public static function checkCommentPermission($contentObject, $languageCode, $foundCommentAttribute)
{
//check permission
$canAddComment = ezcomPermission::hasAccessToFunction('add', $contentObject, $languageCode, null, null, $contentObject->mainNode());
if (!$canAddComment['result']) {
eZDebug::writeWarning('No access to adding comments.', 'ezcomments');
return $module->handleError(eZError::KERNEL_ACCESS_DENIED, 'kernel');
}
// Check to see if commenting is turned on, on the object level
$commentContent = $foundCommentAttribute->content();
return $commentContent;
}
/**
* isVariableRequire in adding comment.
* When adding comment, for logined user the email is not required
* @see extension/ezcomments/classes/ezcomFormTool#isVariableRequired($field)
*/
public function isVariableRequired($field)
{
switch ($field) {
case 'email':
$user = eZUser::currentUser();
if (!$user->isAnonymous()) {
return false;
}
return true;
case 'recaptcha':
// if the user bypasses captcha, don't validate field
$bypassCaptcha = ezcomPermission::hasAccessToSecurity('AntiSpam', 'bypass_captcha');
if ($bypassCaptcha['result']) {
return false;
}
return true;
default:
return parent::isVariableRequired($field);
}
}
function checkPermission($comment)
{
// check permission
$contentObject = $comment->contentObject();
$contentNode = $contentObject->mainNode();
$languageID = $comment->attribute('language_id');
$languageCode = eZContentLanguage::fetch($languageID)->attribute('locale');
$canDeleteResult = ezcomPermission::hasAccessToFunction('delete', $contentObject, $languageCode, $comment, null, $contentNode);
$objectAttributes = $contentObject->fetchDataMap(false, $languageCode);
$objectAttribute = null;
foreach ($objectAttributes as $attribute) {
if ($attribute->attribute('data_type_string') === 'ezcomcomments') {
$objectAttribute = $attribute;
break;
}
}
$commentContent = $objectAttribute->content();
if (!$canDeleteResult['result'] || !$commentContent['show_comments']) {
return ezpI18n::tr('ezcomments/comment/delete', 'You don\'t have' . ' access to delete comment' . ' or the comment is hidden!');
} else {
return true;
}
}
}
if (is_null($objectAttribute)) {
eZDebug::writeError('The object doesn\'t have a ezcomcomments attribute!', 'ezcomments');
return;
}
$tpl = eZTemplate::factory();
$tpl->setVariable('contentobject', $contentObject);
$tpl->setVariable('node', $contentObject->mainNode());
$tpl->setVariable('objectattribute', $objectAttribute);
$tpl->setVariable('language_id', $languageID);
$tpl->setVariable('language_code', $languageCode);
$canAdd = false;
$canAddResult = ezcomPermission::hasAccessToFunction('add', $contentObject, $languageCode);
$canAdd = $canAddResult['result'];
$canRead = false;
$canReadResult = ezcomPermission::hasAccessToFunction('read', $contentObject, $languageCode);
$canRead = $canReadResult['result'];
$user = eZUser::currentUser();
$userID = $user->attribute('contentobject_id');
$Module = $Params['Module'];
$Page = null;
if (!is_null($Params['Page'])) {
if (!is_numeric($Params['Page'])) {
eZDebug::writeError('The page parameter is not a number.', 'ezcomments');
$tpl->setVariable('error_message', ezpI18n::tr('ezcomments/comment/view', 'The page parameter is not a number.'));
return showView($tpl);
} else {
$Page = $Params['Page'];
}
} else {
$Page = 1;
public static function instance()
{
if (is_null(self::$instance)) {
$ini = eZINI::instance('ezcomments.ini');
$className = $ini->variable('ManagerClasses', 'PermissionClass');
self::$instance = new $className();
}
return self::$instance;
}
if (!is_numeric($commentID)) {
eZDebug::writeError('The parameter comment id is not a number.', 'ezcomments');
return;
}
$comment = ezcomComment::fetch($commentID);
if (is_null($comment)) {
eZDebug::writeError('The comment doesn\'t exist.', 'ezcomments');
return;
}
//check the permission
$contentObject = $comment->contentObject();
$contentNode = $contentObject->mainNode();
$languageID = $comment->attribute('language_id');
$languageCode = eZContentLanguage::fetch($languageID)->attribute('locale');
$canEdit = false;
$canEditResult = ezcomPermission::hasAccessToFunction('edit', $contentObject, $languageCode, $comment, null, $contentNode);
$canEdit = $canEditResult['result'];
$tpl->setVariable('can_edit', $canEdit);
if (!$canEdit) {
$Result['path'] = array(array('url' => false, 'text' => ezpI18n::tr('ezcomments/comment/edit', 'Edit comment')));
$Result['content'] = $tpl->fetch('design:comment/edit.tpl');
return $Result;
}
$contentID = $comment->attribute('contentobject_id');
// get if notification is enabled and notification value
$ini = eZINI::instance('ezcomments.ini');
$formSettings = $ini->variable('FormSettings', 'AvailableFields');
$notificationEnabled = in_array('notificationField', $formSettings);
$emailEnabled = in_array('email', $formSettings);
$notified = null;
if ($notificationEnabled) {
