/** * @see AuthorizationPolicy::effect() */ function effect() { $request = $this->_request; $context = $request->getContext(); $contextId = $context->getId(); $user = $request->getUser(); if (!is_a($user, 'User')) { return AUTHORIZATION_DENY; } $userId = $user->getId(); $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION); $workflowStages = WorkflowStageDAO::getWorkflowStageTranslationKeys(); $accessibleWorkflowStages = array(); foreach ($workflowStages as $stageId => $translationKey) { $accessibleStageRoles = $this->_getAccessibleStageRoles($userId, $contextId, $submission, $stageId); if (!empty($accessibleStageRoles)) { $accessibleWorkflowStages[$stageId] = $accessibleStageRoles; } } if (empty($accessibleWorkflowStages)) { return AUTHORIZATION_DENY; } else { $this->addAuthorizedContextObject(ASSOC_TYPE_ACCESSIBLE_WORKFLOW_STAGES, $accessibleWorkflowStages); return AUTHORIZATION_PERMIT; } }
/** * @copyDoc GridHandler::renderFilter() */ function renderFilter($request, $filterData = array()) { $workflowStages = WorkflowStageDAO::getWorkflowStageTranslationKeys(); $workflowStages[0] = 'workflow.stage.any'; ksort($workflowStages); $filterColumns = $this->getFilterColumns(); $filterData = array('columns' => $filterColumns, 'workflowStages' => $workflowStages, 'gridId' => $this->getId()); return parent::renderFilter($request, $filterData); }
/** * Toggle user group stage assignment. * @param $args array * @param $request PKPRequest * @return JSONMessage JSON object */ private function _toggleAssignment($args, $request) { $userGroup = $this->_userGroup; $stageId = $this->getAuthorizedContextObject(ASSOC_TYPE_WORKFLOW_STAGE); $contextId = $this->_getContextId(); $operation = $request->getRequestedOp(); $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */ switch ($operation) { case 'assignStage': $userGroupDao->assignGroupToStage($contextId, $userGroup->getId(), $stageId); $messageKey = 'grid.userGroup.assignedStage'; break; case 'unassignStage': $userGroupDao->removeGroupFromStage($contextId, $userGroup->getId(), $stageId); $messageKey = 'grid.userGroup.unassignedStage'; break; } $notificationMgr = new NotificationManager(); $user = $request->getUser(); $stageLocaleKeys = WorkflowStageDAO::getWorkflowStageTranslationKeys(); $notificationMgr->createTrivialNotification($user->getId(), NOTIFICATION_TYPE_SUCCESS, array('contents' => __($messageKey, array('userGroupName' => $userGroup->getLocalizedName(), 'stageName' => __($stageLocaleKeys[$stageId]))))); return DAO::getDataChangedEvent($userGroup->getId()); }
/** * Setup the stages assignments to a user group in database. * @param $userGroupId int User group id that will receive the stages. * @param $userAssignedStages array of stages currently assigned to a user. */ function _assignStagesToUserGroup($userGroupId, $userAssignedStages) { $contextId = $this->getContextId(); $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); // Current existing workflow stages. $stages = WorkflowStageDAO::getWorkflowStageTranslationKeys(); foreach (array_keys($stages) as $stageId) { $userGroupDao->removeGroupFromStage($contextId, $userGroupId, $stageId); } foreach ($userAssignedStages as $stageId) { // Make sure we don't assign forbidden stages based on // user groups role id. $roleId = $this->getData('roleId'); $roleDao = DAORegistry::getDAO('RoleDAO'); /* @var $roleDao RoleDAO */ $forbiddenStages = $roleDao->getForbiddenStages($roleId); if (in_array($stageId, $forbiddenStages)) { continue; } // Check if is a valid stage. if (in_array($stageId, array_keys($stages))) { $userGroupDao->assignGroupToStage($contextId, $userGroupId, $stageId); } else { fatalError('Invalid stage id'); } } }