From 444829f359e51d96807eea4800fc378f18522fe6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=90=D0=BD=D0=B4=D1=80=D0=B5=D0=B9=20=D0=A0=D1=83=D0=B4?=
=?UTF-8?q?=D0=B5=D0=BD=D0=B5=D1=86?= <andrey.rudenets@gmail.com>
Date: Tue, 5 Aug 2014 00:02:52 +0400
Subject: [PATCH] =?UTF-8?q?=D0=98=D1=81=D0=BF=D1=80=D0=B0=D0=B2=D0=BB?=
=?UTF-8?q?=D0=B5=D0=BD=D0=B8=D0=B5=20=D0=BF=D1=80=D0=BE=D1=86=D0=B5=D0=B4?=
=?UTF-8?q?=D1=83=D1=80=D1=8B=20=D0=B2=D1=8B=D1=85=D0=BE=D0=B4=D0=B0=20?=
=?UTF-8?q?=D0=B8=20=D0=B1=D0=B0=D0=B3=D0=B0=20=D1=81=20=D0=BF=D1=80=D0=BE?=
=?UTF-8?q?=D0=B2=D0=B5=D1=80=D0=BA=D0=BE=D0=B9=20=D0=BF=D0=BE=D0=BB=D0=BD?=
=?UTF-8?q?=D0=BE=D0=BC=D0=BE=D1=87=D0=B8=D0=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
application/bootstrap.php | 2 +-
application/classes/Controller/Handler.php | 25 ++++++++++++----------
2 files changed, 15 insertions(+), 12 deletions(-)
diff --git a/application/bootstrap.php b/application/bootstrap.php
index d07975eba..b3e6461d2 100644
--- a/application/bootstrap.php
+++ b/application/bootstrap.php
@@ -158,7 +158,7 @@ Route::set('remind', 'remind')
'action' => 'remind',
));
-Route::set('sign/out', 'logout')
+Route::set('sign:out', 'sign/out')
->defaults(array(
'controller' => 'authentication',
'action' => 'logout',
diff --git a/application/classes/Controller/Handler.php b/application/classes/Controller/Handler.php
index c837691f3..e44fb6b4e 100644
--- a/application/classes/Controller/Handler.php
+++ b/application/classes/Controller/Handler.php
@@ -17,19 +17,13 @@ class Controller_Handler extends Controller {
if(!$this->request->is_ajax())
{
// Перенаправляем на ошибку доступа
- throw HTTP_Exception::factory (403);
+ throw HTTP_Exception::factory (403, 'only ajax');
}
// Обработка POST-данных
$this->post = Validation::factory(Arr::map('trim', $_POST));
- // Если запрос не прошел на проверку доступа
- if(!$this->checkAccessLevel())
- {
- // Перенаправляем на ошибку доступа
- throw HTTP_Exception::factory (403);
- }
-
+ // Если авторизован, получаем данные аккаунта
if(Auth::isLoggedIn())
{
$model = new Model_Account;
@@ -41,6 +35,15 @@ class Controller_Handler extends Controller {
unset($this->user['ID']);
unset($this->user['Type']);
}
+
+ // Если запрос не прошел на проверку доступа
+ if(!$this->checkAccessLevel())
+ {
+ // Перенаправляем на ошибку доступа
+ throw HTTP_Exception::factory (403, $this->access);
+ }
+
+
}
protected function setAccessLevel($level)
@@ -57,17 +60,17 @@ class Controller_Handler extends Controller {
if ($this->access == self::ACCESS_ADMIN)
{
// TODO: Проверка токена и юзер-агента
- return Auth::isLoggedIn () AND $this->user['Type'] == 'admin';
+ return Auth::isLoggedIn () AND $this->user['AccountType'] == 'admin';
}
elseif ($this->access == self::ACCESS_TEACHER)
{
// TODO: Проверка токена и юзер-агента
- return Auth::isLoggedIn () AND $this->user['Type'] == 'teacher';
+ return Auth::isLoggedIn () AND $this->user['AccountType'] == 'teacher';
}
elseif ($this->access == self::ACCESS_STUDENT)
{
// TODO: Проверка токена и юзер-агента
- return Auth::isLoggedIn () AND $this->user['Type'] == 'student';
+ return Auth::isLoggedIn () AND $this->user['AccountType'] == 'student';
}
elseif ($this->access == self::ACCESS_USER)
{
--
GitLab