/** * Fetch information for the author on the specified review round * @param $args array * @param $request Request * @return JSONMessage JSON object */ function fetchReviewRoundInfo($args, $request) { $this->setupTemplate($request); $templateMgr = TemplateManager::getManager($request); $stageId = $this->getAuthorizedContextObject(ASSOC_TYPE_WORKFLOW_STAGE); if ($stageId !== WORKFLOW_STAGE_ID_INTERNAL_REVIEW && $stageId !== WORKFLOW_STAGE_ID_EXTERNAL_REVIEW) { fatalError('Invalid Stage Id'); } $templateMgr->assign('stageId', $stageId); $reviewRound = $this->getAuthorizedContextObject(ASSOC_TYPE_REVIEW_ROUND); $templateMgr->assign('reviewRoundId', $reviewRound->getId()); $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION); $templateMgr->assign('submission', $submission); // Review round request notification options. $notificationRequestOptions = array(NOTIFICATION_LEVEL_NORMAL => array(NOTIFICATION_TYPE_REVIEW_ROUND_STATUS => array(ASSOC_TYPE_REVIEW_ROUND, $reviewRound->getId())), NOTIFICATION_LEVEL_TRIVIAL => array()); $templateMgr->assign('reviewRoundNotificationRequestOptions', $notificationRequestOptions); // Editor has taken an action and sent an email; Display the email import('classes.workflow.EditorDecisionActionsManager'); if (EditorDecisionActionsManager::getEditorTakenActionInReviewRound($reviewRound)) { $submissionEmailLogDao = DAORegistry::getDAO('SubmissionEmailLogDAO'); $user = $request->getUser(); $submissionEmailFactory = $submissionEmailLogDao->getByEventType($submission->getId(), SUBMISSION_EMAIL_EDITOR_NOTIFY_AUTHOR, $user->getId()); $templateMgr->assign('submissionEmails', $submissionEmailFactory); $templateMgr->assign('showReviewAttachments', true); } return $templateMgr->fetchJson('authorDashboard/reviewRoundInfo.tpl'); }
/** * @see AuthorizationPolicy::effect() */ function effect() { $request = $this->getRequest(); $reviewRoundDao = DAORegistry::getDAO('ReviewRoundDAO'); /* @var $reviewRoundDao ReviewRoundDAO */ // Get the submission file. $submissionFile = $this->getSubmissionFile($request); if (!is_a($submissionFile, 'SubmissionFile')) { return AUTHORIZATION_DENY; } // Make sure the file belongs to the submission in request. $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION); if (!is_a($submission, 'Submission')) { return AUTHORIZATION_DENY; } if ($submission->getId() != $submissionFile->getSubmissionId()) { return AUTHORIZATION_DENY; } // Make sure the file is part of a review round // with a requested revision decision. $reviewRound = $reviewRoundDao->getBySubmissionFileId($submissionFile->getFileId()); if (!is_a($reviewRound, 'ReviewRound')) { return AUTHORIZATION_DENY; } import('classes.workflow.EditorDecisionActionsManager'); if (!EditorDecisionActionsManager::getEditorTakenActionInReviewRound($reviewRound, array(SUBMISSION_EDITOR_DECISION_PENDING_REVISIONS))) { return AUTHORIZATION_DENY; } // Make sure that it's in the review stage. $reviewRound = $reviewRoundDao->getBySubmissionFileId($submissionFile->getFileId()); if (!is_a($reviewRound, 'ReviewRound')) { return AUTHORIZATION_DENY; } // Make sure review round stage is the same of the current stage in request. $stageId = $this->getAuthorizedContextObject(ASSOC_TYPE_WORKFLOW_STAGE); if ($reviewRound->getStageId() != $stageId) { return AUTHORIZATION_DENY; } $reviewRoundDao = DAORegistry::getDAO('ReviewRoundDAO'); /* @var $reviewRoundDao ReviewRoundDAO */ // Make sure that the last review round editor decision is request revisions. $editDecisionDao = DAORegistry::getDAO('EditDecisionDAO'); /* @var $editDecisionDao EditDecisionDAO */ $reviewRoundDecisions = $editDecisionDao->getEditorDecisions($submissionFile->getSubmissionId(), $reviewRound->getStageId(), $reviewRound->getRound()); if (empty($reviewRoundDecisions)) { return AUTHORIZATION_DENY; } $lastEditorDecision = array_pop($reviewRoundDecisions); if ($lastEditorDecision['decision'] != SUBMISSION_EDITOR_DECISION_PENDING_REVISIONS) { return AUTHORIZATION_DENY; } // Made it through -- permit access. return AUTHORIZATION_PERMIT; // Made it through -- permit access. return AUTHORIZATION_PERMIT; }