diff --git a/classes/security/authorization/OmpWorkflowStageAccessPolicy.inc.php b/classes/security/authorization/OmpWorkflowStageAccessPolicy.inc.php index 5559d795b4c..fde91039338 100644 --- a/classes/security/authorization/OmpWorkflowStageAccessPolicy.inc.php +++ b/classes/security/authorization/OmpWorkflowStageAccessPolicy.inc.php @@ -22,7 +22,7 @@ class OmpWorkflowStageAccessPolicy extends PressPolicy { * @param $args array request arguments * @param $roleAssignments array */ - function OmpWorkflowStageAccessPolicy(&$request, &$args, $roleAssignments, $submissionParameterName = 'monographId') { + function OmpWorkflowStageAccessPolicy(&$request, &$args, $roleAssignments, $submissionParameterName = 'monographId', $stageId = null) { parent::PressPolicy($request); // A workflow stage component can only be called if there's a @@ -68,7 +68,7 @@ function OmpWorkflowStageAccessPolicy(&$request, &$args, $roleAssignments, $subm // 2) ... but only if the requested workflow stage has been assigned to them in the requested submission. import('classes.security.authorization.internal.WorkflowSubmissionAssignmentPolicy'); - $pressRoleWorkflowStagePolicy->addPolicy(new WorkflowSubmissionAssignmentPolicy($request)); + $pressRoleWorkflowStagePolicy->addPolicy(new WorkflowSubmissionAssignmentPolicy($request, $stageId)); $workflowStagePolicy->addPolicy($pressRoleWorkflowStagePolicy); @@ -85,7 +85,7 @@ function OmpWorkflowStageAccessPolicy(&$request, &$args, $roleAssignments, $subm // 3) ... and only if the requested workflow stage has been assigned to them in the requested submission. import('classes.security.authorization.internal.WorkflowSubmissionAssignmentPolicy'); - $authorRoleWorkflowStagePolicy->addPolicy(new WorkflowSubmissionAssignmentPolicy($request)); + $authorRoleWorkflowStagePolicy->addPolicy(new WorkflowSubmissionAssignmentPolicy($request, $stageId)); $workflowStagePolicy->addPolicy($authorRoleWorkflowStagePolicy); diff --git a/classes/security/authorization/WorkflowSubmissionAssignmentPolicy.inc.php b/classes/security/authorization/WorkflowSubmissionAssignmentPolicy.inc.php deleted file mode 100644 index 1870391e34e..00000000000 --- a/classes/security/authorization/WorkflowSubmissionAssignmentPolicy.inc.php +++ /dev/null @@ -1,99 +0,0 @@ -_request =& $request; - } - - // - // Implement template methods from AuthorizationPolicy - // - /** - * @see AuthorizationPolicy::effect() - */ - function effect() { - $userGroupDAO =& DAORegistry::getDAO('UserGroupDAO'); - $signoffDao =& DAORegistry::getDAO('SignoffDAO'); - - // Get the user - $user =& $this->_request->getUser(); - if (!is_a($user, 'PKPUser')) return AUTHORIZATION_DENY; - - // Get the press - $router =& $this->_request->getRouter(); - $press =& $router->getContext($this->_request); - if (!is_a($press, 'Press')) return AUTHORIZATION_DENY; - - // Get the monograph - $monograph =& $this->getAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH); - if (!is_a($monograph, 'Monograph')) return AUTHORIZATION_DENY; - - // Get the monograph's current stage - $stageId = $monograph->getCurrentStageId(); - - - // Permit if the user is in a managerial role *for the current press* - $roleDao =& DAORegistry::getDAO('RoleDAO'); - if ($roleDao->userHasRole($press->getId(), $user->getId(), ROLE_ID_PRESS_MANAGER)) { - return AUTHORIZATION_PERMIT; - } - - - // Permit if the user is in a series editor role and assigned to the series in the current - // press and *the workflow stage is assigned to series editors in the press settings* - if (isset($seriesId) && $roleDao->userHasRole($press->getId(), $user->getId(), ROLE_ID_SERIES_EDITOR)) { - // Check that series editors are allowed into the current stage (as configured in setup step 3) - $userGroupStageAssignmentDAO =& DAORegistry::getDAO('UserGroupStageAssignmentDAO'); - $seriesEditorUserGroup =& $userGroupDao->getDefaultByRoleId($press->getId(), ROLE_ID_SERIES_EDITOR); - if($userGroupStageAssignmentDAO->assignmentExists($press->getId(), $seriesEditorUserGroup->getId(), $stageId)) { - // Check that user is a series editor for the monograph's current series - $seriesEditorsDao =& DAORegistry::getDAO('SeriesEditorsDAO'); - if ($seriesEditorDao->editorExists($press->getId(), $monograph->getSeriesId(), $user->getId())) { - return AUTHORIZATION_PERMIT; - } - } - } - - // *Press roles* permitted only when explicitly assigned to the submission in that workflow stage - // Check that user is assigned to current stage - foreach($userGroupDao->getByRoleId($press->getId(), ROLE_ID_PRESS_ASSISTANT) as $userGroup) { - if($signoffDao->assignmentExists('SIGNOFF_STAGE', ASSOC_TYPE_MONOGRAPH, $monographId, $userId, $stageId, $userGroup->getId())) { - return AUTHORIZATION_PERMIT; - } - } - - // *Author roles* permitted only when explicitly assigned to the submission in that workflow stage - foreach($userGroupDao->getByRoleId($press->getId(), ROLE_ID_AUTHOR) as $userGroup) { - if($signoffDao->assignmentExists('SIGNOFF_STAGE', ASSOC_TYPE_MONOGRAPH, $monographId, $userId, $stageId, $userGroup->getId())) { - return AUTHORIZATION_PERMIT; - } - } - - // Reviewers, public users and site admins (i.e. all others) do never have access to workflow pages. - return AUTHORIZATION_DENY; - } -} - -?> diff --git a/classes/security/authorization/internal/WorkflowSubmissionAssignmentPolicy.inc.php b/classes/security/authorization/internal/WorkflowSubmissionAssignmentPolicy.inc.php index 49e503898a2..01b0ef534bc 100644 --- a/classes/security/authorization/internal/WorkflowSubmissionAssignmentPolicy.inc.php +++ b/classes/security/authorization/internal/WorkflowSubmissionAssignmentPolicy.inc.php @@ -21,14 +21,19 @@ class WorkflowSubmissionAssignmentPolicy extends AuthorizationPolicy { /** @var Request */ var $_request; + /** @var Request */ + var $_stageId; + /** * Constructor * @param $request PKPRequest * @param $anyStep boolean true if the requested submission is assigned * to any workflow step for the requested submission. */ - function WorkflowSubmissionAssignmentPolicy(&$request) { + function WorkflowSubmissionAssignmentPolicy(&$request, $stageId) { $this->_request =& $request; + $this->_stageId =& $stageId; + parent::AuthorizationPolicy(); } @@ -39,31 +44,33 @@ function WorkflowSubmissionAssignmentPolicy(&$request) { * @see AuthorizationPolicy::effect() */ function effect() { - // FIXME: Implement when workflow submission assignments have been implemented, see #5557. - - // Retrieve the user. + // Get the user $user =& $this->_request->getUser(); - if (!is_a($user, 'User')) return AUTHORIZATION_DENY; + if (!is_a($user, 'PKPUser')) return AUTHORIZATION_DENY; - // Retrieve the authorized submission. - if (!$this->hasAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH)) return AUTHORIZATION_DENY; - $submission =& $this->getAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH); + // Get the press + $router =& $this->_request->getRouter(); + $press =& $router->getContext($this->_request); + if (!is_a($press, 'Press')) return AUTHORIZATION_DENY; - // Retrieve the authorized user group. - if (!$this->hasAuthorizedContextObject(ASSOC_TYPE_USER_GROUP)) return AUTHORIZATION_DENY; - $userGroup =& $this->getAuthorizedContextObject(ASSOC_TYPE_USER_GROUP); + // Get the monograph + $monograph =& $this->getAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH); + if (!is_a($monograph, 'Monograph')) return AUTHORIZATION_DENY; - // Retrieve the workflow step from the request. - // FIXME. + // Get the monograph's current stage + if (!isset($this->_stageId)) return AUTHORIZATION_DENY; - // Deny access if no valid workflow step was found in the request. - // FIXME. + // Get the currently acting as user group ID + $userGroup = $this->getAuthorizedContextObject(ASSOC_TYPE_USER_GROUP); + if (!is_a($userGroup, 'UserGroup')) return AUTHORIZATION_DENY; - // Check whether the user is assigned to the submission in the current - // user group for the given workflow step. - // FIXME. + // Check whether the user is assigned to the submission in the current user group for the given workflow step. + $signoffDao =& DAORegistry::getDAO('SignoffDAO'); + if(!$signoffDao->signoffExists('SIGNOFF_STAGE', ASSOC_TYPE_MONOGRAPH, $monograph->getId(), $user->getId(), $this->_stageId, $userGroup->getId())) { + return AUTHORIZATION_DENY; + } - // Access has been authorized. + // Access has been authorized return AUTHORIZATION_PERMIT; } } diff --git a/controllers/grid/files/reviewAttachments/EditorReviewAttachmentsGridHandler.inc.php b/controllers/grid/files/reviewAttachments/EditorReviewAttachmentsGridHandler.inc.php index 7cbceb82522..72a595ea404 100644 --- a/controllers/grid/files/reviewAttachments/EditorReviewAttachmentsGridHandler.inc.php +++ b/controllers/grid/files/reviewAttachments/EditorReviewAttachmentsGridHandler.inc.php @@ -21,9 +21,8 @@ class EditorReviewAttachmentsGridHandler extends ReviewAttachmentsGridHandler { */ function EditorReviewAttachmentsGridHandler() { parent::ReviewAttachmentsGridHandler(); - // FIXME: #5600 - Authorize editors - //$this->addRoleAssignment(array(ROLE_ID_REVIEWER, ROLE_ID_PRESS_MANAGER, ROLE_ID_EDITOR), - // array('fetchGrid', 'addFile', 'editFile', 'saveFile', 'deleteFile', 'returnFileRow', 'downloadFile')); + $this->addRoleAssignment(array(ROLE_ID_PRESS_MANAGER), + array('fetchGrid', 'addFile', 'editFile', 'saveFile', 'deleteFile', 'returnFileRow', 'downloadFile')); } // @@ -33,11 +32,9 @@ function EditorReviewAttachmentsGridHandler() { * @see PKPHandler::authorize() */ function authorize(&$request, &$args, $roleAssignments) { - // FIXME: #5600 - Distribute access differently to reviewers and editor roles - /*import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); + import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments)); - return parent::authorize($request, $args, $roleAssignments);*/ - return true; + return parent::authorize($request, $args, $roleAssignments, WORKFLOW_STAGE_ID_INTERNAL_REVIEW); } /* diff --git a/controllers/grid/files/reviewAttachments/ReviewAttachmentsGridHandler.inc.php b/controllers/grid/files/reviewAttachments/ReviewAttachmentsGridHandler.inc.php index 763be6a0c18..13b29c5160f 100644 --- a/controllers/grid/files/reviewAttachments/ReviewAttachmentsGridHandler.inc.php +++ b/controllers/grid/files/reviewAttachments/ReviewAttachmentsGridHandler.inc.php @@ -24,9 +24,6 @@ class ReviewAttachmentsGridHandler extends GridHandler { */ function ReviewAttachmentsGridHandler() { parent::GridHandler(); - // FIXME: #5600 - Distribute access differently to reviewers and editor roles - //$this->addRoleAssignment(array(ROLE_ID_REVIEWER, ROLE_ID_PRESS_MANAGER, ROLE_ID_EDITOR), - // array('fetchGrid', 'addFile', 'editFile', 'saveFile', 'deleteFile', 'returnFileRow', 'downloadFile')); } // @@ -55,11 +52,9 @@ function getReadOnly() { * @see PKPHandler::authorize() */ function authorize(&$request, &$args, $roleAssignments) { - // FIXME: #5600 - Distribute access differently to reviewers and editor roles - /*import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); - $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments)); - return parent::authorize($request, $args, $roleAssignments);*/ - return true; + import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); + $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, WORKFLOW_STAGE_ID_INTERNAL_REVIEW)); + return parent::authorize($request, $args, $roleAssignments); } /* diff --git a/controllers/grid/files/reviewAttachments/ReviewerReviewAttachmentsGridHandler.inc.php b/controllers/grid/files/reviewAttachments/ReviewerReviewAttachmentsGridHandler.inc.php index ffb61b65947..d4699ea6c2d 100644 --- a/controllers/grid/files/reviewAttachments/ReviewerReviewAttachmentsGridHandler.inc.php +++ b/controllers/grid/files/reviewAttachments/ReviewerReviewAttachmentsGridHandler.inc.php @@ -21,9 +21,8 @@ class ReviewerReviewAttachmentsGridHandler extends ReviewAttachmentsGridHandler */ function ReviewerReviewAttachmentsGridHandler() { parent::ReviewAttachmentsGridHandler(); - // FIXME: #5600 - Distribute access differently to reviewers and editor roles - //$this->addRoleAssignment(array(ROLE_ID_REVIEWER, ROLE_ID_PRESS_MANAGER, ROLE_ID_EDITOR), - // array('fetchGrid', 'addFile', 'editFile', 'saveFile', 'deleteFile', 'returnFileRow', 'downloadFile')); + $this->addRoleAssignment(array(ROLE_ID_REVIEWER), + array('fetchGrid', 'addFile', 'editFile', 'saveFile', 'deleteFile', 'returnFileRow', 'downloadFile')); } // @@ -33,11 +32,9 @@ function ReviewerReviewAttachmentsGridHandler() { * @see PKPHandler::authorize() */ function authorize(&$request, &$args, $roleAssignments) { - // FIXME: #5600 - Distribute access differently to reviewers and editor roles - /*import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); - $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments)); - return parent::authorize($request, $args, $roleAssignments);*/ - return true; + import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); + $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, WORKFLOW_STAGE_ID_INTERNAL_REVIEW)); + return parent::authorize($request, $args, $roleAssignments); } /* diff --git a/controllers/grid/files/reviewFiles/ReviewFilesGridHandler.inc.php b/controllers/grid/files/reviewFiles/ReviewFilesGridHandler.inc.php index 5a79b13d4a7..1b2c26e48c0 100644 --- a/controllers/grid/files/reviewFiles/ReviewFilesGridHandler.inc.php +++ b/controllers/grid/files/reviewFiles/ReviewFilesGridHandler.inc.php @@ -32,7 +32,7 @@ class ReviewFilesGridHandler extends GridHandler { */ function ReviewFilesGridHandler() { parent::GridHandler(); - // FIXME: Please correctly distribute the operations among roles. + $this->addRoleAssignment(ROLE_ID_AUTHOR, $authorOperations = array()); $this->addRoleAssignment(ROLE_ID_PRESS_ASSISTANT, @@ -102,11 +102,10 @@ function getShowRoleColumns() { * @see PKPHandler::authorize() */ function authorize(&$request, &$args, $roleAssignments) { - // FIXME: #5600 - Distribute access differently to reviewers and editor roles - /*import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); - $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments)); - return parent::authorize($request, $args, $roleAssignments);*/ - return true; + $stageId = $request->getUserVar('stageId'); + import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); + $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, $stageId)); + return parent::authorize($request, $args, $roleAssignments); } /* diff --git a/controllers/grid/files/revisions/RevisionsGridHandler.inc.php b/controllers/grid/files/revisions/RevisionsGridHandler.inc.php index c06a9d7842e..ad0978d5680 100644 --- a/controllers/grid/files/revisions/RevisionsGridHandler.inc.php +++ b/controllers/grid/files/revisions/RevisionsGridHandler.inc.php @@ -102,7 +102,7 @@ function getShowRoleColumns() { */ function authorize(&$request, &$args, $roleAssignments) { import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); - $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments)); + $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, WORKFLOW_STAGE_ID_INTERNAL_REVIEW)); return parent::authorize($request, $args, $roleAssignments); } diff --git a/controllers/grid/files/submissionFiles/SubmissionFilesGridRow.inc.php b/controllers/grid/files/submissionFiles/SubmissionFilesGridRow.inc.php index f6e97b3d7e0..da42332ddf4 100644 --- a/controllers/grid/files/submissionFiles/SubmissionFilesGridRow.inc.php +++ b/controllers/grid/files/submissionFiles/SubmissionFilesGridRow.inc.php @@ -41,6 +41,8 @@ function initialize(&$request) { $monographFileDao =& DAORegistry::getDAO('MonographFileDAO'); $monographFile =& $monographFileDao->getMonographFile($rowId); $monographId = $monographFile->getMonographId(); + $monographDao =& DAORegistry::getDAO('MonographDAO'); + $monograph =& $monographDao->getMonograph($monographId); if (!empty($rowId) && is_numeric($rowId)) { // Actions @@ -48,7 +50,7 @@ function initialize(&$request) { $actionArgs = array( 'gridId' => $this->getGridId(), 'fileId' => $rowId, - 'monographId' => $monographId + 'monographId' => $monographId, ); $this->addAction( @@ -67,7 +69,7 @@ function initialize(&$request) { 'moreInfo', LINK_ACTION_MODE_MODAL, LINK_ACTION_TYPE_NOTHING, - $router->url($request, null, 'informationCenter.FileInformationCenterHandler', 'viewInformationCenter', null, array('monographId' => $monographId, 'itemId' => $rowId)), + $router->url($request, null, 'informationCenter.FileInformationCenterHandler', 'viewInformationCenter', null, array('monographId' => $monographId, 'itemId' => $rowId, 'stageId' => $monograph->getCurrentStageId())), 'grid.action.moreInformation', null, 'more_info' diff --git a/controllers/grid/files/submissionFiles/SubmissionReviewFilesGridHandler.inc.php b/controllers/grid/files/submissionFiles/SubmissionReviewFilesGridHandler.inc.php index 956eb41dbb5..c4449718f16 100644 --- a/controllers/grid/files/submissionFiles/SubmissionReviewFilesGridHandler.inc.php +++ b/controllers/grid/files/submissionFiles/SubmissionReviewFilesGridHandler.inc.php @@ -38,7 +38,7 @@ function SubmissionReviewFilesGridHandler() { */ function authorize(&$request, &$args, $roleAssignments) { import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); - $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments)); + $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, WORKFLOW_STAGE_ID_INTERNAL_REVIEW)); return parent::authorize($request, $args, $roleAssignments); } diff --git a/controllers/grid/submissions/author/AuthorSubmissionsListGridRow.inc.php b/controllers/grid/submissions/author/AuthorSubmissionsListGridRow.inc.php index 010256fe6d1..beab88ed06c 100644 --- a/controllers/grid/submissions/author/AuthorSubmissionsListGridRow.inc.php +++ b/controllers/grid/submissions/author/AuthorSubmissionsListGridRow.inc.php @@ -44,6 +44,9 @@ function initialize(&$request) { 'monographId' => $rowId, ); + $monographDao =& DAORegistry::getDAO('MonographDAO'); + $monograph =& $monographDao->getMonograph($rowId); + $this->addAction( new LinkAction( 'deleteSubmission', @@ -62,7 +65,7 @@ function initialize(&$request) { 'moreInfo', LINK_ACTION_MODE_MODAL, LINK_ACTION_TYPE_NOTHING, - $router->url($request, null, 'informationCenter.SubmissionInformationCenterHandler', 'viewInformationCenter', null, array('monographId' => $rowId, 'itemId' => $rowId)), + $router->url($request, null, 'informationCenter.SubmissionInformationCenterHandler', 'viewInformationCenter', null, array('monographId' => $rowId, 'itemId' => $rowId, 'stageId' => $monograph->getCurrentStageId())), 'grid.action.moreInformation', null, 'more_info' diff --git a/controllers/grid/submissions/pressEditor/PressEditorSubmissionsListGridRow.inc.php b/controllers/grid/submissions/pressEditor/PressEditorSubmissionsListGridRow.inc.php index 807274aa4f6..4eb23e9ad87 100644 --- a/controllers/grid/submissions/pressEditor/PressEditorSubmissionsListGridRow.inc.php +++ b/controllers/grid/submissions/pressEditor/PressEditorSubmissionsListGridRow.inc.php @@ -50,6 +50,10 @@ function initialize(&$request) { 'reviewType' => $monograph->getCurrentReviewType(), 'round' => $monograph->getCurrentRound() ); + + $monographDao =& DAORegistry::getDAO('MonographDAO'); + $monograph =& $monographDao->getMonograph($rowId); + $actionArgs['decision'] = SUBMISSION_EDITOR_DECISION_ACCEPT; $this->addAction( new LinkAction( @@ -78,7 +82,7 @@ function initialize(&$request) { 'moreInfo', LINK_ACTION_MODE_MODAL, LINK_ACTION_TYPE_NOTHING, - $router->url($request, null, 'informationCenter.SubmissionInformationCenterHandler', 'viewInformationCenter', null, array('monographId' => $rowId, 'itemId' => $rowId)), + $router->url($request, null, 'informationCenter.SubmissionInformationCenterHandler', 'viewInformationCenter', null, array('monographId' => $rowId, 'itemId' => $rowId, 'monographId' => $monograph->getCurrentStageId())), 'grid.action.moreInformation', null, 'more_info' diff --git a/controllers/grid/users/reviewer/ReviewerGridHandler.inc.php b/controllers/grid/users/reviewer/ReviewerGridHandler.inc.php index 848c4e581b3..76b4ad26d85 100644 --- a/controllers/grid/users/reviewer/ReviewerGridHandler.inc.php +++ b/controllers/grid/users/reviewer/ReviewerGridHandler.inc.php @@ -61,7 +61,7 @@ function &getSubmission() { */ function authorize(&$request, &$args, $roleAssignments) { import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); - $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments)); + $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, WORKFLOW_STAGE_ID_INTERNAL_REVIEW)); return parent::authorize($request, $args, $roleAssignments); } diff --git a/controllers/grid/users/reviewerSelect/ReviewerSelectGridHandler.inc.php b/controllers/grid/users/reviewerSelect/ReviewerSelectGridHandler.inc.php index fe17114e74e..fc0c2ad2d3a 100644 --- a/controllers/grid/users/reviewerSelect/ReviewerSelectGridHandler.inc.php +++ b/controllers/grid/users/reviewerSelect/ReviewerSelectGridHandler.inc.php @@ -43,7 +43,7 @@ function ReviewerSelectGridHandler() { */ function authorize(&$request, &$args, $roleAssignments) { import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); - $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments)); + $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, WORKFLOW_STAGE_ID_INTERNAL_REVIEW)); return parent::authorize($request, $args, $roleAssignments); } diff --git a/controllers/grid/users/stageParticipant/StageParticipantGridHandler.inc.php b/controllers/grid/users/stageParticipant/StageParticipantGridHandler.inc.php index 69308d60146..b07b22e28a8 100644 --- a/controllers/grid/users/stageParticipant/StageParticipantGridHandler.inc.php +++ b/controllers/grid/users/stageParticipant/StageParticipantGridHandler.inc.php @@ -30,7 +30,7 @@ class StageParticipantGridHandler extends GridHandler { function StageParticipantGridHandler() { parent::GridHandler(); $this->addRoleAssignment( - array(ROLE_ID_AUTHOR, ROLE_ID_SERIES_EDITOR, ROLE_ID_PRESS_MANAGER), + array(ROLE_ID_AUTHOR, ROLE_ID_PRESS_ASSISTANT, ROLE_ID_SERIES_EDITOR, ROLE_ID_PRESS_MANAGER), array('fetchGrid', 'addStageParticipant', 'editStageParticipant', 'saveStageParticipant', 'deleteStageParticipant')); } @@ -55,8 +55,9 @@ function &getMonograph() { * @see PKPHandler::authorize() */ function authorize(&$request, &$args, $roleAssignments) { + $stageId = $request->getUserVar('stageId'); import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); - $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments)); + $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, 'monographId', $stageId)); return parent::authorize($request, $args, $roleAssignments); } @@ -88,7 +89,7 @@ function initialize(&$request) { // Grid actions $router =& $request->getRouter(); - $actionArgs = array('monographId' => $monographId); + $actionArgs = array('monographId' => $monographId, 'stageId' => $monograph->getCurrentStageId()); $this->addAction( new LinkAction( 'addStageParticipant', diff --git a/controllers/grid/users/stageParticipant/form/StageParticipantForm.inc.php b/controllers/grid/users/stageParticipant/form/StageParticipantForm.inc.php index a03b88636c5..27a0173ffea 100644 --- a/controllers/grid/users/stageParticipant/form/StageParticipantForm.inc.php +++ b/controllers/grid/users/stageParticipant/form/StageParticipantForm.inc.php @@ -82,6 +82,7 @@ function fetch($request) { } $templateMgr->assign('firstUserGroupId', key($userGroupOptions)); // Get the key of the first option to use for the pre-loaded listbuilder $templateMgr->assign('userGroupOptions', $userGroupOptions); + $templateMgr->assign('stageId', $stageId); $templateMgr->assign('monographId', $this->getMonographId()); diff --git a/controllers/informationCenter/InformationCenterHandler.inc.php b/controllers/informationCenter/InformationCenterHandler.inc.php index cb949f8fd39..774346ba92c 100644 --- a/controllers/informationCenter/InformationCenterHandler.inc.php +++ b/controllers/informationCenter/InformationCenterHandler.inc.php @@ -37,8 +37,9 @@ function InformationCenterHandler() { * @see PKPHandler::authorize() */ function authorize(&$request, &$args, $roleAssignments) { + $stageId = $request->getUserVar('stageId'); import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); - $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments)); + $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, $stageId)); return parent::authorize($request, $args, $roleAssignments); } diff --git a/controllers/listbuilder/users/NotifyUsersListbuilderHandler.inc.php b/controllers/listbuilder/users/NotifyUsersListbuilderHandler.inc.php index 485bd2d5516..407a36932ec 100644 --- a/controllers/listbuilder/users/NotifyUsersListbuilderHandler.inc.php +++ b/controllers/listbuilder/users/NotifyUsersListbuilderHandler.inc.php @@ -31,8 +31,9 @@ function NotifyUsersListbuilderHandler() { * @see PKPHandler::authorize() */ function authorize(&$request, &$args, $roleAssignments) { + $stageId = $request->getUserVar('stageId'); import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); - $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments)); + $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, $stageId)); return parent::authorize($request, $args, $roleAssignments); } diff --git a/controllers/listbuilder/users/StageParticipantListbuilderHandler.inc.php b/controllers/listbuilder/users/StageParticipantListbuilderHandler.inc.php index 39c39f29e7a..59a5d36fa1e 100644 --- a/controllers/listbuilder/users/StageParticipantListbuilderHandler.inc.php +++ b/controllers/listbuilder/users/StageParticipantListbuilderHandler.inc.php @@ -21,7 +21,7 @@ class StageParticipantListbuilderHandler extends ListbuilderHandler { function StageParticipantListbuilderHandler() { parent::ListbuilderHandler(); $this->addRoleAssignment( - array(ROLE_ID_AUTHOR, ROLE_ID_SERIES_EDITOR, ROLE_ID_PRESS_MANAGER), + array(ROLE_ID_AUTHOR, ROLE_ID_PRESS_ASSISTANT, ROLE_ID_SERIES_EDITOR, ROLE_ID_PRESS_MANAGER), array('fetch', 'addItem', 'deleteItems')); } @@ -33,8 +33,9 @@ function StageParticipantListbuilderHandler() { * @see PKPHandler::authorize() */ function authorize(&$request, &$args, $roleAssignments) { - import('classes.security.authorization.OmpSubmissionWizardMonographPolicy'); - $this->addPolicy(new OmpSubmissionWizardMonographPolicy($request, $args, $roleAssignments)); + $stageId = $request->getUserVar('stageId'); + import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); + $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, 'monographId', $stageId)); return parent::authorize($request, $args, $roleAssignments); } diff --git a/controllers/modals/editorDecision/EditorDecisionHandler.inc.php b/controllers/modals/editorDecision/EditorDecisionHandler.inc.php index 15b82c6c410..6a27cf6e8d3 100644 --- a/controllers/modals/editorDecision/EditorDecisionHandler.inc.php +++ b/controllers/modals/editorDecision/EditorDecisionHandler.inc.php @@ -41,7 +41,7 @@ function EditorDecisionHandler() { */ function authorize(&$request, &$args, $roleAssignments) { import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); - $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments)); + $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, WORKFLOW_STAGE_ID_INTERNAL_REVIEW)); return parent::authorize($request, $args, $roleAssignments); } diff --git a/controllers/reviewerSelector/ReviewerSelectorHandler.inc.php b/controllers/reviewerSelector/ReviewerSelectorHandler.inc.php old mode 100755 new mode 100644 index 90f0a0bc040..a9946cd183a --- a/controllers/reviewerSelector/ReviewerSelectorHandler.inc.php +++ b/controllers/reviewerSelector/ReviewerSelectorHandler.inc.php @@ -42,7 +42,7 @@ function ReviewerSelectorHandler() { */ function authorize(&$request, &$args, $roleAssignments) { import('classes.security.authorization.OmpWorkflowStageAccessPolicy'); - $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments)); + $this->addPolicy(new OmpWorkflowStageAccessPolicy($request, $args, $roleAssignments, WORKFLOW_STAGE_INTERNAL_REVIEW)); return parent::authorize($request, $args, $roleAssignments); } diff --git a/dbscripts/xml/omp_schema.xml b/dbscripts/xml/omp_schema.xml index 90fa77e3b80..be9e29e3ad2 100755 --- a/dbscripts/xml/omp_schema.xml +++ b/dbscripts/xml/omp_schema.xml @@ -351,7 +351,7 @@ - + diff --git a/templates/controllers/grid/files/reviewFiles/manageReviewFiles.tpl b/templates/controllers/grid/files/reviewFiles/manageReviewFiles.tpl index 67d0524c466..545491844d0 100644 --- a/templates/controllers/grid/files/reviewFiles/manageReviewFiles.tpl +++ b/templates/controllers/grid/files/reviewFiles/manageReviewFiles.tpl @@ -26,7 +26,7 @@ - {url|assign:availableReviewFilesGridUrl router=$smarty.const.ROUTE_COMPONENT component="grid.files.reviewFiles.ReviewFilesGridHandler" op="fetchGrid" isSelectable=1 canUpload=1 monographId=$monographId reviewType=$reviewType round=$round escape=false} + {url|assign:availableReviewFilesGridUrl router=$smarty.const.ROUTE_COMPONENT component="grid.files.reviewFiles.ReviewFilesGridHandler" stageId=$smarty.const.WORKFLOW_STAGE_ID_INTERNAL_REVIEW op="fetchGrid" isSelectable=1 canUpload=1 monographId=$monographId reviewType=$reviewType round=$round escape=false} {load_url_in_div id="availableReviewFilesGrid" url=$availableReviewFilesGridUrl} diff --git a/templates/controllers/grid/files/submissionFiles/form/reviewFileSubmissionComplete.tpl b/templates/controllers/grid/files/submissionFiles/form/reviewFileSubmissionComplete.tpl index 82a7566fd56..b76fbca1102 100644 --- a/templates/controllers/grid/files/submissionFiles/form/reviewFileSubmissionComplete.tpl +++ b/templates/controllers/grid/files/submissionFiles/form/reviewFileSubmissionComplete.tpl @@ -35,7 +35,7 @@

{translate key="submission.submit.fileAdded"}




-
+



diff --git a/templates/controllers/grid/users/stageParticipant/form/stageParticipantForm.tpl b/templates/controllers/grid/users/stageParticipant/form/stageParticipantForm.tpl index 03b8093ab09..ab9179f077b 100644 --- a/templates/controllers/grid/users/stageParticipant/form/stageParticipantForm.tpl +++ b/templates/controllers/grid/users/stageParticipant/form/stageParticipantForm.tpl @@ -41,8 +41,8 @@

{translate key="submission.submit.addStageParticipant.description"}

{fbvSelect name="userGroupId" id="userGroupId" from=$userGroupOptions translate=false} -{** FIXME: STATIC USERGROUPID -- pass in first option's id **} - {url|assign:submissionParticipantsUrl router=$smarty.const.ROUTE_COMPONENT component="listbuilder.users.StageParticipantListbuilderHandler" op="fetch" userGroupId=$firstUserGroupId monographId=$monographId escape=false} + + {url|assign:submissionParticipantsUrl router=$smarty.const.ROUTE_COMPONENT component="listbuilder.users.StageParticipantListbuilderHandler" op="fetch" userGroupId=$firstUserGroupId monographId=$monographId stageId=$stageId escape=false} {load_url_in_div id="submissionParticipantsContainer" url=$submissionParticipantsUrl} {if $monographId} diff --git a/templates/controllers/modals/editorDecision/form/initiateReviewForm.tpl b/templates/controllers/modals/editorDecision/form/initiateReviewForm.tpl index c42aa89570e..699c27be842 100644 --- a/templates/controllers/modals/editorDecision/form/initiateReviewForm.tpl +++ b/templates/controllers/modals/editorDecision/form/initiateReviewForm.tpl @@ -17,7 +17,7 @@ - {url|assign:availableReviewFilesGridUrl router=$smarty.const.ROUTE_COMPONENT component="grid.files.reviewFiles.ReviewFilesGridHandler" op="fetchGrid" isSelectable=1 canUpload=1 monographId=$monographId reviewType=$reviewType round=$round escape=false} + {url|assign:availableReviewFilesGridUrl router=$smarty.const.ROUTE_COMPONENT component="grid.files.reviewFiles.ReviewFilesGridHandler" stageId=$smarty.const.WORKFLOW_STAGE_ID_SUBMISSION op="fetchGrid" isSelectable=1 canUpload=1 monographId=$monographId reviewType=$reviewType round=$round escape=false} {load_url_in_div id="availableReviewFilesGrid" url=$availableReviewFilesGridUrl} diff --git a/templates/reviewer/review/step3.tpl b/templates/reviewer/review/step3.tpl index a1e9d88a667..7acc222366a 100644 --- a/templates/reviewer/review/step3.tpl +++ b/templates/reviewer/review/step3.tpl @@ -19,7 +19,7 @@ {include file="common/formErrors.tpl"} {** FIXME: need to set escape=false due to bug 5265 *} -{url|assign:reviewFilesGridUrl router=$smarty.const.ROUTE_COMPONENT component="grid.files.reviewFiles.ReviewFilesGridHandler" op="fetchGrid" monographId=$submission->getId() reviewType=$submission->getCurrentReviewType() round=$submission->getCurrentRound() escape=false} +{url|assign:reviewFilesGridUrl router=$smarty.const.ROUTE_COMPONENT component="grid.files.reviewFiles.ReviewFilesGridHandler" op="fetchGrid" monographId=$submission->getId() stageId=$smarty.const.WORKFLOW_STAGE_ID_SUBMISSION reviewType=$submission->getCurrentReviewType() round=$submission->getCurrentRound() escape=false} {load_url_in_div id="reviewFiles" url=$reviewFilesGridUrl} diff --git a/templates/seriesEditor/showReviewers.tpl b/templates/seriesEditor/showReviewers.tpl index 48da6d650a5..97b54888b4d 100644 --- a/templates/seriesEditor/showReviewers.tpl +++ b/templates/seriesEditor/showReviewers.tpl @@ -40,7 +40,7 @@ {/if} {** FIXME: need to set escape=false due to bug 5265 *} -{url|assign:reviewFileSelectionGridUrl router=$smarty.const.ROUTE_COMPONENT component="grid.files.reviewFiles.ReviewFilesGridHandler" op="fetchGrid" monographId=$monographId reviewType=$currentReviewType round=$selectedRound canAdd=1 escape=false} +{url|assign:reviewFileSelectionGridUrl router=$smarty.const.ROUTE_COMPONENT component="grid.files.reviewFiles.ReviewFilesGridHandler" op="fetchGrid" stageId=$smarty.const.WORKFLOW_STAGE_ID_INTERNAL_REVIEW monographId=$monographId reviewType=$currentReviewType round=$selectedRound canAdd=1 escape=false} {load_url_in_div id="reviewFileSelection" url=$reviewFileSelectionGridUrl}
diff --git a/templates/submission/header.tpl b/templates/submission/header.tpl index 7ab7dc12ab6..25c04def6ac 100644 --- a/templates/submission/header.tpl +++ b/templates/submission/header.tpl @@ -54,7 +54,7 @@ **}
- {url|assign:stageParticipantGridUrl router=$smarty.const.ROUTE_COMPONENT component="grid.users.stageParticipant.StageParticipantGridHandler" op="fetchGrid" monographId=$monograph->getId()} + {url|assign:stageParticipantGridUrl router=$smarty.const.ROUTE_COMPONENT component="grid.users.stageParticipant.StageParticipantGridHandler" op="fetchGrid" monographId=$monograph->getId() stageId=$monograph->getCurrentStageId() escape=false} {load_url_in_div id="stageParticipantGridContainer" url="$stageParticipantGridUrl"}