/** * Allow moderators to edit static pages and their children * * @param string $hook 'permissions_check' * @param string $type 'object' * @param bool $return_value can the user edit this entity * @param array $params supplied params * * @return bool */ public static function objectPermissionsCheck($hook, $type, $return_value, $params) { if ($return_value) { // already have access, no need to add return $return_value; } $entity = elgg_extract('entity', $params); $user = elgg_extract('user', $params); if (!elgg_instanceof($entity, 'object', 'static') || !elgg_instanceof($user, 'user')) { return $return_value; } // check if the owner is a group $owner = $entity->getOwnerEntity(); if (!empty($owner) && elgg_instanceof($owner, 'group')) { // if you can edit the group, you can edit the static page if ($owner->canEdit($user->getGUID())) { return true; } } // check if the user is a moderator of this static page $ia = elgg_set_ignore_access(true); $moderators = $entity->moderators; elgg_set_ignore_access($ia); if (!empty($moderators)) { if (!is_array($moderators)) { $moderators = [$moderators]; } if (in_array($user->getGUID(), $moderators)) { return true; } } // if not moderator, check higher pages (if any) if ($entity->getContainerGUID() !== $entity->site_guid) { $moderators = static_get_parent_moderators($entity, true); if (in_array($user->getGUID(), $moderators)) { return true; } } return $return_value; }
/** * Get the moderators of the parent page(s) * * @param ElggObject $entity the static page to check * @param bool $guid_only return only guids (Default: false) * * @return array in format array(guid => ElggUser) */ function static_get_parent_moderators(ElggObject $entity, $guid_only = false) { $result = []; if (!elgg_instanceof($entity, 'object', 'static')) { return $result; } $ia = elgg_set_ignore_access(true); if ($entity->getContainerGUID() != $entity->site_guid) { $parent = $entity->getContainerEntity(); if (!empty($parent)) { $moderators = $parent->moderators; if (!empty($moderators)) { if (!is_array($moderators)) { $moderators = [$moderators]; } foreach ($moderators as $user_guid) { $moderator = get_user($user_guid); if (empty($moderator)) { continue; } if (!$guid_only) { $result[$user_guid] = $moderator; } else { $result[] = $user_guid; } } } // did we reach the top page if (elgg_instanceof($parent, 'object', 'static')) { // not yet, so check further $result += static_get_parent_moderators($parent, $guid_only); } } } elgg_set_ignore_access($ia); return $result; }