From 1d625e30949ca2c500ac002583485f44f576176c Mon Sep 17 00:00:00 2001 From: ben Date: Fri, 1 Aug 2008 12:25:12 +0000 Subject: The metadata permissions check now passes along (optionally) the specific piece of metadata. Refs #104 git-svn-id: https://code.elgg.org/elgg/trunk@1648 36083f99-b078-4883-b0ff-0f9b5a30f544 --- engine/lib/entities.php | 18 +++++++++++++----- engine/lib/metadata.php | 2 +- 2 files changed, 14 insertions(+), 6 deletions(-) (limited to 'engine/lib') diff --git a/engine/lib/entities.php b/engine/lib/entities.php index 47ad8f89c..a46b4ce54 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -403,11 +403,12 @@ /** * Determines whether or not the specified user (by default the current one) can edit metadata on the entity * + * @param ElggMetadata $metadata The piece of metadata to specifically check * @param int $user_guid The user GUID, optionally (defaults to the currently logged in user) * @return true|false */ - function canEditMetadata($user_guid = 0) { - return can_edit_entity_metadata($this->getGUID(), $user_guid); + function canEditMetadata($metadata = null, $user_guid = 0) { + return can_edit_entity_metadata($this->getGUID(), $user_guid, $metadata); } /** @@ -1651,16 +1652,23 @@ * * @param int $entity_guid The GUID of the entity * @param int $user_guid The GUID of the user + * @param ElggMetadata $metadata The metadata to specifically check (if any; default null) * @return true|false Whether the specified user can edit the specified entity. */ - function can_edit_entity_metadata($entity_guid, $user_guid = 0) { + function can_edit_entity_metadata($entity_guid, $user_guid = 0, $metadata = null) { if ($entity = get_entity($entity_guid)) { - $return = can_edit_entity($entity_guid, $user_guid); + + $return = null; + + if ($metadata->owner_guid == 0) $return = true; + if (is_null($return)) + $return = can_edit_entity($entity_guid, $user_guid); $user = get_entity($user_guid); - $return = trigger_plugin_hook('permissions_check:metadata',$entity->type,array('entity' => $entity, 'user' => $user),$return); + $return = trigger_plugin_hook('permissions_check:metadata',$entity->type,array('entity' => $entity, 'user' => $user, 'metadata' => $metadata),$return); return $return; + } else { return false; } diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php index 70f563d25..51b3c03d9 100644 --- a/engine/lib/metadata.php +++ b/engine/lib/metadata.php @@ -77,7 +77,7 @@ function canEdit() { if ($entity = get_entity($this->get('entity_guid'))) { - return $entity->canEditMetadata(); + return $entity->canEditMetadata($this); } return false; -- cgit v1.2.3