diff options
| author | Steve Clay <steve@mrclay.org> | 2012-09-07 01:38:03 -0400 |
|---|---|---|
| committer | Steve Clay <steve@mrclay.org> | 2012-09-07 01:38:03 -0400 |
| commit | 8916fcdca6a2950d210abd2db7e6fb104abec149 (patch) | |
| tree | 6df6b80f2b039a623cde43de3e1e6fac85fe6463 /engine/lib/group.php | |
| parent | 9ccbd106a87a1742a61cc4df0e9ead921046772a (diff) | |
| download | elgg-8916fcdca6a2950d210abd2db7e6fb104abec149.tar.gz elgg-8916fcdca6a2950d210abd2db7e6fb104abec149.tar.bz2 | |
Fixes #4789: group_gatekeeper() and river hide closed/invisible group content more reliably
Diffstat (limited to 'engine/lib/group.php')
| -rw-r--r-- | engine/lib/group.php | 56 |
1 files changed, 25 insertions, 31 deletions
diff --git a/engine/lib/group.php b/engine/lib/group.php index feb1f1e7f..b81146e61 100644 --- a/engine/lib/group.php +++ b/engine/lib/group.php @@ -247,48 +247,42 @@ function get_users_membership($user_guid) { } /** - * Checks access to a group. + * May the current user access item(s) on this page? If the page owner is a group, + * membership, visibility, and logged in status are taken into account. * * @param boolean $forward If set to true (default), will forward the page; * if set to false, will return true or false. * - * @return true|false If $forward is set to false. + * @return bool If $forward is set to false. */ function group_gatekeeper($forward = true) { - $allowed = true; - $url = ''; - - if ($group = elgg_get_page_owner_entity()) { - if ($group instanceof ElggGroup) { - $url = $group->getURL(); - if (!$group->isPublicMembership()) { - // closed group so must be member or an admin - - if (!elgg_is_logged_in()) { - $allowed = false; - if ($forward == true) { - $_SESSION['last_forward_from'] = current_page_url(); - register_error(elgg_echo('loggedinrequired')); - forward('', 'login'); - } - } else if (!$group->isMember(elgg_get_logged_in_user_entity())) { - $allowed = false; - } - // Admin override - if (elgg_is_admin_logged_in()) { - $allowed = true; - } - } - } + $page_owner_guid = elgg_get_page_owner_guid(); + if (!$page_owner_guid) { + return true; } + $visibility = ElggGroupItemVisibility::factory($page_owner_guid); - if ($forward && $allowed == false) { - register_error(elgg_echo('membershiprequired')); - forward($url, 'member'); + if (!$visibility->shouldHideItems) { + return true; } + if ($forward) { + // only forward to group if user can see it + $group = get_entity($page_owner_guid); + $forward_url = $group ? $group->getURL() : ''; + + if ($visibility->reasonHidden !== ElggGroupItemVisibility::REASON_MEMBERSHIP) { + $_SESSION['last_forward_from'] = current_page_url(); + $forward_reason = 'login'; + } else { + $forward_reason = 'member'; + } - return $allowed; + register_error(elgg_echo($visibility->reasonHidden)); + forward($forward_url, $forward_reason); + } + + return false; } /** |