aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544>2009-02-23 10:29:43 +0000
committerben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544>2009-02-23 10:29:43 +0000
commitabf321f2fb25d1750c96a67807bcda84a63ba497 (patch)
treeb5adddfd4456b707a35b8c35acb3782ecfe5bce0
parentba23d8e106d4652e229d1839ec2dd13cf4daaad9 (diff)
downloadelgg-abf321f2fb25d1750c96a67807bcda84a63ba497.tar.gz
elgg-abf321f2fb25d1750c96a67807bcda84a63ba497.tar.bz2
Added site default access permissions. Refs #744
git-svn-id: https://code.elgg.org/elgg/trunk@2885 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r--actions/admin/site/update_basic.php106
-rw-r--r--actions/systemsettings/install.php1
-rw-r--r--engine/lib/access.php110
-rw-r--r--engine/lib/widgets.php8
-rw-r--r--languages/en.php2
-rw-r--r--mod/profile/actions/edit.php1
-rw-r--r--mod/profile/views/default/profile/edit.php2
-rw-r--r--views/default/input/access.php16
-rw-r--r--views/default/settings/system.php29
-rw-r--r--views/failsafe/settings/system.php22
10 files changed, 165 insertions, 132 deletions
diff --git a/actions/admin/site/update_basic.php b/actions/admin/site/update_basic.php
index 002276603..f5582fb2e 100644
--- a/actions/admin/site/update_basic.php
+++ b/actions/admin/site/update_basic.php
@@ -12,69 +12,71 @@
* @copyright Curverider Ltd 2008-2009
* @link http://elgg.org/
*/
-
- global $CONFIG;
-
- // block non-admin users
- admin_gatekeeper();
- action_gatekeeper();
+
+ global $CONFIG;
+
+ // block non-admin users
+ admin_gatekeeper();
+ action_gatekeeper();
if (get_input('settings') == 'go') {
if (datalist_get('default_site')) {
-
- $site = get_entity(datalist_get('default_site'));
- if (!($site instanceof ElggSite))
- throw new InstallationException(elgg_echo('InvalidParameterException:NonElggSite'));
-
+
+ $site = get_entity(datalist_get('default_site'));
+ if (!($site instanceof ElggSite))
+ throw new InstallationException(elgg_echo('InvalidParameterException:NonElggSite'));
+
$site->description = get_input('sitedescription');
- $site->name = get_input('sitename');
+ $site->name = get_input('sitename');
$site->email = get_input('siteemail');
$site->url = get_input('wwwroot');
datalist_set('path',sanitise_filepath(get_input('path')));
- datalist_set('dataroot',sanitise_filepath(get_input('dataroot')));
-
- set_config('language', get_input('language'), $site->getGUID());
-
- set_config('view', get_input('view'), $site->getGUID());
-
- $debug = get_input('debug');
- if ($debug)
- set_config('debug', 1, $site->getGUID());
- else
- unset_config('debug', $site->getGUID());
-
- $https_login = get_input('https_login');
- if ($https_login)
- set_config('https_login', 1, $site->getGUID());
- else
- unset_config('https_login', $site->getGUID());
-
- $usage = get_input('usage');
- if ($usage)
- unset_config('ping_home', $site->getGUID());
- else
- set_config('ping_home', 'disabled', $site->getGUID());
-
- $api = get_input('api');
- if ($api)
- unset_config('disable_api', $site->getGUID());
- else
- set_config('disable_api', 'disabled', $site->getGUID());
-
- // Now ping home
- //if ((!isset($usage)) || ($usage!='disabled'))
- //{
- // ping_home($site);
- //}
-
- if ($site->save())
- system_message(elgg_echo("admin:configuration:success"));
- else
+ datalist_set('dataroot',sanitise_filepath(get_input('dataroot')));
+
+ set_config('language', get_input('language'), $site->getGUID());
+
+ set_config('default_access', get_input('default_access'), $site->getGUID());
+
+ set_config('view', get_input('view'), $site->getGUID());
+
+ $debug = get_input('debug');
+ if ($debug)
+ set_config('debug', 1, $site->getGUID());
+ else
+ unset_config('debug', $site->getGUID());
+
+ $https_login = get_input('https_login');
+ if ($https_login)
+ set_config('https_login', 1, $site->getGUID());
+ else
+ unset_config('https_login', $site->getGUID());
+
+ $usage = get_input('usage');
+ if ($usage)
+ unset_config('ping_home', $site->getGUID());
+ else
+ set_config('ping_home', 'disabled', $site->getGUID());
+
+ $api = get_input('api');
+ if ($api)
+ unset_config('disable_api', $site->getGUID());
+ else
+ set_config('disable_api', 'disabled', $site->getGUID());
+
+ // Now ping home
+ //if ((!isset($usage)) || ($usage!='disabled'))
+ //{
+ // ping_home($site);
+ //}
+
+ if ($site->save())
+ system_message(elgg_echo("admin:configuration:success"));
+ else
register_error(elgg_echo("admin:configuration:fail"));
- //header("Location: {$CONFIG->wwwroot}admin/site/");
+ //header("Location: {$CONFIG->wwwroot}admin/site/");
forward($_SERVER['HTTP_REFERER']);
exit;
diff --git a/actions/systemsettings/install.php b/actions/systemsettings/install.php
index 8b8f78517..9fbbd3802 100644
--- a/actions/systemsettings/install.php
+++ b/actions/systemsettings/install.php
@@ -58,6 +58,7 @@
set_config('view', get_input('view'), $site->getGUID());
set_config('language', get_input('language'), $site->getGUID());
+ set_config('default_access', get_input('default_access'), $site->getGUID());
$debug = get_input('debug');
if ($debug)
diff --git a/engine/lib/access.php b/engine/lib/access.php
index 77f234dc9..eb00d7543 100644
--- a/engine/lib/access.php
+++ b/engine/lib/access.php
@@ -53,7 +53,7 @@
function get_access_array($user_id = 0, $site_id = 0, $flush = false) {
global $CONFIG, $init_finished;
- static $access_array, $acm, $ac; // Caches. $ac* flag whether we have executed a query previously, and stop it being run again if no data is returned.
+ static $access_array, $acm, $ac; // Caches. $ac* flag whether we have executed a query previously, and stop it being run again if no data is returned.
if (!isset($access_array) || (!isset($init_finished)) || (!$init_finished))
$access_array = array();
@@ -72,23 +72,23 @@
$tmp_access_array = array(ACCESS_PUBLIC);
if (isloggedin()) {
- $tmp_access_array[] = ACCESS_LOGGED_IN;
-
- // The following can only return sensible data if the user is logged in.
+ $tmp_access_array[] = ACCESS_LOGGED_IN;
+
+ // The following can only return sensible data if the user is logged in.
if ($collections = get_data($query)) {
foreach($collections as $collection)
- if (!empty($collection->access_collection_id)) $tmp_access_array[] = $collection->access_collection_id;
+ if (!empty($collection->access_collection_id)) $tmp_access_array[] = $collection->access_collection_id;
- }
+ }
$query = "SELECT ag.id FROM {$CONFIG->dbprefix}access_collections ag ";
$query .= " WHERE ag.owner_guid = {$user_id} AND (ag.site_guid = {$site_id} OR ag.site_guid = 0)";
-
+
if ($collections = get_data($query)) {
foreach($collections as $collection)
if (!empty($collection->id)) $tmp_access_array[] = $collection->id;
- }
+ }
global $is_admin;
@@ -96,11 +96,11 @@
if (isset($is_admin) && $is_admin == true) {
$tmp_access_array[] = ACCESS_PRIVATE;
}
-
- $access_array[$user_id] = $tmp_access_array;
+
+ $access_array[$user_id] = $tmp_access_array;
}
- else
- return $tmp_access_array; // No user id logged in so we can only access public info
+ else
+ return $tmp_access_array; // No user id logged in so we can only access public info
} else {
@@ -110,34 +110,48 @@
return $access_array[$user_id];
}
-
- /**
- * Override the default behaviour and allow results to show hidden entities as well.
- * THIS IS A HACK.
- *
- * TODO: Replace this with query object!
- */
- $ENTITY_SHOW_HIDDEN_OVERRIDE = false;
-
- /**
- * This will be replaced. Do not use in plugins!
- *
- * @param bool $show
- */
- function access_show_hidden_entities($show_hidden)
- {
- global $ENTITY_SHOW_HIDDEN_OVERRIDE;
- $ENTITY_SHOW_HIDDEN_OVERRIDE = $show_hidden;
- }
-
- /**
- * This will be replaced. Do not use in plugins!
- */
- function access_get_show_hidden_status()
- {
- global $ENTITY_SHOW_HIDDEN_OVERRIDE;
- return $ENTITY_SHOW_HIDDEN_OVERRIDE;
- }
+
+ /**
+ * Gets the default access permission for new content
+ *
+ * @return int default access id (see ACCESS defines in elgglib.php)
+ */
+ function get_default_access()
+ {
+ global $CONFIG;
+
+ // future: if user has a default access set, override site default access
+
+ return $CONFIG->default_access;
+ }
+
+ /**
+ * Override the default behaviour and allow results to show hidden entities as well.
+ * THIS IS A HACK.
+ *
+ * TODO: Replace this with query object!
+ */
+ $ENTITY_SHOW_HIDDEN_OVERRIDE = false;
+
+ /**
+ * This will be replaced. Do not use in plugins!
+ *
+ * @param bool $show
+ */
+ function access_show_hidden_entities($show_hidden)
+ {
+ global $ENTITY_SHOW_HIDDEN_OVERRIDE;
+ $ENTITY_SHOW_HIDDEN_OVERRIDE = $show_hidden;
+ }
+
+ /**
+ * This will be replaced. Do not use in plugins!
+ */
+ function access_get_show_hidden_status()
+ {
+ global $ENTITY_SHOW_HIDDEN_OVERRIDE;
+ return $ENTITY_SHOW_HIDDEN_OVERRIDE;
+ }
/**
* Add access restriction sql code to a given query.
@@ -149,17 +163,17 @@
* @param string $table_prefix Optional xxx. prefix for the access code.
*/
function get_access_sql_suffix($table_prefix = "")
- {
- global $ENTITY_SHOW_HIDDEN_OVERRIDE;
+ {
+ global $ENTITY_SHOW_HIDDEN_OVERRIDE;
$sql = "";
if ($table_prefix)
$table_prefix = sanitise_string($table_prefix) . ".";
- $access = get_access_list();
-
- $owner = get_loggedin_userid();
+ $access = get_access_list();
+
+ $owner = get_loggedin_userid();
if (!$owner) $owner = -1;
global $is_admin;
@@ -171,7 +185,7 @@
if (empty($sql))
$sql = " ({$table_prefix}access_id in {$access} or ({$table_prefix}access_id = " . ACCESS_PRIVATE . " and {$table_prefix}owner_guid = $owner))";
- if (!$ENTITY_SHOW_HIDDEN_OVERRIDE)
+ if (!$ENTITY_SHOW_HIDDEN_OVERRIDE)
$sql .= " and {$table_prefix}enabled='yes'";
return $sql;
@@ -332,9 +346,9 @@
if ((array_key_exists($collection_id, $collections) || $collection->owner_guid == 0)
&& $user = get_user($user_guid)) {
- global $CONFIG;
+ global $CONFIG;
try {
- insert_data("insert into {$CONFIG->dbprefix}access_collection_membership set access_collection_id = {$collection_id}, user_guid = {$user_guid}");
+ insert_data("insert into {$CONFIG->dbprefix}access_collection_membership set access_collection_id = {$collection_id}, user_guid = {$user_guid}");
} catch (DatabaseException $e) {}
return true;
diff --git a/engine/lib/widgets.php b/engine/lib/widgets.php
index 2660cc240..a455f8068 100644
--- a/engine/lib/widgets.php
+++ b/engine/lib/widgets.php
@@ -232,8 +232,12 @@
$widget = new ElggWidget;
$widget->owner_guid = $user_guid;
- $widget->access_id = ACCESS_LOGGED_IN;
- if (!$widget->save())
+ $widget->access_id = get_default_access();
+ // private widgets don't makes sense, correct?
+ if ($widget->access_id == ACCESS_PRIVATE)
+ $widget->access_id = ACCESS_LOGGED_IN; // change to ACCESS_FRIENDS when implemented
+
+ if (!$widget->save())
return false;
$widget->handler = $handler;
diff --git a/languages/en.php b/languages/en.php
index 09da1d9c3..62de6f1dd 100644
--- a/languages/en.php
+++ b/languages/en.php
@@ -495,6 +495,7 @@ To remove a widget drag it back to the <b>Widget gallery</b>.",
'admin:site:description' => "This admin panel allows you to control global settings for your site. Choose an option below to get started.",
'admin:site:opt:linktext' => "Configure site...",
'admin:site:opt:description' => "Configure the site technical and non-technical settings. ",
+ 'admin:site:access:warning' => "Changing the access setting only affects the permissions on content created in the future.",
'admin:plugins' => "Tool Administration",
'admin:plugins:description' => "This admin panel allows you to control and configure tools installed on your site.",
@@ -759,6 +760,7 @@ Alternatively, you can enter your database settings below and we will try and do
'installation:path' => "The full path to your site root on your disk, followed by a trailing slash:",
'installation:dataroot' => "The full path to the directory where uploaded files will be stored, followed by a trailing slash:",
'installation:dataroot:warning' => "You must create this directory manually. It should sit in a different directory to your Elgg installation.",
+ 'installation:sitepermissions' => "The default access permissions:",
'installation:language' => "The default language for your site:",
'installation:debug' => "Debug mode provides extra information which can be used to diagnose faults, however it can slow your system down so should only be used if you are having problems:",
'installation:debug:label' => "Turn on debug mode",
diff --git a/mod/profile/actions/edit.php b/mod/profile/actions/edit.php
index 7a4716646..95a669a69 100644
--- a/mod/profile/actions/edit.php
+++ b/mod/profile/actions/edit.php
@@ -44,6 +44,7 @@
if (isset($accesslevel[$shortname])) {
$access_id = (int) $accesslevel[$shortname];
} else {
+ // this should never be executed since the access level should always be set
$access_id = ACCESS_PRIVATE;
}
if (is_array($value)) {
diff --git a/mod/profile/views/default/profile/edit.php b/mod/profile/views/default/profile/edit.php
index 7b1f9540a..e2eb8f5ce 100644
--- a/mod/profile/views/default/profile/edit.php
+++ b/mod/profile/views/default/profile/edit.php
@@ -36,7 +36,7 @@
}
} else {
$value = '';
- $access_id = ACCESS_LOGGED_IN;
+ $access_id = ACCESS_DEFAULT;
}
?>
diff --git a/views/default/input/access.php b/views/default/input/access.php
index db938111e..e08eca13a 100644
--- a/views/default/input/access.php
+++ b/views/default/input/access.php
@@ -15,15 +15,19 @@
* @uses $vars['js'] Any Javascript to enter into the input tag
* @uses $vars['internalname'] The name of the input field
*
- */
-
- if (isset($vars['class'])) $class = $vars['class'];
+ */
+
+ if (isset($vars['class'])) $class = $vars['class'];
if (!$class) $class = "input-access";
-
- if ((!isset($vars['options'])) || (!is_array($vars['options'])))
+
+ if (!array_key_exists('value', $vars) || $vars['value'] == ACCESS_DEFAULT)
+ $vars['value'] = get_default_access();
+
+
+ if ((!isset($vars['options'])) || (!is_array($vars['options'])))
{
$vars['options'] = array();
- $vars['options'] = get_write_access_array();
+ $vars['options'] = get_write_access_array();
}
if (is_array($vars['options']) && sizeof($vars['options']) > 0) {
diff --git a/views/default/settings/system.php b/views/default/settings/system.php
index f8317d95c..317a1094e 100644
--- a/views/default/settings/system.php
+++ b/views/default/settings/system.php
@@ -35,26 +35,29 @@
$languages = get_installed_translations();
$form_body .= "<p>" . elgg_echo('installation:language') . elgg_view("input/pulldown", array('internalname' => 'language', 'value' => $vars['config']->language, 'options_values' => $languages)) . "</p>";
- $form_body .= "<p class=\"admin_debug\">" . elgg_echo('installation:debug') . "<br />" .elgg_view("input/checkboxes", array('options' => array(elgg_echo('installation:debug:label')), 'internalname' => 'debug', 'value' => ($vars['config']->debug ? elgg_echo('installation:debug:label') : "") )) . "</p>";
-
- $form_body .= "<p class=\"admin_debug\">" . elgg_echo('installation:httpslogin') . "<br />" .elgg_view("input/checkboxes", array('options' => array(elgg_echo('installation:httpslogin:label')), 'internalname' => 'https_login', 'value' => ($vars['config']->https_login ? elgg_echo('installation:httpslogin:label') : "") )) . "</p>";
+ $form_body .= "<p class=\"admin_debug\">" . elgg_echo('admin:site:access:warning') . "<br />";
+ $form_body .= elgg_echo('installation:sitepermissions') . elgg_view('input/access', array('internalname' => 'default_access','value' => $vars['config']->default_access)) . "</p>";
-
- $form_body .= "<p class=\"admin_debug\">" . elgg_echo('installation:disableapi') . "<br />";
- $on = elgg_echo('installation:disableapi:label');
- if ((isset($CONFIG->disable_api)) && ($CONFIG->disable_api == true))
- $on = ($vars['config']->disable_api ? "" : elgg_echo('installation:disableapi:label'));
- $form_body .= elgg_view("input/checkboxes", array('options' => array(elgg_echo('installation:disableapi:label')), 'internalname' => 'api', 'value' => $on ));
- $form_body .= "</p>";
+ $form_body .= "<p class=\"admin_debug\">" . elgg_echo('installation:debug') . "<br />" .elgg_view("input/checkboxes", array('options' => array(elgg_echo('installation:debug:label')), 'internalname' => 'debug', 'value' => ($vars['config']->debug ? elgg_echo('installation:debug:label') : "") )) . "</p>";
+
+ $form_body .= "<p class=\"admin_debug\">" . elgg_echo('installation:httpslogin') . "<br />" .elgg_view("input/checkboxes", array('options' => array(elgg_echo('installation:httpslogin:label')), 'internalname' => 'https_login', 'value' => ($vars['config']->https_login ? elgg_echo('installation:httpslogin:label') : "") )) . "</p>";
+
+
+ $form_body .= "<p class=\"admin_debug\">" . elgg_echo('installation:disableapi') . "<br />";
+ $on = elgg_echo('installation:disableapi:label');
+ if ((isset($CONFIG->disable_api)) && ($CONFIG->disable_api == true))
+ $on = ($vars['config']->disable_api ? "" : elgg_echo('installation:disableapi:label'));
+ $form_body .= elgg_view("input/checkboxes", array('options' => array(elgg_echo('installation:disableapi:label')), 'internalname' => 'api', 'value' => $on ));
+ $form_body .= "</p>";
$form_body .= "<p class=\"admin_usage\">" . elgg_echo('installation:usage') . "<br />";
- $on = elgg_echo('installation:usage:label');
+ $on = elgg_echo('installation:usage:label');
if (isset($CONFIG->ping_home))
$on = ($vars['config']->ping_home!='disabled' ? elgg_echo('installation:usage:label') : "");
$form_body .= elgg_view("input/checkboxes", array('options' => array(elgg_echo('installation:usage:label')), 'internalname' => 'usage', 'value' => $on ));
- $form_body .= "</p>";
-
+ $form_body .= "</p>";
+
$form_body .= elgg_view('input/hidden', array('internalname' => 'settings', 'value' => 'go'));
diff --git a/views/failsafe/settings/system.php b/views/failsafe/settings/system.php
index 18e43eac1..420dc45aa 100644
--- a/views/failsafe/settings/system.php
+++ b/views/failsafe/settings/system.php
@@ -36,16 +36,18 @@
$languages = get_installed_translations();
$form_body .= "<p>" . elgg_echo('installation:language') . elgg_view("input/pulldown", array('internalname' => 'language', 'value' => $vars['config']->language, 'options_values' => $languages)) . "</p>";
- $form_body .= "<p class=\"admin_debug\">" . elgg_echo('installation:debug') . "<br />" .elgg_view("input/checkboxes", array('options' => array(elgg_echo('installation:debug:label')), 'internalname' => 'debug', 'value' => ($vars['config']->debug ? elgg_echo('installation:debug:label') : "") )) . "</p>";
-
+ $form_body .= "<p>" . elgg_echo('installation:sitepermissions') . elgg_view('input/access', array('internalname' => 'default_access','value' => ACCESS_LOGGED_IN)) . "</p>";
+
+ $form_body .= "<p class=\"admin_debug\">" . elgg_echo('installation:debug') . "<br />" .elgg_view("input/checkboxes", array('options' => array(elgg_echo('installation:debug:label')), 'internalname' => 'debug', 'value' => ($vars['config']->debug ? elgg_echo('installation:debug:label') : "") )) . "</p>";
+
$form_body .= "<p class=\"admin_debug\">" . elgg_echo('installation:httpslogin') . "<br />" .elgg_view("input/checkboxes", array('options' => array(elgg_echo('installation:httpslogin:label')), 'internalname' => 'https_login', 'value' => ($vars['config']->https_login ? elgg_echo('installation:httpslogin:label') : "") )) . "</p>";
-
- $form_body .= "<p class=\"admin_debug\">" . elgg_echo('installation:disableapi') . "<br />";
- $on = elgg_echo('installation:disableapi:label');
- if ((isset($CONFIG->disable_api)) && ($CONFIG->disable_api == true))
- $on = ($vars['config']->disable_api ? "" : elgg_echo('installation:disableapi:label'));
- $form_body .= elgg_view("input/checkboxes", array('options' => array(elgg_echo('installation:disableapi:label')), 'internalname' => 'api', 'value' => $on ));
- $form_body .= "</p>";
+
+ $form_body .= "<p class=\"admin_debug\">" . elgg_echo('installation:disableapi') . "<br />";
+ $on = elgg_echo('installation:disableapi:label');
+ if ((isset($CONFIG->disable_api)) && ($CONFIG->disable_api == true))
+ $on = ($vars['config']->disable_api ? "" : elgg_echo('installation:disableapi:label'));
+ $form_body .= elgg_view("input/checkboxes", array('options' => array(elgg_echo('installation:disableapi:label')), 'internalname' => 'api', 'value' => $on ));
+ $form_body .= "</p>";
$form_body .= "<p class=\"admin_usage\">" . elgg_echo('installation:usage') . "<br />";
$on = elgg_echo('installation:usage:label');
@@ -53,7 +55,7 @@
if (isset($CONFIG->ping_home))
$on = ($vars['config']->ping_home!='disabled' ? elgg_echo('installation:usage:label') : "");
$form_body .= elgg_view("input/checkboxes", array('options' => array(elgg_echo('installation:usage:label')), 'internalname' => 'usage', 'value' => $on ));
- $form_body .= "</p>";
+ $form_body .= "</p>";
$form_body .= elgg_view('input/hidden', array('internalname' => 'settings', 'value' => 'go'));