It may seem that this commit is rather big, but it's not. Don't be afraid, just read the message. Recently we have understood that it was a bad idea to store rights for pages in a database. So I decided to move the information to PHP layer and make it more clear.

When you write a new controller in Admin/ Dean/ Student/ folder, you should explicitly extend one of Controller_Environment_* classes, and all specific checks will be done there. Additional advantage is manipulating $user variable, so you will have access to extended fields of user, ie User_Student contains StudentID, but User_Teacher does not.

Also, prefer -> operator to []. The reason is simple: IDE shows hints and mismatches only with the first one.

The second important statement is User::checkAccess(User::RIGHTS_*) — call it at the top of *every* function in the Handler/ classes. Exception will be thrown, if user doesn't have enough rights.

NB. If you want to overload "before()" function while extending Environment_* controller, do it in the right way:

    public function before() {
        parent::before();   // always first

        // any magic you like most
    }