public function testAddRemoveUserToACL() { $acl_id = create_access_collection('test acl'); $result = add_user_to_access_collection($this->user->guid, $acl_id); $this->assertTrue($result); if ($result) { $result = remove_user_from_access_collection($this->user->guid, $acl_id); $this->assertIdentical(true, $result); } delete_access_collection($acl_id); }
function au_subgroups_fix_acls_20121024a($result, $getter, $options) { if ($result->group_acl === NULL) { // group has no acl... create it and add all the members $ac_name = elgg_echo('groups:group') . ": " . $result->name; $group_acl = create_access_collection($ac_name, $result->guid); $result->group_acl = $group_acl; // now add all members of the group to the acl $members = $result->getMembers(0, 0, false); if (is_array($members) && count($members)) { foreach ($members as $member) { add_user_to_access_collection($member->guid, $group_acl); } } } }
function process_group_joins() { $joins = elgg_get_config('granular_access_joins'); if (!is_array($joins)) { return true; } foreach ($joins as $params) { $options = array('type' => 'object', 'subtype' => 'granular_access', 'metadata_name_value_pairs' => array('name' => 'access_list', 'value' => $params['group']), 'limit' => false); // get granular access objects that pertain to this group $batch = new ElggBatch('elgg_get_entities_from_metadata', $options); foreach ($batch as $granular_access) { if ($granular_access->single_group) { // this uses the default group acl continue; } add_user_to_access_collection($params['user'], $granular_access->acl_id); } } elgg_set_config('granular_access_joins', array()); }
delete_access_collection($col->id); } $friends = elgg_get_entities_from_metadata(array('types' => 'user', 'limit' => $friends_count, 'order_by' => 'RAND()', 'wheres' => array("e.guid != {$user->guid}"), 'metadata_names' => '__faker')); $rand_friends = false; $collection_id = create_access_collection('Best Fake Friends Collection', $user->guid); if ($collection_id) { $rand_friends = array_rand($friends, rand(2, $friends_count)); $collections++; } foreach ($friends as $friends_key => $friend) { if ($user->addFriend($friend->guid)) { $rels++; elgg_create_river_item(array('view' => 'river/relationship/friend/create', 'action_type' => 'friend', 'subject_guid' => $user->guid, 'object_guid' => $friend->guid)); if ($rand_friends && array_key_exists($friends_key, $rand_friends)) { add_user_to_access_collection($friend->guid, $collection_id); } } } $random_acl_members = elgg_get_entities_from_metadata(array('types' => 'user', 'limit' => 10, 'order_by' => 'RAND()', 'wheres' => array("e.guid != {$user->guid}"), 'metadata_names' => '__faker')); if ($random_acl_members) { $collection_id = create_access_collection('Fake Arbitrary Collection', $user->guid); if ($collection_id) { $collections++; foreach ($random_acl_members as $random_acl_member) { add_user_to_access_collection($random_acl_member->guid, $collection_id); } } } } system_message(elgg_echo('faker:gen_friends:success', array($rels, $collections))); forward(REFERER);
/** * Updates the membership in an access collection. * * @warning Expects a full list of all members that should * be part of the access collection * * @note This will run all hooks associated with adding or removing * members to access collections. * * @param int $collection_id The ID of the collection. * @param array $members Array of member GUIDs * * @return bool * @link http://docs.elgg.org/Access/Collections * @see add_user_to_access_collection() * @see remove_user_from_access_collection() */ function update_access_collection($collection_id, $members) { global $CONFIG; $acl = get_access_collection($collection_id); if (!$acl) { return false; } $members = is_array($members) ? $members : array(); $cur_members = get_members_of_access_collection($collection_id, true); $cur_members = is_array($cur_members) ? $cur_members : array(); $remove_members = array_diff($cur_members, $members); $add_members = array_diff($members, $cur_members); $result = true; foreach ($add_members as $guid) { $result = $result && add_user_to_access_collection($guid, $collection_id); } foreach ($remove_members as $guid) { $result = $result && remove_user_from_access_collection($guid, $collection_id); } return $result; }
/** * Updates the membership in an access collection. * * @param int $collection_id The ID of the collection. * @param array $members Array of member GUIDs * @return true|false Depending on success */ function update_access_collection($collection_id, $members) { global $CONFIG; $collection_id = (int) $collection_id; $members = is_array($members) ? $members : array(); $collections = get_write_access_array(); if (array_key_exists($collection_id, $collections)) { $cur_members = get_members_of_access_collection($collection_id, true); $cur_members = is_array($cur_members) ? $cur_members : array(); $remove_members = array_diff($cur_members, $members); $add_members = array_diff($members, $cur_members); $params = array('collection_id' => $collection_id, 'members' => $members, 'add_members' => $add_members, 'remove_members' => $remove_members); foreach ($add_members as $guid) { add_user_to_access_collection($guid, $collection_id); } foreach ($remove_members as $guid) { remove_user_from_access_collection($guid, $collection_id); } return true; } return false; }
function group_tools_version_1_3() { $dbprefix = elgg_get_config("dbprefix"); $query = "SELECT ac.id AS acl_id, ac.owner_guid AS group_guid, er.guid_one AS user_guid\n\t\t\tFROM {$dbprefix}access_collections ac\n\t\t\tJOIN {$dbprefix}entities e ON e.guid = ac.owner_guid\n\t\t\tJOIN {$dbprefix}entity_relationships er ON ac.owner_guid = er.guid_two\n\t\t\tWHERE e.type = 'group'\n\t\t\tAND er.relationship = 'member'\n\t\t\tAND er.guid_one NOT IN \n\t\t\t(\n\t\t\tSELECT acm.user_guid\n\t\t\tFROM {$dbprefix}access_collections ac2\n\t\t\tJOIN {$dbprefix}access_collection_membership acm ON ac2.id = acm.access_collection_id\n\t\t\tWHERE ac2.owner_guid = ac.owner_guid\n\t\t\t)"; if ($data = get_data($query)) { foreach ($data as $row) { add_user_to_access_collection($row->user_guid, $row->acl_id); } } }
$page_owner_guid = (int) get_input("guid"); $access_collection_guid = questions_get_workflow_access_collection(); if (!$access_collection_guid) { register_error(elgg_echo("questions:workflow:noacl")); forward(REFERER); } if (!empty($user_guid) && !empty($page_owner_guid)) { $user = get_user($user_guid); $page_owner = get_entity($page_owner_guid); if (!empty($user) && !empty($page_owner) && (elgg_instanceof($page_owner, "site") || elgg_instanceof($page_owner, "group")) && $page_owner->canEdit()) { // check if the user is an expert if (check_entity_relationship($user->getGUID(), QUESTIONS_EXPERT_ROLE, $page_owner->getGUID())) { // yes, so remove remove_entity_relationship($user->getGUID(), QUESTIONS_EXPERT_ROLE, $page_owner->getGUID()); // @todo: only when workflow is enabled remove_user_from_access_collection($user_guid, $access_collection_guid); system_message(elgg_echo("questions:action:toggle_expert:success:remove", array($user->name, $page_owner->name))); } else { // no, so add add_entity_relationship($user->getGUID(), QUESTIONS_EXPERT_ROLE, $page_owner->getGUID()); // @todo: only when workflow is enabled add_user_to_access_collection($user_guid, $access_collection_guid); system_message(elgg_echo("questions:action:toggle_expert:success:make", array($user->name, $page_owner->name))); } } else { register_error(elgg_echo("InvalidParameterException:GUIDNotFound", array($page_owner_guid))); } } else { register_error(elgg_echo("InvalidParameterException:MissingParameter")); } forward(REFERER);
$members = get_data($query, "row_to_elggrelationship"); $to_members = array(); foreach ($members as $member) { $to_members[] = $member->guid_one; } $move_members = array_diff($from_members, $to_members); global $NOTIFICATION_HANDLERS; foreach ($move_members as $member) { // move membership add_entity_relationship($member, 'member', $to_guid); // move notifications foreach ($NOTIFICATION_HANDLERS as $method => $foo) { if (check_entity_relationship($member, "notify{$method}", $from_guid) !== FALSE) { add_entity_relationship($member, "notify{$method}", $to_guid); } } // add to access list add_user_to_access_collection($member, $to_group->group_acl); } // update river $where = "type='group' AND object_guid={$from_guid}"; $query = "UPDATE {$db_prefix}river SET object_guid={$to_guid} WHERE {$where}"; $result = update_data($query); // combine content $where = "container_guid={$from_guid}"; $query = "UPDATE {$db_prefix}entities SET container_guid={$to_guid} WHERE {$where}"; $result = update_data($query); system_message(elgg_echo('cg:groups:combine:success', array($from_group->name, $to_group->name))); // delete from group $from_group->delete(); forward(REFERER);
* Elgg collection add page * * @package Elgg * @subpackage Core * @author Curverider Ltd * @link http://elgg.org/ */ //must be logged in gatekeeper(); $collection_name = get_input('collection_name'); $friends = get_input('friends_collection'); //first check to make sure that a collection name has been set and create the new colection if ($collection_name) { //create the collection $create_collection = create_access_collection($collection_name, $_SESSION['user']->getGUID()); //if the collection was created and the user passed some friends from the form, add them if ($create_collection && !empty($friends)) { //add friends to the collection foreach ($friends as $friend) { add_user_to_access_collection($friend, $create_collection); } } // Success message system_message(elgg_echo("friends:collectionadded")); // Forward to the collections page forward("pg/collections/" . $_SESSION['user']->username); } else { register_error(elgg_echo("friends:nocollectionname")); // Forward to the add collection page forward("pg/collections/add"); }
<?php /** * create access collections for existing groups * */ $access = elgg_get_ignore_access(); elgg_set_ignore_access(true); //get all groups $groups = elgg_get_entities(array('type' => 'group', 'order_by' => 'e.guid desc', 'limit' => 1000, 'full_view' => false)); foreach ($groups as $group) { //create access collection $ac_admin_name = elgg_echo('groups:group') . ":admin: " . $group->name; $group_admin_id = create_access_collection($ac_admin_name, $group->guid); //give group an admin_acl $group->group_admin_acl = $group_admin_id; if ($group->save()) { //add group owner to access collection add_user_to_access_collection($group->owner_guid, $group->group_admin_acl); //add group admins to access collection //get group admins $admins = elgg_get_entities_from_relationship(array('relationship' => 'group_admin', 'relationship_guid' => $group->guid, 'inverse_relationship' => true, 'limit' => 30)); foreach ($admins as $admin) { add_user_to_access_collection($admin->guid, $group->group_admin_acl); } } } elgg_set_ignore_access($access);
public function addUser($user_guid = 0) { $result = false; if (empty($user_guid)) { $user_guid = elgg_get_logged_in_user_guid(); } if (!empty($user_guid)) { $result = parent::addUser($user_guid); // add the user to the ACL add_user_to_access_collection($user_guid, $this->getACL()); // remove optional invitations for this site $this->removeInvitation($user_guid); // remove optional membership requests $this->removeMembershipRequests($user_guid); // update member_count $this->getMembers(array("count" => true, "force_update_member_count" => true)); } return $result; }
public function testAddMemberToACLRemoveMember() { // create a new user to check against $user = new \ElggUser(); $user->username = '******'; $user->save(); $acl_id = create_access_collection('test acl'); $result = add_user_to_access_collection($user->guid, $acl_id); $this->assertTrue($result); if ($result) { $this->assertTrue($user->delete()); // since there are no more members this should return false $acl_members = get_members_of_access_collection($acl_id, true); $this->assertFalse($acl_members); } delete_access_collection($acl_id); }
/** * Listens to a group join event and adds a user to the group's access control * */ function groups_user_join_event_listener($event, $object_type, $object) { $group = $object['group']; $user = $object['user']; $acl = $group->group_acl; add_user_to_access_collection($user->guid, $acl); return true; }
system_message(elgg_echo('group_tools:action:fix_acl:success:without', [count($groups)])); } // now add the group members $missing_users = group_tools_get_missing_acl_users(); if (!empty($missing_users)) { // make sure we can see all users $hidden = access_get_show_hidden_status(); access_show_hidden_entities(true); foreach ($missing_users as $user_data) { /** * $user_data = row stdClass * -> acl_id => the acl the user should be added to * -> group_guid => the group the acl belongs to * -> user_guid => the user that should be added */ add_user_to_access_collection($user_data->user_guid, $user_data->acl_id); } // restore hidden settings access_show_hidden_entities($hidden); system_message(elgg_echo('group_tools:action:fix_acl:success:missing', [count($missing_users)])); } // users with access to group content, but no longer member $excess_users = group_tools_get_excess_acl_users(); if (!empty($excess_users)) { foreach ($excess_users as $user_data) { /** * $user_data = row stdClass * -> acl_id => the acl the user should be removed from * -> group_guid => the group the acl belongs to * -> user_guid => the user that should be removed */
function repopulate_acl($granular_access) { $ia = elgg_set_ignore_access(true); $dbprefix = elgg_get_config('dbprefix'); // empty the acl first $q = "DELETE FROM {$dbprefix}access_collection_membership\n\t\tWHERE access_collection_id = {$granular_access->acl_id}"; delete_data($q); //loop through all of the guids this acl encompasses $list = (array) $granular_access->access_list; foreach ($list as $l) { $e = get_entity($l); if (elgg_instanceof($e, 'user')) { add_user_to_access_collection($e->guid, $granular_access->acl_id); continue; } if (elgg_instanceof($e, 'group')) { add_group_to_access_collection($e, $granular_access->acl_id); continue; } //@TODO - anything to do here? } elgg_set_ignore_access($ia); }
/** * Listens to a trip join event and adds a user to the trip's access control * */ function mytrips_user_join_event_listener($event, $object_type, $object) { $trip = $object['trip']; $user = $object['user']; $acl = $trip->trip_acl; add_user_to_access_collection($user->guid, $acl); return true; }