/**
* Set the authorization level for the user
*
* @param string $assetType
* @param integer $assetId
* @return void
*/
protected function _authorize($assetType = 'application', $assetId = null)
{
// Logged in?
if (!User::isGuest()) {
// Set comments to viewable
$this->config->set('access-create-' . $assetType, true);
}
// do we have an application?
if ($assetId != null) {
$app = new Models\Api\Application($assetId);
$team = $app->team()->lists('uidNumber');
if (in_array(User::get('id'), $team) || User::get('id') == $app->get('created_by')) {
// Set comments to viewable
$this->config->set('access-view-' . $assetType, true);
$this->config->set('access-edit-' . $assetType, true);
$this->config->set('access-delete-' . $assetType, true);
$this->config->set('access-remove-member-' . $assetType, true);
}
}
}
