classes/security/authorization/internal/MonographFileAssignedReviewerAccessPolicy.inc.php

<?php
import('classes.security.authorization.internal.MonographFileBaseAccessPolicy');

class MonographFileAssignedReviewerAccessPolicy extends MonographFileBaseAccessPolicy {
   function MonographFileAssignedReviewerAccessPolicy(&$request, $fileIdAndRevision = null) {
      parent::MonographFileBaseAccessPolicy($request, $fileIdAndRevision);
   }


   //
   // Implement template methods from AuthorizationPolicy
   //
   function effect() {
      $request =& $this->getRequest();

      // Get the user
      $user =& $request->getUser();
      if (!is_a($user, 'PKPUser')) return AUTHORIZATION_DENY;

      // Get the monograph file
      $monographFile =& $this->getMonographFile($request);
      if (!is_a($monographFile, 'MonographFile')) return AUTHORIZATION_DENY;

      $reviewAssignmentDao =& DAORegistry::getDAO('ReviewAssignmentDAO');
      $reviewAssignments =& $reviewAssignmentDao->getByUserId($user->getId());
      $foundValid = false;
      foreach ($reviewAssignments as $reviewAssignment) {
         if (!$reviewAssignment->getDateConfirmed()) continue;

         if (
            $monographFile->getSubmissionId() == $reviewAssignment->getSubmissionId() &&
            $monographFile->getFileStage() == MONOGRAPH_FILE_REVIEW_FILE &&
            $monographFile->getViewable()
         ) {
            $foundValid = true;
         }
      }

      // Check if the uploader is the current user.
      if ($foundValid) {
         return AUTHORIZATION_PERMIT;
      } else {
         return AUTHORIZATION_DENY;
      }
   }
}

?>