From 5ca5347e6cc1d2a71412495b2bc2898fd12292e7 Mon Sep 17 00:00:00 2001 From: ben Date: Thu, 7 Aug 2008 16:16:46 +0000 Subject: Fixed access permissions wrt groups git-svn-id: https://code.elgg.org/elgg/trunk@1765 36083f99-b078-4883-b0ff-0f9b5a30f544 --- engine/lib/access.php | 11 +++++++++-- mod/groups/start.php | 8 ++++---- mod/profile/start.php | 2 +- 3 files changed, 14 insertions(+), 7 deletions(-) diff --git a/engine/lib/access.php b/engine/lib/access.php index d9f48e6e2..b290700eb 100644 --- a/engine/lib/access.php +++ b/engine/lib/access.php @@ -278,7 +278,11 @@ $user_guid = (int) $user_guid; $collections = get_write_access_array(); - if (array_key_exists($collection_id, $collections) && $user = get_user($user_guid)) { + if (!($collection = get_access_collection($collection_id))) + return false; + + if ((array_key_exists($collection_id, $collections) || $collection->owner_guid == 0) + && $user = get_user($user_guid)) { global $CONFIG; insert_data("insert into {$CONFIG->dbprefix}access_collection_membership set access_collection_id = {$collection_id}, user_guid = {$user_guid}"); @@ -303,7 +307,10 @@ $user_guid = (int) $user_guid; $collections = get_write_access_array(); - if (array_key_exists($collection_id, $collections) && $user = get_user($user_guid)) { + if (!($collection = get_access_collection($collection_id))) + return false; + + if ((array_key_exists($collection_id, $collections) || $collection->owner_guid == 0) && $user = get_user($user_guid)) { global $CONFIG; delete_data("delete from {$CONFIG->dbprefix}access_collection_membership where access_collection_id = {$collection_id} and user_guid = {$user_guid}"); diff --git a/mod/groups/start.php b/mod/groups/start.php index 7fb7205b0..88cdef8d1 100644 --- a/mod/groups/start.php +++ b/mod/groups/start.php @@ -211,8 +211,8 @@ */ function groups_create_event_listener($event, $object_type, $object) { - if (($event == 'create') && ($object_type == 'group') && ($object instanceof ElggGroup)) - { + //if (($event == 'create') && ($object_type == 'group') && ($object instanceof ElggGroup)) + //{ $group_id = create_access_collection(elgg_echo('groups:group') . ": " . $object->name); if ($group_id) { @@ -220,7 +220,7 @@ } else return false; - } + //} return true; } @@ -283,7 +283,7 @@ $group = $object['group']; $user = $object['user']; $acl = $group->group_acl; - + add_user_to_access_collection($user->guid, $acl); return true; diff --git a/mod/profile/start.php b/mod/profile/start.php index e8e8b57dd..55535f492 100644 --- a/mod/profile/start.php +++ b/mod/profile/start.php @@ -60,7 +60,7 @@ // Extend context menu with admin links if (isadminloggedin()) { - extend_view('profile/menu/links','profile/menu/adminlinks'); + extend_view('profile/menu/links','profile/menu/adminlinks',0); } } -- cgit v1.2.3