/** * @see PKPHandler::authorize() * @param $request PKPRequest * @param $args array * @param $roleAssignments array */ function authorize(&$request, $args, $roleAssignments) { $stageId = $request->getUserVar('stageId'); import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, 'monographId', $stageId)); return parent::authorize($request, $args, $roleAssignments); }
/** * @copydoc PKPHandler::authorize() */ function authorize($request, &$args, $roleAssignments) { import('lib.pkp.classes.security.authorization.ContextAccessPolicy'); $this->addPolicy(new ContextAccessPolicy($request, $roleAssignments)); $operation = $request->getRequestedOp(); $workflowStageRequiredOps = array('assignStage', 'unassignStage'); if (in_array($operation, $workflowStageRequiredOps)) { import('lib.pkp.classes.security.authorization.internal.WorkflowStageRequiredPolicy'); $this->addPolicy(new WorkflowStageRequiredPolicy($request->getUserVar('stageId'))); } $userGroupRequiredOps = array_merge($workflowStageRequiredOps, array('editUserGroup', 'updateUserGroup', 'removeUserGroup')); if (in_array($operation, $userGroupRequiredOps)) { // Validate the user group object. $userGroupId = $request->getUserVar('userGroupId'); $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */ $userGroup = $userGroupDao->getById($userGroupId); if (!$userGroup) { fatalError('Invalid user group id!'); } else { $this->_userGroup = $userGroup; } } return parent::authorize($request, $args, $roleAssignments); }
/** * @copydoc PKPHandler::authorize() */ function authorize($request, &$args, $roleAssignments) { $stageId = (int) $request->getUserVar('stageId'); import('lib.pkp.classes.security.authorization.WorkflowStageAccessPolicy'); $this->addPolicy(new WorkflowStageAccessPolicy($request, $args, $roleAssignments, 'submissionId', $stageId)); return parent::authorize($request, $args, $roleAssignments); }
/** * @copydoc PKPHandler::authorize() * @param $contextRequired boolean */ function authorize($request, &$args, $roleAssignments, $contextRequired = true) { if ($contextRequired) { import('lib.pkp.classes.security.authorization.ContextAccessPolicy'); $this->addPolicy(new ContextAccessPolicy($request, $roleAssignments)); } return parent::authorize($request, $args, $roleAssignments); }
/** * @copydoc PKPHandler::authorize() */ function authorize($request, &$args, $roleAssignments) { $stageId = $request->getUserVar('stageId'); // This is being validated in WorkflowStageAccessPolicy // Get the access policy import('lib.pkp.classes.security.authorization.QueryAccessPolicy'); $this->addPolicy(new QueryAccessPolicy($request, $args, $roleAssignments, $stageId)); return parent::authorize($request, $args, $roleAssignments); }
/** * @copydoc PKPHandler::authorize() */ function authorize($request, &$args, $roleAssignments) { $this->_request = $request; import('lib.pkp.classes.security.authorization.WorkflowStageAccessPolicy'); $this->addPolicy(new WorkflowStageAccessPolicy($request, $args, $roleAssignments, 'submissionId', WORKFLOW_STAGE_ID_PRODUCTION)); if ($request->getUserVar('representationId')) { import('lib.pkp.classes.security.authorization.internal.RepresentationRequiredPolicy'); $this->addPolicy(new RepresentationRequiredPolicy($request, $args)); } return parent::authorize($request, $args, $roleAssignments); }
/** * @see PKPHandler::authorize() * @param $request PKPRequest * @param $args array * @param $roleAssignments array */ function authorize($request, &$args, $roleAssignments) { import('lib.pkp.classes.security.authorization.PkpContextAccessPolicy'); $this->addPolicy(new PkpContextAccessPolicy($request, $roleAssignments)); // If a signoff ID was specified, authorize it. if ($request->getUserVar('issueId')) { import('classes.security.authorization.OjsIssueRequiredPolicy'); $this->addPolicy(new OjsIssueRequiredPolicy($request, $args)); } return parent::authorize($request, $args, $roleAssignments); }
/** * @copydoc PKPHandler::authorize() */ function authorize($request, &$args, $roleAssignments) { import('lib.pkp.classes.security.authorization.PolicySet'); $rolePolicy = new PolicySet(COMBINING_PERMIT_OVERRIDES); import('lib.pkp.classes.security.authorization.RoleBasedHandlerOperationPolicy'); foreach ($roleAssignments as $role => $operations) { $rolePolicy->addPolicy(new RoleBasedHandlerOperationPolicy($request, $role, $operations)); } $this->addPolicy($rolePolicy); return parent::authorize($request, $args, $roleAssignments); }
/** * @copydoc PKPHandler::authorize() */ function authorize($request, &$args, $roleAssignments) { import('lib.pkp.classes.security.authorization.PkpContextAccessPolicy'); $this->addPolicy(new PkpContextAccessPolicy($request, $roleAssignments)); import('lib.pkp.classes.security.authorization.SubmissionAccessPolicy'); $this->addPolicy(new SubmissionAccessPolicy($request, $args, $roleAssignments)); // If a representation was specified, authorize it. if ($request->getUserVar('representationId')) { import('lib.pkp.classes.security.authorization.internal.RepresentationRequiredPolicy'); $this->addPolicy(new RepresentationRequiredPolicy($request, $args)); } return parent::authorize($request, $args, $roleAssignments); }
/** * @copydoc PKPHandler::authorize() */ function authorize($request, &$args, $roleAssignments) { $operation = $request->getRouter()->getRequestedOp($request); $siteAccessOps = array('fetchGrid', 'fetchRows', 'saveSequence'); if (in_array($operation, $siteAccessOps)) { import('lib.pkp.classes.security.authorization.PKPSiteAccessPolicy'); $this->addPolicy(new PKPSiteAccessPolicy($request, null, $roleAssignments)); } else { import('classes.security.authorization.OmpPublishedMonographAccessPolicy'); $this->addPolicy(new OmpPublishedMonographAccessPolicy($request, $args, $roleAssignments, 'rowId')); } return parent::authorize($request, $args, $roleAssignments); }
/** * @see PKPHandler::authorize() */ function authorize($request, &$args, $roleAssignments) { import('lib.pkp.classes.security.authorization.WorkflowStageAccessPolicy'); $this->addPolicy(new WorkflowStageAccessPolicy($request, $args, $roleAssignments, 'submissionId', WORKFLOW_STAGE_ID_PRODUCTION)); if (parent::authorize($request, $args, $roleAssignments)) { $representationId = (int) $request->getUserVar('representationId'); $publicationFormatDao = DAORegistry::getDAO('PublicationFormatDAO'); $this->monograph = $this->getAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH); $this->publicationFormat = $publicationFormatDao->getById($representationId, $this->monograph->getId()); return true; } return false; }
/** * @see PKPHandler::authorize() */ function authorize($request, &$args, $roleAssignments) { import('lib.pkp.classes.security.authorization.PolicySet'); $rolePolicy = new PolicySet(COMBINING_PERMIT_OVERRIDES); import('lib.pkp.classes.security.authorization.RoleBasedHandlerOperationPolicy'); foreach ($roleAssignments as $role => $operations) { $rolePolicy->addPolicy(new RoleBasedHandlerOperationPolicy($request, $role, $operations)); } $this->addPolicy($rolePolicy); $this->reviewFormId = (int) $request->getUserVar('reviewFormId'); $reviewFormDao = DAORegistry::getDAO('ReviewFormDAO'); if (!$reviewFormDao->reviewFormExists($this->reviewFormId, Application::getContextAssocType(), $request->getContext()->getId())) { return false; } return parent::authorize($request, $args, $roleAssignments); }
/** * @see PKPHandler::authorize() * @param $request PKPRequest * @param $args array * @param $roleAssignments array */ function authorize($request, &$args, $roleAssignments) { import('lib.pkp.classes.security.authorization.ContextAccessPolicy'); $this->addPolicy(new ContextAccessPolicy($request, $roleAssignments)); $returner = parent::authorize($request, $args, $roleAssignments); $spotlightId = $request->getUserVar('spotlightId'); if ($spotlightId) { $press = $request->getPress(); $spotlightDao = DAORegistry::getDAO('SpotlightDAO'); $spotlight = $spotlightDao->getById($spotlightId); if ($spotlight == null || $spotlight->getPressId() != $press->getId()) { return false; } } return $returner; }
/** * @copydoc GridHandler::authorize() */ function authorize($request, &$args, $roleAssignments) { import('lib.pkp.classes.security.authorization.ContextAccessPolicy'); $this->addPolicy(new ContextAccessPolicy($request, $roleAssignments)); $context = $request->getContext(); $announcementTypeId = $request->getUserVar('announcementTypeId'); if ($announcementTypeId) { // Ensure announcement type is valid and for this context $announcementTypeDao = DAORegistry::getDAO('AnnouncementTypeDAO'); /* @var $announcementTypeDao AnnouncementTypeDAO */ $announcementType = $announcementTypeDao->getById($announcementTypeId); if (!$announcementType || $announcementType->getAssocType() != $context->getAssocType() || $announcementType->getAssocId() != $context->getId()) { return false; } } return parent::authorize($request, $args, $roleAssignments); }
/** * @copydoc GridHandler::authorize() * @param $requireAnnouncementsEnabled Iff true, allow access only if context settings enable announcements */ function authorize($request, &$args, $roleAssignments, $requireAnnouncementsEnabled = true) { import('lib.pkp.classes.security.authorization.ContextRequiredPolicy'); $this->addPolicy(new ContextRequiredPolicy($request)); $returner = parent::authorize($request, $args, $roleAssignments); // Ensure announcements are enabled. $context = $request->getContext(); if ($requireAnnouncementsEnabled && !$context->getSetting('enableAnnouncements')) { return false; } $announcementId = $request->getUserVar('announcementId'); if ($announcementId) { // Ensure announcement is valid and for this context $announcementDao = DAORegistry::getDAO('AnnouncementDAO'); /* @var $announcementDao AnnouncementDAO */ if ($announcementDao->getAnnouncementAssocType($announcementId) != $context->getAssocType() && $announcementDao->getAnnouncementAssocId($announcementId) != $context->getId()) { return false; } } return $returner; }
/** * @see PKPHandler::authorize() * @param $request PKPRequest * @param $args array * @param $roleAssignments array */ function authorize(&$request, $args, $roleAssignments) { // FIXME: Need to authorize review type/round. This is just a temporary // workaround until we get those variables in the authorized context, see #6200. $reviewType = $request->getUserVar('reviewType'); $round = $request->getUserVar('round'); assert(!empty($reviewType) && !empty($round)); $this->_reviewType = (int) $reviewType; $this->_round = (int) $round; import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, 'monographId', WORKFLOW_STAGE_ID_INTERNAL_REVIEW)); return parent::authorize($request, $args, $roleAssignments); }
/** * @copydoc PKPHandler::authorize() */ function authorize($request, &$args, $roleAssignments) { return parent::authorize($request, $args, $roleAssignments); }
/** * @see PKPHandler::authorize() */ function authorize(&$request, $args, $roleAssignments) { import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, 'monographId', WORKFLOW_STAGE_ID_EDITING)); return parent::authorize($request, $args, $roleAssignments); }
/** * @copydoc PKPHandler::authorize() */ function authorize($request, &$args, $roleAssignments) { import('lib.pkp.classes.security.authorization.PkpContextAccessPolicy'); $this->addPolicy(new PkpContextAccessPolicy($request, $roleAssignments)); return parent::authorize($request, $args, $roleAssignments); }
/** * @copydoc PKPHandler::authorize() */ function authorize($request, &$args, $roleAssignments) { $this->_stageId = (int) $request->getUserVar('stageId'); // This is being validated in WorkflowStageAccessPolicy $this->_request = $request; if ($request->getUserVar('queryId')) { import('lib.pkp.classes.security.authorization.QueryAccessPolicy'); $this->addPolicy(new QueryAccessPolicy($request, $args, $roleAssignments, $this->_stageId)); } else { import('lib.pkp.classes.security.authorization.WorkflowStageAccessPolicy'); $this->addPolicy(new WorkflowStageAccessPolicy($request, $args, $roleAssignments, 'submissionId', $this->_stageId)); } return parent::authorize($request, $args, $roleAssignments); }
/** * @see PKPHandler::authorize() */ function authorize(&$request, $args, $roleAssignments) { import('classes.security.authorization.OmpPressAccessPolicy'); $this->addPolicy(new OmpPressAccessPolicy($request, $roleAssignments)); return parent::authorize($request, $args, $roleAssignments); }
/** * @copydoc PKPHandler::authorize() */ function authorize($request, &$args, $roleAssignments) { // Set the stage id from the request parameter if not set previously. if (!$this->getStageId()) { $stageId = (int) $request->getUserVar('stageId'); // This will be validated with the authorization policy added by // the grid data provider. $this->_stageId = $stageId; } $dataProvider = $this->getDataProvider(); $dataProvider->setStageId($this->getStageId()); return parent::authorize($request, $args, $roleAssignments); }