/**
* @see GridDataProvider::getAuthorizationPolicy
*/
function getAuthorizationPolicy($request, $args, $roleAssignments)
{
import('lib.pkp.classes.security.authorization.SubmissionAccessPolicy');
$policy = new SubmissionAccessPolicy($request, $args, $roleAssignments);
import('lib.pkp.classes.security.authorization.internal.WorkflowStageRequiredPolicy');
$policy->addPolicy(new WorkflowStageRequiredPolicy(WORKFLOW_STAGE_ID_PRODUCTION));
import('lib.pkp.classes.security.authorization.internal.RepresentationRequiredPolicy');
$policy->addPolicy(new RepresentationRequiredPolicy($request, $args));
return $policy;
}
/**
* @see GridDataProvider::getAuthorizationPolicy()
* Override the parent class, which defines a Workflow policy, to allow
* reviewer access to this grid.
*/
function getAuthorizationPolicy($request, $args, $roleAssignments)
{
import('lib.pkp.classes.security.authorization.SubmissionAccessPolicy');
$policy = new SubmissionAccessPolicy($request, $args, $roleAssignments);
$stageId = $request->getUserVar('stageId');
import('lib.pkp.classes.security.authorization.internal.WorkflowStageRequiredPolicy');
$policy->addPolicy(new WorkflowStageRequiredPolicy($stageId));
// Add policy to ensure there is a review round id.
import('lib.pkp.classes.security.authorization.internal.ReviewRoundRequiredPolicy');
$policy->addPolicy(new ReviewRoundRequiredPolicy($request, $args));
// Add policy to ensure there is a review assignment for certain operations.
import('lib.pkp.classes.security.authorization.internal.ReviewAssignmentRequiredPolicy');
$policy->addPolicy(new ReviewAssignmentRequiredPolicy($request, $args, 'reviewAssignmentId'));
return $policy;
}
/**
* Constructor
* @param $request PKPRequest
* @param $args array request arguments
* @param $roleAssignments array
* @param $submissionParameterName string
* @param $stageId integer One of the WORKFLOW_STAGE_ID_* constants.
*/
function ReviewStageAccessPolicy($request, &$args, $roleAssignments, $submissionParameterName = 'submissionId', $stageId)
{
parent::ContextPolicy($request);
// Create a "permit overrides" policy set that specifies
// role-specific access to submission stage operations.
$workflowStagePolicy = new PolicySet(COMBINING_PERMIT_OVERRIDES);
// Add the workflow policy, for editorial / press roles
import('lib.pkp.classes.security.authorization.WorkflowStageAccessPolicy');
$workflowStagePolicy->addPolicy(new WorkflowStageAccessPolicy($request, $args, $roleAssignments, $submissionParameterName, $stageId));
if ($stageId == WORKFLOW_STAGE_ID_INTERNAL_REVIEW || $stageId == WORKFLOW_STAGE_ID_EXTERNAL_REVIEW) {
// Add the submission policy, for reviewer roles
import('lib.pkp.classes.security.authorization.SubmissionAccessPolicy');
$submissionPolicy = new SubmissionAccessPolicy($request, $args, $roleAssignments, $submissionParameterName);
$submissionPolicy->addPolicy(new WorkflowStageRequiredPolicy($stageId));
$workflowStagePolicy->addPolicy($submissionPolicy);
}
// Add the role-specific policies to this policy set.
$this->addPolicy($workflowStagePolicy);
}
