diff options
Diffstat (limited to 'mod/groups/actions')
| -rw-r--r-- | mod/groups/actions/discussion/reply/save.php | 6 | ||||
| -rw-r--r-- | mod/groups/actions/discussion/save.php | 2 | ||||
| -rw-r--r-- | mod/groups/actions/groups/edit.php | 20 | ||||
| -rw-r--r-- | mod/groups/actions/groups/membership/delete_invite.php | 4 |
4 files changed, 19 insertions, 13 deletions
diff --git a/mod/groups/actions/discussion/reply/save.php b/mod/groups/actions/discussion/reply/save.php index a1ed036b6..f8be8aa2c 100644 --- a/mod/groups/actions/discussion/reply/save.php +++ b/mod/groups/actions/discussion/reply/save.php @@ -4,8 +4,6 @@ * */ -gatekeeper(); - // Get input $entity_guid = (int) get_input('entity_guid'); $text = get_input('group_topic_post'); @@ -23,10 +21,10 @@ if (!$topic) { forward(REFERER); } -$user = get_loggedin_user(); +$user = elgg_get_logged_in_user_entity(); $group = $topic->getContainerEntity(); -if (!$group->canWriteToContainer($user)) { +if (!$group->canWriteToContainer()) { register_error(elgg_echo('groups:notmember')); forward(REFERER); } diff --git a/mod/groups/actions/discussion/save.php b/mod/groups/actions/discussion/save.php index a51775cd6..de4afadfb 100644 --- a/mod/groups/actions/discussion/save.php +++ b/mod/groups/actions/discussion/save.php @@ -21,7 +21,7 @@ if (!$title || !$desc) { } $container = get_entity($container_guid); -if (!$container || !$container->canWriteToContainer()) { +if (!$container || !$container->canWriteToContainer(0, 'object', 'groupforumtopic')) { register_error(elgg_echo('discussion:error:permissions')); forward(REFERER); } diff --git a/mod/groups/actions/groups/edit.php b/mod/groups/actions/groups/edit.php index c4cf6667e..b513a6098 100644 --- a/mod/groups/actions/groups/edit.php +++ b/mod/groups/actions/groups/edit.php @@ -89,14 +89,10 @@ if ($new_group_flag) { $group->save(); -// group creator needs to be member of new group and river entry created -if ($new_group_flag) { - elgg_set_page_owner_guid($group->guid); - $group->join($user); - add_to_river('river/group/create', 'create', $user->guid, $group->guid); -} - // Invisible group support +// @todo this requires save to be called to create the acl for the group. This +// is an odd requirement and should be removed. Either the acl creation happens +// in the action or the visibility moves to a plugin hook if (elgg_get_plugin_setting('hidden_groups', 'groups') == 'yes') { $visibility = (int)get_input('vis', '', false); if ($visibility != ACCESS_PUBLIC && $visibility != ACCESS_LOGGED_IN) { @@ -105,10 +101,18 @@ if (elgg_get_plugin_setting('hidden_groups', 'groups') == 'yes') { if ($group->access_id != $visibility) { $group->access_id = $visibility; - $group->save(); } } +$group->save(); + +// group creator needs to be member of new group and river entry created +if ($new_group_flag) { + elgg_set_page_owner_guid($group->guid); + $group->join($user); + add_to_river('river/group/create', 'create', $user->guid, $group->guid, $group->access_id); +} + // Now see if we have a file icon if ((isset($_FILES['icon'])) && (substr_count($_FILES['icon']['type'],'image/'))) { diff --git a/mod/groups/actions/groups/membership/delete_invite.php b/mod/groups/actions/groups/membership/delete_invite.php index 4b654f0b6..d21aa0309 100644 --- a/mod/groups/actions/groups/membership/delete_invite.php +++ b/mod/groups/actions/groups/membership/delete_invite.php @@ -9,7 +9,11 @@ $user_guid = get_input('user_guid', elgg_get_logged_in_user_guid()); $group_guid = get_input('group_guid'); $user = get_entity($user_guid); + +// invisible groups require overriding access to delete invite +$old_access = elgg_set_ignore_access(true); $group = get_entity($group_guid); +elgg_set_ignore_access($old_access); // If join request made if (check_entity_relationship($group->guid, 'invited', $user->guid)) { |