Exemple #1
0
 public function createACL()
 {
     $result = false;
     $name = "subsite_acl_" . $this->guid;
     if ($acl = create_access_collection($name, $this->owner_guid, $this->owner_guid)) {
         if ($this->setPrivateSetting("subsite_acl", $acl)) {
             $result = $acl;
         }
     }
     return $result;
 }
Exemple #2
0
function au_subgroups_fix_acls_20121024a($result, $getter, $options)
{
    if ($result->group_acl === NULL) {
        // group has no acl... create it and add all the members
        $ac_name = elgg_echo('groups:group') . ": " . $result->name;
        $group_acl = create_access_collection($ac_name, $result->guid);
        $result->group_acl = $group_acl;
        // now add all members of the group to the acl
        $members = $result->getMembers(0, 0, false);
        if (is_array($members) && count($members)) {
            foreach ($members as $member) {
                add_user_to_access_collection($member->guid, $group_acl);
            }
        }
    }
}
Exemple #3
0
function build_acl_from_guids($guids)
{
    $site = elgg_get_site_entity();
    $token = get_token_from_guids($guids);
    $ia = elgg_set_ignore_access(true);
    $granular_access = new ElggObject();
    $granular_access->subtype = 'granular_access';
    $granular_access->access_id = ACCESS_PUBLIC;
    $granular_access->owner_guid = $site->guid;
    $granular_access->container_guid = $site->guid;
    $granular_access->token = $token;
    $granular_access->access_list = $guids;
    $guid = $granular_access->save();
    if (!$guid) {
        elgg_set_ignore_access($ia);
        return false;
    }
    // check, if this is a single group, lets use the acl from that
    if (count($guids) == 1) {
        $entity = get_entity($guids[0]);
        if (elgg_instanceof($entity, 'group') && $entity->group_acl) {
            $granular_access->acl_id = $entity->group_acl;
            $granular_access->single_group = 1;
            // flag for use later to tell that this is using groups default acl
            // no need to populate
            elgg_set_ignore_access($ia);
            return $entity->group_acl;
        }
    }
    $id = create_access_collection('granular_access:' . $token, $site->guid);
    $granular_access->acl_id = $id;
    elgg_set_ignore_access($ia);
    // actually populating the acl can take a long time, so we save that for vroom
    // make it happen on the shutdown event
    // add our guid to a list to populate
    register_new_granular_access($guid);
    if (!$GLOBALS['shutdown_flag']) {
        // unregister first so we don't end up with multiple firings of the event
        elgg_unregister_event_handler('shutdown', 'system', __NAMESPACE__ . '\\populate_acls');
        elgg_register_event_handler('shutdown', 'system', __NAMESPACE__ . '\\populate_acls');
    } else {
        populate_acls();
    }
    return $id;
}
Exemple #4
0
 /**
  * Creates a new access collection and adds members
  *
  * @param string $name    Name of the collection
  * @param array  $members Members to add to the collection
  * @return int ID of the created collection
  */
 public function createCollection($name, $members = array())
 {
     $site = elgg_get_site_entity();
     $acl_id = create_access_collection($name, $site->guid);
     if (!empty($members)) {
         update_access_collection($acl_id, $members);
     }
     return $acl_id;
 }
 public function testCanEditACLHook()
 {
     // if only we supported closures!
     global $acl_test_info;
     $acl_id = create_access_collection('test acl');
     $acl_test_info = array('acl_id' => $acl_id, 'user' => $this->user);
     function test_acl_access_hook($hook, $type, $value, $params)
     {
         global $acl_test_info;
         if ($params['user_id'] == $acl_test_info['user']->guid) {
             $acl = get_access_collection($acl_test_info['acl_id']);
             $value[$acl->id] = $acl->name;
         }
         return $value;
     }
     elgg_register_plugin_hook_handler('access:collections:write', 'all', 'test_acl_access_hook');
     // enable security since we usually run as admin
     $ia = elgg_set_ignore_access(false);
     $result = can_edit_access_collection($acl_id, $this->user->guid);
     $this->assertTrue($result);
     $ia = elgg_set_ignore_access($ia);
     elgg_unregister_plugin_hook_handler('access:collections:write', 'all', 'test_acl_access_hook');
     delete_access_collection($acl_id);
 }
Exemple #6
0
<?php

/**
 * Change ownership of group ACLs to group entity
 */
elgg_set_ignore_access(TRUE);
$params = array('type' => 'group', 'limit' => 0);
$groups = elgg_get_entities($params);
if ($groups) {
    foreach ($groups as $group) {
        $acl = $group->group_acl;
        try {
            $query = "UPDATE {$CONFIG->dbprefix}access_collections\n\t\t\t\tSET owner_guid = {$group->guid} WHERE id = {$acl}";
            update_data($query);
        } catch (Exception $e) {
            // no acl so create one
            $ac_name = elgg_echo('groups:group') . ": " . $group->name;
            $group_acl = create_access_collection($ac_name, $group->guid);
            if ($group_acl) {
                create_metadata($group->guid, 'group_acl', $group_acl, 'integer', $group->owner_guid);
                $object->group_acl = $group_id;
            }
        }
    }
}
elgg_set_ignore_access(FALSE);
<?php

/**
 * Elgg collection add page
 *
 * @package Elgg.Core
 * @subpackage Friends.Collections
 */
$collection_name = htmlspecialchars(get_input('collection_name', '', false), ENT_QUOTES, 'UTF-8');
$friends = get_input('friends_collection');
if (!$collection_name) {
    register_error(elgg_echo("friends:nocollectionname"));
    forward(REFERER);
}
$id = create_access_collection($collection_name);
if ($id) {
    $result = update_access_collection($id, $friends);
    if ($result) {
        system_message(elgg_echo("friends:collectionadded"));
        forward("collections/owner/" . elgg_get_logged_in_user_entity()->username);
    } else {
        register_error(elgg_echo("friends:nocollectionname"));
        forward(REFERER);
    }
} else {
    register_error(elgg_echo("friends:nocollectionname"));
    forward(REFERER);
}
Exemple #8
0
/**
 * Retrieve the workflow access collection controlling access
 * of the workflow entities.
 *
 * @return int $ac_id the access id
 */
function questions_get_workflow_access_collection()
{
    $site = elgg_get_site_entity();
    $aclGuid = $site->getPrivateSetting('workflow_acl');
    if (!$aclGuid) {
        $aclGuid = create_access_collection("Workflow " . $site->name, $site->guid);
        $site->setPrivateSetting('workflow_acl', $aclGuid);
    }
    return $aclGuid;
}
Exemple #9
0
/**
 * Groups created so create an access list for it
 */
function groups_create_event_listener($event, $object_type, $object)
{
    $ac_name = elgg_echo('groups:group') . ": " . $object->name;
    $ac_id = create_access_collection($ac_name, $object->guid);
    if ($ac_id) {
        $object->group_acl = $ac_id;
    } else {
        // delete group if access creation fails
        return false;
    }
    return true;
}
<?php

/**
* create access collections for existing groups
*
*/
$access = elgg_get_ignore_access();
elgg_set_ignore_access(true);
//get all groups
$groups = elgg_get_entities(array('type' => 'group', 'order_by' => 'e.guid desc', 'limit' => 1000, 'full_view' => false));
foreach ($groups as $group) {
    //create access collection
    $ac_admin_name = elgg_echo('groups:group') . ":admin: " . $group->name;
    $group_admin_id = create_access_collection($ac_admin_name, $group->guid);
    //give group an admin_acl
    $group->group_admin_acl = $group_admin_id;
    if ($group->save()) {
        //add group owner to access collection
        add_user_to_access_collection($group->owner_guid, $group->group_admin_acl);
        //add group admins to access collection
        //get group admins
        $admins = elgg_get_entities_from_relationship(array('relationship' => 'group_admin', 'relationship_guid' => $group->guid, 'inverse_relationship' => true, 'limit' => 30));
        foreach ($admins as $admin) {
            add_user_to_access_collection($admin->guid, $group->group_admin_acl);
        }
    }
}
elgg_set_ignore_access($access);
Exemple #11
0
/**
 * dgroups created, so add users to access lists.
 */
function dgroups_create_event_listener($event, $object_type, $object)
{
    //if (($event == 'create') && ($object_type == 'dgroup') && ($object instanceof ElggGroup))
    //{
    $dgroup_subtype = get_subtype_id('group', 'dgroup');
    //error_log("obj subtype: " . $object->subtype);
    if ($object->subtype != $dgroup_subtype) {
        return true;
    }
    $dgroup_id = create_access_collection(elgg_echo('dgroups:dgroup') . ": " . $object->name);
    if ($dgroup_id) {
        $object->dgroup_acl = $dgroup_id;
    } else {
        return false;
    }
    //}
    return true;
}
Exemple #12
0
/**
 * Send a message to specified recipients
 *
 * @param int $sender_guid GUID of the sender entity
 * @param array $recipient_guids An array of recipient GUIDs
 * @param str $subject Subject of the message
 * @param str $message Body of the message
 * @param str $message_type Type of the message
 * @param array $params Additional parameters, e.g. 'message_hash', 'attachments'
 * @return boolean
 */
function hj_inbox_send_message($sender_guid, $recipient_guids, $subject = '', $message = '', $message_type = '', array $params = array())
{
    $ia = elgg_set_ignore_access();
    if (!is_array($recipient_guids)) {
        $recipient_guids = array($recipient_guids);
    }
    if (isset($params['message_hash'])) {
        $message_hash = elgg_extract('message_hash', $params);
    }
    if (isset($params['attachments'])) {
        $attachments = elgg_extract('attachments', $params);
    }
    $user_guids = $recipient_guids;
    $user_guids[] = $sender_guid;
    sort($user_guids);
    if (!$message_hash) {
        $title = strtolower($subject);
        $title = trim(str_replace('re:', '', $title));
        $message_hash = sha1(implode(':', $user_guids) . $title);
    }
    $acl_hash = sha1(implode(':', $user_guids));
    $dbprefix = elgg_get_config('dbprefix');
    $query = "SELECT * FROM {$dbprefix}access_collections WHERE name = '{$acl_hash}'";
    $collection = get_data_row($query);
    //error_log(print_r($collection, true));
    $acl_id = $collection->id;
    if (!$acl_id) {
        $site = elgg_get_site_entity();
        $acl_id = create_access_collection($acl_hash, $site->guid);
        update_access_collection($acl_id, $user_guids);
    }
    //error_log($acl_id);
    $message_sent = new ElggObject();
    $message_sent->subtype = "messages";
    $message_sent->owner_guid = $sender_guid;
    $message_sent->container_guid = $sender_guid;
    $message_sent->access_id = ACCESS_PRIVATE;
    $message_sent->title = $subject;
    $message_sent->description = $message;
    $message_sent->toId = $recipient_guids;
    // the users receiving the message
    $message_sent->fromId = $sender_guid;
    // the user sending the message
    $message_sent->readYet = 1;
    // this is a toggle between 0 / 1 (1 = read)
    $message_sent->hiddenFrom = 0;
    // this is used when a user deletes a message in their sentbox, it is a flag
    $message_sent->hiddenTo = 0;
    // this is used when a user deletes a message in their inbox
    $message_sent->msg = 1;
    $message_sent->msgType = $message_type;
    $message_sent->msgHash = $message_hash;
    $message_sent->save();
    if ($attachments) {
        $count = count($attachments['name']);
        for ($i = 0; $i < $count; $i++) {
            if ($attachments['error'][$i] || !$attachments['name'][$i]) {
                continue;
            }
            $name = $attachments['name'][$i];
            $file = new ElggFile();
            $file->container_guid = $message_sent->guid;
            $file->title = $name;
            $file->access_id = (int) $acl_id;
            $prefix = "file/";
            $filestorename = elgg_strtolower(time() . $name);
            $file->setFilename($prefix . $filestorename);
            $file->open("write");
            $file->close();
            move_uploaded_file($attachments['tmp_name'][$i], $file->getFilenameOnFilestore());
            $saved = $file->save();
            if ($saved) {
                $mime_type = ElggFile::detectMimeType($attachments['tmp_name'][$i], $attachments['type'][$i]);
                $info = pathinfo($name);
                $office_formats = array('docx', 'xlsx', 'pptx');
                if ($mime_type == "application/zip" && in_array($info['extension'], $office_formats)) {
                    switch ($info['extension']) {
                        case 'docx':
                            $mime_type = "application/vnd.openxmlformats-officedocument.wordprocessingml.document";
                            break;
                        case 'xlsx':
                            $mime_type = "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet";
                            break;
                        case 'pptx':
                            $mime_type = "application/vnd.openxmlformats-officedocument.presentationml.presentation";
                            break;
                    }
                }
                // check for bad ppt detection
                if ($mime_type == "application/vnd.ms-office" && $info['extension'] == "ppt") {
                    $mime_type = "application/vnd.ms-powerpoint";
                }
                $file->msgHash = $message_hash;
                $file->toId = $recipient_guids;
                $file->fromId = $sender_guid;
                $file->setMimeType($mime_type);
                $file->originalfilename = $name;
                if (elgg_is_active_plugin('file')) {
                    $file->simpletype = file_get_simple_type($mime_type);
                }
                $file->save();
                $guid = $file->getGUID();
                $uploaded_attachments[] = $guid;
                $attachment_urls .= '<div class="inbox-attachment">' . elgg_view('output/url', array('href' => "messages/download/{$guid}", 'text' => $file->title, 'is_trusted' => true)) . '</div>';
                if ($file->simpletype == "image") {
                    $file->icontime = time();
                    $thumbnail = get_resized_image_from_existing_file($file->getFilenameOnFilestore(), 60, 60, true);
                    if ($thumbnail) {
                        $thumb = new ElggFile();
                        $thumb->setMimeType($attachments['type'][$i]);
                        $thumb->setFilename($prefix . "thumb" . $filestorename);
                        $thumb->open("write");
                        $thumb->write($thumbnail);
                        $thumb->close();
                        $file->thumbnail = $prefix . "thumb" . $filestorename;
                        unset($thumbnail);
                    }
                    $thumbsmall = get_resized_image_from_existing_file($file->getFilenameOnFilestore(), 153, 153, true);
                    if ($thumbsmall) {
                        $thumb->setFilename($prefix . "smallthumb" . $filestorename);
                        $thumb->open("write");
                        $thumb->write($thumbsmall);
                        $thumb->close();
                        $file->smallthumb = $prefix . "smallthumb" . $filestorename;
                        unset($thumbsmall);
                    }
                    $thumblarge = get_resized_image_from_existing_file($file->getFilenameOnFilestore(), 600, 600, false);
                    if ($thumblarge) {
                        $thumb->setFilename($prefix . "largethumb" . $filestorename);
                        $thumb->open("write");
                        $thumb->write($thumblarge);
                        $thumb->close();
                        $file->largethumb = $prefix . "largethumb" . $filestorename;
                        unset($thumblarge);
                    }
                }
            }
        }
    }
    $success = $error = 0;
    foreach ($recipient_guids as $recipient_guid) {
        $message_to = new ElggObject();
        $message_to->subtype = "messages";
        $message_to->owner_guid = $recipient_guid;
        $message_to->container_guid = $recipient_guid;
        $message_to->access_id = ACCESS_PRIVATE;
        $message_to->title = $subject;
        $message_to->description = $message;
        $message_to->toId = $recipient_guids;
        // the users receiving the message
        $message_to->fromId = $sender_guid;
        // the user sending the message
        $message_to->readYet = 0;
        // this is a toggle between 0 / 1 (1 = read)
        $message_to->hiddenFrom = 0;
        // this is used when a user deletes a message in their sentbox, it is a flag
        $message_to->hiddenTo = 0;
        // this is used when a user deletes a message in their inbox
        $message_to->msg = 1;
        $message_to->msgType = $message_type;
        $message_to->msgHash = $message_hash;
        if ($message_to->save()) {
            $success++;
            // Make attachments
            if ($uploaded_attachments) {
                foreach ($uploaded_attachments as $attachment_guid) {
                    make_attachment($message_to->guid, $attachment_guid);
                }
            }
            // Send out notifications skipping 'site' notification handler
            if ($recipient_guid != $sender_guid) {
                $methods = (array) get_user_notification_settings($recipient_guid);
                unset($methods['site']);
                if (count($methods)) {
                    $recipient = get_user($recipient_guid);
                    $sender = get_user($sender_guid);
                    $notification_subject = elgg_echo('messages:email:subject');
                    $notification_message = strip_tags($message);
                    if ($uploaded_attachments) {
                        $notification_message .= elgg_view_module('inbox-attachments', elgg_echo('messages:attachments'), $attachment_urls);
                    }
                    $notification_body = elgg_echo('messages:email:body', array($sender->name, $notification_message, elgg_get_site_url() . "messages/inbox/{$recipient->username}?message_type={$message_type}", $sender->name, elgg_get_site_url() . "messages/thread/{$message_hash}"));
                    notify_user($recipient_guid, $sender_guid, $notification_subject, $notification_body, null, $methods);
                }
            }
        } else {
            $error++;
        }
    }
    if ($success > 0) {
        // Make attachments
        if ($uploaded_attachments) {
            foreach ($uploaded_attachments as $attachment_guid) {
                make_attachment($message_sent->guid, $attachment_guid);
            }
        }
        $return = true;
    } else {
        $message_sent->delete();
        $return = false;
    }
    elgg_set_ignore_access($ia);
    return $return;
}
 public function testAddMemberToACLRemoveMember()
 {
     // create a new user to check against
     $user = new \ElggUser();
     $user->username = '******';
     $user->save();
     $acl_id = create_access_collection('test acl');
     $result = add_user_to_access_collection($user->guid, $acl_id);
     $this->assertTrue($result);
     if ($result) {
         $this->assertTrue($user->delete());
         // since there are no more members this should return false
         $acl_members = get_members_of_access_collection($acl_id, true);
         $this->assertFalse($acl_members);
     }
     delete_access_collection($acl_id);
 }
 $wall_post->origin = 'wall';
 // Wall post access id is set to private, which means it should be visible only to the poster and tagged users
 // Creating a new ACL for that
 if ($access_id == ACCESS_PRIVATE && count($friend_guids)) {
     $user_guids = array($poster->guid, $container->guid);
     $user_guids = array_merge($user_guids, $friend_guids);
     $user_guids = array_unique($user_guids);
     sort($user_guids);
     $acl_hash = sha1(implode(':', $user_guids));
     $dbprefix = elgg_get_config('dbprefix');
     $query = "SELECT * FROM {$dbprefix}access_collections WHERE name = '{$acl_hash}'";
     $collection = get_data_row($query);
     $acl_id = $collection->id;
     if (!$acl_id) {
         $site = elgg_get_site_entity();
         $acl_id = create_access_collection($acl_hash, $site->guid);
         update_access_collection($acl_id, $user_guids);
     }
     $wall_post->access_id = $acl_id;
     $wall_post->save();
 }
 $extractor = Extractor::extract($status);
 if (count($extractor->hashtags)) {
     $wall_post->tags = $extractor->hashtags;
 }
 if (count($extractor->usernames)) {
     foreach ($extractor->usernames as $username) {
         $user = get_user_by_username($username);
         if (elgg_instanceof($user) && !in_array($user->guid, $friend_guids)) {
             $friend_guids[] = $user->guid;
         }
Exemple #15
0
        delete_access_collection($col->id);
    }
    $friends = elgg_get_entities_from_metadata(array('types' => 'user', 'limit' => $friends_count, 'order_by' => 'RAND()', 'wheres' => array("e.guid != {$user->guid}"), 'metadata_names' => '__faker'));
    $rand_friends = false;
    $collection_id = create_access_collection('Best Fake Friends Collection', $user->guid);
    if ($collection_id) {
        $rand_friends = array_rand($friends, rand(2, $friends_count));
        $collections++;
    }
    foreach ($friends as $friends_key => $friend) {
        if ($user->addFriend($friend->guid)) {
            $rels++;
            elgg_create_river_item(array('view' => 'river/relationship/friend/create', 'action_type' => 'friend', 'subject_guid' => $user->guid, 'object_guid' => $friend->guid));
            if ($rand_friends && array_key_exists($friends_key, $rand_friends)) {
                add_user_to_access_collection($friend->guid, $collection_id);
            }
        }
    }
    $random_acl_members = elgg_get_entities_from_metadata(array('types' => 'user', 'limit' => 10, 'order_by' => 'RAND()', 'wheres' => array("e.guid != {$user->guid}"), 'metadata_names' => '__faker'));
    if ($random_acl_members) {
        $collection_id = create_access_collection('Fake Arbitrary Collection', $user->guid);
        if ($collection_id) {
            $collections++;
            foreach ($random_acl_members as $random_acl_member) {
                add_user_to_access_collection($random_acl_member->guid, $collection_id);
            }
        }
    }
}
system_message(elgg_echo('faker:gen_friends:success', array($rels, $collections)));
forward(REFERER);
Exemple #16
0
/**
 * Groups created so create an access list for it
 */
function groups_create_event_listener($event, $object_type, $object)
{
    $ac_name = elgg_echo('groups:group') . ": " . $object->name;
    $ac_admin_name = elgg_echo('groups:group') . ":admin: " . $object->name;
    $group_id = create_access_collection($ac_name, $object->guid);
    $group_admin_id = create_access_collection($ac_admin_name, $object->guid);
    if ($group_id) {
        $object->group_acl = $group_id;
        $object->group_admin_acl = $group_admin_id;
        add_user_to_access_collection($object->owner_guid, $group_admin_id);
    } else {
        // delete group if access creation fails
        return false;
    }
    return true;
}
/**
 * Elgg collection add page
 *
 * @package Elgg
 * @subpackage Core
 * @author Curverider Ltd
 * @link http://elgg.org/
 */
//must be logged in
gatekeeper();
$collection_name = get_input('collection_name');
$friends = get_input('friends_collection');
//first check to make sure that a collection name has been set and create the new colection
if ($collection_name) {
    //create the collection
    $create_collection = create_access_collection($collection_name, $_SESSION['user']->getGUID());
    //if the collection was created and the user passed some friends from the form, add them
    if ($create_collection && !empty($friends)) {
        //add friends to the collection
        foreach ($friends as $friend) {
            add_user_to_access_collection($friend, $create_collection);
        }
    }
    // Success message
    system_message(elgg_echo("friends:collectionadded"));
    // Forward to the collections page
    forward("pg/collections/" . $_SESSION['user']->username);
} else {
    register_error(elgg_echo("friends:nocollectionname"));
    // Forward to the add collection page
    forward("pg/collections/add");
/**
 * Groups created, so add users to access lists.
 */
function groups_create_event_listener($event, $object_type, $object)
{
    //if (($event == 'create') && ($object_type == 'group') && ($object instanceof ElggGroup))
    //{
    $group_id = create_access_collection(elgg_echo('groups:group') . ": " . $object->name);
    if ($group_id) {
        $object->group_acl = $group_id;
    } else {
        return false;
    }
    //}
    return true;
}
Exemple #19
0
<?php

/**
 * Elgg collection add page
 *
 * @package Elgg.Core
 * @subpackage Friends.Collections
 */
$collection_name = get_input('collection_name');
$friends = get_input('friends_collection');
//first check to make sure that a collection name has been set and create the new colection
if ($collection_name) {
    //create the collection
    $create_collection = create_access_collection($collection_name, elgg_get_logged_in_user_guid());
    //if the collection was created and the user passed some friends from the form, add them
    if ($create_collection && !empty($friends)) {
        //add friends to the collection
        foreach ($friends as $friend) {
            add_user_to_access_collection($friend, $create_collection);
        }
    }
    // Success message
    system_message(elgg_echo("friends:collectionadded"));
    // Forward to the collections page
    forward("collections/" . elgg_get_logged_in_user_entity()->username);
} else {
    register_error(elgg_echo("friends:nocollectionname"));
    // Forward to the add collection page
    forward("collections/add");
}