aboutsummaryrefslogtreecommitdiff
path: root/mod/groups/actions
diff options
context:
space:
mode:
Diffstat (limited to 'mod/groups/actions')
-rw-r--r--mod/groups/actions/discussion/reply/save.php6
-rw-r--r--mod/groups/actions/discussion/save.php2
-rw-r--r--mod/groups/actions/groups/edit.php20
-rw-r--r--mod/groups/actions/groups/membership/delete_invite.php4
4 files changed, 19 insertions, 13 deletions
diff --git a/mod/groups/actions/discussion/reply/save.php b/mod/groups/actions/discussion/reply/save.php
index a1ed036b6..f8be8aa2c 100644
--- a/mod/groups/actions/discussion/reply/save.php
+++ b/mod/groups/actions/discussion/reply/save.php
@@ -4,8 +4,6 @@
*
*/
-gatekeeper();
-
// Get input
$entity_guid = (int) get_input('entity_guid');
$text = get_input('group_topic_post');
@@ -23,10 +21,10 @@ if (!$topic) {
forward(REFERER);
}
-$user = get_loggedin_user();
+$user = elgg_get_logged_in_user_entity();
$group = $topic->getContainerEntity();
-if (!$group->canWriteToContainer($user)) {
+if (!$group->canWriteToContainer()) {
register_error(elgg_echo('groups:notmember'));
forward(REFERER);
}
diff --git a/mod/groups/actions/discussion/save.php b/mod/groups/actions/discussion/save.php
index a51775cd6..de4afadfb 100644
--- a/mod/groups/actions/discussion/save.php
+++ b/mod/groups/actions/discussion/save.php
@@ -21,7 +21,7 @@ if (!$title || !$desc) {
}
$container = get_entity($container_guid);
-if (!$container || !$container->canWriteToContainer()) {
+if (!$container || !$container->canWriteToContainer(0, 'object', 'groupforumtopic')) {
register_error(elgg_echo('discussion:error:permissions'));
forward(REFERER);
}
diff --git a/mod/groups/actions/groups/edit.php b/mod/groups/actions/groups/edit.php
index c4cf6667e..b513a6098 100644
--- a/mod/groups/actions/groups/edit.php
+++ b/mod/groups/actions/groups/edit.php
@@ -89,14 +89,10 @@ if ($new_group_flag) {
$group->save();
-// group creator needs to be member of new group and river entry created
-if ($new_group_flag) {
- elgg_set_page_owner_guid($group->guid);
- $group->join($user);
- add_to_river('river/group/create', 'create', $user->guid, $group->guid);
-}
-
// Invisible group support
+// @todo this requires save to be called to create the acl for the group. This
+// is an odd requirement and should be removed. Either the acl creation happens
+// in the action or the visibility moves to a plugin hook
if (elgg_get_plugin_setting('hidden_groups', 'groups') == 'yes') {
$visibility = (int)get_input('vis', '', false);
if ($visibility != ACCESS_PUBLIC && $visibility != ACCESS_LOGGED_IN) {
@@ -105,10 +101,18 @@ if (elgg_get_plugin_setting('hidden_groups', 'groups') == 'yes') {
if ($group->access_id != $visibility) {
$group->access_id = $visibility;
- $group->save();
}
}
+$group->save();
+
+// group creator needs to be member of new group and river entry created
+if ($new_group_flag) {
+ elgg_set_page_owner_guid($group->guid);
+ $group->join($user);
+ add_to_river('river/group/create', 'create', $user->guid, $group->guid, $group->access_id);
+}
+
// Now see if we have a file icon
if ((isset($_FILES['icon'])) && (substr_count($_FILES['icon']['type'],'image/'))) {
diff --git a/mod/groups/actions/groups/membership/delete_invite.php b/mod/groups/actions/groups/membership/delete_invite.php
index 4b654f0b6..d21aa0309 100644
--- a/mod/groups/actions/groups/membership/delete_invite.php
+++ b/mod/groups/actions/groups/membership/delete_invite.php
@@ -9,7 +9,11 @@ $user_guid = get_input('user_guid', elgg_get_logged_in_user_guid());
$group_guid = get_input('group_guid');
$user = get_entity($user_guid);
+
+// invisible groups require overriding access to delete invite
+$old_access = elgg_set_ignore_access(true);
$group = get_entity($group_guid);
+elgg_set_ignore_access($old_access);
// If join request made
if (check_entity_relationship($group->guid, 'invited', $user->guid)) {