From b817f8d45a97768f4df013d44a3b582cff5a9599 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=90=D0=BD=D0=B4=D1=80=D0=B5=D0=B9=20=D0=A0=D1=83=D0=B4?=
 =?UTF-8?q?=D0=B5=D0=BD=D0=B5=D1=86?= <andrey.rudenets@gmail.com>
Date: Sat, 23 Aug 2014 15:52:18 +0400
Subject: [PATCH] =?UTF-8?q?=D0=A0=D0=B0=D0=B7=D0=B3=D1=80=D0=B0=D0=BD?=
 =?UTF-8?q?=D0=B8=D1=87=D0=B5=D0=BD=D0=B8=D0=B5=20=D0=B4=D0=BE=D1=81=D1=82?=
 =?UTF-8?q?=D1=83=D0=BF=D0=B0=20=D0=BA=20=D0=BE=D0=B1=D1=80=D0=B0=D0=B1?=
 =?UTF-8?q?=D0=BE=D1=82=D1=87=D0=B8=D0=BA=D0=B0=D0=BC=20JS-=D0=B7=D0=B0?=
 =?UTF-8?q?=D0=BF=D1=80=D0=BE=D1=81=D0=BE=D0=B2,=20vol.=201?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../classes/Controller/Admin/Accounts.php     |  2 +-
 .../classes/Controller/Admin/Departaments.php |  2 +-
 .../classes/Controller/Admin/Disciplines.php  |  2 +-
 .../classes/Controller/Admin/Index.php        |  2 +-
 .../classes/Controller/Admin/Students.php     |  2 +-
 .../classes/Controller/Admin/StudyGroups.php  |  2 +-
 .../classes/Controller/Admin/Teachers.php     |  2 +-
 .../classes/Controller/Handler.php            | 37 +++++++++----------
 .../classes/Controller/Handler/Map.php        |  2 +-
 .../classes/Controller/Handler/Rating.php     |  2 +-
 .../application/views/admin/students/add.twig |  1 +
 .../views/admin/students/index.twig           |  1 +
 .../views/admin/students/upload.twig          |  1 +
 .../application/views/admin/teachers/add.twig |  1 +
 .../views/admin/teachers/index.twig           |  1 +
 .../views/admin/teachers/upload.twig          |  1 +
 16 files changed, 32 insertions(+), 29 deletions(-)
 create mode 100644 ~dev_rating/application/views/admin/students/add.twig
 create mode 100644 ~dev_rating/application/views/admin/students/index.twig
 create mode 100644 ~dev_rating/application/views/admin/students/upload.twig
 create mode 100644 ~dev_rating/application/views/admin/teachers/add.twig
 create mode 100644 ~dev_rating/application/views/admin/teachers/index.twig
 create mode 100644 ~dev_rating/application/views/admin/teachers/upload.twig

diff --git a/~dev_rating/application/classes/Controller/Admin/Accounts.php b/~dev_rating/application/classes/Controller/Admin/Accounts.php
index 273da1b33..82c61bac8 100644
--- a/~dev_rating/application/classes/Controller/Admin/Accounts.php
+++ b/~dev_rating/application/classes/Controller/Admin/Accounts.php
@@ -1,6 +1,6 @@
 <?php defined('SYSPATH') or die('No direct script access.');
 
-class Controller_Teacher_Admin_Index extends Controller_UserEnvi {
+class Controller_Admin_Index extends Controller_UserEnvi {
 
     public function action_index()
     {
diff --git a/~dev_rating/application/classes/Controller/Admin/Departaments.php b/~dev_rating/application/classes/Controller/Admin/Departaments.php
index 596fe35a6..77f3eaced 100644
--- a/~dev_rating/application/classes/Controller/Admin/Departaments.php
+++ b/~dev_rating/application/classes/Controller/Admin/Departaments.php
@@ -1,6 +1,6 @@
 <?php defined('SYSPATH') or die('No direct script access.');
 
-class Controller_Teacher_Admin_Index extends Controller_UserEnvi {
+class Controller_Admin_Index extends Controller_UserEnvi {
 
     public function action_index()
     {
diff --git a/~dev_rating/application/classes/Controller/Admin/Disciplines.php b/~dev_rating/application/classes/Controller/Admin/Disciplines.php
index 5593a8c75..737552bfb 100644
--- a/~dev_rating/application/classes/Controller/Admin/Disciplines.php
+++ b/~dev_rating/application/classes/Controller/Admin/Disciplines.php
@@ -1,6 +1,6 @@
 <?php defined('SYSPATH') or die('No direct script access.');
 
-class Controller_Teacher_Admin_Index extends Controller_UserEnvi {
+class Controller_Admin_Index extends Controller_UserEnvi {
 
     public function action_index()
     {
diff --git a/~dev_rating/application/classes/Controller/Admin/Index.php b/~dev_rating/application/classes/Controller/Admin/Index.php
index 5593a8c75..737552bfb 100644
--- a/~dev_rating/application/classes/Controller/Admin/Index.php
+++ b/~dev_rating/application/classes/Controller/Admin/Index.php
@@ -1,6 +1,6 @@
 <?php defined('SYSPATH') or die('No direct script access.');
 
-class Controller_Teacher_Admin_Index extends Controller_UserEnvi {
+class Controller_Admin_Index extends Controller_UserEnvi {
 
     public function action_index()
     {
diff --git a/~dev_rating/application/classes/Controller/Admin/Students.php b/~dev_rating/application/classes/Controller/Admin/Students.php
index ee73bc989..f1d4c364f 100644
--- a/~dev_rating/application/classes/Controller/Admin/Students.php
+++ b/~dev_rating/application/classes/Controller/Admin/Students.php
@@ -1,6 +1,6 @@
 <?php defined('SYSPATH') or die('No direct script access.');
 
-class Controller_Teacher_Admin_Index extends Controller_UserEnvi {
+class Controller_Admin_Index extends Controller_UserEnvi {
 
     public function action_index()
     {
diff --git a/~dev_rating/application/classes/Controller/Admin/StudyGroups.php b/~dev_rating/application/classes/Controller/Admin/StudyGroups.php
index 5593a8c75..737552bfb 100644
--- a/~dev_rating/application/classes/Controller/Admin/StudyGroups.php
+++ b/~dev_rating/application/classes/Controller/Admin/StudyGroups.php
@@ -1,6 +1,6 @@
 <?php defined('SYSPATH') or die('No direct script access.');
 
-class Controller_Teacher_Admin_Index extends Controller_UserEnvi {
+class Controller_Admin_Index extends Controller_UserEnvi {
 
     public function action_index()
     {
diff --git a/~dev_rating/application/classes/Controller/Admin/Teachers.php b/~dev_rating/application/classes/Controller/Admin/Teachers.php
index f17053745..9a092d652 100644
--- a/~dev_rating/application/classes/Controller/Admin/Teachers.php
+++ b/~dev_rating/application/classes/Controller/Admin/Teachers.php
@@ -1,6 +1,6 @@
 <?php defined('SYSPATH') or die('No direct script access.');
 
-class Controller_Teacher_Admin_Index extends Controller_UserEnvi {
+class Controller_Admin_Index extends Controller_UserEnvi {
 
     public function action_index()
     {
diff --git a/~dev_rating/application/classes/Controller/Handler.php b/~dev_rating/application/classes/Controller/Handler.php
index 64d6ac953..39ee7a58f 100644
--- a/~dev_rating/application/classes/Controller/Handler.php
+++ b/~dev_rating/application/classes/Controller/Handler.php
@@ -4,12 +4,9 @@ class Controller_Handler extends Controller {
     protected $user, $post, $model;
     private $access;
     
-    const ACCESS_ADMIN = 0; 
-    const ACCESS_TEACHER = 1; 
-    const ACCESS_STUDENT = 2; 
-    const ACCESS_USER = 3; 
-    const ACCESS_GUEST = 4; 
-    const ACCESS_ANYBODY = 5; 
+    const ACCESS_USER = 0; 
+    const ACCESS_GUEST = 1; 
+    const ACCESS_ANYBODY = 2; 
 
     public function before()
     {
@@ -29,11 +26,14 @@ class Controller_Handler extends Controller {
             $this->user = User::instance()->getInfoAsArray();
         }
         
+        // Получаем имя маршрута 
+        $route = Route::name($this->request->route()).':'.$this->request->controller();
+
         // Если запрос не прошел на проверку доступа
-        if(!$this->checkAccessLevel())
+        if(!$this->checkAccessLevel() || !$this->checkBitmask($this->user['AccRoleMark'], $route))
         {
             // Перенаправляем на ошибку доступа
-            throw HTTP_Exception::factory (403, $this->user['Type']);
+            throw HTTP_Exception::factory (403, $route);
         }
     }
     
@@ -46,22 +46,19 @@ class Controller_Handler extends Controller {
             $this->access = (int) $level;
     }
     
+    protected function checkBitmask($userMark, $route)
+    {
+        $sysModel = new Model_System;
+        $bitmask = $sysModel->getBitmaskForRoute($route);
+        if(!$bitmask)
+            return true;
+        return $bitmask & $userMark != 0;
+    }    
+    
     protected function checkAccessLevel()
     {
         switch($this->access)
         {
-            case self::ACCESS_ADMIN:
-                return User::instance()->isSignedIn() AND $this->user['Type'] == 'admin';
-            break;
-            
-            case self::ACCESS_TEACHER:
-                return User::instance()->isSignedIn() AND $this->user['Type'] == 'teacher';            
-            break;
-            
-            case self::ACCESS_STUDENT:
-                return User::instance()->isSignedIn() AND $this->user['Type'] == 'student';
-            break;
-            
             case self::ACCESS_USER:
                 return User::instance()->isSignedIn();            
             break;
diff --git a/~dev_rating/application/classes/Controller/Handler/Map.php b/~dev_rating/application/classes/Controller/Handler/Map.php
index 059d1f175..7e9739c17 100644
--- a/~dev_rating/application/classes/Controller/Handler/Map.php
+++ b/~dev_rating/application/classes/Controller/Handler/Map.php
@@ -4,7 +4,7 @@ class Controller_Handler_Map extends Controller_Handler {
 		
         public function before() {
             $this->model = new Model_Teacher_Map;
-            $this->setAccessLevel(self::ACCESS_TEACHER);
+            $this->setAccessLevel(self::ACCESS_USER);
             parent::before();
         }
         
diff --git a/~dev_rating/application/classes/Controller/Handler/Rating.php b/~dev_rating/application/classes/Controller/Handler/Rating.php
index 64a0fae48..8611b15c7 100644
--- a/~dev_rating/application/classes/Controller/Handler/Rating.php
+++ b/~dev_rating/application/classes/Controller/Handler/Rating.php
@@ -4,7 +4,7 @@ class Controller_Handler_Rating extends Controller_Handler {
 
         public function before() {
             $this->model = new Model_Teacher_Rating;
-            $this->setAccessLevel(self::ACCESS_TEACHER);
+            $this->setAccessLevel(self::ACCESS_USER);
             parent::before();
         }
 
diff --git a/~dev_rating/application/views/admin/students/add.twig b/~dev_rating/application/views/admin/students/add.twig
new file mode 100644
index 000000000..aa3d5f102
--- /dev/null
+++ b/~dev_rating/application/views/admin/students/add.twig
@@ -0,0 +1 @@
+{# empty Twig template #}
diff --git a/~dev_rating/application/views/admin/students/index.twig b/~dev_rating/application/views/admin/students/index.twig
new file mode 100644
index 000000000..aa3d5f102
--- /dev/null
+++ b/~dev_rating/application/views/admin/students/index.twig
@@ -0,0 +1 @@
+{# empty Twig template #}
diff --git a/~dev_rating/application/views/admin/students/upload.twig b/~dev_rating/application/views/admin/students/upload.twig
new file mode 100644
index 000000000..aa3d5f102
--- /dev/null
+++ b/~dev_rating/application/views/admin/students/upload.twig
@@ -0,0 +1 @@
+{# empty Twig template #}
diff --git a/~dev_rating/application/views/admin/teachers/add.twig b/~dev_rating/application/views/admin/teachers/add.twig
new file mode 100644
index 000000000..aa3d5f102
--- /dev/null
+++ b/~dev_rating/application/views/admin/teachers/add.twig
@@ -0,0 +1 @@
+{# empty Twig template #}
diff --git a/~dev_rating/application/views/admin/teachers/index.twig b/~dev_rating/application/views/admin/teachers/index.twig
new file mode 100644
index 000000000..aa3d5f102
--- /dev/null
+++ b/~dev_rating/application/views/admin/teachers/index.twig
@@ -0,0 +1 @@
+{# empty Twig template #}
diff --git a/~dev_rating/application/views/admin/teachers/upload.twig b/~dev_rating/application/views/admin/teachers/upload.twig
new file mode 100644
index 000000000..aa3d5f102
--- /dev/null
+++ b/~dev_rating/application/views/admin/teachers/upload.twig
@@ -0,0 +1 @@
+{# empty Twig template #}
-- 
GitLab