/**
* @see AuthorizationPolicy::effect()
*/
function effect()
{
// Get the user
$user = $this->_request->getUser();
if (!is_a($user, 'PKPUser')) {
return AUTHORIZATION_DENY;
}
// Get the press
$router = $this->_request->getRouter();
$press = $router->getContext($this->_request);
if (!is_a($press, 'Press')) {
return AUTHORIZATION_DENY;
}
// Get the monograph
$monograph = $this->getAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH);
if (!is_a($monograph, 'Monograph')) {
return AUTHORIZATION_DENY;
}
import('classes.security.authorization.internal.SeriesAssignmentRule');
if (SeriesAssignmentRule::effect($press->getId(), $monograph->getSeriesId(), $user->getId())) {
return AUTHORIZATION_PERMIT;
} else {
return AUTHORIZATION_DENY;
}
}
/**
* @see AuthorizationPolicy::effect()
*/
function effect()
{
// Get the user
$user =& $this->_request->getUser();
if (!is_a($user, 'PKPUser')) {
return AUTHORIZATION_DENY;
}
// Get the section editor submission.
$sectionEditorSubmission =& $this->getAuthorizedContextObject(ASSOC_TYPE_ARTICLE);
if (!is_a($sectionEditorSubmission, 'SectionEditorSubmission')) {
return AUTHORIZATION_DENY;
}
// Section editors can only access submissions in their series
// that they have been explicitly assigned to.
$sectionEditorsDao =& DAORegistry::getDAO('SectionEditorsDAO');
$sectionEditors =& $sectionEditorsDao->getEditorsBySectionId($sectionEditorSubmission->getJournalId(), $sectionEditorSubmission->getSectionId());
$foundAssignment = false;
foreach ($sectionEditors as $sectionEditor) {
if ($sectionEditor->getId() == $user->getId()) {
$foundAssignment = true;
}
}
if ($foundAssignment) {
return AUTHORIZATION_PERMIT;
} else {
return AUTHORIZATION_DENY;
}
}
/**
* @copydoc AuthorizationPolicy::effect()
*/
function effect()
{
// Get the user
$user = $this->_request->getUser();
if (!is_a($user, 'PKPUser')) {
return AUTHORIZATION_DENY;
}
// Get the journal
$router = $this->_request->getRouter();
$context = $router->getContext($this->_request);
if (!is_a($context, 'Journal')) {
return AUTHORIZATION_DENY;
}
// Get the article
$article = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
if (!is_a($article, 'Article')) {
return AUTHORIZATION_DENY;
}
import('classes.security.authorization.internal.SectionAssignmentRule');
if (SectionAssignmentRule::effect($context->getId(), $article->getSectionId(), $user->getId())) {
return AUTHORIZATION_PERMIT;
} else {
return AUTHORIZATION_DENY;
}
}
/**
* Identifies a submission id in the request.
* @return integer|false returns false if no valid submission id could be found.
*/
function getSubmissionId()
{
// Identify the submission id.
$router =& $this->_request->getRouter();
switch (true) {
case is_a($router, 'PKPPageRouter'):
if (is_numeric($this->_request->getUserVar($this->_submissionParameterName))) {
// We may expect a submission id in the user vars
return (int) $this->_request->getUserVar($this->_submissionParameterName);
} else {
if (isset($this->_args[0]) && is_numeric($this->_args[0])) {
// Or the submission id can be expected as the first path in the argument list
return (int) $this->_args[0];
}
}
break;
case is_a($router, 'PKPComponentRouter'):
// We expect a named submission id argument.
if (isset($this->_args[$this->_submissionParameterName]) && is_numeric($this->_args[$this->_submissionParameterName])) {
return (int) $this->_args[$this->_submissionParameterName];
}
break;
default:
assert(false);
}
return false;
}
/**
* @see AuthorizationPolicy::effect()
*/
function effect()
{
// Get the user
$user =& $this->_request->getUser();
if (!is_a($user, 'PKPUser')) {
return AUTHORIZATION_DENY;
}
// Get the press
$router =& $this->_request->getRouter();
$press =& $router->getContext($this->_request);
if (!is_a($press, 'Press')) {
return AUTHORIZATION_DENY;
}
// Get the monograph
$monograph =& $this->getAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH);
if (!is_a($monograph, 'Monograph')) {
return AUTHORIZATION_DENY;
}
// Series editors can access all submissions in their series.
// Even those they've not been explicitly assigned to.
$seriesEditorsDao =& DAORegistry::getDAO('SeriesEditorsDAO');
if ($seriesEditorDao->editorExists($press->getId(), $monograph->getSeriesId(), $user->getId())) {
return AUTHORIZATION_PERMIT;
} else {
return AUTHORIZATION_DENY;
}
}
/**
* @copydoc AuthorizationPolicy::effect()
*/
function effect()
{
// Get the user
$user = $this->_request->getUser();
if (!is_a($user, 'PKPUser')) {
return AUTHORIZATION_DENY;
}
// Get the context
$router = $this->_request->getRouter();
$context = $router->getContext($this->_request);
if (!is_a($context, 'Context')) {
return AUTHORIZATION_DENY;
}
// Get the submission
$submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
if (!is_a($submission, 'Submission')) {
return AUTHORIZATION_DENY;
}
import('lib.pkp.classes.security.authorization.internal.SectionAssignmentRule');
if (SectionAssignmentRule::effect($context->getId(), $submission->getSectionId(), $user->getId())) {
return AUTHORIZATION_PERMIT;
} else {
return AUTHORIZATION_DENY;
}
}
/**
* Check whether the requested operation is on
* the list of permitted operations.
* @return boolean
*/
function _checkOperationWhitelist()
{
// Only permit if the requested operation has been whitelisted.
$router =& $this->_request->getRouter();
$requestedOperation = $router->getRequestedOp($this->_request);
assert(!empty($requestedOperation));
return in_array($requestedOperation, $this->_operations);
}
/**
* @see AuthorizationPolicy::effect()
*/
function effect()
{
// Check the request protocol
if ($this->_request->getProtocol() == 'https') {
return AUTHORIZATION_PERMIT;
} else {
return AUTHORIZATION_DENY;
}
}
/**
* Upload the file in an app-specific manner.
* @param PKPRequest $request
* @param PKPUser $user
* @param $uploaderUserGroupId int
* @param $revisedFileId int
* @param $fileGenre int
* @param $assocType int
* @param $assocType int
* @return SubmissionFile
*/
function _uploadFile($request, $user, $uploaderUserGroupId, $revisedFileId, $fileGenre, $assocType, $assocId)
{
$context = $request->getContext();
import('lib.pkp.classes.file.SubmissionFileManager');
$articleFileManager = new SubmissionFileManager($context->getId(), $this->getData('submissionId'));
$fileStage = $this->getData('fileStage');
$submissionFile = $articleFileManager->uploadSubmissionFile('uploadedFile', $fileStage, $user->getId(), $uploaderUserGroupId, $revisedFileId, $fileGenre, $assocType, $assocId);
return $submissionFile;
}
/**
* Determines whether the current user can create user accounts from authors present
* in the grid.
* @param PKPRequest $request
* @return boolean
*/
function allowedToCreateUser($request)
{
$submission = $this->getSubmission();
$user = $request->getUser();
$stageAssignmentDao = DAORegistry::getDAO('StageAssignmentDAO');
$userGroupDao = DAORegistry::getDAO('UserGroupDAO');
$stageAssignments = $stageAssignmentDao->getBySubmissionAndStageId($submission->getId(), $submission->getStageId(), null, $user->getId());
while ($stageAssignment = $stageAssignments->next()) {
$userGroup = $userGroupDao->getById($stageAssignment->getUserGroupId());
if (in_array($userGroup->getRoleId(), array(ROLE_ID_MANAGER, ROLE_ID_EDITOR))) {
return true;
break;
}
}
return false;
}
/**
* View announcement details.
* @param $args array optional, first parameter is the ID of the announcement to display
*/
function view($args = array())
{
$this->validate();
$this->setupTemplate();
$announcementId = !isset($args) || empty($args) ? null : (int) $args[0];
$announcementDao =& DAORegistry::getDAO('AnnouncementDAO');
if ($this->_getAnnouncementsEnabled() && $this->_announcementIsValid($announcementId)) {
$announcement =& $announcementDao->getAnnouncement($announcementId);
if ($announcement->getDateExpire() == null || strtotime($announcement->getDateExpire()) > time()) {
$templateMgr =& TemplateManager::getManager();
$templateMgr->assign('announcement', $announcement);
if ($announcement->getTypeId() == null) {
$templateMgr->assign('announcementTitle', $announcement->getLocalizedTitle());
} else {
$templateMgr->assign('announcementTitle', $announcement->getAnnouncementTypeName() . ": " . $announcement->getLocalizedTitle());
}
$templateMgr->append('pageHierarchy', array(PKPRequest::url(null, 'announcement'), 'announcement.announcements'));
$templateMgr->display('announcement/view.tpl');
} else {
Request::redirect(null, null, 'announcement');
}
} else {
Request::redirect(null, null, 'announcement');
}
}
/**
* Identifies a submission id in the request.
* @return integer|false returns false if no valid submission id could be found.
*/
function getDataObjectId()
{
// Identify the data object id.
$router = $this->_request->getRouter();
switch (true) {
case is_a($router, 'PKPPageRouter'):
if (ctype_digit((string) $this->_request->getUserVar($this->_parameterName))) {
// We may expect a object id in the user vars
return (int) $this->_request->getUserVar($this->_parameterName);
} else {
if (isset($this->_args[0]) && ctype_digit((string) $this->_args[0])) {
// Or the object id can be expected as the first path in the argument list
return (int) $this->_args[0];
}
}
break;
case is_a($router, 'PKPComponentRouter'):
// We expect a named object id argument.
if (isset($this->_args[$this->_parameterName]) && ctype_digit((string) $this->_args[$this->_parameterName])) {
return (int) $this->_args[$this->_parameterName];
}
break;
default:
assert(false);
}
return false;
}
/**
* Instantiate a mock request to the given operation.
* @param $requestedOp string the requested operation
* @param $context mixed a request context to be returned
* by the router.
* @param $user User a user to be put into the registry.
* @return PKPRequest
*/
protected function getMockRequest($requestedOp, $context = null, $user = null)
{
// Mock a request to the permitted operation.
$request = new PKPRequest();
// Mock a router.
$router = $this->getMock('PKPRouter', array('getRequestedOp', 'getContext'));
// Mock the getRequestedOp() method.
$router->expects($this->any())->method('getRequestedOp')->will($this->returnValue($requestedOp));
// Mock the getContext() method.
$router->expects($this->any())->method('getContext')->will($this->returnValue($context));
// Put a user into the registry if one has been
// passed in.
if ($user instanceof User) {
Registry::set('user', $user);
}
$request->setRouter($router);
return $request;
}
/**
* @see AuthorizationPolicy::effect()
*/
function effect()
{
// Get the user
$user =& $this->_request->getUser();
if (!is_a($user, 'PKPUser')) {
return AUTHORIZATION_DENY;
}
// Get the monograph
$monograph =& $this->getAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH);
if (!is_a($monograph, 'Monograph')) {
return AUTHORIZATION_DENY;
}
// Check authorship of the monograph.
if ($monograph->getUserId() === $user->getId()) {
return AUTHORIZATION_PERMIT;
} else {
return AUTHORIZATION_DENY;
}
}
/**
* @see AuthorizationPolicy::effect()
*/
function effect()
{
// Get the user
$user = $this->_request->getUser();
if (!is_a($user, 'PKPUser')) {
return AUTHORIZATION_DENY;
}
// Get the submission
$submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
if (!is_a($submission, 'Submission')) {
return AUTHORIZATION_DENY;
}
// Check authorship of the submission.
if ($submission->getUserId() === $user->getId()) {
return AUTHORIZATION_PERMIT;
} else {
return AUTHORIZATION_DENY;
}
}
/**
* @see AuthorizationPolicy::effect()
*/
function effect()
{
// Get the user
$user =& $this->_request->getUser();
if (!is_a($user, 'PKPUser')) {
return AUTHORIZATION_DENY;
}
// Get the copyeditor submission
$copyeditorSubmission =& $this->getAuthorizedContextObject(ASSOC_TYPE_ARTICLE);
if (!is_a($copyeditorSubmission, 'CopyeditorSubmission')) {
return AUTHORIZATION_DENY;
}
// Copyeditors can only access submissions
// they have been explicitly assigned to.
if ($copyeditorSubmission->getUserIdBySignoffType('SIGNOFF_COPYEDITING_INITIAL') != $user->getId()) {
return AUTHORIZATION_DENY;
}
return AUTHORIZATION_PERMIT;
}
/**
* @see AuthorizationPolicy::effect()
*/
function effect()
{
// A signoff should already be in the context.
$signoff = $this->getAuthorizedContextObject(ASSOC_TYPE_SIGNOFF);
if (!is_a($signoff, 'Signoff')) {
return AUTHORIZATION_DENY;
}
// Check that there is a currently logged in user.
$user = $this->_request->getUser();
if (!is_a($user, 'User')) {
return AUTHORIZATION_DENY;
}
// Check if the signoff is assigned to the user.
if ($signoff->getUserId() == $user->getId()) {
return AUTHORIZATION_PERMIT;
}
// Otherwise, deny.
return AUTHORIZATION_DENY;
}
/**
* Determines whether the current user can create user accounts from authors present
* in the grid.
* @param PKPRequest $request
* @return boolean
*/
function canAdminister($request)
{
$submission = $this->getSubmission();
$user = $request->getUser();
$stageAssignmentDao = DAORegistry::getDAO('StageAssignmentDAO');
$userGroupDao = DAORegistry::getDAO('UserGroupDAO');
// If the submission hasn't been finalized, allow.
if (!$submission->getDateSubmitted()) {
return true;
}
$stageAssignments = $stageAssignmentDao->getBySubmissionAndStageId($submission->getId(), $submission->getStageId(), null, $user->getId());
while ($stageAssignment = $stageAssignments->next()) {
$userGroup = $userGroupDao->getById($stageAssignment->getUserGroupId());
if (in_array($userGroup->getRoleId(), array(ROLE_ID_MANAGER))) {
return true;
}
}
return false;
}
/**
* Display upgrade form.
*/
function upgrade()
{
$this->validate();
$this->setupTemplate();
if (($setLocale = PKPRequest::getUserVar('setLocale')) != null && AppLocale::isLocaleValid($setLocale)) {
PKPRequest::setCookieVar('currentLocale', $setLocale);
}
$installForm = new UpgradeForm();
$installForm->initData();
$installForm->display();
}
/**
* @see AuthorizationPolicy::effect()
*/
function effect()
{
// A query should already be in the context.
$query = $this->getAuthorizedContextObject(ASSOC_TYPE_QUERY);
if (!is_a($query, 'Query')) {
return AUTHORIZATION_DENY;
}
// Check that there is a currently logged in user.
$user = $this->_request->getUser();
if (!is_a($user, 'User')) {
return AUTHORIZATION_DENY;
}
// Determine if the query is assigned to the user.
$queryDao = DAORegistry::getDAO('QueryDAO');
if ($queryDao->getParticipantIds($query->getId(), $user->getId())) {
return AUTHORIZATION_PERMIT;
}
// Otherwise, deny.
return AUTHORIZATION_DENY;
}
/**
* Queue payment and save gift details.
*/
function execute()
{
$journal = $this->request->getJournal();
$journalId = $journal->getId();
// Create new gift and save details
import('classes.gift.Gift');
import('classes.payment.ojs.OJSPaymentManager');
$paymentManager = new OJSPaymentManager($this->request);
$paymentPlugin =& $paymentManager->getPaymentPlugin();
$gift = new Gift();
if ($paymentPlugin->getName() == 'ManualPayment') {
$gift->setStatus(GIFT_STATUS_AWAITING_MANUAL_PAYMENT);
} else {
$gift->setStatus(GIFT_STATUS_AWAITING_ONLINE_PAYMENT);
}
$gift->setAssocType(ASSOC_TYPE_JOURNAL);
$gift->setAssocId($journalId);
$gift->setGiftType(GIFT_TYPE_SUBSCRIPTION);
$gift->setGiftAssocId($this->getData('typeId'));
$gift->setBuyerFirstName($this->getData('buyerFirstName'));
$gift->setBuyerMiddleName($this->getData('buyerMiddleName'));
$gift->setBuyerLastName($this->getData('buyerLastName'));
$gift->setBuyerEmail($this->getData('buyerEmail'));
$gift->setBuyerUserId($this->buyerUserId ? $this->buyerUserId : null);
$gift->setRecipientFirstName($this->getData('recipientFirstName'));
$gift->setRecipientMiddleName($this->getData('recipientMiddleName'));
$gift->setRecipientLastName($this->getData('recipientLastName'));
$gift->setRecipientEmail($this->getData('recipientEmail'));
$gift->setRecipientUserId(null);
$gift->setLocale($this->getData('giftLocale'));
$gift->setGiftNoteTitle($this->getData('giftNoteTitle'));
$gift->setGiftNote($this->getData('giftNote'));
$giftDao = DAORegistry::getDAO('GiftDAO');
$giftId = $giftDao->insertObject($gift);
// Create new queued payment
$subscriptionTypeDao = DAORegistry::getDAO('SubscriptionTypeDAO');
$subscriptionType =& $subscriptionTypeDao->getSubscriptionType($this->getData('typeId'));
$queuedPayment =& $paymentManager->createQueuedPayment($journalId, PAYMENT_TYPE_GIFT, null, $giftId, $subscriptionType->getCost(), $subscriptionType->getCurrencyCodeAlpha());
$queuedPaymentId = $paymentManager->queuePayment($queuedPayment);
$paymentManager->displayPaymentForm($queuedPaymentId, $queuedPayment);
}
/**
* Save the form
*/
function execute()
{
$userEmail = $this->getData('email');
$notificationSettingsDao =& DAORegistry::getDAO('NotificationSettingsDAO');
if ($password = $notificationSettingsDao->subscribeGuest($userEmail)) {
Notification::sendMailingListEmail($userEmail, $password, 'NOTIFICATION_MAILLIST_WELCOME');
return true;
} else {
PKPRequest::redirect(null, 'notification', 'mailListSubscribed', array('error'));
return false;
}
}
/**
* Initialize form data.
*/
function initData()
{
$docRoot = dirname($_SERVER['DOCUMENT_ROOT']);
if (Core::isWindows()) {
// Replace backslashes with slashes for the default files directory.
$docRoot = str_replace('\\', '/', $docRoot);
}
// Add a trailing slash for paths that aren't filesystem root
if ($docRoot !== '/') {
$docRoot .= '/';
}
$this->_data = array('locale' => AppLocale::getLocale(), 'additionalLocales' => array(), 'clientCharset' => 'utf-8', 'connectionCharset' => '', 'databaseCharset' => '', 'encryption' => function_exists('sha1') ? 'sha1' : 'md5', 'filesDir' => $docRoot . 'files', 'databaseDriver' => 'mysql', 'databaseHost' => 'localhost', 'databaseUsername' => 'ojs', 'databasePassword' => '', 'databaseName' => 'ojs', 'createDatabase' => 1, 'oaiRepositoryId' => 'ojs.' . $this->_request->getServerHost());
}
/**
* @see AuthorizationPolicy::effect()
*/
function effect()
{
$router =& $this->_request->getRouter();
// Get the press.
$press =& $router->getContext($this->_request);
if (!is_a($press, 'Press')) {
return AUTHORIZATION_DENY;
}
// Get the authorized user group.
$userGroup = $this->getAuthorizedContextObject(ASSOC_TYPE_USER_GROUP);
if (!is_integer($userGroup, 'UserGroup')) {
return AUTHORIZATION_DENY;
}
// Retrieve the requested workflow stage.
switch (true) {
case is_a($router, 'PKPPageRouter'):
// We expect the requested page to be a valid workflow path.
$stagePath = $router->getRequestedPage($this->_request);
break;
case is_a($router, 'PKPComponentRouter'):
// We expect a named 'workflowStage' argument.
$stagePath = $this->_request->getUserVar('workflowStage');
break;
default:
assert(false);
}
$stageId = UserGroupStageAssignmentDAO::getIdFromPath($stagePath);
if (!is_integer($stageId)) {
return AUTHORIZATION_DENY;
}
// Only grant access to workflow stages that have been explicitly
// assigned to the authorized user group in the press setup.
$userGroupStageAssignmentDao =& DAORegistry::getDAO('UserGroupStageAssignmentDAO');
if ($userGroupStageAssignmentDao->assignmentExists($press->getId(), $userGroup->getId(), $stageId)) {
return AUTHORIZATION_PERMIT;
} else {
return AUTHORIZATION_DENY;
}
}
/**
* @see AuthorizationPolicy::effect()
*/
function effect()
{
// Get the user
$user =& $this->_request->getUser();
if (!is_a($user, 'PKPUser')) {
return AUTHORIZATION_DENY;
}
// Get the section editor submission.
$sectionEditorSubmission =& $this->getAuthorizedContextObject(ASSOC_TYPE_ARTICLE);
if (!is_a($sectionEditorSubmission, 'SectionEditorSubmission')) {
return AUTHORIZATION_DENY;
}
// Section editors can only access submissions in their series
// that they have been explicitly assigned to.
// 1) Retrieve the edit assignments
$editAssignmentDao =& DAORegistry::getDAO('EditAssignmentDAO');
$editAssignments =& $editAssignmentDao->getEditAssignmentsByArticleId($sectionEditorSubmission->getId());
if (!is_a($editAssignments, 'DAOResultFactory')) {
return AUTHORIZATION_DENY;
}
$editAssignmentsArray =& $editAssignments->toArray();
// 2) Check whether the user is the article's editor,
// otherwise deny access.
$foundAssignment = false;
foreach ($editAssignmentsArray as $editAssignment) {
if ($editAssignment->getEditorId() == $user->getId()) {
if ($editAssignment->getCanEdit()) {
$foundAssignment = true;
}
break;
}
}
if ($foundAssignment) {
return AUTHORIZATION_PERMIT;
} else {
return AUTHORIZATION_DENY;
}
}
/**
* @see AuthorizationPolicy::effect()
*/
function effect()
{
// Get the user
$user =& $this->_request->getUser();
if (!is_a($user, 'PKPUser')) {
return AUTHORIZATION_DENY;
}
// Get the monograph
$monograph =& $this->getAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH);
if (!is_a($monograph, 'Monograph')) {
return AUTHORIZATION_DENY;
}
// Check if a review assignment exists between the submission and the user
$reviewAssignmentDao =& DAORegistry::getDAO('ReviewAssignmentDAO');
/* @var $reviewAssignmentDao ReviewAssignmentDAO */
$reviewAssignment =& $reviewAssignmentDao->getReviewAssignment($monograph->getId(), $user->getId(), $monograph->getCurrentRound());
if (is_a($reviewAssignment, 'ReviewAssignment')) {
// Save the review assignment to the authorization context.
$this->addAuthorizedContextObject(ASSOC_TYPE_REVIEW_ASSIGNMENT, $reviewAssignment);
return AUTHORIZATION_PERMIT;
} else {
return AUTHORIZATION_DENY;
}
}
/**
* @see AuthorizationPolicy::effect()
*/
function effect()
{
// Get the user
$user = $this->_request->getUser();
if (!is_a($user, 'PKPUser')) {
return AUTHORIZATION_DENY;
}
// Get the submission
$submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
if (!is_a($submission, 'Submission')) {
return AUTHORIZATION_DENY;
}
// Check if a review assignment exists between the submission and the user
$reviewAssignmentDao = DAORegistry::getDAO('ReviewAssignmentDAO');
/* @var $reviewAssignmentDao ReviewAssignmentDAO */
$reviewAssignment = $reviewAssignmentDao->getLastReviewRoundReviewAssignmentByReviewer($submission->getId(), $user->getId());
if (is_a($reviewAssignment, 'ReviewAssignment')) {
// Save the review assignment to the authorization context.
$this->addAuthorizedContextObject(ASSOC_TYPE_REVIEW_ASSIGNMENT, $reviewAssignment);
return AUTHORIZATION_PERMIT;
} else {
return AUTHORIZATION_DENY;
}
}
/**
* @see AuthorizationPolicy::effect()
*/
function effect()
{
// Get the user
$user = $this->_request->getUser();
if (!is_a($user, 'PKPUser')) {
return AUTHORIZATION_DENY;
}
// Get the submission
$submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
if (!is_a($submission, 'Submission')) {
return AUTHORIZATION_DENY;
}
// Check authorship of the submission. Any ROLE_ID_AUTHOR assignment will do.
$stageAssignmentDao = DAORegistry::getDAO('StageAssignmentDAO');
$userGroupDao = DAORegistry::getDAO('UserGroupDAO');
$submitterAssignments = $stageAssignmentDao->getBySubmissionAndStageId($submission->getId(), null, null, $user->getId());
while ($assignment = $submitterAssignments->next()) {
$userGroup = $userGroupDao->getById($assignment->getUserGroupId());
if ($userGroup->getRoleId() == ROLE_ID_AUTHOR) {
return AUTHORIZATION_PERMIT;
}
}
return AUTHORIZATION_DENY;
}
/**
* Create institutional subscription.
*/
function execute()
{
$journal = $this->request->getJournal();
$journalId = $journal->getId();
$typeId = $this->getData('typeId');
$subscriptionTypeDao = DAORegistry::getDAO('SubscriptionTypeDAO');
$nonExpiring = $subscriptionTypeDao->getSubscriptionTypeNonExpiring($typeId);
$today = date('Y-m-d');
$insert = false;
if (!isset($this->subscription)) {
import('classes.subscription.InstitutionalSubscription');
$subscription = new InstitutionalSubscription();
$subscription->setJournalId($journalId);
$subscription->setUserId($this->userId);
$subscription->setReferenceNumber(null);
$subscription->setNotes(null);
$insert = true;
} else {
$subscription =& $this->subscription;
}
import('classes.payment.ojs.OJSPaymentManager');
$paymentManager = new OJSPaymentManager($this->request);
$paymentPlugin =& $paymentManager->getPaymentPlugin();
if ($paymentPlugin->getName() == 'ManualPayment') {
$subscription->setStatus(SUBSCRIPTION_STATUS_AWAITING_MANUAL_PAYMENT);
} else {
$subscription->setStatus(SUBSCRIPTION_STATUS_AWAITING_ONLINE_PAYMENT);
}
$subscription->setTypeId($typeId);
$subscription->setMembership($this->getData('membership') ? $this->getData('membership') : null);
$subscription->setDateStart($nonExpiring ? null : $today);
$subscription->setDateEnd($nonExpiring ? null : $today);
$subscription->setInstitutionName($this->getData('institutionName'));
$subscription->setInstitutionMailingAddress($this->getData('institutionMailingAddress'));
$subscription->setDomain($this->getData('domain'));
$subscription->setIPRanges($this->getData('ipRanges'));
$institutionalSubscriptionDao = DAORegistry::getDAO('InstitutionalSubscriptionDAO');
if ($insert) {
$institutionalSubscriptionDao->insertSubscription($subscription);
} else {
$institutionalSubscriptionDao->updateSubscription($subscription);
}
$subscriptionTypeDao = DAORegistry::getDAO('SubscriptionTypeDAO');
$subscriptionType =& $subscriptionTypeDao->getSubscriptionType($this->getData('typeId'));
$queuedPayment =& $paymentManager->createQueuedPayment($journalId, PAYMENT_TYPE_PURCHASE_SUBSCRIPTION, $this->userId, $subscription->getId(), $subscriptionType->getCost(), $subscriptionType->getCurrencyCodeAlpha());
$queuedPaymentId = $paymentManager->queuePayment($queuedPayment);
$paymentManager->displayPaymentForm($queuedPaymentId, $queuedPayment);
}
/**
* Smarty usage: {sort_heading key="localization.key.name" sort="foo"}
*
* Custom Smarty function for creating heading links to sort tables by
* @params $params array associative array
* @params $smarty Smarty
* @return string heading link to sort table by
*/
function smartySortHeading($params, &$smarty)
{
if (isset($params) && !empty($params)) {
$sortParams = Request::getQueryArray();
isset($params['sort']) ? $sortParams['sort'] = $params['sort'] : null;
$sortDirection = $smarty->get_template_vars('sortDirection');
$sort = $smarty->get_template_vars('sort');
// Invert sort direction
if ($params['sort'] == $sort) {
if ($sortDirection == SORT_DIRECTION_ASC) {
$sortParams['sortDirection'] = SORT_DIRECTION_DESC;
} else {
$sortParams['sortDirection'] = SORT_DIRECTION_ASC;
}
} else {
$sortParams['sortDirection'] = SORT_DIRECTION_ASC;
}
$link = PKPRequest::url(null, null, null, Request::getRequestedArgs(), $sortParams, null, true);
$text = isset($params['key']) ? Locale::translate($params['key']) : '';
$style = isset($sort) && isset($params['sort']) && $sort == $params['sort'] ? ' style="font-weight:bold"' : '';
return "<a href=\"{$link}\"{$style}>{$text}</a>";
}
}
