| Server IP : 127.0.1.1 / Your IP : 216.73.216.60 Web Server : Apache/2.4.58 (Ubuntu) System : Linux nepub 6.8.0-88-generic #89-Ubuntu SMP PREEMPT_DYNAMIC Sat Oct 11 01:02:46 UTC 2025 x86_64 User : root ( 0) PHP Version : 8.2.30 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : OFF Directory : /var/www/html/public_html/lib/pkp/classes/security/authorization/ |
Upload File : |
<?php
/**
* @file classes/security/authorization/PublicationAccessPolicy.inc.php
*
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2000-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class PublicationAccessPolicy
* @ingroup security_authorization
*
* @brief Class to control access to a publication
*/
import('lib.pkp.classes.security.authorization.internal.ContextPolicy');
import('lib.pkp.classes.security.authorization.SubmissionAccessPolicy');
import('lib.pkp.classes.security.authorization.internal.PublicationRequiredPolicy');
import('lib.pkp.classes.security.authorization.internal.PublicationIsSubmissionPolicy');
class PublicationAccessPolicy extends ContextPolicy {
/**
* Constructor
* @param $request PKPRequest
* @param $args array request parameters
* @param $roleAssignments array
* @param $publicationParameterName string the request parameter we
* expect the submission id in.
*/
function __construct($request, $args, $roleAssignments, $publicationParameterName = 'publicationId') {
parent::__construct($request);
// Can the user access this submission? (parameter name: 'submissionId')
$this->addPolicy(new SubmissionAccessPolicy($request, $args, $roleAssignments));
// Does the publication exist?
$this->addPolicy(new PublicationRequiredPolicy($request, $args));
// Is the publication attached to the correct submission?
$this->addPolicy(new PublicationIsSubmissionPolicy(__('api.publications.403.submissionsDidNotMatch')));
}
}