diff options
Diffstat (limited to 'engine/lib/group.php')
| -rw-r--r-- | engine/lib/group.php | 58 |
1 files changed, 32 insertions, 26 deletions
diff --git a/engine/lib/group.php b/engine/lib/group.php index 755482b00..6ded8a825 100644 --- a/engine/lib/group.php +++ b/engine/lib/group.php @@ -14,6 +14,7 @@ * @param int $guid GUID for a group * * @return array|false + * @access private */ function get_group_entity_as_row($guid) { global $CONFIG; @@ -32,6 +33,7 @@ function get_group_entity_as_row($guid) { * @param string $description Description * * @return bool + * @access private */ function create_group_entity($guid, $name, $description) { global $CONFIG; @@ -168,7 +170,7 @@ function get_group_members($group_guid, $limit = 10, $offset = 0, $site_guid = 0 'relationship' => 'member', 'relationship_guid' => $group_guid, 'inverse_relationship' => TRUE, - 'types' => 'user', + 'type' => 'user', 'limit' => $limit, 'offset' => $offset, 'count' => $count, @@ -238,50 +240,52 @@ function leave_group($group_guid, $user_guid) { */ function get_users_membership($user_guid) { $options = array( + 'type' => 'group', 'relationship' => 'member', 'relationship_guid' => $user_guid, - 'inverse_relationship' => FALSE + 'inverse_relationship' => false, + 'limit' => false, ); return elgg_get_entities_from_relationship($options); } /** - * Checks access to a group. + * May the current user access item(s) on this page? If the page owner is a group, + * membership, visibility, and logged in status are taken into account. * * @param boolean $forward If set to true (default), will forward the page; * if set to false, will return true or false. * - * @return true|false If $forward is set to false. + * @return bool If $forward is set to false. */ function group_gatekeeper($forward = true) { - $allowed = true; - $url = ''; - - if ($group = elgg_get_page_owner_entity()) { - if ($group instanceof ElggGroup) { - $url = $group->getURL(); - if ( - ((!elgg_is_logged_in()) && (!$group->isPublicMembership())) || - ((!$group->isMember(elgg_get_logged_in_user_entity()) && (!$group->isPublicMembership()))) - ) { - $allowed = false; - } - // Admin override - if (elgg_is_admin_logged_in()) { - $allowed = true; - } - } + $page_owner_guid = elgg_get_page_owner_guid(); + if (!$page_owner_guid) { + return true; } + $visibility = ElggGroupItemVisibility::factory($page_owner_guid); - if ($forward && $allowed == false) { - register_error(elgg_echo('membershiprequired')); - if (!forward($url, 'member')) { - throw new SecurityException(elgg_echo('SecurityException:UnexpectedOutputInGatekeeper')); + if (!$visibility->shouldHideItems) { + return true; + } + if ($forward) { + // only forward to group if user can see it + $group = get_entity($page_owner_guid); + $forward_url = $group ? $group->getURL() : ''; + + if (!elgg_is_logged_in()) { + $_SESSION['last_forward_from'] = current_page_url(); + $forward_reason = 'login'; + } else { + $forward_reason = 'member'; } + + register_error(elgg_echo($visibility->reasonHidden)); + forward($forward_url, $forward_reason); } - return $allowed; + return false; } /** @@ -294,6 +298,7 @@ function group_gatekeeper($forward = true) { * @param bool $default_on True if this option should be active by default * * @return void + * @since 1.5.0 */ function add_group_tool_option($name, $label, $default_on = true) { global $CONFIG; @@ -319,6 +324,7 @@ function add_group_tool_option($name, $label, $default_on = true) { * @param string $name Name of the group tool option * * @return void + * @since 1.7.5 */ function remove_group_tool_option($name) { global $CONFIG; |