Story.checkAccess (action, usr, level)
permission check (called by hopobject.onRequest())

  • Parameter String:
    name of action
  • Parameter Obj:
    User object
  • Parameter Int:
    Membership level
  • Returns
    Obj Exception object or null
Sourcecode in Story/securityFunctions.js:
1:   function checkAccess(action, usr, level) {
2:      var url = this.site.href();
3:      try {
4:         switch (action) {
5:            case "main" :
6:               this.checkView(usr, level);
7:               break;
8:            case "edit" :
9:               if (!usr && req.data.save)
10:                 rescueText(req.data);
11:              checkIfLoggedIn(this.href(req.action));
12:              this.checkEdit(usr, level);
13:              break;
14:           case "delete" :
15:              checkIfLoggedIn();
16:              this.checkDelete(usr, level);
17:              break;
18:           case "comment" :
19:              if (!usr && req.data.save)
20:                 rescueText(req.data);
21:              checkIfLoggedIn(this.href(req.action));
22:              url = this.href();
23:              this.checkPost(usr, level);
24:              break;
25:        }
26:     } catch (deny) {
27:        res.message = deny.toString();
28:        res.redirect(url);
29:     }
30:     return;
31:  }