Rev 1205 | Rev 1267 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 1205 | Rev 1266 | ||
|---|---|---|---|
| Line 185... | Line 185... | ||
| 185 | if ($actionID == 'deleteAttachment') { |
185 | if ($actionID == 'deleteAttachment') { |
| 186 | _CheckParamExists($params, 'id'); |
186 | _CheckParamExists($params, 'id'); |
| 187 | $id = $params['id']; |
187 | $id = $params['id']; |
| 188 | $obj = OIDplusObject::parse($id); |
188 | $obj = OIDplusObject::parse($id); |
| 189 | if (!$obj) throw new OIDplusException(_L('Invalid object "%1"',$id)); |
189 | if (!$obj) throw new OIDplusException(_L('Invalid object "%1"',$id)); |
| 190 | if (!$obj->userHasWriteRights()) throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA of "%1" to upload an attachment.',$id)); |
190 | if (!$obj->userHasWriteRights()) throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA of "%1" to upload an attachment.',$id), null, 401); |
| 191 | 191 | ||
| 192 | if (!OIDplus::authUtils()->isAdminLoggedIn() && !$this->raMayDelete()) { |
192 | if (!OIDplus::authUtils()->isAdminLoggedIn() && !$this->raMayDelete()) { |
| 193 | throw new OIDplusException(_L('The administrator has disabled deleting attachments by RAs.')); |
193 | throw new OIDplusException(_L('The administrator has disabled deleting attachments by RAs.')); |
| 194 | } |
194 | } |
| 195 | 195 | ||
| Line 226... | Line 226... | ||
| 226 | } else if ($actionID == 'uploadAttachment') { |
226 | } else if ($actionID == 'uploadAttachment') { |
| 227 | _CheckParamExists($params, 'id'); |
227 | _CheckParamExists($params, 'id'); |
| 228 | $id = $params['id']; |
228 | $id = $params['id']; |
| 229 | $obj = OIDplusObject::parse($id); |
229 | $obj = OIDplusObject::parse($id); |
| 230 | if (!$obj) throw new OIDplusException(_L('Invalid object "%1"',$id)); |
230 | if (!$obj) throw new OIDplusException(_L('Invalid object "%1"',$id)); |
| 231 | if (!$obj->userHasWriteRights()) throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA of "%1" to upload an attachment.',$id)); |
231 | if (!$obj->userHasWriteRights()) throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA of "%1" to upload an attachment.',$id), null, 401); |
| 232 | 232 | ||
| 233 | if (!OIDplus::authUtils()->isAdminLoggedIn() && !$this->raMayUpload()) { |
233 | if (!OIDplus::authUtils()->isAdminLoggedIn() && !$this->raMayUpload()) { |
| 234 | throw new OIDplusException(_L('The administrator has disabled uploading attachments by RAs.')); |
234 | throw new OIDplusException(_L('The administrator has disabled uploading attachments by RAs.')); |
| 235 | } |
235 | } |
| 236 | 236 | ||