openrat-cms

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README

ObjectAction.class.php (2001B)


      1 <?php
      2 
      3 namespace cms\action;
      4 
      5 use cms\model\Permission;
      6 use cms\model\BaseObject;
      7 use cms\model\File;
      8 use cms\model\Folder;
      9 use cms\model\Group;
     10 use cms\model\Language;
     11 use cms\model\Link;
     12 use cms\model\Page;
     13 use cms\model\Project;
     14 use cms\model\User;
     15 use language\Messages;
     16 use util\ArrayUtils;
     17 use util\exception\SecurityException;
     18 use util\exception\ValidationException;
     19 use util\Http;
     20 use util\Session;
     21 
     22 
     23 /**
     24  * Basis-Action-Klasse zum Bearbeiten des Basis-Objektes.
     25  * @author Jan Dankert
     26  */
     27 
     28 class ObjectAction extends BaseAction
     29 {
     30 	private $objectid;
     31 
     32     /**
     33      * @var BaseObject
     34      */
     35 	protected $baseObject;
     36 
     37 	public function __construct()
     38     {
     39         parent::__construct();
     40 
     41     }
     42 
     43 
     44 	/**
     45 	 * Should be overwritten by subclasses.
     46 	 *
     47 	 * @return int Permission-flag.
     48 	 */
     49     public function getRequiredPermission() {
     50 		return Permission::ACL_READ;
     51 	}
     52 
     53 
     54     public function init()
     55     {
     56 		$baseObject = new BaseObject( $this->request->getId() );
     57 		$baseObject->objectLoad();
     58 
     59 		$this->setBaseObject( $baseObject );
     60 
     61 		$this->addHeader('X-CMS-OID',$baseObject->objectid );
     62 	}
     63 
     64 
     65 	protected function setBaseObject( $baseObject ) {
     66 
     67 		$this->baseObject = $baseObject;
     68 	}
     69 
     70 
     71     /**
     72      * Stellt fest, ob der angemeldete Benutzer Projekt-Admin ist.
     73      * Dies ist der Fall, wenn der Benutzer PROP-Rechte im Root-Folder hat.
     74      * @return bool|int
     75      */
     76     protected function userIsProjectAdmin() {
     77 
     78 	    $project = new Project( $this->baseObject->projectid );
     79 	    $rootFolder = new Folder( $project->getRootObjectId() );
     80 
     81 	    return $rootFolder->hasRight(Permission::ACL_PROP);
     82     }
     83 
     84 
     85     /**
     86 	 * Checks if the current user has sufficient rights.
     87 	 *
     88 	 * If not, an exception is thrown.
     89 	 *
     90      * @return bool
     91      */
     92     public function checkAccess() {
     93 
     94 		$requiredPermission = $this->getRequiredPermission();
     95 
     96 		if   ( ! $this->baseObject->hasRight($requiredPermission) )
     97 	    	throw new SecurityException('User has insufficient permissions ('.$requiredPermission.')' );
     98     }
     99 }