aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-08-05 19:20:17 +0000
committerben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-08-05 19:20:17 +0000
commit8422a0502f87ff85c0898287a3578cf387965586 (patch)
treec97ecea8e7b378651e62526f427476fc205970b5
parente02e8f05a0e4d097a964cf9869119bd0f0e2a2e3 (diff)
downloadelgg-8422a0502f87ff85c0898287a3578cf387965586.tar.gz
elgg-8422a0502f87ff85c0898287a3578cf387965586.tar.bz2
Fixed group-specific access controls, and site-specific access controls
git-svn-id: https://code.elgg.org/elgg/trunk@1720 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r--engine/lib/access.php15
-rw-r--r--engine/lib/group.php6
-rw-r--r--mod/groups/start.php45
3 files changed, 47 insertions, 19 deletions
diff --git a/engine/lib/access.php b/engine/lib/access.php
index 29f87a1f8..d9f48e6e2 100644
--- a/engine/lib/access.php
+++ b/engine/lib/access.php
@@ -24,7 +24,6 @@
function get_access_list($user_id = 0, $site_id = 0, $flush = false) {
global $CONFIG;
- static $access_list;
if (!isset($access_list))
$access_list = array();
@@ -34,11 +33,7 @@
$user_id = (int) $user_id;
$site_id = (int) $site_id;
- if (empty($access_list[$user_id]) || $flush == true) {
-
- $access_list[$user_id] = "(" . implode(",",get_access_array($user_id, $site_id, $flush)) . ")";
-
- }
+ $access_list[$user_id] = "(" . implode(",",get_access_array($user_id, $site_id, $flush)) . ")";
return $access_list[$user_id];
@@ -55,13 +50,13 @@
function get_access_array($user_id = 0, $site_id = 0, $flush = false) {
global $CONFIG;
- static $access_array;
if (!isset($access_array))
$access_array = array();
if ($user_id == 0) $user_id = $_SESSION['guid'];
- if (($site_id == 0) && (isset($CONFIG->site_id))) $site_id = $CONFIG->site_id;
+
+ if (($site_id == 0) && (isset($CONFIG->site_guid))) $site_id = $CONFIG->site_guid;
$user_id = (int) $user_id;
$site_id = (int) $site_id;
@@ -188,6 +183,8 @@
*/
function create_access_collection($name, $owner_guid = 0, $site_guid = 0) {
+ global $CONFIG;
+
$name = trim($name);
if (empty($name)) return false;
@@ -195,8 +192,6 @@
if (($site_id == 0) && (isset($CONFIG->site_id))) $site_id = $CONFIG->site_id;
$name = sanitise_string($name);
- global $CONFIG;
-
return insert_data("insert into {$CONFIG->dbprefix}access_collections set name = '{$name}', owner_guid = {$owner_guid}, site_guid = {$site_guid}");
}
diff --git a/engine/lib/group.php b/engine/lib/group.php
index 2556001c5..5c09a93d9 100644
--- a/engine/lib/group.php
+++ b/engine/lib/group.php
@@ -765,7 +765,8 @@
* @param int $user_guid The user.
*/
function join_group($group_guid, $user_guid)
- {
+ {
+ trigger_elgg_event('join','group',array('group' => get_entity($group_guid), 'user' => get_entity($user_guid)));
return add_entity_relationship($user_guid, 'member', $group_guid);
}
@@ -776,7 +777,8 @@
* @param int $user_guid The user.
*/
function leave_group($group_guid, $user_guid)
- {
+ {
+ trigger_elgg_event('leave','group',array('group' => get_entity($group_guid), 'user' => get_entity($user_guid)));
return remove_entity_relationship($user_guid, 'member', $group_guid);
}
diff --git a/mod/groups/start.php b/mod/groups/start.php
index 6363a97ca..3a1a912d2 100644
--- a/mod/groups/start.php
+++ b/mod/groups/start.php
@@ -63,6 +63,9 @@
extend_view('profile/icon','groups/icon');
+ // Write access permissions
+ register_plugin_hook('access:collections:write', 'all', 'groups_write_acl_plugin_hook');
+
// For now, we'll hard code the groups profile items as follows:
// TODO make this user configurable
@@ -221,6 +224,7 @@
*/
function groups_read_acl_plugin_hook($hook, $entity_type, $returnvalue, $params)
{
+
//error_log("READ: " . var_export($returnvalue));
$user = $_SESSION['user'];
if ($user)
@@ -231,7 +235,6 @@
{
foreach ($membership as $group)
$returnvalue[$user->guid][$group->group_acl] = elgg_echo('groups:group') . ": " . $group->name;
-
return $returnvalue;
}
}
@@ -265,19 +268,47 @@
return true;
}
+ /**
+ * Listens to a group join event and adds a user to the group's access control
+ *
+ */
+ function groups_user_join_event_listener($event, $object_type, $object) {
+
+ $group = $object['group'];
+ $user = $object['user'];
+ $acl = $group->group_acl;
+
+ add_user_to_access_collection($user->guid, $acl);
+
+ return true;
+
+ }
+
+ /**
+ * Listens to a group leave event and removes a user from the group's access control
+ *
+ */
+ function groups_user_leave_event_listener($event, $object_type, $object) {
+
+ $group = $object['group'];
+ $user = $object['user'];
+ $acl = $group->group_acl;
+
+ remove_user_from_access_collection($user->guid, $acl);
+
+ return true;
+
+ }
+
// Register a handler for create groups
register_elgg_event_handler('create', 'group', 'groups_create_event_listener');
// Register a handler for delete groups
register_elgg_event_handler('delete', 'group', 'groups_delete_event_listener');
- // Read access permissions
- register_plugin_hook('access:collections', 'all', 'groups_read_acl_plugin_hook');
-
- // Write access permissions
- register_plugin_hook('access:collections:write', 'all', 'groups_write_acl_plugin_hook');
-
// Make sure the groups initialisation function is called on initialisation
register_elgg_event_handler('init','system','groups_init');
+ register_elgg_event_handler('join','group','groups_user_join_event_listener');
+ register_elgg_event_handler('leave','group','groups_user_leave_event_listener');
register_elgg_event_handler('pagesetup','system','groups_submenus');
?> \ No newline at end of file