public function testAddRemoveUserToACL() { $acl_id = create_access_collection('test acl'); $result = add_user_to_access_collection($this->user->guid, $acl_id); $this->assertTrue($result); if ($result) { $result = remove_user_from_access_collection($this->user->guid, $acl_id); $this->assertIdentical(true, $result); } delete_access_collection($acl_id); }
/** * Listens to a group leave event and removes a user from the group's access control * */ function groups_user_leave_event_listener($event, $object_type, $object) { $group = $object['group']; $user = $object['user']; $acl = $group->group_acl; remove_user_from_access_collection($user->guid, $acl); return true; }
/** * Removes a user from another user's friends list. * * @param int $user_guid The GUID of the friending user * @param int $friend_guid The GUID of the user on the friends list * @return true|false Depending on success */ function user_remove_friend($user_guid, $friend_guid) { global $CONFIG; $user_guid = (int) $user_guid; $friend_guid = (int) $friend_guid; // perform cleanup for access lists. $collections = get_user_access_collections($user_guid); foreach ($collections as $collection) { remove_user_from_access_collection($friend_guid, $collection->id); } return remove_entity_relationship($user_guid, "friend", $friend_guid); }
/** * Removes a user as a friend * * @param int $friend_guid The GUID of the user to remove * * @return bool * @todo change to accept \ElggUser */ public function removeFriend($friend_guid) { if (!get_user($friend_guid)) { return false; } // @todo this should be done with a plugin hook handler on the delete relationship // perform cleanup for access lists. $collections = get_user_access_collections($this->guid); if ($collections) { foreach ($collections as $collection) { remove_user_from_access_collection($friend_guid, $collection->id); } } return remove_entity_relationship($this->guid, "friend", $friend_guid); }
/** * Removes a user from another user's friends list. * * @param int $user_guid The GUID of the friending user * @param int $friend_guid The GUID of the user on the friends list * * @return bool Depending on success * @deprecated 1.9 Use \ElggUser::removeFriend() */ function user_remove_friend($user_guid, $friend_guid) { elgg_deprecated_notice(__FUNCTION__ . ' is deprecated. Use \\ElggUser::removeFriend()', 1.9); $user_guid = (int) $user_guid; $friend_guid = (int) $friend_guid; // perform cleanup for access lists. $collections = get_user_access_collections($user_guid); if ($collections) { foreach ($collections as $collection) { remove_user_from_access_collection($friend_guid, $collection->id); } } return remove_entity_relationship($user_guid, "friend", $friend_guid); }
/** * Updates the membership in an access collection. * * @warning Expects a full list of all members that should * be part of the access collection * * @note This will run all hooks associated with adding or removing * members to access collections. * * @param int $collection_id The ID of the collection. * @param array $members Array of member GUIDs * * @return bool * @link http://docs.elgg.org/Access/Collections * @see add_user_to_access_collection() * @see remove_user_from_access_collection() */ function update_access_collection($collection_id, $members) { global $CONFIG; $acl = get_access_collection($collection_id); if (!$acl) { return false; } $members = is_array($members) ? $members : array(); $cur_members = get_members_of_access_collection($collection_id, true); $cur_members = is_array($cur_members) ? $cur_members : array(); $remove_members = array_diff($cur_members, $members); $add_members = array_diff($members, $cur_members); $result = true; foreach ($add_members as $guid) { $result = $result && add_user_to_access_collection($guid, $collection_id); } foreach ($remove_members as $guid) { $result = $result && remove_user_from_access_collection($guid, $collection_id); } return $result; }
/** * Updates the membership in an access collection. * * @param int $collection_id The ID of the collection. * @param array $members Array of member GUIDs * @return true|false Depending on success */ function update_access_collection($collection_id, $members) { global $CONFIG; $collection_id = (int) $collection_id; $members = is_array($members) ? $members : array(); $collections = get_write_access_array(); if (array_key_exists($collection_id, $collections)) { $cur_members = get_members_of_access_collection($collection_id, true); $cur_members = is_array($cur_members) ? $cur_members : array(); $remove_members = array_diff($cur_members, $members); $add_members = array_diff($members, $cur_members); $params = array('collection_id' => $collection_id, 'members' => $members, 'add_members' => $add_members, 'remove_members' => $remove_members); foreach ($add_members as $guid) { add_user_to_access_collection($guid, $collection_id); } foreach ($remove_members as $guid) { remove_user_from_access_collection($guid, $collection_id); } return true; } return false; }
public function removeUser($user_guid = 0, $notify_message = "") { $result = false; if (empty($user_guid)) { $user_guid = elgg_get_logged_in_user_guid(); } if (!empty($user_guid)) { // check if this user is not an admin of this site if (!$this->isAdmin($user_guid)) { // get the user for further use $user = get_user($user_guid); // remove the user from the subsite ACL remove_user_from_access_collection($user_guid, $this->getACL()); $result = parent::removeUser($user_guid); // update member_count $this->getMembers(array("count" => true, "force_update_member_count" => true)); // remove the user from every group on this site $options = array("relationship" => "member", "relationship_guid" => $user_guid, "type" => "group", "limit" => false, "site_guid" => $this->getGUID()); // exclude invited groups global $SUBSITE_MANAGER_INVITED_GROUPS; if (!empty($SUBSITE_MANAGER_INVITED_GROUPS)) { $options["wheres"] = array("e.guid NOT IN (" . implode(",", $SUBSITE_MANAGER_INVITED_GROUPS) . ")"); } if ($groups = elgg_get_entities_from_relationship($options)) { foreach ($groups as $group) { $group->leave($user); } } // remove optional membership requests $this->removeMembershipRequests($user_guid); // do we need to notify the user about this if (elgg_is_logged_in() && $user_guid != elgg_get_logged_in_user_guid()) { $admin = elgg_get_logged_in_user_entity(); $subject = elgg_echo("subsite_manager:subsite:remove_user:subject", array($this->name)); $message = elgg_echo("subsite_manager:subsite:remove_user:message", array($user->name, $admin->name, $this->name, $notify_message)); notify_user($user->getGUID(), $admin->getGUID(), $subject, $message, array(), "email"); } } } return $result; }
function process_group_leaves() { $leaves = elgg_get_config('granular_access_leaves'); if (!is_array($leaves)) { return true; } foreach ($leaves as $params) { $options = array('type' => 'object', 'subtype' => 'granular_access', 'metadata_name_value_pairs' => array('name' => 'access_list', 'value' => $params['group']), 'limit' => false); // get granular access objects that pertain to this group $batch = new ElggBatch('elgg_get_entities_from_metadata', $options); foreach ($batch as $granular_access) { if ($granular_access->single_group) { // this uses the default group acl continue; } // here's where it gets tricky, we want to remove them if there's no other reason to keep them // that is they aren't explicitly mentioned, and they aren't in another group $guids = (array) $granular_access->access_list; if (in_array($params['user'], $guids)) { // they are explicitly listed, so do nothing, they stay in the acl continue; } // remove the guid of this group from the list, and count other groups where this user is a member unset($guids[array_search($params['group'], $guids)]); if ($guids) { $ia = elgg_set_ignore_access(true); // in case of hidden groups! $count = elgg_get_entities_from_relationship(array('guids' => $guids, 'type' => 'group', 'relationship' => 'member', 'relationship_guid' => $params['user'], 'inverse_relationship' => false, 'count' => true)); elgg_set_ignore_access($ia); if ($count) { continue; } } remove_user_from_access_collection($params['user'], $granular_access->acl_id); } } elgg_set_config('granular_access_leaves', array()); }
*/ $group_guid = (int) get_input("group_guid"); $user_guid = (int) get_input("user_guid"); $group = get_entity($group_guid); $user = get_user($user_guid); if (!empty($group) && !empty($user)) { if ($group instanceof ElggGroup && $group->canEdit() && $group->isMember($user) && $group->getOwnerGUID() != $user->getGUID()) { if (!check_entity_relationship($user->getGUID(), "group_admin", $group->getGUID())) { // user is admin, so remove if (add_entity_relationship($user->getGUID(), "group_admin", $group->getGUID())) { add_user_to_access_collection($user->guid, $group->group_admin_acl); system_message(elgg_echo("group_tools:action:toggle_admin:success:add")); } else { register_error(elgg_echo("group_tools:action:toggle_admin:error:add")); } } else { // user is not admin, so add if (remove_entity_relationship($user->getGUID(), "group_admin", $group->getGUID())) { remove_user_from_access_collection($user->guid, $group->group_admin_acl); system_message(elgg_echo("group_tools:action:toggle_admin:success:remove")); } else { register_error(elgg_echo("group_tools:action:toggle_admin:error:remove")); } } } else { register_error(elgg_echo("group_tools:action:toggle_admin:error:group")); } } else { register_error(elgg_echo("group_tools:action:error:input")); } forward(REFERER);
foreach ($annotations as $annotation) { $annotation->delete(); } } // delete all access collections $collections = get_user_access_collections($user->guid); if (is_array($collections)) { foreach ($collections as $collection) { delete_access_collection($collection->id); } } // remove from access collections $access = get_access_array(); foreach ($access as $id) { if (!in_array($id, array(ACCESS_PUBLIC, ACCESS_LOGGED_IN, ACCESS_FRIENDS, ACCESS_PRIVATE))) { remove_user_from_access_collection($user->guid, $id); } } // reset password to unusable password $user->password = ''; $user->salt = ''; $user->password_hash = ''; $user->email = "anon{$user->guid}@" . get_site_domain(); // set our single piece of metadata that tells us this user has been deleted $user->member_selfdelete = "anonymized"; $user->save(); logout(); session_regenerate_id(true); system_message(elgg_echo('member_selfdelete:action:anonymized')); break; default:
$page_owner_guid = (int) get_input("guid"); $access_collection_guid = questions_get_workflow_access_collection(); if (!$access_collection_guid) { register_error(elgg_echo("questions:workflow:noacl")); forward(REFERER); } if (!empty($user_guid) && !empty($page_owner_guid)) { $user = get_user($user_guid); $page_owner = get_entity($page_owner_guid); if (!empty($user) && !empty($page_owner) && (elgg_instanceof($page_owner, "site") || elgg_instanceof($page_owner, "group")) && $page_owner->canEdit()) { // check if the user is an expert if (check_entity_relationship($user->getGUID(), QUESTIONS_EXPERT_ROLE, $page_owner->getGUID())) { // yes, so remove remove_entity_relationship($user->getGUID(), QUESTIONS_EXPERT_ROLE, $page_owner->getGUID()); // @todo: only when workflow is enabled remove_user_from_access_collection($user_guid, $access_collection_guid); system_message(elgg_echo("questions:action:toggle_expert:success:remove", array($user->name, $page_owner->name))); } else { // no, so add add_entity_relationship($user->getGUID(), QUESTIONS_EXPERT_ROLE, $page_owner->getGUID()); // @todo: only when workflow is enabled add_user_to_access_collection($user_guid, $access_collection_guid); system_message(elgg_echo("questions:action:toggle_expert:success:make", array($user->name, $page_owner->name))); } } else { register_error(elgg_echo("InvalidParameterException:GUIDNotFound", array($page_owner_guid))); } } else { register_error(elgg_echo("InvalidParameterException:MissingParameter")); } forward(REFERER);
/** * Listens to a trip leave event and removes a user from the trip's access control * */ function mytrips_user_leave_event_listener($event, $object_type, $object) { $trip = $object['trip']; $user = $object['user']; $acl = $trip->trip_acl; remove_user_from_access_collection($user->guid, $acl); return true; }