protected function verifyAuthorization()
{
$user = common_session_SessionManager::getSession()->getUser();
if (!AclProxy::hasAccess($user, $this->getControllerClass(), $this->getAction(), $this->getParameters())) {
$func = new FuncProxy();
$data = new DataAccessControl();
//now go into details to see which kind of permissions are not correct
if ($func->hasAccess($user, $this->getControllerClass(), $this->getAction(), $this->getParameters()) && !$data->hasAccess($user, $this->getControllerClass(), $this->getAction(), $this->getParameters())) {
throw new PermissionException($user->getIdentifier(), $this->getAction(), $this->getControllerClass(), $this->getExtensionId());
}
throw new tao_models_classes_AccessDeniedException($user->getIdentifier(), $this->getAction(), $this->getControllerClass(), $this->getExtensionId());
}
}
/**
* Test whenever the current user has "WRITE" access to the specified id
*
* @param string $resourceId
* @return boolean
*/
protected function hasWriteAccess($resourceId)
{
$user = common_session_SessionManager::getSession()->getUser();
return DataAccessControl::hasPrivileges($user, array($resourceId => 'WRITE'));
}
