/** * @see PKPHandler::initialize() */ function initialize(&$request, $args) { parent::initialize($request, $args); // Set the uploader roles (if given). $uploaderRoles = $request->getUserVar('uploaderRoles'); if (!is_null($uploaderRoles)) { $this->_uploaderRoles = array(); $uploaderRoles = explode('-', $uploaderRoles); foreach ($uploaderRoles as $uploaderRole) { if (!is_numeric($uploaderRole)) { fatalError('Invalid uploader role!'); } $this->_uploaderRoles[] = (int) $uploaderRole; } } // Do we allow revisions only? $this->_revisionOnly = (bool) $request->getUserVar('revisionOnly'); $this->_reviewType = $request->getUserVar('reviewType') ? (int) $request->getUserVar('reviewType') : null; $this->_round = $request->getUserVar('round') ? (int) $request->getUserVar('round') : null; // The revised file will be non-null if we revise a single existing file. if ($this->getRevisionOnly() && $request->getUserVar('revisedFileId')) { $this->_revisedFileId = (int) $request->getUserVar('revisedFileId'); } // Load translations. Locale::requireComponents(array(LOCALE_COMPONENT_OMP_SUBMISSION, LOCALE_COMPONENT_PKP_SUBMISSION, LOCALE_COMPONENT_PKP_COMMON, LOCALE_COMPONENT_APPLICATION_COMMON)); }
/** * @see PKPHandler::authorize() */ function authorize($request, &$args, $roleAssignments) { import('lib.pkp.classes.security.authorization.SignoffAccessPolicy'); // Check the operation to define the access mode. $router = $request->getRouter(); $operation = $router->getRequestedOp($request); $mode = SIGNOFF_ACCESS_MODIFY; switch ($operation) { case 'readSignoff': case 'signoffRead': $mode = SIGNOFF_ACCESS_READ; break; default: break; } // If a signoff ID was specified, authorize it. if ($request->getUserVar('signoffId')) { // This will be authorized in WorkflowStageAccessPolicy $stageId = (int) $request->getUserVar('stageId'); $this->addPolicy(new SignoffAccessPolicy($request, $args, $roleAssignments, $mode, $stageId)); } $symbolic = $request->getUserVar('symbolic'); if ($symbolic) { $signoffDao = DAORegistry::getDAO('SignoffDAO'); $symbolics = $signoffDao->getAllSymbolics(); if (!in_array($symbolic, $symbolics)) { return false; } } return parent::authorize($request, $args, $roleAssignments); }
function authorize($request, &$args, $roleAssignments) { return parent::authorize($request, $args, $roleAssignments); }
/** * Constructor. */ function FileApiHandler() { parent::FileManagementHandler(); $this->addRoleAssignment(array(ROLE_ID_PRESS_MANAGER, ROLE_ID_SERIES_EDITOR), array('deleteFile', 'downloadFile', 'viewFile')); }