aboutsummaryrefslogtreecommitdiff
path: root/engine/lib/group.php
diff options
context:
space:
mode:
Diffstat (limited to 'engine/lib/group.php')
-rw-r--r--engine/lib/group.php57
1 files changed, 26 insertions, 31 deletions
diff --git a/engine/lib/group.php b/engine/lib/group.php
index feb1f1e7f..5a38e1ea6 100644
--- a/engine/lib/group.php
+++ b/engine/lib/group.php
@@ -33,6 +33,7 @@ function get_group_entity_as_row($guid) {
* @param string $description Description
*
* @return bool
+ * @access private
*/
function create_group_entity($guid, $name, $description) {
global $CONFIG;
@@ -247,48 +248,42 @@ function get_users_membership($user_guid) {
}
/**
- * Checks access to a group.
+ * May the current user access item(s) on this page? If the page owner is a group,
+ * membership, visibility, and logged in status are taken into account.
*
* @param boolean $forward If set to true (default), will forward the page;
* if set to false, will return true or false.
*
- * @return true|false If $forward is set to false.
+ * @return bool If $forward is set to false.
*/
function group_gatekeeper($forward = true) {
- $allowed = true;
- $url = '';
-
- if ($group = elgg_get_page_owner_entity()) {
- if ($group instanceof ElggGroup) {
- $url = $group->getURL();
- if (!$group->isPublicMembership()) {
- // closed group so must be member or an admin
-
- if (!elgg_is_logged_in()) {
- $allowed = false;
- if ($forward == true) {
- $_SESSION['last_forward_from'] = current_page_url();
- register_error(elgg_echo('loggedinrequired'));
- forward('', 'login');
- }
- } else if (!$group->isMember(elgg_get_logged_in_user_entity())) {
- $allowed = false;
- }
- // Admin override
- if (elgg_is_admin_logged_in()) {
- $allowed = true;
- }
- }
- }
+ $page_owner_guid = elgg_get_page_owner_guid();
+ if (!$page_owner_guid) {
+ return true;
}
+ $visibility = ElggGroupItemVisibility::factory($page_owner_guid);
- if ($forward && $allowed == false) {
- register_error(elgg_echo('membershiprequired'));
- forward($url, 'member');
+ if (!$visibility->shouldHideItems) {
+ return true;
+ }
+ if ($forward) {
+ // only forward to group if user can see it
+ $group = get_entity($page_owner_guid);
+ $forward_url = $group ? $group->getURL() : '';
+
+ if (!elgg_is_logged_in()) {
+ $_SESSION['last_forward_from'] = current_page_url();
+ $forward_reason = 'login';
+ } else {
+ $forward_reason = 'member';
+ }
+
+ register_error(elgg_echo($visibility->reasonHidden));
+ forward($forward_url, $forward_reason);
}
- return $allowed;
+ return false;
}
/**
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-31 16:21:47 +0000