diff options
Diffstat (limited to 'engine/lib/pageowner.php')
| -rw-r--r-- | engine/lib/pageowner.php | 121 |
1 files changed, 101 insertions, 20 deletions
diff --git a/engine/lib/pageowner.php b/engine/lib/pageowner.php index 3f0c58a5d..bd63d08c6 100644 --- a/engine/lib/pageowner.php +++ b/engine/lib/pageowner.php @@ -26,9 +26,12 @@ function elgg_get_page_owner_guid($guid = 0) { return $page_owner_guid; } + // return guid of page owner entity $guid = elgg_trigger_plugin_hook('page_owner', 'system', NULL, 0); - $page_owner_guid = $guid; + if ($guid) { + $page_owner_guid = $guid; + } return $guid; } @@ -36,24 +39,30 @@ function elgg_get_page_owner_guid($guid = 0) { /** * Gets the owner entity for the current page. * - * @return ElggEntity|false The current page owner or false if none. + * @note Access is disabled when getting the page owner entity. + * + * @return ElggUser|ElggGroup|false The current page owner or false if none. * * @since 1.8.0 */ function elgg_get_page_owner_entity() { $guid = elgg_get_page_owner_guid(); if ($guid > 0) { - return get_entity($guid); + $ia = elgg_set_ignore_access(true); + $owner = get_entity($guid); + elgg_set_ignore_access($ia); + + return $owner; } - return FALSE; + return false; } /** * Set the guid of the entity that owns this page * * @param int $guid The guid of the page owner - * + * @return void * @since 1.8.0 */ function elgg_set_page_owner_guid($guid) { @@ -61,14 +70,29 @@ function elgg_set_page_owner_guid($guid) { } /** - * Handles default page owners + * Sets the page owner based on request + * + * Tries to figure out the page owner by looking at the URL or a request + * parameter. The request parameters used are 'username' and 'owner_guid'. If + * the page request is going through the page handling system, this function + * attempts to figure out the owner if the url fits the patterns of: + * <handler>/owner/<username> + * <handler>/friends/<username> + * <handler>/view/<entity guid> + * <handler>/add/<container guid> + * <handler>/edit/<entity guid> + * <handler>/group/<group guid> + * + * @note Access is disabled while finding the page owner for the group gatekeeper functions. * - * @param string $hook page_owner - * @param string $entity_type system - * @param mixed $returnvalue Previous function's return value - * @param mixed $params Params * - * @return int + * @param string $hook 'page_owner' + * @param string $entity_type 'system' + * @param int $returnvalue Previous function's return value + * @param array $params no parameters + * + * @return int GUID + * @access private */ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params) { @@ -76,17 +100,22 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params) return $returnvalue; } + $ia = elgg_set_ignore_access(true); + $username = get_input("username"); if ($username) { + // @todo using a username of group:<guid> is deprecated if (substr_count($username, 'group:')) { preg_match('/group\:([0-9]+)/i', $username, $matches); $guid = $matches[1]; if ($entity = get_entity($guid)) { + elgg_set_ignore_access($ia); return $entity->getGUID(); } } if ($user = get_user_by_username($username)) { + elgg_set_ignore_access($ia); return $user->getGUID(); } } @@ -94,11 +123,53 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params) $owner = get_input("owner_guid"); if ($owner) { if ($user = get_entity($owner)) { + elgg_set_ignore_access($ia); return $user->getGUID(); } } - return $returnvalue; + // ignore root and query + $uri = current_page_url(); + $path = str_replace(elgg_get_site_url(), '', $uri); + $path = trim($path, "/"); + if (strpos($path, "?")) { + $path = substr($path, 0, strpos($path, "?")); + } + + // @todo feels hacky + if (get_input('page', FALSE)) { + $segments = explode('/', $path); + if (isset($segments[1]) && isset($segments[2])) { + switch ($segments[1]) { + case 'owner': + case 'friends': + $user = get_user_by_username($segments[2]); + if ($user) { + elgg_set_ignore_access($ia); + return $user->getGUID(); + } + break; + case 'view': + case 'edit': + $entity = get_entity($segments[2]); + if ($entity) { + elgg_set_ignore_access($ia); + return $entity->getContainerGUID(); + } + break; + case 'add': + case 'group': + $entity = get_entity($segments[2]); + if ($entity) { + elgg_set_ignore_access($ia); + return $entity->getGUID(); + } + break; + } + } + } + + elgg_set_ignore_access($ia); } /** @@ -109,8 +180,8 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params) * output could be different for those two contexts ('blog' vs 'widget'). * * Pages that pass through the page handling system set the context to the - * first string after 'pg'. Example: http://elgg.org/pg/bookmarks/ results in - * the initial context being set to 'bookmarks'. + * first string after the root url. Example: http://example.org/elgg/bookmarks/ + * results in the initial context being set to 'bookmarks'. * * The context is a stack so that for a widget on a profile, the context stack * may contain first 'profile' and then 'widget'. @@ -120,7 +191,7 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params) * @warning The context is not available until the page_handler runs (after * the 'init, system' event processing has completed). * - * @param string $context The context of the page + * @param string $context The context of the page * @return bool * @since 1.8.0 */ @@ -152,6 +223,10 @@ function elgg_set_context($context) { function elgg_get_context() { global $CONFIG; + if (!$CONFIG->context) { + return null; + } + return $CONFIG->context[count($CONFIG->context) - 1]; } @@ -159,6 +234,7 @@ function elgg_get_context() { * Push a context onto the top of the stack * * @param string $context The context string to add to the context stack + * @return void * @since 1.8.0 */ function elgg_push_context($context) { @@ -187,7 +263,7 @@ function elgg_pop_context() { * itself differently based on being on the dashboard or profile pages, it * can check the stack. * - * @param string $context The context string to check for + * @param string $context The context string to check for * @return bool * @since 1.8.0 */ @@ -203,14 +279,19 @@ function elgg_in_context($context) { * @note This is on the 'boot, system' event so that the context is set up quickly. * * @return void + * @access private */ function page_owner_boot() { - global $CONFIG; elgg_register_plugin_hook_handler('page_owner', 'system', 'default_page_owner_handler'); - - // initial context - will be replaced by page handler - $CONFIG->context = array('main'); + + // Bootstrap the context stack by setting its first entry to the handler. + // This is the first segment of the URL and the handler is set by the rewrite rules. + // @todo this does not work for actions + $handler = get_input('handler', FALSE); + if ($handler) { + elgg_set_context($handler); + } } elgg_register_event_handler('boot', 'system', 'page_owner_boot'); |