function validate()
{
$section_id = isset($_REQUEST['type']) && $_REQUEST['type'] ? $_REQUEST['type'] : false;
if ($section_id && !AMP_allow('access', 'section', $section_id)) {
$flash = AMP_System_Flash::instance();
$flash->add_error(sprintf(AMP_TEXT_ERROR_ACTION_NOT_ALLOWED, AMP_TEXT_SAVE));
return false;
}
return parent::validate();
}
function allowed($section_id)
{
if ($this->_permission_level == 'none') {
return true;
}
if ($this->readAncestors($section_id, 'secure') && !(AMP_Authenticate('admin') || AMP_Authenticate('content'))) {
return false;
}
if ($this->_permission_level == 'default') {
return true;
}
return AMP_allow('access', 'section', $section_id);
}
function isAllowed($action, $id = false)
{
if ($this->_gacl_obj && $id) {
if (!AMP_allow($action, $this->_gacl_obj, $id)) {
return false;
}
}
$allow_var = '_allow_' . $action;
if (!isset($this->{$allow_var})) {
//if edit is not allowed -- allow nothing
$allow_any_action = 'edit';
if ($action != $allow_any_action && $action != 'search') {
if (!$this->isAllowed($allow_any_action)) {
return false;
}
}
return true;
}
if (!$this->{$allow_var}) {
return false;
}
if ($this->{$allow_var} === true) {
return true;
}
return AMP_Authorized($this->{$allow_var});
}
