/** * @see AuthorizationPolicy::effect() */ function effect() { // Get the user $user = $this->_request->getUser(); if (!is_a($user, 'PKPUser')) { return AUTHORIZATION_DENY; } // Get the press $router = $this->_request->getRouter(); $press = $router->getContext($this->_request); if (!is_a($press, 'Press')) { return AUTHORIZATION_DENY; } // Get the monograph $monograph = $this->getAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH); if (!is_a($monograph, 'Monograph')) { return AUTHORIZATION_DENY; } import('classes.security.authorization.internal.SeriesAssignmentRule'); if (SeriesAssignmentRule::effect($press->getId(), $monograph->getSeriesId(), $user->getId())) { return AUTHORIZATION_PERMIT; } else { return AUTHORIZATION_DENY; } }
/** * Check for roles that give access to the passed workflow stage. * @param int $userId * @param int $contextId * @param Submission $submission * @param int $stageId * @return array */ function _getAccessibleStageRoles($userId, $contextId, &$submission, $stageId) { $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); $userRoles = $this->getAuthorizedContextObject(ASSOC_TYPE_USER_ROLES); $accessibleStageRoles = parent::_getAccessibleStageRoles($userId, $contextId, $submission, $stageId); foreach ($userRoles as $roleId) { switch ($roleId) { case ROLE_ID_SUB_EDITOR: // The requested submission must be part of their series... // and the requested workflow stage must be assigned to // them in the press settings. import('classes.security.authorization.internal.SeriesAssignmentRule'); if (SeriesAssignmentRule::effect($contextId, $submission->getSeriesId(), $userId) && $userGroupDao->userAssignmentExists($contextId, $userId, $stageId)) { $accessibleStageRoles[] = $roleId; } break; default: break; } } return $accessibleStageRoles; }