/** * Show a special error for AUTHZ * * @param int $code * @param string $msg * @param array $rs */ protected function show_html_error($code, $msg, $rs) { if ($code == AIRAPI::BAD_AUTHZ) { $heading = "403 Not Authorized to View Source"; $message = "This source has not opted in to your newsroom."; $this->airoutput->write_error(403, $heading, $message); } else { return parent::show_html_error($code, $msg, $rs); } }
/** * Show a special error for AUTHZ, explaining which users may be contacted * to gain access to a submission. * * @param int $code * @param string $msg * @param array $rs */ protected function show_html_error($code, $msg, $rs) { if ($code == AIRAPI::BAD_AUTHZ) { $srs = AIR2_Record::find('SrcResponseSet', $rs['uuid']); if (!$srs) { show_error('Unable to find SrcResponseSet!!!', 500); } // find inq-org assignments $srs_org_ids = array(); foreach ($srs->Inquiry->InqOrg as $inqorg) { $srs_org_ids[$inqorg->iorg_org_id] = true; } // find all possible contact-users $q = Doctrine_Query::create()->from('ProjectOrg po'); $q->leftJoin('po.ContactUser cu'); $q->leftJoin('cu.UserEmailAddress e with e.uem_primary_flag = true'); $q->leftJoin('po.Project p'); $q->leftJoin('p.ProjectInquiry pi'); $q->leftJoin('pi.Inquiry i'); $q->addWhere("i.inq_id = ?", $srs->srs_inq_id); $porgs = $q->fetchArray(); // determine the contact (no system users) $contacts = array(); foreach ($porgs as $porg) { if (isset($srs_org_ids[$porg['porg_org_id']])) { if ($porg['ContactUser']['user_type'] == User::$TYPE_AIR_USER) { $contacts[] = $porg['ContactUser']; } } } if (!count($contacts) && count($porgs)) { foreach ($porgs as $porg) { if ($porg['ContactUser']['user_type'] == User::$TYPE_AIR_USER) { $contacts[] = $porg['ContactUser']; //not found - add 1st } } } // translate to markup foreach ($contacts as $idx => $user) { $f = $user['user_first_name']; $l = $user['user_last_name']; $u = $user['user_username']; $s = '<a href="' . air2_uri_for('/user/' . $user['user_uuid']) . '">'; $s .= $f && $l ? "{$f} {$l}" : "{$u}"; $s .= '</a>'; // optional mailto if (isset($user['UserEmailAddress'][0]['uem_address'])) { $uem = $user['UserEmailAddress'][0]['uem_address']; $s .= ' at ' . $this->_mailto_markup($uem, $rs['uuid']); } $contacts[$idx] = $s; } if (!count($contacts)) { $default = AIR2_SUPPORT_EMAIL; $contacts[0] = $this->_mailto_markup($default, $rs['uuid']); } // text $contacts = implode(' or ', $contacts); $title = "You do not have access to this response"; $msg = "You're seeing this message because this source shared this " . "particular response with a PIN newsroom that isn't your newsroom. " . "If you want access to this response, feel free to contact " . "{$contacts} and ask to have it emailed to you."; $msg .= "<br/><br/>"; $msg .= "Remember: This is a shared network of sources, but responses " . "to queries are considered the work product of the newsroom(s) that " . "asked the questions. If you do request access to the submission, be " . "aware of that. And if you do get access and choose to contact the source " . "who responded, be clear about how you learned about their response."; $this->airoutput->write_error(403, $title, $msg); } else { return parent::show_html_error($code, $msg, $rs); } }