Commit

app/inc.php

@@ -51,6 +51,6 @@ unset($config, $database, $session, $user);
  * 
  * Decides if the user is allowed to view current page.
  */
-new AccessControl($app->user, $app->config['root_url']);
+new AccessControl($app);
 
 return $app;

app/lib/App/Core/AccessControl.php

@@ -5,60 +5,102 @@ namespace App\Core;
 use \Exception;
 
 /**
+ * Decides what is allowed and what not
  * TODO: ...
  */
 class AccessControl
 {
-    public User $user;
-    public string $currentPage;
-    private array $routes;
+    public App $app;
 
-    public function __construct(User $user, string $rootUrl)
+    private array  $acl;
+    private string $currentPage;
+
+    public function __construct(App $app)
     {
-        // FUCK IT, WILL FIX LATER
-        return;
+        $this->app = $app;
 
-        $this->routes = [
-            "index.php"     => ["catcher", 0],
-            "example.php",
-            "simulator.php" => ["catcher", 2],
-            "login.php",
-            "logout.php",
-            "view-teams.php",
-            "confirm-logout.php",
+        $this->acl = [
+            // routes that need power level 1 and up
+            [
+                "routes" => [
+                    "teamtable/edit/"
+                ],
+                "catcher" => [
+                    "name" => "page",
+                    "args" => 1,
+                ],
+            ],
+            // routes that dont need any auth
+            [
+                "routes" => [
+                    ""
+                ],
+                "catcher" => [
+                    "name" => "nothing",
+                ],
+            ]
         ];
 
-        $this->user = $user;
-        $this->currentPage = substr($_SERVER["PHP_SELF"], strlen($rootUrl));
+        $this->currentPage = substr(
+            $_SERVER["PHP_SELF"],
+            strlen($this->app->config["root_url"])
+        );
 
-        // FUCK IT, WILL FIX LATER
-        return;
-
-        foreach ($this->routes as $key => $value)
+        foreach ($this->acl as $key => $value)
         {
-            if ($key !== $this->currentPage)
-            {
-                continue;
-            }
+            $routes  = $value["routes"];
+            $catcher = $value["catcher"];
 
-            if ($value)
+            foreach ($routes as $key => $value)
             {
-                call_user_func([$this, $value[0]], $value[1]);
-            }
+                // check if string starts with
+                if (strncmp($this->currentPage, $value, strlen($value)) !== 0)
+                {
+                    continue;
+                }
+                #if ($value !== $this->currentPage)
+                #{
+                #    continue;
+                #}
+ 
+                if (isset($catcher["args"]))
+                {
+                    call_user_func([$this, $catcher["name"]], $catcher["args"]);
+                } else {
+                    call_user_func([$this, $catcher["name"]]);
+                }
 
-            return;
+                return;
+            }
         }
 
-        throw new Exception("Could not find current page in access control routes array, did you add it?");
+        throw new Exception("Could not find current page in access control list, did you add it?");
     }
 
-    private function catcher($powerLevel): void
+    private function page(int $powerLevel): void
     {
-        if (isset($this->user->powerLevel) && $this->user->powerLevel <= $powerLevel) {
-            # code...
+        if ($this->app->user->loggedIn && $this->app->user->powerLevel <= $powerLevel)
+        {
             echo "Authorized!";
         } else {
-            echo "Unauthorized!";
+            http_response_code(401);
+            $this->app->view("template/header", ["title" => "Ingen tilgang!"]);
+            $this->app->view("Core/AccessControl/unauthorized");
+            $this->app->view("template/footer");
+            die();
         }
     }
+
+    /**
+     * Does... nothing! For when the page does not need any access control.
+     */
+    private function nothing(): void
+    {
+        return;
+    }
+
+    private function api($powerLevel): void
+    {
+        // ...
+    }
 }

app/lib/App/Teamtable/Team.php

@@ -5,7 +5,7 @@ namespace App\Teamtable;
 use \InvalidArgumentException;
 
 /**
- * Represents a team in the teamtable database
+ * Represents a record in the teamtable
  */
 class Team
 {

app/lib/App/Timetable/Time.php

@@ -0,0 +1,15 @@
+<?php
+
+namespace App\Timetable;
+
+use \DateTime;
+
+/**
+ * Represents a record in timetable
+ */
+class Time
+{
+    public int $id;
+    public int $teamId;
+    public DateTime $date;
+}

app/lib/App/Timetable/TimeMapper.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace App\Timetable;
+
+use \PDO;
+
+class TimeMapper
+{
+    public PDO $dbh;
+
+    public function __construct(PDO $dbh)
+    {
+        $this->dbh = $dbh;
+    }
+
+    private function mapRowToTeam(array $row): Time
+    {
+        $team = new Time();
+        return $team;
+    }
+
+    public function create(Time $time): Time 
+    {
+        $sth = $this->dbh->prepare('INSERT INTO tidtabell (LagID) VALUES (?)');
+        $sth->execute([$time->teamId]);
+        return TRUE;
+    }
+}

app/model/Cardreader.php

@@ -1,8 +1,10 @@
 <?php
 
-use App\Core\Database as Database;
-use App\Teamtable\TeamMapper as TeamMapper;
-use App\Teamtable\Team as Team;
+use App\Core\Database;
+use App\Teamtable\Team;
+use App\Teamtable\TeamMapper;
+use App\Timetable\Time;
+use App\Timetable\TimeMapper;
 
 class Cardreader
 {
@@ -10,16 +12,19 @@ class Cardreader
 
     public TeamMapper $teamMapper;
 
+    public TimeMapper $timeMapper;
+
     public function __construct(Database $database)
     {
         $this->dbh = $database->conn;
         $this->teamMapper = new TeamMapper($this->dbh);
+        $this->timeMapper = new TimeMapper($this->dbh);
     }
 
     /**
      * Returns TRUE if team exists, FALSE if not
      */
-    public function recieve(string $cardnumber): bool 
+    public function receive(string $cardnumber, int $timeout): bool 
     {
         $team = $this->teamMapper->getByCardnumber($cardnumber);
         if ($team)

app/model/Example.php

@@ -1,6 +1,6 @@
 <?php
 
-use App\Core\Database as Database;
+use App\Core\Database;
 
 class Example
 {

app/model/Teamtable.php

@@ -1,8 +1,8 @@
 <?php
 
-use App\Core\Database as Database;
-use App\Teamtable\Team as Team;
-use App\Teamtable\TeamMapper as TeamMapper;
+use App\Core\Database;
+use App\Teamtable\Team;
+use App\Teamtable\TeamMapper;
 
 /**
  * Does stuffs with the teamtable
@@ -11,9 +11,6 @@ class Teamtable
 {
     public PDO $dbh;
 
-    /**
-     * We use a data mapper pattern
-     */
     public TeamMapper $teamMapper;
 
     public function __construct(Database $database)
@@ -22,25 +19,16 @@ class Teamtable
         $this->teamMapper = new TeamMapper($this->dbh);
     }
 
-    /**
-     * Fetch entire team table
-     */
     public function getAll(): array
     {
         return $this->teamMapper->getAll();
     }
 
-    /**
-     * Find team with supplied id
-     */
     public function get(int $id): ?Team
     {
         return $this->teamMapper->get($id);
     }
 
-    /**
-     * Inserts team into database
-     */
     public function create(Team $team): Team
     {
         return $this->teamMapper->create($team);

app/view/Core/AccessControl/unauthorized.php

@@ -0,0 +1,2 @@
+<h1>Ingen tilgang!</h1>
+<p>Du har ikke tilstrekkelig tillatelse til å se denne siden.</p>

public/simulator.php

@@ -11,7 +11,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST')
         $cardnumber = $_POST['cardnumber'];
 
         if (!(strlen($cardnumber) > 32)) {
-            if ($cardreader->recieve($cardnumber))
+            if ($cardreader->receive($cardnumber))
             {
                 $app->session->flash("Lag funnet for \"{$cardnumber}\"", "success");
             } else {