Skip to content
Snippets Groups Projects
Select Git revision
  • master
  • develop default
  • issue609_stub_nolink
  • hotfix/v2.9.3
  • issue608_journal_tristate
  • hotfix/v2.9.2
  • issue606_global_woes
  • issue299_add_subgroups
  • issue592_student_movement
  • issue606_globaldiscipline_bind
  • issue595_discipline_info
  • issue574_dash_norates
  • issue591_warn_global1c
  • issue593_1cexport_semester
  • issue327_admin_auth
  • issue590_issue_subject
  • issue589_tab_numbers
  • issue583_logaccount_formexport
  • issue584_block_formexport
  • issue527_exam_detached
  • v2.1.5
  • v2.0.3
  • v2.0.2
  • v2.0.1
  • v2.0.0
  • v1.1.2
  • v1.1.1
  • v1.1.0
  • v0.9.3
  • v0.9.1
  • v0.9.2
  • v1.03
  • v1.02
  • v1.01
  • v1.0
35 results
Search by author
  • Any Author
  • Anton Yushko Anton Yushko Mr.Tiger
1 author
  1. Oct 05, 2019
  3. Mar 30, 2019
  5. Mar 01, 2019
  7. Sep 12, 2018
  9. Aug 27, 2018
  11. Nov 05, 2017
  13. Nov 04, 2017
  15. Oct 15, 2017
  17. Oct 12, 2017
  19. Oct 08, 2017
  21. Oct 02, 2017
  23. Sep 30, 2016
  25. Aug 31, 2016
  27. May 03, 2016
  29. Nov 02, 2015
  31. Sep 03, 2015
  33. Jul 07, 2015
  35. Jul 06, 2015
  37. Jun 28, 2015
  39. Jun 26, 2015
  41. Jun 24, 2015
  43. Jun 15, 2015
  45. Jun 14, 2015
  47. Jun 13, 2015
    • xamgore's avatar
      Explicit user rights management · 248dfda3
      xamgore authored 
      It may seem that this commit is rather big, but it's not. Don't be afraid, just read the message. Recently we have understood that it was a bad idea to store rights for pages in a database. So I decided to move the information to PHP layer and make it more clear.

When you write a new controller in Admin/ Dean/ Student/ folder, you should explicitly extend one of Controller_Environment_* classes, and all specific checks will be done there. Additional advantage is manipulating $user variable, so you will have access to extended fields of user, ie User_Student contains StudentID, but User_Teacher does not.

Also, prefer -> operator to []. The reason is simple: IDE shows hints and mismatches only with the first one.

The second important statement is User::checkAccess(User::RIGHTS_*) — call it at the top of *every* function in the Handler/ classes. Exception will be thrown, if user doesn't have enough rights.

NB. If you want to overload "before()" function while extending Environment_* controller, do it in the right way:

    public function before() {
        parent::before();   // always first

        // any magic you like most
    }
      248dfda3
  49. Jun 11, 2015
  51. Jun 10, 2015
  53. Jun 09, 2015
  55. Jun 06, 2015
    • xamgore's avatar
      Restructuring discipline pages · 75bcc732
      xamgore authored 
      /coursework/create — create new coursework
/discipline/create — create new discipline
/discipline/127 & /discipline/127/structure — edit the discipline with id 127
/discipline/127/students — edit the list of attached to discipline students

Moved duplicate code to before() method, some other refactorings.
      75bcc732