instantsoft
diff --git a/‎README.md
Lines changed: 2 additions & 2 deletions b/‎README.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎manifest.en.ini
Lines changed: 4 additions & 4 deletions b/‎manifest.en.ini
Lines changed: 4 additions & 4 deletions
diff --git a/‎manifest.ru.ini
Lines changed: 4 additions & 4 deletions b/‎manifest.ru.ini
Lines changed: 4 additions & 4 deletions
diff --git a/‎package/system/controllers/api/actions/method.php
Lines changed: 49 additions & 18 deletions b/‎package/system/controllers/api/actions/method.php
Lines changed: 49 additions & 18 deletions
diff --git a/‎package/system/controllers/api/api_actions/api_auth_logout.php
Lines changed: 25 additions & 0 deletions b/‎package/system/controllers/api/api_actions/api_auth_logout.php
Lines changed: 25 additions & 0 deletions
@@ -14,6 +14,6 @@
 
 ## Ссылки
 
-* [Официальный сайт InstantCMS](http://www.instantcms.ru/)
-* [Документация компонента](http://docs.instantcms.ru/manual/components/api)
+* [Официальный сайт InstantCMS](https://instantcms.ru/)
+* [Документация компонента](https://docs.instantcms.ru/manual/components/api)
 * [English README](https://github.com/instantsoft/icms2-json-api-component/blob/master/README.en.md)
@@ -5,16 +5,16 @@ addon_id = "600"
 
 [version]
 major = "2"
-minor = "0"
-build = "1"
-date  = "20180105"
+minor = "1"
+build = "0"
+date  = "20180913"
 
 [depends]
 core = "2.5.0"
 
 [author]
 name  = "InstantCMS Team"
-url   = "http://instantcms.ru"
+url   = "https://instantcms.ru"
 
 [install]
 type = "component"
 
@@ -5,16 +5,16 @@ addon_id = "600"
 
 [version]
 major = "2"
-minor = "0"
-build = "1"
-date  = "20180105"
+minor = "1"
+build = "0"
+date  = "20180913"
 
 [depends]
 core = "2.5.0"
 
 [author]
 name  = "InstantCMS Team"
-url   = "http://instantcms.ru"
+url   = "https://instantcms.ru"
 
 [install]
 type = "component"
 
@@ -1,7 +1,7 @@
 <?php
 /******************************************************************************/
 //                                                                            //
-//                             InstantMedia 2017                              //
+//                                 InstantMedia                               //
 //	 		      http://instantmedia.ru/, support@instantmedia.ru            //
 //                               written by Fuze                              //
 //                                                                            //
@@ -105,7 +105,7 @@ public function run($method_name = null){
 
         // проверяем сначала экшен
         // Важно! Болокируйте экшен от прямого выполнения свойством lock_explicit_call
-        // http://docs.instantcms.ru/dev/controllers/actions#действия-во-внешних-файлах
+        // https://docs.instantcms.ru/dev/controllers/actions#действия-во-внешних-файлах
 
         $api_dir_action_file = $this->root_path.'api_actions/'.$this->method_controller->current_action.'.php';
         $action_file = $this->method_controller->root_path.'actions/'.$this->method_controller->current_action.'.php';
@@ -117,6 +117,10 @@ public function run($method_name = null){
 
             include_once $action_file;
 
+            if(!class_exists($class_name, false)){
+                cmsCore::error(sprintf(ERR_CLASS_NOT_DEFINED, str_replace(PATH, '', $action_file), $class_name));
+            }
+
             $this->method_action = new $class_name($this->method_controller);
 
         } else {
@@ -128,10 +132,14 @@ public function run($method_name = null){
 
             if (is_readable($hook_file)){
 
-                if (!class_exists($class_name)){
+                if (!class_exists($class_name, false)){
                     include_once $hook_file;
                 }
 
+                if(!class_exists($class_name, false)){
+                    cmsCore::error(sprintf(ERR_CLASS_NOT_DEFINED, str_replace(PATH, '', $hook_file), $class_name));
+                }
+
                 $this->method_action = new $class_name($this->method_controller);
 
             }
@@ -162,7 +170,10 @@ public function run($method_name = null){
                 return $this->error(777);
             }
 
-            cmsUser::setIp($ip);
+            // совместимость
+            if(method_exists('cmsUser', 'setIp')){
+                cmsUser::setIp($ip);
+            }
 
         }
 
@@ -180,6 +191,18 @@ public function run($method_name = null){
             }
         }
 
+        // проверяем админ доступ, если метод этого требует
+        if(!empty($this->method_action->admin_required)){
+            if(!$this->cms_user->is_logged){
+                return $this->error(71);
+            }
+            if(!$this->cms_user->is_admin){
+                return $this->error(710);
+            }
+            // грузим язык админки
+            cmsCore::loadControllerLanguage('admin');
+        }
+
         // ставим ключ API в свойство
         $this->method_action->key = $this->key;
         $this->method_action->method_name = $this->method_name;
@@ -289,29 +312,37 @@ private function validateMethodParams() {
                 $this->request->set($param_name, $value);
 
             } elseif(!is_null($value) && isset($rules['default'])){
+
                 $value = $this->request->get($param_name, $rules['default']);
+
+                // для применения типизации переменной
+                $this->request->set($param_name, $value);
+
             }
 
-            foreach ($rules['rules'] as $rule) {
+            if(!empty($rules['rules'])){
+                foreach ($rules['rules'] as $rule) {
 
-                if (!$rule) { continue; }
+                    if (!$rule) { continue; }
 
-                $validate_function = "validate_{$rule[0]}";
+                    $validate_function = "validate_{$rule[0]}";
 
-                $rule[] = $value;
+                    $rule[] = $value;
 
-                unset($rule[0]);
+                    unset($rule[0]);
 
-                $result = call_user_func_array(array($this, $validate_function), $rule);
+                    $result = call_user_func_array(array($this, $validate_function), $rule);
 
-                // если получилось false, то дальше не проверяем, т.к.
-                // ошибка уже найдена
-                if ($result !== true) {
-                    $errors[$param_name] = $result;
-                    break;
-                }
+                    // если получилось false, то дальше не проверяем, т.к.
+                    // ошибка уже найдена
+                    if ($result !== true) {
+                        $errors[$param_name] = $result;
+                        break;
+                    }
 
+                }
             }
+
         }
 
         if (!sizeof($errors)) { return false; }
@@ -343,8 +374,8 @@ public function checkRequest() {
             return $this->error(23);
         }
 
-        $is_view = !$this->key['methods_access']['allow'] || in_array($this->method_name, $this->key['methods_access']['allow']);
-        $is_hide = $this->key['methods_access']['disallow'] && in_array($this->method_name, $this->key['methods_access']['disallow']);
+        $is_view = !$this->key['key_methods']['allow'] || in_array($this->method_name, $this->key['key_methods']['allow']);
+        $is_hide = $this->key['key_methods']['disallow'] && in_array($this->method_name, $this->key['key_methods']['disallow']);
 
         // проверяем доступ к методу
         if (!$is_view || $is_hide) {
 
@@ -0,0 +1,25 @@
+<?php
+
+class actionAuthApiAuthLogout extends cmsAction {
+
+    public $lock_explicit_call = true;
+
+    public $result;
+
+    public $auth_required = true;
+
+    public function run(){
+
+        $user_id = $this->cms_user->id;
+
+        cmsEventsManager::hook('auth_logout', $this->cms_user->id);
+
+        cmsUser::logout();
+
+        $this->result = array(
+            'user_id' => $user_id
+        );
+
+    }
+
+}