Comment.checkAccess (action, usr, level)
permission check (called by hopobject.onRequest())

  • Parameter String:
    name of action
  • Parameter Obj:
    User object
  • Parameter Int:
    Membership level
  • Returns
    Obj Exception object or null
Sourcecode in Comment/securityFunctions.js:
1:   function checkAccess(action, usr, level) {
2:      try {
3:         switch (action) {
4:            case "edit" :
5:               if (!usr && req.data.save)
6:                  rescueText(req.data);
7:               checkIfLoggedIn(this.href(req.action));
8:               this.checkEdit(usr, level);
9:               break;
10:           case "delete" :
11:              checkIfLoggedIn();
12:              this.checkDelete(usr, level);
13:              break;
14:           case "comment" :
15:              if (!usr && req.data.save)
16:                 rescueText(req.data);
17:              checkIfLoggedIn(this.href(req.action));
18:              this.story.checkPost(usr, level);
19:              break;
20:        }
21:     } catch (deny) {
22:        res.message = deny.toString();
23:        res.redirect(this.story.href());
24:     }
25:     return;
26:  }