*5557* WorkflowSubmissionAssignmentPolicy and associated component ch…

…anges to suit it

classes/security/authorization/OmpWorkflowStageAccessPolicy.inc.php

@@ -22,7 +22,7 @@ class OmpWorkflowStageAccessPolicy extends PressPolicy {
 	 * @param $args array request arguments
 	 * @param $roleAssignments array
 	 */
-	function OmpWorkflowStageAccessPolicy(&$request, &$args, $roleAssignments, $submissionParameterName = 'monographId') {
+	function OmpWorkflowStageAccessPolicy(&$request, &$args, $roleAssignments, $submissionParameterName = 'monographId', $stageId = null) {
 		parent::PressPolicy($request);
 
 		// A workflow stage component can only be called if there's a
@@ -68,7 +68,7 @@ function OmpWorkflowStageAccessPolicy(&$request, &$args, $roleAssignments, $subm
 
 		// 2) ... but only if the requested workflow stage has been assigned to them in the requested submission.
 		import('classes.security.authorization.internal.WorkflowSubmissionAssignmentPolicy');
-		$pressRoleWorkflowStagePolicy->addPolicy(new WorkflowSubmissionAssignmentPolicy($request));
+		$pressRoleWorkflowStagePolicy->addPolicy(new WorkflowSubmissionAssignmentPolicy($request, $stageId));
 		$workflowStagePolicy->addPolicy($pressRoleWorkflowStagePolicy);
 
 
@@ -85,7 +85,7 @@ function OmpWorkflowStageAccessPolicy(&$request, &$args, $roleAssignments, $subm
 
 		// 3) ... and only if the requested workflow stage has been assigned to them in the requested submission.
 		import('classes.security.authorization.internal.WorkflowSubmissionAssignmentPolicy');
-		$authorRoleWorkflowStagePolicy->addPolicy(new WorkflowSubmissionAssignmentPolicy($request));
+		$authorRoleWorkflowStagePolicy->addPolicy(new WorkflowSubmissionAssignmentPolicy($request, $stageId));
 		$workflowStagePolicy->addPolicy($authorRoleWorkflowStagePolicy);
 
 

classes/security/authorization/internal/WorkflowSubmissionAssignmentPolicy.inc.php

@@ -21,14 +21,19 @@ class WorkflowSubmissionAssignmentPolicy extends AuthorizationPolicy {
 	/** @var Request */
 	var $_request;
 
+	/** @var Request */
+	var $_stageId;
+
 	/**
 	 * Constructor
 	 * @param $request PKPRequest
 	 * @param $anyStep boolean true if the requested submission is assigned
 	 *  to any workflow step for the requested submission.
 	 */
-	function WorkflowSubmissionAssignmentPolicy(&$request) {
+	function WorkflowSubmissionAssignmentPolicy(&$request, $stageId) {
 		$this->_request =& $request;
+		$this->_stageId =& $stageId;
+
 		parent::AuthorizationPolicy();
 	}
 
@@ -39,31 +44,33 @@ function WorkflowSubmissionAssignmentPolicy(&$request) {
 	 * @see AuthorizationPolicy::effect()
 	 */
 	function effect() {
-		// FIXME: Implement when workflow submission assignments have been implemented, see #5557.
-
-		// Retrieve the user.
+		// Get the user
 		$user =& $this->_request->getUser();
-		if (!is_a($user, 'User')) return AUTHORIZATION_DENY;
+		if (!is_a($user, 'PKPUser')) return AUTHORIZATION_DENY;
 
-		// Retrieve the authorized submission.
-		if (!$this->hasAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH)) return AUTHORIZATION_DENY;
-		$submission =& $this->getAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH);
+		// Get the press
+		$router =& $this->_request->getRouter();
+		$press =& $router->getContext($this->_request);
+		if (!is_a($press, 'Press')) return AUTHORIZATION_DENY;
 
-		// Retrieve the authorized user group.
-		if (!$this->hasAuthorizedContextObject(ASSOC_TYPE_USER_GROUP)) return AUTHORIZATION_DENY;
-		$userGroup =& $this->getAuthorizedContextObject(ASSOC_TYPE_USER_GROUP);
+		// Get the monograph
+		$monograph =& $this->getAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH);
+		if (!is_a($monograph, 'Monograph')) return AUTHORIZATION_DENY;
 
-		// Retrieve the workflow step from the request.
-		// FIXME.
+		// Get the monograph's current stage
+		if (!isset($this->_stageId)) return AUTHORIZATION_DENY;
 
-		// Deny access if no valid workflow step was found in the request.
-		// FIXME.
+		// Get the currently acting as user group ID
+		$userGroup = $this->getAuthorizedContextObject(ASSOC_TYPE_USER_GROUP);
+		if (!is_a($userGroup, 'UserGroup')) return AUTHORIZATION_DENY;
 
-		// Check whether the user is assigned to the submission in the current
-		// user group for the given workflow step.
-		// FIXME.
+		// Check whether the user is assigned to the submission in the current user group for the given workflow step.
+		$signoffDao =& DAORegistry::getDAO('SignoffDAO');
+		if(!$signoffDao->signoffExists('SIGNOFF_STAGE', ASSOC_TYPE_MONOGRAPH, $monograph->getId(), $user->getId(), $this->_stageId, $userGroup->getId())) {
+			return AUTHORIZATION_DENY;
+		}
 
-		// Access has been authorized.
+		// Access has been authorized
 		return AUTHORIZATION_PERMIT;
 	}
 }

controllers/grid/files/reviewAttachments/EditorReviewAttachmentsGridHandler.inc.php

@@ -21,9 +21,8 @@ class EditorReviewAttachmentsGridHandler extends ReviewAttachmentsGridHandler {
 	 */
 	function EditorReviewAttachmentsGridHandler() {
 		parent::ReviewAttachmentsGridHandler();
-		// FIXME: #5600 - Authorize editors
-		//$this->addRoleAssignment(array(ROLE_ID_REVIEWER, ROLE_ID_PRESS_MANAGER, ROLE_ID_EDITOR),
-		//		array('fetchGrid', 'addFile', 'editFile', 'saveFile', 'deleteFile', 'returnFileRow', 'downloadFile'));
+		$this->addRoleAssignment(array(ROLE_ID_PRESS_MANAGER),
+				array('fetchGrid', 'addFile', 'editFile', 'saveFile', 'deleteFile', 'returnFileRow', 'downloadFile'));
 	}
 
 	//
@@ -33,11 +32,9 @@ function EditorReviewAttachmentsGridHandler() {
 	 * @see PKPHandler::authorize()
 	 */
 	function authorize(&$request, &$args, $roleAssignments) {
-		// FIXME: #5600 - Distribute access differently to reviewers and editor roles
-		/*import('classes.security.authorization.OmpWorkflowStageAccessPolicy');
+		import('classes.security.authorization.OmpWorkflowStageAccessPolicy');
 		$this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments));
-		return parent::authorize($request, $args, $roleAssignments);*/
-		return true;
+		return parent::authorize($request, $args, $roleAssignments, WORKFLOW_STAGE_ID_INTERNAL_REVIEW);
 	}
 
 	/*

controllers/grid/files/reviewAttachments/ReviewAttachmentsGridHandler.inc.php

@@ -24,9 +24,6 @@ class ReviewAttachmentsGridHandler extends GridHandler {
 	 */
 	function ReviewAttachmentsGridHandler() {
 		parent::GridHandler();
-		// FIXME: #5600 - Distribute access differently to reviewers and editor roles
-		//$this->addRoleAssignment(array(ROLE_ID_REVIEWER, ROLE_ID_PRESS_MANAGER, ROLE_ID_EDITOR),
-		//		array('fetchGrid', 'addFile', 'editFile', 'saveFile', 'deleteFile', 'returnFileRow', 'downloadFile'));
 	}
 
 	//
@@ -55,11 +52,9 @@ function getReadOnly() {
 	* @see PKPHandler::authorize()
 	*/
 	function authorize(&$request, &$args, $roleAssignments) {
-		// FIXME: #5600 - Distribute access differently to reviewers and editor roles
-		/*import('classes.security.authorization.OmpWorkflowStageAccessPolicy');
-		$this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments));
-		return parent::authorize($request, $args, $roleAssignments);*/
-		return true;
+		import('classes.security.authorization.OmpWorkflowStageAccessPolicy');
+		$this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, WORKFLOW_STAGE_ID_INTERNAL_REVIEW));
+		return parent::authorize($request, $args, $roleAssignments);
 	}
 
 	/*

controllers/grid/files/reviewAttachments/ReviewerReviewAttachmentsGridHandler.inc.php

@@ -21,9 +21,8 @@ class ReviewerReviewAttachmentsGridHandler extends ReviewAttachmentsGridHandler
 	 */
 	function ReviewerReviewAttachmentsGridHandler() {
 		parent::ReviewAttachmentsGridHandler();
-		// FIXME: #5600 - Distribute access differently to reviewers and editor roles
-		//$this->addRoleAssignment(array(ROLE_ID_REVIEWER, ROLE_ID_PRESS_MANAGER, ROLE_ID_EDITOR),
-		//		array('fetchGrid', 'addFile', 'editFile', 'saveFile', 'deleteFile', 'returnFileRow', 'downloadFile'));
+		$this->addRoleAssignment(array(ROLE_ID_REVIEWER),
+				array('fetchGrid', 'addFile', 'editFile', 'saveFile', 'deleteFile', 'returnFileRow', 'downloadFile'));
 	}
 
 	//
@@ -33,11 +32,9 @@ function ReviewerReviewAttachmentsGridHandler() {
 	 * @see PKPHandler::authorize()
 	 */
 	function authorize(&$request, &$args, $roleAssignments) {
-		// FIXME: #5600 - Distribute access differently to reviewers and editor roles
-		/*import('classes.security.authorization.OmpWorkflowStageAccessPolicy');
-		$this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments));
-		return parent::authorize($request, $args, $roleAssignments);*/
-		return true;
+		import('classes.security.authorization.OmpWorkflowStageAccessPolicy');
+		$this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, WORKFLOW_STAGE_ID_INTERNAL_REVIEW));
+		return parent::authorize($request, $args, $roleAssignments);
 	}
 
 	/*

controllers/grid/files/reviewFiles/ReviewFilesGridHandler.inc.php

@@ -32,7 +32,7 @@ class ReviewFilesGridHandler extends GridHandler {
 	 */
 	function ReviewFilesGridHandler() {
 		parent::GridHandler();
-		// FIXME: Please correctly distribute the operations among roles.
+
 		$this->addRoleAssignment(ROLE_ID_AUTHOR,
 				$authorOperations = array());
 		$this->addRoleAssignment(ROLE_ID_PRESS_ASSISTANT,
@@ -102,11 +102,10 @@ function getShowRoleColumns() {
 	 * @see PKPHandler::authorize()
 	 */
 	function authorize(&$request, &$args, $roleAssignments) {
-		// FIXME: #5600 - Distribute access differently to reviewers and editor roles
-		/*import('classes.security.authorization.OmpWorkflowStageAccessPolicy');
-		$this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments));
-		return parent::authorize($request, $args, $roleAssignments);*/
-		return true;
+		$stageId = $request->getUserVar('stageId');
+		import('classes.security.authorization.OmpWorkflowStageAccessPolicy');
+		$this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, $stageId));
+		return parent::authorize($request, $args, $roleAssignments);
 	}
 
 	/*

controllers/grid/files/revisions/RevisionsGridHandler.inc.php

@@ -102,7 +102,7 @@ function getShowRoleColumns() {
 	 */
 	function authorize(&$request, &$args, $roleAssignments) {
 		import('classes.security.authorization.OmpWorkflowStageAccessPolicy');
-		$this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments));
+		$this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, WORKFLOW_STAGE_ID_INTERNAL_REVIEW));
 		return parent::authorize($request, $args, $roleAssignments);
 	}
 

controllers/grid/files/submissionFiles/SubmissionFilesGridRow.inc.php

@@ -41,14 +41,16 @@ function initialize(&$request) {
 		$monographFileDao =& DAORegistry::getDAO('MonographFileDAO');
 		$monographFile =& $monographFileDao->getMonographFile($rowId);
 		$monographId = $monographFile->getMonographId();
+		$monographDao =& DAORegistry::getDAO('MonographDAO');
+		$monograph =& $monographDao->getMonograph($monographId);
 
 		if (!empty($rowId) && is_numeric($rowId)) {
 			// Actions
 			$router =& $request->getRouter();
 			$actionArgs = array(
 				'gridId' => $this->getGridId(),
 				'fileId' => $rowId,
-				'monographId' => $monographId
+				'monographId' => $monographId,
 			);
 
 			$this->addAction(
@@ -67,7 +69,7 @@ function initialize(&$request) {
 					'moreInfo',
 					LINK_ACTION_MODE_MODAL,
 					LINK_ACTION_TYPE_NOTHING,
-					$router->url($request, null, 'informationCenter.FileInformationCenterHandler', 'viewInformationCenter', null, array('monographId' => $monographId, 'itemId' => $rowId)),
+					$router->url($request, null, 'informationCenter.FileInformationCenterHandler', 'viewInformationCenter', null, array('monographId' => $monographId, 'itemId' => $rowId, 'stageId' => $monograph->getCurrentStageId())),
 					'grid.action.moreInformation',
 					null,
 					'more_info'

controllers/grid/files/submissionFiles/SubmissionReviewFilesGridHandler.inc.php

@@ -38,7 +38,7 @@ function SubmissionReviewFilesGridHandler() {
 	 */
 	function authorize(&$request, &$args, $roleAssignments) {
 		import('classes.security.authorization.OmpWorkflowStageAccessPolicy');
-		$this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments));
+		$this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, WORKFLOW_STAGE_ID_INTERNAL_REVIEW));
 		return parent::authorize($request, $args, $roleAssignments);
 	}
 

controllers/grid/submissions/author/AuthorSubmissionsListGridRow.inc.php

@@ -44,6 +44,9 @@ function initialize(&$request) {
 				'monographId' => $rowId,
 			);
 
+			$monographDao =& DAORegistry::getDAO('MonographDAO');
+			$monograph =& $monographDao->getMonograph($rowId);
+
 			$this->addAction(
 				new LinkAction(
 					'deleteSubmission',
@@ -62,7 +65,7 @@ function initialize(&$request) {
 					'moreInfo',
 					LINK_ACTION_MODE_MODAL,
 					LINK_ACTION_TYPE_NOTHING,
-					$router->url($request, null, 'informationCenter.SubmissionInformationCenterHandler', 'viewInformationCenter', null, array('monographId' => $rowId, 'itemId' => $rowId)),
+					$router->url($request, null, 'informationCenter.SubmissionInformationCenterHandler', 'viewInformationCenter', null, array('monographId' => $rowId, 'itemId' => $rowId, 'stageId' => $monograph->getCurrentStageId())),
 					'grid.action.moreInformation',
 					null,
 					'more_info'

controllers/grid/submissions/pressEditor/PressEditorSubmissionsListGridRow.inc.php

@@ -50,6 +50,10 @@ function initialize(&$request) {
 				'reviewType' => $monograph->getCurrentReviewType(),
 				'round' => $monograph->getCurrentRound()
 			);
+
+			$monographDao =& DAORegistry::getDAO('MonographDAO');
+			$monograph =& $monographDao->getMonograph($rowId);
+
 			$actionArgs['decision'] = SUBMISSION_EDITOR_DECISION_ACCEPT;
 			$this->addAction(
 				new LinkAction(
@@ -78,7 +82,7 @@ function initialize(&$request) {
 					'moreInfo',
 					LINK_ACTION_MODE_MODAL,
 					LINK_ACTION_TYPE_NOTHING,
-					$router->url($request, null, 'informationCenter.SubmissionInformationCenterHandler', 'viewInformationCenter', null, array('monographId' => $rowId, 'itemId' => $rowId)),
+					$router->url($request, null, 'informationCenter.SubmissionInformationCenterHandler', 'viewInformationCenter', null, array('monographId' => $rowId, 'itemId' => $rowId, 'monographId' => $monograph->getCurrentStageId())),
 					'grid.action.moreInformation',
 					null,
 					'more_info'

controllers/grid/users/reviewer/ReviewerGridHandler.inc.php

@@ -61,7 +61,7 @@ function &getSubmission() {
 	 */
 	function authorize(&$request, &$args, $roleAssignments) {
 		import('classes.security.authorization.OmpWorkflowStageAccessPolicy');
-		$this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments));
+		$this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, WORKFLOW_STAGE_ID_INTERNAL_REVIEW));
 		return parent::authorize($request, $args, $roleAssignments);
 	}