/** This gets a little tricky... */
public static function getPolicyFromRequest($strName, $objUser)
{
/* Create the object that'll be able to read the request. */
$objPolicy = new clsDB($strName);
/* Load the fields from the request. */
$objPolicy->getFromRequest(array('id', 'allow_post_picture', 'allow_post_comment', 'allow_rate', 'allow_view', 'allow_delete_picture', 'allow_create_subalbum'));
/* Set the name so we can access the database. */
$objPolicy->setName('albumpolicy');
/* Load it (to get the user_id). */
$objPolicy->load();
/* Check the user_id to see if we have any issues. */
if (!$objUser->get('is_admin') && $objPolicy->get('user_id') != $objUser->get('id')) {
throw new Exception('exception_accessdenied');
}
/* Set the name back so we can read the request again. */
$objPolicy->setName($strName);
/* Read the user's input from the request. */
$objPolicy->getFromRequest(array('id', 'allow_post_picture', 'allow_post_comment', 'allow_rate', 'allow_view', 'allow_delete_picture', 'allow_create_subalbum'));
/* Set the name back to what it ought to be (so we can save it). */
$objPolicy->setName('albumpolicy');
/* And that it! */
return $objPolicy;
}
