contributions/usermanagement.hijackaccount/behaviour/accesscontrol/hijackaccount.access.php

Go to the documentation of this file.
00001 <?php
00002 /**
00003  * Defauklt Access Control for hijacking accounts
00004  */
00005 class HijackaccountAccessControl extends AccessControlBase {
00006         /**
00007          * Constructor. Sets type on parent.
00008          */
00009         public function __construct() {
00010                 parent::__construct('users');
00011         }
00012         
00013         /**
00014          * Overloadable. Check if action on object is allowed for given user
00015          *
00016          * User is always valid
00017          * 
00018          * @param string $action The action to perform (edit, delete, ....)  
00019          * @param DAOHtmlpage $item Item to perform the action on (may be a DataObject, e.g.)
00020          * @param DAOUsers $user A user, role, ACO, depending on user management chosen
00021          * @return int One of Constants ALLOWED, NOT_ALLOWED and NOT_RESPONSIBLE
00022          */
00023         protected function do_is_allowed_for_user($action, $item, $user, $params = false) {
00024                 // we know that item is of type "users"
00025                 $ret = self::NOT_RESPONSIBLE;
00026                 switch ($action) {
00027                         case 'hijack':
00028                                 // Admins are allowed to hijack
00029                                 $ret = $this->to_result($user->has_role(USER_ROLE_ADMIN));
00030                                 break;
00031                 }
00032                 return $ret;
00033         }
00034 }