-
RomanSteinberg authoreda8c15988
Forked from
it-lab / grade
Source project has a limited visibility.
Handler.php 2.46 KiB
<?php defined('SYSPATH') or die('No direct script access.');
class Controller_Handler extends Controller {
protected $user, $post, $model;
private $access;
const ACCESS_ADMIN = 0;
const ACCESS_TEACHER = 1;
const ACCESS_STUDENT = 2;
const ACCESS_USER = 3;
const ACCESS_GUEST = 4;
const ACCESS_ANYBODY = 5;
public function before()
{
// Если у нас запрос идет не из AJAX
if(!$this->request->is_ajax())
{
// Перенаправляем на ошибку доступа
throw HTTP_Exception::factory (403);
}
// Обработка POST-данных
$this->post = Validation::factory(Arr::map('trim', $_POST));
// Если авторизован, получаем данные аккаунта
if(Account::instance()->isSignedIn())
{
$this->user = Account::instance()->getInfoAsArray();
}
// Если запрос не прошел на проверку доступа
if(!$this->checkAccessLevel())
{
// Перенаправляем на ошибку доступа
throw HTTP_Exception::factory (403, $this->user['Type']);
}
}
protected function setAccessLevel($level)
{
$level = (int) $level;
if($level < self::ACCESS_ADMIN AND $level > self::ACCESS_ANYBODY)
return;
else
$this->access = (int) $level;
}
protected function checkAccessLevel()
{
switch($this->access)
{
case self::ACCESS_ADMIN:
return Account::instance()->isSignedIn() AND $this->user['Type'] == 'admin';
break;
case self::ACCESS_TEACHER:
return Account::instance()->isSignedIn() AND $this->user['Type'] == 'teacher';
break;
case self::ACCESS_STUDENT:
return Account::instance()->isSignedIn() AND $this->user['Type'] == 'student';
break;
case self::ACCESS_USER:
return Account::instance()->isSignedIn();
break;
case self::ACCESS_GUEST:
return !Account::instance()->isSignedIn(); break;
case self::ACCESS_ANYBODY:
return TRUE;
break;
}
}
}