/**
* Checks that the user has permission for modifying the item, in this case for uploading or deleting files.
*
* @param Phprojekt_Model_Interface $model Current module.
* @param integer $itemId Current item id.
*
* @throws Exception On no write access.
*
* @return void
*/
private static function _checkWritePermission($model, $itemId)
{
if ($itemId != 0) {
$model->find($itemId);
}
if (!$model->hasRight(Phprojekt_Auth_Proxy::getEffectiveUserId(), Phprojekt_Acl::WRITE)) {
$error = Phprojekt::getInstance()->translate('You don\'t have permission for modifying this item.');
self::_logError("Error: trying to Delete or Upload a file without write access.", array(get_class($model), $itemId));
throw new Exception($error);
}
}
/**
* Checks that the user has permission for modifying the item, in this case for uploading or deleting files.
* If not, prints an error, terminating script execution.
*
* @param Phprojekt_Model_Interface $model Current module.
* @param integer $itemId Current item id.
*
* @return void
*/
private function _fileCheckWritePermission($model, $itemId)
{
$model->find($itemId);
$rights = $model->getRights();
if (!$rights['currentUser']['write']) {
$error = Phprojekt::getInstance()->translate('You don\'t have permission for modifying this item.');
// Log error
Phprojekt::getInstance()->getLog()->err("Error: trying to Delete or Upload a file without write access. " . "User Id: " . Phprojekt_Auth::getUserId() . " - Module: " . $this->getRequest()->getModuleName());
// Show error to user and stop script execution
die($error);
}
}
