65 $this->_enforceRestrictedSite = $enforceRestrictedSite;
94 assert(!is_null($this->_dispatcher));
103 $this->_dispatcher = $dispatcher;
111 function index($args, $request) {
113 if (isset($dispatcher)) $dispatcher->handle404();
130 function addPolicy($authorizationPolicy, $addToTop =
false) {
131 if (is_null($this->_authorizationDecisionManager)) {
133 import(
'lib.pkp.classes.security.authorization.AuthorizationDecisionManager');
138 $this->_authorizationDecisionManager->addPolicy($authorizationPolicy, $addToTop);
148 assert(is_a($this->_authorizationDecisionManager,
'AuthorizationDecisionManager'));
149 return $this->_authorizationDecisionManager->getAuthorizedContextObject($assocType);
163 assert(is_a($this->_authorizationDecisionManager,
'AuthorizationDecisionManager'));
164 return $this->_authorizationDecisionManager->getAuthorizedContext();
173 assert(is_a($this->_authorizationDecisionManager,
'AuthorizationDecisionManager'));
174 $authorizationMessages = $this->_authorizationDecisionManager->getAuthorizationMessages();
175 return end($authorizationMessages);
188 if (!is_array($operations)) $operations = array($operations);
191 if (!is_array($roleIds)) $roleIds = array($roleIds);
194 foreach($roleIds as $roleId) {
197 if (!isset($this->_roleAssignments[$roleId])) {
198 $this->_roleAssignments[$roleId] = array();
203 $this->_roleAssignments[$roleId] = array_merge(
204 $this->_roleAssignments[$roleId],
210 $this->_roleAssignmentsChecked =
false;
220 if (!is_null($roleId)) {
221 if (isset($this->_roleAssignments[$roleId])) {
222 return $this->_roleAssignments[$roleId];
242 $this->_roleAssignmentsChecked =
true;
261 function authorize($request, &$args, $roleAssignments) {
263 if ($this->_enforceRestrictedSite) {
264 import(
'lib.pkp.classes.security.authorization.RestrictedSiteAccessPolicy');
270 import(
'lib.pkp.classes.security.authorization.HttpsPolicy');
274 if (!defined(
'SESSION_DISABLE_INIT')) {
276 $user = $request->getUser();
277 if (is_a($user,
'User') || is_a($request->getRouter(),
'APIRouter')) {
278 import(
'lib.pkp.classes.security.authorization.UserRolesRequiredPolicy');
284 assert(is_a($this->_authorizationDecisionManager,
'AuthorizationDecisionManager'));
286 $router = $request->getRouter();
287 if (is_a($router,
'PKPPageRouter')) {
292 $this->_authorizationDecisionManager->setDecisionIfNoPolicyApplies(AUTHORIZATION_PERMIT);
298 $this->_authorizationDecisionManager->setDecisionIfNoPolicyApplies(AUTHORIZATION_DENY);
302 $decision = $this->_authorizationDecisionManager->decide();
303 if ($decision == AUTHORIZATION_PERMIT && (empty($this->_roleAssignments) || $this->_roleAssignmentsChecked)) {
324 function validate($requiredContexts =
null, $request =
null) {
326 if (!isset($request)) {
328 if (
Config::getVar(
'debug',
'deprecation_warnings')) trigger_error(
'Deprecated call without request object.');
331 foreach ($this->_checks as $check) {
337 if ( !$check->isValid() ) {
338 if ( $check->redirectToLogin ) {
343 $request->redirect(
null,
'index');
364 $router = $request->getRouter();
365 if (is_a($router,
'PKPComponentRouter')) {
366 $componentId = $router->getRequestedComponent($request);
372 $this->
setId($componentId);
373 } elseif (is_a($router,
'APIRouter')) {
374 $this->
setId($router->getEntity());
376 assert(is_a($router,
'PKPPageRouter'));
377 $this->
setId($router->getRequestedPage($request));
390 static function getRangeInfo($request, $rangeName, $contextData =
null) {
391 $context = $request->getContext();
392 $pageNum = $request->getUserVar(self::getPageParamName($rangeName));
393 if (empty($pageNum)) {
394 $session =& $request->getSession();
396 if ($session && $contextData !==
null) {
400 if ($request->getUserVar(
'clearPageContext')) {
402 $session->unsetSessionVar(
"page-$contextHash");
404 $oldPage = $session->getSessionVar(
"page-$contextHash");
405 if (is_numeric($oldPage)) $pageNum = $oldPage;
409 $session =& $request->getSession();
410 if ($session && $contextData !==
null) {
413 $session->setSessionVar(
"page-$contextHash", $pageNum);
417 if ($context) $count = $context->getData(
'itemsPerPage');
418 if (!isset($count)) $count =
Config::getVar(
'interface',
'items_per_page');
420 import(
'lib.pkp.classes.db.DBResultRange');
422 if (isset($count))
return new DBResultRange($count, $pageNum);
432 return $rangeName .
'Page';
441 if (!isset($request)) {
443 if (
Config::getVar(
'debug',
'deprecation_warnings')) trigger_error(
'Deprecated call without request object.');
445 assert(is_a($request,
'PKPRequest'));
448 LOCALE_COMPONENT_PKP_COMMON,
449 LOCALE_COMPONENT_PKP_USER,
450 LOCALE_COMPONENT_APP_COMMON
454 if (array_intersect(array(ROLE_ID_MANAGER), $userRoles)) {
459 $templateMgr->assign(
'userRoles', $userRoles);
462 if ($accessibleWorkflowStages) $templateMgr->assign(
'accessibleWorkflowStages', $accessibleWorkflowStages);
465 if ($this->_isBackendPage) {
466 $templateMgr->setupBackendPage();
480 implode(
',', $request->getRequestedContextPath()) .
',' .
481 $request->getRequestedPage() .
',' .
482 $request->getRequestedOp() .
',' .
483 serialize($contextData)
493 $site = $request->getSite();
494 if ($site && ($contextId = $site->getRedirect())) {
496 return $contextDao->getById($contextId);
510 foreach($contexts as $workingContext) {
511 $userIsEnrolled = $userGroupDao->userInAnyGroup($user->getId(), $workingContext->getId());
512 if ($userIsEnrolled) {
513 $context = $workingContext;
542 return $this->_apiToken = $apiToken;
555 $router = $request->getRouter();
556 $requestedPath = $router->getRequestedContextPath($request);
558 if ($requestedPath ===
'index' || $requestedPath ===
'') {
561 $contexts = $contextDao->getAll(
true);
562 $contextsCount = $contexts->getCount();
564 if ($contextsCount === 1) {
566 $context = $contexts->next();
568 if (!$context && $contextsCount > 1) {
574 $context = $router->getContext($request);
577 if (!$context) $request->getDispatcher()->handle404();
579 if (is_a($context,
'Context')) {