public function showAction() { parent::showAction(); $db = $this->_helper->db; $itemTable = $db->getTable('Item'); $itemAlias = $itemTable->getTableAlias(); $select = $itemTable->getSelectForFindBy(array(), is_admin_theme() ? 10 : 5); $rrTable = $db->getTable('RecordRelationsRelation'); $rrAlias = $rrTable->getTableAlias(); $select->joinInner(array($rrAlias => $rrTable->getTableName()), "{$rrAlias}.subject_id = {$itemAlias}.id", array()); $select->where("{$rrAlias}.object_id = ?", $this->view->collection->id); $select->where("{$rrAlias}.object_record_type = 'Collection'"); $select->where("{$rrAlias}.property_id = ?", get_record_relations_property_id(DCTERMS, 'isPartOf')); $select->where("{$rrAlias}.subject_record_type = 'Item'"); $this->view->items = $itemTable->fetchObjects($select); }
public function isAuthorized($user) { // All registered users can add posts if ($this->action === 'index' && $user['active'] == 1) { return true; } elseif ($this->action === 'add' && $user['active'] == 1) { return true; } elseif ($user['active'] == 0) { $this->Session->setFlash(__('Vous devez activer votre compte par courriel.'), 'flash/error'); } // The owner of a game can edit and delete it //ATTENTION IL FAUT REGARDER SI LA COLLECTION APPARTIENT À L'UTILISATEUR if (in_array($this->action, array('edit', 'delete'))) { $collectionsController = new CollectionsController(); $collectionsController->constructClasses(); $consoleId = (int) $this->request->params['pass'][0]; $collectionId = $this->Console->field('collection_id', array('id' => $consoleId)); if ($collectionsController->Collection->isOwnedBy($collectionId, $user['id'])) { return true; } } return parent::isAuthorized($user); }