/** * Returns if $user_guid can edit the metadata on $entity_guid. * * @tip Can be overridden by by registering for the permissions_check:metadata * plugin hook. * * @warning If a $user_guid isn't specified, the currently logged in user is used. * * @param int $entity_guid The GUID of the entity * @param int $user_guid The GUID of the user * @param ElggMetadata $metadata The metadata to specifically check (if any; default null) * * @return bool * @see elgg_register_plugin_hook_handler() */ function can_edit_entity_metadata($entity_guid, $user_guid = 0, $metadata = null) { if ($entity = get_entity($entity_guid)) { $return = null; if ($metadata->owner_guid == 0) { $return = true; } if (is_null($return)) { $return = can_edit_entity($entity_guid, $user_guid); } if ($user_guid) { $user = get_entity($user_guid); } else { $user = elgg_get_logged_in_user_entity(); } $params = array('entity' => $entity, 'user' => $user, 'metadata' => $metadata); $return = elgg_trigger_plugin_hook('permissions_check:metadata', $entity->type, $params, $return); return $return; } else { return false; } }
/** * Can a user edit this entity. * * @param int $user_guid The user GUID, optionally (default: logged in user) * * @return bool */ function canEdit($user_guid = 0) { return can_edit_entity($this->getGUID(), $user_guid); }
/** * Determines whether or not the specified user can edit the specified piece of extender * * @param int $extender_id The ID of the piece of extender * @param string $type 'metadata' or 'annotation' * @param int $user_guid The GUID of the user * * @return bool */ function can_edit_extender($extender_id, $type, $user_guid = 0) { // @todo Since Elgg 1.0, Elgg has returned false from can_edit_extender() // if no user was logged in. This breaks the access override. This is a // temporary work around. This function needs to be rewritten in Elgg 1.9 if (!elgg_check_access_overrides($user_guid)) { if (!elgg_is_logged_in()) { return false; } } $user_guid = (int) $user_guid; $user = get_user($user_guid); if (!$user) { $user = elgg_get_logged_in_user_entity(); $user_guid = elgg_get_logged_in_user_guid(); } $functionname = "elgg_get_{$type}_from_id"; if (is_callable($functionname)) { $extender = call_user_func($functionname, $extender_id); } else { return false; } if (!$extender instanceof ElggExtender) { return false; } /* @var ElggExtender $extender */ // If the owner is the specified user, great! They can edit. if ($extender->getOwnerGUID() == $user_guid) { return true; } // If the user can edit the entity this is attached to, great! They can edit. if (can_edit_entity($extender->entity_guid, $user_guid)) { return true; } // Trigger plugin hook - note that $user may be null $params = array('entity' => $extender->getEntity(), 'user' => $user); return elgg_trigger_plugin_hook('permissions_check', $type, $params, false); }
/** * Determines whether or not the specified user can edit the specified piece of extender * * @param int $extender_id The ID of the piece of extender * @param string $type 'metadata' or 'annotation' * @param int $user_guid The GUID of the user * * @return true|false */ function can_edit_extender($extender_id, $type, $user_guid = 0) { if (!elgg_is_logged_in()) { return false; } $user_guid = (int) $user_guid; $user = get_entity($user_guid); if (!$user) { $user = elgg_get_logged_in_user_entity(); } $functionname = "elgg_get_{$type}_from_id"; if (is_callable($functionname)) { $extender = $functionname($extender_id); } else { return false; } if (!is_a($extender, "ElggExtender")) { return false; } // If the owner is the specified user, great! They can edit. if ($extender->getOwnerGUID() == $user->getGUID()) { return true; } // If the user can edit the entity this is attached to, great! They can edit. if (can_edit_entity($extender->entity_guid, $user->getGUID())) { return true; } // Trigger plugin hooks $params = array('entity' => $entity, 'user' => $user); return elgg_trigger_plugin_hook('permissions_check', $type, $params, false); }