aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBrett Profitt <brett.profitt@gmail.com>2012-01-23 17:45:29 -0800
committerBrett Profitt <brett.profitt@gmail.com>2012-01-23 17:45:29 -0800
commit84f5b437767ee21c21cff025660a16839f9ac372 (patch)
tree3eea1be37c14e23373aa35ded77c455abcd1a42d
parent2e499d0f1e62267105dbe1ff2457cd6098765983 (diff)
downloadelgg-84f5b437767ee21c21cff025660a16839f9ac372.tar.gz
elgg-84f5b437767ee21c21cff025660a16839f9ac372.tar.bz2
Fixes #1196. Added elgg_set_ignore_access() calls to disable_entity() when called with recursive = true.
-rw-r--r--engine/lib/entities.php6
-rw-r--r--engine/tests/objects/objects.php45
2 files changed, 50 insertions, 1 deletions
diff --git a/engine/lib/entities.php b/engine/lib/entities.php
index f3bf9fb29..67011b802 100644
--- a/engine/lib/entities.php
+++ b/engine/lib/entities.php
@@ -1378,6 +1378,10 @@ function disable_entity($guid, $reason = "", $recursive = true) {
}
if ($recursive) {
+ $hidden = access_get_show_hidden_status();
+ access_show_hidden_entities(true);
+ $ia = elgg_set_ignore_access(true);
+
$sub_entities = get_data("SELECT * FROM {$CONFIG->dbprefix}entities
WHERE (
container_guid = $guid
@@ -1391,6 +1395,8 @@ function disable_entity($guid, $reason = "", $recursive = true) {
$e->disable($reason);
}
}
+ access_show_hidden_entities($hidden);
+ elgg_set_ignore_access($ia);
}
$entity->disableMetadata();
diff --git a/engine/tests/objects/objects.php b/engine/tests/objects/objects.php
index 0d0df6b75..cd507d5ab 100644
--- a/engine/tests/objects/objects.php
+++ b/engine/tests/objects/objects.php
@@ -194,7 +194,50 @@ class ElggCoreObjectTest extends ElggCoreUnitTest {
$old = elgg_set_ignore_access(true);
}
-
+ // see http://trac.elgg.org/ticket/1196
+ public function testElggEntityRecursiveDisableWhenLoggedOut() {
+ $e1 = new ElggObject();
+ $e1->access_id = ACCESS_PUBLIC;
+ $e1->owner_guid = 0;
+ $e1->container_guid = 0;
+ $e1->save();
+ $guid1 = $e1->getGUID();
+
+ $e2 = new ElggObject();
+ $e2->container_guid = $guid1;
+ $e2->access_id = ACCESS_PUBLIC;
+ $e2->owner_guid = 0;
+ $e2->save();
+ $guid2 = $e2->getGUID();
+
+ // fake being logged out
+ $user = $_SESSION['user'];
+ unset($_SESSION['user']);
+ $ia = elgg_set_ignore_access(true);
+
+ $this->assertTrue(disable_entity($guid1, null, true));
+
+ // "log in" original user
+ $_SESSION['user'] = $user;
+ elgg_set_ignore_access($ia);
+
+ $this->assertFalse(get_entity($guid1));
+ $this->assertFalse(get_entity($guid2));
+
+ $db_prefix = get_config('dbprefix');
+ $q = "SELECT * FROM {$db_prefix}entities WHERE guid = $guid1";
+ $r = get_data_row($q);
+ $this->assertEqual('no', $r->enabled);
+
+ $q = "SELECT * FROM {$db_prefix}entities WHERE guid = $guid2";
+ $r = get_data_row($q);
+ $this->assertEqual('no', $r->enabled);
+
+ access_show_hidden_entities(true);
+ delete_entity($guid1);
+ delete_entity($guid2);
+ access_show_hidden_entities(false);
+ }
protected function get_object_row($guid) {
global $CONFIG;