It may seem that this commit is rather big, but it's not. Don't be afraid, just read the message. Recently we have understood that it was a bad idea to store rights for pages in a database. So I decided to move the information to PHP layer and make it more clear.

When you write a new controller in Admin/ Dean/ Student/ folder, you should explicitly extend one of Controller_Environment_* classes, and all specific checks will be done there. Additional advantage is manipulating $user variable, so you will have access to extended fields of user, ie User_Student contains StudentID, but User_Teacher does not.

Also, prefer -> operator to []. The reason is simple: IDE shows hints and mismatches only with the first one.

The second important statement is User::checkAccess(User::RIGHTS_*) — call it at the top of *every* function in the Handler/ classes. Exception will be thrown, if user doesn't have enough rights.

NB. If you want to overload "before()" function while extending Environment_* controller, do it in the right way:

    public function before() {
        parent::before();   // always first

        // any magic you like most
    }

* Model User has constants to check access for pages
* Some routes are moved to separate files (app/routes/api)
* New abstract model Container for complex objects like Discipline & Student (with -> access operator)
* New DeanOffice controller with access checks
* New SQL procedure to get info about students
* Profile page for students (/dean_office/students/127)

1) Now user info stored in session
2) Merge GetAccountInfo & GetPersonalInfo

Reduced usages of UserInfo

время жизни сессии 60 секунд. после тестирования вернуть 900 секунд