Site.checkAccess (action, usr, level)
permission check (called by hopobject.onRequest())

  • Parameter String:
    name of action
  • Parameter Obj:
    User object
  • Parameter Int:
    Membership level
  • Returns
    Obj Exception object or null
Sourcecode in Site/securityFunctions.js:
1:   function checkAccess(action, usr, level) {
2:      var url = this.members.href("login");
3:      try {
4:         switch (action) {
5:            case "main" :
6:               if (!this.online)
7:                  checkIfLoggedIn();
8:               url = root.href();
9:               this.checkView(usr, level);
10:              break;
11:           case "edit" :
12:              checkIfLoggedIn();
13:              url = this.href();
14:              this.checkEdit(usr, level);
15:              break;
16:           case "delete" :
17:              checkIfLoggedIn();
18:              url = this.href();
19:              this.checkView(usr, level);
20:              break;
21:           case "getfile" :
22:              if (!this.online)
23:                 checkIfLoggedIn();
24:              url = root.href();
25:              this.checkView(usr, level);
26:              break;
27:           case "mostread" :
28:              if (!this.online)
29:                 checkIfLoggedIn();
30:              url = root.href();
31:              this.checkView(usr, level);
32:              break;
33:           case "referrers" :
34:              if (!this.online)
35:                 checkIfLoggedIn();
36:              url = root.href();
37:              this.checkView(usr, level);
38:              break;
39:           case "search" :
40:              if (!this.online)
41:                 checkIfLoggedIn();
42:              url = root.href();
43:              this.checkView(usr, level);
44:              break;
45:           case "subscribe" :
46:              checkIfLoggedIn();
47:              this.checkSubscribe(usr, level);
48:              break;
49:           case "unsubscribe" :
50:              checkIfLoggedIn();
51:              this.checkUnsubscribe(usr, level);
52:              break;
53:        }
54:     } catch (deny) {
55:        res.message = deny.toString();
56:        res.redirect(url);
57:     }
58:     return;
59:  }