/**
* Still playing around with how I want to handle permissions.
* This is a method that can be called before each action to
* see if the user can do what they are asking to.
*
* @access public
* @return void
*/
protected function userCan()
{
// User can edit themselves
if ($this->id == $this->user->getId()) {
return true;
}
// TODO: Need to expand upon this? Probably...
// we can add in what the user is trying to do, and check perms
// on top of just ownership. This will do for now.
if ($this->id) {
if ($this->user->isParentOf($this->id) || $this->user->isSuperAdmin()) {
return true;
}
} else {
// If there was no id already set, we are probably adding a folder.
// TODO: Need to handle perms somehow here.
return true;
}
// Set this entity to not valid so we do not give anything away
// TODO: Maybe make a default() method that we can reset a built entity to it's defaults.
// defaults could be set from the entity profile.
$this->valid = false;
$this->error = 'User does not have permission to execute the request.';
//$this->error = 'ID does not exist for this user.';
return false;
}
/**
* Checks whether this keyword is a valid keyword or not... useful for
* saving edits
*
* REQUIRED ELEMENTS:
* - Keyword
* - Folder id that user is parent of
* - Reply body
*
* @access protected
* @return boolean
*/
protected function _isValid()
{
if ($this->folderid) {
if ($this->_user instanceof Application_Model_User && $this->_user->getId() && $this->_user->isParentOf($this->folderid)) {
if ($this->replybody) {
return true;
} else {
$this->setError('A keyword requires a auto response message');
}
} else {
$this->setError('Permission denied');
}
} else {
$this->setError('A keyword must be added to a folder');
}
return false;
}
