From bcd5b0e59e4ea7191475e30397578859315cf2bb Mon Sep 17 00:00:00 2001
From: Cash Costello <cash.costello@gmail.com>
Date: Sun, 1 Jul 2012 22:28:56 -0400
Subject: Fixes #3955 removes public access from walled gardens - maintains
 groups functionality

---
 engine/classes/ElggSite.php | 26 ++++++++++++++++++--------
 engine/lib/elgglib.php      | 16 ++++++++++++++++
 2 files changed, 34 insertions(+), 8 deletions(-)

diff --git a/engine/classes/ElggSite.php b/engine/classes/ElggSite.php
index e793ab9c6..401939005 100644
--- a/engine/classes/ElggSite.php
+++ b/engine/classes/ElggSite.php
@@ -381,14 +381,24 @@ class ElggSite extends ElggEntity {
 	public function checkWalledGarden() {
 		global $CONFIG;
 
-		if ($CONFIG->walled_garden && !elgg_is_logged_in()) {
-			// hook into the index system call at the highest priority
-			elgg_register_plugin_hook_handler('index', 'system', 'elgg_walled_garden_index', 1);
-
-			if (!$this->isPublicPage()) {
-				$_SESSION['last_forward_from'] = current_page_url();
-				register_error(elgg_echo('loggedinrequired'));
-				forward();
+		if ($CONFIG->walled_garden) {
+			if ($CONFIG->default_access == ACCESS_PUBLIC) {
+				$CONFIG->default_access = ACCESS_LOGGED_IN;
+			}
+			elgg_register_plugin_hook_handler(
+					'access:collections:write',
+					'user',
+					'_elgg_walled_garden_remove_public_access');
+
+			if (!elgg_is_logged_in()) {
+				// hook into the index system call at the highest priority
+				elgg_register_plugin_hook_handler('index', 'system', 'elgg_walled_garden_index', 1);
+
+				if (!$this->isPublicPage()) {
+					$_SESSION['last_forward_from'] = current_page_url();
+					register_error(elgg_echo('loggedinrequired'));
+					forward();
+				}
 			}
 		}
 	}
diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php
index 0c42c1c08..3026a78e3 100644
--- a/engine/lib/elgglib.php
+++ b/engine/lib/elgglib.php
@@ -2097,6 +2097,22 @@ function elgg_walled_garden() {
 	}
 }
 
+/**
+ * Remove public access for walled gardens
+ *
+ * @param string $hook
+ * @param string $type
+ * @param array $accesses
+ * @return array
+ * @access private
+ */
+function _elgg_walled_garden_remove_public_access($hook, $type, $accesses) {
+	if (isset($accesses[ACCESS_PUBLIC])) {
+		unset($accesses[ACCESS_PUBLIC]);
+	}
+	return $accesses;
+}
+
 /**
  * Boots the engine
  *
-- 
cgit v1.2.3