From 9a53ddf57cdbf557b0d4f21d0fdf01b4b92569c4 Mon Sep 17 00:00:00 2001 From: Brett Profitt Date: Tue, 30 Aug 2011 20:52:12 -0700 Subject: Fixes #3543. Ported access collections fix to master. --- actions/friends/collections/add.php | 36 +++++++++++++++------------------- actions/friends/collections/delete.php | 29 ++++++++------------------- actions/friends/collections/edit.php | 14 ++++++++++--- 3 files changed, 35 insertions(+), 44 deletions(-) (limited to 'actions/friends/collections') diff --git a/actions/friends/collections/add.php b/actions/friends/collections/add.php index 8ec6a085f..1e2bc1d5c 100644 --- a/actions/friends/collections/add.php +++ b/actions/friends/collections/add.php @@ -9,28 +9,24 @@ $collection_name = get_input('collection_name'); $friends = get_input('friends_collection'); -//first check to make sure that a collection name has been set and create the new colection -if ($collection_name) { +if (!$collection_name) { + register_error(elgg_echo("friends:nocollectionname")); + forward(REFERER); +} - //create the collection - $create_collection = create_access_collection($collection_name, elgg_get_logged_in_user_guid()); +$id = create_access_collection($collection_name); - //if the collection was created and the user passed some friends from the form, add them - if ($create_collection && (!empty($friends))) { - //add friends to the collection - foreach ($friends as $friend) { - add_user_to_access_collection($friend, $create_collection); - } +if ($id) { + $result = update_access_collection($id, $friends); + if ($result) { + system_message(elgg_echo("friends:collectionadded")); + // go to the collections page + forward("pg/collections/" . get_loggedin_user()->username); + } else { + register_error(elgg_echo("friends:nocollectionname")); + forward(REFERER); } - - // Success message - system_message(elgg_echo("friends:collectionadded")); - // Forward to the collections page - forward("collections/" . elgg_get_logged_in_user_entity()->username); - } else { register_error(elgg_echo("friends:nocollectionname")); - - // Forward to the add collection page - forward("collections/add"); -} + forward(REFERER); +} \ No newline at end of file diff --git a/actions/friends/collections/delete.php b/actions/friends/collections/delete.php index fe719d74b..ff8f1fb55 100644 --- a/actions/friends/collections/delete.php +++ b/actions/friends/collections/delete.php @@ -8,29 +8,16 @@ $collection_id = (int) get_input('collection'); -// Check to see that the access collection exist and grab its owner -$get_collection = get_access_collection($collection_id); - -if ($get_collection) { - - if ($get_collection->owner_guid == elgg_get_logged_in_user_guid()) { - - $delete_collection = delete_access_collection($collection_id); +// check the ACL exists and we can edit +if (!can_edit_access_collection($collection_id)) { + register_error(elgg_echo("friends:collectiondeletefailed")); + forward(REFERER); +} - // Success message - if ($delete_collection) { - system_message(elgg_echo("friends:collectiondeleted")); - } else { - register_error(elgg_echo("friends:collectiondeletefailed")); - } - } else { - // Failure message - register_error(elgg_echo("friends:collectiondeletefailed")); - } +if (delete_access_collection($collection_id)) { + system_message(elgg_echo("friends:collectiondeleted")); } else { - // Failure message register_error(elgg_echo("friends:collectiondeletefailed")); } -// Forward to the collections page -forward("collections/" . elgg_get_logged_in_user_entity()->username); +forward(REFERER); diff --git a/actions/friends/collections/edit.php b/actions/friends/collections/edit.php index b7fb716f2..9eb5e1eab 100644 --- a/actions/friends/collections/edit.php +++ b/actions/friends/collections/edit.php @@ -9,7 +9,15 @@ $collection_id = get_input('collection_id'); $friends = get_input('friend'); -//chech the collection exists and the current user owners it -update_access_collection($collection_id, $friends); +// check it exists and we can edit +if (!can_edit_access_collection($collection_id)) { + system_message(elgg_echo('friends:collection:edit_failed')); +} -exit; +if (update_access_collection($collection_id, $friends)) { + system_message(elgg_echo('friends:collections:edited')); +} else { + system_message(elgg_echo('friends:collection:edit_failed')); +} + +forward(REFERER); \ No newline at end of file -- cgit v1.2.3