From 8916fcdca6a2950d210abd2db7e6fb104abec149 Mon Sep 17 00:00:00 2001 From: Steve Clay Date: Fri, 7 Sep 2012 01:38:03 -0400 Subject: Fixes #4789: group_gatekeeper() and river hide closed/invisible group content more reliably --- engine/lib/group.php | 56 +++++++++++++++++++++++----------------------------- 1 file changed, 25 insertions(+), 31 deletions(-) (limited to 'engine/lib/group.php') diff --git a/engine/lib/group.php b/engine/lib/group.php index feb1f1e7f..b81146e61 100644 --- a/engine/lib/group.php +++ b/engine/lib/group.php @@ -247,48 +247,42 @@ function get_users_membership($user_guid) { } /** - * Checks access to a group. + * May the current user access item(s) on this page? If the page owner is a group, + * membership, visibility, and logged in status are taken into account. * * @param boolean $forward If set to true (default), will forward the page; * if set to false, will return true or false. * - * @return true|false If $forward is set to false. + * @return bool If $forward is set to false. */ function group_gatekeeper($forward = true) { - $allowed = true; - $url = ''; - - if ($group = elgg_get_page_owner_entity()) { - if ($group instanceof ElggGroup) { - $url = $group->getURL(); - if (!$group->isPublicMembership()) { - // closed group so must be member or an admin - - if (!elgg_is_logged_in()) { - $allowed = false; - if ($forward == true) { - $_SESSION['last_forward_from'] = current_page_url(); - register_error(elgg_echo('loggedinrequired')); - forward('', 'login'); - } - } else if (!$group->isMember(elgg_get_logged_in_user_entity())) { - $allowed = false; - } - // Admin override - if (elgg_is_admin_logged_in()) { - $allowed = true; - } - } - } + $page_owner_guid = elgg_get_page_owner_guid(); + if (!$page_owner_guid) { + return true; } + $visibility = ElggGroupItemVisibility::factory($page_owner_guid); - if ($forward && $allowed == false) { - register_error(elgg_echo('membershiprequired')); - forward($url, 'member'); + if (!$visibility->shouldHideItems) { + return true; } + if ($forward) { + // only forward to group if user can see it + $group = get_entity($page_owner_guid); + $forward_url = $group ? $group->getURL() : ''; + + if ($visibility->reasonHidden !== ElggGroupItemVisibility::REASON_MEMBERSHIP) { + $_SESSION['last_forward_from'] = current_page_url(); + $forward_reason = 'login'; + } else { + $forward_reason = 'member'; + } - return $allowed; + register_error(elgg_echo($visibility->reasonHidden)); + forward($forward_url, $forward_reason); + } + + return false; } /** -- cgit v1.2.3 From a0005033ac0d69ef462ff27394cd1c34d5dd5fab Mon Sep 17 00:00:00 2001 From: Steve Clay Date: Fri, 7 Sep 2012 02:20:56 -0400 Subject: Better logic for when to forward to login --- engine/classes/ElggGroupItemVisibility.php | 10 ++++++++++ engine/lib/group.php | 2 +- 2 files changed, 11 insertions(+), 1 deletion(-) (limited to 'engine/lib/group.php') diff --git a/engine/classes/ElggGroupItemVisibility.php b/engine/classes/ElggGroupItemVisibility.php index 2c7e2abb4..743c935da 100644 --- a/engine/classes/ElggGroupItemVisibility.php +++ b/engine/classes/ElggGroupItemVisibility.php @@ -26,6 +26,11 @@ class ElggGroupItemVisibility { */ public $reasonHidden = ''; + /** + * @var bool + */ + public $requireLogin = false; + /** * Determine visibility of items within a container for the current user * @@ -86,6 +91,11 @@ class ElggGroupItemVisibility { $ret->reasonHidden = self::REASON_NOACCESS; } } + + if ($ret->shouldHideItems && !$user) { + $ret->requireLogin = true; + } + $cache[$cache_key] = $ret; } return $cache[$cache_key]; diff --git a/engine/lib/group.php b/engine/lib/group.php index b81146e61..b32c4bd48 100644 --- a/engine/lib/group.php +++ b/engine/lib/group.php @@ -271,7 +271,7 @@ function group_gatekeeper($forward = true) { $group = get_entity($page_owner_guid); $forward_url = $group ? $group->getURL() : ''; - if ($visibility->reasonHidden !== ElggGroupItemVisibility::REASON_MEMBERSHIP) { + if (!elgg_is_logged_in()) { $_SESSION['last_forward_from'] = current_page_url(); $forward_reason = 'login'; } else { -- cgit v1.2.3