/** * Checks if the recruiters owns $jobId, and if not, error. */ private static function ownsJob(MongoId $jobId) { $recruiterId = $_SESSION['_id']; if (!JobModel::matchJobRecruiter($jobId, $recruiterId)) { self::error("permission denied"); self::render('notice'); return false; } return true; }
public static function isOwned(MongoId $recruiterId, MongoId $applicationId) { $jobId = self::getJob($applicationId); return JobModel::matchJobRecruiter($jobId, $recruiterId); }