public function testUpdateACL()
{
// another fake user to test with
$user = new \ElggUser();
$user->username = '******' . rand();
$user->email = '*****@*****.**' . rand();
$user->name = 'fake user';
$user->access_id = ACCESS_PUBLIC;
$user->setPassword(rand());
$user->owner_guid = 0;
$user->container_guid = 0;
$user->save();
$acl_id = create_access_collection('test acl');
$member_lists = array(array($this->user->guid, $user->guid), array($user->guid), array($this->user->guid), array());
foreach ($member_lists as $members) {
$result = update_access_collection($acl_id, $members);
$this->assertTrue($result);
if ($result) {
$q = "SELECT * FROM {$this->dbPrefix}access_collection_membership\n\t\t\t\t\tWHERE access_collection_id = {$acl_id}";
$data = get_data($q);
if (count($members) == 0) {
$this->assertFalse($data);
} else {
$this->assertEqual(count($members), count($data));
}
foreach ($data as $row) {
$this->assertTrue(in_array($row->user_guid, $members));
}
}
}
delete_access_collection($acl_id);
$user->delete();
}
/**
* Creates a new access collection and adds members
*
* @param string $name Name of the collection
* @param array $members Members to add to the collection
* @return int ID of the created collection
*/
public function createCollection($name, $members = array())
{
$site = elgg_get_site_entity();
$acl_id = create_access_collection($name, $site->guid);
if (!empty($members)) {
update_access_collection($acl_id, $members);
}
return $acl_id;
}
<?php
/**
* Friends collection edit action
*
* @package Elgg.Core
* @subpackage Friends.Collections
*/
$collection_id = get_input('collection_id');
$friends = get_input('friend');
// check it exists and we can edit
if (!can_edit_access_collection($collection_id)) {
system_message(elgg_echo('friends:collection:edit_failed'));
}
if (update_access_collection($collection_id, $friends)) {
system_message(elgg_echo('friends:collections:edited'));
} else {
system_message(elgg_echo('friends:collection:edit_failed'));
}
forward(REFERER);
<?php
/**
* Elgg collection add page
*
* @package Elgg.Core
* @subpackage Friends.Collections
*/
$collection_name = htmlspecialchars(get_input('collection_name', '', false), ENT_QUOTES, 'UTF-8');
$friends = get_input('friends_collection');
if (!$collection_name) {
register_error(elgg_echo("friends:nocollectionname"));
forward(REFERER);
}
$id = create_access_collection($collection_name);
if ($id) {
$result = update_access_collection($id, $friends);
if ($result) {
system_message(elgg_echo("friends:collectionadded"));
forward("collections/owner/" . elgg_get_logged_in_user_entity()->username);
} else {
register_error(elgg_echo("friends:nocollectionname"));
forward(REFERER);
}
} else {
register_error(elgg_echo("friends:nocollectionname"));
forward(REFERER);
}
<?php
set_time_limit(0);
$rel_member = $rel_invited = $rel_membership_request = 0;
$member_count_max = (int) get_input('max');
$groups = new ElggBatch('elgg_get_entities_from_metadata', array('types' => 'group', 'metadata_names' => '__faker', 'limit' => 0));
foreach ($groups as $group) {
remove_entity_relationships($group->guid, 'member', true);
remove_entity_relationships($group->guid, 'membership_request', true);
remove_entity_relationships($group->guid, 'invited');
update_access_collection($group->group_acl, array($group->owner_guid));
$group->join(get_entity($group->owner_guid));
$members_count = rand(1, $member_count_max);
$members = elgg_get_entities_from_metadata(array('types' => 'user', 'limit' => $members_count, 'order_by' => 'RAND()', 'metadata_names' => '__faker'));
foreach ($members as $member) {
if ($group->join($member)) {
$rel_member++;
}
}
if (!$group->isPublicMembership()) {
$invites_count = rand(1, $member_count_max);
$invitees = elgg_get_entities_from_metadata(array('types' => 'user', 'limit' => $invites_count, 'order_by' => 'RAND()', 'metadata_names' => '__faker'));
foreach ($invitees as $invitee) {
if (!check_entity_relationship($invitee->guid, 'member', $group->guid)) {
if (add_entity_relationship($group->guid, 'invited', $invitee->guid)) {
$rel_invited++;
}
}
}
$requests_count = rand(1, $member_count_max);
$requestors = elgg_get_entities_from_metadata(array('types' => 'user', 'limit' => $requests_count, 'order_by' => 'RAND()', 'metadata_names' => '__faker'));
/**
* Send a message to specified recipients
*
* @param int $sender_guid GUID of the sender entity
* @param array $recipient_guids An array of recipient GUIDs
* @param str $subject Subject of the message
* @param str $message Body of the message
* @param str $message_type Type of the message
* @param array $params Additional parameters, e.g. 'message_hash', 'attachments'
* @return boolean
*/
function hj_inbox_send_message($sender_guid, $recipient_guids, $subject = '', $message = '', $message_type = '', array $params = array())
{
$ia = elgg_set_ignore_access();
if (!is_array($recipient_guids)) {
$recipient_guids = array($recipient_guids);
}
if (isset($params['message_hash'])) {
$message_hash = elgg_extract('message_hash', $params);
}
if (isset($params['attachments'])) {
$attachments = elgg_extract('attachments', $params);
}
$user_guids = $recipient_guids;
$user_guids[] = $sender_guid;
sort($user_guids);
if (!$message_hash) {
$title = strtolower($subject);
$title = trim(str_replace('re:', '', $title));
$message_hash = sha1(implode(':', $user_guids) . $title);
}
$acl_hash = sha1(implode(':', $user_guids));
$dbprefix = elgg_get_config('dbprefix');
$query = "SELECT * FROM {$dbprefix}access_collections WHERE name = '{$acl_hash}'";
$collection = get_data_row($query);
//error_log(print_r($collection, true));
$acl_id = $collection->id;
if (!$acl_id) {
$site = elgg_get_site_entity();
$acl_id = create_access_collection($acl_hash, $site->guid);
update_access_collection($acl_id, $user_guids);
}
//error_log($acl_id);
$message_sent = new ElggObject();
$message_sent->subtype = "messages";
$message_sent->owner_guid = $sender_guid;
$message_sent->container_guid = $sender_guid;
$message_sent->access_id = ACCESS_PRIVATE;
$message_sent->title = $subject;
$message_sent->description = $message;
$message_sent->toId = $recipient_guids;
// the users receiving the message
$message_sent->fromId = $sender_guid;
// the user sending the message
$message_sent->readYet = 1;
// this is a toggle between 0 / 1 (1 = read)
$message_sent->hiddenFrom = 0;
// this is used when a user deletes a message in their sentbox, it is a flag
$message_sent->hiddenTo = 0;
// this is used when a user deletes a message in their inbox
$message_sent->msg = 1;
$message_sent->msgType = $message_type;
$message_sent->msgHash = $message_hash;
$message_sent->save();
if ($attachments) {
$count = count($attachments['name']);
for ($i = 0; $i < $count; $i++) {
if ($attachments['error'][$i] || !$attachments['name'][$i]) {
continue;
}
$name = $attachments['name'][$i];
$file = new ElggFile();
$file->container_guid = $message_sent->guid;
$file->title = $name;
$file->access_id = (int) $acl_id;
$prefix = "file/";
$filestorename = elgg_strtolower(time() . $name);
$file->setFilename($prefix . $filestorename);
$file->open("write");
$file->close();
move_uploaded_file($attachments['tmp_name'][$i], $file->getFilenameOnFilestore());
$saved = $file->save();
if ($saved) {
$mime_type = ElggFile::detectMimeType($attachments['tmp_name'][$i], $attachments['type'][$i]);
$info = pathinfo($name);
$office_formats = array('docx', 'xlsx', 'pptx');
if ($mime_type == "application/zip" && in_array($info['extension'], $office_formats)) {
switch ($info['extension']) {
case 'docx':
$mime_type = "application/vnd.openxmlformats-officedocument.wordprocessingml.document";
break;
case 'xlsx':
$mime_type = "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet";
break;
case 'pptx':
$mime_type = "application/vnd.openxmlformats-officedocument.presentationml.presentation";
break;
}
}
// check for bad ppt detection
if ($mime_type == "application/vnd.ms-office" && $info['extension'] == "ppt") {
$mime_type = "application/vnd.ms-powerpoint";
}
$file->msgHash = $message_hash;
$file->toId = $recipient_guids;
$file->fromId = $sender_guid;
$file->setMimeType($mime_type);
$file->originalfilename = $name;
if (elgg_is_active_plugin('file')) {
$file->simpletype = file_get_simple_type($mime_type);
}
$file->save();
$guid = $file->getGUID();
$uploaded_attachments[] = $guid;
$attachment_urls .= '<div class="inbox-attachment">' . elgg_view('output/url', array('href' => "messages/download/{$guid}", 'text' => $file->title, 'is_trusted' => true)) . '</div>';
if ($file->simpletype == "image") {
$file->icontime = time();
$thumbnail = get_resized_image_from_existing_file($file->getFilenameOnFilestore(), 60, 60, true);
if ($thumbnail) {
$thumb = new ElggFile();
$thumb->setMimeType($attachments['type'][$i]);
$thumb->setFilename($prefix . "thumb" . $filestorename);
$thumb->open("write");
$thumb->write($thumbnail);
$thumb->close();
$file->thumbnail = $prefix . "thumb" . $filestorename;
unset($thumbnail);
}
$thumbsmall = get_resized_image_from_existing_file($file->getFilenameOnFilestore(), 153, 153, true);
if ($thumbsmall) {
$thumb->setFilename($prefix . "smallthumb" . $filestorename);
$thumb->open("write");
$thumb->write($thumbsmall);
$thumb->close();
$file->smallthumb = $prefix . "smallthumb" . $filestorename;
unset($thumbsmall);
}
$thumblarge = get_resized_image_from_existing_file($file->getFilenameOnFilestore(), 600, 600, false);
if ($thumblarge) {
$thumb->setFilename($prefix . "largethumb" . $filestorename);
$thumb->open("write");
$thumb->write($thumblarge);
$thumb->close();
$file->largethumb = $prefix . "largethumb" . $filestorename;
unset($thumblarge);
}
}
}
}
}
$success = $error = 0;
foreach ($recipient_guids as $recipient_guid) {
$message_to = new ElggObject();
$message_to->subtype = "messages";
$message_to->owner_guid = $recipient_guid;
$message_to->container_guid = $recipient_guid;
$message_to->access_id = ACCESS_PRIVATE;
$message_to->title = $subject;
$message_to->description = $message;
$message_to->toId = $recipient_guids;
// the users receiving the message
$message_to->fromId = $sender_guid;
// the user sending the message
$message_to->readYet = 0;
// this is a toggle between 0 / 1 (1 = read)
$message_to->hiddenFrom = 0;
// this is used when a user deletes a message in their sentbox, it is a flag
$message_to->hiddenTo = 0;
// this is used when a user deletes a message in their inbox
$message_to->msg = 1;
$message_to->msgType = $message_type;
$message_to->msgHash = $message_hash;
if ($message_to->save()) {
$success++;
// Make attachments
if ($uploaded_attachments) {
foreach ($uploaded_attachments as $attachment_guid) {
make_attachment($message_to->guid, $attachment_guid);
}
}
// Send out notifications skipping 'site' notification handler
if ($recipient_guid != $sender_guid) {
$methods = (array) get_user_notification_settings($recipient_guid);
unset($methods['site']);
if (count($methods)) {
$recipient = get_user($recipient_guid);
$sender = get_user($sender_guid);
$notification_subject = elgg_echo('messages:email:subject');
$notification_message = strip_tags($message);
if ($uploaded_attachments) {
$notification_message .= elgg_view_module('inbox-attachments', elgg_echo('messages:attachments'), $attachment_urls);
}
$notification_body = elgg_echo('messages:email:body', array($sender->name, $notification_message, elgg_get_site_url() . "messages/inbox/{$recipient->username}?message_type={$message_type}", $sender->name, elgg_get_site_url() . "messages/thread/{$message_hash}"));
notify_user($recipient_guid, $sender_guid, $notification_subject, $notification_body, null, $methods);
}
}
} else {
$error++;
}
}
if ($success > 0) {
// Make attachments
if ($uploaded_attachments) {
foreach ($uploaded_attachments as $attachment_guid) {
make_attachment($message_sent->guid, $attachment_guid);
}
}
$return = true;
} else {
$message_sent->delete();
$return = false;
}
elgg_set_ignore_access($ia);
return $return;
}
// Wall post access id is set to private, which means it should be visible only to the poster and tagged users
// Creating a new ACL for that
if ($access_id == ACCESS_PRIVATE && count($friend_guids)) {
$user_guids = array($poster->guid, $container->guid);
$user_guids = array_merge($user_guids, $friend_guids);
$user_guids = array_unique($user_guids);
sort($user_guids);
$acl_hash = sha1(implode(':', $user_guids));
$dbprefix = elgg_get_config('dbprefix');
$query = "SELECT * FROM {$dbprefix}access_collections WHERE name = '{$acl_hash}'";
$collection = get_data_row($query);
$acl_id = $collection->id;
if (!$acl_id) {
$site = elgg_get_site_entity();
$acl_id = create_access_collection($acl_hash, $site->guid);
update_access_collection($acl_id, $user_guids);
}
$wall_post->access_id = $acl_id;
$wall_post->save();
}
$extractor = Extractor::extract($status);
if (count($extractor->hashtags)) {
$wall_post->tags = $extractor->hashtags;
}
if (count($extractor->usernames)) {
foreach ($extractor->usernames as $username) {
$user = get_user_by_username($username);
if (elgg_instanceof($user) && !in_array($user->guid, $friend_guids)) {
$friend_guids[] = $user->guid;
}
}