File indexing completed on 2025-05-25 05:30:41 

0001 <?php
0002 /**
0003  *  ocs-webserver
0004  *
0005  *  Copyright 2016 by pling GmbH.
0006  *
0007  *    This file is part of ocs-webserver.
0008  *
0009  *    This program is free software: you can redistribute it and/or modify
0010  *    it under the terms of the GNU Affero General Public License as
0011  *    published by the Free Software Foundation, either version 3 of the
0012  *    License, or (at your option) any later version.
0013  *
0014  *    This program is distributed in the hope that it will be useful,
0015  *    but WITHOUT ANY WARRANTY; without even the implied warranty of
0016  *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
0017  *    GNU Affero General Public License for more details.
0018  *
0019  *    You should have received a copy of the GNU Affero General Public License
0020  *    along with this program.  If not, see <http://www.gnu.org/licenses/>.
0021  **/
0022 class Default_Plugin_Acl_IsProjectOwnerAssertion implements Zend_Acl_Assert_Interface
0023 {
0024 
0025     const NO_OWNER = false;
0026 
0027     /**
0028      * Returns true if and only if the assertion conditions are met
0029      *
0030      * This method is passed the ACL, Role, Resource, and privilege to which the authorization query applies. If the
0031      * $role, $resource, or $privilege parameters are null, it means that the query applies to all Roles, Resources, or
0032      * privileges, respectively.
0033      *
0034      * @param  Zend_Acl $acl
0035      * @param  Zend_Acl_Role_Interface $role
0036      * @param  Zend_Acl_Resource_Interface $resource
0037      * @param  string $privilege
0038      * @return boolean
0039      */
0040     public function assert(
0041         Zend_Acl $acl,
0042         Zend_Acl_Role_Interface $role = null,
0043         Zend_Acl_Resource_Interface $resource = null,
0044         $privilege = null
0045     ) {
0046         $auth = Zend_Auth::getInstance();
0047 
0048         if (!$auth->hasIdentity()) {
0049             return self::NO_OWNER;
0050         }
0051 
0052         $identity = $auth->getIdentity();
0053 
0054         $project_id = Zend_Controller_Front::getInstance()->getRequest()->getParam('project_id');
0055 
0056         $result = array_key_exists($project_id, $identity->projects);
0057         return $result;
0058     }
0059 
0060 }