138 lines
3.6 KiB
JavaScript
138 lines
3.6 KiB
JavaScript
/**
|
|
* permission check (called by hopobject.onRequest())
|
|
* @param String name of action
|
|
* @param Obj User object
|
|
* @param Int Membership level
|
|
* @return Obj Exception object or null
|
|
*/
|
|
function checkAccess(action, usr, level) {
|
|
var url = this.members.href("login");
|
|
try {
|
|
switch (action) {
|
|
case "main" :
|
|
if (!this.online)
|
|
checkIfLoggedIn();
|
|
url = root.href();
|
|
this.checkView(usr, level);
|
|
break;
|
|
case "edit" :
|
|
checkIfLoggedIn();
|
|
url = this.href();
|
|
this.checkEdit(usr, level);
|
|
break;
|
|
case "delete" :
|
|
checkIfLoggedIn();
|
|
url = this.href();
|
|
this.checkView(usr, level);
|
|
break;
|
|
case "getfile" :
|
|
if (!this.online)
|
|
checkIfLoggedIn();
|
|
url = root.href();
|
|
this.checkView(usr, level);
|
|
break;
|
|
case "mostread" :
|
|
if (!this.online)
|
|
checkIfLoggedIn();
|
|
url = root.href();
|
|
this.checkView(usr, level);
|
|
break;
|
|
case "referrers" :
|
|
if (!this.online)
|
|
checkIfLoggedIn();
|
|
url = root.href();
|
|
this.checkView(usr, level);
|
|
break;
|
|
case "search" :
|
|
if (!this.online)
|
|
checkIfLoggedIn();
|
|
url = root.href();
|
|
this.checkView(usr, level);
|
|
break;
|
|
case "subscribe" :
|
|
checkIfLoggedIn();
|
|
this.checkSubscribe(usr, level);
|
|
break;
|
|
case "unsubscribe" :
|
|
checkIfLoggedIn();
|
|
this.checkUnsubscribe(usr, level);
|
|
break;
|
|
}
|
|
} catch (deny) {
|
|
res.message = deny.toString();
|
|
res.redirect(url);
|
|
}
|
|
return;
|
|
}
|
|
|
|
|
|
/**
|
|
* check if a user is allowed to view a site
|
|
* @param Obj Userobject
|
|
* @param Int Permission-Level
|
|
*/
|
|
function checkView(usr, level) {
|
|
if (!this.online) {
|
|
// if not logged in or not logged in with sufficient permissions
|
|
if (!usr || (level < CONTRIBUTOR && !usr.sysadmin))
|
|
throw new DenyException("siteView");
|
|
}
|
|
return;
|
|
}
|
|
|
|
|
|
/**
|
|
* check if user is allowed to edit the preferences of this site
|
|
* @param Obj Userobject
|
|
* @param Int Permission-Level
|
|
* @return String Reason for denial (or null if allowed)
|
|
*/
|
|
function checkEdit(usr, level) {
|
|
if (!usr.sysadmin && (level & MAY_EDIT_PREFS) == 0)
|
|
throw new DenyException("siteEdit");
|
|
return null;
|
|
}
|
|
|
|
|
|
/**
|
|
* check if user is allowed to delete the site
|
|
* (only SysAdmins or the creator of a site are allowed to delete it!)
|
|
* @param Obj Userobject
|
|
* @return String Reason for denial (or null if allowed)
|
|
*/
|
|
function checkDelete(usr) {
|
|
if (!usr.sysadmin && usr != this.creator)
|
|
throw new DenyException("siteDelete");
|
|
return;
|
|
}
|
|
|
|
|
|
/**
|
|
* function checks if user is allowed to sign up
|
|
* @param Obj Userobject
|
|
* @param Int Permission-Level
|
|
* @return String Reason for denial (or null if allowed)
|
|
*/
|
|
function checkSubscribe(usr, level) {
|
|
if (level != null)
|
|
throw new Exception("subscriptionExist");
|
|
else if (!this.online)
|
|
throw new DenyException("siteView");
|
|
return;
|
|
}
|
|
|
|
|
|
/**
|
|
* check if user is allowed to unsubscribe
|
|
* @param Obj Userobject
|
|
* @return String Reason for denial (or null if allowed)
|
|
*/
|
|
function checkUnsubscribe(usr, level) {
|
|
if (level == null)
|
|
throw new Exception("subscriptionNoExist");
|
|
else if (level == ADMIN) {
|
|
// Admins are not allowed to remove a subscription
|
|
throw new DenyException("unsubscribe");
|
|
}
|
|
return;
|
|
}
|