/** * @copydoc GridDataProvider::getAuthorizationPolicy() */ function getAuthorizationPolicy($request, $args, $roleAssignments) { // Get the parent authorization policy. $policy = parent::getAuthorizationPolicy($request, $args, $roleAssignments); // Add policy to ensure there is a review round id. import('lib.pkp.classes.security.authorization.internal.ReviewRoundRequiredPolicy'); $policy->addPolicy(new ReviewRoundRequiredPolicy($request, $args)); return $policy; }
/** * @see GridDataProvider::getAuthorizationPolicy() */ function getAuthorizationPolicy($request, $args, $roleAssignments) { // Retrieve the current policy. $authorizationPolicy = parent::getAuthorizationPolicy($request, $args, $roleAssignments); // Append the representation policy. import('lib.pkp.classes.security.authorization.internal.RepresentationRequiredPolicy'); $authorizationPolicy->addPolicy(new RepresentationRequiredPolicy($request, $args)); return $authorizationPolicy; }
/** * @copydoc GridDataProvider::getAuthorizationPolicy() */ function getAuthorizationPolicy($request, $args, $roleAssignments) { import('lib.pkp.classes.security.authorization.internal.ReviewAssignmentRequiredPolicy'); // Need to use the reviewId because this grid can either be // viewed by the reviewer (in which case, we could do a // $request->getUser()->getId() or by the editor when reading // the review. The following covers both cases... $assocType = (int) $request->getUserVar('assocType'); $assocId = (int) $request->getUserVar('assocId'); if ($assocType && $assocId) { // Viewing from a Reviewer perspective. assert($assocType == ASSOC_TYPE_REVIEW_ASSIGNMENT); $this->setUploaderRoles($roleAssignments); import('classes.security.authorization.ReviewStageAccessPolicy'); $authorizationPolicy = new ReviewStageAccessPolicy($request, $args, $roleAssignments, 'submissionId', $request->getUserVar('stageId')); $paramName = 'assocId'; } else { // Viewing from a context role perspective. $authorizationPolicy = parent::getAuthorizationPolicy($request, $args, $roleAssignments); $paramName = 'reviewId'; } $authorizationPolicy->addPolicy(new ReviewAssignmentRequiredPolicy($request, $args, $paramName)); return $authorizationPolicy; }