public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
{
global $db;
//If asserting is off then return true right away
if (isset($resource->assert) && $resource->assert == false || isset($acl->_entrada_last_query) && isset($acl->_entrada_last_query->assert) && $acl->_entrada_last_query->assert == false) {
return true;
}
if (isset($resource->eform_id)) {
$eform_id = $resource->eform_id;
} else {
if (isset($acl->_entrada_last_query->eform_id)) {
$eform_id = $acl->_entrada_last_query->eform_id;
} else {
//Parse out the user ID and course ID
$resource_id = $resource->getResourceId();
$resource_type = preg_replace('/[0-9]+/', "", $resource_id);
if ($resource_type !== "evaluationform") {
//This only asserts for users authoring evaluation forms.
return false;
}
$eform_id = preg_replace('/[^0-9]+/', "", $resource_id);
}
}
$role_id = $role->getRoleId();
$access_id = preg_replace('/[^0-9]+/', "", $role_id);
$query = "SELECT `user_id` FROM `" . AUTH_DATABASE . "`.`user_access`\n\t\t\t\t\tWHERE `id` = " . $db->qstr($access_id);
$user_id = $db->GetOne($query);
if (!isset($user_id) || !$user_id) {
$role_id = $acl->_entrada_last_query_role->getRoleId();
$access_id = preg_replace('/[^0-9]+/', "", $role_id);
$query = "SELECT `user_id` FROM `" . AUTH_DATABASE . "`.`user_access`\n\t\t\t\t\t\tWHERE `id` = " . $db->qstr($access_id);
$user_id = $db->GetOne($query);
}
$permissions = Models_Evaluation::getFormAuthorPermissions($eform_id);
if ($permissions) {
return true;
} else {
return false;
}
}
