Age | Commit message (Collapse) | Author | Files | Lines |
|
In the Obj MVC, rename group in the model to obj. This will help with
referencing the active object from template views without knowing what
type of object it is.
|
|
|
|
If the current user does not have access permission to the requested
object, throw an exception and do not proceed.
|
|
Added a variety of functions to the Object base class for testing a
user's access level to another object. Also added functions to test
whether a given user or group is an owner or member of another object.
|
|
|
|
|
|
|
|
Added object function to get the owner of an object. This base-class
function returns a User object, however a user might not always be the
kind of owner (eg: a group can own a pad). In these situations, Object
sub-classes should override this function and return the appropriate
type of object.
|
|
Added object function to get an array of all its members. These will
always be user objects, so this is always a safe function to call.
|
|
Finish initializing the Obj MVC by writing an empty view/action for
groups.
|
|
This MVC will be used to browse scrott datastructures.
|
|
Made the name field (the only field) on this form as required.
|
|
Added handler function to common model to create new use groups from the
modal view.
|
|
This function will initialize a new group object and write it to the
database, with a given group name and owner user.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
These are extra files distributed with Bootstrap that I do not need. I
am keeping the minified Bootstrap main JS file, which is already used by
the Scrott application.
|
|
These are extra files distributed with Bootstrap that I do not need, I
am retaining the minified main Bootstrap CSS file, which is already used
by the Scrott application.
|
|
|
|
|
|
Added handler for the button added in the previous commit.
|
|
Added button for admins to remove any user account
|
|
This action will validate the user's password, and make sure you're not
removing the last admin, then proceed to delete the current user's
account from the database and log them out, for good.
|
|
Function to count the number of admin accounts that exist. This is used
to make sure that while deleteing accounts, the number of administrators
never drops to zero.
|
|
This page prompts for user password before actually deleteing their
account.
|
|
There are two functions that need called in the common model whenever a
page is rendered. Rather than requiring all of the base MVC controllers
to call them, I am placing them in a constructor for this model class.
This constructor should fire automatically (since base mvc models
inherit this class), unless base classes define their own constructors.
I don't antisipate this happening, however in that case, they would just
need to call parent::__construct().
|
|
|
|
This will prompt the user for their password if they opt to delete their
own account. This is to prevent malicious attempt by others to trick
users into having there accounts deleted by way of a XSS attack.
|
|
Links to a confirmation page which will require the user's current
password to succeed.
|
|
|
|
|
|
This is the image used by each user object which does not have its own
image in the heads directory. I made this myself since I couldn't find
anything that looked very appealing on the internet without running into
copyright issues. Hopefully, this image will get replaced later.
|
|
|
|
|
|
Function to delete the user image file for the given user object.
|
|
Included initial function assertConfirm(), function to present user an
"Are you sure?" prompt before submitting a web form.
|
|
Only log an error if we get an upload error besides err code 4 (No file
uploaded)
|
|
Now supports file upload to replace the user's head image
|
|
Created class-scope vars to define allowable sizes and types for
uploaded user images
|
|
Now supports file upload to replace the user's head image
|
|
|