/**
* A private method that can be inherited and used by children classes
* to check if the user has the required access level to view the
* statistics page. If not, the method will display the error message
* to the user, and terminate execution of the program.
*
* @access private
* @param array $aParams An array, indexed by types, of the entity IDs
* the statistics page is using, that the user
* must have access to. For example:
* array(
* 'advertiser' => 5,
* 'placement' => 12
* )
*/
function _checkAccess($aParams)
{
$access = false;
if (count($aParams) == 1) {
if (array_key_exists('advertiser', $aParams)) {
$access = MAX_checkAdvertiser($aParams['advertiser'], $aParams + $this->coreParams);
} else {
if (array_key_exists('publisher', $aParams)) {
$access = MAX_checkPublisher($aParams['publisher']);
}
}
} else {
if (count($aParams) == 2) {
if (array_key_exists('advertiser', $aParams) && array_key_exists('placement', $aParams)) {
$access = MAX_checkPlacement($aParams['advertiser'], $aParams['placement'], $aParams + $this->coreParams);
} else {
if (array_key_exists('publisher', $aParams) && array_key_exists('zone', $aParams)) {
$access = MAX_checkZone($aParams['publisher'], $aParams['zone']);
}
}
} else {
if (count($aParams) == 3) {
if (array_key_exists('advertiser', $aParams) && array_key_exists('placement', $aParams) && array_key_exists('ad', $aParams)) {
$access = MAX_checkAd($aParams['advertiser'], $aParams['placement'], $aParams['ad']);
}
}
}
}
if (!$access) {
// Before blatting out an error, has the access failure come about from
// a manually generated account switch process?
if (OA_Permission::isManualAccountSwitch()) {
// Yup! Re-direct to the main stats page
OX_Admin_Redirect::redirect('stats.php', true);
}
// Not a manual account switch, just deny access for now...
if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
phpAds_PageHeader('2');
}
if (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER) || OA_Permission::isAccount(OA_ACCOUNT_TRAFFICKER)) {
phpAds_PageHeader('1');
}
phpAds_Die($GLOBALS['strAccessDenied'], $GLOBALS['strNotAdmin']);
}
}
/**
* A method to show an error if the current user/account doesn't have access
* to the specified DB_DataObject (defined by table name and entity ID).
*
* @static
* @param string $entityTable The name of the table.
* @param integer $entityId Optional entity ID -- when set, tests if the current
* account has access to the enity, when not set, tests
* if the current account can create a new entity in the
* table.
* @param boolean $allowNewEntity Allow creation of a new entity, defaults to false.
*/
function enforceAccessToObject($entityTable, $entityId = null, $allowNewEntity = false)
{
if (!$allowNewEntity) {
OA_Permission::enforceTrue(!empty($entityId));
}
// Verify that the ID is numeric
OA_Permission::enforceTrue(preg_match('/^\\d*$/D', $entityId));
$entityId = (int) $entityId;
$hasAccess = OA_Permission::hasAccessToObject($entityTable, $entityId);
if (!$hasAccess) {
if (!OA_Permission::isManualAccountSwitch()) {
if (OA_Permission::isUserLinkedToAdmin()) {
// Check object existence
OA_Permission::enforceTrue(OA_Permission::getAccountIdForEntity($entityTable, $entityId));
}
// if has access switch to the manager account that owns this object
if ($hasAccess) {
if (OA_Permission::switchToManagerAccount($entityTable, $entityId)) {
// Now that the admin user is working with the manager
// account that owns the object, show to him the page.
$url = $_SERVER['REQUEST_URI'];
header("Location: {$url}");
exit;
} else {
// If is not possible to switch redirect the admin to his home page
OX_Admin_Redirect::redirect();
}
}
}
}
if (!$hasAccess) {
OA_Permission::redirectIfManualAccountSwitch();
$hasAccess = OA_Permission::attemptToSwitchForAccess($entityTable, $entityId);
}
OA_Permission::enforceTrue($hasAccess);
}
