/**
  * Check if department of logged in User match with department property of page node and hide this node if true
  *
  * @param \TYPO3\Flow\AOP\JoinPointInterface $joinPoint
  * @Flow\Around("method(TYPO3\TYPO3CR\Security\Authorization\Privilege\Node\___NotUse___EditNodePrivilege->matchesSubject(PrivilegeSubjectInterface $subject))")
  * @return boolean
  */
 public function checkMatchesSubjectForCreatingNodes($joinPoint)
 {
     $matchesSubject = $joinPoint->getMethodArgument('subject');
     $result = $joinPoint->getAdviceChain()->proceed($joinPoint);
     //  if ($matchesSubject instanceof \TYPO3\Flow\Security\Authorization\Privilege\Method\CreateNodePrivilegeSubject === false) return false;
     if ($result) {
         if ($this->securityContext->getParty() instanceof User) {
             // get access rights depending on matching users and pages department
             if ($this->getPropertyRecursive($matchesSubject->getNode(), 'departmentName') == $this->securityContext->getParty()->getDepartment()) {
                 return false;
             } else {
                 return true;
             }
         } else {
             $role = $this->policyService->getRole('TYPO3.Neos:Administrator');
             if ($role) {
                 foreach ($this->securityContext->getParty()->getAccounts() as $account) {
                     if ($account->hasRole($role)) {
                         return false;
                     }
                 }
             }
         }
     }
     return $result;
 }
 /**
  * Shows a form for creating a new news object
  *
  * @return void
  */
 public function newAction()
 {
     $this->view->assign('folders', $this->folderService->listAll());
     $this->view->assign('related', $this->newsService->getEnabledNews());
     $this->view->assign('newsCategories', $this->categoryService->getEnabledLatestCategories());
     $this->view->assign('tags', $this->tagService->listAll());
     $this->view->assign('user', $this->securityContext->getParty());
 }
 /**
  * Check if an administrator is logged in or the owner of a project and deny access if someone else is trying to access
  *
  * @param \GIB\GradingTool\Domain\Model\Project $project
  */
 public function checkOwnerOrAdministratorAndDenyIfNeeded(\GIB\GradingTool\Domain\Model\Project $project)
 {
     // check if the user has access to this project
     if ($this->securityContext->getParty() !== $project->getProjectManager() && !array_key_exists('GIB.GradingTool:Administrator', $this->securityContext->getRoles())) {
         // add a flash message
         $message = new \TYPO3\Flow\Error\Message('Access denied.', \TYPO3\Flow\Error\Message::SEVERITY_ERROR);
         $this->flashMessageContainer->addMessage($message);
         $this->redirect('index', 'Standard');
     }
 }
 /**
  * Get the news list by selection
  *
  * @param \Lelesys\Plugin\News\Domain\Model\Category $category The category
  * @param \Lelesys\Plugin\News\Domain\Model\Folder $folder The folder
  * @return \TYPO3\Flow\Persistence\QueryResultInterface The query result
  */
 public function getNewsAdmin(\Lelesys\Plugin\News\Domain\Model\Category $category = NULL, \Lelesys\Plugin\News\Domain\Model\Folder $folder = NULL)
 {
     $query = $this->createQuery();
     $queryBuilder = ObjectAccess::getProperty($query, 'queryBuilder', TRUE);
     $constraints = array();
     $user = '';
     if ($this->securityContext->hasRole('Lelesys.Plugin.News:NewsAdmin')) {
         if (!empty($folder)) {
             $constraints[] = 'n.folder = ' . "'" . $folder->getUuid() . "'";
         }
     } else {
         $party = $this->securityContext->getParty();
         $user = $this->persistenceManager->getIdentifierByObject($party);
         $constraints[] = 'n.createdBy = ' . "'" . $user . "'";
     }
     if (!empty($category)) {
         $constraints[] = 'c.Persistence_Object_Identifier IN (' . "'" . $category->getUuid() . "'" . ')';
     }
     $newsConstraints = '';
     $count = count($constraints);
     $newCount = 1;
     foreach ($constraints as $contraint) {
         if ($count > $newCount) {
             $newsConstraints .= $contraint . ' AND ';
         } else {
             $newsConstraints .= $contraint;
         }
         $newCount++;
     }
     $queryBuilder->resetDQLParts()->select('n')->from('Lelesys\\Plugin\\News\\Domain\\Model\\News', 'n');
     if (!empty($category)) {
         $queryBuilder->leftjoin('n.categories', 'c');
     }
     if (!empty($category) || !empty($folder) || $user !== '') {
         $queryBuilder->where($newsConstraints);
     }
     $queryBuilder->orderBy('n.dateTime', 'DESC');
     return $query->execute();
 }