/**
* Constructor
* @param $request PKPRequest
* @param $args array request arguments
* @param $roleAssignments array
* @param $submissionParameterName string
* @param $stageId integer One of the WORKFLOW_STAGE_ID_* constants.
*/
function WorkflowStageAccessPolicy($request, &$args, $roleAssignments, $submissionParameterName = 'submissionId', $stageId)
{
parent::PKPWorkflowStageAccessPolicy($request, $args, $roleAssignments, $submissionParameterName, $stageId);
// A workflow stage component can only be called if there's a
// valid section editor submission in the request.
import('classes.security.authorization.internal.SectionEditorSubmissionRequiredPolicy');
$this->addPolicy(new SectionEditorSubmissionRequiredPolicy($request, $args, $submissionParameterName));
// Add the user accessible workflow stages object to the authorized context.
import('classes.security.authorization.internal.UserAccessibleWorkflowStageRequiredPolicy');
$this->addPolicy(new UserAccessibleWorkflowStageRequiredPolicy($request));
// Users can access all whitelisted operations for submissions and workflow stages...
$roleBasedPolicy = new PolicySet(COMBINING_PERMIT_OVERRIDES);
foreach ($roleAssignments as $roleId => $operations) {
$roleBasedPolicy->addPolicy(new RoleBasedHandlerOperationPolicy($request, $roleId, $operations));
}
$this->addPolicy($roleBasedPolicy);
// ... if they can access the requested workflow stage.
import('lib.pkp.classes.security.authorization.internal.UserAccessibleWorkflowStagePolicy');
$this->addPolicy(new UserAccessibleWorkflowStagePolicy($stageId));
}
/**
* Constructor
* @param $request PKPRequest
* @param $args array request arguments
* @param $roleAssignments array
* @param $submissionParameterName string
* @param $stageId integer One of the WORKFLOW_STAGE_ID_* constants.
*/
function WorkflowStageAccessPolicy($request, &$args, $roleAssignments, $submissionParameterName = 'submissionId', $stageId)
{
parent::PKPWorkflowStageAccessPolicy($request, $args, $roleAssignments, $submissionParameterName, $stageId);
}
