/** * Checks that the user has permission for modifying the item, in this case for uploading or deleting files. * If not, prints an error, terminating script execution. * * @param Phprojekt_Model_Interface $model Current module. * @param integer $itemId Current item id. * * @return void */ private function _fileCheckWritePermission($model, $itemId) { $model->find($itemId); $rights = $model->getRights(); if (!$rights['currentUser']['write']) { $error = Phprojekt::getInstance()->translate('You don\'t have permission for modifying this item.'); // Log error Phprojekt::getInstance()->getLog()->err("Error: trying to Delete or Upload a file without write access. " . "User Id: " . Phprojekt_Auth::getUserId() . " - Module: " . $this->getRequest()->getModuleName()); // Show error to user and stop script execution die($error); } }
/** * Check if the user has write access to the item if is not a global module. * * @param Phprojekt_Model_Interface $model The model to save. * @param string $moduleName The current module. * * @return boolean False if not. */ private static function _checkItemRights($model, $moduleName) { $canWrite = false; if ($moduleName == 'Core') { return Phprojekt_Auth::isAdminUser(); } else { if (Phprojekt_Module::saveTypeIsNormal(Phprojekt_Module::getId($moduleName))) { $itemRights = $model->getRights(); if (isset($itemRights['currentUser'])) { if (!$itemRights['currentUser']['write'] && !$itemRights['currentUser']['create'] && !$itemRights['currentUser']['copy'] && !$itemRights['currentUser']['admin']) { $canWrite = false; } else { $canWrite = true; } } } else { $canWrite = true; } } return $canWrite; }