function get_access_array($user_id, $site_id, $flush)
{
global $CONFIG, $init_finished;
$cache = _elgg_get_access_cache();
if ($flush) {
$cache->clear();
}
if ($user_id == 0) {
$user_id = elgg_get_logged_in_user_guid();
}
if ($site_id == 0 && isset($CONFIG->site_guid)) {
$site_id = $CONFIG->site_guid;
}
$user_id = (int) $user_id;
$site_id = (int) $site_id;
$hash = $user_id . $site_id . 'get_access_array';
if ($cache[$hash]) {
$access_array = $cache[$hash];
} else {
$access_array = array(ACCESS_PUBLIC);
// The following can only return sensible data if the user is logged in. - @Matt - nope!
if ($user_id) {
$access_array[] = ACCESS_LOGGED_IN;
// Get ACL memberships
$query = "SELECT am.access_collection_id" . " FROM {$CONFIG->dbprefix}access_collection_membership am" . " LEFT JOIN {$CONFIG->dbprefix}access_collections ag ON ag.id = am.access_collection_id" . " WHERE am.user_guid = {$user_id} AND (ag.site_guid = {$site_id} OR ag.site_guid = 0)";
$collections = get_data($query);
if ($collections) {
foreach ($collections as $collection) {
if (!empty($collection->access_collection_id)) {
$access_array[] = (int) $collection->access_collection_id;
}
}
}
// Get ACLs owned.
$query = "SELECT ag.id FROM {$CONFIG->dbprefix}access_collections ag ";
$query .= "WHERE ag.owner_guid = {$user_id} AND (ag.site_guid = {$site_id} OR ag.site_guid = 0)";
$collections = get_data($query);
if ($collections) {
foreach ($collections as $collection) {
if (!empty($collection->id)) {
$access_array[] = (int) $collection->id;
}
}
}
$ignore_access = elgg_check_access_overrides($user_id);
if ($ignore_access == true) {
$access_array[] = ACCESS_PRIVATE;
}
}
if ($init_finished) {
$cache[$hash] = $access_array;
}
}
$options = array('user_id' => $user_id, 'site_id' => $site_id);
return elgg_trigger_plugin_hook('access:collections:read', 'user', $options, $access_array);
}
/**
* Set if entity access system should be ignored.
*
* The access system will not return entities in any getter
* functions if the user doesn't have access.
*
* @internal For performance reasons this is done at the database access clause level.
*
* @tip Use this to access entities in automated scripts
* when no user is logged in.
*
* @note This clears the access cache.
*
* @warning This will not show disabled entities.
* Use {@link access_show_hidden_entities()} to access disabled entities.
*
* @param bool $ignore If true, disables all access checks.
*
* @return bool Previous ignore_access setting.
* @since 1.7.0
* @see http://docs.elgg.org/Access/IgnoreAccess
* @see elgg_get_ignore_access()
*/
function elgg_set_ignore_access($ignore = true)
{
$cache = _elgg_get_access_cache();
$cache->clear();
$elgg_access = elgg_get_access_object();
return $elgg_access->setIgnoreAccess($ignore);
}
public function testAccessCaching()
{
// create a new user to check against
$user = new ElggUser();
$user->username = '******';
$user->save();
foreach (array('get_access_list', 'get_access_array') as $func) {
$cache = _elgg_get_access_cache();
$cache->clear();
// admin users run tests, so disable access
elgg_set_ignore_access(true);
$access = $func($user->getGUID());
elgg_set_ignore_access(false);
$access2 = $func($user->getGUID());
$this->assertNotEqual($access, $access2, "Access test for {$func}");
}
$user->delete();
}
/**
* Returns an array of access permissions that the user is allowed to save content with.
* Permissions returned are of the form (id => 'name').
*
* Example return value in English:
* array(
* 0 => 'Private',
* -2 => 'Friends',
* 1 => 'Logged in users',
* 2 => 'Public',
* 34 => 'My favorite friends',
* );
*
* Plugin hook of 'access:collections:write', 'user'
*
* @warning this only returns access collections that the user owns plus the
* standard access levels. It does not return access collections that the user
* belongs to such as the access collection for a group.
*
* @param int $user_guid The user's GUID.
* @param int $site_guid The current site.
* @param bool $flush If this is set to true, this will ignore a cached access array
*
* @return array List of access permissions
*/
function get_write_access_array($user_guid = 0, $site_guid = 0, $flush = false)
{
global $CONFIG, $init_finished;
$cache = _elgg_get_access_cache();
if ($flush) {
$cache->clear();
}
if ($user_guid == 0) {
$user_guid = elgg_get_logged_in_user_guid();
}
if ($site_guid == 0 && isset($CONFIG->site_id)) {
$site_guid = $CONFIG->site_id;
}
$user_guid = (int) $user_guid;
$site_guid = (int) $site_guid;
$hash = $user_guid . $site_guid . 'get_write_access_array';
if ($cache[$hash]) {
$access_array = $cache[$hash];
} else {
// @todo is there such a thing as public write access?
$access_array = array(ACCESS_PRIVATE => elgg_echo("PRIVATE"), ACCESS_FRIENDS => elgg_echo("access:friends:label"), ACCESS_LOGGED_IN => elgg_echo("LOGGED_IN"), ACCESS_PUBLIC => elgg_echo("PUBLIC"));
$query = "SELECT ag.* FROM {$CONFIG->dbprefix}access_collections ag ";
$query .= " WHERE (ag.site_guid = {$site_guid} OR ag.site_guid = 0)";
$query .= " AND (ag.owner_guid = {$user_guid})";
$collections = get_data($query);
if ($collections) {
foreach ($collections as $collection) {
$access_array[$collection->id] = $collection->name;
}
}
if ($init_finished) {
$cache[$hash] = $access_array;
}
}
$options = array('user_id' => $user_guid, 'site_id' => $site_guid);
return elgg_trigger_plugin_hook('access:collections:write', 'user', $options, $access_array);
}
