From f8490ed97ebad329c565fd7a1d22055fb9528c33 Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 29 Sep 2014 15:15:49 +1000 Subject: [PATCH] Initial Commit --- classes/Auth/ORM.php | 4 + classes/Controller/Account.php | 4 + classes/Controller/Admin/Module.php | 4 + classes/Controller/Admin/Module/Method.php | 4 + classes/Controller/Module.php | 4 + classes/Controller/TemplateDefault.php | 4 + classes/Controller/User/Account.php | 4 + classes/DB.php | 4 + classes/Menu.php | 4 + classes/Model/Account.php | 4 + classes/Model/Account/Group.php | 4 + classes/Model/Account/Log.php | 4 + classes/Model/Auth/UserDefault.php | 4 + classes/Model/Group.php | 4 + classes/Model/Group/Method.php | 4 + classes/Model/Module.php | 4 + classes/Model/Module/Method.php | 4 + classes/Model/Module/Method/Token.php | 4 + classes/Model/Record/ID.php | 4 + classes/ORM.php | 4 + classes/lnAuth/Auth/ORM.php | 226 ++++++++++++++++++ classes/lnAuth/Controller/Account.php | 14 ++ classes/lnAuth/Controller/Admin/Module.php | 187 +++++++++++++++ .../lnAuth/Controller/Admin/Module/Method.php | 109 +++++++++ classes/lnAuth/Controller/Module.php | 14 ++ classes/lnAuth/Controller/TemplateDefault.php | 70 ++++++ classes/lnAuth/Controller/User/Account.php | 105 ++++++++ classes/lnAuth/DB.php | 35 +++ classes/lnAuth/Menu.php | 81 +++++++ classes/lnAuth/Model/Account.php | 164 +++++++++++++ classes/lnAuth/Model/Account/Group.php | 14 ++ classes/lnAuth/Model/Account/Log.php | 27 +++ classes/lnAuth/Model/Auth/UserDefault.php | 40 ++++ classes/lnAuth/Model/Group.php | 72 ++++++ classes/lnAuth/Model/Group/Method.php | 25 ++ classes/lnAuth/Model/Module.php | 55 +++++ classes/lnAuth/Model/Module/Method.php | 91 +++++++ classes/lnAuth/Model/Module/Method/Token.php | 112 +++++++++ classes/lnAuth/Model/Record/ID.php | 41 ++++ classes/lnAuth/ORM.php | 140 +++++++++++ config/auth.php | 17 ++ config/config.php | 8 + views/account/user/edit.php | 61 +++++ views/account/user/resetpassword.php | 14 ++ views/login/activate.php | 30 +++ views/login/activate_resend.php | 19 ++ views/login/reset.php | 31 +++ views/login/reset_sent.php | 29 +++ 48 files changed, 1911 insertions(+) create mode 100644 classes/Auth/ORM.php create mode 100644 classes/Controller/Account.php create mode 100644 classes/Controller/Admin/Module.php create mode 100644 classes/Controller/Admin/Module/Method.php create mode 100644 classes/Controller/Module.php create mode 100644 classes/Controller/TemplateDefault.php create mode 100644 classes/Controller/User/Account.php create mode 100644 classes/DB.php create mode 100644 classes/Menu.php create mode 100644 classes/Model/Account.php create mode 100644 classes/Model/Account/Group.php create mode 100644 classes/Model/Account/Log.php create mode 100644 classes/Model/Auth/UserDefault.php create mode 100644 classes/Model/Group.php create mode 100644 classes/Model/Group/Method.php create mode 100644 classes/Model/Module.php create mode 100644 classes/Model/Module/Method.php create mode 100644 classes/Model/Module/Method/Token.php create mode 100644 classes/Model/Record/ID.php create mode 100644 classes/ORM.php create mode 100644 classes/lnAuth/Auth/ORM.php create mode 100644 classes/lnAuth/Controller/Account.php create mode 100644 classes/lnAuth/Controller/Admin/Module.php create mode 100644 classes/lnAuth/Controller/Admin/Module/Method.php create mode 100644 classes/lnAuth/Controller/Module.php create mode 100644 classes/lnAuth/Controller/TemplateDefault.php create mode 100644 classes/lnAuth/Controller/User/Account.php create mode 100644 classes/lnAuth/DB.php create mode 100644 classes/lnAuth/Menu.php create mode 100644 classes/lnAuth/Model/Account.php create mode 100644 classes/lnAuth/Model/Account/Group.php create mode 100644 classes/lnAuth/Model/Account/Log.php create mode 100644 classes/lnAuth/Model/Auth/UserDefault.php create mode 100644 classes/lnAuth/Model/Group.php create mode 100644 classes/lnAuth/Model/Group/Method.php create mode 100644 classes/lnAuth/Model/Module.php create mode 100644 classes/lnAuth/Model/Module/Method.php create mode 100644 classes/lnAuth/Model/Module/Method/Token.php create mode 100644 classes/lnAuth/Model/Record/ID.php create mode 100644 classes/lnAuth/ORM.php create mode 100644 config/auth.php create mode 100644 config/config.php create mode 100644 views/account/user/edit.php create mode 100644 views/account/user/resetpassword.php create mode 100644 views/login/activate.php create mode 100644 views/login/activate_resend.php create mode 100644 views/login/reset.php create mode 100644 views/login/reset_sent.php diff --git a/classes/Auth/ORM.php b/classes/Auth/ORM.php new file mode 100644 index 0000000..654b6d2 --- /dev/null +++ b/classes/Auth/ORM.php @@ -0,0 +1,4 @@ + diff --git a/classes/Controller/Account.php b/classes/Controller/Account.php new file mode 100644 index 0000000..0ce5671 --- /dev/null +++ b/classes/Controller/Account.php @@ -0,0 +1,4 @@ + diff --git a/classes/Controller/Admin/Module.php b/classes/Controller/Admin/Module.php new file mode 100644 index 0000000..463cdf9 --- /dev/null +++ b/classes/Controller/Admin/Module.php @@ -0,0 +1,4 @@ + diff --git a/classes/Controller/Admin/Module/Method.php b/classes/Controller/Admin/Module/Method.php new file mode 100644 index 0000000..2ef78e1 --- /dev/null +++ b/classes/Controller/Admin/Module/Method.php @@ -0,0 +1,4 @@ + diff --git a/classes/Controller/Module.php b/classes/Controller/Module.php new file mode 100644 index 0000000..beb9c13 --- /dev/null +++ b/classes/Controller/Module.php @@ -0,0 +1,4 @@ + diff --git a/classes/Controller/TemplateDefault.php b/classes/Controller/TemplateDefault.php new file mode 100644 index 0000000..0d17bf3 --- /dev/null +++ b/classes/Controller/TemplateDefault.php @@ -0,0 +1,4 @@ + diff --git a/classes/Controller/User/Account.php b/classes/Controller/User/Account.php new file mode 100644 index 0000000..cedc14f --- /dev/null +++ b/classes/Controller/User/Account.php @@ -0,0 +1,4 @@ + diff --git a/classes/DB.php b/classes/DB.php new file mode 100644 index 0000000..16c0156 --- /dev/null +++ b/classes/DB.php @@ -0,0 +1,4 @@ + diff --git a/classes/Menu.php b/classes/Menu.php new file mode 100644 index 0000000..2000d9a --- /dev/null +++ b/classes/Menu.php @@ -0,0 +1,4 @@ + diff --git a/classes/Model/Account.php b/classes/Model/Account.php new file mode 100644 index 0000000..98eacc6 --- /dev/null +++ b/classes/Model/Account.php @@ -0,0 +1,4 @@ + diff --git a/classes/Model/Account/Group.php b/classes/Model/Account/Group.php new file mode 100644 index 0000000..adef9be --- /dev/null +++ b/classes/Model/Account/Group.php @@ -0,0 +1,4 @@ + diff --git a/classes/Model/Account/Log.php b/classes/Model/Account/Log.php new file mode 100644 index 0000000..dbbf47d --- /dev/null +++ b/classes/Model/Account/Log.php @@ -0,0 +1,4 @@ + diff --git a/classes/Model/Auth/UserDefault.php b/classes/Model/Auth/UserDefault.php new file mode 100644 index 0000000..e59d05f --- /dev/null +++ b/classes/Model/Auth/UserDefault.php @@ -0,0 +1,4 @@ + diff --git a/classes/Model/Group.php b/classes/Model/Group.php new file mode 100644 index 0000000..7c28249 --- /dev/null +++ b/classes/Model/Group.php @@ -0,0 +1,4 @@ + diff --git a/classes/Model/Group/Method.php b/classes/Model/Group/Method.php new file mode 100644 index 0000000..d5ec3b1 --- /dev/null +++ b/classes/Model/Group/Method.php @@ -0,0 +1,4 @@ + diff --git a/classes/Model/Module.php b/classes/Model/Module.php new file mode 100644 index 0000000..469a77f --- /dev/null +++ b/classes/Model/Module.php @@ -0,0 +1,4 @@ + diff --git a/classes/Model/Module/Method.php b/classes/Model/Module/Method.php new file mode 100644 index 0000000..b9e5a37 --- /dev/null +++ b/classes/Model/Module/Method.php @@ -0,0 +1,4 @@ + diff --git a/classes/Model/Module/Method/Token.php b/classes/Model/Module/Method/Token.php new file mode 100644 index 0000000..21eb00a --- /dev/null +++ b/classes/Model/Module/Method/Token.php @@ -0,0 +1,4 @@ + diff --git a/classes/Model/Record/ID.php b/classes/Model/Record/ID.php new file mode 100644 index 0000000..418242a --- /dev/null +++ b/classes/Model/Record/ID.php @@ -0,0 +1,4 @@ + diff --git a/classes/ORM.php b/classes/ORM.php new file mode 100644 index 0000000..6fedda8 --- /dev/null +++ b/classes/ORM.php @@ -0,0 +1,4 @@ + diff --git a/classes/lnAuth/Auth/ORM.php b/classes/lnAuth/Auth/ORM.php new file mode 100644 index 0000000..50abdbe --- /dev/null +++ b/classes/lnAuth/Auth/ORM.php @@ -0,0 +1,226 @@ +_config = $config; + + if (PHP_SAPI !== 'cli') + parent::__construct($config); + } + + /** + * Get the user that a token applies to + * + * This will check that the token is valid (not expired and for the request) + * + * @param $token The token + * @return Model_Account|NULL The user that the token is valid for. + */ + private function _get_token_user($token) { + // This has been implemented, as we sometimes we seem to come here twice + static $uo = NULL; + + if (! is_null($uo)) + return $uo; + + $mmto = ORM::factory('Module_Method_Token',array('token'=>$token)); + + // Ignore the token if it doesnt exist. + if ($mmto->loaded()) { + // Check that the token is for this URI + $mo = ORM::factory('Module',array('name'=>Request::current()->controller())); + $mmo = $mo->module_method + ->where('name','=',strtolower(Request::current()->directory() ? sprintf('%s:%s',Request::current()->directory(),Request::current()->action()) : Request::current()->action())) + ->find(); + + // Ignore the token if this is not the right method. + if ($mmo->id == $mmto->method_id) { + if (! is_null($mmto->date_expire) AND $mmto->date_expire < time()) { + SystemMessage::factory() + ->title(_('Token Not Valid')) + ->type('warning') + ->body(_('Token expired')); + + Session::instance()->delete('token'); + $mmto->delete(); + + } elseif (! is_null($mmto->uses) AND $mmto->uses < 1) { + SystemMessage::factory() + ->title(_('Token Not Valid')) + ->type('warning') + ->body(_('Token expired')); + + Session::instance()->delete('token'); + $mmto->delete(); + + } else { + // If this is a usage count token, reduce the count. + if (! is_null($mmto->uses)) + $mmto->uses -= 1; + + // Record the date this token was used + $mmto->date_last = time(); + $mmto->save(); + + Session::instance()->set('token',$token); + + $uo = ORM::factory($this->_model,$mmto->account_id); + $uo->log(sprintf('Token %s used for method %s [%s]',$mmto->token,$mmto->module_method->id,Request::current()->param('id'))); + } + } + } + + return $uo; + } + + /** + * Logs a user in. + * + * @param string username + * @param string password + * @param boolean enable autologin + * @return boolean + */ + protected function _login($user,$password,$remember) { + if (! is_object($user)) { + $username = $user; + + // Load the user + $user = ORM::factory($this->_model); + $user->where('email','=',$username)->find(); + + // If no user loaded, return + if (! $user->loaded()) + return FALSE; + } + + // Create a hashed password + if (is_string($password)) + $password = $this->hash($password); + + // If we have the right password, we'll check the status of the account + if ($user->password === $password AND $user->active) { + // Record our session ID, we may need to update our DB when we get a new ID + $oldsess = session_id(); + + // Finish the login + $this->complete_login($user); + + // Do we need to update databases with our new sesion ID + $sct = Kohana::$config->load('config')->session_change_trigger; + if (session_id() != $oldsess AND count($sct)) + foreach ($sct as $t => $c) + if (Config::module_exist($t)) + foreach (ORM::factory(ucwords($t))->where($c,'=',$oldsess)->find_all() as $o) + $o->set('session_id',session_id()) + ->update(); + + if (! $user->has_any('group',ORM::factory('Group',array('name'=>'Registered Users'))->list_childgrps(TRUE))) + HTTP::redirect(URL::link('user','account/activate')); + + return TRUE; + } + + // Login failed + return FALSE; + } + + /** + * Determine if a user is authorised to view an account + * + * @param Model_Account Account Ojbect to validate if the current user has access + * @return boolean TRUE if authorised, FALSE if not. + */ + public function authorised(Model_Account $ao) { + return (($uo = $this->get_user()) AND $uo->loaded() AND ($uo == $ao OR in_array($ao->id,$uo->RTM->customers($uo->RTM)))); + } + + /** + * Gets the currently logged in user from the session. + * Returns NULL if no user is currently logged in. + * + * @param boolean Check token users too + * @return mixed + */ + public function get_user($default=NULL,$tokenuser=TRUE) { + // If we are a CLI, we are not logged in + if (PHP_SAPI === 'cli') + throw new Kohana_Exception('Calling :method from the CLI is not allowed!',array(':method'=>__METHOD__)); + + // Get the current user + $uo = parent::get_user($default); + + // If we are not logged in, see if there is token for the user + if (is_null($uo) AND $tokenuser AND ($token=Session::instance()->get('token')) OR (! empty($_REQUEST['token']) AND $token=$_REQUEST['token'])) + $uo = $this->_get_token_user($token); + + return $uo; + } + + public function get_groups() { + return is_null($x=$this->get_user()) ? ORM::factory('Group')->where('id','=',0)->find_all() : $x->groups(); + } + + // Override Kohana Auth requirement to have a hash_key + public function hash($str) { + switch ($this->_config['hash_method']) { + case '' : return $str; + case 'md5': return md5($str); + default: return hash_hmac($this->_config['hash_method'], $str, $this->_config['hash_key']); + } + } + + /** + * OSB authentication is controlled via database queries. + * + * This method can be used to test two situations: + * 1) Is the user logged in? ($role == FALSE) + * 2) Can the user run the current controller->action ($role == TRUE) + * + * @param boolean If authentication should be done for this module:method (ie: controller:action). + * @return boolean + */ + public function logged_in($role=NULL,$debug=NULL) { + $status = FALSE; + + // If we are a CLI, we are not logged in + if (PHP_SAPI === 'cli') + return $status; + + // Get the user from the session + $uo = $this->get_user(); + + // If we are not a valid user object, then we are not logged in + if (is_object($uo) AND ($uo instanceof Model_Account) AND $uo->loaded()) + if (! empty($role)) { + if (($x = Request::current()->mmo()) instanceof Model) + // If the role has the authorisation to run the method + foreach ($x->group->find_all() as $go) + if ($go->id == 0 OR $uo->has_any('group',$go->list_childgrps(TRUE))) { + $status = TRUE; + break; + } + + // There is no role, so the method should be allowed to run as anonymous + } else + $status = TRUE; + + return $status; + } +} +?> diff --git a/classes/lnAuth/Controller/Account.php b/classes/lnAuth/Controller/Account.php new file mode 100644 index 0000000..d2cb71f --- /dev/null +++ b/classes/lnAuth/Controller/Account.php @@ -0,0 +1,14 @@ + diff --git a/classes/lnAuth/Controller/Admin/Module.php b/classes/lnAuth/Controller/Admin/Module.php new file mode 100644 index 0000000..57c7cba --- /dev/null +++ b/classes/lnAuth/Controller/Admin/Module.php @@ -0,0 +1,187 @@ +TRUE, + 'edit'=>TRUE, + 'list'=>TRUE, + ); + + protected function _classes($dir,$class,$array=NULL,$key='') { + $result = array(); + + if (is_null($array)) { + $key = 'classes/Controller'; + $array = Arr::get(Kohana::list_files('classes'),$key); + } + + if (! $class) + return array_keys($array); + + if (! $dir) { + if (! empty($array[$key.'/'.$class])) + $result = Arr::merge($result,$this->_classes('','',$array[$key.'/'.$class],$key.'/'.$class)); + + if (! empty($array[$key.'/'.$class.'.php'])) + array_push($result,$key.'/'.$class); + + } else { + if (! empty($array[$key.'/'.$dir])) + $result = Arr::merge($result,$this->_classes('',$class,$array[$key.'/'.$dir],$key.'/'.$dir)); + + if (! empty($array[$key.'/'.$dir.'/'.$class.'.php'])) + array_push($result,$key.'/'.$dir.'/'.$class); + } + + foreach ($result as $k=>$v) + $result[$k] = str_replace('.php','',str_replace('/','_',preg_replace('/^classes\//','',$v))); + + return $result; + } + + /** + * Get the list of methods for a class + */ + protected function _methods($class) { + $class = Kohana::classname($class); + // Get a list of methods this module has + $methods = $secure_actions = $auth_required = array(); + + // List of classes where all our methods are, including this one. + $classes = URL::$method_directory; + array_unshift($classes,''); + + foreach ($classes as $c) { + $x = URL::dir($c); + $cp = $this->_classes($x,$class); + + foreach ($cp as $cn) + if (class_exists($cn)) { + $sc = preg_replace(sprintf('/^Controller_%s%s_?/',$x ? $x.'_' : '',$class),'',$cn); + $r = new ReflectionClass($cn); + + $rdp = $r->getDefaultProperties(); + $secure_actions[$cn] = $rdp['secure_actions']; + $auth_required[$cn] = $rdp['auth_required']; + + foreach ($r->getMethods() as $method) + if ($method->class == $cn AND preg_match('/^action_/',$method->name)) + array_push($methods,str_replace('action_',strtolower($x.($sc ? '_'.$sc : '').':'),$method->name)); + } + } + + return array('methods'=>$methods,'secure_actions'=>$secure_actions,'auth_required'=>$auth_required); + } + + /** + * Edit a Module Configuration + */ + public function action_edit() { + $id = $this->request->param('id'); + $mo = ORM::factory('Module',$id); + + $methods = array(); + + if (! $mo->loaded()) { + SystemMessage::factory() + ->title(_('Invalid Module ID')) + ->type('error') + ->body(sprintf(_('Module with ID %s doesnt appear to exist?'),$id)); + + HTTP::redirect(URL::link('admin','module/list')); + } + + $mm = $this->_methods($mo->name); + $methods['exist'] = array(); + foreach ($mo->module_method->find_all() as $mmo) { + if (in_array($mmo->name,$mm['methods'])) { + $k = array_search($mmo->name,$mm['methods']); + unset($mm['methods'][$k]); + + $mmo->status('INDB'); + } else + $mmo->status('ORPHAN'); + + if (! empty($mm['secure_actions'][$mmo->controller()][$mmo->method()])) + unset($mm['secure_actions'][$mmo->controller()][$mmo->method()]); + + array_push($methods['exist'],$mmo); + } + + $methods['missing'] = array(); + foreach ($mm['methods'] as $k=>$method) { + $mmo = ORM::factory('Module_Method'); + $mmo->module_id = $mo->id; + $mmo->name = $method; + + if (! empty($mm['auth_required'][$mmo->controller()]) AND $mm['auth_required'][$mmo->controller()]) + $mmo->status('MISSING'); + + array_push($methods['missing'],$mmo); + } + + Block::factory() + ->title(sprintf('%s: %s ',_('Defined Module Methods For'),$mo->display('name'))) + ->title_icon('icon-cog') + ->body(Table::factory() + ->data($methods['exist']) + ->columns(array( + 'id'=>'ID', + 'name'=>'Name', + 'notes'=>'Notes', + 'menu_display'=>'Menu', + 'status()'=>'Status', + )) + ->prepend(array( + 'id'=>array('url'=>URL::link('admin','module_method/edit/')), + )) + ); + + Block::factory() + ->title(sprintf('%s: %s ',_('Missing Module Methods For'),$mo->display('name'))) + ->title_icon('icon-exclamation-sign') + ->body(Table::factory() + ->data($methods['missing']) + ->columns(array( + 'name'=>'Name', + 'status()'=>'Status', + )) + ->prepend(array( + 'name'=>array('url'=>URL::link('admin','module_method/add/'.$mo->id.'/')), + )) + ); + } + + /** + * List our installed modules + */ + public function action_list() { + Block::factory() + ->title('Defined Modules') + ->title_icon('icon-cog') + ->body(Table::factory() + ->data(ORM::factory('Module')->where('parent_id','is',NULL)->find_all()) + ->jssort(TRUE) + ->columns(array( + 'id'=>'ID', + 'name'=>'Name', + 'notes'=>'Notes', + 'status'=>'Active', + 'external'=>'External', + )) + ->prepend(array( + 'id'=>array('url'=>URL::link('admin','module/edit/')), + )) + ); + } +} +?> diff --git a/classes/lnAuth/Controller/Admin/Module/Method.php b/classes/lnAuth/Controller/Admin/Module/Method.php new file mode 100644 index 0000000..f98640e --- /dev/null +++ b/classes/lnAuth/Controller/Admin/Module/Method.php @@ -0,0 +1,109 @@ +request->param('id'); + $method = $this->request->param('sid'); + + $mo = ORM::factory('Module',$id); + $mm = $this->_methods($mo->name); + + if (! $mo->loaded() OR ! in_array($method,$mm['methods'])) + HTTP::redirect(URL::link('admin','module/list')); + + if ($_POST) { + $mmo = $mo->module_method; + $mmo->name = $method; + $mmo->module_id = $mo->id; + $mmo->values($_POST); + + if (! $this->save($mmo)) + throw HTTP_Exception::factory(501,'Unable to save data :post',array(':post'=>serialize($_POST))); + + HTTP::redirect(URL::link('admin','module/edit/'.$mo->id)); + } + + Block::factory() + ->title(sprintf(_('Add Method (%s) to Database for (%s)'),strtoupper($method),strtoupper($mo->name))) + ->title_icon('icon-plus-sign') + ->type('form-horizontal') + ->body(View::factory('module/method/admin/add') + ->set('name',$method) + ->set('o',$mo) + ); + } + + /** + * Edit a Module Configuration + */ + public function action_edit() { + $id = $this->request->param('id'); + $mmo = ORM::factory('Module_Method',$id); + + if (! $mmo->loaded()) { + SystemMessage::factory() + ->title(_('Invalid Method ID')) + ->type('error') + ->body(sprintf(_('Method with ID %s doesnt appear to exist?'),$id)); + + HTTP::redirect(URL::link('admin','module/list')); + } + + if ($_POST) { + $mmo->values($_POST); + + if (! $this->save($mmo)) + throw HTTP_Exception::factory(501,'Unable to save data :post',array(':post'=>serialize($_POST))); + + foreach (ORM::factory('Group')->find_all() as $go) { + // If the group was defined and no longer + if ($mmo->has('group',$go) AND (! isset($_POST['groups']) OR ! in_array($go->id,$_POST['groups']))) { + $gmo = ORM::factory('Group_Method',array('method_id'=>$mmo->id,'group_id'=>$go->id)); + + if (! $gmo->delete()) + SystemMessage::factory() + ->title(_('Unable to DELETE Group Method')) + ->type('error') + ->body(sprintf(_('Unable to delete Group Method for method %s and group %s'),$mmo->name,$go->name)); + + // If the group was not defined and now is + } elseif (! $mmo->has('group',$go) AND isset($_POST['groups']) AND in_array($go->id,$_POST['groups'])) { + $gmo = ORM::factory('Group_Method') + ->values(array( + 'method_id'=>$mmo->id, + 'group_id'=>$go->id, + )); + + if (! $this->save($gmo)) + SystemMessage::factory() + ->title(_('Unable to SAVE Group Method')) + ->type('error') + ->body(sprintf(_('Unable to save Group Method for method %s and group %s'),$mmo->name,$go->name)); + } + } + + HTTP::redirect(URL::link('admin','module/edit/'.$mmo->module_id)); + } + + Block::factory() + ->title(sprintf(_('Configure access to method (%s::%s)'),$mmo->controller(),$mmo->method())) + ->title_icon('icon-plus-sign') + ->type('form') + ->body(View::factory('module/method/admin/edit') + ->set('o',$mmo) + ); + } +} +?> diff --git a/classes/lnAuth/Controller/Module.php b/classes/lnAuth/Controller/Module.php new file mode 100644 index 0000000..138e2f2 --- /dev/null +++ b/classes/lnAuth/Controller/Module.php @@ -0,0 +1,14 @@ + diff --git a/classes/lnAuth/Controller/TemplateDefault.php b/classes/lnAuth/Controller/TemplateDefault.php new file mode 100644 index 0000000..ce9cb36 --- /dev/null +++ b/classes/lnAuth/Controller/TemplateDefault.php @@ -0,0 +1,70 @@ +load('config')->method_security) + return FALSE; + + if (Kohana::$config->load('debug')->method_security) { + echo Debug::vars(array( + 'm'=>__METHOD__, + 'POST'=>$this->request->post(), + 'auth_required'=>serialize($this->auth_required), + 'secure_actions'=>$this->secure_actions, + 'this_action'=>$this->request->action(), + 'line 1 test'=>serialize(($this->auth_required !== FALSE && Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__) === FALSE)), + 'line 2 test'=>serialize($x=is_array($this->secure_actions) && array_key_exists($this->request->action(),$this->secure_actions)), + 'line 3 test'=>$x ? Auth::instance()->logged_in($this->secure_actions[$this->request->action()],get_class($this).'|'.__METHOD__) : 'NOT EVAL', + )); + die(); + } + + return (($this->auth_required !== FALSE && Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__) === FALSE) || + (is_array($this->secure_actions) && array_key_exists($this->request->action(),$this->secure_actions) && + ! Auth::instance()->logged_in($this->secure_actions[$this->request->action()],get_class($this).'|'.__METHOD__))); + } + + public function before() { + if ($this->auth_required) { + if (! count($this->secure_actions) OR (! isset($this->secure_actions[Request::current()->action()]))) + throw HTTP_Exception::factory(403,'Class has no security defined :class, or no security configured for :method',array(':class'=>get_class($this),':method'=>Request::current()->action())); + + $this->ao = Auth::instance()->get_user(); + + if (! is_null($this->ao) AND (is_string($this->ao))) + throw HTTP_Exception::factory(501,'Account doesnt exist :account ?',array(':account'=>(is_string($this->ao) OR is_null($this->ao)) ? $this->ao : Auth::instance()->get_user()->id)); + } + + return parent::before(); + } + + protected function setup(array $config_items=array()) { + $mo = ORM::factory('Module',array('name'=>Request::current()->controller())); + if (! $mo->loaded()) + throw HTTP_Exception::factory(501,'Unknown module :module',array(':module'=>Request::current()->controller())); + + if ($_POST AND isset($_POST['module_config'][$mo->id])) + Config::instance()->module_config($mo->name,$_POST['module_config'][$mo->id])->save(); + + if ($config_items) { + Block::factory() + ->title('Update Module Configuration') + ->title_icon('icon-wrench') + ->type('form-horizontal') + ->body(View::factory('setup/admin/module')->set('o',Company::instance()->so())->set('mid',$mo->id)); + } + } +} +?> diff --git a/classes/lnAuth/Controller/User/Account.php b/classes/lnAuth/Controller/User/Account.php new file mode 100644 index 0000000..fd13fa8 --- /dev/null +++ b/classes/lnAuth/Controller/User/Account.php @@ -0,0 +1,105 @@ +TRUE, + 'resetpassword'=>TRUE, + ); + + /** + * Enable User to Edit their Account Details + */ + public function action_edit() { + if ($_POST AND $this->ao->values($_POST)->changed() AND (! $this->save($this->ao))) + $this->ao->reload(); + + Block::factory() + ->title(sprintf('Account: %s',$this->ao->accnum())) + ->title_icon('fa-wrench') + ->type('form-horizontal') + ->body(View::factory('account/user/edit')->set('o',$this->ao)); + } + + public function action_resetpassword() { + if ($this->request->post()) { + $validation = Validation::factory($this->request->post()) + ->rule('password','not_empty') + ->rule('password','min_length',array(':value',6)) + ->rule('password_confirm','matches',array(':validation',':field','password')); + + // Store our new values + $this->ao->values($this->request->post()); + + if (! $validation->check()) + SystemMessage::factory() + ->title(_('Record NOT updated')) + ->type('error') + ->body(_('Your password didnt pass validation.')); + + // Run validation and save + elseif ($this->ao->changed()) + if ($this->ao->save()) { + SystemMessage::factory() + ->title('Record updated') + ->type('success') + ->body(_('Your account record has been updated.')); + + // Log the password reset + $this->ao->log('Password reset'); + + HTTP::redirect('login'); + } + } + +// Make this a default JS load + if (Kohana::$environment >= Kohana::TESTING OR Request::current()->secure()) + Script::factory() + ->type('src') + ->data('media/js/jquery/jquery.validate-1.11.1.min.js'); + else + Script::factory() + ->type('src') + ->data('http://ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/jquery.validate.min.js'); + + Script::factory() + ->type('stdin') + ->data(' +$("#reset").validate({ + wrapper: "div", + errorElement: "span", + + rules: { + password_confirm: { + equalTo: "input[name=password]", + }, + }, + highlight: function(element) { + $(element).parents(".control-group").removeClass("success").addClass("error"); + }, + success: function(element) { + $(element).parents(".control-group").removeClass("error").addClass("success"); + }, + errorPlacement: function(error, element) { + error.appendTo(element.parents(".controls")); + } +}); + '); + + Block::factory() + ->title(sprintf('Password Reset: %s',$this->ao->accnum())) + ->title_icon('fa-cog') + ->id('reset') + ->type('form-horizontal') + ->body(View::factory('account/user/resetpassword')->set('o',$this->ao)); + } +} +?> diff --git a/classes/lnAuth/DB.php b/classes/lnAuth/DB.php new file mode 100644 index 0000000..c953d18 --- /dev/null +++ b/classes/lnAuth/DB.php @@ -0,0 +1,35 @@ +where($table.'.site_id','=',Company::instance()->site()); + else + return $db; + } + + // Add the site_id to the update query + final public static function update($table = NULL) + { + $db = new Database_Query_Builder_Update($table); + + if (! in_array($table,ORM::$no_site_id_tables)) + return $db->where($table.'.site_id','=',Company::instance()->site()); + else + return $db; + } +} +?> diff --git a/classes/lnAuth/Menu.php b/classes/lnAuth/Menu.php new file mode 100644 index 0000000..fcac33a --- /dev/null +++ b/classes/lnAuth/Menu.php @@ -0,0 +1,81 @@ +module->name])) { + if (! is_array($result[$mmo->module->name])) + $result[$mmo->module->name] = array($result[$mmo->module->name]); + + array_push($result[$mmo->module->name],$mmo); + + continue; + + } else { + $result[$mmo->module->name] = $mmo; + } + } + + return $result; + } + + public static function items($type) { + $result = array(); + + if (empty(URL::$method_directory[$type])) + return NULL; + + $ao = Auth::instance()->get_user(); + if (! $ao->loaded()) + return FALSE; + + foreach ($ao->methods() as $mmo) + if ($mmo->menu_display AND $type == $mmo->directory()) + if (empty($result[$mmo->id])) + $result[$mmo->id] = $mmo; + + if ($type == 'user') + $result[0] = 'logout'; + + return self::collapse($result); + } + + public static function ul($type,array $result,array $append=NULL,$sub=FALSE,$method=NULL) { + $output = $sub ? '