From 2c4e77c49fc43add737daaa76aef710de8d01d30 Mon Sep 17 00:00:00 2001 From: Cash Costello Date: Fri, 23 Dec 2011 19:58:27 -0500 Subject: Fixes #1922 can now delete invites to invisible groups --- mod/groups/actions/groups/membership/delete_invite.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'mod/groups/actions') diff --git a/mod/groups/actions/groups/membership/delete_invite.php b/mod/groups/actions/groups/membership/delete_invite.php index 4b654f0b6..d21aa0309 100644 --- a/mod/groups/actions/groups/membership/delete_invite.php +++ b/mod/groups/actions/groups/membership/delete_invite.php @@ -9,7 +9,11 @@ $user_guid = get_input('user_guid', elgg_get_logged_in_user_guid()); $group_guid = get_input('group_guid'); $user = get_entity($user_guid); + +// invisible groups require overriding access to delete invite +$old_access = elgg_set_ignore_access(true); $group = get_entity($group_guid); +elgg_set_ignore_access($old_access); // If join request made if (check_entity_relationship($group->guid, 'invited', $user->guid)) { -- cgit v1.2.3 From 63dfdab76fef0e44fac550b0bb1a15780470f6c6 Mon Sep 17 00:00:00 2001 From: cash Date: Sat, 31 Dec 2011 11:13:01 -0500 Subject: Fixes #4152 setting access on group creation river item --- mod/groups/actions/groups/edit.php | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'mod/groups/actions') diff --git a/mod/groups/actions/groups/edit.php b/mod/groups/actions/groups/edit.php index c4cf6667e..b513a6098 100644 --- a/mod/groups/actions/groups/edit.php +++ b/mod/groups/actions/groups/edit.php @@ -89,14 +89,10 @@ if ($new_group_flag) { $group->save(); -// group creator needs to be member of new group and river entry created -if ($new_group_flag) { - elgg_set_page_owner_guid($group->guid); - $group->join($user); - add_to_river('river/group/create', 'create', $user->guid, $group->guid); -} - // Invisible group support +// @todo this requires save to be called to create the acl for the group. This +// is an odd requirement and should be removed. Either the acl creation happens +// in the action or the visibility moves to a plugin hook if (elgg_get_plugin_setting('hidden_groups', 'groups') == 'yes') { $visibility = (int)get_input('vis', '', false); if ($visibility != ACCESS_PUBLIC && $visibility != ACCESS_LOGGED_IN) { @@ -105,10 +101,18 @@ if (elgg_get_plugin_setting('hidden_groups', 'groups') == 'yes') { if ($group->access_id != $visibility) { $group->access_id = $visibility; - $group->save(); } } +$group->save(); + +// group creator needs to be member of new group and river entry created +if ($new_group_flag) { + elgg_set_page_owner_guid($group->guid); + $group->join($user); + add_to_river('river/group/create', 'create', $user->guid, $group->guid, $group->access_id); +} + // Now see if we have a file icon if ((isset($_FILES['icon'])) && (substr_count($_FILES['icon']['type'],'image/'))) { -- cgit v1.2.3 From 4f4f5a8be736c36ca8af0cd65731dd7c64da3b1a Mon Sep 17 00:00:00 2001 From: Cash Costello Date: Sun, 8 Jan 2012 16:09:14 -0500 Subject: Fixes #3216 passing type/subtype for group discussions --- mod/groups/actions/discussion/reply/save.php | 6 ++---- mod/groups/actions/discussion/save.php | 2 +- mod/groups/lib/discussion.php | 6 +++--- 3 files changed, 6 insertions(+), 8 deletions(-) (limited to 'mod/groups/actions') diff --git a/mod/groups/actions/discussion/reply/save.php b/mod/groups/actions/discussion/reply/save.php index a1ed036b6..f8be8aa2c 100644 --- a/mod/groups/actions/discussion/reply/save.php +++ b/mod/groups/actions/discussion/reply/save.php @@ -4,8 +4,6 @@ * */ -gatekeeper(); - // Get input $entity_guid = (int) get_input('entity_guid'); $text = get_input('group_topic_post'); @@ -23,10 +21,10 @@ if (!$topic) { forward(REFERER); } -$user = get_loggedin_user(); +$user = elgg_get_logged_in_user_entity(); $group = $topic->getContainerEntity(); -if (!$group->canWriteToContainer($user)) { +if (!$group->canWriteToContainer()) { register_error(elgg_echo('groups:notmember')); forward(REFERER); } diff --git a/mod/groups/actions/discussion/save.php b/mod/groups/actions/discussion/save.php index a51775cd6..de4afadfb 100644 --- a/mod/groups/actions/discussion/save.php +++ b/mod/groups/actions/discussion/save.php @@ -21,7 +21,7 @@ if (!$title || !$desc) { } $container = get_entity($container_guid); -if (!$container || !$container->canWriteToContainer()) { +if (!$container || !$container->canWriteToContainer(0, 'object', 'groupforumtopic')) { register_error(elgg_echo('discussion:error:permissions')); forward(REFERER); } diff --git a/mod/groups/lib/discussion.php b/mod/groups/lib/discussion.php index 2bda4678e..55642644d 100644 --- a/mod/groups/lib/discussion.php +++ b/mod/groups/lib/discussion.php @@ -92,8 +92,8 @@ function discussion_handle_edit_page($type, $guid) { forward(); } - // make sure user has permissions to write to container - if (!$group->canWriteToContainer()) { + // make sure user has permissions to add a topic to container + if (!$group->canWriteToContainer(0, 'object', 'groupforumtopic')) { register_error(elgg_echo('groups:permissions:error')); forward($group->getURL()); } @@ -173,7 +173,7 @@ function discussion_handle_view_page($guid) { 'show_add_form' => false, )); $content .= elgg_view('discussion/closed'); - } elseif ($group->canWriteToContainer() || elgg_is_admin_logged_in()) { + } elseif ($group->canWriteToContainer(0, 'object', 'groupforumtopic') || elgg_is_admin_logged_in()) { $content .= elgg_view('discussion/replies', array( 'entity' => $topic, 'show_add_form' => true, -- cgit v1.2.3