Story.checkView (usr, level) |
check if user is allowed to view story
|
Sourcecode in Story/securityFunctions.js:
1: function checkView(usr, level) { 2: this.site.checkView(usr, level); 3: if (!this.online && this.creator != usr) { 4: if (this.editableby == EDITABLEBY_ADMINS && (level & MAY_EDIT_ANYSTORY) == 0) 5: throw new DenyException("storyView"); 6: else if (this.editableby == EDITABLEBY_CONTRIBUTORS && (level & MAY_ADD_STORY) == 0) 7: throw new DenyException("storyView"); 8: } 9: return; 10: } |