File indexing completed on 2025-05-25 05:30:41 

0001 <?php
0002 
0003 /**
0004  *  ocs-webserver
0005  *
0006  *  Copyright 2016 by pling GmbH.
0007  *
0008  *    This file is part of ocs-webserver.
0009  *
0010  *    This program is free software: you can redistribute it and/or modify
0011  *    it under the terms of the GNU Affero General Public License as
0012  *    published by the Free Software Foundation, either version 3 of the
0013  *    License, or (at your option) any later version.
0014  *
0015  *    This program is distributed in the hope that it will be useful,
0016  *    but WITHOUT ANY WARRANTY; without even the implied warranty of
0017  *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
0018  *    GNU Affero General Public License for more details.
0019  *
0020  *    You should have received a copy of the GNU Affero General Public License
0021  *    along with this program.  If not, see <http://www.gnu.org/licenses/>.
0022  **/
0023 class Default_Plugin_Acl_IsOwnerAssertion implements Zend_Acl_Assert_Interface
0024 {
0025 
0026     const NO_OWNER = false;
0027 
0028     /**
0029      * Returns true if and only if the assertion conditions are met.
0030      *
0031      * This method get passed the ACL, Role, Resource, and privilege to which the authorization query applies.
0032      * If the $role, $resource, or $privilege parameters are null, it means that the query applies to all Roles,
0033      * Resources or privileges.
0034      *
0035      * @param  Zend_Acl $acl
0036      * @param  Zend_Acl_Role_Interface $role
0037      * @param  Zend_Acl_Resource_Interface $resource
0038      * @param  string $privilege
0039      * @return boolean
0040      */
0041     public function assert(
0042         Zend_Acl $acl,
0043         Zend_Acl_Role_Interface $role = null,
0044         Zend_Acl_Resource_Interface $resource = null,
0045         $privilege = null
0046     ) {
0047         $auth = Zend_Auth::getInstance();
0048 
0049         if (!$auth->hasIdentity()) {
0050             return self::NO_OWNER;
0051         }
0052 
0053         $identity = $auth->getIdentity();
0054 
0055         $member_id = Zend_Controller_Front::getInstance()->getRequest()->getParam('member_id');
0056 
0057         $result = ($member_id == $identity->member_id);
0058         return $result;
0059     }
0060 
0061 }