aboutsummaryrefslogtreecommitdiff
path: root/engine/lib/pageowner.php
diff options
context:
space:
mode:
authorBrett Profitt <brett.profitt@gmail.com>2012-12-17 12:20:57 -0500
committerBrett Profitt <brett.profitt@gmail.com>2012-12-17 12:20:57 -0500
commitb46d3d3699529b49e147843437148baac6657f39 (patch)
treeef535cc84b66b7970c05a93a996ca30e9a456888 /engine/lib/pageowner.php
parent15e5caa7849cf452c1d2383a3c35f6884ee57709 (diff)
downloadelgg-b46d3d3699529b49e147843437148baac6657f39.tar.gz
elgg-b46d3d3699529b49e147843437148baac6657f39.tar.bz2
Fixes #4720. Disabling access while finding / fetching page owners so group gatekeepers work.
Diffstat (limited to 'engine/lib/pageowner.php')
-rw-r--r--engine/lib/pageowner.php21
1 files changed, 18 insertions, 3 deletions
diff --git a/engine/lib/pageowner.php b/engine/lib/pageowner.php
index 0cf0e0625..94765feee 100644
--- a/engine/lib/pageowner.php
+++ b/engine/lib/pageowner.php
@@ -37,6 +37,8 @@ function elgg_get_page_owner_guid($guid = 0) {
/**
* Gets the owner entity for the current page.
*
+ * @note Access is disabled when getting the page owner entity.
+ *
* @return ElggEntity|false The current page owner or false if none.
*
* @since 1.8.0
@@ -44,10 +46,14 @@ function elgg_get_page_owner_guid($guid = 0) {
function elgg_get_page_owner_entity() {
$guid = elgg_get_page_owner_guid();
if ($guid > 0) {
- return get_entity($guid);
+ $ia = elgg_set_ignore_access(true);
+ $owner = get_entity($guid);
+ elgg_set_ignore_access($ia);
+
+ return $owner;
}
- return FALSE;
+ return false;
}
/**
@@ -75,6 +81,8 @@ function elgg_set_page_owner_guid($guid) {
* <handler>/edit/<entity guid>
* <handler>/group/<group guid>
*
+ * @note Access is disabled while finding the page owner for the group gatekeeper functions.
+ *
*
* @param string $hook 'page_owner'
* @param string $entity_type 'system'
@@ -90,6 +98,8 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params)
return $returnvalue;
}
+ $ia = elgg_set_ignore_access(true);
+
$username = get_input("username");
if ($username) {
// @todo using a username of group:<guid> is deprecated
@@ -97,6 +107,7 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params)
preg_match('/group\:([0-9]+)/i', $username, $matches);
$guid = $matches[1];
if ($entity = get_entity($guid)) {
+ elgg_set_ignore_access($ia);
return $entity->getGUID();
}
}
@@ -109,6 +120,7 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params)
$owner = get_input("owner_guid");
if ($owner) {
if ($user = get_entity($owner)) {
+ elgg_set_ignore_access($ia);
return $user->getGUID();
}
}
@@ -130,6 +142,7 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params)
case 'friends':
$user = get_user_by_username($segments[2]);
if ($user) {
+ elgg_set_ignore_access($ia);
return $user->getGUID();
}
break;
@@ -137,6 +150,7 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params)
case 'edit':
$entity = get_entity($segments[2]);
if ($entity) {
+ elgg_set_ignore_access($ia);
return $entity->getContainerGUID();
}
break;
@@ -144,6 +158,7 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params)
case 'group':
$entity = get_entity($segments[2]);
if ($entity) {
+ elgg_set_ignore_access($ia);
return $entity->getGUID();
}
break;
@@ -151,7 +166,7 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params)
}
}
- return $returnvalue;
+ elgg_set_ignore_access($ia);
}
/**