From 346d082dae4da3908f7c7a6b8b9946768e19f5d6 Mon Sep 17 00:00:00 2001 From: cash Date: Sun, 20 Mar 2011 23:34:10 +0000 Subject: Fixes #2974 using canWriteToContainer() to control access to creating group content git-svn-id: http://code.elgg.org/elgg/trunk@8795 36083f99-b078-4883-b0ff-0f9b5a30f544 --- mod/groups/lib/discussion.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'mod/groups/lib/discussion.php') diff --git a/mod/groups/lib/discussion.php b/mod/groups/lib/discussion.php index fb70d6c00..1813c87aa 100644 --- a/mod/groups/lib/discussion.php +++ b/mod/groups/lib/discussion.php @@ -67,7 +67,7 @@ function discussion_handle_list_page($guid) { 'filter' => '', ); - if (!$group->isMember() && !$group->canEdit()) { + if (!$group->canWriteToContainer()) { $params['buttons'] = ''; } @@ -91,7 +91,12 @@ function discussion_handle_edit_page($type, $guid) { register_error(elgg_echo('group:notfound')); forward(); } - group_gatekeeper(); + + // make sure user has permissions to write to container + if (!$group->canWriteToContainer()) { + register_error(elgg_echo('groups:permissions:error')); + forward($group->getURL()); + } $title = elgg_echo('groups:addtopic'); @@ -169,7 +174,7 @@ function discussion_handle_view_page($guid) { 'show_add_form' => false, )); $content .= elgg_view('discussion/closed'); - } elseif ($group->isMember() || elgg_is_admin_logged_in()) { + } elseif ($group->canWriteToContainer() || elgg_is_admin_logged_in()) { $content .= elgg_view('discussion/replies', array( 'entity' => $topic, 'show_add_form' => true, -- cgit v1.2.3