diff options
Diffstat (limited to 'mod')
| -rw-r--r-- | mod/blog/lib/blog.php | 2 | ||||
| -rw-r--r-- | mod/groups/actions/discussion/reply/save.php | 2 | ||||
| -rw-r--r-- | mod/groups/actions/discussion/save.php | 2 | ||||
| -rw-r--r-- | mod/groups/languages/en.php | 1 | ||||
| -rw-r--r-- | mod/groups/lib/discussion.php | 11 | ||||
| -rw-r--r-- | mod/groups/start.php | 12 | ||||
| -rw-r--r-- | mod/groups/views/default/river/object/groupforumtopic/create.php | 2 |
7 files changed, 20 insertions, 12 deletions
diff --git a/mod/blog/lib/blog.php b/mod/blog/lib/blog.php index df307d70e..83e6c84ee 100644 --- a/mod/blog/lib/blog.php +++ b/mod/blog/lib/blog.php @@ -87,7 +87,7 @@ function blog_get_page_content_list($container_guid = NULL) { if (elgg_instanceof($container, 'group')) { $return['filter'] = ''; - if ($container->isMember(elgg_get_logged_in_user_entity())) { + if ($container->canWriteToContainer()) { $url = "blog/add/$container->guid"; $params = array( 'href' => $url, diff --git a/mod/groups/actions/discussion/reply/save.php b/mod/groups/actions/discussion/reply/save.php index e535856da..109938dbb 100644 --- a/mod/groups/actions/discussion/reply/save.php +++ b/mod/groups/actions/discussion/reply/save.php @@ -25,7 +25,7 @@ if (!$topic) { $user = get_loggedin_user(); $group = $topic->getContainerEntity(); -if (!$group->isMember($user)) { +if (!$group->canWriteToContainer($user)) { register_error(elgg_echo('groups:notmember')); forward(REFERER); } diff --git a/mod/groups/actions/discussion/save.php b/mod/groups/actions/discussion/save.php index 0b5d3b51c..a51775cd6 100644 --- a/mod/groups/actions/discussion/save.php +++ b/mod/groups/actions/discussion/save.php @@ -21,7 +21,7 @@ if (!$title || !$desc) { } $container = get_entity($container_guid); -if (!$container || (!$container->isMember() && !$container->canEdit())) { +if (!$container || !$container->canWriteToContainer()) { register_error(elgg_echo('discussion:error:permissions')); forward(REFERER); } diff --git a/mod/groups/languages/en.php b/mod/groups/languages/en.php index dbdc0a128..50baeb8c7 100644 --- a/mod/groups/languages/en.php +++ b/mod/groups/languages/en.php @@ -38,6 +38,7 @@ $english = array( 'groups:widget:membership' => 'Group membership', 'groups:widgets:description' => 'Display the groups you are a member of on your profile', 'groups:noaccess' => 'No access to group', + 'groups:permissions:error' => 'You do not have the permissions for this', 'groups:ingroup' => 'in the group', 'groups:cantedit' => 'You can not edit this group', 'groups:saved' => 'Group saved', diff --git a/mod/groups/lib/discussion.php b/mod/groups/lib/discussion.php index fb70d6c00..1813c87aa 100644 --- a/mod/groups/lib/discussion.php +++ b/mod/groups/lib/discussion.php @@ -67,7 +67,7 @@ function discussion_handle_list_page($guid) { 'filter' => '', ); - if (!$group->isMember() && !$group->canEdit()) { + if (!$group->canWriteToContainer()) { $params['buttons'] = ''; } @@ -91,7 +91,12 @@ function discussion_handle_edit_page($type, $guid) { register_error(elgg_echo('group:notfound')); forward(); } - group_gatekeeper(); + + // make sure user has permissions to write to container + if (!$group->canWriteToContainer()) { + register_error(elgg_echo('groups:permissions:error')); + forward($group->getURL()); + } $title = elgg_echo('groups:addtopic'); @@ -169,7 +174,7 @@ function discussion_handle_view_page($guid) { 'show_add_form' => false, )); $content .= elgg_view('discussion/closed'); - } elseif ($group->isMember() || elgg_is_admin_logged_in()) { + } elseif ($group->canWriteToContainer() || elgg_is_admin_logged_in()) { $content .= elgg_view('discussion/replies', array( 'entity' => $topic, 'show_add_form' => true, diff --git a/mod/groups/start.php b/mod/groups/start.php index 18fb9abd5..e04485bb2 100644 --- a/mod/groups/start.php +++ b/mod/groups/start.php @@ -392,13 +392,15 @@ function groups_read_acl_plugin_hook($hook, $entity_type, $returnvalue, $params) */ function groups_write_acl_plugin_hook($hook, $entity_type, $returnvalue, $params) { $page_owner = elgg_get_page_owner_entity(); - if (!$loggedin = elgg_get_logged_in_user_entity()) { + $user_guid = $params['user_id']; + $user = get_entity($user_guid); + if (!$user) { return $returnvalue; } // only insert group access for current group - if ($page_owner instanceof ElggGroup && $loggedin) { - if ($page_owner->isMember($loggedin)) { + if ($page_owner instanceof ElggGroup) { + if ($page_owner->canWriteToContainer($user_guid)) { $returnvalue[$page_owner->group_acl] = elgg_echo('groups:group') . ': ' . $page_owner->name; unset($returnvalue[ACCESS_FRIENDS]); @@ -408,7 +410,7 @@ function groups_write_acl_plugin_hook($hook, $entity_type, $returnvalue, $params // this won't be a problem once the group itself owns the acl. $groups = elgg_get_entities_from_relationship(array( 'relationship' => 'member', - 'relationship_guid' => $loggedin->getGUID(), + 'relationship_guid' => $user_guid, 'inverse_relationship' => FALSE, 'limit' => 999 )); @@ -707,7 +709,7 @@ function discussion_add_to_river_menu($hook, $type, $return, $params) { if (elgg_instanceof($object, 'object', 'groupforumtopic')) { if ($item->annotation_id == 0) { $group = $object->getContainerEntity(); - if ($group->isMember() || elgg_is_admin_logged_in()) { + if ($group->canWriteToContainer() || elgg_is_admin_logged_in()) { $options = array( 'name' => 'reply', 'href' => "#groups-reply-$object->guid", diff --git a/mod/groups/views/default/river/object/groupforumtopic/create.php b/mod/groups/views/default/river/object/groupforumtopic/create.php index 2c914c3f8..ca4747338 100644 --- a/mod/groups/views/default/river/object/groupforumtopic/create.php +++ b/mod/groups/views/default/river/object/groupforumtopic/create.php @@ -34,7 +34,7 @@ if ($excerpt) { echo '</div>'; } -if (elgg_is_logged_in() && $container->isMember(elgg_get_logged_in_user_entity())) { +if (elgg_is_logged_in() && $container->canWriteToContainer()) { // inline comment form echo elgg_view_form('discussion/reply/save', array( 'id' => "groups-reply-{$object->getGUID()}", |