Author: sevein
Date: Fri Dec 4 12:36:44 2009
New Revision: 4092
Log:
Add ACL check to digital object update action.
Modified:
trunk/apps/qubit/modules/digitalobject/actions/updateAction.class.php
Modified: trunk/apps/qubit/modules/digitalobject/actions/updateAction.class.php
==============================================================================
--- trunk/apps/qubit/modules/digitalobject/actions/updateAction.class.php
Fri Dec 4 12:33:38 2009 (r4091)
+++ trunk/apps/qubit/modules/digitalobject/actions/updateAction.class.php
Fri Dec 4 12:36:44 2009 (r4092)
@@ -33,7 +33,13 @@
$digitalObject =
QubitDigitalObject::getById($this->getRequestParameter('id'));
$this->forward404Unless($digitalObject);
- // set the digital object's attributes
+ // Check user authorization
+ if (!QubitAcl::check(QubitInformationObject::getRoot(),
QubitAclAction::UPDATE_ID))
+ {
+ QubitAcl::forwardUnauthorized();
+ }
+
+ // Set the digital object's attributes
$digitalObject->setUsageId($request->getParameter('usage_id'));
$digitalObject->setMediaTypeId($request->getParameter('media_type_id'));
--
You received this message because you are subscribed to the Google Groups
"Qubit Toolkit Commits" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/qubit-commits?hl=en.
