deon
/
lnauth
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial Commit

This commit is contained in:
Deon George 2014-09-29 15:15:49 +10:00
commit f8490ed97e
48 changed files with 1911 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
classes/Auth/ORM.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Auth_ORM extends lnAuth_Auth_ORM {}
?>

4
classes/Controller/Account.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Controller_Account extends lnAuth_Controller_Account {}
?>

4
classes/Controller/Admin/Module.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Controller_Admin_Module extends lnAuth_Controller_Admin_Module {}
?>

4
classes/Controller/Admin/Module/Method.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Controller_Admin_Module_Method extends lnAuth_Controller_Admin_Module_Method {}
?>

4
classes/Controller/Module.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Controller_Module extends lnAuth_Controller_Module {}
?>

4
classes/Controller/TemplateDefault.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Controller_TemplateDefault extends lnAuth_Controller_TemplateDefault {}
?>

4
classes/Controller/User/Account.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Controller_User_Account extends lnAuth_Controller_User_Account {}
?>

4
classes/DB.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class DB extends lnAuth_DB {}
?>

4
classes/Menu.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Menu extends lnAuth_Menu {}
?>

4
classes/Model/Account.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Model_Account extends lnAuth_Model_Account {}
?>

4
classes/Model/Account/Group.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Model_Account_Group extends lnAuth_Model_Account_Group {}
?>

4
classes/Model/Account/Log.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Model_Account_Log extends lnAuth_Model_Account_Log {}
?>

4
classes/Model/Auth/UserDefault.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
abstract class Model_Auth_UserDefault extends lnAuth_Model_Auth_UserDefault {}
?>

4
classes/Model/Group.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Model_Group extends lnAuth_Model_Group {}
?>

4
classes/Model/Group/Method.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Model_Group_Method extends lnAuth_Model_Group_Method {}
?>

4
classes/Model/Module.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Model_Module extends lnAuth_Model_Module {}
?>

4
classes/Model/Module/Method.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Model_Module_Method extends lnAuth_Model_Module_Method {}
?>

4
classes/Model/Module/Method/Token.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Model_Method_Token extends lnAuth_Model_Method_Token {}
?>

4
classes/Model/Record/ID.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Model_Record_ID extends lnAuth_Model_Record_ID {}
?>

4
classes/ORM.php Normal file
View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
abstract class ORM extends lnAuth_ORM {}
?>

226
classes/lnAuth/Auth/ORM.php Normal file
View File

@ -0,0 +1,226 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* Auth driver.
*
* @package lnAuth
* @category Classes
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
class lnAuth_Auth_ORM extends Kohana_Auth_ORM {
/**
* We need to override Kohana's __construct(), for tasks, which attempt to open a session
* and probably dont have access to PHP sessions path.
* Tasks dont need sessions anyway?
*/
public function __construct($config = array()) {
// Save the config in the object
$this->_config = $config;
if (PHP_SAPI !== 'cli')
parent::__construct($config);
}
/**
* Get the user that a token applies to
*
* This will check that the token is valid (not expired and for the request)
*
* @param $token The token
* @return Model_Account|NULL The user that the token is valid for.
*/
private function _get_token_user($token) {
// This has been implemented, as we sometimes we seem to come here twice
static $uo = NULL;
if (! is_null($uo))
return $uo;
$mmto = ORM::factory('Module_Method_Token',array('token'=>$token));
// Ignore the token if it doesnt exist.
if ($mmto->loaded()) {
// Check that the token is for this URI
$mo = ORM::factory('Module',array('name'=>Request::current()->controller()));
$mmo = $mo->module_method
->where('name','=',strtolower(Request::current()->directory() ? sprintf('%s:%s',Request::current()->directory(),Request::current()->action()) : Request::current()->action()))
->find();
// Ignore the token if this is not the right method.
if ($mmo->id == $mmto->method_id) {
if (! is_null($mmto->date_expire) AND $mmto->date_expire < time()) {
SystemMessage::factory()
->title(_('Token Not Valid'))
->type('warning')
->body(_('Token expired'));
Session::instance()->delete('token');
$mmto->delete();
} elseif (! is_null($mmto->uses) AND $mmto->uses < 1) {
SystemMessage::factory()
->title(_('Token Not Valid'))
->type('warning')
->body(_('Token expired'));
Session::instance()->delete('token');
$mmto->delete();
} else {
// If this is a usage count token, reduce the count.
if (! is_null($mmto->uses))
$mmto->uses -= 1;
// Record the date this token was used
$mmto->date_last = time();
$mmto->save();
Session::instance()->set('token',$token);
$uo = ORM::factory($this->_model,$mmto->account_id);
$uo->log(sprintf('Token %s used for method %s [%s]',$mmto->token,$mmto->module_method->id,Request::current()->param('id')));
}
}
}
return $uo;
}
/**
* Logs a user in.
*
* @param string username
* @param string password
* @param boolean enable autologin
* @return boolean
*/
protected function _login($user,$password,$remember) {
if (! is_object($user)) {
$username = $user;
// Load the user
$user = ORM::factory($this->_model);
$user->where('email','=',$username)->find();
// If no user loaded, return
if (! $user->loaded())
return FALSE;
}
// Create a hashed password
if (is_string($password))
$password = $this->hash($password);
// If we have the right password, we'll check the status of the account
if ($user->password === $password AND $user->active) {
// Record our session ID, we may need to update our DB when we get a new ID
$oldsess = session_id();
// Finish the login
$this->complete_login($user);
// Do we need to update databases with our new sesion ID
$sct = Kohana::$config->load('config')->session_change_trigger;
if (session_id() != $oldsess AND count($sct))
foreach ($sct as $t => $c)
if (Config::module_exist($t))
foreach (ORM::factory(ucwords($t))->where($c,'=',$oldsess)->find_all() as $o)
$o->set('session_id',session_id())
->update();
if (! $user->has_any('group',ORM::factory('Group',array('name'=>'Registered Users'))->list_childgrps(TRUE)))
HTTP::redirect(URL::link('user','account/activate'));
return TRUE;
}
// Login failed
return FALSE;
}
/**
* Determine if a user is authorised to view an account
*
* @param Model_Account Account Ojbect to validate if the current user has access
* @return boolean TRUE if authorised, FALSE if not.
*/
public function authorised(Model_Account $ao) {
return (($uo = $this->get_user()) AND $uo->loaded() AND ($uo == $ao OR in_array($ao->id,$uo->RTM->customers($uo->RTM))));
}
/**
* Gets the currently logged in user from the session.
* Returns NULL if no user is currently logged in.
*
* @param boolean Check token users too
* @return mixed
*/
public function get_user($default=NULL,$tokenuser=TRUE) {
// If we are a CLI, we are not logged in
if (PHP_SAPI === 'cli')
throw new Kohana_Exception('Calling :method from the CLI is not allowed!',array(':method'=>__METHOD__));
// Get the current user
$uo = parent::get_user($default);
// If we are not logged in, see if there is token for the user
if (is_null($uo) AND $tokenuser AND ($token=Session::instance()->get('token')) OR (! empty($_REQUEST['token']) AND $token=$_REQUEST['token']))
$uo = $this->_get_token_user($token);
return $uo;
}
public function get_groups() {
return is_null($x=$this->get_user()) ? ORM::factory('Group')->where('id','=',0)->find_all() : $x->groups();
}
// Override Kohana Auth requirement to have a hash_key
public function hash($str) {
switch ($this->_config['hash_method']) {
case '' : return $str;
case 'md5': return md5($str);
default: return hash_hmac($this->_config['hash_method'], $str, $this->_config['hash_key']);
}
}
/**
* OSB authentication is controlled via database queries.
*
* This method can be used to test two situations:
* 1) Is the user logged in? ($role == FALSE)
* 2) Can the user run the current controller->action ($role == TRUE)
*
* @param boolean If authentication should be done for this module:method (ie: controller:action).
* @return boolean
*/
public function logged_in($role=NULL,$debug=NULL) {
$status = FALSE;
// If we are a CLI, we are not logged in
if (PHP_SAPI === 'cli')
return $status;
// Get the user from the session
$uo = $this->get_user();
// If we are not a valid user object, then we are not logged in
if (is_object($uo) AND ($uo instanceof Model_Account) AND $uo->loaded())
if (! empty($role)) {
if (($x = Request::current()->mmo()) instanceof Model)
// If the role has the authorisation to run the method
foreach ($x->group->find_all() as $go)
if ($go->id == 0 OR $uo->has_any('group',$go->list_childgrps(TRUE))) {
$status = TRUE;
break;
}
// There is no role, so the method should be allowed to run as anonymous
} else
$status = TRUE;
return $status;
}
}
?>

14
classes/lnAuth/Controller/Account.php Normal file
View File

@ -0,0 +1,14 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class provides account management
*
* @package lnAuth
* @category Controllers
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Controller_Account extends Controller_TemplateDefault {
}
?>

187
classes/lnAuth/Controller/Admin/Module.php Normal file
View File

@ -0,0 +1,187 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class provides MODULE management
*
* @package lnAuth
* @category Controllers/Admin
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Controller_Admin_Module extends Controller_Module {
protected $secure_actions = array(
'add'=>TRUE,
'edit'=>TRUE,
'list'=>TRUE,
);
protected function _classes($dir,$class,$array=NULL,$key='') {
$result = array();
if (is_null($array)) {
$key = 'classes/Controller';
$array = Arr::get(Kohana::list_files('classes'),$key);
}
if (! $class)
return array_keys($array);
if (! $dir) {
if (! empty($array[$key.'/'.$class]))
$result = Arr::merge($result,$this->_classes('','',$array[$key.'/'.$class],$key.'/'.$class));
if (! empty($array[$key.'/'.$class.'.php']))
array_push($result,$key.'/'.$class);
} else {
if (! empty($array[$key.'/'.$dir]))
$result = Arr::merge($result,$this->_classes('',$class,$array[$key.'/'.$dir],$key.'/'.$dir));
if (! empty($array[$key.'/'.$dir.'/'.$class.'.php']))
array_push($result,$key.'/'.$dir.'/'.$class);
}
foreach ($result as $k=>$v)
$result[$k] = str_replace('.php','',str_replace('/','_',preg_replace('/^classes\//','',$v)));
return $result;
}
/**
* Get the list of methods for a class
*/
protected function _methods($class) {
$class = Kohana::classname($class);
// Get a list of methods this module has
$methods = $secure_actions = $auth_required = array();
// List of classes where all our methods are, including this one.
$classes = URL::$method_directory;
array_unshift($classes,'');
foreach ($classes as $c) {
$x = URL::dir($c);
$cp = $this->_classes($x,$class);
foreach ($cp as $cn)
if (class_exists($cn)) {
$sc = preg_replace(sprintf('/^Controller_%s%s_?/',$x ? $x.'_' : '',$class),'',$cn);
$r = new ReflectionClass($cn);
$rdp = $r->getDefaultProperties();
$secure_actions[$cn] = $rdp['secure_actions'];
$auth_required[$cn] = $rdp['auth_required'];
foreach ($r->getMethods() as $method)
if ($method->class == $cn AND preg_match('/^action_/',$method->name))
array_push($methods,str_replace('action_',strtolower($x.($sc ? '_'.$sc : '').':'),$method->name));
}
}
return array('methods'=>$methods,'secure_actions'=>$secure_actions,'auth_required'=>$auth_required);
}
/**
* Edit a Module Configuration
*/
public function action_edit() {
$id = $this->request->param('id');
$mo = ORM::factory('Module',$id);
$methods = array();
if (! $mo->loaded()) {
SystemMessage::factory()
->title(_('Invalid Module ID'))
->type('error')
->body(sprintf(_('Module with ID %s doesnt appear to exist?'),$id));
HTTP::redirect(URL::link('admin','module/list'));
}
$mm = $this->_methods($mo->name);
$methods['exist'] = array();
foreach ($mo->module_method->find_all() as $mmo) {
if (in_array($mmo->name,$mm['methods'])) {
$k = array_search($mmo->name,$mm['methods']);
unset($mm['methods'][$k]);
$mmo->status('INDB');
} else
$mmo->status('ORPHAN');
if (! empty($mm['secure_actions'][$mmo->controller()][$mmo->method()]))
unset($mm['secure_actions'][$mmo->controller()][$mmo->method()]);
array_push($methods['exist'],$mmo);
}
$methods['missing'] = array();
foreach ($mm['methods'] as $k=>$method) {
$mmo = ORM::factory('Module_Method');
$mmo->module_id = $mo->id;
$mmo->name = $method;
if (! empty($mm['auth_required'][$mmo->controller()]) AND $mm['auth_required'][$mmo->controller()])
$mmo->status('MISSING');
array_push($methods['missing'],$mmo);
}
Block::factory()
->title(sprintf('%s: %s ',_('Defined Module Methods For'),$mo->display('name')))
->title_icon('icon-cog')
->body(Table::factory()
->data($methods['exist'])
->columns(array(
'id'=>'ID',
'name'=>'Name',
'notes'=>'Notes',
'menu_display'=>'Menu',
'status()'=>'Status',
))
->prepend(array(
'id'=>array('url'=>URL::link('admin','module_method/edit/')),
))
);
Block::factory()
->title(sprintf('%s: %s ',_('Missing Module Methods For'),$mo->display('name')))
->title_icon('icon-exclamation-sign')
->body(Table::factory()
->data($methods['missing'])
->columns(array(
'name'=>'Name',
'status()'=>'Status',
))
->prepend(array(
'name'=>array('url'=>URL::link('admin','module_method/add/'.$mo->id.'/')),
))
);
}
/**
* List our installed modules
*/
public function action_list() {
Block::factory()
->title('Defined Modules')
->title_icon('icon-cog')
->body(Table::factory()
->data(ORM::factory('Module')->where('parent_id','is',NULL)->find_all())
->jssort(TRUE)
->columns(array(
'id'=>'ID',
'name'=>'Name',
'notes'=>'Notes',
'status'=>'Active',
'external'=>'External',
))
->prepend(array(
'id'=>array('url'=>URL::link('admin','module/edit/')),
))
);
}
}
?>

109
classes/lnAuth/Controller/Admin/Module/Method.php Normal file
View File

@ -0,0 +1,109 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class provides MODULE management
*
* @package lnAuth
* @category Controllers/Admin
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Controller_Admin_Module_Method extends Controller_Admin_Module {
/**
* Add a method to the database
*/
public function action_add() {
$id = $this->request->param('id');
$method = $this->request->param('sid');
$mo = ORM::factory('Module',$id);
$mm = $this->_methods($mo->name);
if (! $mo->loaded() OR ! in_array($method,$mm['methods']))
HTTP::redirect(URL::link('admin','module/list'));
if ($_POST) {
$mmo = $mo->module_method;
$mmo->name = $method;
$mmo->module_id = $mo->id;
$mmo->values($_POST);
if (! $this->save($mmo))
throw HTTP_Exception::factory(501,'Unable to save data :post',array(':post'=>serialize($_POST)));
HTTP::redirect(URL::link('admin','module/edit/'.$mo->id));
}
Block::factory()
->title(sprintf(_('Add Method (%s) to Database for (%s)'),strtoupper($method),strtoupper($mo->name)))
->title_icon('icon-plus-sign')
->type('form-horizontal')
->body(View::factory('module/method/admin/add')
->set('name',$method)
->set('o',$mo)
);
}
/**
* Edit a Module Configuration
*/
public function action_edit() {
$id = $this->request->param('id');
$mmo = ORM::factory('Module_Method',$id);
if (! $mmo->loaded()) {
SystemMessage::factory()
->title(_('Invalid Method ID'))
->type('error')
->body(sprintf(_('Method with ID %s doesnt appear to exist?'),$id));
HTTP::redirect(URL::link('admin','module/list'));
}
if ($_POST) {
$mmo->values($_POST);
if (! $this->save($mmo))
throw HTTP_Exception::factory(501,'Unable to save data :post',array(':post'=>serialize($_POST)));
foreach (ORM::factory('Group')->find_all() as $go) {
// If the group was defined and no longer
if ($mmo->has('group',$go) AND (! isset($_POST['groups']) OR ! in_array($go->id,$_POST['groups']))) {
$gmo = ORM::factory('Group_Method',array('method_id'=>$mmo->id,'group_id'=>$go->id));
if (! $gmo->delete())
SystemMessage::factory()
->title(_('Unable to DELETE Group Method'))
->type('error')
->body(sprintf(_('Unable to delete Group Method for method %s and group %s'),$mmo->name,$go->name));
// If the group was not defined and now is
} elseif (! $mmo->has('group',$go) AND isset($_POST['groups']) AND in_array($go->id,$_POST['groups'])) {
$gmo = ORM::factory('Group_Method')
->values(array(
'method_id'=>$mmo->id,
'group_id'=>$go->id,
));
if (! $this->save($gmo))
SystemMessage::factory()
->title(_('Unable to SAVE Group Method'))
->type('error')
->body(sprintf(_('Unable to save Group Method for method %s and group %s'),$mmo->name,$go->name));
}
}
HTTP::redirect(URL::link('admin','module/edit/'.$mmo->module_id));
}
Block::factory()
->title(sprintf(_('Configure access to method (%s::%s)'),$mmo->controller(),$mmo->method()))
->title_icon('icon-plus-sign')
->type('form')
->body(View::factory('module/method/admin/edit')
->set('o',$mmo)
);
}
}
?>

14
classes/lnAuth/Controller/Module.php Normal file
View File

@ -0,0 +1,14 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class provides MODULE management
*
* @package lnAuth
* @category Controllers
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Controller_Module extends Controller_TemplateDefault {
}
?>

70
classes/lnAuth/Controller/TemplateDefault.php Normal file
View File

@ -0,0 +1,70 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class provides the default template controller for rendering pages.
*
* @package lnAuth
* @category Controllers
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Controller_TemplateDefault extends lnApp_Controller_TemplateDefault {
protected $auth_required = TRUE;
protected function _auth_required() {
// If our global configurable is disabled, then continue
if (! Kohana::$config->load('config')->method_security)
return FALSE;
if (Kohana::$config->load('debug')->method_security) {
echo Debug::vars(array(
'm'=>__METHOD__,
'POST'=>$this->request->post(),
'auth_required'=>serialize($this->auth_required),
'secure_actions'=>$this->secure_actions,
'this_action'=>$this->request->action(),
'line 1 test'=>serialize(($this->auth_required !== FALSE && Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__) === FALSE)),
'line 2 test'=>serialize($x=is_array($this->secure_actions) && array_key_exists($this->request->action(),$this->secure_actions)),
'line 3 test'=>$x ? Auth::instance()->logged_in($this->secure_actions[$this->request->action()],get_class($this).'|'.__METHOD__) : 'NOT EVAL',
));
die();
}
return (($this->auth_required !== FALSE && Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__) === FALSE) ||
(is_array($this->secure_actions) && array_key_exists($this->request->action(),$this->secure_actions) &&
! Auth::instance()->logged_in($this->secure_actions[$this->request->action()],get_class($this).'|'.__METHOD__)));
}
public function before() {
if ($this->auth_required) {
if (! count($this->secure_actions) OR (! isset($this->secure_actions[Request::current()->action()])))
throw HTTP_Exception::factory(403,'Class has no security defined :class, or no security configured for :method',array(':class'=>get_class($this),':method'=>Request::current()->action()));
$this->ao = Auth::instance()->get_user();
if (! is_null($this->ao) AND (is_string($this->ao)))
throw HTTP_Exception::factory(501,'Account doesnt exist :account ?',array(':account'=>(is_string($this->ao) OR is_null($this->ao)) ? $this->ao : Auth::instance()->get_user()->id));
}
return parent::before();
}
protected function setup(array $config_items=array()) {
$mo = ORM::factory('Module',array('name'=>Request::current()->controller()));
if (! $mo->loaded())
throw HTTP_Exception::factory(501,'Unknown module :module',array(':module'=>Request::current()->controller()));
if ($_POST AND isset($_POST['module_config'][$mo->id]))
Config::instance()->module_config($mo->name,$_POST['module_config'][$mo->id])->save();
if ($config_items) {
Block::factory()
->title('Update Module Configuration')
->title_icon('icon-wrench')
->type('form-horizontal')
->body(View::factory('setup/admin/module')->set('o',Company::instance()->so())->set('mid',$mo->id));
}
}
}
?>

105
classes/lnAuth/Controller/User/Account.php Normal file
View File

@ -0,0 +1,105 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class provides User Account Update functions
*
* @package lnAuth
* @category Controllers/User
* @author Deon George
* @copyright (c) 2009-2013 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Controller_User_Account extends Controller_Account {
protected $secure_actions = array(
'edit'=>TRUE,
'resetpassword'=>TRUE,
);
/**
* Enable User to Edit their Account Details
*/
public function action_edit() {
if ($_POST AND $this->ao->values($_POST)->changed() AND (! $this->save($this->ao)))
$this->ao->reload();
Block::factory()
->title(sprintf('Account: %s',$this->ao->accnum()))
->title_icon('fa-wrench')
->type('form-horizontal')
->body(View::factory('account/user/edit')->set('o',$this->ao));
}
public function action_resetpassword() {
if ($this->request->post()) {
$validation = Validation::factory($this->request->post())
->rule('password','not_empty')
->rule('password','min_length',array(':value',6))
->rule('password_confirm','matches',array(':validation',':field','password'));
// Store our new values
$this->ao->values($this->request->post());
if (! $validation->check())
SystemMessage::factory()
->title(_('Record NOT updated'))
->type('error')
->body(_('Your password didnt pass validation.'));
// Run validation and save
elseif ($this->ao->changed())
if ($this->ao->save()) {
SystemMessage::factory()
->title('Record updated')
->type('success')
->body(_('Your account record has been updated.'));
// Log the password reset
$this->ao->log('Password reset');
HTTP::redirect('login');
}
}
// Make this a default JS load
if (Kohana::$environment >= Kohana::TESTING OR Request::current()->secure())
Script::factory()
->type('src')
->data('media/js/jquery/jquery.validate-1.11.1.min.js');
else
Script::factory()
->type('src')
->data('http://ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/jquery.validate.min.js');
Script::factory()
->type('stdin')
->data('
$("#reset").validate({
wrapper: "div",
errorElement: "span",
rules: {
password_confirm: {
equalTo: "input[name=password]",
},
},
highlight: function(element) {
$(element).parents(".control-group").removeClass("success").addClass("error");
},
success: function(element) {
$(element).parents(".control-group").removeClass("error").addClass("success");
},
errorPlacement: function(error, element) {
error.appendTo(element.parents(".controls"));
}
});
');
Block::factory()
->title(sprintf('Password Reset: %s',$this->ao->accnum()))
->title_icon('fa-cog')
->id('reset')
->type('form-horizontal')
->body(View::factory('account/user/resetpassword')->set('o',$this->ao));
}
}
?>

35
classes/lnAuth/DB.php Normal file
View File

@ -0,0 +1,35 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class overrides Kohana's DB
*
* @package lnAuth
* @category Modifications
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_DB extends Kohana_DB {
// Add the site_id to the delete query
public static function delete($table = NULL)
{
$db = new Database_Query_Builder_Delete($table);
if (! in_array($table,ORM::$no_site_id_tables))
return $db->where($table.'.site_id','=',Company::instance()->site());
else
return $db;
}
// Add the site_id to the update query
final public static function update($table = NULL)
{
$db = new Database_Query_Builder_Update($table);
if (! in_array($table,ORM::$no_site_id_tables))
return $db->where($table.'.site_id','=',Company::instance()->site());
else
return $db;
}
}
?>

81
classes/lnAuth/Menu.php Normal file
View File

@ -0,0 +1,81 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class is used to create our Menu/Navbars
*
* @package lnAuth
* @category Helpers
* @author Deon George
* @copyright (c) 2009-2013 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Menu extends lnApp_Menu {
private static function collapse(array $array) {
$result = array();
foreach ($array as $mmo) {
if (! is_object($mmo)) {
$result[0] = $mmo;
continue;
}
if (isset($result[$mmo->module->name])) {
if (! is_array($result[$mmo->module->name]))
$result[$mmo->module->name] = array($result[$mmo->module->name]);
array_push($result[$mmo->module->name],$mmo);
continue;
} else {
$result[$mmo->module->name] = $mmo;
}
}
return $result;
}
public static function items($type) {
$result = array();
if (empty(URL::$method_directory[$type]))
return NULL;
$ao = Auth::instance()->get_user();
if (! $ao->loaded())
return FALSE;
foreach ($ao->methods() as $mmo)
if ($mmo->menu_display AND $type == $mmo->directory())
if (empty($result[$mmo->id]))
$result[$mmo->id] = $mmo;
if ($type == 'user')
$result[0] = 'logout';
return self::collapse($result);
}
public static function ul($type,array $result,array $append=NULL,$sub=FALSE,$method=NULL) {
$output = $sub ? '<ul class="dropdown-menu">' : '<ul class="dropdown-menu" role="menu" aria-labelledby="dLabel">';
foreach ($result as $k => $v)
if (is_array($v))
$output .= sprintf('<li class="dropdown-submenu">%s%s',HTML::anchor('#',$k,array('nocg'=>TRUE)),self::ul($type,$v,NULL,TRUE).'</li>');
else
$output .= '<li>'.HTML::anchor($v->url(),$v->menu_display,array('tabindex'=>-1,'nocg'=>TRUE)).'</li>';
if ($append) {
$output .= '<li class="divider"></li>';
foreach ($append as $k => $v)
$output .= sprintf('<li>%s</li>',HTML::anchor($k,$v,array('nocg'=>TRUE)));
}
$output .= '</ul>';
return $output;
}
}
?>

164
classes/lnAuth/Model/Account.php Normal file
View File

@ -0,0 +1,164 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This Model manages both the accounts that users use to login to the system, as well as the account where services are owned.
*
* @package lnAuth
* @category Models
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Model_Account extends Model_Auth_UserDefault {
// Relationships
protected $_has_many = array(
'user_tokens'=>array('model'=>'user_token'),
'email_log'=>array('far_key'=>'id'),
'group'=>array('through'=>'account_group'),
);
protected $_has_one = array(
'country'=>array('foreign_key'=>'id'),
'currency'=>array('foreign_key'=>'id'),
'language'=>array('foreign_key'=>'id'),
);
protected $_display_filters = array(
'date_orig'=>array(
array('Site::Date',array(':value')),
),
'date_last'=>array(
array('Site::Date',array(':value')),
),
'active'=>array(
array('StaticList_YesNo::get',array(':value',TRUE)),
),
);
protected $_form = array('id'=>'id','value'=>'name(TRUE)');
protected $_save_message = TRUE;
public function rules() {
return Arr::merge(parent::rules(),array(
'id'=>array(
array('ORM::get_next_id',array(':model',':field')),
),
'site_id'=>array(
array('ORM::set_site_id',array(':model',':field')),
),
));
}
/**
* Our account number format
*/
public function accnum() {
return sprintf('%s-%04s',Company::instance()->site(TRUE),$this->id);
}
public function activate_code() {
return md5(sprintf('%s-%s-%s-%s',$this->accnum(),$this->date_orig,$this->date_last,$this->email));
}
public function activated() {
return $this->has_any('group',ORM::factory('Group',array('name'=>'Registered Users'))->list_childgrps(TRUE));
}
/**
* Get the groups that an account belongs to
*/
public function groups() {
$result = array();
foreach ($this->group->where_active()->find_all() as $go)
foreach ($go->list_parentgrps(TRUE) as $cgo)
if (empty($result[$cgo->id]))
$result[$cgo->id] = $cgo;
return $result;
}
public function log($message) {
// Log a message for this account
$alo = ORM::factory('Account_Log');
$alo->account_id = $this->id;
$alo->ip = Request::$client_ip;
$alo->details = $message;
$alo->save();
return $alo->saved();
}
public function isAdmin() {
return FALSE;
}
/**
* This function will extract the available methods for this account
* This is used both for menu options and method security
*/
public function methods() {
static $result = array();
// @todo We may want to optimise this with some session caching.
if ($result)
return $result;
foreach ($this->groups() as $go)
foreach ($go->module_method->find_all() as $mmo)
if (empty($result[$mmo->id]))
$result[$mmo->id] = $mmo;
Sort::MAsort($result,'module->name,menu_display');
return $result;
}
/**
* Return an account name
*/
public function name() {
return trim(sprintf('%s %s',$this->first_name,$this->last_name));
}
/**
* Search for accounts matching a term
*/
public function list_autocomplete($term,$index,$value,array $label,array $limit=array(),array $options=NULL) {
$ao = Auth::instance()->get_user();
$this->clear();
$this->where_active();
// Build our where clause
// First Name, Last name
if (preg_match('/\ /',$term)) {
list($fn,$ln) = explode(' ',$term,2);
$this->where_open()
->where('first_name','like','%'.$fn.'%')
->and_where('last_name','like','%'.$ln.'%')
->where_close();
} elseif (is_numeric($term)) {
$this->where('id','like','%'.$term.'%');
} elseif (preg_match('/\@/',$term)) {
$this->where('email','like','%'.$term.'%');
} else {
$this->where_open()
->or_where('first_name','like','%'.$term.'%')
->or_where('last_name','like','%'.$term.'%')
->or_where('email','like','%'.$term.'%')
->where_close();
}
// Restrict results to authorised accounts
// @todo
return parent::list_autocomplete($term,$index,$value,$label,$limit,$options);
}
}
?>

14
classes/lnAuth/Model/Account/Group.php Normal file
View File

@ -0,0 +1,14 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class links Users and their Group Membership
*
* @package lnAuth
* @category Models
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Model_Account_Group extends ORM {
}
?>

27
classes/lnAuth/Model/Account/Log.php Normal file
View File

@ -0,0 +1,27 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class supports Account Login Logging
*
* @package lnAuth
* @category Models
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Model_Account_Log extends ORM {
protected $_belongs_to = array(
'account'=>array(),
);
protected $_sorting = array(
'id'=>'DESC',
);
protected $_display_filters = array(
'date_orig'=>array(
array('Site::Datetime',array(':value')),
),
);
}
?>

40
classes/lnAuth/Model/Auth/UserDefault.php Normal file
View File

@ -0,0 +1,40 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* Default ORM profile for Authentication Accounts
*
* @package lnAuth
* @category Models
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Model_Auth_UserDefault extends Model_Auth_User {
// Validation rules
public function rules() {
return array(
'email' => array(
array('not_empty'),
array('min_length', array(':value', 4)),
array('max_length', array(':value', 127)),
array('email'),
),
);
}
/**
* Complete our login
*
* For some database logins, we may not want to record the user last login
* details in the repository, so we just override that parent function
* here.
*
* We can also do some other post-login actions here.
*/
public function complete_login() {
return $this->log('Logged In');
}
abstract public function isAdmin();
}
?>

72
classes/lnAuth/Model/Group.php Normal file
View File

@ -0,0 +1,72 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* Manages our Application Groups
*
* @package lnAuth
* @category Models
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Model_Group extends Model_Auth_Role {
// Relationships
protected $_has_many = array(
'account'=>array('through'=>'account_group'),
'module_method'=>array('through'=>'group_method','far_key'=>'method_id'),
);
protected $_sorting = array(
'name'=>'ASC',
);
protected $_display_filters = array(
'active'=>array(
array('StaticList_YesNo::get',array(':value',TRUE)),
),
);
/**
* This function will, given a group, list all of the children that
* are also related to this group, in the group heirarchy.
*/
public function list_childgrps($incParent=FALSE) {
$result = array();
if (! $this->loaded())
return $result;
foreach (ORM::factory('Group')->where_active()->and_where('parent_id','=',$this)->find_all() as $go) {
array_push($result,$go);
$result = array_merge($result,$go->list_childgrps());
}
if ($incParent)
array_push($result,$this);
return $result;
}
/**
* This function will, given a group, list all of the parent that
* are also related to this group, in the group heirarchy.
*/
public function list_parentgrps($incParent=FALSE) {
$result = array();
if (! $this->loaded())
return $result;
foreach (ORM::factory('Group')->where_active()->and_where('id','=',$this->parent_id)->find_all() as $go) {
array_push($result,$go);
$result = array_merge($result,$go->list_parentgrps());
}
if ($incParent)
array_push($result,$this);
return $result;
}
}
?>

25
classes/lnAuth/Model/Group/Method.php Normal file
View File

@ -0,0 +1,25 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* Application Module Method Model
*
* @package lnAauth
* @category Models
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Model_Group_Method extends ORM {
// This module doesnt keep track of column updates automatically
protected $_created_column = FALSE;
protected $_updated_column = FALSE;
// Relationships
protected $_has_one = array(
'record_id'=>array(),
);
protected $_belongs_to = array(
'group'=>array(),
);
}
?>

55
classes/lnAuth/Model/Module.php Normal file
View File

@ -0,0 +1,55 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* Application Module Model
*
* This module must remain in applications/ as it is used very early in the
* MDB initialisation.
*
* @package lnAuth
* @category Models
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Model_Module extends ORM {
// Relationships
protected $_has_one = array(
'record_id'=>array('model'=>'Record_ID','far_key'=>'id'),
);
protected $_has_many = array(
'module_method'=>array('far_key'=>'id'),
);
protected $_sorting = array(
'name'=>'ASC',
);
protected $_display_filters = array(
'external'=>array(
array('StaticList_YesNo::get',array(':value',TRUE)),
),
'name'=>array(
array('strtoupper',array(':value')),
),
'active'=>array(
array('StaticList_YesNo::get',array(':value',TRUE)),
),
);
/**
* Return an instance of this Module's Model
*
* @param $id PK of Model
*/
public function instance($id=NULL) {
if (! $this->loaded())
throw new Kohana_Exception('Cant call an instance of a model when it is not loaded');
return ORM::factory(Kohana::classname($this->name),$id);
}
public function list_external() {
return $this->where_active()->where('external','=',TRUE)->find_all();
}
}
?>

91
classes/lnAuth/Model/Module/Method.php Normal file
View File

@ -0,0 +1,91 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* Application Module Method Model
*
* @package lnAuth
* @category Models
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Model_Module_Method extends ORM {
// This module doesnt keep track of column updates automatically
protected $_created_column = FALSE;
protected $_updated_column = FALSE;
// Relationships
protected $_belongs_to = array(
'module'=>array(),
);
protected $_has_one = array(
'record_id'=>array(),
);
protected $_has_many = array(
'group'=>array('through'=>'group_method','foreign_key'=>'method_id')
);
protected $_sorting = array(
'name'=>'ASC',
);
protected $_nullifempty = array(
'menu_display',
);
protected $status;
public function controller_sub() {
return substr_count($this->name,'_') ? substr($this->name,($x=strpos($this->name,'_')),strpos($this->name,':')-$x) : '';
}
public function controller() {
return Kohana::classname(sprintf('Controller%s_%s',($this->directory() ? '_' : '').$this->directory(),$this->module->name).$this->controller_sub());
}
public function directory() {
return substr($this->name,0,substr_count($this->name,'_') ? strpos($this->name,'_') : strpos($this->name,':'));
}
public function method() {
return substr($this->name,strpos($this->name,':')+1);
}
/**
* Get our Module_Method object for this request
*/
public function request_mmo(Request $ro) {
list($c,$x) = substr_count($ro->controller(),'_') ? explode('_',$ro->controller(),2) : array($ro->controller(),'');
$mo = ORM::factory('Module',array('name'=>$c));
if ($mo->loaded() AND $mo->active) {
$method = strtolower($ro->directory() ? sprintf('%s:%s',$ro->directory() ? $ro->directory().($x ? '_'.$x : '') : $ro->action(),$ro->action()) : $ro->action());
// Get the method number
$mmo = $mo->module_method
->where('name','=',$method)
->find();
if ($mmo->loaded())
return $mmo;
}
}
public function status($status=NULL) {
if ($status)
$this->status = $status;
return $this->status;
}
public function url() {
if (! preg_match('/:/',$this->name))
return NULL;
list($type,$action) = preg_split('/:/',$this->name,2);
return URL::link($this->directory(),$this->module->name.$this->controller_sub().'/'.$action);
}
}
?>

112
classes/lnAuth/Model/Module/Method/Token.php Normal file
View File

@ -0,0 +1,112 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* Account Login Tokens
*
* @package lnAuth
* @category Models
* @author Deon George
* @copyright (c) 2009-2013 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Model_Module_Method_Token extends ORM {
// This module doesnt keep track of column updates automatically
protected $_updated_column = FALSE;
// Relationships
protected $_belongs_to = array(
'account'=>array(),
'module_method'=>array('foreign_key'=>'method_id'),
);
protected $_has_one = array(
'record_id'=>array(),
);
public function account($account) {
if (! $account instanceof Model_Account) {
if (is_numeric($account))
$ao = ORM::factory('Account',$account);
else
throw HTTP_Exception::factory(501,'Unknown account :account',array(':account'=>serialize($account)));
} else
$ao = $account;
$this->account_id = $ao->id;
return $this;
}
public function expire($expire) {
$this->date_expire = $expire;
return $this;
}
// @todo Login Reset: When called within a timelimit (so existing token already exists), is returning true but password reset emails have blanks where the tokens are
public function generate() {
if (! $this->account_id OR ! $this->method_id OR ! ($this->date_expire OR $this->uses))
return NULL;
// Check we dont already have a valid token
$mmto = ORM::factory('Module_Method_Token')
->where('account_id','=',$this->account_id)
->where('method_id','=',$this->method_id)
->find();
if ($mmto->loaded()) {
// Check that the token is still good
if ((is_null($mmto->date_expire) OR $mmto->date_expire > time()) AND (is_null($mmto->uses) OR $mmto->uses > 0)) {
$this->token = $mmto->token;
return $this->token;
// Token expired
} else
$mmto->delete();
}
$this->token = md5(sprintf('%s:%s:%s',$this->account_id,$this->method_id,time()));
$this->save();
return $this->saved() ? $this->token : NULL;
}
public function method(array $modmeth) {
list($module,$method) = $modmeth;
if (! $method instanceof Model_Module_Method) {
if (is_numeric($module))
$mo = ORM::factory('Module',$module);
elseif (is_string($module))
$mo = ORM::factory('Module',array('name'=>$module));
elseif (! $module instanceof Model_Module)
throw HTTP_Exception::factory(501,'Unknown module :module',array(':module'=>serialize($module)));
else
$mo = $module;
if (! $mo->loaded())
throw HTTP_Exception::factory(501,'Unknown module :module - not loaded?',array(':module'=>$mo->id));
if (is_numeric($method))
$mmo = ORM::factory('Module_Method',$method);
elseif (is_string($method))
$mmo = ORM::factory('Module_Method',array('name'=>$method,'module_id'=>$mo->id));
else
throw HTTP_Exception::factory(501,'Unknown method :method',array(':method'=>serialize($method)));
} else
$mmo = $method;
if (! $mmo->loaded())
throw HTTP_Exception::factory(501,'Unknown method :method - not loaded?',array(':method'=>$method));
$this->method_id = $mmo->id;
return $this;
}
public function uses($uses) {
$this->uses = $uses;
return $this;
}
}
?>

41
classes/lnAuth/Model/Record/ID.php Normal file
View File

@ -0,0 +1,41 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* Manage the next record ID
*
* @package lnAuth
* @category Models
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_Model_Record_ID extends ORM {
protected $_primary_key = 'module_id';
// This module doesnt keep track of column updates automatically
protected $_created_column = FALSE;
protected $_updated_column = FALSE;
public function next_id($mid) {
if (is_null($this->id)) {
$this->module_id = $mid;
// We'll get the next ID as the MAX(id) of the table
$mo = ORM::factory('Module',$mid);
$max = DB::select(array('MAX(id)','id'))
->from($mo->name)
->where('site_id','=',Company::instance()->site());
$this->id = $max->execute()->get('id');
}
$this->id++;
if (! $this->save())
throw HTTP_Exception::factory(501,'Unable to increase ID for :table',array(':table'=>$mid));
return $this->id;
}
}
?>

140
classes/lnAuth/ORM.php Normal file
View File

@ -0,0 +1,140 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class extends Kohana's [ORM] class to create defaults for Method and Site aware table.
*
* @package lnAuth
* @category Helpers
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class lnAuth_ORM extends lnApp_ORM {
// Tables that do not have a site_id column
public static $no_site_id_tables = array('setup','country','currency','language');
// Rules to assist with site ID and getting next record ID for inserts.
public function rules() {
return array(
'id'=>array(
array('ORM::get_next_id',array(':model',':field')),
),
'site_id'=>array(
array('ORM::set_site_id',array(':model',':field')),
),
);
}
/**
* Add our OSB site_id to each SELECT query
* @see parent::__build()
*/
final protected function _build($type) {
// Exclude tables without site ID's
if (! in_array($this->_table_name,ORM::$no_site_id_tables))
$this->where($this->_object_name.'.site_id','=',Company::instance()->site());
return parent::_build($type);
}
/**
* Determine if the account is authoised by the user
*/
public function authorised(Model $o=NULL,Model_Account $ao=NULL,$aid='account_id') {
return FALSE;
if (is_null($o))
$o = $this;
if (is_null($ao))
$ao = Auth::instance()->get_user();
// @todo To implement
return in_array($o->{$aid},$ao->RTM->customers($ao->RTM));
}
/**
* Override KH's ORM count_relations() function, to include our site_id in the query.
*
* This is a copy of KH's ORM count_relations() function, with the addition of a where
* clause to include the site id.
*/
public function count_relations($alias, $far_keys = NULL) {
if ($far_keys === NULL)
return (int) DB::select(array(DB::expr('COUNT(*)'), 'records_found'))
->from($this->_has_many[$alias]['through'])
->where($this->_has_many[$alias]['foreign_key'], '=', $this->pk())
->where('site_id', '=', Company::instance()->site())
->execute($this->_db)->get('records_found');
$far_keys = ($far_keys instanceof ORM) ? $far_keys->pk() : $far_keys;
// We need an array to simplify the logic
$far_keys = (array) $far_keys;
// Nothing to check if the model isn't loaded or we don't have any far_keys
if ( ! $far_keys OR ! $this->_loaded)
return 0;
$count = (int) DB::select(array(DB::expr('COUNT(*)'), 'records_found'))
->from($this->_has_many[$alias]['through'])
->where($this->_has_many[$alias]['foreign_key'], '=', $this->pk())
->where($this->_has_many[$alias]['far_key'], 'IN', $far_keys)
->where('site_id', '=', Company::instance()->site())
->execute($this->_db)->get('records_found');
// Rows found need to match the rows searched
return (int) $count;
}
/**
* Get Next record id
*
* @param array Validate object
* @param string Primary Key
*/
final public static function get_next_id($model,$field) {
if (! is_null($model->$field))
return TRUE;
$model->_changed[$field] = $field;
$ido = ORM::factory('Module')
->where('name','=',$model->_table_name)
->find();
if (! $ido->loaded())
throw new Kohana_Exception('Problem getting record_id for :table',array(':table'=>$model->_table_name));
$model->$field = $ido->record_id->next_id($ido->id);
return TRUE;
}
final public function mid() {
return ORM::factory('Module',array('name'=>$this->_table_name));
}
/**
* Set the site ID attribute for each row update
*/
final public static function set_site_id($model,$field) {
if (! is_null($model->$field))
return TRUE;
$model->_changed[$field] = $field;
$model->$field = Company::instance()->site();
return TRUE;
}
public function where_authorised(Model_Account $ao=NULL,$aid='account_id') {
return $this;
if (is_null($ao))
$ao = Auth::instance()->get_user();
// @todo To implement.
return $this->where($aid,'IN',$ao->RTM->customers($ao->RTM));
}
}
?>

17
config/auth.php Normal file
View File

@ -0,0 +1,17 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* Configuration - Authentication
*
* @package lnAuth
* @category Configuration
* @author Deon George
* @copyright (c) 2014 Deon George
* @license http://dev.leenooks.net/license.html
*/
return array(
'driver' => 'ORM',
'hash_method' => 'md5',
);
?>

8
config/config.php Normal file
View File

@ -0,0 +1,8 @@
<?php defined('SYSPATH') OR die('No direct access allowed.');
return array
(
'method_security' => TRUE, // Enable User Based method security
'session_change_trigger'=>array( // Updates to tables to make when our session ID is changed
),
);

61
views/account/user/edit.php Normal file
View File

@ -0,0 +1,61 @@
<fieldset>
<legend>Account Details</legend>
<?php echo Form::input('date_last',$o->date_last ? $o->display('date_last') : Site::date(time()),array('label'=>'Last Updated','class'=>'col-md-2','disabled')); ?>
<?php echo Form::input('email',$o->display('email'),array('label'=>'Email','class'=>'col-md-3','placeholder'=>'Email Address','type'=>'email','required','data-error'=>'Invalid EMAIL address')); ?>
<div class="form-group">
<label class="col-md-2 control-label" for="Title">Name</label>
<div class="row">
<div class="col-md-1">
<?php echo Form::select('title',StaticList_Title::table(),$o->display('title'),array('class'=>'form-control','required','nocg'=>TRUE)); ?>
</div>
<div class="col-md-2">
<?php echo Form::input('first_name',$o->display('first_name'),array('class'=>'form-control col-md-2','placeholder'=>'First Name','required','nocg'=>TRUE)); ?>
</div>
<div class="col-md-3">
<?php echo Form::input('last_name',$o->display('last_name'),array('class'=>'form-control col-md-2','placeholder'=>'Last Name','required','nocg'=>TRUE)); ?>
</div>
</div>
</div>
<div class="form-group">
<label class="col-md-2 control-label" for="address1">Address</label>
<?php echo Form::input('address1',$o->display('address1'),array('class'=>'col-md-6','placeholder'=>'Address Line 1','required')); ?>
<label class="col-md-2 control-label" for="address2"></label>
<?php echo Form::input('address2',$o->display('address2'),array('class'=>'col-md-6','placeholder'=>'Address Line 2')); ?>
<label class="col-md-2 control-label" for="city"></label>
<div class="row">
<div class="col-md-3">
<?php echo Form::input('city',$o->display('city'),array('label'=>'City','placeholder'=>'City','required','nocg'=>TRUE)); ?>
</div>
<div class="col-md-1">
<?php echo Form::input('state',$o->display('state'),array('label'=>'','class'=>'input-mini','placeholder'=>'State','required','nocg'=>TRUE)); ?>
</div>
<div class="col-md-1">
<?php echo Form::input('zip',$o->display('zip'),array('label'=>'','class'=>'input-mini','placeholder'=>'Post Code','required','nocg'=>TRUE)); ?>
</div>
</div>
</div>
<div class="form-group">
<label class="col-md-2 control-label" for="address1">Country</label>
<div class="col-md-3">
<?php echo Form::select('country_id',ORM::factory('Country')->list_select(),$o->country_id,array('class'=>'form-control','required','nocg'=>TRUE)); ?>
</div>
</div>
<?php echo Form::hidden('language_id',Company::instance()->language()); ?>
</fieldset>
<div class="row">
<div class="col-md-offset-1">
<button type="submit" class="btn btn-primary">Save changes</button>
<button type="button" class="btn btn-default">Cancel</button>
</div>
</div>

14
views/account/user/resetpassword.php Normal file
View File

@ -0,0 +1,14 @@
<div class="span11">
<fieldset>
<legend>Reset Password</legend>
<?php echo Form::input('password','',array('label'=>'Password','type'=>'password','required','minlength'=>8)); ?>
<?php echo Form::input('password_confirm','',array('label'=>'Confirm','type'=>'password','required','minlength'=>8)); ?>
</fieldset>
<div class="row">
<div class="offset2">
<button type="submit" class="btn btn-primary">Update</button>
</div>
</div>
</div> <!-- /span -->

30
views/login/activate.php Normal file
View File

@ -0,0 +1,30 @@
<fieldset>
<legend>Activate Account</legend>
<div class="panel-body">
<p>You should have received an email with a pass code. Please enter that pass code here.</p>
<?php if (is_object($o) AND $o->loaded()) : ?>
<input type="hidden" name="email" value="<?php echo $o->email; ?>"/>
<?php else : ?>
<div class="input-group col-md-3">
<span class="input-group-addon"><i class="fa fa-envelope fa-fw"></i></span>
<input type="email" id="email" name="email" value="" placeholder="Email" class="form-control" required />
</div>
<?php endif ?>
<div class="input-group col-md-3">
<span class="input-group-addon"><i class="fa fa-bomb fa-fw"></i></span>
<input type="text" id="code" name="code" value="" placeholder="Activation Code" class="form-control" required />
</div>
<span class="help-block">Need to <?php echo HTML::anchor(URL::link('','login/activate_resend'),'resend'); ?> it?</span>
</div> <!-- /panel-body -->
</fieldset>
<div class="row">
<div class="col-md-offset-1">
<button type="submit" class="btn btn-primary">Activate</button>
<button type="button" class="btn btn-default">Cancel</button>
</div>
</div>

19
views/login/activate_resend.php Normal file
View File

@ -0,0 +1,19 @@
<fieldset>
<legend>Send Activation Code</legend>
<div class="panel-body">
<div class="form-group">
<div class="input-group col-md-3">
<span class="input-group-addon"><i class="fa fa-envelope fa-fw"></i></span>
<input type="email" id="email" name="email" value="" placeholder="Email" class="form-control" required />
</div>
</div> <!-- /form-group -->
</div> <!-- /panel-body -->
</fieldset>
<div class="row">
<div class="col-md-offset-1">
<button type="submit" class="btn btn-primary">Send</button>
<button type="button" class="btn btn-default">Cancel</button>
</div>
</div>

31
views/login/reset.php Normal file
View File

@ -0,0 +1,31 @@
<div class="center-block" style="width: 400px;">
<div class="content clearfix">
<form method="post" action="<?php echo URL::site('login/reset'); ?>">
<br/>
<div class="panel panel-default">
<div class="panel-heading">
<div class="panel-title">Reset Password</div>
</div>
<div class="panel-body">
<p>If you have forgotten your password, we can issue you a temporary access code via email that will allow you to change your password.</p>
<div class="form-group">
<p>To start this process, please enter your Username. If you dont know your Username, please contact us.</p>
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-user fa-fw"></i></span>
<input type="text" id="username" name="username" value="" placeholder="Username" class="form-control" required />
</div>
</div>
<div class="form-group">
<div class="btn-group">
<button class="btn btn-default btn-large">Reset</button>
</div> <!-- /btn-group -->
</div>
</div> <!-- /panel-body -->
</div> <!-- /panel -->
</form>
</div> <!-- /content -->
</div> <!-- /center-block -->

29
views/login/reset_sent.php Normal file
View File

@ -0,0 +1,29 @@
<div class="center-block" style="width: 400px;">
<div class="content clearfix">
<form method="post" action="<?php echo URL::site('login/reset'); ?>">
<br/>
<div class="panel panel-default">
<div class="panel-heading">
<div class="panel-title">Reset Password</div>
</div>
<div class="panel-body">
<div class="form-group">
<p>You should have received an email with a pass code. Please enter that pass code here.</p>
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-bomb fa-fw"></i></span>
<input type="text" id="token" name="token" value="" placeholder="Token" class="form-control" required />
</div>
</div>
<div class="form-group">
<div class="btn-group">
<button class="btn btn-default btn-large">Reset</button>
</div> <!-- /btn-group -->
</div>
</div> <!-- /panel-body -->
</div> <!-- /panel -->
</form>
</div> <!-- /content -->
</div> <!-- /center-block -->