diff options
author | Brett Profitt <brett.profitt@gmail.com> | 2011-07-03 17:41:20 -0400 |
---|---|---|
committer | Brett Profitt <brett.profitt@gmail.com> | 2011-07-03 17:41:20 -0400 |
commit | de111da23258cd2b513c8f4ab84712ee50272b23 (patch) | |
tree | a431dfa846987f48fb480e95bc5c5a1653c8c87c /actions | |
parent | b3bad6fc928cae56bdc3a97fe8089b27f6f79f0b (diff) | |
download | elgg-de111da23258cd2b513c8f4ab84712ee50272b23.tar.gz elgg-de111da23258cd2b513c8f4ab84712ee50272b23.tar.bz2 |
Merged ACL fixes from 1.7 branch.
Diffstat (limited to 'actions')
-rw-r--r-- | actions/friends/collections/add.php | 38 | ||||
-rw-r--r-- | actions/friends/collections/delete.php | 34 | ||||
-rw-r--r-- | actions/friends/collections/edit.php | 20 |
3 files changed, 42 insertions, 50 deletions
diff --git a/actions/friends/collections/add.php b/actions/friends/collections/add.php index 8ec6a085f..8383e4db2 100644 --- a/actions/friends/collections/add.php +++ b/actions/friends/collections/add.php @@ -2,35 +2,31 @@ /** * Elgg collection add page * - * @package Elgg.Core - * @subpackage Friends.Collections + * @package Elgg + * @subpackage Core */ $collection_name = get_input('collection_name'); $friends = get_input('friends_collection'); -//first check to make sure that a collection name has been set and create the new colection -if ($collection_name) { +if (!$collection_name) { + register_error(elgg_echo("friends:nocollectionname")); + forward(REFERER); +} - //create the collection - $create_collection = create_access_collection($collection_name, elgg_get_logged_in_user_guid()); +$id = create_access_collection($collection_name); - //if the collection was created and the user passed some friends from the form, add them - if ($create_collection && (!empty($friends))) { - //add friends to the collection - foreach ($friends as $friend) { - add_user_to_access_collection($friend, $create_collection); - } +if ($id) { + $result = update_access_collection($id, $friends); + if ($result) { + system_message(elgg_echo("friends:collectionadded")); + // go to the collections page + forward("pg/collections/" . get_loggedin_user()->username); + } else { + register_error(elgg_echo("friends:nocollectionname")); + forward(REFERER); } - - // Success message - system_message(elgg_echo("friends:collectionadded")); - // Forward to the collections page - forward("collections/" . elgg_get_logged_in_user_entity()->username); - } else { register_error(elgg_echo("friends:nocollectionname")); - - // Forward to the add collection page - forward("collections/add"); + forward(REFERER); } diff --git a/actions/friends/collections/delete.php b/actions/friends/collections/delete.php index fe719d74b..5b0aa8e10 100644 --- a/actions/friends/collections/delete.php +++ b/actions/friends/collections/delete.php @@ -1,36 +1,24 @@ <?php + /** * Elgg friends: delete collection action * - * @package Elgg.Core - * @subpackage Friends.Collections + * @package Elgg + * @subpackage Core */ $collection_id = (int) get_input('collection'); -// Check to see that the access collection exist and grab its owner -$get_collection = get_access_collection($collection_id); - -if ($get_collection) { - - if ($get_collection->owner_guid == elgg_get_logged_in_user_guid()) { - - $delete_collection = delete_access_collection($collection_id); +// check the ACL exists and we can edit +if (!can_edit_access_collection($collection_id)) { + register_error(elgg_echo("friends:collectiondeletefailed")); + forward(REFERER); +} - // Success message - if ($delete_collection) { - system_message(elgg_echo("friends:collectiondeleted")); - } else { - register_error(elgg_echo("friends:collectiondeletefailed")); - } - } else { - // Failure message - register_error(elgg_echo("friends:collectiondeletefailed")); - } +if (delete_access_collection($collection_id)) { + system_message(elgg_echo("friends:collectiondeleted")); } else { - // Failure message register_error(elgg_echo("friends:collectiondeletefailed")); } -// Forward to the collections page -forward("collections/" . elgg_get_logged_in_user_entity()->username); +forward(REFERER); diff --git a/actions/friends/collections/edit.php b/actions/friends/collections/edit.php index b7fb716f2..581b21353 100644 --- a/actions/friends/collections/edit.php +++ b/actions/friends/collections/edit.php @@ -1,15 +1,23 @@ <?php /** - * Friends collection edit action + * Elgg collection add page * - * @package Elgg.Core - * @subpackage Friends.Collections + * @package Elgg + * @subpackage Core */ $collection_id = get_input('collection_id'); $friends = get_input('friend'); -//chech the collection exists and the current user owners it -update_access_collection($collection_id, $friends); +// check it exists and we can edit +if (!can_edit_access_collection($collection_id)) { + system_message(elgg_echo('friends:collection:edit_failed')); +} -exit; +if (update_access_collection($collection_id, $friends)) { + system_message(elgg_echo('friends:collections:edited')); +} else { + system_message(elgg_echo('friends:collection:edit_failed')); +} + +forward(REFERER);
\ No newline at end of file |