public function check($userId, $objectId, $actionId, $parameters = array())
{
$user = QubitUser::getById($userId);
if (($userId == $this->userId || $user->hasGroup($this->groupId)) && $objectId == $this->objectId && $actionId == $this->actionId && $this->evaluateConditional($parameters)) {
return $this->grantDeny;
}
}
public static function hasPermission($sfUser, array $options = array())
{
$qubitUser = QubitUser::getById($sfUser->getUserId());
if (!$qubitUser) {
return false;
}
switch ($options['module']) {
case 'informationobject':
if ($sfUser->hasCredential(array('administrator', 'editor', 'contributor'), false)) {
return true;
} else {
return false;
}
case 'actor':
if ($sfUser->hasCredential(array('administrator', 'editor', 'contributor'), false)) {
return true;
} else {
return false;
}
case 'repository':
if ($sfUser->hasCredential(array('administrator', 'editor', 'contributor'), false)) {
return true;
} else {
return false;
}
case 'term':
if ($sfUser->hasCredential(array('administrator', 'editor'), false)) {
return true;
} else {
return false;
}
case 'staticpage':
if ($sfUser->hasCredential(array('administrator', 'translator'), false)) {
return true;
} else {
return false;
}
case 'user':
if ($sfUser->hasCredential(array('administrator'), false)) {
return true;
} else {
if ($options['action'] == 'show') {
return true;
} else {
return false;
}
}
}
return false;
}
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
// initialize parent
parent::initialize($dispatcher, $storage, $options);
// On timeout, remove *all* user credentials
if ($this->isTimedOut()) {
$this->signOut();
return;
}
if ($this->isAuthenticated()) {
$this->user = QubitUser::getById($this->getUserID());
// If this user's account has been *deleted* or this user session is from a
// different install of qubit on the same server (cross-site), then signout
// user
if (null === $this->user) {
$this->signOut();
}
}
}
