/**
* @see PKPHandler::authorize()
*/
function authorize($request, &$args, $roleAssignments)
{
import('lib.pkp.classes.security.authorization.SignoffAccessPolicy');
// Check the operation to define the access mode.
$router = $request->getRouter();
$operation = $router->getRequestedOp($request);
$mode = SIGNOFF_ACCESS_MODIFY;
switch ($operation) {
case 'readSignoff':
case 'signoffRead':
$mode = SIGNOFF_ACCESS_READ;
break;
default:
break;
}
// If a signoff ID was specified, authorize it.
if ($request->getUserVar('signoffId')) {
// This will be authorized in WorkflowStageAccessPolicy
$stageId = (int) $request->getUserVar('stageId');
$this->addPolicy(new SignoffAccessPolicy($request, $args, $roleAssignments, $mode, $stageId));
}
$symbolic = $request->getUserVar('symbolic');
if ($symbolic) {
$signoffDao = DAORegistry::getDAO('SignoffDAO');
$symbolics = $signoffDao->getAllSymbolics();
if (!in_array($symbolic, $symbolics)) {
return false;
}
}
return parent::authorize($request, $args, $roleAssignments);
}
function authorize($request, &$args, $roleAssignments)
{
return parent::authorize($request, $args, $roleAssignments);
}
