/**
* Checks whether a user is allowed to leave a group.
*
* This checks things like if they're the owner and the group membership type
*
* @param mixed $group DB record or ID of group to check
* @param int $userid (optional, will default to logged in user)
*/
function group_user_can_leave($group, $userid = null)
{
global $USER;
static $result;
$userid = optional_userid($userid);
if (is_numeric($group)) {
if (!($group = get_record('group', 'id', $group, 'deleted', 0))) {
return false;
}
}
// Return cached value if we have it
if (isset($result[$group->id][$userid])) {
return $result[$group->id][$userid];
}
if ($group->jointype == 'controlled' && group_user_access($group->id, $USER->get('id')) != 'admin') {
return $result[$group->id][$userid] = false;
}
if (group_is_only_admin($group->id, $userid)) {
return $result[$group->id][$userid] = false;
}
return $result[$group->id][$userid] = true;
}
/**
* get the views that a user can see belonging
* to the given users
*
* @param array $users users to fetch views owned by
* @param int $userlooking (optional, defaults to logged in user)
* @param int $limit grab this many views. (setting this null means get all)
*
* @return array Associative array keyed by userid, of arrays of view ids
*/
function get_views($users, $userlooking = null, $limit = 5, $type = null)
{
$userlooking = optional_userid($userlooking);
if (is_int($users)) {
$users = array($users);
}
$list = array();
if (count($users) == 0) {
return $list;
}
$users = array_flip($users);
$dbnow = db_format_timestamp(time());
if ($friends = get_records_sql_array('SELECT
CASE WHEN usr1=? THEN usr2 ELSE usr1 END AS id
FROM
{usr_friend} f
WHERE
( usr1=? AND usr2 IN (' . join(',', array_map('db_quote', array_keys($users))) . ') )
OR
( usr2=? AND usr1 IN (' . join(',', array_map('db_quote', array_keys($users))) . ') )
', array($userlooking, $userlooking, $userlooking))) {
foreach ($friends as $user_id) {
$users[$user_id->id] = 'friend';
}
}
if (is_null($type)) {
$typesql = "AND v.type != 'profile'";
} else {
$typesql = 'AND v.type = ' . db_quote($type);
}
$data = array();
$done = false;
// public, logged in, or friends' views
if ($results = get_records_sql_assoc('SELECT
v.*,
' . db_format_tsfield('atime') . ',
' . db_format_tsfield('mtime') . ',
' . db_format_tsfield('v.ctime', 'ctime') . '
FROM
{view} v
INNER JOIN {view_access} a ON
v.id=a.view
AND (
accesstype IN (\'public\',\'loggedin\')
' . (count(preg_grep('/^friend$/', $users)) > 0 ? 'OR (
accesstype = \'friends\'
AND v.owner IN (' . join(',', array_map('db_quote', array_keys(preg_grep('/^friend$/', $users)))) . ')
)' : '') . '
)
WHERE
v.owner IN (' . join(',', array_map('db_quote', array_keys($users))) . ')
AND ( v.startdate IS NULL OR v.startdate < ? )
AND ( v.stopdate IS NULL OR v.stopdate > ? )
' . $typesql, array($dbnow, $dbnow))) {
foreach ($results as $row) {
$list[$row->owner][$row->id] = $row->id;
}
$data = $results;
// bail if we've filled all users to the limit
$done = _get_views_trim_list($list, $users, $limit, $data);
}
// check individual user access
if (!$done && ($results = get_records_sql_assoc('SELECT
v.*,
' . db_format_tsfield('atime') . ',
' . db_format_tsfield('mtime') . ',
' . db_format_tsfield('v.ctime', 'ctime') . '
FROM
{view} v
INNER JOIN {view_access} a ON v.id=a.view AND a.usr=?
WHERE
v.owner IN (' . join(',', array_map('db_quote', array_keys($users))) . ')
AND ( v.startdate IS NULL OR v.startdate < ? )
AND ( v.stopdate IS NULL OR v.stopdate > ? )
' . $typesql, array($userlooking, $dbnow, $dbnow)))) {
foreach ($results as &$row) {
$list[$row->owner][$row->id] = $row->id;
}
$data = array_merge($data, $results);
// bail if we've filled all users to the limit
$done = $done && _get_views_trim_list($list, $users, $limit, $data);
}
// check group access
if (!$done && ($results = get_records_sql_assoc('SELECT
v.*,
' . db_format_tsfield('v.atime', 'atime') . ',
' . db_format_tsfield('v.mtime', 'mtime') . ',
' . db_format_tsfield('v.ctime', 'ctime') . '
FROM
{view} v
INNER JOIN {view_access} a ON v.id=a.view
INNER JOIN {group_member} m ON m.group=a.group AND m.member=?
INNER JOIN {group} g ON (g.id = a.group AND g.deleted = ?)
WHERE
v.owner IN (' . join(',', array_map('db_quote', array_keys($users))) . ')
AND ( v.startdate IS NULL OR v.startdate < ? )
AND ( v.stopdate IS NULL OR v.stopdate > ? )
' . $typesql, array($userlooking, 0, $dbnow, $dbnow)))) {
foreach ($results as &$row) {
$list[$row->owner][$row->id] = $row->id;
}
$data = array_merge($data, $results);
// bail if we've filled all users to the limit
$done = $done && _get_views_trim_list($list, $users, $limit, $data);
}
require_once 'view.php';
View::get_extra_view_info($data, false, false);
$list = array();
foreach ($data as $d) {
$list[$d['owner']][$d['id']] = (object) $d;
}
return $list;
}
/**
* get the views that a user can see belonging
* to the given users
*
* @param array $users users to fetch views owned by
* @param int $userlooking (optional, defaults to logged in user)
* @param int $limit grab this many views. (setting this null means get all)
* @param string $type the type of views to return
*
* @return array Associative array keyed by userid, of arrays of view ids
*/
function get_views($users, $userlooking = null, $limit = 5, $type = 'portfolio')
{
$userlooking = optional_userid($userlooking);
if (is_int($users)) {
$users = array($users);
}
$list = array();
if (count($users) == 0) {
return $list;
}
$users = array_flip($users);
$dbnow = db_format_timestamp(time());
if ($friends = get_records_sql_array('SELECT
CASE WHEN usr1=? THEN usr2 ELSE usr1 END AS id
FROM
{usr_friend} f
WHERE
( usr1=? AND usr2 IN (' . join(',', array_map('db_quote', array_keys($users))) . ') )
OR
( usr2=? AND usr1 IN (' . join(',', array_map('db_quote', array_keys($users))) . ') )
', array($userlooking, $userlooking, $userlooking))) {
foreach ($friends as $user_id) {
$users[$user_id->id] = 'friend';
}
}
$typesql = '';
if ($type != null) {
$typesql = 'AND v.type = ' . db_quote($type);
}
// public, logged in, or friends' views
if ($results = get_records_sql_array('SELECT
v.*,
' . db_format_tsfield('atime') . ',
' . db_format_tsfield('mtime') . ',
' . db_format_tsfield('ctime') . '
FROM
{view} v
INNER JOIN {view_access} a ON
v.id=a.view
AND (
accesstype IN (\'public\',\'loggedin\')
' . (count(preg_grep('/^friend$/', $users)) > 0 ? 'OR (
accesstype = \'friends\'
AND v.owner IN (' . join(',', array_map('db_quote', array_keys(preg_grep('/^friend$/', $users)))) . ')
)' : '') . '
)
WHERE
v.owner IN (' . join(',', array_map('db_quote', array_keys($users))) . ')
AND ( v.startdate IS NULL OR v.startdate < ? )
AND ( v.stopdate IS NULL OR v.stopdate > ? )
' . $typesql, array($dbnow, $dbnow))) {
foreach ($results as &$row) {
$list[$row->owner][$row->id] = $row;
}
}
// bail if we've filled all users to the limit
if (_get_views_trim_list($list, $users, $limit)) {
return $list;
}
// check individual user access
if ($results = get_records_sql_array('SELECT
v.*,
' . db_format_tsfield('atime') . ',
' . db_format_tsfield('mtime') . ',
' . db_format_tsfield('ctime') . '
FROM
{view} v
INNER JOIN {view_access_usr} a ON v.id=a.view AND a.usr=?
WHERE
v.owner IN (' . join(',', array_map('db_quote', array_keys($users))) . ')
AND ( v.startdate IS NULL OR v.startdate < ? )
AND ( v.stopdate IS NULL OR v.stopdate > ? )
' . $typesql, array($userlooking, $dbnow, $dbnow))) {
foreach ($results as &$row) {
$list[$row->owner][$row->id] = $row;
}
}
// bail if we've filled all users to the limit
if (_get_views_trim_list($list, $users, $limit)) {
return $list;
}
// check group access
if ($results = get_records_sql_array('SELECT
v.*,
' . db_format_tsfield('v.atime', 'atime') . ',
' . db_format_tsfield('v.mtime', 'mtime') . ',
' . db_format_tsfield('v.ctime', 'ctime') . '
FROM
{view} v
INNER JOIN {view_access_group} a ON v.id=a.view
INNER JOIN {group_member} m ON m.group=a.group AND m.member=?
INNER JOIN {group} g ON (g.id = a.group AND g.deleted = ?)
WHERE
v.owner IN (' . join(',', array_map('db_quote', array_keys($users))) . ')
AND ( v.startdate IS NULL OR v.startdate < ? )
AND ( v.stopdate IS NULL OR v.stopdate > ? )
' . $typesql, array($userlooking, 0, $dbnow, $dbnow))) {
foreach ($results as &$row) {
$list[$row->owner][$row->id] = $row;
}
}
// bail if we've filled all users to the limit
if (_get_views_trim_list($list, $users, $limit)) {
return $list;
}
return $list;
}
