Open Monograph Press  3.3.0
PKPSiteAccessPolicy.inc.php
1 <?php
16 define('SITE_ACCESS_ALL_ROLES', 0x01);
17 
18 import('lib.pkp.classes.security.authorization.PolicySet');
19 
20 class PKPSiteAccessPolicy extends PolicySet {
30  function __construct($request, $operations, $roleAssignments, $message = 'user.authorization.loginRequired') {
31  parent::__construct();
32  $siteRolePolicy = new PolicySet(COMBINING_PERMIT_OVERRIDES);
33  if(is_array($roleAssignments)) {
34  import('lib.pkp.classes.security.authorization.RoleBasedHandlerOperationPolicy');
35  foreach($roleAssignments as $role => $operations) {
36  $siteRolePolicy->addPolicy(new RoleBasedHandlerOperationPolicy($request, $role, $operations));
37  }
38  } elseif ($roleAssignments === SITE_ACCESS_ALL_ROLES) {
39  import('lib.pkp.classes.security.authorization.PKPPublicAccessPolicy');
40  $siteRolePolicy->addPolicy(new PKPPublicAccessPolicy($request, $operations));
41  } else {
42  throw new Exception('Invalid role assignments!');
43  }
44  $this->addPolicy($siteRolePolicy);
45  }
46 
47  //
48  // Implement template methods from AuthorizationPolicy
49  //
53  function effect() {
54  // Retrieve the user from the session.
55  $request = Application::get()->getRequest();
56  $user = $request->getUser();
57 
58  if (!is_a($user, 'User')) {
59  return AUTHORIZATION_DENY;
60  }
61 
62  // Execute handler operation checks.
63  return parent::effect();
64  }
65 }
66 
67 
PKPPublicAccessPolicy
Class to control access to handler operations based on an operation whitelist.
Definition: PKPPublicAccessPolicy.inc.php:18
PolicySet\addPolicy
addPolicy($policyOrPolicySet, $addToTop=false)
Definition: PolicySet.inc.php:63
PKPSiteAccessPolicy\effect
effect()
Definition: PKPSiteAccessPolicy.inc.php:53
RoleBasedHandlerOperationPolicy
Class to control access to handler operations via role based access control.
Definition: RoleBasedHandlerOperationPolicy.inc.php:18
PKPApplication\get
static get()
Definition: PKPApplication.inc.php:235
PKPSiteAccessPolicy
Class to that makes sure that a user is logged in.
Definition: PKPSiteAccessPolicy.inc.php:20
PKPSiteAccessPolicy\__construct
__construct($request, $operations, $roleAssignments, $message='user.authorization.loginRequired')
Definition: PKPSiteAccessPolicy.inc.php:30
PolicySet
An ordered list of policies. Policy sets can be added to decision managers like policies....
Definition: PolicySet.inc.php:26