Example #1
0
 public static function get_instance()
 {
     if (self::$instance == false) {
         self::$instance = new Authorization();
     }
     return self::$instance;
 }
Example #2
0
 public static function CanEditProblem($user_id, Problems $problem)
 {
     if (is_null($problem) || !is_a($problem, "Problems")) {
         return false;
     }
     return Authorization::IsProblemAdmin($user_id, $problem);
 }
Example #3
0
    public static function getPanel() {

        if( !Authorization::isAuthorized() ) return;

        $panelStyles = API::parseStylesFile(CUSTOMPATH.DS."Global.views");
        $paneltpl = $panelStyles["VeronicaAdminPanel"][2];
        $menuItemtpl = $panelStyles["VeronicaMenuListItem"][2];
        $controllers = Api::getCustom("Controller");
        $modeles = Api::getCustom("Model");
        
        $user = Authorization::getCurrentUser();
        
        $userpanel = ViewHandler::wrap("CurrentUser", $user[0]);

        
        $paneltpl = str_replace("<? echo \$USERPANEL;?>", $userpanel, $paneltpl);
        
        $list = "";
        foreach ($controllers as $controller){
            if($controller::$inAdminPanel){
                
                $l = str_replace("<? echo \$ADDCLICKHANDLER;?>", "Controller.add('".$controller::$name."');", $menuItemtpl);
                $l = str_replace("<? echo \$CLICKHANDLER;?>", "Controller.openDashboard('".$controller::$name."');", $l);
                $l = str_replace("<? echo \$COUNT;?>", "Controller.openDashboard('".$controller::$name."');", $l);
                $list .= str_replace("<? echo \$ALIAS;?>", $controller::$alias, $l);
            }
        }
        $paneltpl = str_replace("<? echo \$MENULIST;?>", $list, $paneltpl);
        return $paneltpl;

    }
Example #4
0
	public static function configure( $home ){
		self::$home = $home;
                $js = ""; $css = "";
                if( Authorization::isAuthorized() ){
                    $files = API::getFileList( INCLUDEPATH );
                    
                    $files = array_merge(API::getFileList( PLUGINSPATH ), $files);
                    $pos = array_search("./include/cmf/js/lib.js",$files);
                    unset($files[$pos]);
                }
                else{
                    $files = API::getFileList( INCLUDEPATH,-1 );
                    $files[] = "./include/cmf/js/lib.js";
                    $files[] = "./include/cmf/css/cmf.notify.css";
                    $files[] = "./include/cmf/css/cmf.ui.css";
                }
                
                rsort($files);
                foreach ($files as $path) {

                    $ext = pathinfo($path);
                    if( substr($ext['filename'], 0,1) == '_' ) continue;
                    $ext = $ext['extension'];
                    if($ext == "js"){
                        $js .= str_replace("{PATH}", $path, Storage::get("Template::jsInclude"));
                    }else if($ext == "css")
                        $css .= str_replace("{PATH}", $path, Storage::get("Template::cssInclude"));
                }

                self::assign("TITLE", Config::$SiteConf['name']);
                self::assign("META", Config::$SiteConf['meta']);
                self::assign("JSINCLUDE", $js);
                self::assign("CSSINCLUDE", $css);
               // l(self::$vars);
	}
Example #5
0
 public static function init()
 {
     if (empty(self::$obj)) {
         self::$obj = new Authorization();
     }
     return self::$obj;
 }
Example #6
0
 /**
  * Handles the requests for post() and get()
  *
  * @param $name
  * @param $arguments
  */
 public static function __callStatic($name, $arguments)
 {
     $response = static::_transfer($name, $arguments);
     if ($response && $name != 'delete') {
         $result = static::_reponse($response);
         if ($result) {
             if (is_object($result) || !isset($result['error'])) {
                 return $result;
             } else {
                 // Expired token ?
                 if (isset($result['error']['message']) && $result['error']['message'] == Auth::$_errors['oAuthTokenExpired']) {
                     if (isset($arguments[2])) {
                         Authorization::oAuthRefreshToken($arguments[2], 'updateSession', 'force');
                         call_user_func(array('Rest', $name), $arguments);
                     } else {
                         return compact('result', 'name', 'arguments', 'response');
                     }
                 } else {
                     if (isset($result['error']['message']) && $result['error']['message'] != 'Forbidden' && $result['error']['message'] != 'Not Found') {
                         return compact('result', 'name', 'arguments', 'response');
                     }
                 }
             }
         } else {
             return compact('result', 'name', 'arguments', 'response');
         }
     } else {
         if ($name != 'delete') {
             return compact('result', 'name', 'arguments', 'response');
         }
     }
 }
Example #7
0
 public static function Insert($data, $settings, $marathon, $campaign, $database)
 {
     if (!Authorization::IsAuthorized($settings)) {
         return new ZdpArrayObject(['error' => 'You are not authorized to perform this action.']);
     }
     $playerID;
     $gameID;
     $scheduleStartTime;
     $scheduleEndTime;
     $scheduleUnlockAmount;
     $error = false;
     $errorMessage;
     if (array_key_exists('PlayerID', $data)) {
         $playerID = $data['PlayerID'];
     } else {
         $error = true;
         $errorMessage = 'No player id was provided.';
     }
     if (array_key_exists('GameID', $data)) {
         $gameID = $data['GameID'];
     } else {
         $error = true;
         $errorMessage = 'No game id was provided.';
     }
     if (array_key_exists('StartTime', $data)) {
         $scheduleStartTime = $data['StartTime'];
     } else {
         $error = true;
         $errorMessage = 'No start time was provided.';
     }
     if (array_key_exists('EndTime', $data)) {
         $scheduleEndTime = $data['EndTime'];
     } else {
         $error = true;
         $errorMessage = 'No end time was provided.';
     }
     if (array_key_exists('UnlockAmount', $data)) {
         $scheduleUnlockAmount = $data['UnlockAmount'];
     } else {
         $error = true;
         $errorMessage = 'No unlock amount was provided.';
     }
     if ($database instanceof ZdpArrayObject) {
         $error = true;
         $errorMessage = $database['error'];
     }
     if (!$error) {
         $sql = 'CALL sp_insert_schedule (:game_id, :campaign_id, :player_id, :schedule_endtime, :schedule_starttime, :schedule_unlockamount)';
         $statement = $database->prepare($sql);
         if ($statement->execute([':game_id' => $gameID, ':campaign_id' => $campaign, ':player_id' => $playerID, ':schedule_starttime' => $scheduleStartTime, ':schedule_endtime' => $scheduleEndTime, ':schedule_unlockamount' => $scheduleUnlockAmount])) {
             $schedules = $statement->fetchAll(PDO::FETCH_ASSOC);
             $output = new ZdpArrayObject(['result' => new ZdpArrayObject(['schedule' => $schedules])]);
         } else {
             $output = new ZdpArrayObject(['error' => $statement->errorInfo()]);
         }
     } else {
         $output = new ZdpArrayObject(['error' => $errorMessage]);
     }
     return $output;
 }
 public static function getInstance()
 {
     if (null === self::$_instance) {
         self::$_instance = new self();
     }
     return self::$_instance;
 }
 public function editCategory($id)
 {
     if (Authorization::Authorize('Admin')) {
         $this->view->category = $this->model->getCategory();
         // viet code xy lu o day
         $this->data = array();
         $this->view->title = 'Edit Category';
         $this->view->cat = $this->model->showCatById($id);
         if (isset($_POST['submit'])) {
             if (empty($_POST['catname'])) {
                 $this->view->msg = "Vui lòng nhập tên Category";
                 $this->view->renderAdmin('category/editcategory');
             } else {
                 $this->data['catname'] = mysqli_real_escape_string($this->model->connect, $_POST['catname']);
                 $this->data['parent'] = $_POST['category'];
                 if ($this->model->editCat($this->data, $id) == true) {
                     $this->view->redirect('listcategory');
                 } else {
                     $this->view->msg = "Edit category faild";
                     $this->view->renderAdmin('category/editcategory');
                 }
             }
         } else {
             $this->view->renderAdmin("category/editcategory");
         }
     } else {
         $this->view->render("user/index");
     }
 }
Example #10
0
 public static function Insert($data, $settings, $marathon, $campaign, $database)
 {
     if (!Authorization::IsAuthorized($settings)) {
         return new ZdpArrayObject(['error' => 'You are not authorized to perform this action.']);
     }
     $playerName;
     $error = false;
     if (array_key_exists('name', $POST) && trim($_POST['name']) != '') {
         $playerName = $_POST['name'];
     } else {
         $error = true;
         $errorMessage = 'No player name was provided.';
     }
     if ($database instanceof ZdpArrayObject) {
         $error = true;
         $errorMessage = $database['error'];
     }
     if (!$error) {
         $sql = 'CALL sp_insert_player (:campaign_id, :marathon_id, :player_name)';
         $statement = $database->prepare($sql);
         if ($statement->execute([':marathon_id' => $marathon, ':campaign_id' => $campaign, ':player_name' => $playerName])) {
             $players = $statement->fetchAll(PDO::FETCH_ASSOC);
             $output = new ZdpArrayObject(['result' => new ZdpArrayObject(['player' => $players])]);
         } else {
             $output = new ZdpArrayObject(['error' => $statement->errorInfo()]);
         }
     } else {
         $output = new ZdpArrayObject(['error' => $errorMessage]);
     }
     return $output;
 }
 /**
  * Validate requests for grader apis
  *
  * @param Request $r
  * @throws ForbiddenAccessException
  */
 private static function validateRequest(Request $r)
 {
     self::authenticateRequest($r);
     if (!Authorization::IsSystemAdmin($r['current_user_id'])) {
         throw new ForbiddenAccessException();
     }
 }
Example #12
0
 /**
  * @return retorna un peticion solicitada 
  */
 public static function run(Request $peticion)
 {
     $controller = $peticion->getControlador() . "Controller";
     $rutaControlador = ROOT . "controllers" . DS . $controller . ".php";
     $metodo = $peticion->getMetodo();
     $args = $peticion->getArgs();
     //exit;
     if (is_readable($rutaControlador)) {
         require_once $rutaControlador;
         $Controlador = new $controller();
         if (is_callable(array($controller, $metodo))) {
             $metodo = $peticion->getMetodo();
         } else {
             $metodo = "index";
         }
         if ($metodo == 'login') {
             # code...
         } else {
             Authorization::Logged();
         }
         if (isset($args)) {
             call_user_func_array(array($Controlador, $metodo), $args);
         } else {
             call_user_func(array($Controlador, $metodo));
         }
     } else {
         throw new Exception("Controlador no encontrado ");
     }
 }
 /**
  * run ejecuta clase Request
  * permite llamar una funcion sin necesidad de instanciar la clase
  * @param  string $peticion parametro que se recibe de Request
  * @var  string controller almacena controlador
  * @var  string rutaControlador guarda ruta del controlador
  * @var  string $metodo invoca a la funcion getMetodo de request
  * @var  string $args invoca a la funcion getArgs de request
  * */
 public static function run(Request $peticion)
 {
     $controller = $peticion->getControlador() . 'Controller';
     $rutaControlador = ROOT . 'controllers' . DS . $controller . '.php';
     $metodo = $peticion->getMetodo();
     $args = $peticion->getArgs();
     if (is_readable($rutaControlador)) {
         include_once $rutaControlador;
         $controlador = new $controller();
         if (is_callable(array($controller, $metodo))) {
             $metodo = $peticion->getMetodo();
         } else {
             $metodo = 'index';
         }
         if ($metodo == 'login') {
         } else {
             Authorization::logged();
         }
         if (isset($args)) {
             call_user_func_array(array($controlador, $metodo), $args);
         } else {
             call_user_func_array(array($controller, $metodo));
         }
     } else {
         throw new Exception("Controlador no encontrado");
     }
 }
Example #14
0
 function approveUser($login, $pass, $createIP)
 {
     if ($this->checkPass($pass, $login)) {
         #ПРОВЕРЯЕМ ПРАВИЛЬНОСТЬ ПАРОЛЯ
         $ip = 0;
         $time = time() + 60 * 2;
         $this->hash = md5($this->generateCode(10));
         if ($createIP) {
             $ip = ip2long($_SERVER['REMOTE_ADDR']);
         }
         $this->prepareQuery("INSERT INTO sessions SET user_id=:id, time=:time, hash=:hash, ip=:ip");
         /*$this->prepareQuery("UPDATE user SET hash=:hash, ip=:ip WHERE id=:id");*/
         $this->query->bindParam(':hash', $this->hash);
         $this->query->bindParam(':ip', $ip);
         $this->query->bindParam(':id', $this->thisUser['user_id']);
         $this->query->bindParam(':time', $time);
         // Два часа!
         $this->executeQuery_Simple();
         $this->createCookie();
         // Создаем куки
         /*            $this->deleteOldSessions(); // Удаляем устаревшие сессии*/
         return true;
     } else {
         $this->errors['password_login'] = '******';
         // class из bootstrap
         Authorization::logOut();
         return false;
     }
 }
Example #15
0
 public function delete_session()
 {
     $user_id = (int) $_COOKIE['user_id'];
     $this->prepare("DELETE FROM sessions WHERE user_id=:id");
     $this->query->bindParam(':id', $user_id, PDO::PARAM_INT);
     $this->execute_simple();
     Authorization::delete_cookie();
 }
 static function Instance()
 {
     if (!isset(self::$mrInstance)) {
         $class_name = __CLASS__;
         self::$mrInstance = new $class_name();
     }
     return self::$mrInstance;
 }
Example #17
0
 /**
  * Display the specified resource.
  *
  * @param  int  $hash
  * @return Response
  */
 public function index($hash)
 {
     if ($hash) {
         $wishes = $this->service->getWishesForUser($hash);
     } else {
         $wishes = $this->service->getWishesForUser(\Authorization::user()->hash);
     }
     return $this->returnWishlist($wishes);
 }
Example #18
0
 public function beforeroute()
 {
     parent::beforeroute();
     if (!$this->setAuthorizedUserAndMenu()) {
         $this->notAuthorized();
     } else {
         $this->list_perpage = $this->fw->get('account.perpage');
         // Проверяем существуют ли кастомные маршруты для ЛК
         $this->fw->set('use_app_routes', \helpers\BackendRoutes::exists());
     }
 }
    public static function makeAuth($args) {

        $md5pass = md5($args[1].Config::$Security['passwordsalt']);
        $table = Config::$DBConf['prefix'].Authorization::$table;
        $row = DB::getRow("Select * From $table Where `login`='$args[0]' and `password`='$md5pass'");
        if($row != NULL && $row['status'] == '0' ){
            self::$user = $row;
            DB::exec( "UPDATE $table SET `status` = 1 WHERE `login` = '".$args[0]."'" );
            setcookie("user_name",$row['name'], time()+60*60*24*365);
            setcookie("user_id",$row['id'], time()+60*60*24*365);
            return $row['category'];
        }else return NULL;
    }
 protected function runParentTransaction($amount = 10.0)
 {
     self::authorizeFromEnv();
     $transaction = new Authorization();
     $transaction->money->setAmount($amount);
     $transaction->money->setCurrency('EUR');
     $transaction->setDescription('test');
     $transaction->setTrackingId('my_custom_variable');
     $transaction->card->setCardNumber('4200000000000000');
     $transaction->card->setCardHolder('John Doe');
     $transaction->card->setCardExpMonth(1);
     $transaction->card->setCardExpYear(2030);
     $transaction->card->setCardCvc('123');
     $transaction->customer->setFirstName('John');
     $transaction->customer->setLastName('Doe');
     $transaction->customer->setCountry('LV');
     $transaction->customer->setAddress('Demo str 12');
     $transaction->customer->setCity('Riga');
     $transaction->customer->setZip('LV-1082');
     $transaction->customer->setIp('127.0.0.1');
     $transaction->customer->setEmail('*****@*****.**');
     return $transaction->submit();
 }
Example #21
0
 static function Start($auth = [])
 {
     $called_class = get_called_class();
     if (count($auth)) {
         $where = [];
         foreach ($auth as $k => $v) {
             $where[] = "`" . es($k) . "` = '" . es($v) . "'";
         }
         $res = q("\n\t\t\t\tSELECT `access`" . (count($called_class::$datas) ? ',`' . implode('`,`', $called_class::$datas) . '`' : '') . "\n\t\t\t\tFROM `fw_users`\n\t\t\t\tWHERE " . implode(" AND ", $where) . "\n\t\t\t");
         if (!$res->num_rows) {
             Authorization::logout();
             redirect('/');
         }
         $row = $res->fetch_assoc();
         if ($row['access'] != 1) {
             Authorization::logout();
             $_SESSION['error'] = 'no-access';
             redirect('/');
         }
         foreach ($called_class::$datas as $k => $v) {
             $called_class::${$v} = $row[$v];
             // unset($row[$v]); -- Раскомментировать после обновления функционала на сайте
         }
         if (count($row)) {
             self::$data = $row;
         }
     } elseif (isset($_COOKIE['autologinid'], $_COOKIE['autologinhash'])) {
         $auth = new Authorization();
         if (!$auth->authByHash($_COOKIE['autologinid'], $_COOKIE['autologinhash'])) {
             Authorization::logout();
             redirect('/');
         }
     }
     if (!empty(self::$data['id']) && !empty(self::$autoupdate)) {
         q("\n\t\t\t\tUPDATE `fw_users` SET\n\t\t\t\t`browser` = '" . (isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '') . "',\n\t\t\t\t`ip` = '" . es($_SERVER['REMOTE_ADDR']) . "'\n\t\t\t\tWHERE `id` = " . (int) self::$data['id'] . "\n\t\t\t");
     }
 }
 public function index()
 {
     $this->view->title = "Dashboard";
     if (Authorization::Authorize('Admin')) {
         $this->view->title = "Dashboard";
         $this->view->cat = $this->model->getCat();
         $this->view->post = $this->model->getPost();
         $this->view->comment = $this->model->getComment();
         $this->view->user = $this->model->getUser();
         $this->view->page = $this->model->getPage();
         $this->view->renderAdmin("dashboard/index");
     } else {
         $this->view->render("user/index");
     }
 }
 public function deleteSite(&$markerSite)
 {
     $distribution = Distribution::find($markerSite->distribution);
     Authorization::where('atlas_id', '=', $markerSite->id)->delete();
     Log::info("Deleted authorization " . $markerSite->id . " from " . $_SERVER['REMOTE_ADDR']);
     Log::info("Deleting Site" . $markerSite->id . " from " . $_SERVER['REMOTE_ADDR']);
     $markerSite->delete();
     Log::info("Deleted Site");
     Log::info("Distribution name=" . $distribution->name . " id=" . $distribution->id . " standard=" . $distribution->is_standard);
     if ($distribution && $distribution->isNonStandard()) {
         Log::info("Deleting distribution " . $distribution->id . " from " . $_SERVER['REMOTE_ADDR']);
         $distribution->delete();
         Log::info("Deleted Distribution");
     }
 }
Example #24
0
 public function action_jwks()
 {
     try {
         $response = array('keys' => array("e" => "AQAB", "n" => "kWp2zRA23Z3vTL4uoe8kTFptxBVFunIoP4t_8TDYJrOb7D1iZNDXVeEsYKp6ppmrTZDAgd-cNOTKLd4M39WJc5FN0maTAVKJc7NxklDeKc4dMe1BGvTZNG4MpWBo-taKULlYUu0ltYJuLzOjIrTHfarucrGoRWqM0sl3z2-fv9k", "kty" => "RSA", "kid" => "1"));
     } catch (League\OAuth2\Server\Exception\ClientException $e) {
         // Throw an exception because there was a problem with the client's request
         $response = array('error' => $this->authserver->getExceptionType($e->getCode()), 'error_description' => $e->getMessage());
         // Set the correct header
         header($this->authserver->getExceptionHttpHeaders($this->authserver->getExceptionType($e->getCode()))[0]);
     } catch (Exception $e) {
         // Throw an error when a non-library specific exception has been thrown
         $response = array('error' => 'undefined_error', 'error_description' => $e->getMessage());
     }
     header('Content-type: application/json');
     echo json_encode($response);
 }
 /**
  * Validates that group alias and contest alias do exist
  * 
  * @param Request $r
  * @throws InvalidDatabaseOperationException
  * @throws InvalidParameterException
  */
 private static function validateGroupScoreboardAndContest(Request $r)
 {
     self::validateGroupScoreboard($r);
     Validators::isValidAlias($r["contest_alias"], "contest_alias");
     try {
         $r["contest"] = ContestsDAO::getByAlias($r["contest_alias"]);
     } catch (Exception $ex) {
         throw new InvalidDatabaseOperationException($ex);
     }
     if (is_null($r["contest"])) {
         throw new InvalidParameterException("parameterNotFound", "Contest");
     }
     if ($r["contest"]->public == 0 && !Authorization::IsContestAdmin($r["current_user_id"], $r["contest"])) {
         throw new ForbiddenAccessException();
     }
 }
Example #26
0
 public function store(Request $request)
 {
     $file = $request->file('upload');
     if (!$request->hasFile('upload') || !$request->has('type')) {
         throw new BadRequestHttpException();
     }
     $unique = \Input::get('unique');
     if (!$unique) {
         $unique = true;
     }
     $uploadType = ['type' => \Input::get('type'), 'unique' => $unique];
     $user = \Authorization::user();
     $model = $this->service->createUpload($user, $file, \Authorization::user(), $uploadType);
     $model = $this->returnUploadModel($model);
     return $model;
 }
Example #27
0
 /**
  * zobrazi zoznam vsetkych
  * @global array $ALIEN
  */
 public static function showPermissionsList()
 {
     if (!Authorization::getCurrentUser()->hasPermission(38)) {
         new Notification("Prístup zamietnutý.", "error");
         header("Location: ?page=home", false, 301);
         ob_end_flush();
         exit;
     }
     global $ALIEN;
     $ALIEN['HEADER'] = 'Zoznam existujúcich oprávnení';
     $limit = sizeof(Authorization::$Permissions);
     for ($i = 1; $i <= $limit; $i++) {
         $permission = new Permission(Authorization::$Permissions[$i]['label']);
         echo '<div class="item"><img src="images/icons/shield.png"> ID: ' . $permission->getId() . ' | <strong>' . $permission->getLabel() . '</strong> | ' . $permission->getDescription() . '</div>';
     }
 }
Example #28
0
 public static function Insert($data, $settings, $marathon, $campaign, $database)
 {
     if (!Authorization::IsAuthorized($settings)) {
         return new ZdpArrayObject(['error' => 'You are not authorized to perform this action.']);
     }
     $fileDefinitionLimit;
     $fileDefinitionName;
     $gameId;
     $error = false;
     $errorMessage;
     $output;
     if (array_key_exists('Limit', $data)) {
         $fileDefinitionLimit = $data['Limit'];
     } else {
         $error = true;
         $errorMessage = 'No limit was provided.';
     }
     if (array_key_exists('Name', $data)) {
         $fileDefinitionName = $data['Name'];
     } else {
         $error = true;
         $errorMessage = 'No name was provided.';
     }
     if (array_key_exists('GameId', $data)) {
         $gameId = $data['GameId'];
     } else {
         $error = true;
         $errorMessage = 'No game Id was provided.';
     }
     if ($database instanceof ZdpArrayObject) {
         $error = true;
         $errorMessage = $database['error'];
     }
     if (!$error) {
         $sql = 'CALL sp_insert_filedefinition (:campaign_id, :marathon_id, :game_id, :filedefinition_limit, :filedefinition_name)';
         $statement = $database->prepare($sql);
         if ($statement->execute([':campaign_id' => $campaign, ':marathon_id' => $marathon, ':game_id' => $gameId, ':filedefinition_limit' => $fileDefinitionLimit, ':filedefinition_name' => $fileDefinitionName])) {
             $return = $statement->fetchAll(PDO::FETCH_ASSOC)[0]['Id'];
             $output = new ZdpArrayObject(['result' => new ZdpArrayObject(['fileDefinitionId' => $return])]);
         } else {
             $output = new ZdpArrayObject(['error' => $statement->errorInfo()]);
         }
     } else {
         $output = new ZdpArrayObject(['error' => $errorMessage]);
     }
     return $output;
 }
Example #29
0
 /**
  * Execute the console command.
  *
  * @return mixed
  */
 public function handle()
 {
     $hash = $this->argument('hash');
     $key = $this->argument('key');
     try {
         \Authorizer::validateAccessToken(false, $key);
         $resourceOwnerId = \Authorizer::getResourceOwnerId();
         $user = \Authorization::loginUsingId($resourceOwnerId);
         if ($user->hash === $hash) {
             $this->info('Authenticated');
         } else {
             throw new \Exception('User hash does not match auth key');
         }
     } catch (OAuthException $e) {
         throw new \Exception('Authentication error: invalid authentication key');
     }
 }
Example #30
0
 public function run()
 {
     // проверяем ридирект с ошибки
     $rdStatus = isset($_SERVER['REDIRECT_STATUS']) ? $_SERVER['REDIRECT_STATUS'] : 0;
     if (array_key_exists($rdStatus, $this->httpError)) {
         $this->makeError("[" . __CLASS__ . "] " . $this->httpError[$rdStatus]);
     }
     // проверяем авторизацию
     if (!Authorization::init()->isAuth()) {
         $this->makeError("[" . __CLASS__ . "] API доступно только авторизованным пользователям!");
     }
     $action = $this->getParam($this->actionName);
     if (!array_key_exists($action, $this->api)) {
         $this->makeError("[" . __CLASS__ . "] не найдена комманда " . $action . '!');
     }
     $metod = $this->api[$action]['metod'];
     $param = array();
     switch ($action) {
         // дополнительная проверка \ обработка параметров для комманд
         case 'get':
             $filter = array();
             foreach ($this->api[$action]['param'] as $val) {
                 $paramElem = $this->getParam($val, false);
                 if ($paramElem !== false) {
                     $filter[$val] = $paramElem;
                 }
             }
             $param[] = $filter;
             break;
         default:
             foreach ($this->api[$action]['param'] as $val) {
                 $param[] = $this->getParam($val);
             }
             break;
     }
     // создаем экземпляр класса
     try {
         $obj = new UserModel(DB::GetDBH());
         $userObject = call_user_func_array(array($obj, $metod), $param);
     } catch (Exception $e) {
         $this->makeError($e->getMessage());
     }
     echo $this->outputFormated($userObject);
     return;
 }