init

classes/ACL.php

@@ -0,0 +1,3 @@
+<?php defined( 'SYSPATH' ) or die( 'No direct access allowed.' );
+
+class ACL extends KodiCMS_ACL {}

classes/Auth.php

@@ -0,0 +1,3 @@
+<?php defined('SYSPATH') OR die('No direct access allowed.');
+
+abstract class Auth extends KodiCMS_Auth { }

classes/Auth/Fake.php

@@ -0,0 +1,3 @@
+<?php defined('SYSPATH') OR die('No direct access allowed.');
+
+class Auth_Fake extends KodiCMS_Auth_Fake { }

classes/Behavior/Profile.php

@@ -0,0 +1,40 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+class Behavior_Profile extends Behavior_Abstract
+{
+	/**
+	 * 
+	 * @return array
+	 */
+	public function routes()
+	{
+		return array(
+			'/<user_id>' => array(
+				'regex' => array(
+					'user_id' => '[0-9]+'
+				),
+				'method' => 'execute'
+			),
+			'/<username>' => array(
+				'regex' => array(
+					'username' => '[a-zA-Z\_]+'
+				),
+				'method' => 'execute'
+			)
+		);
+	}
+
+	public function execute()
+	{
+		$slug = $this->router()->param('username');
+
+		$inner_page = Model_Page_Front::findBySlug($slug, $this->page());
+
+		// Если не найдена внутрення страница по SLUG
+		if ($inner_page)
+		{
+			$this->_page = $inner_page;
+			return;
+		}
+	}
+}

classes/Controller/API/User/Meta.php

@@ -0,0 +1,3 @@
+<?php defined( 'SYSPATH' ) or die( 'No direct script access.' );
+
+class Controller_API_User_Meta extends KodiCMS_Controller_API_User_Meta {}

classes/Controller/API/User/Roles.php

@@ -0,0 +1,3 @@
+<?php defined( 'SYSPATH' ) or die( 'No direct script access.' );
+
+class Controller_API_User_Roles extends KodiCMS_Controller_API_User_Roles {}

classes/Controller/API/Users.php

@@ -0,0 +1,3 @@
+<?php defined( 'SYSPATH' ) or die( 'No direct script access.' );
+
+class Controller_API_Users extends KodiCMS_Controller_API_Users {}

classes/Controller/Roles.php

@@ -0,0 +1,3 @@
+<?php defined( 'SYSPATH' ) or die( 'No direct access allowed.' );
+
+class Controller_Roles extends KodiCMS_Controller_Roles {}

classes/Controller/Users.php

@@ -0,0 +1,3 @@
+<?php defined( 'SYSPATH' ) or die( 'No direct access allowed.' );
+
+class Controller_Users extends KodiCMS_Controller_Users {}

classes/KodiCMS/ACL.php

@@ -0,0 +1,172 @@
+<?php defined( 'SYSPATH' ) or die( 'No direct access allowed.' );
+
+/**
+ * @package		KodiCMS/Users
+ * @author		butschster <[email protected]>
+ * @link		http://kodicms.ru
+ * @copyright	(c) 2012-2014 butschster
+ * @license		http://www.gnu.org/licenses/old-licenses/lgpl-2.1.txt
+ */
+class KodiCMS_ACL {
+
+	const DENY = FALSE;
+	const ALLOW = TRUE;
+
+	const ADMIN_USER = 1;
+	const ADMIN_ROLE = 'administrator';
+
+	/**
+	 * Список прав
+	 * @var array 
+	 */
+	protected static $_permissions = array();
+
+	/**
+	 * Получение спсика доступных прав из конфига
+	 * 
+	 * @return array
+	 */
+	public static function get_permissions()
+	{
+		$permissions = array();
+
+		foreach (Kohana::$config->load('permissions')->as_array() as $module => $actions)
+		{
+			if (isset($actions['title']))
+			{
+				$title = $actions['title'];
+			}
+			else
+			{
+				$title = $module;
+			}
+
+			foreach ($actions as $action)
+			{
+				if (is_array($action))
+				{
+					$permissions[$title][$module . '.' . $action['action']] = $action['description'];
+				}
+			}
+		}
+
+		return $permissions;
+	}
+
+	/**
+	 * 
+	 * @param Model_User $user
+	 * @return boolean
+	 */
+	public static function is_admin($user = NULL)
+	{
+		if ($user === NULL)
+		{
+			$user = Auth::get_record();
+		}
+
+		if ($user instanceof Model_User)
+		{
+			$user_id = $user->id;
+			$roles = $user->roles();
+		}
+		else
+		{
+			$user_id = (int) $user;
+			$roles = array('login');
+		}
+
+		if ($user_id == self::ADMIN_USER OR in_array(self::ADMIN_ROLE, $roles))
+		{
+			return TRUE;
+		}
+
+		return FALSE;
+	}
+
+	/**
+	 * Проверка прав на доступ
+	 * 
+	 * @param string|Request $action
+	 * @param Model_User $user
+	 * @return boolean
+	 */
+	public static function check($action, Model_User $user = NULL)
+	{
+		if ($user === NULL)
+		{
+			$user = Auth::get_record();
+		}
+
+		if (!( $user instanceof Model_User ))
+		{
+			return self::DENY;
+		}
+
+		if (empty($action))
+		{
+			return self::ALLOW;
+		}
+
+		if (self::is_admin($user))
+		{
+			return self::ALLOW;
+		}
+
+		if ($action instanceof Request)
+		{
+			$params = array();
+			$directory = $action->directory();
+			if (!empty($directory) AND $directory != ADMIN_DIR_NAME)
+			{
+				$params[] = $action->directory();
+			}
+
+			$params[] = $action->controller();
+			$params[] = $action->action();
+			$action = $params;
+		}
+
+		if (is_array($action))
+		{
+			$action = strtolower(implode('.', $action));
+		}
+
+		if (!isset(self::$_permissions[$user->id]))
+		{
+			self::_set_permissions($user);
+		}
+
+		return isset(self::$_permissions[$user->id][$action]);
+	}
+
+	/**
+	 * Проверка прав доступа по массиву 
+	 * 
+	 * @param array $actions
+	 * @param Model_User $user
+	 * @return boolean
+	 */
+	public static function check_array(array $actions, Model_User $user = NULL)
+	{
+		foreach ($actions as $action)
+		{
+			if (self::check($action, $user))
+			{
+				return TRUE;
+			}
+		}
+
+		return FALSE;
+	}
+
+	/**
+	 * Загрузка прав доступа для пользователя
+	 * 
+	 * @param Model_User $user
+	 */
+	protected static function _set_permissions(Model_User $user)
+	{
+		self::$_permissions[$user->id] = array_flip($user->permissions());
+	}
+}