Bug #12307 » 12307_core_v3.diff
| t3lib/class.t3lib_userauthgroup.php (Arbeitskopie) | ||
|---|---|---|
|
* @return boolean TRUE if user is allowed access
|
||
|
*/
|
||
|
function workspaceCheckStageForCurrent($stage) {
|
||
|
$stage = intval($stage);
|
||
|
if ($this->isAdmin()) {
|
||
|
return TRUE;
|
||
|
}
|
||
| ... | ... | |
|
// Check if custom staging is activated
|
||
|
$workspaceRec = t3lib_BEfunc::getRecord('sys_workspace', $stat['uid']);
|
||
|
if ($workspaceRec['custom_stages'] > 0 && $stage !== '0' && $stage !== '-10') {
|
||
|
if ($workspaceRec['custom_stages'] > 0 && $stage !== 0 && $stage !== '-10') {
|
||
|
// Get custom stage record
|
||
|
$workspaceStageRec = t3lib_BEfunc::getRecord('sys_workspace_stage', $stage);
|
||
| ... | ... | |
|
if ((t3lib_div::inList($workspaceStageRec['responsible_persons'], 'be_users_' . $this->user['uid'])
|
||
|
&& $stat['_ACCESS'] === 'member')
|
||
|
|| $stat['_ACCESS'] === 'owner') {
|
||
|
return TRUE; // OK for these criteria
|
||
|
return TRUE;
|
||
|
}
|
||
|
// Check if the user is in a group which is responsible for the current stage
|
||
| ... | ... | |
|
if ((t3lib_div::inList($workspaceStageRec['responsible_persons'], 'be_groups_' . $groupUid)
|
||
|
&& $stat['_ACCESS'] === 'member')
|
||
|
|| $stat['_ACCESS'] === 'owner') {
|
||
|
return TRUE; // OK for these criteria
|
||
|
return TRUE;
|
||
|
}
|
||
|
}
|
||
|
// only owner is allowed to change records which are "ready to publish"
|
||
|
} elseif ($stage == '-10' || $stage == '-20') {
|
||
|
if ($stat['_ACCESS'] === 'owner') {
|
||
|
return TRUE;
|
||
|
} else {
|
||
|
return FALSE;
|
||
|
}
|
||
|
} else {
|
||
|
$memberStageLimit = $this->workspaceRec['review_stage_edit'] ? 1 : 0;
|
||
|
if (($stage <= $memberStageLimit && $stat['_ACCESS'] === 'member')
|
||
|
|| ($stage <= 1 && $stat['_ACCESS'] === 'reviewer')
|
||
|
|| $stat['_ACCESS'] === 'owner') {
|
||
|
return TRUE; // OK for these criteria
|
||
|
return TRUE;
|
||
|
}
|
||
|
}
|
||
|
} else {
|
||