From c4a22dd45bfef1d0613a9fe6b7d8997d20fc8a24 Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 29 Sep 2014 15:17:37 +1000 Subject: [PATCH] Some internal restructure --- .htaccess | 4 +- application/bootstrap.php | 5 +- application/classes/Auth/MDB.php | 229 ------------------ application/classes/Auth/ORM.php | 22 -- application/classes/Company.php | 2 +- .../classes/Controller/Admin/Module.php | 187 -------------- .../Controller/Admin/Module/Method.php | 109 --------- .../classes/Controller/Director/Welcome.php | 1 - application/classes/Controller/Family.php | 3 + .../classes/Controller/TemplateDefault.php | 46 ---- application/classes/DB.php | 35 --- application/classes/Database/MySQL.php | 20 -- application/classes/Model/Account.php | 148 ----------- application/classes/Model/Account/Log.php | 27 --- .../classes/Model/Auth/UserDefault.php | 44 ---- application/classes/Model/Country.php | 23 ++ application/classes/Model/Group.php | 71 ------ application/classes/Model/Group/Method.php | 25 -- .../Module.php => Model/Language.php} | 11 +- application/classes/Model/Module.php | 55 ----- application/classes/Model/Module/Method.php | 91 ------- application/classes/Model/Record/ID.php | 40 --- application/classes/ORM.php | 127 +--------- application/classes/StaticList/Title.php | 28 +++ application/classes/URL.php | 10 +- application/config/auth.php | 17 -- application/config/config.php | 3 - includes/kohana | 2 +- modules/lnapp | 2 +- modules/lnauth | 1 + 30 files changed, 77 insertions(+), 1311 deletions(-) delete mode 100644 application/classes/Auth/MDB.php delete mode 100644 application/classes/Auth/ORM.php delete mode 100644 application/classes/Controller/Admin/Module.php delete mode 100644 application/classes/Controller/Admin/Module/Method.php create mode 100644 application/classes/Controller/Family.php delete mode 100644 application/classes/Controller/TemplateDefault.php delete mode 100644 application/classes/DB.php delete mode 100644 application/classes/Database/MySQL.php delete mode 100644 application/classes/Model/Account.php delete mode 100644 application/classes/Model/Account/Log.php delete mode 100644 application/classes/Model/Auth/UserDefault.php create mode 100644 application/classes/Model/Country.php delete mode 100644 application/classes/Model/Group.php delete mode 100644 application/classes/Model/Group/Method.php rename application/classes/{Controller/Module.php => Model/Language.php} (53%) delete mode 100644 application/classes/Model/Module.php delete mode 100644 application/classes/Model/Module/Method.php delete mode 100644 application/classes/Model/Record/ID.php create mode 100644 application/classes/StaticList/Title.php delete mode 100644 application/config/auth.php create mode 160000 modules/lnauth diff --git a/.htaccess b/.htaccess index 7a13b73..8ed192d 100644 --- a/.htaccess +++ b/.htaccess @@ -2,7 +2,7 @@ RewriteEngine On # Installation directory -RewriteBase /ebccc +RewriteBase /memberdb # Protect hidden files from being viewed @@ -11,7 +11,7 @@ RewriteBase /ebccc # Protect application and system files from being viewed -RewriteRule ^(?:application|modules|system)\b.* index.php/$0 [L] +RewriteRule ^(?:application|modules|includes/kohana)\b.* index.php/$0 [L] # Allow any files or directories that exist to be displayed directly RewriteCond %{REQUEST_FILENAME} !-f diff --git a/application/bootstrap.php b/application/bootstrap.php index a39044a..79b18bd 100644 --- a/application/bootstrap.php +++ b/application/bootstrap.php @@ -99,7 +99,7 @@ if (isset($_SERVER['KOHANA_ENV'])) * - boolean expose set the X-Powered-By header FALSE */ Kohana::init(array( - 'base_url' => Kohana::$environment === Kohana::PRODUCTION ? '/ebccc' : '/ebccc', + 'base_url' => Kohana::$environment === Kohana::PRODUCTION ? '/memberdb' : '/memberdb', 'caching' => Kohana::$environment === Kohana::PRODUCTION, 'profile' => Kohana::$environment !== Kohana::PRODUCTION, 'index_file' => FALSE, @@ -119,6 +119,7 @@ Kohana::$config->attach(new Config_File); * Enable modules. Modules are referenced by a relative or absolute path. */ Kohana::modules(array( + 'lnauth' => MODPATH.'lnauth', // lnAuth Base Authentication Tools 'lnapp' => MODPATH.'lnapp', // lnApp Base Application Tools // 'oauth' => MODPATH.'oauth', // OAuth Module for External Authentication 'auth' => SMDPATH.'auth', // Basic authentication @@ -129,7 +130,7 @@ Kohana::modules(array( // 'gchart' => MODPATH.'gchart', // Google Chart Module // 'highchart' => MODPATH.'highchart', // Highcharts Chart Module // 'image' => SMDPATH.'image', // Image manipulation - // 'khemail' => SMDPATH.'khemail', // Email module for Kohana 3 PHP Framework + 'khemail' => SMDPATH.'khemail', // Email module for Kohana 3 PHP Framework // 'minion' => SMDPATH.'minion', // CLI Tasks 'orm' => SMDPATH.'orm', // Object Relationship Mapping // 'pagination' => SMDPATH.'pagination', // Kohana Pagination module for Kohana 3 PHP Framework diff --git a/application/classes/Auth/MDB.php b/application/classes/Auth/MDB.php deleted file mode 100644 index 4b95447..0000000 --- a/application/classes/Auth/MDB.php +++ /dev/null @@ -1,229 +0,0 @@ -_config = $config; - - if (PHP_SAPI !== 'cli') - parent::__construct($config); - } - - /** - * Get the user that a token applies to - * - * This will check that the token is valid (not expired and for the request) - * - * @param $token The token - * @return Model_Account|NULL The user that the token is valid for. - */ - private function _get_token_user($token) { - // This has been implemented, as we sometimes we seem to come here twice - static $uo = NULL; - - if (! is_null($uo)) - return $uo; - - $mmto = ORM::factory('Module_Method_Token',array('token'=>$token)); - - // Ignore the token if it doesnt exist. - if ($mmto->loaded()) { - // Check that the token is for this URI - $mo = ORM::factory('Module',array('name'=>Request::current()->controller())); - $mmo = $mo->module_method - ->where('name','=',strtolower(Request::current()->directory() ? sprintf('%s:%s',Request::current()->directory(),Request::current()->action()) : Request::current()->action())) - ->find(); - - // Ignore the token if this is not the right method. - if ($mmo->id == $mmto->method_id) { - if (! is_null($mmto->date_expire) AND $mmto->date_expire < time()) { - SystemMessage::add(array( - 'title'=>_('Token Not Valid'), - 'type'=>'warning', - 'body'=>_('Token expired'))); - - Session::instance()->delete('token'); - $mmto->delete(); - - } elseif (! is_null($mmto->uses) AND $mmto->uses < 1) { - SystemMessage::add(array( - 'title'=>_('Token Not Valid'), - 'type'=>'warning', - 'body'=>_('Token expired'))); - - Session::instance()->delete('token'); - $mmto->delete(); - - } else { - // If this is a usage count token, reduce the count. - if (! is_null($mmto->uses)) - $mmto->uses -= 1; - - // Record the date this token was used - $mmto->date_last = time(); - $mmto->save(); - - Session::instance()->set('token',$token); - - $uo = ORM::factory('Account',$mmto->account_id); - $uo->log(sprintf('Token %s used for method %s [%s]',$mmto->token,$mmto->module_method->id,Request::current()->param('id'))); - } - } - } - - return $uo; - } - - /** - * Logs a user in. - * - * @param string username - * @param string password - * @param boolean enable autologin - * @return boolean - */ - protected function _login($user,$password,$remember) { - if (! is_object($user)) { - $username = $user; - - // Load the user - $user = ORM::factory('Account'); - $user->where('username','=',$username)->find(); - - // If no user loaded, return - if (! $user->loaded()) - return FALSE; - } - - // Create a hashed password - if (is_string($password)) - $password = $this->hash($password); - - // If the passwords match, perform a login - if ($user->active AND $user->has_any('group',ORM::factory('Group',array('name'=>'Registered Users'))->list_childgrps(TRUE)) AND $user->password === $password) { - - // @todo This is not currently used. - if ($remember === TRUE) { - // Create a new autologin token - $token = ORM::factory('User_Token'); - - // Set token data - $token->user_id = $user->id; - $token->expires = time() + $this->_config['lifetime']; - $token->save(); - - // Set the autologin cookie - Cookie::set('authautologin', $token->token, $this->_config['lifetime']); - } - - // Record our session ID, we may need to update our DB when we get a new ID - $oldsess = session_id(); - - // Finish the login - $this->complete_login($user); - - // Do we need to update databases with our new sesion ID - $sct = Kohana::$config->load('config')->session_change_trigger; - if (session_id() != $oldsess AND count($sct)) - foreach ($sct as $t => $c) - if (Config::module_exist($t)) - foreach (ORM::factory(ucwords($t))->where($c,'=',$oldsess)->find_all() as $o) - $o->set('session_id',session_id()) - ->update(); - - return TRUE; - } - - // Login failed - return FALSE; - } - - /** - * Determine if a user is authorised to view an account - * - * @param Model_Account Account Ojbect to validate if the current user has access - * @return boolean TRUE if authorised, FALSE if not. - */ - public function authorised(Model_Account $ao) { - return (($uo = $this->get_user()) AND $uo->loaded() AND ($uo == $ao OR in_array($ao->id,$uo->RTM->customers($uo->RTM)))); - } - - /** - * Gets the currently logged in user from the session. - * Returns NULL if no user is currently logged in. - * - * @param boolean Check token users too - * @return mixed - */ - public function get_user($default=NULL,$tokenuser=TRUE) { - // If we are a CLI, we are not logged in - if (PHP_SAPI === 'cli') - throw new Kohana_Exception('Calling :method from the CLI is not allowed!',array(':method'=>__METHOD__)); - - // Get the current user - $uo = parent::get_user($default); - - // If we are not logged in, see if there is token for the user - if (is_null($uo) AND $tokenuser AND ($token=Session::instance()->get('token')) OR (! empty($_REQUEST['token']) AND $token=$_REQUEST['token'])) - $uo = $this->_get_token_user($token); - - return $uo; - } - - public function get_groups() { - return is_null($x=$this->get_user()) ? ORM::factory('Group')->where('id','=',0)->find_all() : $x->groups(); - } - - /** - * OSB authentication is controlled via database queries. - * - * This method can be used to test two situations: - * 1) Is the user logged in? ($role == FALSE) - * 2) Can the user run the current controller->action ($role == TRUE) - * - * @param boolean If authentication should be done for this module:method (ie: controller:action). - * @return boolean - */ - public function logged_in($role=NULL,$debug=NULL) { - $status = FALSE; - - // If we are a CLI, we are not logged in - if (PHP_SAPI === 'cli') - return $status; - - // Get the user from the session - $uo = $this->get_user(); - - // If we are not a valid user object, then we are not logged in - if (is_object($uo) AND ($uo instanceof Model_Account) AND $uo->loaded()) - if (! empty($role)) { - if (($x = Request::current()->mmo()) instanceof Model) - // If the role has the authorisation to run the method - foreach ($x->group->find_all() as $go) - if ($go->id == 0 OR $uo->has_any('group',$go->list_childgrps(TRUE))) { - $status = TRUE; - break; - } - - // There is no role, so the method should be allowed to run as anonymous - } else - $status = TRUE; - - return $status; - } -} -?> diff --git a/application/classes/Auth/ORM.php b/application/classes/Auth/ORM.php deleted file mode 100644 index 4c8da84..0000000 --- a/application/classes/Auth/ORM.php +++ /dev/null @@ -1,22 +0,0 @@ -_config['hash_method']) { - case '' : return $str; - case 'md5': return md5($str); - default: return hash_hmac($this->_config['hash_method'], $str, $this->_config['hash_key']); - } - } -} -?> diff --git a/application/classes/Company.php b/application/classes/Company.php index 04cd214..87b96a0 100644 --- a/application/classes/Company.php +++ b/application/classes/Company.php @@ -34,7 +34,7 @@ class Company { } public function admin() { - return $this->so->account->name(); + return $this->so->account; } public function address($ln='
') { diff --git a/application/classes/Controller/Admin/Module.php b/application/classes/Controller/Admin/Module.php deleted file mode 100644 index 646afba..0000000 --- a/application/classes/Controller/Admin/Module.php +++ /dev/null @@ -1,187 +0,0 @@ -TRUE, - 'edit'=>TRUE, - 'list'=>TRUE, - ); - - protected function _classes($dir,$class,$array=NULL,$key='') { - $result = array(); - - if (is_null($array)) { - $key = 'classes/Controller'; - $array = Arr::get(Kohana::list_files('classes'),$key); - } - - if (! $class) - return array_keys($array); - - if (! $dir) { - if (! empty($array[$key.'/'.$class])) - $result = Arr::merge($result,$this->_classes('','',$array[$key.'/'.$class],$key.'/'.$class)); - - if (! empty($array[$key.'/'.$class.'.php'])) - array_push($result,$key.'/'.$class); - - } else { - if (! empty($array[$key.'/'.$dir])) - $result = Arr::merge($result,$this->_classes('',$class,$array[$key.'/'.$dir],$key.'/'.$dir)); - - if (! empty($array[$key.'/'.$dir.'/'.$class.'.php'])) - array_push($result,$key.'/'.$dir.'/'.$class); - } - - foreach ($result as $k=>$v) - $result[$k] = str_replace('.php','',str_replace('/','_',preg_replace('/^classes\//','',$v))); - - return $result; - } - - /** - * Get the list of methods for a class - */ - protected function _methods($class) { - $class = Kohana::classname($class); - // Get a list of methods this module has - $methods = $secure_actions = $auth_required = array(); - - // List of classes where all our methods are, including this one. - $classes = URL::$method_directory; - array_unshift($classes,''); - - foreach ($classes as $c) { - $x = URL::dir($c); - $cp = $this->_classes($x,$class); - - foreach ($cp as $cn) - if (class_exists($cn)) { - $sc = preg_replace(sprintf('/^Controller_%s%s_?/',$x ? $x.'_' : '',$class),'',$cn); - $r = new ReflectionClass($cn); - - $rdp = $r->getDefaultProperties(); - $secure_actions[$cn] = $rdp['secure_actions']; - $auth_required[$cn] = $rdp['auth_required']; - - foreach ($r->getMethods() as $method) - if ($method->class == $cn AND preg_match('/^action_/',$method->name)) - array_push($methods,str_replace('action_',strtolower($x.($sc ? '_'.$sc : '').':'),$method->name)); - } - } - - return array('methods'=>$methods,'secure_actions'=>$secure_actions,'auth_required'=>$auth_required); - } - - /** - * Edit a Module Configuration - */ - public function action_edit() { - $id = $this->request->param('id'); - $mo = ORM::factory('Module',$id); - - $methods = array(); - - if (! $mo->loaded()) { - SystemMessage::factory() - ->title(_('Invalid Module ID')) - ->type('error') - ->body(sprintf(_('Module with ID %s doesnt appear to exist?'),$id)); - - HTTP::redirect(URL::link('admin','module/list')); - } - - $mm = $this->_methods($mo->name); - $methods['exist'] = array(); - foreach ($mo->module_method->find_all() as $mmo) { - if (in_array($mmo->name,$mm['methods'])) { - $k = array_search($mmo->name,$mm['methods']); - unset($mm['methods'][$k]); - - $mmo->status('INDB'); - } else - $mmo->status('ORPHAN'); - - if (! empty($mm['secure_actions'][$mmo->controller()][$mmo->method()])) - unset($mm['secure_actions'][$mmo->controller()][$mmo->method()]); - - array_push($methods['exist'],$mmo); - } - - $methods['missing'] = array(); - foreach ($mm['methods'] as $k=>$method) { - $mmo = ORM::factory('Module_Method'); - $mmo->module_id = $mo->id; - $mmo->name = $method; - - if (! empty($mm['auth_required'][$mmo->controller()]) AND $mm['auth_required'][$mmo->controller()]) - $mmo->status('MISSING'); - - array_push($methods['missing'],$mmo); - } - - Block::factory() - ->title(sprintf('%s: %s ',_('Defined Module Methods For'),$mo->display('name'))) - ->title_icon('icon-cog') - ->body(Table::factory() - ->data($methods['exist']) - ->columns(array( - 'id'=>'ID', - 'name'=>'Name', - 'notes'=>'Notes', - 'menu_display'=>'Menu', - 'status()'=>'Status', - )) - ->prepend(array( - 'id'=>array('url'=>URL::link('admin','module_method/edit/')), - )) - ); - - Block::factory() - ->title(sprintf('%s: %s ',_('Missing Module Methods For'),$mo->display('name'))) - ->title_icon('icon-exclamation-sign') - ->body(Table::factory() - ->data($methods['missing']) - ->columns(array( - 'name'=>'Name', - 'status()'=>'Status', - )) - ->prepend(array( - 'name'=>array('url'=>URL::link('admin','module_method/add/'.$mo->id.'/')), - )) - ); - } - - /** - * List our installed modules - */ - public function action_list() { - Block::factory() - ->title('Defined Modules') - ->title_icon('icon-cog') - ->body(Table::factory() - ->data(ORM::factory('Module')->where('parent_id','is',NULL)->find_all()) - ->jssort(TRUE) - ->columns(array( - 'id'=>'ID', - 'name'=>'Name', - 'notes'=>'Notes', - 'status'=>'Active', - 'external'=>'External', - )) - ->prepend(array( - 'id'=>array('url'=>URL::link('admin','module/edit/')), - )) - ); - } -} -?> diff --git a/application/classes/Controller/Admin/Module/Method.php b/application/classes/Controller/Admin/Module/Method.php deleted file mode 100644 index c674c51..0000000 --- a/application/classes/Controller/Admin/Module/Method.php +++ /dev/null @@ -1,109 +0,0 @@ -request->param('id'); - $method = $this->request->param('sid'); - - $mo = ORM::factory('Module',$id); - $mm = $this->_methods($mo->name); - - if (! $mo->loaded() OR ! in_array($method,$mm['methods'])) - HTTP::redirect(URL::link('admin','module/list')); - - if ($_POST) { - $mmo = $mo->module_method; - $mmo->name = $method; - $mmo->module_id = $mo->id; - $mmo->values($_POST); - - if (! $this->save($mmo)) - throw HTTP_Exception::factory(501,'Unable to save data :post',array(':post'=>serialize($_POST))); - - HTTP::redirect(URL::link('admin','module/edit/'.$mo->id)); - } - - Block::factory() - ->title(sprintf(_('Add Method (%s) to Database for (%s)'),strtoupper($method),strtoupper($mo->name))) - ->title_icon('icon-plus-sign') - ->type('form-horizontal') - ->body(View::factory('module/method/admin/add') - ->set('name',$method) - ->set('o',$mo) - ); - } - - /** - * Edit a Module Configuration - */ - public function action_edit() { - $id = $this->request->param('id'); - $mmo = ORM::factory('Module_Method',$id); - - if (! $mmo->loaded()) { - SystemMessage::factory() - ->title(_('Invalid Method ID')) - ->type('error') - ->body(sprintf(_('Method with ID %s doesnt appear to exist?'),$id)); - - HTTP::redirect(URL::link('admin','module/list')); - } - - if ($_POST) { - $mmo->values($_POST); - - if (! $this->save($mmo)) - throw HTTP_Exception::factory(501,'Unable to save data :post',array(':post'=>serialize($_POST))); - - foreach (ORM::factory('Group')->find_all() as $go) { - // If the group was defined and no longer - if ($mmo->has('group',$go) AND (! isset($_POST['groups']) OR ! in_array($go->id,$_POST['groups']))) { - $gmo = ORM::factory('Group_Method',array('method_id'=>$mmo->id,'group_id'=>$go->id)); - - if (! $gmo->delete()) - SystemMessage::factory() - ->title(_('Unable to DELETE Group Method')) - ->type('error') - ->body(sprintf(_('Unable to delete Group Method for method %s and group %s'),$mmo->name,$go->name)); - - // If the group was not defined and now is - } elseif (! $mmo->has('group',$go) AND isset($_POST['groups']) AND in_array($go->id,$_POST['groups'])) { - $gmo = ORM::factory('Group_Method') - ->values(array( - 'method_id'=>$mmo->id, - 'group_id'=>$go->id, - )); - - if (! $this->save($gmo)) - SystemMessage::factory() - ->title(_('Unable to SAVE Group Method')) - ->type('error') - ->body(sprintf(_('Unable to save Group Method for method %s and group %s'),$mmo->name,$go->name)); - } - } - - HTTP::redirect(URL::link('admin','module/edit/'.$mmo->module_id)); - } - - Block::factory() - ->title(sprintf(_('Configure access to method (%s::%s)'),$mmo->controller(),$mmo->method())) - ->title_icon('icon-plus-sign') - ->type('form') - ->body(View::factory('module/method/admin/edit') - ->set('o',$mmo) - ); - } -} -?> diff --git a/application/classes/Controller/Director/Welcome.php b/application/classes/Controller/Director/Welcome.php index 9341d10..a069ac3 100644 --- a/application/classes/Controller/Director/Welcome.php +++ b/application/classes/Controller/Director/Welcome.php @@ -107,7 +107,6 @@ class Controller_Director_Welcome extends Controller_Welcome { Block::factory() ->title(sprintf('Site Availability for %s',Site::date($date))) ->title_icon('icon-cog') - ->span(10) ->body($output); } } diff --git a/application/classes/Controller/Family.php b/application/classes/Controller/Family.php new file mode 100644 index 0000000..c2bd26e --- /dev/null +++ b/application/classes/Controller/Family.php @@ -0,0 +1,3 @@ +save(); - - } catch (ORM_Validation_Exception $e) { - SystemMessage::factory() - ->title('Record NOT updated') - ->type('danger') - ->body(join('
',array_values($e->errors('models')))); - - return FALSE; - } - } - - protected function setup(array $config_items=array()) { - $mo = ORM::factory('Module',array('name'=>Request::current()->controller())); - if (! $mo->loaded()) - throw HTTP_Exception::factory(501,'Unknown module :module',array(':module'=>Request::current()->controller())); - - if ($_POST AND isset($_POST['module_config'][$mo->id])) - Config::instance()->module_config($mo->name,$_POST['module_config'][$mo->id])->save(); - - if ($config_items) { - Block::factory() - ->title('Update Module Configuration') - ->title_icon('icon-wrench') - ->type('form-horizontal') - ->body(View::factory('setup/admin/module')->set('o',Company::instance()->so())->set('mid',$mo->id)); - } - } -} -?> diff --git a/application/classes/DB.php b/application/classes/DB.php deleted file mode 100644 index cbce646..0000000 --- a/application/classes/DB.php +++ /dev/null @@ -1,35 +0,0 @@ -where($table.'.site_id','=',Company::instance()->site()); - else - return $db; - } - - // Add the site_id to the update query - final public static function update($table = NULL) - { - $db = new Database_Query_Builder_Update($table); - - if (! in_array($table,ORM::$no_site_id_tables)) - return $db->where($table.'.site_id','=',Company::instance()->site()); - else - return $db; - } -} -?> diff --git a/application/classes/Database/MySQL.php b/application/classes/Database/MySQL.php deleted file mode 100644 index 6d53cd0..0000000 --- a/application/classes/Database/MySQL.php +++ /dev/null @@ -1,20 +0,0 @@ - diff --git a/application/classes/Model/Account.php b/application/classes/Model/Account.php deleted file mode 100644 index df7802a..0000000 --- a/application/classes/Model/Account.php +++ /dev/null @@ -1,148 +0,0 @@ -array('model'=>'user_token'), - 'email_log'=>array('far_key'=>'id'), - 'group'=>array('through'=>'account_group'), - ); - - protected $_has_one = array( - 'country'=>array('foreign_key'=>'id'), - 'currency'=>array('foreign_key'=>'id'), - 'language'=>array('foreign_key'=>'id'), - ); - - protected $_display_filters = array( - 'date_orig'=>array( - array('Site::Date',array(':value')), - ), - 'date_last'=>array( - array('Site::Date',array(':value')), - ), - 'active'=>array( - array('StaticList_YesNo::get',array(':value',TRUE)), - ), - ); - - protected $_form = array('id'=>'id','value'=>'name(TRUE)'); - - protected $_save_message = TRUE; - - /** - * Our account number format - */ - public function accnum() { - return sprintf('%s-%04s',Company::instance()->site(TRUE),$this->id); - } - - /** - * Get the groups that an account belongs to - */ - public function groups() { - $result = array(); - - foreach ($this->group->where_active()->find_all() as $go) - foreach ($go->list_parentgrps(TRUE) as $cgo) - if (empty($result[$cgo->id])) - $result[$cgo->id] = $cgo; - - return $result; - } - - public function log($message) { - // Log a message for this account - $alo = ORM::factory('Account_Log'); - $alo->account_id = $this->id; - $alo->ip = Request::$client_ip; - $alo->details = $message; - $alo->save(); - - return $alo->saved(); - } - - public function isAdmin() { - return FALSE; - } - - /** - * This function will extract the available methods for this account - * This is used both for menu options and method security - */ - public function methods() { - static $result = array(); - - // @todo We may want to optimise this with some session caching. - if ($result) - return $result; - - foreach ($this->groups() as $go) - foreach ($go->module_method->find_all() as $mmo) - if (empty($result[$mmo->id])) - $result[$mmo->id] = $mmo; - - Sort::MAsort($result,'module->name,menu_display'); - - return $result; - } - - /** - * Return an account name - */ - public function name() { - return trim(sprintf('%s %s',$this->first_name,$this->last_name)); - } - - /** - * Search for accounts matching a term - */ - public function list_autocomplete($term,$index,$value,array $label,array $limit=array(),array $options=NULL) { - $ao = Auth::instance()->get_user(); - - $this->clear(); - $this->where_active(); - - // Build our where clause - // First Name, Last name - if (preg_match('/\ /',$term)) { - list($fn,$ln) = explode(' ',$term,2); - - $this->where_open() - ->where_open() - ->where('first_name','like','%'.$fn.'%') - ->and_where('last_name','like','%'.$ln.'%') - ->where_close() - ->or_where('company','like','%'.$term.'%') - ->where_close(); - - } elseif (is_numeric($term)) { - $this->where('id','like','%'.$term.'%'); - - } elseif (preg_match('/\@/',$term)) { - $this->where('email','like','%'.$term.'%'); - - } else { - $this->where_open() - ->where('company','like','%'.$term.'%') - ->or_where('first_name','like','%'.$term.'%') - ->or_where('last_name','like','%'.$term.'%') - ->where_close(); - } - - // Restrict results to authorised accounts - array_push($limit,array('id','IN',$ao->RTM->customers($ao->RTM))); - - return parent::list_autocomplete($term,$index,$value,$label,$limit,$options); - } -} -?> diff --git a/application/classes/Model/Account/Log.php b/application/classes/Model/Account/Log.php deleted file mode 100644 index 851361a..0000000 --- a/application/classes/Model/Account/Log.php +++ /dev/null @@ -1,27 +0,0 @@ -array(), - ); - - protected $_sorting = array( - 'id'=>'DESC', - ); - - protected $_display_filters = array( - 'date_orig'=>array( - array('Site::Datetime',array(':value')), - ), - ); -} -?> diff --git a/application/classes/Model/Auth/UserDefault.php b/application/classes/Model/Auth/UserDefault.php deleted file mode 100644 index c516961..0000000 --- a/application/classes/Model/Auth/UserDefault.php +++ /dev/null @@ -1,44 +0,0 @@ - array( - array('not_empty'), - array('min_length', array(':value', 4)), - array('max_length', array(':value', 256)), - ), - 'email' => array( - array('not_empty'), - array('min_length', array(':value', 4)), - array('max_length', array(':value', 127)), - array('email'), - ), - ); - } - - /** - * Complete our login - * - * For some database logins, we may not want to record the user last login - * details in the repository, so we just override that parent function - * here. - * - * We can also do some other post-login actions here. - */ - public function complete_login() { - return $this->log('Logged In'); - } - - abstract public function isAdmin(); -} -?> diff --git a/application/classes/Model/Country.php b/application/classes/Model/Country.php new file mode 100644 index 0000000..4361475 --- /dev/null +++ b/application/classes/Model/Country.php @@ -0,0 +1,23 @@ +'ASC', + ); + + protected $_form = array('id'=>'id','value'=>'name'); + + public static function icon() { + return HTML::image(sprintf('media/img/country/%s.png',strtolower($this->two_code)),array('alt'=>$this->currency->symbol)); + } +} +?> diff --git a/application/classes/Model/Group.php b/application/classes/Model/Group.php deleted file mode 100644 index 701c08b..0000000 --- a/application/classes/Model/Group.php +++ /dev/null @@ -1,71 +0,0 @@ -array('through'=>'account_group'), - 'module_method'=>array('through'=>'group_method','far_key'=>'method_id'), - ); - protected $_sorting = array( - 'name'=>'ASC', - ); - - protected $_display_filters = array( - 'active'=>array( - array('StaticList_YesNo::get',array(':value',TRUE)), - ), - ); - - /** - * This function will, given a group, list all of the children that - * are also related to this group, in the group heirarchy. - */ - public function list_childgrps($incParent=FALSE) { - $result = array(); - - if (! $this->loaded()) - return $result; - - foreach (ORM::factory('Group')->where_active()->and_where('parent_id','=',$this)->find_all() as $go) { - array_push($result,$go); - - $result = array_merge($result,$go->list_childgrps()); - } - - if ($incParent) - array_push($result,$this); - - return $result; - } - - /** - * This function will, given a group, list all of the parent that - * are also related to this group, in the group heirarchy. - */ - public function list_parentgrps($incParent=FALSE) { - $result = array(); - - if (! $this->loaded()) - return $result; - - foreach (ORM::factory('Group')->where_active()->and_where('id','=',$this->parent_id)->find_all() as $go) { - array_push($result,$go); - - $result = array_merge($result,$go->list_parentgrps()); - } - - if ($incParent) - array_push($result,$this); - - return $result; - } -} -?> diff --git a/application/classes/Model/Group/Method.php b/application/classes/Model/Group/Method.php deleted file mode 100644 index 0899fbb..0000000 --- a/application/classes/Model/Group/Method.php +++ /dev/null @@ -1,25 +0,0 @@ -array(), - ); - protected $_belongs_to = array( - 'group'=>array(), - ); - - // This module doesnt keep track of column updates automatically - protected $_created_column = FALSE; - protected $_updated_column = FALSE; -} -?> diff --git a/application/classes/Controller/Module.php b/application/classes/Model/Language.php similarity index 53% rename from application/classes/Controller/Module.php rename to application/classes/Model/Language.php index a58989a..21a4466 100644 --- a/application/classes/Controller/Module.php +++ b/application/classes/Model/Language.php @@ -1,14 +1,19 @@ 'ASC', + ); + + protected $_form = array('id'=>'id','value'=>'name'); } ?> diff --git a/application/classes/Model/Module.php b/application/classes/Model/Module.php deleted file mode 100644 index 0405cac..0000000 --- a/application/classes/Model/Module.php +++ /dev/null @@ -1,55 +0,0 @@ -array('model'=>'Record_ID','far_key'=>'id'), - ); - protected $_has_many = array( - 'module_method'=>array('far_key'=>'id'), - ); - protected $_sorting = array( - 'name'=>'ASC', - ); - - protected $_display_filters = array( - 'external'=>array( - array('StaticList_YesNo::get',array(':value',TRUE)), - ), - 'name'=>array( - array('strtoupper',array(':value')), - ), - 'active'=>array( - array('StaticList_YesNo::get',array(':value',TRUE)), - ), - ); - - /** - * Return an instance of this Module's Model - * - * @param $id PK of Model - */ - public function instance($id=NULL) { - if (! $this->loaded()) - throw new Kohana_Exception('Cant call an instance of a model when it is not loaded'); - - return ORM::factory(Kohana::classname($this->name),$id); - } - - public function list_external() { - return $this->where_active()->where('external','=',TRUE)->find_all(); - } -} -?> diff --git a/application/classes/Model/Module/Method.php b/application/classes/Model/Module/Method.php deleted file mode 100644 index 5c9be86..0000000 --- a/application/classes/Model/Module/Method.php +++ /dev/null @@ -1,91 +0,0 @@ -array(), - ); - protected $_has_one = array( - 'record_id'=>array(), - ); - protected $_has_many = array( - 'group'=>array('through'=>'group_method','foreign_key'=>'method_id') - ); - - protected $_sorting = array( - 'name'=>'ASC', - ); - - protected $_nullifempty = array( - 'menu_display', - ); - - protected $status; - - public function controller_sub() { - return substr_count($this->name,'_') ? substr($this->name,($x=strpos($this->name,'_')),strpos($this->name,':')-$x) : ''; - } - - public function controller() { - return Kohana::classname(sprintf('Controller%s_%s',($this->directory() ? '_' : '').$this->directory(),$this->module->name).$this->controller_sub()); - } - - public function directory() { - return substr($this->name,0,substr_count($this->name,'_') ? strpos($this->name,'_') : strpos($this->name,':')); - } - - public function method() { - return substr($this->name,strpos($this->name,':')+1); - } - - /** - * Get our Module_Method object for this request - */ - public function request_mmo(Request $ro) { - list($c,$x) = substr_count($ro->controller(),'_') ? explode('_',$ro->controller(),2) : array($ro->controller(),''); - - $mo = ORM::factory('Module',array('name'=>$c)); - - if ($mo->loaded() AND $mo->active) { - $method = strtolower($ro->directory() ? sprintf('%s:%s',$ro->directory() ? $ro->directory().($x ? '_'.$x : '') : $ro->action(),$ro->action()) : $ro->action()); - - // Get the method number - $mmo = $mo->module_method - ->where('name','=',$method) - ->find(); - - if ($mmo->loaded()) - return $mmo; - } - } - - public function status($status=NULL) { - if ($status) - $this->status = $status; - - return $this->status; - } - - public function url() { - if (! preg_match('/:/',$this->name)) - return NULL; - - list($type,$action) = preg_split('/:/',$this->name,2); - - return URL::link($this->directory(),$this->module->name.$this->controller_sub().'/'.$action); - } -} -?> diff --git a/application/classes/Model/Record/ID.php b/application/classes/Model/Record/ID.php deleted file mode 100644 index cff704d..0000000 --- a/application/classes/Model/Record/ID.php +++ /dev/null @@ -1,40 +0,0 @@ -id)) { - $this->module_id = $mid; - - // We'll get the next ID as the MAX(id) of the table - $mo = ORM::factory('Module',$mid); - - $max = DB::select(array('MAX(id)','id')) - ->from($mo->name) - ->where('site_id','=',Company::instance()->site()); - - $this->id = $max->execute()->get('id'); - } - - $this->id++; - - if (! $this->save()) - throw HTTP_Exception::factory(501,'Unable to increase ID for :table',array(':table'=>$mid)); - - return $this->id; - } -} -?> diff --git a/application/classes/ORM.php b/application/classes/ORM.php index 917b09f..40c96f5 100644 --- a/application/classes/ORM.php +++ b/application/classes/ORM.php @@ -9,136 +9,18 @@ * @copyright (c) 2014 Deon George * @license http://dev.leenooks.net/license.html */ -abstract class ORM extends lnApp_ORM { +abstract class ORM extends lnAuth_ORM { /** * @var string Database to connect to */ protected $_db = 'default'; - // Tables that do not have a site_id column - public static $no_site_id_tables = array('setup','country','currency','language'); - - protected $_save_message = TRUE; - - // Rules to assist with site ID and getting next record ID for inserts. - public function rules() { - return array( - 'id'=>array( - array('ORM::get_next_id',array(':model',':field')), - ), - 'site_id'=>array( - array('ORM::set_site_id',array(':model',':field')), - ), - ); - } - - /** - * Add our OSB site_id to each SELECT query - * @see parent::__build() - */ - final protected function _build($type) { - // Exclude tables without site ID's - if (! in_array($this->_table_name,ORM::$no_site_id_tables)) - $this->where($this->_object_name.'.site_id','=',Company::instance()->site()); - - return parent::_build($type); - } - - /** - * Determine if the account is authoised by the user - */ - public function authorised(Model $o=NULL,Model_Account $ao=NULL,$aid='account_id') { - if (is_null($o)) - $o = $this; - if (is_null($ao)) - $ao = Auth::instance()->get_user(); - - return in_array($o->{$aid},$ao->RTM->customers($ao->RTM)); - } - - /** - * Override KH's ORM count_relations() function, to include our site_id in the query. - * - * This is a copy of KH's ORM count_relations() function, with the addition of a where - * clause to include the site id. - */ - public function count_relations($alias, $far_keys = NULL) - { - if ($far_keys === NULL) - { - return (int) DB::select(array(DB::expr('COUNT(*)'), 'records_found')) - ->from($this->_has_many[$alias]['through']) - ->where($this->_has_many[$alias]['foreign_key'], '=', $this->pk()) - ->where('site_id', '=', Company::instance()->site()) - ->execute($this->_db)->get('records_found'); - } - - $far_keys = ($far_keys instanceof ORM) ? $far_keys->pk() : $far_keys; - - // We need an array to simplify the logic - $far_keys = (array) $far_keys; - - // Nothing to check if the model isn't loaded or we don't have any far_keys - if ( ! $far_keys OR ! $this->_loaded) - return 0; - - $count = (int) DB::select(array(DB::expr('COUNT(*)'), 'records_found')) - ->from($this->_has_many[$alias]['through']) - ->where($this->_has_many[$alias]['foreign_key'], '=', $this->pk()) - ->where($this->_has_many[$alias]['far_key'], 'IN', $far_keys) - ->where('site_id', '=', Company::instance()->site()) - ->execute($this->_db)->get('records_found'); - - // Rows found need to match the rows searched - return (int) $count; - } public function config($key) { $mc = Config::instance()->module_config($this->_object_name); return empty($mc[$key]) ? '' : $mc[$key]; } - /** - * Get Next record id - * - * @param array Validate object - * @param string Primary Key - */ - final public static function get_next_id($model,$field) { - if (! is_null($model->$field)) - return TRUE; - - $model->_changed[$field] = $field; - - $ido = ORM::factory('Module') - ->where('name','=',$model->_table_name) - ->find(); - - if (! $ido->loaded()) - throw new Kohana_Exception('Problem getting record_id for :table',array(':table'=>$model->_table_name)); - - $model->$field = $ido->record_id->next_id($ido->id); - - return TRUE; - } - - final public function mid() { - return ORM::factory('Module',array('name'=>$this->_table_name)); - } - - /** - * Set the site ID attribute for each row update - */ - final public static function set_site_id($model,$field) { - if (! is_null($model->$field)) - return TRUE; - - $model->_changed[$field] = $field; - $model->$field = Company::instance()->site(); - - return TRUE; - } - /** * Function help to find records that are active */ @@ -158,13 +40,6 @@ abstract class ORM extends lnApp_ORM { return $this->where($this->_table_name.'.active','=',TRUE); } - public function where_authorised(Model_Account $ao=NULL,$aid='account_id') { - if (is_null($ao)) - $ao = Auth::instance()->get_user(); - - return $this->where($aid,'IN',$ao->RTM->customers($ao->RTM)); - } - public function where_startstop($date,$date_end,$start='date_start',$stop='date_stop') { if (array_key_exists('priority',$this->table_columns())) $this->order_by('priority','ASC'); diff --git a/application/classes/StaticList/Title.php b/application/classes/StaticList/Title.php new file mode 100644 index 0000000..83ffa81 --- /dev/null +++ b/application/classes/StaticList/Title.php @@ -0,0 +1,28 @@ +_('Mr'), + 'ms'=>_('Ms'), + 'mrs'=>_('Mrs'), + 'miss'=>_('Miss'), + 'dr'=>_('Dr'), + 'prof'=>_('Prof') + ); + } + + public static function get($value) { + return self::factory()->_get($value); + } +} +?> diff --git a/application/classes/URL.php b/application/classes/URL.php index 08e28a7..af1c08c 100644 --- a/application/classes/URL.php +++ b/application/classes/URL.php @@ -23,19 +23,19 @@ class URL extends lnApp_URL { foreach (array_reverse(self::$method_directory) as $k=>$v) switch ($k) { - case 'admin': $result[$k] = array('name'=>'Administrator','icon'=>'icon-globe'); + case 'admin': $result[$k] = array('name'=>'Administrator','icon'=>'fa-globe'); break; - case 'director': $result[$k] = array('name'=>'Director','icon'=>'icon-th-list'); + case 'director': $result[$k] = array('name'=>'Director','icon'=>'fa-th-list'); break; - case 'committee': $result[$k] = array('name'=>'Committee','icon'=>'icon-th-list'); + case 'committee': $result[$k] = array('name'=>'Committee','icon'=>'fa-th-list'); break; - case 'user': $result[$k] = array('name'=>Auth::instance()->get_user()->name(),'icon'=>'icon-user'); + case 'user': $result[$k] = array('name'=>Auth::instance()->get_user()->name(),'icon'=>'fa-user'); break; - default: $result[$k] = array('name'=>$k,'icon'=>'icon-question-sign'); + default: $result[$k] = array('name'=>$k,'icon'=>'fa-question-sign'); } return $result; diff --git a/application/config/auth.php b/application/config/auth.php deleted file mode 100644 index b8bef81..0000000 --- a/application/config/auth.php +++ /dev/null @@ -1,17 +0,0 @@ - 'MDB', - 'hash_method' => 'md5', -); -?> diff --git a/application/config/config.php b/application/config/config.php index dc1264d..149c177 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -3,9 +3,6 @@ return array ( 'appname' => 'Membership Database', - 'method_security' => TRUE, - 'session_change_trigger'=>array( // Updates to tables to make when our session ID is changed - ), 'theme' => 'focusbusiness', 'theme_admin' => 'baseadmin', ); diff --git a/includes/kohana b/includes/kohana index 5ffa395..e04ac7d 160000 --- a/includes/kohana +++ b/includes/kohana @@ -1 +1 @@ -Subproject commit 5ffa395307a3b26f901dde5f3064c48a15979f0d +Subproject commit e04ac7d0978213f406f2a8a8e5f389af1a9620b9 diff --git a/modules/lnapp b/modules/lnapp index e6bc2de..9ae0980 160000 --- a/modules/lnapp +++ b/modules/lnapp @@ -1 +1 @@ -Subproject commit e6bc2de66ab85d5fd9e6de01c118e07a911f9921 +Subproject commit 9ae0980221266ec69497da88d5ff7741ccdb72f1 diff --git a/modules/lnauth b/modules/lnauth new file mode 160000 index 0000000..f8490ed --- /dev/null +++ b/modules/lnauth @@ -0,0 +1 @@ +Subproject commit f8490ed97ebad329c565fd7a1d22055fb9528c33