From 002bf98873d8752c120037ff94c72ab8210eedea Mon Sep 17 00:00:00 2001 From: marcus Date: Mon, 9 Feb 2009 15:35:12 +0000 Subject: Refs #640, #282: Recursive deletion of owned and contained entities. git-svn-id: https://code.elgg.org/elgg/trunk@2690 36083f99-b078-4883-b0ff-0f9b5a30f544 --- engine/lib/entities.php | 38 +++++++++++++++++++++++++++++++++++--- 1 file changed, 35 insertions(+), 3 deletions(-) diff --git a/engine/lib/entities.php b/engine/lib/entities.php index e32939ceb..d4c01857b 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -1700,21 +1700,38 @@ * Delete a given entity. * * @param int $guid + * @param bool $recursive If true (default) then all entities which are owned or contained by $guid will also be deleted. + * Note: this bypasses ownership of sub items. */ - function delete_entity($guid) + function delete_entity($guid, $recursive = true) { global $CONFIG; - // TODO Make sure this deletes all metadata/annotations/relationships/etc!! - $guid = (int)$guid; if ($entity = get_entity($guid)) { if (trigger_elgg_event('delete',$entity->type,$entity)) { if ($entity->canEdit()) { + + // Delete contained owned and otherwise releated objects (depth first) + if ($recursive) + { + // Temporary token overriding access controls TODO: Do this better. + static $__RECURSIVE_DELETE_TOKEN; + $__RECURSIVE_DELETE_TOKEN = md5(get_loggedin_userid()); // Make it slightly harder to guess + + $sub_entities = get_data("SELECT * from {$CONFIG->dbprefix}entities WHERE container_guid=$guid or owner_guid=$guid or site_guid=$guid", 'entity_row_to_elggstar'); + foreach ($sub_entities as $e) + $e->delete(); + + $__RECURSIVE_DELETE_TOKEN = null; + } + + // Now delete the entity itself $entity->clearMetadata(); $entity->clearAnnotations(); $entity->clearRelationships(); $res = delete_data("DELETE from {$CONFIG->dbprefix}entities where guid={$guid}"); + return $res; } } @@ -2575,12 +2592,27 @@ return delete_data("DELETE from {$CONFIG->dbprefix}private_settings where entity_guid = {$entity_guid}"); } + function recursive_delete_permissions_check($hook, $entity_type, $returnvalue, $params) + { + static $__RECURSIVE_DELETE_TOKEN; + + $entity = $params['entity']; + + if ((isloggedin()) && ($__RECURSIVE_DELETE_TOKEN) && (strcmp($__RECURSIVE_DELETE_TOKEN, md5(get_loggedin_userid())))) + return true; + + } + /** * Entities init function; establishes the page handler * */ function entities_init() { register_page_handler('view','entities_page_handler'); + + // Allow a permission override for recursive entity deletion + // TODO: Can this be done better? + register_plugin_hook('permissions_check','all','recursive_delete_permissions_check'); } /** Register the import hook */ -- cgit v1.2.3