/**
* https://github.com/Elgg/Elgg/pull/6393
* Hook handlers for 'access:collections:write','all' hook should respect
* group's content access mode and container write permissions
*/
public function testWriteAccessArray()
{
$membersonly = ElggGroup::CONTENT_ACCESS_MODE_MEMBERS_ONLY;
$unrestricted = ElggGroup::CONTENT_ACCESS_MODE_UNRESTRICTED;
$original_page_owner = elgg_get_page_owner_entity();
elgg_set_page_owner_guid($this->group->guid);
$ia = elgg_set_ignore_access(false);
// User is not a member of the group
// Member-only group
$this->group->setContentAccessMode($membersonly);
$write_access = get_write_access_array($this->user->guid, true);
$this->assertFalse(array_key_exists($this->group->group_acl, $write_access));
// Unrestricted group
$this->group->setContentAccessMode($unrestricted);
$write_access = get_write_access_array($this->user->guid, true);
$this->assertFalse(array_key_exists($this->group->group_acl, $write_access));
// User is a member (can write to container)
$this->group->join($this->user);
// Member-only group
$this->group->setContentAccessMode($membersonly);
$write_access = get_write_access_array($this->user->guid, true);
$this->assertTrue(array_key_exists($this->group->group_acl, $write_access));
// Unrestricted group
$this->group->setContentAccessMode($unrestricted);
$write_access = get_write_access_array($this->user->guid, true);
$this->assertTrue(array_key_exists($this->group->group_acl, $write_access));
elgg_set_ignore_access($ia);
$this->group->leave($this->user);
$original_page_owner_guid = elgg_instanceof($original_page_owner) ? $original_page_owner->guid : 0;
elgg_set_page_owner_guid($original_page_owner_guid);
}
/**
* Add a user to a group
*
* @param ElggGroup $group the group to add the user to
* @param ElggUser $user the user to be added
* @param string $text (optional) extra text for the notification
*
* @return boolean true if successfull
*/
function group_tools_add_user(ElggGroup $group, ElggUser $user, $text = "")
{
$result = false;
$loggedin_user = elgg_get_logged_in_user_entity();
if (!empty($user) && $user instanceof ElggUser && !empty($group) && $group instanceof ElggGroup && !empty($loggedin_user)) {
// make sure all goes well
$ia = elgg_set_ignore_access(true);
if ($group->join($user)) {
// Remove any invite or join request flags
remove_entity_relationship($group->getGUID(), "invited", $user->getGUID());
remove_entity_relationship($user->getGUID(), "membership_request", $group->getGUID());
// notify user
$subject = elgg_echo("group_tools:groups:invite:add:subject", array($group->name));
$msg = elgg_echo("group_tools:groups:invite:add:body", array($user->name, $loggedin_user->name, $group->name, $text, $group->getURL()));
$params = array("group" => $group, "inviter" => $loggedin_user, "invitee" => $user);
$msg = elgg_trigger_plugin_hook("invite_notification", "group_tools", $params, $msg);
if (notify_user($user->getGUID(), $group->getOwnerGUID(), $subject, $msg, null, "email")) {
$result = true;
}
}
// restore access
elgg_set_ignore_access($ia);
}
return $result;
}
public function testGroupItemVisibility()
{
$original_user = _elgg_services()->session->getLoggedInUser();
_elgg_services()->session->setLoggedInUser($this->user);
$group_guid = $this->group->guid;
// unrestricted: pass non-members
$this->group->setContentAccessMode(ElggGroup::CONTENT_ACCESS_MODE_UNRESTRICTED);
$vis = Elgg_GroupItemVisibility::factory($group_guid, false);
$this->assertFalse($vis->shouldHideItems);
// membersonly: non-members fail
$this->group->setContentAccessMode(ElggGroup::CONTENT_ACCESS_MODE_MEMBERS_ONLY);
$vis = Elgg_GroupItemVisibility::factory($group_guid, false);
$this->assertTrue($vis->shouldHideItems);
// members succeed
$this->group->join($this->user);
$vis = Elgg_GroupItemVisibility::factory($group_guid, false);
$this->assertFalse($vis->shouldHideItems);
// non-member admins succeed - assumes admin logged in
_elgg_services()->session->setLoggedInUser($original_user);
$vis = Elgg_GroupItemVisibility::factory($group_guid, false);
$this->assertFalse($vis->shouldHideItems);
}
function CreateLTIGroup($user, $name, $context_id, $consumer_key)
{
$group_guid = 0;
$group = new ElggGroup($group_guid);
// Set the group properties that we can!
$group->name = $name;
$group->context_id = $context_id;
// This is a unique identifier from the consumer for this context
$group->consumer_key = $consumer_key;
// Which consumer is creating this group
$group->membership = ACCESS_PRIVATE;
$group->access_id = ACCESS_PUBLIC;
$group->briefdescription = elgg_echo('LTI:provision:group');
$consumer_instance = new LTI_Tool_Consumer_Instance($group->consumer_key, elgg_get_config('dbprefix'));
$context = new LTI_Context($consumer_instance, $group->context_id);
$group->description = $context->title;
$group->save();
$group->join($user);
// Add images
$prefix = 'groups/' . $group->guid;
$filename = GetImage($consumer_key, '.jpg');
$thumbtiny = get_resized_image_from_existing_file($filename, 25, 25, true);
$thumbsmall = get_resized_image_from_existing_file($filename, 40, 40, true);
$thumbmedium = get_resized_image_from_existing_file($filename, 100, 100, true);
$thumblarge = get_resized_image_from_existing_file($filename, 200, 200, false);
if ($thumbtiny) {
$thumb = new ElggFile();
$thumb->owner_guid = $group->owner_guid;
$thumb->setMimeType('image/jpeg');
$thumb->setFilename($prefix . "tiny.jpg");
$thumb->open("write");
$thumb->write($thumbtiny);
$thumb->close();
$thumb->setFilename($prefix . "small.jpg");
$thumb->open("write");
$thumb->write($thumbsmall);
$thumb->close();
$thumb->setFilename($prefix . "medium.jpg");
$thumb->open("write");
$thumb->write($thumbmedium);
$thumb->close();
$thumb->setFilename($prefix . "large.jpg");
$thumb->open("write");
$thumb->write($thumblarge);
$thumb->close();
$group->icontime = time();
}
// return the URL
return $group;
}
function group_tools_add_user(ElggGroup $group, ElggUser $user, $text = "")
{
$result = false;
if (!empty($user) && $user instanceof ElggUser && !empty($group) && $group instanceof ElggGroup && ($loggedin_user = elgg_get_logged_in_user_entity())) {
if ($group->join($user)) {
// Remove any invite or join request flags
remove_entity_relationship($group->getGUID(), "invited", $user->getGUID());
remove_entity_relationship($user->getGUID(), "membership_request", $group->getGUID());
// notify user
$subject = elgg_echo("group_tools:groups:invite:add:subject", array($group->name));
$msg = elgg_echo("group_tools:groups:invite:add:body", array($user->name, $loggedin_user->name, $group->name, $text, $group->getURL()));
if (notify_user($user->getGUID(), $group->getOwnerGUID(), $subject, $msg)) {
$result = true;
}
}
}
return $result;
}
function test_can_write_to_container()
{
$user = new \ElggUser();
$user->username = '******' . rand();
$user->name = 'test_user_name_' . rand();
$user->email = '*****@*****.**';
$user->container_guid = 0;
$user->owner_guid = 0;
$user->save();
$object = new \ElggObject();
$object->save();
$group = new \ElggGroup();
$group->save();
// disable access overrides because we're admin.
$ia = elgg_set_ignore_access(false);
$this->assertFalse(can_write_to_container($user->guid, $object->guid));
global $elgg_test_user;
$elgg_test_user = $user;
// register hook to allow access
function can_write_to_container_test_hook($hook, $type, $value, $params)
{
global $elgg_test_user;
if ($params['user']->getGUID() == $elgg_test_user->getGUID()) {
return true;
}
}
elgg_register_plugin_hook_handler('container_permissions_check', 'all', 'can_write_to_container_test_hook');
$this->assertTrue(can_write_to_container($user->guid, $object->guid));
elgg_unregister_plugin_hook_handler('container_permissions_check', 'all', 'can_write_to_container_test_hook');
$this->assertFalse(can_write_to_container($user->guid, $group->guid));
$group->join($user);
$this->assertTrue(can_write_to_container($user->guid, $group->guid));
elgg_set_ignore_access($ia);
$user->delete();
$object->delete();
$group->delete();
}
/**
* Join a user to a group, add river event, clean-up invitations
*
* @param ElggGroup $group
* @param ElggUser $user
* @return bool
*/
function groups_join_group($group, $user)
{
// access ignore so user can be added to access collection of invisible group
$ia = elgg_set_ignore_access(TRUE);
$result = $group->join($user);
elgg_set_ignore_access($ia);
if ($result) {
// flush user's access info so the collection is added
get_access_list($user->guid, 0, true);
// Remove any invite or join request flags
remove_entity_relationship($group->guid, 'invited', $user->guid);
remove_entity_relationship($user->guid, 'membership_request', $group->guid);
elgg_create_river_item(array('view' => 'river/relationship/member/create', 'action_type' => 'join', 'subject_guid' => $user->guid, 'object_guid' => $group->guid));
return true;
}
return false;
}
$visibility = (int) get_input('vis', '', false);
if ($visibility != ACCESS_PUBLIC && $visibility != ACCESS_LOGGED_IN) {
$visibility = $group->group_acl;
}
if ($group->access_id != $visibility) {
$group->access_id = $visibility;
}
}
$group->save();
// group saved so clear sticky form
elgg_clear_sticky_form('groups');
// group creator needs to be member of new group and river entry created
if ($is_new_group) {
// @todo this should not be necessary...
elgg_set_page_owner_guid($group->guid);
$group->join($user);
add_to_river('river/group/create', 'create', $user->guid, $group->guid, $group->access_id);
}
$has_uploaded_icon = !empty($_FILES['icon']['type']) && substr_count($_FILES['icon']['type'], 'image/');
if ($has_uploaded_icon) {
$icon_sizes = elgg_get_config('icon_sizes');
$prefix = "groups/" . $group->guid;
$filehandler = new ElggFile();
$filehandler->owner_guid = $group->owner_guid;
$filehandler->setFilename($prefix . ".jpg");
$filehandler->open("write");
$filehandler->write(get_uploaded_file('icon'));
$filehandler->close();
$filename = $filehandler->getFilenameOnFilestore();
$sizes = array('tiny', 'small', 'medium', 'large');
$thumbs = array();
/**
* Join a user to a group, add river event, clean-up invitations
*
* @param ElggGroup $group
* @param ElggUser $user
* @return bool
*/
function groups_join_group($group, $user)
{
global $NOTIFICATION_HANDLERS;
// access ignore so user can be added to access collection of invisible group
$ia = elgg_set_ignore_access(TRUE);
$result = $group->join($user);
elgg_set_ignore_access($ia);
if ($result) {
// flush user's access info so the collection is added
get_access_list($user->guid, 0, true);
// Remove any invite or join request flags
remove_entity_relationship($group->guid, 'invited', $user->guid);
remove_entity_relationship($user->guid, 'membership_request', $group->guid);
//check if notifications are turned off for the group
if ($group->notifications == "false") {
//turn users notifications off
foreach ($NOTIFICATION_HANDLERS as $method => $dummy) {
error_log("group" . $method);
remove_entity_relationship($user->getGUID(), "notify" . $method, $group->getGUID());
}
}
add_to_river('river/relationship/member/create', 'join', $user->guid, $group->guid);
return true;
}
return false;
}
public function testJoinLeaveGroupACL()
{
if (!elgg_is_active_plugin('groups')) {
return;
}
$group = new ElggGroup();
$group->name = 'Test group';
$group->save();
$result = $group->join($this->user);
$this->assertTrue($result);
// disable security since we run as admin
$ia = elgg_set_ignore_access(false);
// need to set the page owner to emulate being in a group context.
// this is kinda hacky.
elgg_set_page_owner_guid($group->getGUID());
if ($result) {
$can_edit = can_edit_access_collection($group->group_acl, $this->user->guid);
$this->assertTrue($can_edit);
}
$result = $group->leave($this->user);
$this->assertTrue($result);
if ($result) {
$can_edit = can_edit_access_collection($group->group_acl, $this->user->guid);
$this->assertFalse($can_edit);
}
elgg_set_ignore_access($ia);
$group->delete();
}
$group->membership = $membership;
$group->content_access_mode = $content_access_mode;
$guid = $group->save();
if (!$guid) {
$errors++;
continue;
}
if ($visibility != ACCESS_PUBLIC && $visibility != ACCESS_LOGGED_IN) {
$visibility = $group->group_acl;
}
if ($group->access_id != $visibility) {
$group->access_id = $visibility;
}
$group->__faker = true;
// store this flag so we can easily find fake entities
$group->join($owner);
$icon_sizes = elgg_get_config('icon_sizes');
$files = array();
$profile_icon_url = $faker->imageURL();
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $profile_icon_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$file_contents = curl_exec($ch);
$curl_info = curl_getinfo($ch);
curl_close($ch);
$mime_type = $curl_info['content_type'];
if (substr_count($mime_type, 'image/')) {
$prefix = "groups/{$group->guid}";
$filehandler = new ElggFile();
/**
* Helper function to transfer the ownership of a group to a new user
*
* @param ElggGroup $group the group to transfer
* @param ElggUser $new_owner the new owner
*
* @return bool
*/
function group_tools_transfer_group_ownership(ElggGroup $group, ElggUser $new_owner)
{
if (!$group instanceof ElggGroup || !$group->canEdit()) {
return false;
}
if (!$new_owner instanceof ElggUser) {
return false;
}
$loggedin_user = elgg_get_logged_in_user_entity();
// register plugin hook to make sure transfer can complete
elgg_register_plugin_hook_handler('permissions_check', 'group', '\\ColdTrick\\GroupTools\\Access::allowGroupOwnerTransfer');
$old_owner = $group->getOwnerEntity();
// transfer ownership
$group->owner_guid = $new_owner->getGUID();
$group->container_guid = $new_owner->getGUID();
if (!$group->save()) {
return false;
}
// make sure user is added to the group
$group->join($new_owner);
// remove existing group administrator role for new owner
remove_entity_relationship($new_owner->getGUID(), 'group_admin', $group->getGUID());
// check for group icon
if (!empty($group->icontime)) {
$prefix = "groups/{$group->getGUID()}";
$sizes = elgg_get_icon_sizes($group->getType());
$ofh = new ElggFile();
$ofh->owner_guid = $old_owner->getGUID();
$nfh = new ElggFile();
$nfh->owner_guid = $group->getOwnerGUID();
foreach ($sizes as $size => $info) {
// set correct file to handle
$ofh->setFilename("{$prefix}{$size}.jpg");
if (!$ofh->exists()) {
// file doesn't exist
continue;
}
$nfh->setFilename("{$prefix}{$size}.jpg");
// open files
$ofh->open('read');
$nfh->open('write');
// copy file
$nfh->write($ofh->grabFile());
// close file
$ofh->close();
$nfh->close();
// cleanup old file
$ofh->delete();
}
$group->icontime = time();
}
// move metadata of the group to the new owner
$options = ['guid' => $group->getGUID(), 'limit' => false];
$metadata = elgg_get_metadata($options);
if (!empty($metadata)) {
foreach ($metadata as $md) {
if ($md->owner_guid == $old_owner->getGUID()) {
$md->owner_guid = $new_owner->getGUID();
$md->save();
}
}
}
// notify new owner
if ($new_owner->getGUID() !== $loggedin_user->getGUID()) {
$subject = elgg_echo('group_tools:notify:transfer:subject', [$group->name]);
$message = elgg_echo('group_tools:notify:transfer:message', [$new_owner->name, $loggedin_user->name, $group->name, $group->getURL()]);
notify_user($new_owner->getGUID(), $group->getGUID(), $subject, $message);
}
// unregister plugin hook to make sure transfer can complete
elgg_unregister_plugin_hook_handler('permissions_check', 'group', '\\ColdTrick\\GroupTools\\Access::allowGroupOwnerTransfer');
return true;
}
/**
* createGroups Create the groups in Elgg
*
* @return boolean
*/
function createGroups($post_data)
{
global $CONFIG;
$final_report = array();
/// Final report of the creation process
$this->headers = explode(',', $post_data['header']);
/// Create the groups from the $groups array
for ($i = 0; $i < $post_data['num_of_groups']; $i++) {
/// Get the group details from POST data for all headers
foreach ($this->headers as $header) {
$group[$header] = $post_data[$header][$i];
}
/// Add the basic fields to the report
$report = array('name' => $group['name'], 'subtype' => $group['subtype'], 'description' => $group['description'], 'membership' => $group['membership'], 'visibility' => $group['visibility'], 'container_guid' => $group['container_guid']);
/// Try to create the group
try {
$user = elgg_get_logged_in_user_entity();
$new_group = new ElggGroup();
$new_group->name = $group['name'];
$new_group->subtype = $group['subtype'];
$new_group->membership = $group['membership'];
$new_group->container_guid = $group['container_guid'];
$new_group->owner_guid = $user->guid;
$new_group->access_id = $group['visibility'];
$guid = $new_group->save();
if ($guid) {
elgg_set_page_owner_guid($group->guid);
$new_group->join($user);
add_to_river('river/group/create', 'create', $user->guid, $new_group->guid);
if (elgg_get_plugin_setting('hidden_groups', 'groups') == 'yes') {
$visibility = $group['visibility'];
if ($visibility != ACCESS_PUBLIC && $visibility != ACCESS_LOGGED_IN) {
$visibility = $new_group->group_acl;
}
if ($new_group->access_id != $visibility) {
$new_group->access_id = $visibility;
$new_group->save();
}
}
/// Add all other fields as metadata
foreach ($this->headers as $header) {
if (in_array($header, array('name', 'subtype', 'membership', 'visibility', 'description', 'container_guid'))) {
continue;
}
/// Metadata could be a comma separated list if the delimiter is something else than a comma
if ($this->delimiter != ',' && strpos($group[$header], ',')) {
/// Multiple tags found
$tags = string_to_tag_array($group[$header]);
foreach ($tags as $tag) {
create_metadata($guid, $header, $tag, 'text', $guid, ACCESS_PRIVATE, true);
}
} else {
create_metadata($guid, $header, $group[$header], 'text', $guid);
}
/// Add this metadata field to the report
$report[$header] = $group[$header];
}
/// Add status message to the report
$report['status'] = elgg_echo('upload_groups:success');
}
} catch (RegistrationException $r) {
//register_error($r->getMessage());
$report['status'] = '<span class="error">' . $r->getMessage() . '</span>';
$report['password'] = '';
/// Reset password in failed cases
$this->number_of_failed_groups++;
}
$final_report[] = $report;
}
$this->creation_report = $final_report;
return true;
}