From 358e1148c816f8a689e9e068c3296c0f077c478a Mon Sep 17 00:00:00 2001
From: brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Thu, 3 Sep 2009 21:55:59 +0000
Subject: Adding additional hooks to add/remove/update users for
 access_collections() Added autocomplete endpoint in input_init()

git-svn-id: https://code.elgg.org/elgg/trunk@3460 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 engine/lib/access.php |  71 +++++++++++++++++++-----
 engine/lib/input.php  | 146 +++++++++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 203 insertions(+), 14 deletions(-)

(limited to 'engine/lib')

diff --git a/engine/lib/access.php b/engine/lib/access.php
index 32b476a39..05fafd3d3 100644
--- a/engine/lib/access.php
+++ b/engine/lib/access.php
@@ -350,8 +350,19 @@ END;
 			if (($site_id == 0) && (isset($CONFIG->site_guid))) $site_id = $CONFIG->site_guid;
 			$name = sanitise_string($name);
 			
-			return insert_data("insert into {$CONFIG->dbprefix}access_collections set name = '{$name}', owner_guid = {$owner_guid}, site_guid = {$site_id}");
+			if (!$id = insert_data("insert into {$CONFIG->dbprefix}access_collections set name = '{$name}', owner_guid = {$owner_guid}, site_guid = {$site_id}")) {
+				return false;
+			}
 			
+			$params = array(
+				'collection_id' => $id
+			);
+			
+			if (!trigger_plugin_hook('access:collections:addcollection', 'collection', $params, true)) {
+				return false;
+			}
+			
+			return $id;
 		}
 		
 		/**
@@ -365,22 +376,33 @@ END;
 			
 			global $CONFIG;
 			$collection_id = (int) $collection_id;
+			$members = (is_array($members)) ? $members : array();
 			
 			$collections = get_write_access_array();
 			
 			if (array_key_exists($collection_id, $collections)) {
-			
-				delete_data("delete from {$CONFIG->dbprefix}access_collection_membership where access_collection_id = {$collection_id}");
+				$cur_members = get_members_of_access_collection($collection_id, true);
+				$cur_members = (is_array($cur_members)) ? $cur_members : array();
+				 
+				$remove_members = array_diff($cur_members, $members);
+				$add_members = array_diff($members, $cur_members);
 				
-				if (is_array($members) && sizeof($members) > 0) {
-					foreach($members as $member) {
-						$member = (int) $member;
-						if (get_user($member))
-							insert_data("insert into {$CONFIG->dbprefix}access_collection_membership set access_collection_id = {$collection_id}, user_guid = {$member}");
-					}
-					return true;
+				$params = array(
+					'collection_id' => $collection_id,
+					'members' => $members,
+					'add_members' => $add_members,
+					'remove_members' => $remove_members
+				);
+				
+				foreach ($add_members as $guid) {
+					add_user_to_access_collection($guid, $collection_id);
 				}
-			
+				
+				foreach ($remove_members as $guid) {
+					remove_user_from_access_collection($guid, $collection_id);
+				}
+				
+				return true;
 			}
 			
 			return false;
@@ -396,6 +418,12 @@ END;
 			
 			$collection_id = (int) $collection_id;
 			$collections = get_write_access_array();
+			$params = array('collection_id' => $collection_id);
+			
+			if (!trigger_plugin_hook('access:collections:deletecollection', 'collection', $params, true)) {
+				return false;
+			}
+			
 			if (array_key_exists($collection_id, $collections)) {
 				global $CONFIG;
 				delete_data("delete from {$CONFIG->dbprefix}access_collection_membership where access_collection_id = {$collection_id}");
@@ -441,8 +469,17 @@ END;
 				
 			if ((array_key_exists($collection_id, $collections) || $collection->owner_guid == 0)
 					&& $user = get_user($user_guid)) {
-
 				global $CONFIG;
+
+				$params = array(
+					'collection_id' => $collection_id,
+					'user_guid' => $user_guid
+				);
+			
+				if (!trigger_plugin_hook('access:collections:add_user', 'collection', $params, true)) {
+					return false;
+				}
+				
 				try {
 					insert_data("insert into {$CONFIG->dbprefix}access_collection_membership set access_collection_id = {$collection_id}, user_guid = {$user_guid}");
 				} catch (DatabaseException $e) {}
@@ -471,8 +508,16 @@ END;
 				return false;
 			
 			if ((array_key_exists($collection_id, $collections) || $collection->owner_guid == 0) && $user = get_user($user_guid)) {
-				
 				global $CONFIG;
+				$params = array(
+					'collection_id' => $collection_id,
+					'user_guid' => $user_guid
+				);
+			
+				if (!trigger_plugin_hook('access:collections:remove_user', 'collection', $params, true)) {
+					return false;
+				}
+				
 				delete_data("delete from {$CONFIG->dbprefix}access_collection_membership where access_collection_id = {$collection_id} and user_guid = {$user_guid}");
 				return true;
 				
diff --git a/engine/lib/input.php b/engine/lib/input.php
index 71abbb330..0ec93763b 100644
--- a/engine/lib/input.php
+++ b/engine/lib/input.php
@@ -160,9 +160,153 @@
 	
 		return $pee;
 	}
-        
+	
+	/**
+	 * Page handler for autocomplete endpoint.
+	 * 
+	 * @param $page
+	 * @return unknown_type
+	 */
+	function input_autocomplete_page_handler($page) {
+		global $CONFIG;
+		// only return results to logged in users.
+		if (!$user = get_loggedin_user()) {
+			exit;
+		}
+		
+		if (!$q = get_input('q')) {
+			exit;
+		}
+		
+		$match_on = get_input('match_on', 'all');
+		if ($match_on == 'all' || $match_on[0] == 'all') {
+			$match_on = array('users', 'groups');
+		}
+		
+		if (!is_array($match_on)) {
+			$match_on = array($match_on);
+		}
+		
+		if (get_input('match_owner', false)) {
+			$owner_guid = $user->getGUID();
+			$owner_where = 'AND e.owner_guid = ' . $user->getGUID();
+		} else {
+			$owner_guid = null;
+			$owner_where = '';
+		}
+		
+		$limit = get_input('limit', 10);
+		
+		// grab a list of entities and send them in json.
+		$results = array();
+		foreach ($match_on as $type) {
+			switch ($type) {
+				case 'all':
+					// only need to pull up title from objects.
+					
+					if (!$entities = get_entities(null, null, $owner_guid, null, $limit) AND is_array($entities)) {
+						$results = array_merge($results, $entities);
+					}
+					break;
+					
+				case 'users':
+					$query = "SELECT * FROM {$CONFIG->dbprefix}users_entity as ue, {$CONFIG->dbprefix}entities as e
+						WHERE e.guid = ue.guid
+							AND e.enabled = 'yes'
+							AND ue.banned = 'no'
+							AND (ue.name LIKE '%$q%' OR ue.username LIKE '$q%')
+						LIMIT $limit
+					";
+					
+					if ($entities = get_data($query)) {
+						foreach ($entities as $entity) {
+							$json = json_encode(array(
+								'type' => 'user',
+								'name' => $entity->name,
+								'desc' => $entity->username,
+								//'icon' => elgg_view('profile/icon', array('entity' => get_entity($entity->guid), 'size' => 'tiny', 'override' => 'true')),
+								'icon' => '<img style="float: left;" src="' . get_entity($entity->guid)->getIcon('tiny') . '" />',
+								'guid' => $entity->guid
+							));
+							$results[$entity->name . rand(1,100)] = $json;
+						}
+					}
+					break;
+					
+				case 'groups':
+					// don't return results if groups aren't enabled.
+					if (!is_plugin_enabled('groups')) {
+						continue;
+					}
+					$query = "SELECT * FROM {$CONFIG->dbprefix}groups_entity as ge, {$CONFIG->dbprefix}entities as e
+						WHERE e.guid = ge.guid
+							AND e.enabled = 'yes'
+							$owner_where
+							AND (ge.name LIKE '%$q%' OR ge.description LIKE '%$q%')
+						LIMIT $limit
+					";
+					if ($entities = get_data($query)) {
+						foreach ($entities as $entity) {
+							$json = json_encode(array(
+								'type' => 'group',
+								'name' => $entity->name,
+								'desc' => strip_tags($entity->description),
+								//'icon' => elgg_view('groups/icon', array('entity' => get_entity($entity->guid), 'size' => 'tiny', 'override' => 'true')),
+								'icon' => '<img style="float: left;" src="' . get_entity($entity->guid)->getIcon('tiny') . '" />',
+								'guid' => $entity->guid
+							));
+							//$results[$entity->name . rand(1,100)] = "$json|{$entity->guid}";
+							$results[$entity->name . rand(1,100)] = $json;
+						}
+					}
+					break;
+					
+				case 'friends':
+					$access = get_access_sql_suffix();
+					$query = "SELECT * FROM {$CONFIG->dbprefix}users_entity as ue, {$CONFIG->dbprefix}entity_relationships as er, {$CONFIG->dbprefix}entities as e
+						WHERE er.relationship = 'friend'
+							AND er.guid_one = {$user->getGUID()}
+							AND er.guid_two = ue.guid
+							AND e.guid = ue.guid
+							AND e.enabled = 'yes'
+							AND ue.banned = 'no'
+							AND (ue.name LIKE '%$q%' OR ue.username LIKE '$q%')
+						LIMIT $limit
+					";
+					
+					if ($entities = get_data($query)) {
+						foreach ($entities as $entity) {
+							$json = json_encode(array(
+								'type' => 'user',
+								'name' => $entity->name,
+								'desc' => $entity->username,
+								//'icon' => elgg_view('profile/icon', array('entity' => get_entity($entity->guid), 'size' => 'tiny', 'override' => 'true')),
+								'icon' => '<img style="float: left;" src="' . get_entity($entity->guid)->getIcon('tiny') . '" />',
+								'guid' => $entity->guid
+							));
+							$results[$entity->name . rand(1,100)] = $json;
+						}
+					}
+					break;
+					
+				default:
+					// arbitrary subtype.
+					get_entities(null, $type, $owner_guid);
+					break;
+			}
+		}
+		
+		ksort($results);
+		echo implode($results, "\n");
+		exit;
+	}
+
+	
 	function input_init() {
 		
+		// register an endpoint for live search / autocomplete.
+		register_page_handler('autocomplete', 'input_autocomplete_page_handler');
+		
 		if (ini_get_bool('magic_quotes_gpc') ) {
 		    
 		    //do keys as well, cos array_map ignores them
-- 
cgit v1.2.3