
||||||
|
|
||||||
|
Session::instance()->set('token',$token);
|
||||||
|
|
||||||
|
$uo = ORM::factory($this->_model,$mmto->account_id);
|
||||||
|
$uo->log(sprintf('Token %s used for method %s [%s]',$mmto->token,$mmto->module_method->id,Request::current()->param('id')));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return $uo;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Logs a user in.
|
||||||
|
*
|
||||||
|
* @param string username
|
||||||
|
* @param string password
|
||||||
|
* @param boolean enable autologin
|
||||||
|
* @return boolean
|
||||||
|
*/
|
||||||
|
protected function _login($user,$password,$remember) {
|
||||||
|
if (! is_object($user)) {
|
||||||
|
$username = $user;
|
||||||
|
|
||||||
|
// Load the user
|
||||||
|
$user = ORM::factory($this->_model);
|
||||||
|
$user->where('email','=',$username)->find();
|
||||||
|
|
||||||
|
// If no user loaded, return
|
||||||
|
if (! $user->loaded())
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create a hashed password
|
||||||
|
if (is_string($password))
|
||||||
|
$password = $this->hash($password);
|
||||||
|
|
||||||
|
// If we have the right password, we'll check the status of the account
|
||||||
|
if ($user->password === $password AND $user->active) {
|
||||||
|
// Record our session ID, we may need to update our DB when we get a new ID
|
||||||
|
$oldsess = session_id();
|
||||||
|
|
||||||
|
// Finish the login
|
||||||
|
$this->complete_login($user);
|
||||||
|
|
||||||
|
// Do we need to update databases with our new sesion ID
|
||||||
|
$sct = Kohana::$config->load('config')->session_change_trigger;
|
||||||
|
if (session_id() != $oldsess AND count($sct))
|
||||||
|
foreach ($sct as $t => $c)
|
||||||
|
if (Config::module_exist($t))
|
||||||
|
foreach (ORM::factory(ucwords($t))->where($c,'=',$oldsess)->find_all() as $o)
|
||||||
|
$o->set('session_id',session_id())
|
||||||
|
->update();
|
||||||
|
|
||||||
|
if (! $user->has_any('group',ORM::factory('Group',array('name'=>'Registered Users'))->list_childgrps(TRUE)))
|
||||||
|
HTTP::redirect(URL::link('user','account/activate'));
|
||||||
|
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Login failed
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Determine if a user is authorised to view an account
|
||||||
|
*
|
||||||
|
* @param Model_Account Account Ojbect to validate if the current user has access
|
||||||
|
* @return boolean TRUE if authorised, FALSE if not.
|
||||||
|
*/
|
||||||
|
public function authorised(Model_Account $ao) {
|
||||||
|
return (($uo = $this->get_user()) AND $uo->loaded() AND ($uo == $ao OR in_array($ao->id,$uo->RTM->customers($uo->RTM))));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Gets the currently logged in user from the session.
|
||||||
|
* Returns NULL if no user is currently logged in.
|
||||||
|
*
|
||||||
|
* @param boolean Check token users too
|
||||||
|
* @return mixed
|
||||||
|
*/
|
||||||
|
public function get_user($default=NULL,$tokenuser=TRUE) {
|
||||||
|
// If we are a CLI, we are not logged in
|
||||||
|
if (PHP_SAPI === 'cli')
|
||||||
|
throw new Kohana_Exception('Calling :method from the CLI is not allowed!',array(':method'=>__METHOD__));
|
||||||
|
|
||||||
|
// Get the current user
|
||||||
|
$uo = parent::get_user($default);
|
||||||
|
|
||||||
|
// If we are not logged in, see if there is token for the user
|
||||||
|
if (is_null($uo) AND $tokenuser AND ($token=Session::instance()->get('token')) OR (! empty($_REQUEST['token']) AND $token=$_REQUEST['token']))
|
||||||
|
$uo = $this->_get_token_user($token);
|
||||||
|
|
||||||
|
return $uo;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function get_groups() {
|
||||||
|
return is_null($x=$this->get_user()) ? ORM::factory('Group')->where('id','=',0)->find_all() : $x->groups();
|
||||||
|
}
|
||||||
|
|
||||||
|
// Override Kohana Auth requirement to have a hash_key
|
||||||
|
public function hash($str) {
|
||||||
|
switch ($this->_config['hash_method']) {
|
||||||
|
case '' : return $str;
|
||||||
|
case 'md5': return md5($str);
|
||||||
|
default: return hash_hmac($this->_config['hash_method'], $str, $this->_config['hash_key']);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* OSB authentication is controlled via database queries.
|
||||||
|
*
|
||||||
|
* This method can be used to test two situations:
|
||||||
|
* 1) Is the user logged in? ($role == FALSE)
|
||||||
|
* 2) Can the user run the current controller->action ($role == TRUE)
|
||||||
|
*
|
||||||
|
* @param boolean If authentication should be done for this module:method (ie: controller:action).
|
||||||
|
* @return boolean
|
||||||
|
*/
|
||||||
|
public function logged_in($role=NULL,$debug=NULL) {
|
||||||
|
$status = FALSE;
|
||||||
|
|
||||||
|
// If we are a CLI, we are not logged in
|
||||||
|
if (PHP_SAPI === 'cli')
|
||||||
|
return $status;
|
||||||
|
|
||||||
|
// Get the user from the session
|
||||||
|
$uo = $this->get_user();
|
||||||
|
|
||||||
|
// If we are not a valid user object, then we are not logged in
|
||||||
|
if (is_object($uo) AND ($uo instanceof Model_Account) AND $uo->loaded())
|
||||||
|
if (! empty($role)) {
|
||||||
|
if (($x = Request::current()->mmo()) instanceof Model)
|
||||||
|
// If the role has the authorisation to run the method
|
||||||
|
foreach ($x->group->find_all() as $go)
|
||||||
|
if ($go->id == 0 OR $uo->has_any('group',$go->list_childgrps(TRUE))) {
|
||||||
|
$status = TRUE;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
// There is no role, so the method should be allowed to run as anonymous
|
||||||
|
} else
|
||||||
|
$status = TRUE;
|
||||||
|
|
||||||
|
return $status;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
14
classes/lnAuth/Controller/Account.php
Normal file
14
classes/lnAuth/Controller/Account.php
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This class provides account management
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Controllers
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Controller_Account extends Controller_TemplateDefault {
|
||||||
|
}
|
||||||
|
?>
|
187
classes/lnAuth/Controller/Admin/Module.php
Normal file
187
classes/lnAuth/Controller/Admin/Module.php
Normal file
@ -0,0 +1,187 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This class provides MODULE management
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Controllers/Admin
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Controller_Admin_Module extends Controller_Module {
|
||||||
|
protected $secure_actions = array(
|
||||||
|
'add'=>TRUE,
|
||||||
|
'edit'=>TRUE,
|
||||||
|
'list'=>TRUE,
|
||||||
|
);
|
||||||
|
|
||||||
|
protected function _classes($dir,$class,$array=NULL,$key='') {
|
||||||
|
$result = array();
|
||||||
|
|
||||||
|
if (is_null($array)) {
|
||||||
|
$key = 'classes/Controller';
|
||||||
|
$array = Arr::get(Kohana::list_files('classes'),$key);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (! $class)
|
||||||
|
return array_keys($array);
|
||||||
|
|
||||||
|
if (! $dir) {
|
||||||
|
if (! empty($array[$key.'/'.$class]))
|
||||||
|
$result = Arr::merge($result,$this->_classes('','',$array[$key.'/'.$class],$key.'/'.$class));
|
||||||
|
|
||||||
|
if (! empty($array[$key.'/'.$class.'.php']))
|
||||||
|
array_push($result,$key.'/'.$class);
|
||||||
|
|
||||||
|
} else {
|
||||||
|
if (! empty($array[$key.'/'.$dir]))
|
||||||
|
$result = Arr::merge($result,$this->_classes('',$class,$array[$key.'/'.$dir],$key.'/'.$dir));
|
||||||
|
|
||||||
|
if (! empty($array[$key.'/'.$dir.'/'.$class.'.php']))
|
||||||
|
array_push($result,$key.'/'.$dir.'/'.$class);
|
||||||
|
}
|
||||||
|
|
||||||
|
foreach ($result as $k=>$v)
|
||||||
|
$result[$k] = str_replace('.php','',str_replace('/','_',preg_replace('/^classes\//','',$v)));
|
||||||
|
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the list of methods for a class
|
||||||
|
*/
|
||||||
|
protected function _methods($class) {
|
||||||
|
$class = Kohana::classname($class);
|
||||||
|
// Get a list of methods this module has
|
||||||
|
$methods = $secure_actions = $auth_required = array();
|
||||||
|
|
||||||
|
// List of classes where all our methods are, including this one.
|
||||||
|
$classes = URL::$method_directory;
|
||||||
|
array_unshift($classes,'');
|
||||||
|
|
||||||
|
foreach ($classes as $c) {
|
||||||
|
$x = URL::dir($c);
|
||||||
|
$cp = $this->_classes($x,$class);
|
||||||
|
|
||||||
|
foreach ($cp as $cn)
|
||||||
|
if (class_exists($cn)) {
|
||||||
|
$sc = preg_replace(sprintf('/^Controller_%s%s_?/',$x ? $x.'_' : '',$class),'',$cn);
|
||||||
|
$r = new ReflectionClass($cn);
|
||||||
|
|
||||||
|
$rdp = $r->getDefaultProperties();
|
||||||
|
$secure_actions[$cn] = $rdp['secure_actions'];
|
||||||
|
$auth_required[$cn] = $rdp['auth_required'];
|
||||||
|
|
||||||
|
foreach ($r->getMethods() as $method)
|
||||||
|
if ($method->class == $cn AND preg_match('/^action_/',$method->name))
|
||||||
|
array_push($methods,str_replace('action_',strtolower($x.($sc ? '_'.$sc : '').':'),$method->name));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return array('methods'=>$methods,'secure_actions'=>$secure_actions,'auth_required'=>$auth_required);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Edit a Module Configuration
|
||||||
|
*/
|
||||||
|
public function action_edit() {
|
||||||
|
$id = $this->request->param('id');
|
||||||
|
$mo = ORM::factory('Module',$id);
|
||||||
|
|
||||||
|
$methods = array();
|
||||||
|
|
||||||
|
if (! $mo->loaded()) {
|
||||||
|
SystemMessage::factory()
|
||||||
|
->title(_('Invalid Module ID'))
|
||||||
|
->type('error')
|
||||||
|
->body(sprintf(_('Module with ID %s doesnt appear to exist?'),$id));
|
||||||
|
|
||||||
|
HTTP::redirect(URL::link('admin','module/list'));
|
||||||
|
}
|
||||||
|
|
||||||
|
$mm = $this->_methods($mo->name);
|
||||||
|
$methods['exist'] = array();
|
||||||
|
foreach ($mo->module_method->find_all() as $mmo) {
|
||||||
|
if (in_array($mmo->name,$mm['methods'])) {
|
||||||
|
$k = array_search($mmo->name,$mm['methods']);
|
||||||
|
unset($mm['methods'][$k]);
|
||||||
|
|
||||||
|
$mmo->status('INDB');
|
||||||
|
} else
|
||||||
|
$mmo->status('ORPHAN');
|
||||||
|
|
||||||
|
if (! empty($mm['secure_actions'][$mmo->controller()][$mmo->method()]))
|
||||||
|
unset($mm['secure_actions'][$mmo->controller()][$mmo->method()]);
|
||||||
|
|
||||||
|
array_push($methods['exist'],$mmo);
|
||||||
|
}
|
||||||
|
|
||||||
|
$methods['missing'] = array();
|
||||||
|
foreach ($mm['methods'] as $k=>$method) {
|
||||||
|
$mmo = ORM::factory('Module_Method');
|
||||||
|
$mmo->module_id = $mo->id;
|
||||||
|
$mmo->name = $method;
|
||||||
|
|
||||||
|
if (! empty($mm['auth_required'][$mmo->controller()]) AND $mm['auth_required'][$mmo->controller()])
|
||||||
|
$mmo->status('MISSING');
|
||||||
|
|
||||||
|
array_push($methods['missing'],$mmo);
|
||||||
|
}
|
||||||
|
|
||||||
|
Block::factory()
|
||||||
|
->title(sprintf('%s: %s ',_('Defined Module Methods For'),$mo->display('name')))
|
||||||
|
->title_icon('icon-cog')
|
||||||
|
->body(Table::factory()
|
||||||
|
->data($methods['exist'])
|
||||||
|
->columns(array(
|
||||||
|
'id'=>'ID',
|
||||||
|
'name'=>'Name',
|
||||||
|
'notes'=>'Notes',
|
||||||
|
'menu_display'=>'Menu',
|
||||||
|
'status()'=>'Status',
|
||||||
|
))
|
||||||
|
->prepend(array(
|
||||||
|
'id'=>array('url'=>URL::link('admin','module_method/edit/')),
|
||||||
|
))
|
||||||
|
);
|
||||||
|
|
||||||
|
Block::factory()
|
||||||
|
->title(sprintf('%s: %s ',_('Missing Module Methods For'),$mo->display('name')))
|
||||||
|
->title_icon('icon-exclamation-sign')
|
||||||
|
->body(Table::factory()
|
||||||
|
->data($methods['missing'])
|
||||||
|
->columns(array(
|
||||||
|
'name'=>'Name',
|
||||||
|
'status()'=>'Status',
|
||||||
|
))
|
||||||
|
->prepend(array(
|
||||||
|
'name'=>array('url'=>URL::link('admin','module_method/add/'.$mo->id.'/')),
|
||||||
|
))
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* List our installed modules
|
||||||
|
*/
|
||||||
|
public function action_list() {
|
||||||
|
Block::factory()
|
||||||
|
->title('Defined Modules')
|
||||||
|
->title_icon('icon-cog')
|
||||||
|
->body(Table::factory()
|
||||||
|
->data(ORM::factory('Module')->where('parent_id','is',NULL)->find_all())
|
||||||
|
->jssort(TRUE)
|
||||||
|
->columns(array(
|
||||||
|
'id'=>'ID',
|
||||||
|
'name'=>'Name',
|
||||||
|
'notes'=>'Notes',
|
||||||
|
'status'=>'Active',
|
||||||
|
'external'=>'External',
|
||||||
|
))
|
||||||
|
->prepend(array(
|
||||||
|
'id'=>array('url'=>URL::link('admin','module/edit/')),
|
||||||
|
))
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
109
classes/lnAuth/Controller/Admin/Module/Method.php
Normal file
109
classes/lnAuth/Controller/Admin/Module/Method.php
Normal file
@ -0,0 +1,109 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This class provides MODULE management
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Controllers/Admin
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Controller_Admin_Module_Method extends Controller_Admin_Module {
|
||||||
|
/**
|
||||||
|
* Add a method to the database
|
||||||
|
*/
|
||||||
|
public function action_add() {
|
||||||
|
$id = $this->request->param('id');
|
||||||
|
$method = $this->request->param('sid');
|
||||||
|
|
||||||
|
$mo = ORM::factory('Module',$id);
|
||||||
|
$mm = $this->_methods($mo->name);
|
||||||
|
|
||||||
|
if (! $mo->loaded() OR ! in_array($method,$mm['methods']))
|
||||||
|
HTTP::redirect(URL::link('admin','module/list'));
|
||||||
|
|
||||||
|
if ($_POST) {
|
||||||
|
$mmo = $mo->module_method;
|
||||||
|
$mmo->name = $method;
|
||||||
|
$mmo->module_id = $mo->id;
|
||||||
|
$mmo->values($_POST);
|
||||||
|
|
||||||
|
if (! $this->save($mmo))
|
||||||
|
throw HTTP_Exception::factory(501,'Unable to save data :post',array(':post'=>serialize($_POST)));
|
||||||
|
|
||||||
|
HTTP::redirect(URL::link('admin','module/edit/'.$mo->id));
|
||||||
|
}
|
||||||
|
|
||||||
|
Block::factory()
|
||||||
|
->title(sprintf(_('Add Method (%s) to Database for (%s)'),strtoupper($method),strtoupper($mo->name)))
|
||||||
|
->title_icon('icon-plus-sign')
|
||||||
|
->type('form-horizontal')
|
||||||
|
->body(View::factory('module/method/admin/add')
|
||||||
|
->set('name',$method)
|
||||||
|
->set('o',$mo)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Edit a Module Configuration
|
||||||
|
*/
|
||||||
|
public function action_edit() {
|
||||||
|
$id = $this->request->param('id');
|
||||||
|
$mmo = ORM::factory('Module_Method',$id);
|
||||||
|
|
||||||
|
if (! $mmo->loaded()) {
|
||||||
|
SystemMessage::factory()
|
||||||
|
->title(_('Invalid Method ID'))
|
||||||
|
->type('error')
|
||||||
|
->body(sprintf(_('Method with ID %s doesnt appear to exist?'),$id));
|
||||||
|
|
||||||
|
HTTP::redirect(URL::link('admin','module/list'));
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($_POST) {
|
||||||
|
$mmo->values($_POST);
|
||||||
|
|
||||||
|
if (! $this->save($mmo))
|
||||||
|
throw HTTP_Exception::factory(501,'Unable to save data :post',array(':post'=>serialize($_POST)));
|
||||||
|
|
||||||
|
foreach (ORM::factory('Group')->find_all() as $go) {
|
||||||
|
// If the group was defined and no longer
|
||||||
|
if ($mmo->has('group',$go) AND (! isset($_POST['groups']) OR ! in_array($go->id,$_POST['groups']))) {
|
||||||
|
$gmo = ORM::factory('Group_Method',array('method_id'=>$mmo->id,'group_id'=>$go->id));
|
||||||
|
|
||||||
|
if (! $gmo->delete())
|
||||||
|
SystemMessage::factory()
|
||||||
|
->title(_('Unable to DELETE Group Method'))
|
||||||
|
->type('error')
|
||||||
|
->body(sprintf(_('Unable to delete Group Method for method %s and group %s'),$mmo->name,$go->name));
|
||||||
|
|
||||||
|
// If the group was not defined and now is
|
||||||
|
} elseif (! $mmo->has('group',$go) AND isset($_POST['groups']) AND in_array($go->id,$_POST['groups'])) {
|
||||||
|
$gmo = ORM::factory('Group_Method')
|
||||||
|
->values(array(
|
||||||
|
'method_id'=>$mmo->id,
|
||||||
|
'group_id'=>$go->id,
|
||||||
|
));
|
||||||
|
|
||||||
|
if (! $this->save($gmo))
|
||||||
|
SystemMessage::factory()
|
||||||
|
->title(_('Unable to SAVE Group Method'))
|
||||||
|
->type('error')
|
||||||
|
->body(sprintf(_('Unable to save Group Method for method %s and group %s'),$mmo->name,$go->name));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
HTTP::redirect(URL::link('admin','module/edit/'.$mmo->module_id));
|
||||||
|
}
|
||||||
|
|
||||||
|
Block::factory()
|
||||||
|
->title(sprintf(_('Configure access to method (%s::%s)'),$mmo->controller(),$mmo->method()))
|
||||||
|
->title_icon('icon-plus-sign')
|
||||||
|
->type('form')
|
||||||
|
->body(View::factory('module/method/admin/edit')
|
||||||
|
->set('o',$mmo)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
14
classes/lnAuth/Controller/Module.php
Normal file
14
classes/lnAuth/Controller/Module.php
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This class provides MODULE management
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Controllers
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Controller_Module extends Controller_TemplateDefault {
|
||||||
|
}
|
||||||
|
?>
|
70
classes/lnAuth/Controller/TemplateDefault.php
Normal file
70
classes/lnAuth/Controller/TemplateDefault.php
Normal file
@ -0,0 +1,70 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This class provides the default template controller for rendering pages.
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Controllers
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Controller_TemplateDefault extends lnApp_Controller_TemplateDefault {
|
||||||
|
protected $auth_required = TRUE;
|
||||||
|
|
||||||
|
protected function _auth_required() {
|
||||||
|
// If our global configurable is disabled, then continue
|
||||||
|
if (! Kohana::$config->load('config')->method_security)
|
||||||
|
return FALSE;
|
||||||
|
|
||||||
|
if (Kohana::$config->load('debug')->method_security) {
|
||||||
|
echo Debug::vars(array(
|
||||||
|
'm'=>__METHOD__,
|
||||||
|
'POST'=>$this->request->post(),
|
||||||
|
'auth_required'=>serialize($this->auth_required),
|
||||||
|
'secure_actions'=>$this->secure_actions,
|
||||||
|
'this_action'=>$this->request->action(),
|
||||||
|
'line 1 test'=>serialize(($this->auth_required !== FALSE && Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__) === FALSE)),
|
||||||
|
'line 2 test'=>serialize($x=is_array($this->secure_actions) && array_key_exists($this->request->action(),$this->secure_actions)),
|
||||||
|
'line 3 test'=>$x ? Auth::instance()->logged_in($this->secure_actions[$this->request->action()],get_class($this).'|'.__METHOD__) : 'NOT EVAL',
|
||||||
|
));
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
|
||||||
|
return (($this->auth_required !== FALSE && Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__) === FALSE) ||
|
||||||
|
(is_array($this->secure_actions) && array_key_exists($this->request->action(),$this->secure_actions) &&
|
||||||
|
! Auth::instance()->logged_in($this->secure_actions[$this->request->action()],get_class($this).'|'.__METHOD__)));
|
||||||
|
}
|
||||||
|
|
||||||
|
public function before() {
|
||||||
|
if ($this->auth_required) {
|
||||||
|
if (! count($this->secure_actions) OR (! isset($this->secure_actions[Request::current()->action()])))
|
||||||
|
throw HTTP_Exception::factory(403,'Class has no security defined :class, or no security configured for :method',array(':class'=>get_class($this),':method'=>Request::current()->action()));
|
||||||
|
|
||||||
|
$this->ao = Auth::instance()->get_user();
|
||||||
|
|
||||||
|
if (! is_null($this->ao) AND (is_string($this->ao)))
|
||||||
|
throw HTTP_Exception::factory(501,'Account doesnt exist :account ?',array(':account'=>(is_string($this->ao) OR is_null($this->ao)) ? $this->ao : Auth::instance()->get_user()->id));
|
||||||
|
}
|
||||||
|
|
||||||
|
return parent::before();
|
||||||
|
}
|
||||||
|
|
||||||
|
protected function setup(array $config_items=array()) {
|
||||||
|
$mo = ORM::factory('Module',array('name'=>Request::current()->controller()));
|
||||||
|
if (! $mo->loaded())
|
||||||
|
throw HTTP_Exception::factory(501,'Unknown module :module',array(':module'=>Request::current()->controller()));
|
||||||
|
|
||||||
|
if ($_POST AND isset($_POST['module_config'][$mo->id]))
|
||||||
|
Config::instance()->module_config($mo->name,$_POST['module_config'][$mo->id])->save();
|
||||||
|
|
||||||
|
if ($config_items) {
|
||||||
|
Block::factory()
|
||||||
|
->title('Update Module Configuration')
|
||||||
|
->title_icon('icon-wrench')
|
||||||
|
->type('form-horizontal')
|
||||||
|
->body(View::factory('setup/admin/module')->set('o',Company::instance()->so())->set('mid',$mo->id));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
105
classes/lnAuth/Controller/User/Account.php
Normal file
105
classes/lnAuth/Controller/User/Account.php
Normal file
@ -0,0 +1,105 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This class provides User Account Update functions
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Controllers/User
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2009-2013 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Controller_User_Account extends Controller_Account {
|
||||||
|
protected $secure_actions = array(
|
||||||
|
'edit'=>TRUE,
|
||||||
|
'resetpassword'=>TRUE,
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Enable User to Edit their Account Details
|
||||||
|
*/
|
||||||
|
public function action_edit() {
|
||||||
|
if ($_POST AND $this->ao->values($_POST)->changed() AND (! $this->save($this->ao)))
|
||||||
|
$this->ao->reload();
|
||||||
|
|
||||||
|
Block::factory()
|
||||||
|
->title(sprintf('Account: %s',$this->ao->accnum()))
|
||||||
|
->title_icon('fa-wrench')
|
||||||
|
->type('form-horizontal')
|
||||||
|
->body(View::factory('account/user/edit')->set('o',$this->ao));
|
||||||
|
}
|
||||||
|
|
||||||
|
public function action_resetpassword() {
|
||||||
|
if ($this->request->post()) {
|
||||||
|
$validation = Validation::factory($this->request->post())
|
||||||
|
->rule('password','not_empty')
|
||||||
|
->rule('password','min_length',array(':value',6))
|
||||||
|
->rule('password_confirm','matches',array(':validation',':field','password'));
|
||||||
|
|
||||||
|
// Store our new values
|
||||||
|
$this->ao->values($this->request->post());
|
||||||
|
|
||||||
|
if (! $validation->check())
|
||||||
|
SystemMessage::factory()
|
||||||
|
->title(_('Record NOT updated'))
|
||||||
|
->type('error')
|
||||||
|
->body(_('Your password didnt pass validation.'));
|
||||||
|
|
||||||
|
// Run validation and save
|
||||||
|
elseif ($this->ao->changed())
|
||||||
|
if ($this->ao->save()) {
|
||||||
|
SystemMessage::factory()
|
||||||
|
->title('Record updated')
|
||||||
|
->type('success')
|
||||||
|
->body(_('Your account record has been updated.'));
|
||||||
|
|
||||||
|
// Log the password reset
|
||||||
|
$this->ao->log('Password reset');
|
||||||
|
|
||||||
|
HTTP::redirect('login');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Make this a default JS load
|
||||||
|
if (Kohana::$environment >= Kohana::TESTING OR Request::current()->secure())
|
||||||
|
Script::factory()
|
||||||
|
->type('src')
|
||||||
|
->data('media/js/jquery/jquery.validate-1.11.1.min.js');
|
||||||
|
else
|
||||||
|
Script::factory()
|
||||||
|
->type('src')
|
||||||
|
->data('http://ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/jquery.validate.min.js');
|
||||||
|
|
||||||
|
Script::factory()
|
||||||
|
->type('stdin')
|
||||||
|
->data('
|
||||||
|
$("#reset").validate({
|
||||||
|
wrapper: "div",
|
||||||
|
errorElement: "span",
|
||||||
|
|
||||||
|
rules: {
|
||||||
|
password_confirm: {
|
||||||
|
equalTo: "input[name=password]",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
highlight: function(element) {
|
||||||
|
$(element).parents(".control-group").removeClass("success").addClass("error");
|
||||||
|
},
|
||||||
|
success: function(element) {
|
||||||
|
$(element).parents(".control-group").removeClass("error").addClass("success");
|
||||||
|
},
|
||||||
|
errorPlacement: function(error, element) {
|
||||||
|
error.appendTo(element.parents(".controls"));
|
||||||
|
}
|
||||||
|
});
|
||||||
|
');
|
||||||
|
|
||||||
|
Block::factory()
|
||||||
|
->title(sprintf('Password Reset: %s',$this->ao->accnum()))
|
||||||
|
->title_icon('fa-cog')
|
||||||
|
->id('reset')
|
||||||
|
->type('form-horizontal')
|
||||||
|
->body(View::factory('account/user/resetpassword')->set('o',$this->ao));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
35
classes/lnAuth/DB.php
Normal file
35
classes/lnAuth/DB.php
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This class overrides Kohana's DB
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Modifications
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_DB extends Kohana_DB {
|
||||||
|
// Add the site_id to the delete query
|
||||||
|
public static function delete($table = NULL)
|
||||||
|
{
|
||||||
|
$db = new Database_Query_Builder_Delete($table);
|
||||||
|
|
||||||
|
if (! in_array($table,ORM::$no_site_id_tables))
|
||||||
|
return $db->where($table.'.site_id','=',Company::instance()->site());
|
||||||
|
else
|
||||||
|
return $db;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Add the site_id to the update query
|
||||||
|
final public static function update($table = NULL)
|
||||||
|
{
|
||||||
|
$db = new Database_Query_Builder_Update($table);
|
||||||
|
|
||||||
|
if (! in_array($table,ORM::$no_site_id_tables))
|
||||||
|
return $db->where($table.'.site_id','=',Company::instance()->site());
|
||||||
|
else
|
||||||
|
return $db;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
81
classes/lnAuth/Menu.php
Normal file
81
classes/lnAuth/Menu.php
Normal file
@ -0,0 +1,81 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This class is used to create our Menu/Navbars
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Helpers
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2009-2013 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Menu extends lnApp_Menu {
|
||||||
|
private static function collapse(array $array) {
|
||||||
|
$result = array();
|
||||||
|
|
||||||
|
foreach ($array as $mmo) {
|
||||||
|
if (! is_object($mmo)) {
|
||||||
|
$result[0] = $mmo;
|
||||||
|
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isset($result[$mmo->module->name])) {
|
||||||
|
if (! is_array($result[$mmo->module->name]))
|
||||||
|
$result[$mmo->module->name] = array($result[$mmo->module->name]);
|
||||||
|
|
||||||
|
array_push($result[$mmo->module->name],$mmo);
|
||||||
|
|
||||||
|
continue;
|
||||||
|
|
||||||
|
} else {
|
||||||
|
$result[$mmo->module->name] = $mmo;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function items($type) {
|
||||||
|
$result = array();
|
||||||
|
|
||||||
|
if (empty(URL::$method_directory[$type]))
|
||||||
|
return NULL;
|
||||||
|
|
||||||
|
$ao = Auth::instance()->get_user();
|
||||||
|
if (! $ao->loaded())
|
||||||
|
return FALSE;
|
||||||
|
|
||||||
|
foreach ($ao->methods() as $mmo)
|
||||||
|
if ($mmo->menu_display AND $type == $mmo->directory())
|
||||||
|
if (empty($result[$mmo->id]))
|
||||||
|
$result[$mmo->id] = $mmo;
|
||||||
|
|
||||||
|
if ($type == 'user')
|
||||||
|
$result[0] = 'logout';
|
||||||
|
|
||||||
|
return self::collapse($result);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function ul($type,array $result,array $append=NULL,$sub=FALSE,$method=NULL) {
|
||||||
|
$output = $sub ? '<ul class="dropdown-menu">' : '<ul class="dropdown-menu" role="menu" aria-labelledby="dLabel">';
|
||||||
|
|
||||||
|
foreach ($result as $k => $v)
|
||||||
|
if (is_array($v))
|
||||||
|
$output .= sprintf('<li class="dropdown-submenu">%s%s',HTML::anchor('#',$k,array('nocg'=>TRUE)),self::ul($type,$v,NULL,TRUE).'</li>');
|
||||||
|
else
|
||||||
|
$output .= '<li>'.HTML::anchor($v->url(),$v->menu_display,array('tabindex'=>-1,'nocg'=>TRUE)).'</li>';
|
||||||
|
|
||||||
|
if ($append) {
|
||||||
|
$output .= '<li class="divider"></li>';
|
||||||
|
|
||||||
|
foreach ($append as $k => $v)
|
||||||
|
$output .= sprintf('<li>%s</li>',HTML::anchor($k,$v,array('nocg'=>TRUE)));
|
||||||
|
}
|
||||||
|
|
||||||
|
$output .= '</ul>';
|
||||||
|
|
||||||
|
return $output;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
164
classes/lnAuth/Model/Account.php
Normal file
164
classes/lnAuth/Model/Account.php
Normal file
@ -0,0 +1,164 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This Model manages both the accounts that users use to login to the system, as well as the account where services are owned.
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Models
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Model_Account extends Model_Auth_UserDefault {
|
||||||
|
// Relationships
|
||||||
|
protected $_has_many = array(
|
||||||
|
'user_tokens'=>array('model'=>'user_token'),
|
||||||
|
'email_log'=>array('far_key'=>'id'),
|
||||||
|
'group'=>array('through'=>'account_group'),
|
||||||
|
);
|
||||||
|
|
||||||
|
protected $_has_one = array(
|
||||||
|
'country'=>array('foreign_key'=>'id'),
|
||||||
|
'currency'=>array('foreign_key'=>'id'),
|
||||||
|
'language'=>array('foreign_key'=>'id'),
|
||||||
|
);
|
||||||
|
|
||||||
|
protected $_display_filters = array(
|
||||||
|
'date_orig'=>array(
|
||||||
|
array('Site::Date',array(':value')),
|
||||||
|
),
|
||||||
|
'date_last'=>array(
|
||||||
|
array('Site::Date',array(':value')),
|
||||||
|
),
|
||||||
|
'active'=>array(
|
||||||
|
array('StaticList_YesNo::get',array(':value',TRUE)),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
protected $_form = array('id'=>'id','value'=>'name(TRUE)');
|
||||||
|
|
||||||
|
protected $_save_message = TRUE;
|
||||||
|
|
||||||
|
public function rules() {
|
||||||
|
return Arr::merge(parent::rules(),array(
|
||||||
|
'id'=>array(
|
||||||
|
array('ORM::get_next_id',array(':model',':field')),
|
||||||
|
),
|
||||||
|
'site_id'=>array(
|
||||||
|
array('ORM::set_site_id',array(':model',':field')),
|
||||||
|
),
|
||||||
|
));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Our account number format
|
||||||
|
*/
|
||||||
|
public function accnum() {
|
||||||
|
return sprintf('%s-%04s',Company::instance()->site(TRUE),$this->id);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function activate_code() {
|
||||||
|
return md5(sprintf('%s-%s-%s-%s',$this->accnum(),$this->date_orig,$this->date_last,$this->email));
|
||||||
|
}
|
||||||
|
|
||||||
|
public function activated() {
|
||||||
|
return $this->has_any('group',ORM::factory('Group',array('name'=>'Registered Users'))->list_childgrps(TRUE));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the groups that an account belongs to
|
||||||
|
*/
|
||||||
|
public function groups() {
|
||||||
|
$result = array();
|
||||||
|
|
||||||
|
foreach ($this->group->where_active()->find_all() as $go)
|
||||||
|
foreach ($go->list_parentgrps(TRUE) as $cgo)
|
||||||
|
if (empty($result[$cgo->id]))
|
||||||
|
$result[$cgo->id] = $cgo;
|
||||||
|
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function log($message) {
|
||||||
|
// Log a message for this account
|
||||||
|
$alo = ORM::factory('Account_Log');
|
||||||
|
$alo->account_id = $this->id;
|
||||||
|
$alo->ip = Request::$client_ip;
|
||||||
|
$alo->details = $message;
|
||||||
|
$alo->save();
|
||||||
|
|
||||||
|
return $alo->saved();
|
||||||
|
}
|
||||||
|
|
||||||
|
public function isAdmin() {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This function will extract the available methods for this account
|
||||||
|
* This is used both for menu options and method security
|
||||||
|
*/
|
||||||
|
public function methods() {
|
||||||
|
static $result = array();
|
||||||
|
|
||||||
|
// @todo We may want to optimise this with some session caching.
|
||||||
|
if ($result)
|
||||||
|
return $result;
|
||||||
|
|
||||||
|
foreach ($this->groups() as $go)
|
||||||
|
foreach ($go->module_method->find_all() as $mmo)
|
||||||
|
if (empty($result[$mmo->id]))
|
||||||
|
$result[$mmo->id] = $mmo;
|
||||||
|
|
||||||
|
Sort::MAsort($result,'module->name,menu_display');
|
||||||
|
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return an account name
|
||||||
|
*/
|
||||||
|
public function name() {
|
||||||
|
return trim(sprintf('%s %s',$this->first_name,$this->last_name));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Search for accounts matching a term
|
||||||
|
*/
|
||||||
|
public function list_autocomplete($term,$index,$value,array $label,array $limit=array(),array $options=NULL) {
|
||||||
|
$ao = Auth::instance()->get_user();
|
||||||
|
|
||||||
|
$this->clear();
|
||||||
|
$this->where_active();
|
||||||
|
|
||||||
|
// Build our where clause
|
||||||
|
// First Name, Last name
|
||||||
|
if (preg_match('/\ /',$term)) {
|
||||||
|
list($fn,$ln) = explode(' ',$term,2);
|
||||||
|
|
||||||
|
$this->where_open()
|
||||||
|
->where('first_name','like','%'.$fn.'%')
|
||||||
|
->and_where('last_name','like','%'.$ln.'%')
|
||||||
|
->where_close();
|
||||||
|
|
||||||
|
} elseif (is_numeric($term)) {
|
||||||
|
$this->where('id','like','%'.$term.'%');
|
||||||
|
|
||||||
|
} elseif (preg_match('/\@/',$term)) {
|
||||||
|
$this->where('email','like','%'.$term.'%');
|
||||||
|
|
||||||
|
} else {
|
||||||
|
$this->where_open()
|
||||||
|
->or_where('first_name','like','%'.$term.'%')
|
||||||
|
->or_where('last_name','like','%'.$term.'%')
|
||||||
|
->or_where('email','like','%'.$term.'%')
|
||||||
|
->where_close();
|
||||||
|
}
|
||||||
|
|
||||||
|
// Restrict results to authorised accounts
|
||||||
|
// @todo
|
||||||
|
|
||||||
|
return parent::list_autocomplete($term,$index,$value,$label,$limit,$options);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
14
classes/lnAuth/Model/Account/Group.php
Normal file
14
classes/lnAuth/Model/Account/Group.php
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This class links Users and their Group Membership
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Models
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Model_Account_Group extends ORM {
|
||||||
|
}
|
||||||
|
?>
|
27
classes/lnAuth/Model/Account/Log.php
Normal file
27
classes/lnAuth/Model/Account/Log.php
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This class supports Account Login Logging
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Models
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Model_Account_Log extends ORM {
|
||||||
|
protected $_belongs_to = array(
|
||||||
|
'account'=>array(),
|
||||||
|
);
|
||||||
|
|
||||||
|
protected $_sorting = array(
|
||||||
|
'id'=>'DESC',
|
||||||
|
);
|
||||||
|
|
||||||
|
protected $_display_filters = array(
|
||||||
|
'date_orig'=>array(
|
||||||
|
array('Site::Datetime',array(':value')),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
?>
|
40
classes/lnAuth/Model/Auth/UserDefault.php
Normal file
40
classes/lnAuth/Model/Auth/UserDefault.php
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Default ORM profile for Authentication Accounts
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Models
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Model_Auth_UserDefault extends Model_Auth_User {
|
||||||
|
// Validation rules
|
||||||
|
public function rules() {
|
||||||
|
return array(
|
||||||
|
'email' => array(
|
||||||
|
array('not_empty'),
|
||||||
|
array('min_length', array(':value', 4)),
|
||||||
|
array('max_length', array(':value', 127)),
|
||||||
|
array('email'),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Complete our login
|
||||||
|
*
|
||||||
|
* For some database logins, we may not want to record the user last login
|
||||||
|
* details in the repository, so we just override that parent function
|
||||||
|
* here.
|
||||||
|
*
|
||||||
|
* We can also do some other post-login actions here.
|
||||||
|
*/
|
||||||
|
public function complete_login() {
|
||||||
|
return $this->log('Logged In');
|
||||||
|
}
|
||||||
|
|
||||||
|
abstract public function isAdmin();
|
||||||
|
}
|
||||||
|
?>
|
72
classes/lnAuth/Model/Group.php
Normal file
72
classes/lnAuth/Model/Group.php
Normal file
@ -0,0 +1,72 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Manages our Application Groups
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Models
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Model_Group extends Model_Auth_Role {
|
||||||
|
// Relationships
|
||||||
|
protected $_has_many = array(
|
||||||
|
'account'=>array('through'=>'account_group'),
|
||||||
|
'module_method'=>array('through'=>'group_method','far_key'=>'method_id'),
|
||||||
|
);
|
||||||
|
protected $_sorting = array(
|
||||||
|
'name'=>'ASC',
|
||||||
|
);
|
||||||
|
|
||||||
|
protected $_display_filters = array(
|
||||||
|
'active'=>array(
|
||||||
|
array('StaticList_YesNo::get',array(':value',TRUE)),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This function will, given a group, list all of the children that
|
||||||
|
* are also related to this group, in the group heirarchy.
|
||||||
|
*/
|
||||||
|
public function list_childgrps($incParent=FALSE) {
|
||||||
|
$result = array();
|
||||||
|
|
||||||
|
if (! $this->loaded())
|
||||||
|
return $result;
|
||||||
|
|
||||||
|
foreach (ORM::factory('Group')->where_active()->and_where('parent_id','=',$this)->find_all() as $go) {
|
||||||
|
array_push($result,$go);
|
||||||
|
|
||||||
|
$result = array_merge($result,$go->list_childgrps());
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($incParent)
|
||||||
|
array_push($result,$this);
|
||||||
|
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This function will, given a group, list all of the parent that
|
||||||
|
* are also related to this group, in the group heirarchy.
|
||||||
|
*/
|
||||||
|
public function list_parentgrps($incParent=FALSE) {
|
||||||
|
$result = array();
|
||||||
|
|
||||||
|
if (! $this->loaded())
|
||||||
|
return $result;
|
||||||
|
|
||||||
|
foreach (ORM::factory('Group')->where_active()->and_where('id','=',$this->parent_id)->find_all() as $go) {
|
||||||
|
array_push($result,$go);
|
||||||
|
|
||||||
|
$result = array_merge($result,$go->list_parentgrps());
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($incParent)
|
||||||
|
array_push($result,$this);
|
||||||
|
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
25
classes/lnAuth/Model/Group/Method.php
Normal file
25
classes/lnAuth/Model/Group/Method.php
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Application Module Method Model
|
||||||
|
*
|
||||||
|
* @package lnAauth
|
||||||
|
* @category Models
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Model_Group_Method extends ORM {
|
||||||
|
// This module doesnt keep track of column updates automatically
|
||||||
|
protected $_created_column = FALSE;
|
||||||
|
protected $_updated_column = FALSE;
|
||||||
|
|
||||||
|
// Relationships
|
||||||
|
protected $_has_one = array(
|
||||||
|
'record_id'=>array(),
|
||||||
|
);
|
||||||
|
protected $_belongs_to = array(
|
||||||
|
'group'=>array(),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
?>
|
55
classes/lnAuth/Model/Module.php
Normal file
55
classes/lnAuth/Model/Module.php
Normal file
@ -0,0 +1,55 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Application Module Model
|
||||||
|
*
|
||||||
|
* This module must remain in applications/ as it is used very early in the
|
||||||
|
* MDB initialisation.
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Models
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Model_Module extends ORM {
|
||||||
|
// Relationships
|
||||||
|
protected $_has_one = array(
|
||||||
|
'record_id'=>array('model'=>'Record_ID','far_key'=>'id'),
|
||||||
|
);
|
||||||
|
protected $_has_many = array(
|
||||||
|
'module_method'=>array('far_key'=>'id'),
|
||||||
|
);
|
||||||
|
protected $_sorting = array(
|
||||||
|
'name'=>'ASC',
|
||||||
|
);
|
||||||
|
|
||||||
|
protected $_display_filters = array(
|
||||||
|
'external'=>array(
|
||||||
|
array('StaticList_YesNo::get',array(':value',TRUE)),
|
||||||
|
),
|
||||||
|
'name'=>array(
|
||||||
|
array('strtoupper',array(':value')),
|
||||||
|
),
|
||||||
|
'active'=>array(
|
||||||
|
array('StaticList_YesNo::get',array(':value',TRUE)),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return an instance of this Module's Model
|
||||||
|
*
|
||||||
|
* @param $id PK of Model
|
||||||
|
*/
|
||||||
|
public function instance($id=NULL) {
|
||||||
|
if (! $this->loaded())
|
||||||
|
throw new Kohana_Exception('Cant call an instance of a model when it is not loaded');
|
||||||
|
|
||||||
|
return ORM::factory(Kohana::classname($this->name),$id);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function list_external() {
|
||||||
|
return $this->where_active()->where('external','=',TRUE)->find_all();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
91
classes/lnAuth/Model/Module/Method.php
Normal file
91
classes/lnAuth/Model/Module/Method.php
Normal file
@ -0,0 +1,91 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Application Module Method Model
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Models
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Model_Module_Method extends ORM {
|
||||||
|
// This module doesnt keep track of column updates automatically
|
||||||
|
protected $_created_column = FALSE;
|
||||||
|
protected $_updated_column = FALSE;
|
||||||
|
|
||||||
|
// Relationships
|
||||||
|
protected $_belongs_to = array(
|
||||||
|
'module'=>array(),
|
||||||
|
);
|
||||||
|
protected $_has_one = array(
|
||||||
|
'record_id'=>array(),
|
||||||
|
);
|
||||||
|
protected $_has_many = array(
|
||||||
|
'group'=>array('through'=>'group_method','foreign_key'=>'method_id')
|
||||||
|
);
|
||||||
|
|
||||||
|
protected $_sorting = array(
|
||||||
|
'name'=>'ASC',
|
||||||
|
);
|
||||||
|
|
||||||
|
protected $_nullifempty = array(
|
||||||
|
'menu_display',
|
||||||
|
);
|
||||||
|
|
||||||
|
protected $status;
|
||||||
|
|
||||||
|
public function controller_sub() {
|
||||||
|
return substr_count($this->name,'_') ? substr($this->name,($x=strpos($this->name,'_')),strpos($this->name,':')-$x) : '';
|
||||||
|
}
|
||||||
|
|
||||||
|
public function controller() {
|
||||||
|
return Kohana::classname(sprintf('Controller%s_%s',($this->directory() ? '_' : '').$this->directory(),$this->module->name).$this->controller_sub());
|
||||||
|
}
|
||||||
|
|
||||||
|
public function directory() {
|
||||||
|
return substr($this->name,0,substr_count($this->name,'_') ? strpos($this->name,'_') : strpos($this->name,':'));
|
||||||
|
}
|
||||||
|
|
||||||
|
public function method() {
|
||||||
|
return substr($this->name,strpos($this->name,':')+1);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get our Module_Method object for this request
|
||||||
|
*/
|
||||||
|
public function request_mmo(Request $ro) {
|
||||||
|
list($c,$x) = substr_count($ro->controller(),'_') ? explode('_',$ro->controller(),2) : array($ro->controller(),'');
|
||||||
|
|
||||||
|
$mo = ORM::factory('Module',array('name'=>$c));
|
||||||
|
|
||||||
|
if ($mo->loaded() AND $mo->active) {
|
||||||
|
$method = strtolower($ro->directory() ? sprintf('%s:%s',$ro->directory() ? $ro->directory().($x ? '_'.$x : '') : $ro->action(),$ro->action()) : $ro->action());
|
||||||
|
|
||||||
|
// Get the method number
|
||||||
|
$mmo = $mo->module_method
|
||||||
|
->where('name','=',$method)
|
||||||
|
->find();
|
||||||
|
|
||||||
|
if ($mmo->loaded())
|
||||||
|
return $mmo;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public function status($status=NULL) {
|
||||||
|
if ($status)
|
||||||
|
$this->status = $status;
|
||||||
|
|
||||||
|
return $this->status;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function url() {
|
||||||
|
if (! preg_match('/:/',$this->name))
|
||||||
|
return NULL;
|
||||||
|
|
||||||
|
list($type,$action) = preg_split('/:/',$this->name,2);
|
||||||
|
|
||||||
|
return URL::link($this->directory(),$this->module->name.$this->controller_sub().'/'.$action);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
112
classes/lnAuth/Model/Module/Method/Token.php
Normal file
112
classes/lnAuth/Model/Module/Method/Token.php
Normal file
@ -0,0 +1,112 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Account Login Tokens
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Models
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2009-2013 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Model_Module_Method_Token extends ORM {
|
||||||
|
// This module doesnt keep track of column updates automatically
|
||||||
|
protected $_updated_column = FALSE;
|
||||||
|
|
||||||
|
// Relationships
|
||||||
|
protected $_belongs_to = array(
|
||||||
|
'account'=>array(),
|
||||||
|
'module_method'=>array('foreign_key'=>'method_id'),
|
||||||
|
);
|
||||||
|
protected $_has_one = array(
|
||||||
|
'record_id'=>array(),
|
||||||
|
);
|
||||||
|
|
||||||
|
public function account($account) {
|
||||||
|
if (! $account instanceof Model_Account) {
|
||||||
|
if (is_numeric($account))
|
||||||
|
$ao = ORM::factory('Account',$account);
|
||||||
|
else
|
||||||
|
throw HTTP_Exception::factory(501,'Unknown account :account',array(':account'=>serialize($account)));
|
||||||
|
} else
|
||||||
|
$ao = $account;
|
||||||
|
|
||||||
|
$this->account_id = $ao->id;
|
||||||
|
|
||||||
|
return $this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function expire($expire) {
|
||||||
|
$this->date_expire = $expire;
|
||||||
|
|
||||||
|
return $this;
|
||||||
|
}
|
||||||
|
|
||||||
|
// @todo Login Reset: When called within a timelimit (so existing token already exists), is returning true but password reset emails have blanks where the tokens are
|
||||||
|
public function generate() {
|
||||||
|
if (! $this->account_id OR ! $this->method_id OR ! ($this->date_expire OR $this->uses))
|
||||||
|
return NULL;
|
||||||
|
|
||||||
|
// Check we dont already have a valid token
|
||||||
|
$mmto = ORM::factory('Module_Method_Token')
|
||||||
|
->where('account_id','=',$this->account_id)
|
||||||
|
->where('method_id','=',$this->method_id)
|
||||||
|
->find();
|
||||||
|
|
||||||
|
if ($mmto->loaded()) {
|
||||||
|
// Check that the token is still good
|
||||||
|
if ((is_null($mmto->date_expire) OR $mmto->date_expire > time()) AND (is_null($mmto->uses) OR $mmto->uses > 0)) {
|
||||||
|
$this->token = $mmto->token;
|
||||||
|
return $this->token;
|
||||||
|
|
||||||
|
// Token expired
|
||||||
|
} else
|
||||||
|
$mmto->delete();
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->token = md5(sprintf('%s:%s:%s',$this->account_id,$this->method_id,time()));
|
||||||
|
$this->save();
|
||||||
|
|
||||||
|
return $this->saved() ? $this->token : NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function method(array $modmeth) {
|
||||||
|
list($module,$method) = $modmeth;
|
||||||
|
|
||||||
|
if (! $method instanceof Model_Module_Method) {
|
||||||
|
if (is_numeric($module))
|
||||||
|
$mo = ORM::factory('Module',$module);
|
||||||
|
elseif (is_string($module))
|
||||||
|
$mo = ORM::factory('Module',array('name'=>$module));
|
||||||
|
elseif (! $module instanceof Model_Module)
|
||||||
|
throw HTTP_Exception::factory(501,'Unknown module :module',array(':module'=>serialize($module)));
|
||||||
|
else
|
||||||
|
$mo = $module;
|
||||||
|
|
||||||
|
if (! $mo->loaded())
|
||||||
|
throw HTTP_Exception::factory(501,'Unknown module :module - not loaded?',array(':module'=>$mo->id));
|
||||||
|
|
||||||
|
if (is_numeric($method))
|
||||||
|
$mmo = ORM::factory('Module_Method',$method);
|
||||||
|
elseif (is_string($method))
|
||||||
|
$mmo = ORM::factory('Module_Method',array('name'=>$method,'module_id'=>$mo->id));
|
||||||
|
else
|
||||||
|
throw HTTP_Exception::factory(501,'Unknown method :method',array(':method'=>serialize($method)));
|
||||||
|
} else
|
||||||
|
$mmo = $method;
|
||||||
|
|
||||||
|
if (! $mmo->loaded())
|
||||||
|
throw HTTP_Exception::factory(501,'Unknown method :method - not loaded?',array(':method'=>$method));
|
||||||
|
|
||||||
|
$this->method_id = $mmo->id;
|
||||||
|
|
||||||
|
return $this;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function uses($uses) {
|
||||||
|
$this->uses = $uses;
|
||||||
|
|
||||||
|
return $this;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
41
classes/lnAuth/Model/Record/ID.php
Normal file
41
classes/lnAuth/Model/Record/ID.php
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Manage the next record ID
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Models
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_Model_Record_ID extends ORM {
|
||||||
|
protected $_primary_key = 'module_id';
|
||||||
|
|
||||||
|
// This module doesnt keep track of column updates automatically
|
||||||
|
protected $_created_column = FALSE;
|
||||||
|
protected $_updated_column = FALSE;
|
||||||
|
|
||||||
|
public function next_id($mid) {
|
||||||
|
if (is_null($this->id)) {
|
||||||
|
$this->module_id = $mid;
|
||||||
|
|
||||||
|
// We'll get the next ID as the MAX(id) of the table
|
||||||
|
$mo = ORM::factory('Module',$mid);
|
||||||
|
|
||||||
|
$max = DB::select(array('MAX(id)','id'))
|
||||||
|
->from($mo->name)
|
||||||
|
->where('site_id','=',Company::instance()->site());
|
||||||
|
|
||||||
|
$this->id = $max->execute()->get('id');
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->id++;
|
||||||
|
|
||||||
|
if (! $this->save())
|
||||||
|
throw HTTP_Exception::factory(501,'Unable to increase ID for :table',array(':table'=>$mid));
|
||||||
|
|
||||||
|
return $this->id;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
140
classes/lnAuth/ORM.php
Normal file
140
classes/lnAuth/ORM.php
Normal file
@ -0,0 +1,140 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This class extends Kohana's [ORM] class to create defaults for Method and Site aware table.
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Helpers
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
abstract class lnAuth_ORM extends lnApp_ORM {
|
||||||
|
// Tables that do not have a site_id column
|
||||||
|
public static $no_site_id_tables = array('setup','country','currency','language');
|
||||||
|
|
||||||
|
// Rules to assist with site ID and getting next record ID for inserts.
|
||||||
|
public function rules() {
|
||||||
|
return array(
|
||||||
|
'id'=>array(
|
||||||
|
array('ORM::get_next_id',array(':model',':field')),
|
||||||
|
),
|
||||||
|
'site_id'=>array(
|
||||||
|
array('ORM::set_site_id',array(':model',':field')),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Add our OSB site_id to each SELECT query
|
||||||
|
* @see parent::__build()
|
||||||
|
*/
|
||||||
|
final protected function _build($type) {
|
||||||
|
// Exclude tables without site ID's
|
||||||
|
if (! in_array($this->_table_name,ORM::$no_site_id_tables))
|
||||||
|
$this->where($this->_object_name.'.site_id','=',Company::instance()->site());
|
||||||
|
|
||||||
|
return parent::_build($type);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Determine if the account is authoised by the user
|
||||||
|
*/
|
||||||
|
public function authorised(Model $o=NULL,Model_Account $ao=NULL,$aid='account_id') {
|
||||||
|
return FALSE;
|
||||||
|
|
||||||
|
if (is_null($o))
|
||||||
|
$o = $this;
|
||||||
|
if (is_null($ao))
|
||||||
|
$ao = Auth::instance()->get_user();
|
||||||
|
|
||||||
|
// @todo To implement
|
||||||
|
return in_array($o->{$aid},$ao->RTM->customers($ao->RTM));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Override KH's ORM count_relations() function, to include our site_id in the query.
|
||||||
|
*
|
||||||
|
* This is a copy of KH's ORM count_relations() function, with the addition of a where
|
||||||
|
* clause to include the site id.
|
||||||
|
*/
|
||||||
|
public function count_relations($alias, $far_keys = NULL) {
|
||||||
|
if ($far_keys === NULL)
|
||||||
|
return (int) DB::select(array(DB::expr('COUNT(*)'), 'records_found'))
|
||||||
|
->from($this->_has_many[$alias]['through'])
|
||||||
|
->where($this->_has_many[$alias]['foreign_key'], '=', $this->pk())
|
||||||
|
->where('site_id', '=', Company::instance()->site())
|
||||||
|
->execute($this->_db)->get('records_found');
|
||||||
|
|
||||||
|
$far_keys = ($far_keys instanceof ORM) ? $far_keys->pk() : $far_keys;
|
||||||
|
|
||||||
|
// We need an array to simplify the logic
|
||||||
|
$far_keys = (array) $far_keys;
|
||||||
|
|
||||||
|
// Nothing to check if the model isn't loaded or we don't have any far_keys
|
||||||
|
if ( ! $far_keys OR ! $this->_loaded)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
$count = (int) DB::select(array(DB::expr('COUNT(*)'), 'records_found'))
|
||||||
|
->from($this->_has_many[$alias]['through'])
|
||||||
|
->where($this->_has_many[$alias]['foreign_key'], '=', $this->pk())
|
||||||
|
->where($this->_has_many[$alias]['far_key'], 'IN', $far_keys)
|
||||||
|
->where('site_id', '=', Company::instance()->site())
|
||||||
|
->execute($this->_db)->get('records_found');
|
||||||
|
|
||||||
|
// Rows found need to match the rows searched
|
||||||
|
return (int) $count;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get Next record id
|
||||||
|
*
|
||||||
|
* @param array Validate object
|
||||||
|
* @param string Primary Key
|
||||||
|
*/
|
||||||
|
final public static function get_next_id($model,$field) {
|
||||||
|
if (! is_null($model->$field))
|
||||||
|
return TRUE;
|
||||||
|
|
||||||
|
$model->_changed[$field] = $field;
|
||||||
|
|
||||||
|
$ido = ORM::factory('Module')
|
||||||
|
->where('name','=',$model->_table_name)
|
||||||
|
->find();
|
||||||
|
|
||||||
|
if (! $ido->loaded())
|
||||||
|
throw new Kohana_Exception('Problem getting record_id for :table',array(':table'=>$model->_table_name));
|
||||||
|
|
||||||
|
$model->$field = $ido->record_id->next_id($ido->id);
|
||||||
|
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
final public function mid() {
|
||||||
|
return ORM::factory('Module',array('name'=>$this->_table_name));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Set the site ID attribute for each row update
|
||||||
|
*/
|
||||||
|
final public static function set_site_id($model,$field) {
|
||||||
|
if (! is_null($model->$field))
|
||||||
|
return TRUE;
|
||||||
|
|
||||||
|
$model->_changed[$field] = $field;
|
||||||
|
$model->$field = Company::instance()->site();
|
||||||
|
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function where_authorised(Model_Account $ao=NULL,$aid='account_id') {
|
||||||
|
return $this;
|
||||||
|
|
||||||
|
if (is_null($ao))
|
||||||
|
$ao = Auth::instance()->get_user();
|
||||||
|
|
||||||
|
// @todo To implement.
|
||||||
|
return $this->where($aid,'IN',$ao->RTM->customers($ao->RTM));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
17
config/auth.php
Normal file
17
config/auth.php
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Configuration - Authentication
|
||||||
|
*
|
||||||
|
* @package lnAuth
|
||||||
|
* @category Configuration
|
||||||
|
* @author Deon George
|
||||||
|
* @copyright (c) 2014 Deon George
|
||||||
|
* @license http://dev.leenooks.net/license.html
|
||||||
|
*/
|
||||||
|
|
||||||
|
return array(
|
||||||
|
'driver' => 'ORM',
|
||||||
|
'hash_method' => 'md5',
|
||||||
|
);
|
||||||
|
?>
|
8
config/config.php
Normal file
8
config/config.php
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
<?php defined('SYSPATH') OR die('No direct access allowed.');
|
||||||
|
|
||||||
|
return array
|
||||||
|
(
|
||||||
|
'method_security' => TRUE, // Enable User Based method security
|
||||||
|
'session_change_trigger'=>array( // Updates to tables to make when our session ID is changed
|
||||||
|
),
|
||||||
|
);
|
61
views/account/user/edit.php
Normal file
61
views/account/user/edit.php
Normal file
@ -0,0 +1,61 @@
|
|||||||
|
<fieldset>
|
||||||
|
<legend>Account Details</legend>
|
||||||
|
|
||||||
|
<?php echo Form::input('date_last',$o->date_last ? $o->display('date_last') : Site::date(time()),array('label'=>'Last Updated','class'=>'col-md-2','disabled')); ?>
|
||||||
|
|
||||||
|
<?php echo Form::input('email',$o->display('email'),array('label'=>'Email','class'=>'col-md-3','placeholder'=>'Email Address','type'=>'email','required','data-error'=>'Invalid EMAIL address')); ?>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label class="col-md-2 control-label" for="Title">Name</label>
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-1">
|
||||||
|
<?php echo Form::select('title',StaticList_Title::table(),$o->display('title'),array('class'=>'form-control','required','nocg'=>TRUE)); ?>
|
||||||
|
</div>
|
||||||
|
<div class="col-md-2">
|
||||||
|
<?php echo Form::input('first_name',$o->display('first_name'),array('class'=>'form-control col-md-2','placeholder'=>'First Name','required','nocg'=>TRUE)); ?>
|
||||||
|
</div>
|
||||||
|
<div class="col-md-3">
|
||||||
|
<?php echo Form::input('last_name',$o->display('last_name'),array('class'=>'form-control col-md-2','placeholder'=>'Last Name','required','nocg'=>TRUE)); ?>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label class="col-md-2 control-label" for="address1">Address</label>
|
||||||
|
<?php echo Form::input('address1',$o->display('address1'),array('class'=>'col-md-6','placeholder'=>'Address Line 1','required')); ?>
|
||||||
|
|
||||||
|
<label class="col-md-2 control-label" for="address2"></label>
|
||||||
|
<?php echo Form::input('address2',$o->display('address2'),array('class'=>'col-md-6','placeholder'=>'Address Line 2')); ?>
|
||||||
|
|
||||||
|
<label class="col-md-2 control-label" for="city"></label>
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-3">
|
||||||
|
<?php echo Form::input('city',$o->display('city'),array('label'=>'City','placeholder'=>'City','required','nocg'=>TRUE)); ?>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="col-md-1">
|
||||||
|
<?php echo Form::input('state',$o->display('state'),array('label'=>'','class'=>'input-mini','placeholder'=>'State','required','nocg'=>TRUE)); ?>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="col-md-1">
|
||||||
|
<?php echo Form::input('zip',$o->display('zip'),array('label'=>'','class'=>'input-mini','placeholder'=>'Post Code','required','nocg'=>TRUE)); ?>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label class="col-md-2 control-label" for="address1">Country</label>
|
||||||
|
<div class="col-md-3">
|
||||||
|
<?php echo Form::select('country_id',ORM::factory('Country')->list_select(),$o->country_id,array('class'=>'form-control','required','nocg'=>TRUE)); ?>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<?php echo Form::hidden('language_id',Company::instance()->language()); ?>
|
||||||
|
</fieldset>
|
||||||
|
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-offset-1">
|
||||||
|
<button type="submit" class="btn btn-primary">Save changes</button>
|
||||||
|
<button type="button" class="btn btn-default">Cancel</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
14
views/account/user/resetpassword.php
Normal file
14
views/account/user/resetpassword.php
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
<div class="span11">
|
||||||
|
<fieldset>
|
||||||
|
<legend>Reset Password</legend>
|
||||||
|
|
||||||
|
<?php echo Form::input('password','',array('label'=>'Password','type'=>'password','required','minlength'=>8)); ?>
|
||||||
|
<?php echo Form::input('password_confirm','',array('label'=>'Confirm','type'=>'password','required','minlength'=>8)); ?>
|
||||||
|
</fieldset>
|
||||||
|
|
||||||
|
<div class="row">
|
||||||
|
<div class="offset2">
|
||||||
|
<button type="submit" class="btn btn-primary">Update</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div> <!-- /span -->
|
30
views/login/activate.php
Normal file
30
views/login/activate.php
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
<fieldset>
|
||||||
|
<legend>Activate Account</legend>
|
||||||
|
|
||||||
|
<div class="panel-body">
|
||||||
|
<p>You should have received an email with a pass code. Please enter that pass code here.</p>
|
||||||
|
|
||||||
|
<?php if (is_object($o) AND $o->loaded()) : ?>
|
||||||
|
<input type="hidden" name="email" value="<?php echo $o->email; ?>"/>
|
||||||
|
|
||||||
|
<?php else : ?>
|
||||||
|
<div class="input-group col-md-3">
|
||||||
|
<span class="input-group-addon"><i class="fa fa-envelope fa-fw"></i></span>
|
||||||
|
<input type="email" id="email" name="email" value="" placeholder="Email" class="form-control" required />
|
||||||
|
</div>
|
||||||
|
<?php endif ?>
|
||||||
|
|
||||||
|
<div class="input-group col-md-3">
|
||||||
|
<span class="input-group-addon"><i class="fa fa-bomb fa-fw"></i></span>
|
||||||
|
<input type="text" id="code" name="code" value="" placeholder="Activation Code" class="form-control" required />
|
||||||
|
</div>
|
||||||
|
<span class="help-block">Need to <?php echo HTML::anchor(URL::link('','login/activate_resend'),'resend'); ?> it?</span>
|
||||||
|
</div> <!-- /panel-body -->
|
||||||
|
</fieldset>
|
||||||
|
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-offset-1">
|
||||||
|
<button type="submit" class="btn btn-primary">Activate</button>
|
||||||
|
<button type="button" class="btn btn-default">Cancel</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
19
views/login/activate_resend.php
Normal file
19
views/login/activate_resend.php
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
<fieldset>
|
||||||
|
<legend>Send Activation Code</legend>
|
||||||
|
|
||||||
|
<div class="panel-body">
|
||||||
|
<div class="form-group">
|
||||||
|
<div class="input-group col-md-3">
|
||||||
|
<span class="input-group-addon"><i class="fa fa-envelope fa-fw"></i></span>
|
||||||
|
<input type="email" id="email" name="email" value="" placeholder="Email" class="form-control" required />
|
||||||
|
</div>
|
||||||
|
</div> <!-- /form-group -->
|
||||||
|
</div> <!-- /panel-body -->
|
||||||
|
</fieldset>
|
||||||
|
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-offset-1">
|
||||||
|
<button type="submit" class="btn btn-primary">Send</button>
|
||||||
|
<button type="button" class="btn btn-default">Cancel</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
31
views/login/reset.php
Normal file
31
views/login/reset.php
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
<div class="center-block" style="width: 400px;">
|
||||||
|
<div class="content clearfix">
|
||||||
|
<form method="post" action="<?php echo URL::site('login/reset'); ?>">
|
||||||
|
<br/>
|
||||||
|
<div class="panel panel-default">
|
||||||
|
<div class="panel-heading">
|
||||||
|
<div class="panel-title">Reset Password</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="panel-body">
|
||||||
|
<p>If you have forgotten your password, we can issue you a temporary access code via email that will allow you to change your password.</p>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<p>To start this process, please enter your Username. If you dont know your Username, please contact us.</p>
|
||||||
|
|
||||||
|
<div class="input-group">
|
||||||
|
<span class="input-group-addon"><i class="fa fa-user fa-fw"></i></span>
|
||||||
|
<input type="text" id="username" name="username" value="" placeholder="Username" class="form-control" required />
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<div class="btn-group">
|
||||||
|
<button class="btn btn-default btn-large">Reset</button>
|
||||||
|
</div> <!-- /btn-group -->
|
||||||
|
</div>
|
||||||
|
</div> <!-- /panel-body -->
|
||||||
|
</div> <!-- /panel -->
|
||||||
|
</form>
|
||||||
|
</div> <!-- /content -->
|
||||||
|
</div> <!-- /center-block -->
|
29
views/login/reset_sent.php
Normal file
29
views/login/reset_sent.php
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
<div class="center-block" style="width: 400px;">
|
||||||
|
<div class="content clearfix">
|
||||||
|
<form method="post" action="<?php echo URL::site('login/reset'); ?>">
|
||||||
|
<br/>
|
||||||
|
<div class="panel panel-default">
|
||||||
|
<div class="panel-heading">
|
||||||
|
<div class="panel-title">Reset Password</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="panel-body">
|
||||||
|
<div class="form-group">
|
||||||
|
<p>You should have received an email with a pass code. Please enter that pass code here.</p>
|
||||||
|
|
||||||
|
<div class="input-group">
|
||||||
|
<span class="input-group-addon"><i class="fa fa-bomb fa-fw"></i></span>
|
||||||
|
<input type="text" id="token" name="token" value="" placeholder="Token" class="form-control" required />
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<div class="btn-group">
|
||||||
|
<button class="btn btn-default btn-large">Reset</button>
|
||||||
|
</div> <!-- /btn-group -->
|
||||||
|
</div>
|
||||||
|
</div> <!-- /panel-body -->
|
||||||
|
</div> <!-- /panel -->
|
||||||
|
</form>
|
||||||
|
</div> <!-- /content -->
|
||||||
|
</div> <!-- /center-block -->
|
Reference in New Issue
Block a user