Kevin Day [Sat, 1 Apr 2017 06:05:11 +0000 (01:05 -0500)]
Update: rework access control to be automatic based on is_* roles in the t_users table
Instead of trying to use select queries on every statement based on a users role, have the database automatical grant/revoke roles based on column settings in the s_tables.t_users table.
u_public and r_public have been renamed to be u_reservation_public and r_reservation_public to keep all roles self-contained.
name_machine fields should now only allow word characters.
Kevin Day [Thu, 30 Mar 2017 17:34:35 +0000 (12:34 -0500)]
Progress: improve access control database structure and other changes
Numerous changes, but there has been a huge focus on access control changes.
It occurred to me that if an account was locked or deleted, then they should be denied access to all of the views (with exception of the current user views).
This required a notable structural change.
The tables are now stored in the s_table schema.
In case accounts get locked, even administer accounts, access should be disabled.
I did not get the time to convert all of the administer and manager roles to be restricted to views but will eventually do so.
Kevin Day [Sat, 4 Mar 2017 04:45:15 +0000 (22:45 -0600)]
Progress: continuing development, http headers work
There is still a lot more to go, but this resolves some of the @todo's in the http headers class.
I have noticed that in some cases I called a prepare_token function and the return value has parsed in the name.
- The parsed name is used for parsing functions and generally returns an array.
- Based on the name, I could easily mistake the purpose of the return value for the prepare_token (or similar) functions.
- These prepare functions now use prepared in place of parsed to make reading the code more consistent.
- There are some functions that make this incorrect interpretation and they must be rewritten accordingly.
Kevin Day [Fri, 3 Mar 2017 07:23:53 +0000 (01:23 -0600)]
Progress: continuing development, updated test example, added language testing, miscellaneous fixes
Did some testing and made sure the test example was working.
Added some languages for testing.
- I specifically added japanese as a language to test for error messages because it is so different from english.
- It is not practical to implement the error messages class for many languages right now because I expect major refactoring as I continue coding.
- Another simple language test is added, testing the languages: russian, spanish, japanese, and english.
Kevin Day [Sat, 25 Feb 2017 01:18:28 +0000 (19:18 -0600)]
Progress: continuing development, database work, use c_base_return on more classes, and fix inconsistencies
Further work on building the database structure.
Added some missing roles:
- Requester
- Editor
A number of inconsistencies have been identified and resolved.
After reviewing my use of c_base_cookie as extending the class c_base_return, I have decided that to do that everywhere possible.
This simplifies the return structure that I complicated when I decided to use the c_base_return return type development design.
I noticed that there is still some cookie functionality that I could implement.
This adds support for 'same site' and 'host only'.
These are functionally equivalent except that I think 'same site' is a little more granular.
This also adds one of my test scripts under examples.
It is very likely not completely up to date with the database changes.
Kevin Day [Wed, 22 Feb 2017 04:55:04 +0000 (22:55 -0600)]
Progress: continuing development, more http header support, implemented error reporting
I noticed that there are a lot of incomplete functions in the http class.
This, in particular, implements cookie support.
There is still a lot more incomplete code in the http class.
My initial error reporting work is done.
Expect major refactoring as I continue developing.
After some testing, I have foind the php-xz module to be lacking and defunct.
I also noticed that there are multiple relevant repositories to choose from (added both to documentation).
Kevin Day [Sat, 18 Feb 2017 22:41:18 +0000 (16:41 -0600)]
Progress: continuing development, adding examples and example program: reservation
For the sake of functionality and time, I implemented a straight-forward HTML class.
I will come back later to work on CML that will be an attempt to separate the context from the content, even in the code.
There is a (currently) experimental program called reservation.
This is a reservation/scheduling system that is currently under design and will be used as a functional example for using this site.
It currently requires LDAP and a few other custom/experimental software that is to follow.
The sql code is postgresql-specific.
Other examples are included in the example direction.
There are some theme files that I am probably not going to use and may remove in the future.
Kevin Day [Sat, 17 Dec 2016 20:24:08 +0000 (14:24 -0600)]
Update: initial import, including incomplete work
I wanted to complete all of the common/base work first, but I ended up getting side-tracked.
With the holidays, I realize that I would not finish this in time and I needed to at the very least ensure all of my hard work is not lost.
Much of the base work is complete except for the following:
- HTML and HTML tag related processing.
- Form processing.
I have not decided how I want to design forms and I expect this to be the weakest part of my code design.
How this will end up being developed will directly affect how the HTML processing code is built.
projects / koopa / log