Bug #24669 » 12307_core_v3.diff
t3lib/class.t3lib_userauthgroup.php (Arbeitskopie) | ||
---|---|---|
* @return boolean TRUE if user is allowed access
|
||
*/
|
||
function workspaceCheckStageForCurrent($stage) {
|
||
$stage = intval($stage);
|
||
if ($this->isAdmin()) {
|
||
return TRUE;
|
||
}
|
||
... | ... | |
// Check if custom staging is activated
|
||
$workspaceRec = t3lib_BEfunc::getRecord('sys_workspace', $stat['uid']);
|
||
if ($workspaceRec['custom_stages'] > 0 && $stage !== '0' && $stage !== '-10') {
|
||
if ($workspaceRec['custom_stages'] > 0 && $stage !== 0 && $stage !== '-10') {
|
||
// Get custom stage record
|
||
$workspaceStageRec = t3lib_BEfunc::getRecord('sys_workspace_stage', $stage);
|
||
... | ... | |
if ((t3lib_div::inList($workspaceStageRec['responsible_persons'], 'be_users_' . $this->user['uid'])
|
||
&& $stat['_ACCESS'] === 'member')
|
||
|| $stat['_ACCESS'] === 'owner') {
|
||
return TRUE; // OK for these criteria
|
||
return TRUE;
|
||
}
|
||
// Check if the user is in a group which is responsible for the current stage
|
||
... | ... | |
if ((t3lib_div::inList($workspaceStageRec['responsible_persons'], 'be_groups_' . $groupUid)
|
||
&& $stat['_ACCESS'] === 'member')
|
||
|| $stat['_ACCESS'] === 'owner') {
|
||
return TRUE; // OK for these criteria
|
||
return TRUE;
|
||
}
|
||
}
|
||
// only owner is allowed to change records which are "ready to publish"
|
||
} elseif ($stage == '-10' || $stage == '-20') {
|
||
if ($stat['_ACCESS'] === 'owner') {
|
||
return TRUE;
|
||
} else {
|
||
return FALSE;
|
||
}
|
||
} else {
|
||
$memberStageLimit = $this->workspaceRec['review_stage_edit'] ? 1 : 0;
|
||
if (($stage <= $memberStageLimit && $stat['_ACCESS'] === 'member')
|
||
|| ($stage <= 1 && $stat['_ACCESS'] === 'reviewer')
|
||
|| $stat['_ACCESS'] === 'owner') {
|
||
return TRUE; // OK for these criteria
|
||
return TRUE;
|
||
}
|
||
}
|
||
} else {
|