public function beforePageHeader(OX_Admin_UI_Event_EventContext $oEventContext)
{
$pageId = $oEventContext->data['pageId'];
$pageData = $oEventContext->data['pageData'];
$oHeaderModel = $oEventContext->data['headerModel'];
$agencyId = $pageData['agencyid'];
$campaignId = $pageData['campaignid'];
$advertiserId = $pageData['clientid'];
$oEntityHelper = $this->oMarkedTextAdvertiserComponent->getEntityHelper();
if (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
switch ($pageId) {
case 'campaign-banners':
$oDalZones = OA_Dal::factoryDAL('zones');
$linkedWebsites = $oDalZones->getWebsitesAndZonesListByCategory($agencyId, null, $campaignId, true);
$arraylinkedWebsitesKeys = array_keys($linkedWebsites);
$linkedWebsitesKey = $arraylinkedWebsitesKeys[0];
$arraylinkedZonesKeys = array_keys($linkedWebsites[$linkedWebsitesKey]['zones']);
$zoneId = $arraylinkedZonesKeys[0];
$aZone = Admin_DA::getZone($zoneId);
if ($aZone['type'] == 3) {
if (OA_Permission::hasAccessToObject('clients', $clientid) && OA_Permission::hasAccessToObject('campaigns', $campaignid)) {
OX_Admin_Redirect::redirect('plugins/' . $this->oMarkedTextAdvertiserComponent->group . "/oxMarkedTextAdvertiser-index.php?campaignid={$campaignId}&clientid={$advertiserId}");
}
}
break;
}
}
}
require_once MAX_PATH . '/lib/OX/Util/Utils.php';
// Required files
require_once MAX_PATH . '/www/admin/lib-maintenance-priority.inc.php';
require_once MAX_PATH . '/lib/OA/Dal.php';
require_once MAX_PATH . '/lib/OA/Dll.php';
require_once MAX_PATH . '/lib/max/Dal/DataObjects/Campaigns.php';
require_once MAX_PATH . '/www/admin/config.php';
require_once MAX_PATH . '/www/admin/lib-statistics.inc.php';
require_once MAX_PATH . '/lib/OA/Permission.php';
require_once MAX_PATH . '/lib/pear/Date.php';
require_once MAX_PATH . '/lib/max/other/html.php';
require_once MAX_PATH . '/lib/OX/Admin/UI/ViewHooks.php';
phpAds_registerGlobalUnslashed('hideinactive', 'listorder', 'orderdirection');
// Security check
OA_Permission::enforceAccount(OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER);
if (!empty($clientid) && !OA_Permission::hasAccessToObject('clients', $clientid, OA_Permission::OPERATION_VIEW)) {
//check if can see given advertiser
$page = basename($_SERVER['SCRIPT_NAME']);
OX_Admin_Redirect::redirect($page);
}
/*-------------------------------------------------------*/
/* Init data */
/*-------------------------------------------------------*/
//get advertisers and set the current one
$aAdvertisers = getAdvertiserMap();
if (empty($clientid)) {
//if it's empty
if ($session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid']) {
//try previous one from session
$sessionClientId = $session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid'];
if (isset($aAdvertisers[$sessionClientId])) {
require_once MAX_PATH . '/lib/OA/Dal.php';
require_once MAX_PATH . '/lib/OA/Dll.php';
require_once MAX_PATH . '/www/admin/config.php';
require_once MAX_PATH . '/www/admin/lib-statistics.inc.php';
require_once MAX_PATH . '/lib/max/other/html.php';
require_once MAX_PATH . '/lib/OX/Translation.php';
// Register input variables
phpAds_registerGlobal('hideinactive', 'listorder', 'orderdirection');
// Security check
OA_Permission::enforceAccount(OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER);
if (!empty($clientid) && !OA_Permission::hasAccessToObject('clients', $clientid)) {
//check if can see given advertiser
$page = basename($_SERVER['SCRIPT_NAME']);
OX_Admin_Redirect::redirect($page);
}
if (!empty($campaignid) && !OA_Permission::hasAccessToObject('campaigns', $campaignid)) {
$page = basename($_SERVER['SCRIPT_NAME']);
OX_Admin_Redirect::redirect("{$page}?clientid={$clientid}");
}
/*-------------------------------------------------------*/
/* Init data */
/*-------------------------------------------------------*/
//get advertisers and set the current one
$aAdvertisers = getAdvertiserMap();
if (empty($clientid)) {
//if it's empty
$campaignid = null;
//reset campaign id, we could derive it after we have clientid
if ($session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid']) {
//try previous one from session
$sessionClientId = $session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid'];
function testHasAccessToObject()
{
$userTables = array(OA_ACCOUNT_ADVERTISER => 'clients', OA_ACCOUNT_TRAFFICKER => 'affiliates', OA_ACCOUNT_MANAGER => 'agency');
// Test if all users have access to new objects
foreach ($userTables as $userType => $userTable) {
$this->assertTrue(OA_Permission::hasAccessToObject('banners', null, OA_Permission::OPERATION_ALL, rand(1, 100), $userType));
}
// Create some record
$doBanners = OA_Dal::factoryDO('banners');
$doBanners->acls_updated = '2007-04-05 16:18:00';
$aData = array('reportlastdate' => array('2007-04-05 16:18:00'));
$dg = new DataGenerator();
$dg->setData('clients', $aData);
$bannerId = $dg->generateOne($doBanners, true);
$clientId = DataGenerator::getReferenceId('clients');
$doClient = OA_Dal::staticGetDO('clients', $clientId);
$agencyId = DataGenerator::getReferenceId('agency');
$doAgency = OA_Dal::staticGetDO('agency', $agencyId);
// Test that admin doesn't have access anymore to all objects
$this->assertFalse(OA_Permission::hasAccessToObject('banners', 'booId', OA_Permission::OPERATION_ALL, 1, OA_ACCOUNT_ADMIN));
// Test accounts have access
$this->assertTrue(OA_Permission::hasAccessToObject('banners', $bannerId, OA_Permission::OPERATION_ALL, $doClient->account_id, OA_ACCOUNT_ADVERTISER));
$this->assertTrue(OA_Permission::hasAccessToObject('banners', $bannerId, OA_Permission::OPERATION_ALL, $doAgency->account_id, OA_ACCOUNT_MANAGER));
// Create users who don't have access
$doClients = OA_Dal::factoryDO('clients');
$doClients->reportlastdate = '2007-04-05 16:18:00';
$clientId2 = DataGenerator::generateOne($doClients);
$agencyId2 = DataGenerator::generateOne('agency');
$doClientId2 = OA_Dal::staticGetDO('clients', $clientId2);
$doAgency2 = OA_Dal::staticGetDO('agency', $agencyId2);
$this->assertFalse(OA_Permission::hasAccessToObject('banners', $bannerId, $fakeId = 123, OA_Permission::OPERATION_ALL, OA_ACCOUNT_TRAFFICKER));
$this->assertFalse(OA_Permission::hasAccessToObject('banners', $bannerId, $doClientId2->account_id, OA_Permission::OPERATION_ALL, OA_ACCOUNT_ADVERTISER));
$this->assertFalse(OA_Permission::hasAccessToObject('banners', $bannerId, $doAgency2->account_id, OA_Permission::OPERATION_ALL, OA_ACCOUNT_MANAGER));
}
/**
* Checks if user has access to specific area (for example admin or agency area)
* Permissions are defined in www/admin/lib-permissions.inc.php file
*
* @access public
*
* @param integer $permissions
* @param string $table Table name
* @param integer $id Id (or empty if new is created)
* @param unknown $allowed check allowed
*
* @return boolean True if has access
*/
function checkPermissions($permissions, $table = '', $id = null, $allowed = null)
{
$isError = false;
if (isset($permissions) && !OA_Permission::isAccount($permissions)) {
if (!OA_Permission::attemptToSwitchToAccount($permissions)) {
$isError = true;
}
}
if (!empty($id) && !$this->checkIdExistence($table, $id)) {
return false;
}
if (isset($id) && !OA_Permission::hasAccessToObject($table, $id)) {
if (!OA_Permission::attemptToSwitchForAccess($table, $id)) {
$isError = true;
}
}
if (isset($allowed)) {
if (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER, OA_ACCOUNT_TRAFFICKER) && !OA_Permission::hasPermission($allowed)) {
$isError = true;
}
}
if ($isError) {
$this->raiseError('Access forbidden');
return false;
} else {
return true;
}
}
// Require the initialisation file
require_once '../../init.php';
require_once MAX_PATH . '/lib/OX/Util/Utils.php';
// Required files
require_once MAX_PATH . '/www/admin/lib-maintenance-priority.inc.php';
require_once MAX_PATH . '/lib/OA/Dal.php';
require_once MAX_PATH . '/lib/OA/Dll.php';
require_once MAX_PATH . '/www/admin/config.php';
require_once MAX_PATH . '/www/admin/lib-statistics.inc.php';
require_once MAX_PATH . '/lib/OA/Permission.php';
require_once MAX_PATH . '/lib/pear/Date.php';
require_once MAX_PATH . '/lib/max/other/html.php';
phpAds_registerGlobalUnslashed('hideinactive', 'listorder', 'orderdirection');
// Security check
OA_Permission::enforceAccount(OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER);
if (!empty($clientid) && !OA_Permission::hasAccessToObject('clients', $clientid)) {
//check if can see given advertiser
$page = basename($_SERVER['PHP_SELF']);
OX_Admin_Redirect::redirect($page);
}
/*-------------------------------------------------------*/
/* Init data */
/*-------------------------------------------------------*/
//get advertisers and set the current one
$aAdvertisers = getAdvertiserMap();
if (empty($clientid)) {
//if it's empty
if ($session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid']) {
//try previous one from session
$sessionClientId = $session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid'];
if (isset($aAdvertisers[$sessionClientId])) {
function addCampaignPageTools($clientid, $campaignid, $aOtherAdvertisers, $aEntities)
{
global $phpAds_TextDirection;
if (!OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
addPageLinkTool($GLOBALS["strDuplicate"], MAX::constructUrl(MAX_URL_ADMIN, "campaign-modify.php?duplicate=1&clientid={$clientid}&campaignid={$campaignid}&returnurl=" . urlencode(basename($_SERVER['SCRIPT_NAME']))), "iconCampaignDuplicate");
if (OA_Permission::hasAccessToObject('campaigns', $campaignid, OA_Permission::OPERATION_MOVE)) {
$form = "<form action='" . MAX::constructUrl(MAX_URL_ADMIN, 'campaign-modify.php') . "'>\n <input type='hidden' name='clientid' value='{$clientid}'>\n <input type='hidden' name='campaignid' value='{$campaignid}'>\n <input type='hidden' name='returnurl' value='" . htmlspecialchars(basename($_SERVER['SCRIPT_NAME'])) . "'>\n <select name='newclientid'>";
$aOtherAdvertisers = _multiSort($aOtherAdvertisers, 'name', 'advertiser_id');
foreach ($aOtherAdvertisers as $aOtherAdvertiser) {
$otherAdvertiserId = $aOtherAdvertiser['advertiser_id'];
$otherAdvertiserName = MAX_buildName($otherAdvertiserId, $aOtherAdvertiser['name']);
if ($otherAdvertiserId != $advertiserId) {
$form .= "<option value='{$otherAdvertiserId}'>" . htmlspecialchars($otherAdvertiserName) . "</option>";
}
}
$form .= "</select><input type='image' class='submit' src='" . OX::assetPath() . "/images/{$phpAds_TextDirection}/go_blue.gif'></form>";
addPageFormTool($GLOBALS['strMoveTo'], 'iconCampaignMove', $form);
}
$deleteConfirm = phpAds_DelConfirm($GLOBALS['strConfirmDeleteCampaign']);
addPageLinkTool($GLOBALS["strDelete"], MAX::constructUrl(MAX_URL_ADMIN, "campaign-delete.php?token=" . urlencode(phpAds_SessionGetToken()) . "&clientid={$clientid}&campaignid={$campaignid}&returnurl=advertiser-campaigns.php"), "iconDelete", null, $deleteConfirm);
}
//shortcuts
if (!empty($campaignid) && !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
if (OA_Permission::hasAccessToObject('campaigns', $campaignid, OA_Permission::OPERATION_ADD_CHILD)) {
addPageLinkTool($GLOBALS["strAddBanner_Key"], MAX::constructUrl(MAX_URL_ADMIN, "banner-edit.php?clientid={$clientid}&campaignid={$campaignid}"), "iconBannerAdd", $GLOBALS["strAddNew"]);
}
addPageShortcut($GLOBALS['strBackToCampaigns'], MAX::constructUrl(MAX_URL_ADMIN, "advertiser-campaigns.php?clientid={$clientid}"), "iconBack");
}
if (!empty($campaignid)) {
if (OA_Permission::hasAccessToObject('campaigns', $campaignid, OA_Permission::OPERATION_VIEW_CHILDREN)) {
addPageShortcut($GLOBALS['strCampaignBanners'], MAX::constructUrl(MAX_URL_ADMIN, "campaign-banners.php?clientid={$clientid}&campaignid={$campaignid}"), "iconBanners");
}
$entityString = _getEntityString($aEntities);
addPageShortcut($GLOBALS['strCampaignHistory'], MAX::constructUrl(MAX_URL_ADMIN, "stats.php?entity=campaign&breakdown=history&{$entityString}"), 'iconStatistics');
}
}
/**
* Checks if user has access to specific area (for example admin or agency area)
* Permissions are defined in www/admin/lib-permissions.inc.php file
*
* @access public
*
* @param integer $permissions
* @param string $table Table name
* @param integer $id Id (or empty if new is created)
* @param unknown $allowed check allowed
* @param OA_Permission Does the current call require only a subset of the permissions?
* If set to null, equivalent to asking permission to do everything on the object
*
* @return boolean True if has access
*/
function checkPermissions($permissions, $table = '', $id = null, $allowed = null, $operationAccessType = OA_Permission::OPERATION_ALL)
{
$isError = false;
if (isset($permissions) && !OA_Permission::isAccount($permissions)) {
if (!OA_Permission::attemptToSwitchToAccount($permissions)) {
$isError = true;
}
}
// Should this check also be part of checkPermissions?
if (!empty($id) && !$this->checkIdExistence($table, $id)) {
return false;
}
if (isset($id) && !OA_Permission::hasAccessToObject($table, $id, $operationAccessType)) {
if (!OA_Permission::attemptToSwitchForAccess($table, $id)) {
$isError = true;
}
}
if (isset($allowed)) {
if (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER, OA_ACCOUNT_TRAFFICKER) && !OA_Permission::hasPermission($allowed)) {
$isError = true;
}
}
if ($isError) {
$this->raiseError('Access forbidden');
return false;
} else {
// Set system timezone and return
OA_setTimeZoneLocal();
return true;
}
}
function displayPage($bannerid, $campaignid, $clientid, $bannerTypes, $aBanner, $type, $form, $ext_bannertype, $formDisabled = false)
{
$pageName = 'advertiser-campaigns';
$aEntities = array('clientid' => $clientid, 'campaignid' => $campaignid, 'bannerid' => $bannerid);
$entityId = OA_Permission::getEntityId();
$entityType = 'advertiser_id';
$aOtherCampaigns = Admin_DA::getPlacements(array($entityType => $entityId));
$aOtherBanners = Admin_DA::getAds(array('placement_id' => $campaignid), false);
$advertiserId = $aEntities['clientid'];
$campaignId = $aEntities['campaignid'];
$bannerId = $aEntities['bannerid'];
$entityString = _getEntityString($aEntities);
$aOtherEntities = $aEntities;
unset($aOtherEntities['bannerid']);
$otherEntityString = _getEntityString($aOtherEntities);
if ($pageName == 'banner-edit.php' && empty($bannerId)) {
$tabValue = 'banner-edit_new';
$pageType = 'edit-new';
} else {
$pageType = 'edit';
}
$advertiserEditUrl = '';
$campaignEditUrl = '';
if (OA_Permission::hasAccessToObject('clients', $advertiserId)) {
$advertiserEditUrl = "advertiser-edit.php?clientid={$advertiserId}";
}
if (!OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
$campaignEditUrl = "campaign-edit.php?clientid={$advertiserId}&campaignid={$campaignId}";
}
if ($bannerId && !empty($GLOBALS['_MAX']['PREF']['ui_show_banner_preview']) && empty($_GET['nopreview'])) {
require_once MAX_PATH . '/lib/max/Delivery/adRender.php';
$aBanner = Admin_DA::getAd($bannerId);
$aBanner['storagetype'] = $aBanner['type'];
$aBanner['bannerid'] = $aBanner['ad_id'];
$bannerCode = MAX_adRender($aBanner, 0, '', '', '', true, '', false, false);
} else {
$bannerCode = '';
}
$advertiserDetails = phpAds_getClientDetails($advertiserId);
$advertiserName = $advertiserDetails['clientname'];
$campaignDetails = Admin_DA::getPlacement($campaignId);
$campaignName = $campaignDetails['name'];
$bannerName = $aOtherBanners[$bannerId]['name'];
$builder = new OA_Admin_UI_Model_InventoryPageHeaderModelBuilder();
$oHeaderModel = $builder->buildEntityHeader(array(array("name" => $advertiserName, "url" => $advertiserEditUrl), array("name" => $campaignName, "url" => $campaignEditUrl), array("name" => $bannerName)), "banner", $pageType);
global $phpAds_breadcrumbs_extra;
$phpAds_breadcrumbs_extra .= "<div class='bannercode'>{$bannerCode}</div>";
if ($bannerCode != '') {
$phpAds_breadcrumbs_extra .= "<br />";
}
addPageLinkTool($GLOBALS["strDuplicate"], MAX::constructUrl(MAX_URL_ADMIN, "plugins/oxMarkedTextAdvertiser/banner-modify.php?duplicate=true&clientid={$advertiserId}&campaignid={$campaignId}&bannerid={$bannerId}&returnurl=" . urlencode(basename($_SERVER['SCRIPT_NAME']))), "iconBannerDuplicate");
addPageShortcut($GLOBALS['strBackToBanners'], MAX::constructUrl(MAX_URL_ADMIN, "campaign-banners.php?clientid={$advertiserId}&campaignid={$campaignId}"), "iconBack");
$entityString = _getEntityString($aEntities);
addPageShortcut($GLOBALS['strBannerHistory'], MAX::constructUrl(MAX_URL_ADMIN, "stats.php?entity=banner&breakdown=history&{$entityString}"), 'iconStatistics');
phpAds_PageHeader('advertiser-campaigns', $oHeaderModel);
$oTpl = new OA_Admin_Template('banner-edit.html');
$oTpl->assign('clientId', $clientid);
$oTpl->assign('campaignId', $campaignid);
$oTpl->assign('bannerId', $bannerid);
$oTpl->assign('bannerTypes', $bannerTypes);
$oTpl->assign('bannerType', 'bannerTypeText:oxMarkedText:oxMarkedTextComponent');
$oTpl->assign('bannerHeight', $aBanner["height"]);
$oTpl->assign('bannerWidth', $aBanner["width"]);
$oTpl->assign('disabled', $formDisabled);
$oTpl->assign('form', $form->serialize());
$oTpl->display();
phpAds_PageFooter();
}
| License: GPLv2 or later, see the LICENSE.txt file. |
+---------------------------------------------------------------------------+
*/
// Require the initialisation file
require_once '../../init.php';
// Required files
require_once MAX_PATH . '/www/admin/config.php';
require_once MAX_PATH . '/www/admin/lib-statistics.inc.php';
require_once MAX_PATH . '/lib/max/other/html.php';
// Register input variables
phpAds_registerGlobal('acl', 'action', 'submit');
/*-------------------------------------------------------*/
/* Affiliate interface security */
/*-------------------------------------------------------*/
OA_Permission::enforceAccount(OA_ACCOUNT_MANAGER);
if (!empty($affiliateid) && !OA_Permission::hasAccessToObject('affiliates', $affiliateid)) {
//check if can see given website
$page = basename($_SERVER['SCRIPT_NAME']);
OX_Admin_Redirect::redirect($page);
}
/*-------------------------------------------------------*/
/* Init data */
/*-------------------------------------------------------*/
//get websites and set the current one
$aWebsites = getWebsiteMap();
if (empty($affiliateid)) {
//if it's empty
if ($session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['affiliateid']) {
//try previous one from session
$sessionWebsiteId = $session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['affiliateid'];
if (isset($aWebsites[$sessionWebsiteId])) {
function MAX_displayNavigationBanner($pageName, $aOtherCampaigns, $aOtherBanners, $aEntities)
{
global $phpAds_TextDirection;
$advertiserId = $aEntities['clientid'];
$campaignId = $aEntities['campaignid'];
$bannerId = $aEntities['bannerid'];
$entityString = _getEntityString($aEntities);
$aOtherEntities = $aEntities;
unset($aOtherEntities['bannerid']);
$otherEntityString = _getEntityString($aOtherEntities);
if ($pageName == 'banner-edit.php' && empty($bannerId)) {
$tabValue = 'banner-edit_new';
$pageType = 'edit-new';
} else {
$pageType = 'edit';
}
$advertiserEditUrl = '';
$campaignEditUrl = '';
if (OA_Permission::hasAccessToObject('clients', $advertiserId)) {
$advertiserEditUrl = "advertiser-edit.php?clientid={$advertiserId}";
}
if (!OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
$campaignEditUrl = "campaign-edit.php?clientid={$advertiserId}&campaignid={$campaignId}";
}
// Build ad preview
if ($bannerId && empty($_GET['nopreview'])) {
require_once MAX_PATH . '/lib/max/Delivery/adRender.php';
$aBanner = Admin_DA::getAd($bannerId);
$aBanner['storagetype'] = $aBanner['type'];
$aBanner['bannerid'] = $aBanner['ad_id'];
$bannerCode = MAX_adRender($aBanner, 0, '', '', '', true, '', false, false);
} else {
$bannerCode = '';
}
$advertiserDetails = phpAds_getClientDetails($advertiserId);
$advertiserName = $advertiserDetails['clientname'];
$campaignDetails = Admin_DA::getPlacement($campaignId);
$campaignName = $campaignDetails['name'];
$bannerName = $aOtherBanners[$bannerId]['name'];
$builder = new OA_Admin_UI_Model_InventoryPageHeaderModelBuilder();
$oHeaderModel = $builder->buildEntityHeader(array(array("name" => $advertiserName, "url" => $advertiserEditUrl), array("name" => $campaignName, "url" => $campaignEditUrl), array("name" => $bannerName)), "banner", $pageType);
global $phpAds_breadcrumbs_extra;
$phpAds_breadcrumbs_extra .= "<div class='bannercode'>{$bannerCode}</div>";
if ($bannerCode != '') {
$phpAds_breadcrumbs_extra .= "<br />";
}
addBannerPageTools($advertiserId, $campaignId, $bannerId, $aOtherCampaigns, $aOtherBanners, $aEntities);
phpAds_PageHeader($tabValue, $oHeaderModel);
}
/**
* A method to show an error if the current user/account doesn't have access
* to the specified DB_DataObject (defined by table name and entity ID).
*
* @static
* @param string $entityTable The name of the table.
* @param integer $entityId Optional entity ID -- when set, tests if the current
* account has access to the enity, when not set, tests
* if the current account can create a new entity in the
* table.
* @param boolean $allowNewEntity Allow creation of a new entity, defaults to false.
*/
function enforceAccessToObject($entityTable, $entityId = null, $allowNewEntity = false)
{
if (!$allowNewEntity) {
OA_Permission::enforceTrue(!empty($entityId));
}
// Verify that the ID is numeric
OA_Permission::enforceTrue(preg_match('/^\\d*$/D', $entityId));
$entityId = (int) $entityId;
$hasAccess = OA_Permission::hasAccessToObject($entityTable, $entityId);
if (!$hasAccess) {
if (!OA_Permission::isManualAccountSwitch()) {
if (OA_Permission::isUserLinkedToAdmin()) {
// Check object existence
OA_Permission::enforceTrue(OA_Permission::getAccountIdForEntity($entityTable, $entityId));
}
// if has access switch to the manager account that owns this object
if ($hasAccess) {
if (OA_Permission::switchToManagerAccount($entityTable, $entityId)) {
// Now that the admin user is working with the manager
// account that owns the object, show to him the page.
$url = $_SERVER['REQUEST_URI'];
header("Location: {$url}");
exit;
} else {
// If is not possible to switch redirect the admin to his home page
OX_Admin_Redirect::redirect();
}
}
}
}
if (!$hasAccess) {
OA_Permission::redirectIfManualAccountSwitch();
$hasAccess = OA_Permission::attemptToSwitchForAccess($entityTable, $entityId);
}
OA_Permission::enforceTrue($hasAccess);
}
