diff options
author | Cash Costello <cash.costello@gmail.com> | 2012-06-26 17:01:23 -0700 |
---|---|---|
committer | Cash Costello <cash.costello@gmail.com> | 2012-06-26 17:01:23 -0700 |
commit | 264d3643f2c76bedf875e3c586055d9f5ee14132 (patch) | |
tree | ee3f3c09cad0e22ff54db8dbc62026d1c6d2d800 /mod | |
parent | 91d3da6284490c32c595bb94f112fe30982bdb6c (diff) | |
parent | 4d8c3b75e36c45d5dd8b9d56338f7b303ea0a4fa (diff) | |
download | elgg-264d3643f2c76bedf875e3c586055d9f5ee14132.tar.gz elgg-264d3643f2c76bedf875e3c586055d9f5ee14132.tar.bz2 |
Merge pull request #280 from mrclay/4138-notifications
Fixes #4138: Admin can edit any users' notifications
Diffstat (limited to 'mod')
11 files changed, 133 insertions, 48 deletions
diff --git a/mod/notifications/actions/groupsave.php b/mod/notifications/actions/groupsave.php index c304cb856..7838f7e63 100644 --- a/mod/notifications/actions/groupsave.php +++ b/mod/notifications/actions/groupsave.php @@ -6,27 +6,42 @@ * @package ElggNotifications */ -// Load important global vars -global $NOTIFICATION_HANDLERS; +$current_user = elgg_get_logged_in_user_entity(); + +$guid = (int) get_input('guid', 0); +if (!$guid || !($user = get_entity($guid))) { + forward(); +} +if (($user->guid != $current_user->guid) && !$current_user->isAdmin()) { + forward(); +} // Get group memberships and condense them down to an array of guids $groups = array(); -if ($groupmemberships = elgg_get_entities_from_relationship(array('relationship' => 'member', 'relationship_guid' => elgg_get_logged_in_user_guid(), 'types' => 'group', 'limit' => 9999))) { +$options = array( + 'relationship' => 'member', + 'relationship_guid' => $user->guid, + 'types' => 'group', + 'limit' => 9999, +); +if ($groupmemberships = elgg_get_entities_from_relationship($options)) { foreach($groupmemberships as $groupmembership) { $groups[] = $groupmembership->guid; } -} +} +// Load important global vars +global $NOTIFICATION_HANDLERS; foreach($NOTIFICATION_HANDLERS as $method => $foo) { $subscriptions[$method] = get_input($method.'subscriptions'); $personal[$method] = get_input($method.'personal'); $collections[$method] = get_input($method.'collections'); if (!empty($groups)) { foreach($groups as $group) { - if (in_array($group,$subscriptions[$method])) { - add_entity_relationship(elgg_get_logged_in_user_guid(), 'notify'.$method, $group); + if (in_array($group, $subscriptions[$method])) { + add_entity_relationship($user->guid, 'notify'.$method, $group); } else { - remove_entity_relationship(elgg_get_logged_in_user_guid(), 'notify'.$method, $group); + remove_entity_relationship($user->guid, 'notify'.$method, $group); } } } diff --git a/mod/notifications/actions/save.php b/mod/notifications/actions/save.php index 163b656aa..3fe0001a3 100644 --- a/mod/notifications/actions/save.php +++ b/mod/notifications/actions/save.php @@ -6,9 +6,18 @@ * @package ElggNotifications */ -$user = elgg_get_logged_in_user_entity(); +$current_user = elgg_get_logged_in_user_entity(); + +$guid = (int) get_input('guid', 0); +if (!$guid || !($user = get_entity($guid))) { + forward(); +} +if (($user->guid != $current_user->guid) && !$current_user->isAdmin()) { + forward(); +} global $NOTIFICATION_HANDLERS; +$subscriptions = array(); foreach($NOTIFICATION_HANDLERS as $method => $foo) { $subscriptions[$method] = get_input($method.'subscriptions'); $personal[$method] = get_input($method.'personal'); diff --git a/mod/notifications/groups.php b/mod/notifications/groups.php index 45fb94e83..3347d4054 100644 --- a/mod/notifications/groups.php +++ b/mod/notifications/groups.php @@ -3,16 +3,16 @@ * Elgg notifications plugin group index * * @package ElggNotifications + * + * @uses $user ElggUser */ -// Load Elgg framework -require_once(dirname(dirname(dirname(__FILE__))) . '/engine/start.php'); - -// Ensure only logged-in users can see this page -gatekeeper(); +if (!isset($user) || !($user instanceof ElggUser)) { + $url = 'notifications/group/' . elgg_get_logged_in_user_entity()->username; + forward($url); +} -elgg_set_page_owner_guid(elgg_get_logged_in_user_guid()); -$user = elgg_get_page_owner_entity(); +elgg_set_page_owner_guid($user->guid); // Set the context to settings elgg_set_context('settings'); @@ -27,12 +27,15 @@ $people = array(); $groupmemberships = elgg_get_entities_from_relationship(array( 'relationship' => 'member', - 'relationship_guid' => elgg_get_logged_in_user_guid(), + 'relationship_guid' => $user->guid, 'types' => 'group', 'limit' => 9999, )); -$body = elgg_view_form('notificationsettings/groupsave', array(), array('groups' => $groupmemberships)); +$body = elgg_view_form('notificationsettings/groupsave', array(), array( + 'groups' => $groupmemberships, + 'user' => $user, +)); $params = array( 'content' => $body, diff --git a/mod/notifications/index.php b/mod/notifications/index.php index 882389fde..cd1857f04 100644 --- a/mod/notifications/index.php +++ b/mod/notifications/index.php @@ -3,16 +3,16 @@ * Elgg notifications plugin index * * @package ElggNotifications + * + * @uses $user ElggUser */ -// Load Elgg framework -require_once(dirname(dirname(dirname(__FILE__))) . '/engine/start.php'); - -// Ensure only logged-in users can see this page -gatekeeper(); +if (!isset($user) || !($user instanceof ElggUser)) { + $url = 'notifications/personal/' . elgg_get_logged_in_user_entity()->username; + forward($url); +} -elgg_set_page_owner_guid(elgg_get_logged_in_user_guid()); -$user = elgg_get_page_owner_entity(); +elgg_set_page_owner_guid($user->guid); // Set the context to settings elgg_set_context('settings'); @@ -26,7 +26,7 @@ elgg_push_breadcrumb($title); $people = array(); if ($people_ents = elgg_get_entities_from_relationship(array( 'relationship' => 'notify', - 'relationship_guid' => elgg_get_logged_in_user_guid(), + 'relationship_guid' => $user->guid, 'types' => 'user', 'limit' => 99999, ))) { @@ -36,7 +36,10 @@ if ($people_ents = elgg_get_entities_from_relationship(array( } } -$body = elgg_view('notifications/subscriptions/form', array('people' => $people)); +$body = elgg_view('notifications/subscriptions/form', array( + 'people' => $people, + 'user' => $user, +)); $params = array( 'content' => $body, diff --git a/mod/notifications/start.php b/mod/notifications/start.php index 761f17e40..d5d418f0f 100644 --- a/mod/notifications/start.php +++ b/mod/notifications/start.php @@ -40,13 +40,25 @@ function notifications_plugin_init() { */ function notifications_page_handler($page) { + gatekeeper(); + $current_user = elgg_get_logged_in_user_entity(); + // default to personal notifications if (!isset($page[0])) { $page[0] = 'personal'; } + if (!isset($page[1])) { + forward("notifications/{$page[0]}/{$current_user->username}"); + } + + $user = get_user_by_username($page[1]); + if (($user->guid != $current_user->guid) && !$current_user->isAdmin()) { + forward(); + } $base = elgg_get_plugins_path() . 'notifications'; + // note: $user passed in switch ($page[0]) { case 'group': require "$base/groups.php"; @@ -66,12 +78,16 @@ function notifications_page_handler($page) { */ function notifications_plugin_pagesetup() { if (elgg_get_context() == "settings" && elgg_get_logged_in_user_guid()) { - $user = elgg_get_logged_in_user_entity(); + + $user = elgg_get_page_owner_entity(); + if (!$user) { + $user = elgg_get_logged_in_user_entity(); + } $params = array( 'name' => '2_a_user_notify', 'text' => elgg_echo('notifications:subscriptions:changesettings'), - 'href' => "notifications/personal", + 'href' => "notifications/personal/{$user->username}", ); elgg_register_menu_item('page', $params); @@ -79,7 +95,7 @@ function notifications_plugin_pagesetup() { $params = array( 'name' => '2_group_notify', 'text' => elgg_echo('notifications:subscriptions:changesettings:groups'), - 'href' => "notifications/group", + 'href' => "notifications/group/{$user->username}", ); elgg_register_menu_item('page', $params); } diff --git a/mod/notifications/views/default/forms/notificationsettings/groupsave.php b/mod/notifications/views/default/forms/notificationsettings/groupsave.php index 61b94ff8b..168639ab2 100644 --- a/mod/notifications/views/default/forms/notificationsettings/groupsave.php +++ b/mod/notifications/views/default/forms/notificationsettings/groupsave.php @@ -3,13 +3,18 @@ * Elgg notifications groups subscription form * * @package ElggNotifications + * + * @uses $vars['user'] ElggUser */ +/* @var ElggUser $user */ +$user = $vars['user']; + global $NOTIFICATION_HANDLERS; foreach ($NOTIFICATION_HANDLERS as $method => $foo) { $subsbig[$method] = elgg_get_entities_from_relationship(array( 'relationship' => 'notify' . $method, - 'relationship_guid' => elgg_get_logged_in_user_guid(), + 'relationship_guid' => $user->guid, 'types' => 'group', 'limit' => 99999, )); @@ -97,6 +102,7 @@ END; <?php } echo '<div class="elgg-foot mtm">'; + echo elgg_view('input/hidden', array('name' => 'guid', 'value' => $user->guid)); echo elgg_view('input/submit', array('value' => elgg_echo('save'))); echo '</div>'; diff --git a/mod/notifications/views/default/forms/notificationsettings/save.php b/mod/notifications/views/default/forms/notificationsettings/save.php index ff32d8558..9470256ca 100644 --- a/mod/notifications/views/default/forms/notificationsettings/save.php +++ b/mod/notifications/views/default/forms/notificationsettings/save.php @@ -1,13 +1,21 @@ <?php /** * Personal notifications form body + * + * @uses $vars['user'] ElggUser */ -echo elgg_view('notifications/subscriptions/personal'); -echo elgg_view('notifications/subscriptions/collections'); -echo elgg_view('notifications/subscriptions/forminternals'); +/* @var ElggUser $user */ +$user = $vars['user']; + +echo elgg_view('notifications/subscriptions/personal', $vars); +echo elgg_view('notifications/subscriptions/collections', $vars); +echo elgg_view('notifications/subscriptions/forminternals', $vars); ?> <div class="elgg-foot"> -<?php echo elgg_view('input/submit', array('value' => elgg_echo('save'))); ?> +<?php +echo elgg_view('input/hidden', array('name' => 'guid', 'value' => $user->guid)); +echo elgg_view('input/submit', array('value' => elgg_echo('save'))); +?> </div> diff --git a/mod/notifications/views/default/notifications/subscriptions/collections.php b/mod/notifications/views/default/notifications/subscriptions/collections.php index 28d9fb5b8..b8787570d 100644 --- a/mod/notifications/views/default/notifications/subscriptions/collections.php +++ b/mod/notifications/views/default/notifications/subscriptions/collections.php @@ -1,4 +1,12 @@ -<?php //@todo JS 1.8: no ?> +<?php +/** + * @uses $vars['user'] ElggUser + */ + +/* @var ElggUser $user */ +$user = $vars['user']; + +//@todo JS 1.8: no ?> <script type="text/javascript"> function setCollection(members, method, id) { @@ -42,7 +50,7 @@ </tr> <?php $members = array(); - if ($friends = get_user_friends(elgg_get_logged_in_user_guid(), '', 9999, 0)) { + if ($friends = get_user_friends($user->guid, '', 9999, 0)) { foreach($friends as $friend) { $members[] = $friend->guid; } @@ -63,7 +71,7 @@ $i = 0; foreach($NOTIFICATION_HANDLERS as $method => $foo) { $metaname = 'collections_notifications_preferences_' . $method; - if ($collections_preferences = elgg_get_logged_in_user_entity()->$metaname) { + if ($collections_preferences = $user->$metaname) { if (!empty($collections_preferences) && !is_array($collections_preferences)) { $collections_preferences = array($collections_preferences); } diff --git a/mod/notifications/views/default/notifications/subscriptions/form.php b/mod/notifications/views/default/notifications/subscriptions/form.php index f2f6238f9..559354eff 100644 --- a/mod/notifications/views/default/notifications/subscriptions/form.php +++ b/mod/notifications/views/default/notifications/subscriptions/form.php @@ -1,11 +1,12 @@ <?php /** * Elgg personal notifications + * + * @uses $vars['user'] ElggUser that owns the notification settings */ - -echo elgg_view('subscriptions/form/additions',$vars); - -// Display a description +// @todo is this a view for extensions? +echo elgg_view('subscriptions/form/additions', $vars); -echo elgg_view_form('notificationsettings/save', array('class' => 'elgg-form-alt')); +$form_vars = array('class' => 'elgg-form-alt'); +echo elgg_view_form('notificationsettings/save', $form_vars, $vars); diff --git a/mod/notifications/views/default/notifications/subscriptions/forminternals.php b/mod/notifications/views/default/notifications/subscriptions/forminternals.php index e89ce02be..11f266303 100644 --- a/mod/notifications/views/default/notifications/subscriptions/forminternals.php +++ b/mod/notifications/views/default/notifications/subscriptions/forminternals.php @@ -1,8 +1,13 @@ <?php /** * Hacked up friends picker that needs to be replaced + * + * @uses $vars['user'] ElggUser */ +/* @var ElggUser $user */ +$user = $vars['user']; + elgg_load_js('elgg.friendspicker'); elgg_load_js('jquery.easing'); @@ -19,11 +24,16 @@ elgg_load_js('jquery.easing'); <?php // Get friends and subscriptions -$friends = get_user_friends(elgg_get_logged_in_user_guid(),'',9999,0); +$friends = get_user_friends($user->guid, '', 9999, 0); global $NOTIFICATION_HANDLERS; foreach($NOTIFICATION_HANDLERS as $method => $foo) { - $subsbig[$method] = elgg_get_entities_from_relationship(array('relationship' => 'notify' . $method, 'relationship_guid' => elgg_get_logged_in_user_guid(), 'types' => 'user', 'limit' => 99999)); + $subsbig[$method] = elgg_get_entities_from_relationship(array( + 'relationship' => 'notify' . $method, + 'relationship_guid' => $user->guid, + 'types' => 'user', + 'limit' => 99999, + )); } $subs = array(); @@ -88,9 +98,9 @@ if (isset($vars['formtarget'])) { // Sort users by letter if (is_array($friends) && sizeof($friends)) { - foreach($friends as $user) { + foreach($friends as $friend) { - $letter = elgg_substr($user->name,0,1); + $letter = elgg_substr($friend->name,0,1); $letter = elgg_strtoupper($letter); if (!elgg_substr_count($chararray,$letter)) { $letter = "*"; @@ -98,7 +108,7 @@ if (is_array($friends) && sizeof($friends)) { if (!isset($users[$letter])) { $users[$letter] = array(); } - $users[$letter][$user->guid] = $user; + $users[$letter][$friend->guid] = $friend; } } diff --git a/mod/notifications/views/default/notifications/subscriptions/personal.php b/mod/notifications/views/default/notifications/subscriptions/personal.php index 7dac908fc..cf05426e2 100644 --- a/mod/notifications/views/default/notifications/subscriptions/personal.php +++ b/mod/notifications/views/default/notifications/subscriptions/personal.php @@ -1,4 +1,10 @@ <?php +/** + * @uses $vars['user'] ElggUser + */ + +/* @var ElggUser $user */ +$user = $vars['user']; global $NOTIFICATION_HANDLERS; @@ -40,7 +46,7 @@ foreach($NOTIFICATION_HANDLERS as $method => $foo) { $fields = ''; $i = 0; foreach($NOTIFICATION_HANDLERS as $method => $foo) { - if ($notification_settings = get_user_notification_settings(elgg_get_logged_in_user_guid())) { + if ($notification_settings = get_user_notification_settings($user->guid)) { if ($notification_settings->$method) { $personalchecked[$method] = 'checked="checked"'; } else { |