/** * Method to check if the user can edit the STATE of the item * * @access public * @return boolean True on success * @since 1.5 */ function canEditState($item = null, $check_cat_perm = true) { if (empty($item)) { $item =& $this->_item; } $user = JFactory::getUser(); $session = JFactory::getSession(); $isOwner = !empty($item->created_by) && $item->created_by == $user->get('id'); $hasCoupon = false; if ($session->has('rendered_uneditable', 'flexicontent')) { $rendered_uneditable = $session->get('rendered_uneditable', array(), 'flexicontent'); $hasCoupon = !empty($item->id) && !empty($rendered_uneditable[$item->id]) && $rendered_uneditable[$item->id] == 2; // editable temporarily via coupon } // get "edit items state" permission on the type of the item $hasTypeEditState = !$item->type_id ? true : FlexicontentHelperPerm::checkTypeAccess($item->type_id, 'core.edit.state'); $hasTypeEditStateOwn = !$item->type_id ? true : FlexicontentHelperPerm::checkTypeAccess($item->type_id, 'core.edit.state.own'); if (!$hasTypeEditState && !$hasTypeEditStateOwn) { return false; } if (!empty($item->id)) { // Existing item, use item specific permissions $asset = 'com_content.article.' . $item->id; $allowed = $hasTypeEditState && $user->authorise('core.edit.state', $asset) || $hasTypeEditStateOwn && $user->authorise('core.edit.state.own', $asset) && ($isOwner || $hasCoupon); } elseif ($check_cat_perm && !empty($item->catid)) { // *** New item *** with main category set $cat_asset = 'com_content.category.' . (int) @$item->catid; $allowed = $hasTypeEditState && $user->authorise('core.edit.state', $cat_asset) || $hasTypeEditStateOwn && $user->authorise('core.edit.state.own', $cat_asset) && $isOwner; } else { // *** New item *** get general edit/publish/delete permissions $allowed = $hasTypeEditState && $user->authorise('core.edit.state', 'com_flexicontent') || $hasTypeEditStateOwn && $user->authorise('core.edit.state.own', 'com_flexicontent'); } return $allowed; }