diff options
| author | cash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2011-03-20 23:34:10 +0000 |
|---|---|---|
| committer | cash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2011-03-20 23:34:10 +0000 |
| commit | 346d082dae4da3908f7c7a6b8b9946768e19f5d6 (patch) | |
| tree | 970a50a0b5dc7eeec6d1d616ea788fdf85534697 /mod/groups/start.php | |
| parent | 8d8c62f3ed7be6691d76824ae82888aba2bb1616 (diff) | |
| download | elgg-346d082dae4da3908f7c7a6b8b9946768e19f5d6.tar.gz elgg-346d082dae4da3908f7c7a6b8b9946768e19f5d6.tar.bz2 | |
Fixes #2974 using canWriteToContainer() to control access to creating group content
git-svn-id: http://code.elgg.org/elgg/trunk@8795 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'mod/groups/start.php')
| -rw-r--r-- | mod/groups/start.php | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/mod/groups/start.php b/mod/groups/start.php index 18fb9abd5..e04485bb2 100644 --- a/mod/groups/start.php +++ b/mod/groups/start.php @@ -392,13 +392,15 @@ function groups_read_acl_plugin_hook($hook, $entity_type, $returnvalue, $params) */ function groups_write_acl_plugin_hook($hook, $entity_type, $returnvalue, $params) { $page_owner = elgg_get_page_owner_entity(); - if (!$loggedin = elgg_get_logged_in_user_entity()) { + $user_guid = $params['user_id']; + $user = get_entity($user_guid); + if (!$user) { return $returnvalue; } // only insert group access for current group - if ($page_owner instanceof ElggGroup && $loggedin) { - if ($page_owner->isMember($loggedin)) { + if ($page_owner instanceof ElggGroup) { + if ($page_owner->canWriteToContainer($user_guid)) { $returnvalue[$page_owner->group_acl] = elgg_echo('groups:group') . ': ' . $page_owner->name; unset($returnvalue[ACCESS_FRIENDS]); @@ -408,7 +410,7 @@ function groups_write_acl_plugin_hook($hook, $entity_type, $returnvalue, $params // this won't be a problem once the group itself owns the acl. $groups = elgg_get_entities_from_relationship(array( 'relationship' => 'member', - 'relationship_guid' => $loggedin->getGUID(), + 'relationship_guid' => $user_guid, 'inverse_relationship' => FALSE, 'limit' => 999 )); @@ -707,7 +709,7 @@ function discussion_add_to_river_menu($hook, $type, $return, $params) { if (elgg_instanceof($object, 'object', 'groupforumtopic')) { if ($item->annotation_id == 0) { $group = $object->getContainerEntity(); - if ($group->isMember() || elgg_is_admin_logged_in()) { + if ($group->canWriteToContainer() || elgg_is_admin_logged_in()) { $options = array( 'name' => 'reply', 'href' => "#groups-reply-$object->guid", |