public function setShareData($projectId)
{
try {
if ($this->_wasCalled) {
return;
}
$this->_wasCalled = true;
$this->loadModel('FinanceShare');
$this->_isOwner = $this->FinanceShare->isProjectOwner($this->currUserID, (int) $projectId);
$this->_currUserShare = $this->FinanceShare->findUserShare((int) $projectId, (int) $this->currUserID);
// Not owner and not share user
if (!$this->_isOwner && empty($this->_currUserShare)) {
throw new Exception(__('Permission denied'));
}
// Denied rules for full access share type
$controller = $this->request->params['controller'];
$action = $this->request->params['action'];
if (!$this->_isOwner) {
foreach ($this->onlyOwnerAccess as $item) {
if ($controller == $item['controller'] && ($item['actions'] == '*' || in_array($action, $item['actions']))) {
throw new Exception(__('Permission denied'));
}
}
}
// view global variables assigned
$this->set(array('isOwner' => $this->_isOwner, 'isFullAccess' => !$this->_isOwner && $this->getShare('full_access'), 'isPartAccess' => !$this->_isOwner && !$this->getShare('full_access'), 'currUserShare' => $this->_currUserShare, 'getShare' => function ($name) {
return $this->getShare($name);
}));
// for model access
FinanceShare::$isOwner = $this->_isOwner;
FinanceShare::$get = $this->_currUserShare;
FinanceShare::$isInit = true;
} catch (Exception $e) {
return $this->redirect(array('controller' => 'Errors', 'action' => 'error404'));
}
}
