Open Monograph Press  1.1
 All Classes Namespaces Functions Variables Groups Pages
ReviewRoundRequiredPolicy.inc.php
1 <?php
15 import('lib.pkp.classes.security.authorization.DataObjectRequiredPolicy');
16 
25  function ReviewRoundRequiredPolicy($request, &$args, $parameterName = 'reviewRoundId', $operations = null) {
26  parent::DataObjectRequiredPolicy($request, $args, $parameterName, 'user.authorization.invalidReviewRound', $operations);
27  }
28 
29  //
30  // Implement template methods from AuthorizationPolicy
31  //
35  function dataObjectEffect() {
36  // Get the review round id.
37  $reviewRoundId = $this->getDataObjectId();
38  if ($reviewRoundId === false) return AUTHORIZATION_DENY;
39 
40  // Validate the review round id.
41  $reviewRoundDao = DAORegistry::getDAO('ReviewRoundDAO');
42  $reviewRound = $reviewRoundDao->getById($reviewRoundId);
43  if (!is_a($reviewRound, 'ReviewRound')) return AUTHORIZATION_DENY;
44 
45  // Ensure that the review round actually belongs to the
46  // authorized submission.
47  $submission =& $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
48  if ($reviewRound->getSubmissionId() != $submission->getId()) AUTHORIZATION_DENY;
49 
50  // Ensure that the review round is for this workflow stage
51  $stageId = $this->getAuthorizedContextObject(ASSOC_TYPE_WORKFLOW_STAGE);
52  if ($reviewRound->getStageId() != $stageId) return AUTHORIZATION_DENY;
53 
54  // Save the review round to the authorization context.
55  $this->addAuthorizedContextObject(ASSOC_TYPE_REVIEW_ROUND, $reviewRound);
56  return AUTHORIZATION_PERMIT;
57  }
58 }
59 
60 ?>
ReviewRoundRequiredPolicy($request, &$args, $parameterName= 'reviewRoundId', $operations=null)
static & getDAO($name, $dbconn=null)
Abstract base class for policies that check for a data object from a parameter.
Policy that ensures that the request contains a valid review round.
& getAuthorizedContextObject($assocType)
addAuthorizedContextObject($assocType, &$authorizedObject)