/** * Web service for read a blog post * * @param string $guid GUID of a blog entity * @param string $username Username of reader (Send NULL if no user logged in) * @param string $password Password for authentication of username (Send NULL if no user logged in) * * @return string $title Title of blog post * @return string $content Text of blog post * @return string $excerpt Excerpt * @return string $tags Tags of blog post * @return string $owner_guid GUID of owner * @return string $access_id Access level of blog post (0,-2,1,2) * @return string $status (Published/Draft) * @return string $comments_on On/Off */ function blog_get_post($guid, $username) { $return = array(); $blog = get_entity($guid); if (!elgg_instanceof($blog, 'object', 'blog')) { $return['content'] = elgg_echo('blog:error:post_not_found'); return $return; } $user = get_user_by_username($username); if ($user) { if (!has_access_to_entity($blog, $user)) { $return['content'] = elgg_echo('blog:error:post_not_found'); return $return; } if ($blog->status != 'published' && $user->guid != $blog->owner_guid) { $return['content'] = elgg_echo('blog:error:post_not_found'); return $return; } } else { if ($blog->access_id != 2) { $return['content'] = elgg_echo('blog:error:post_not_found'); return $return; } } $return['title'] = htmlspecialchars($blog->title); $return['content'] = $blog->description; $return['excerpt'] = $blog->excerpt; $return['tags'] = $blog->tags; $return['owner_guid'] = $blog->owner_guid; $return['access_id'] = $blog->access_id; $return['status'] = $blog->status; $return['comments_on'] = $blog->comments_on; return $return; }
/** * Prevent subscribers for the tag notifications * * @param string $hook the name of the hook * @param string $type the type of the hook * @param array $return_value current return value * @param array $params supplied params * * @return void|array */ public static function getSubscribers($hook, $type, $return_value, $params) { if (!self::validateNotificationEvent($params)) { // not the correct notification event return; } /* @var $event \Elgg\Notifications\Event */ $event = elgg_extract('event', $params); /* @var $relationship \ElggRelationship */ $relationship = $event->getObject(); $entity = get_entity($relationship->guid_two); $sending_tags = tag_tools_get_unsent_tags($entity); if (empty($sending_tags)) { return []; } $tag_subscribers = []; // get interested users $user_options = ['type' => 'user', 'annotation_name_value_pairs' => ['name' => 'follow_tag', 'value' => $sending_tags], 'limit' => false]; $users_batch = new \ElggBatch('elgg_get_entities_from_annotations', $user_options); /* @var $user \ElggUser */ foreach ($users_batch as $user) { // check user access if (!has_access_to_entity($entity, $user)) { continue; } // get the notification settings of the user for one of the sending tags // this will prevent duplicate notifications, foreach ($sending_tags as $tag) { if (!tag_tools_is_user_following_tag($tag, $user->getGUID())) { // user is not following this tag, check the next continue; } $notifiction_settings = tag_tools_get_user_tag_notification_settings($tag, $user->getGUID()); if (empty($notifiction_settings)) { // no notification settings for this tag continue; } if (isset($tag_subscribers[$user->getGUID()])) { $tag_subscribers[$user->getGUID()] = array_merge($tag_subscribers[$user->getGUID()], $notifiction_settings); $tag_subscribers[$user->getGUID()] = array_unique($tag_subscribers[$user->getGUID()]); } else { $tag_subscribers[$user->getGUID()] = $notifiction_settings; } } } if (!empty($tag_subscribers)) { return $tag_subscribers; } return []; }
/** * Validates PAM credentials * * @param array $credentials Credentials * @return boolean * @throws LoginException */ public static function handler(array $credentials = array()) { $calendar_guid = elgg_extract('calendar_guid', $credentials); $user_guid = elgg_extract('user_guid', $credentials); $token = elgg_extract('token', $credentials); $ia = elgg_set_ignore_access(true); $calendar = get_entity($calendar_guid); $user = get_entity($user_guid); elgg_set_ignore_access($ia); $pam = new PAM($calendar, $user); if (!has_access_to_entity($calendar, $user)) { throw new LoginException('User does not have access to this calendar'); } if (!$calendar->getToken()) { throw new LoginException('Calendar does not allow remote access'); } if (!$pam->validateToken($token)) { throw new LoginException('Invalid token'); } return true; }
/** * Pre 1.9 notificatins * * Listen to the 'publish','object' event and send out notifications * to interested users, as well as anyone tagged * * @param string $event Equals 'publish' * @param string $entity_type Equals 'object' * @param ElggEntity $entity Published entity * @return boolean */ public function sendLegacy($event, $entity_type, $entity) { if (!$entity instanceof Post || $entity->origin != 'wall') { return true; } $poster = $entity->getOwnerEntity(); $container = $entity->getContainerEntity(); $message = $entity->formatMessage(true); $sent = array(elgg_get_logged_in_user_guid(), $poster->guid, $container->guid); // Notify wall owner if ($poster->guid !== $container->guid && $container instanceof ElggUser) { $to = $container->guid; $from = $poster->guid; $target = elgg_echo("wall:target:{$entity->getSubtype()}"); $ownership = elgg_echo('wall:ownership:your', array($target)); $subject = elgg_echo('wall:new:notification:subject', array($poster->name, $ownership)); $body = elgg_echo('wall:new:notification:message', array($poster->name, $ownership, $message, $entity->getURL())); notify_user($to, $from, $subject, $body); } // Notify tagged users $tagged_friends = $entity->getTaggedFriends(); foreach ($tagged_friends as $tagged_friend) { // user tagged herself or the wall owner if ($tagged_friend->guid == $poster->guid || $tagged_friend->guid == $container->guid || in_array($tagged_friend->guid, $sent)) { continue; } $sent[] = $tagged_friend->guid; $to = $tagged_friend->guid; $from = $poster->guid; $subject = elgg_echo('wall:tagged:notification:subject', array($poster->name)); $body = elgg_echo('wall:tagged:notification:message', array($poster->name, $message, $entity->getURL())); notify_user($to, $from, $subject, $body); } elgg_push_context('widgets'); $default_msg_body = elgg_view_entity($entity, array('full_view' => false)); elgg_pop_context(); global $NOTIFICATION_HANDLERS; // Get users interested in content from this person and notify them // (Person defined by container_guid so we can also subscribe to groups if we want) foreach ($NOTIFICATION_HANDLERS as $method => $foo) { $interested_users = ElggBatch('elgg_get_entities_from_relationship', array('site_guids' => ELGG_ENTITIES_ANY_VALUE, 'relationship' => 'notify' . $method, 'relationship_guid' => $entity->container_guid, 'inverse_relationship' => true, 'type' => 'user', 'limit' => false)); foreach ($interested_users as $user) { if ($user instanceof ElggUser && !$user->isBanned() && !in_array($user->guid, $sent)) { if (has_access_to_entity($entity, $user) && $entity->access_id != ACCESS_PRIVATE) { $body = elgg_trigger_plugin_hook('notify:entity:message', 'object', array('entity' => $entity, 'to_entity' => $user, 'method' => $method), $default_msg_body); if ($body !== false) { notify_user($user->guid, $entity->container_guid, $subject, $body, null, array($method)); } } } } } return true; }
public function testHasAccessToEntity() { $session = elgg_get_session(); $test_user = $session->getLoggedInUser(); $object = new ElggObject(); $object->access_id = ACCESS_PRIVATE; $object->save(); $session->removeLoggedInUser(); $this->assertFalse(has_access_to_entity($object)); $this->assertFalse(has_access_to_entity($object, $this->user)); $session->setLoggedInUser($test_user); $object->access_id = ACCESS_PUBLIC; $object->save(); $session->removeLoggedInUser(); $this->assertTrue(has_access_to_entity($object)); $this->assertTrue(has_access_to_entity($object, $this->user)); $session->setLoggedInUser($test_user); $object->access_id = ACCESS_LOGGED_IN; $object->save(); $session->removeLoggedInUser(); $this->assertFalse(has_access_to_entity($object)); $this->assertTrue(has_access_to_entity($object, $this->user)); $session->setLoggedInUser($test_user); $test_user->addFriend($this->user->guid); $object->access_id = ACCESS_FRIENDS; $object->save(); $session->removeLoggedInUser(); $this->assertFalse(has_access_to_entity($object)); $this->assertTrue(has_access_to_entity($object, $this->user)); $session->setLoggedInUser($test_user); $test_user->removeFriend($this->user->guid); $object->delete(); }
/** * Catch all create events and scan for @username tags to notify user. * * @param string $event The event name * @param string $event_type The event type * @param ElggData $object The object that was created * @return void */ function mentions_notification_handler($event, $event_type, $object) { // excludes messages - otherwise an endless loop of notifications occur! if (elgg_instanceof($object, 'object', 'messages')) { return; } $type = $object->getType(); $subtype = $object->getSubtype(); $owner = $object->getOwnerEntity(); $fields = array('title', 'description', 'value'); // store the guids of notified users so they only get one notification per creation event $notified_guids = array(); foreach ($fields as $field) { $content = $object->{$field}; // it's ok in this case if 0 matches == FALSE if (preg_match_all(mentions_get_regex(), $content, $matches)) { // match against the 2nd index since the first is everything foreach ($matches[1] as $username) { $user = get_user_by_username($username); // check for trailing punctuation caught by the regex if (!$user && substr($username, -1) == '.') { $user = get_user_by_username(rtrim($username, '.')); } if (!$user) { continue; } // user must have access to view object/annotation if ($type == 'annotation') { $annotated_entity = $object->getEntity(); if (!$annotated_entity || !has_access_to_entity($annotated_entity, $user)) { continue; } } else { if (!has_access_to_entity($object, $user)) { continue; } } if (!in_array($user->getGUID(), $notified_guids)) { $notified_guids[] = $user->getGUID(); // if they haven't set the notification status default to sending. // Private settings are stored as strings so we check against "0" $notification_setting = elgg_get_plugin_user_setting('notify', $user->getGUID(), 'mentions'); if ($notification_setting === "0") { continue; } $link = $object->getURL(); $type_key = "mentions:notification_types:{$type}:{$subtype}"; $type_str = elgg_echo($type_key); if ($type_str == $type_key) { // plugins can add to the list of mention objects by defining // the language string 'mentions:notification_types:<type>:<subtype>' continue; } $subject = elgg_echo('mentions:notification:subject', array($owner->name, $type_str)); $body = elgg_echo('mentions:notification:body', array($owner->name, $type_str, $link)); $params = array('object' => $object, 'action' => 'mention'); notify_user($user->getGUID(), $owner->getGUID(), $subject, $body, $params); } } } } }
/** * Get an entity from the in-memory or memcache caches * * @param int $guid GUID * * @return \ElggEntity */ protected function getFromCache($guid) { $entity = $this->entity_cache->get($guid); if ($entity) { return $entity; } $memcache = _elgg_get_memcache('new_entity_cache'); $entity = $memcache->load($guid); if (!$entity instanceof ElggEntity) { return false; } // Validate accessibility if from memcache if (!elgg_get_ignore_access() && !has_access_to_entity($entity)) { return false; } $this->entity_cache->set($entity); return $entity; }
/** * Send a notification to a subscriber * * @param \Elgg\Notifications\Event $event The notification event * @param int $guid The guid of the subscriber * @param string $method The notification method * @return bool * @access private */ protected function sendNotification(\Elgg\Notifications\Event $event, $guid, $method) { $recipient = get_user($guid); if (!$recipient || $recipient->isBanned()) { return false; } // don't notify the creator of the content if ($recipient->getGUID() == $event->getActorGUID()) { return false; } $actor = $event->getActor(); $object = $event->getObject(); if (!$actor || !$object) { return false; } if ($object instanceof ElggEntity && !has_access_to_entity($object, $recipient)) { return false; } $language = $recipient->language; $params = array('event' => $event, 'method' => $method, 'recipient' => $recipient, 'language' => $language, 'object' => $object); $subject = _elgg_services()->translator->translate('notification:subject', array($actor->name), $language); $body = _elgg_services()->translator->translate('notification:body', array($object->getURL()), $language); $notification = new \Elgg\Notifications\Notification($event->getActor(), $recipient, $language, $subject, $body, '', $params); $type = 'notification:' . $event->getDescription(); if ($this->hooks->hasHandler('prepare', $type)) { $notification = $this->hooks->trigger('prepare', $type, $params, $notification); } else { // pre Elgg 1.9 notification message generation $notification = $this->getDeprecatedNotificationBody($notification, $event, $method); } if ($this->hooks->hasHandler('send', "notification:{$method}")) { // return true to indicate the notification has been sent $params = array('notification' => $notification, 'event' => $event); return $this->hooks->trigger('send', "notification:{$method}", $params, false); } else { // pre Elgg 1.9 notification handler $userGuid = $notification->getRecipientGUID(); $senderGuid = $notification->getSenderGUID(); $subject = $notification->subject; $body = $notification->body; $params = $notification->params; return (bool) _elgg_notify_user($userGuid, $senderGuid, $subject, $body, $params, array($method)); } }
public function testUpdateAbilityDependsOnCanEdit() { $this->entity->access_id = ACCESS_PRIVATE; $this->assertTrue($this->entity->save()); // even owner can't bypass permissions elgg_register_plugin_hook_handler('permissions_check', 'object', [Elgg\Values::class, 'getFalse'], 999); $this->assertFalse($this->entity->save()); elgg_unregister_plugin_hook_handler('permissions_check', 'object', [Elgg\Values::class, 'getFalse']); $user = new ElggUser(); $user->save(); $old_user = $this->replaceSession($user); $this->assertFalse($this->entity->save()); elgg_register_plugin_hook_handler('permissions_check', 'object', [Elgg\Values::class, 'getTrue']); // even though this user can't look up the entity via the DB, permission allows update. $this->assertFalse(has_access_to_entity($this->entity, $user)); $this->assertTrue($this->entity->save()); elgg_unregister_plugin_hook_handler('permissions_check', 'object', [Elgg\Values::class, 'getTrue']); // can save with access ignore $ia = elgg_set_ignore_access(); $this->assertTrue($this->entity->save()); elgg_set_ignore_access($ia); $this->replaceSession($old_user); $user->delete(); }
/** * Sent out the notifications for the provided annotation_id * * @param int $id the id of the annotation * @param string $event the type of event * * @return void */ function advanced_notifications_annotation_notification($id, $event) { global $NOTIFICATION_HANDLERS; // get the annotation $annotation = elgg_get_annotation_from_id($id); if (!empty($annotation)) { // are notifications on this annotation allowed if (advanced_notifications_is_registered_notification_annotation($annotation)) { // get the entity the annotation was made on $entity = $annotation->getEntity(); // get the owner of the annotation $owner = $annotation->getOwnerEntity(); if (!empty($entity) && !empty($owner)) { // make sure the entity isn't a PRIVATE entity, this shouldn't happed as the commandline shouldn't be called if ($entity->access_id != ACCESS_PRIVATE) { // is the entity a registered entity type/subtype, this shouldn't happen see above $default_subject = advanced_notifications_is_registered_notification_entity($entity, true); if (!empty($default_subject)) { // prepare the message to sent $default_message = $default_subject . ": " . $entity->getURL(); // check if we need to disable site notifications if (elgg_get_plugin_setting("replace_site_notifications", "advanced_notifications") == "yes") { unregister_notification_handler("site"); } if (!empty($NOTIFICATION_HANDLERS) && is_array($NOTIFICATION_HANDLERS)) { // this could take a long time, especialy with large groups set_time_limit(0); // prepare options to get the interested users $options = array("type" => "user", "site_guids" => ELGG_ENTITIES_ANY_VALUE, "limit" => false, "joins" => array("JOIN " . elgg_get_config("dbprefix") . "users_entity ue ON e.guid = ue.guid"), "wheres" => array("(ue.banned = 'no')", "(e.guid <> " . $owner->getGUID() . ")"), "relationship_guid" => $entity->getContainerGUID(), "inverse_relationship" => true, "callback" => "advanced_notifications_row_to_guid"); foreach ($NOTIFICATION_HANDLERS as $method => $dummy) { // get the interested users for the entity $options["relationship"] = "notify" . $method; // allow the interested user options to be ajusted $params = array("annotation" => $annotation, "entity" => $entity, "options" => $options, "method" => $method); $options = elgg_trigger_plugin_hook("interested_users:options", "notify:" . $method, $params, $options); if (!empty($options)) { // we got through the hook, so get the users $user_guids = elgg_get_entities_from_relationship($options); if (!empty($user_guids)) { // process each user foreach ($user_guids as $user_guid) { // fetch the user entity to process $user = get_user($user_guid); if (!empty($user)) { // check if the user has access to the entity if (has_access_to_entity($entity, $user)) { // trigger a hook to make a custom message $message = elgg_trigger_plugin_hook("notify:annotation:message", $annotation->getSubtype(), array("annotation" => $annotation, "to_entity" => $user, "method" => $method), $default_message); // check if the hook made a correct message if (empty($message) && $message !== false) { // the hook did it incorrect, so reset the message $message = $default_message; } // this is new, trigger a hook to make a custom subject $subject = elgg_trigger_plugin_hook("notify:annotation:subject", $annotation->getSubtype(), array("annotation" => $annotation, "to_entity" => $user, "method" => $method), $default_subject); // check if the hook made a correct subject if (empty($subject)) { // the hook did it incorrect, so reset the subject $subject = $default_subject; } // if the hook returnd false, don't sent a notification if ($message !== false) { notify_user($user->getGUID(), $entity->getContainerGUID(), $subject, $message, null, $method); } } } // cleanup some of the caches _elgg_invalidate_query_cache(); _elgg_invalidate_cache_for_entity($user_guid); unset($user); } } // some small cleanup unset($user_guids); } } } } } } } } }
/** * Send a notification to a subscriber * * @param NotificationEvent $event The notification event * @param int $guid The guid of the subscriber * @param string $method The notification method * @param array $params Default notification params * @return bool * @access private */ protected function sendNotification(NotificationEvent $event, $guid, $method, array $params = []) { $actor = $event->getActor(); $object = $event->getObject(); if ($event instanceof InstantNotificationEvent) { $recipient = $this->entities->get($guid); /* @var \ElggEntity $recipient */ $subject = elgg_extract('subject', $params, ''); $body = elgg_extract('body', $params, ''); $summary = elgg_extract('summary', $params, ''); } else { $recipient = $this->entities->get($guid, 'user'); /* @var \ElggUser $recipient */ if (!$recipient || $recipient->isBanned()) { return false; } if ($recipient->getGUID() == $event->getActorGUID()) { // Content creators should not be receiving subscription // notifications about their own content return false; } if (!$actor || !$object) { return false; } if ($object instanceof ElggEntity && !has_access_to_entity($object, $recipient)) { // Recipient does not have access to the notification object // The access level may have changed since the event was enqueued return false; } $subject = $this->getNotificationSubject($event, $recipient); $body = $this->getNotificationBody($event, $recipient); $summary = ''; $params['origin'] = Notification::ORIGIN_SUBSCRIPTIONS; } $language = $recipient->language; $params['event'] = $event; $params['method'] = $method; $params['sender'] = $actor; $params['recipient'] = $recipient; $params['language'] = $language; $params['object'] = $object; $params['action'] = $event->getAction(); $notification = new Notification($actor, $recipient, $language, $subject, $body, $summary, $params); $notification = $this->hooks->trigger('prepare', 'notification', $params, $notification); if (!$notification instanceof Notification) { throw new RuntimeException("'prepare','notification' hook must return an instance of " . Notification::class); } $type = 'notification:' . $event->getDescription(); if ($this->hooks->hasHandler('prepare', $type)) { $notification = $this->hooks->trigger('prepare', $type, $params, $notification); if (!$notification instanceof Notification) { throw new RuntimeException("'prepare','{$type}' hook must return an instance of " . Notification::class); } } else { // pre Elgg 1.9 notification message generation $notification = $this->getDeprecatedNotificationBody($notification, $event, $method); } $notification = $this->hooks->trigger('format', "notification:{$method}", [], $notification); if (!$notification instanceof Notification) { throw new RuntimeException("'format','notification:{$method}' hook must return an instance of " . Notification::class); } if ($this->hooks->hasHandler('send', "notification:{$method}")) { // return true to indicate the notification has been sent $params = array('notification' => $notification, 'event' => $event); $result = $this->hooks->trigger('send', "notification:{$method}", $params, false); if ($this->logger->getLevel() == Logger::INFO) { $logger_data = print_r((array) $notification->toObject(), true); if ($result) { $this->logger->info("Notification sent: " . $logger_data); } else { $this->logger->info("Notification was not sent: " . $logger_data); } } return $result; } else { // pre Elgg 1.9 notification handler $userGuid = $notification->getRecipientGUID(); $senderGuid = $notification->getSenderGUID(); $subject = $notification->subject; $body = $notification->body; $params = $notification->params; return (bool) _elgg_notify_user($userGuid, $senderGuid, $subject, $body, $params, array($method)); } }
<?php $guid = (int) get_input("guid"); $ia = elgg_set_ignore_access(true); $entity = get_entity($guid); elgg_set_ignore_access($ia); if (empty($entity) || !elgg_instanceof($entity, "object", "static")) { forward(REFERER); } $can_write_to_container = can_write_to_container(0, $entity->getOwnerGUID(), 'object', 'static'); if (!has_access_to_entity($entity) && !$entity->canEdit() && !$can_write_to_container) { register_error(elgg_echo("noaccess")); forward(REFERER); } $ia = elgg_set_ignore_access($can_write_to_container); if ($entity->canEdit()) { elgg_register_menu_item("title", array("name" => "edit", "href" => "static/edit/" . $entity->getGUID(), "text" => elgg_echo("edit"), "link_class" => "elgg-button elgg-button-action")); elgg_register_menu_item("title", array("name" => "create_subpage", "href" => "static/add/" . $entity->getOwnerGUID() . "?parent_guid=" . $entity->getGUID(), "text" => elgg_echo("static:add:subpage"), "link_class" => "elgg-button elgg-button-action")); } elgg_set_ignore_access($ia); // page owner (for groups) $owner = $entity->getOwnerEntity(); if (elgg_instanceof($owner, "group")) { elgg_set_page_owner_guid($owner->getGUID()); } // show breadcrumb $ia = elgg_set_ignore_access(true); $container_entity = $entity->getContainerEntity(); if (elgg_instanceof($container_entity, "object", "static")) { while (elgg_instanceof($container_entity, "object", "static")) { elgg_push_breadcrumb($container_entity->title, $container_entity->getURL());
/** * Web service for read a blog post * * @param string $guid GUID of a blog entity * @param string $username Username of reader (Send NULL if no user logged in) * @return string $title Title of blog post * @internal param string $password Password for authentication of username (Send NULL if no user logged in) * */ function blog_get_post($guid, $username) { $return = array(); $blog = get_entity($guid); if (!elgg_instanceof($blog, 'object', 'blog')) { $return['content'] = elgg_echo('blog:error:post_not_found'); return $return; } $user = get_user_by_username($username); if ($user) { if (!has_access_to_entity($blog, $user)) { $return['content'] = elgg_echo('blog:error:post_not_found'); return $return; } if ($blog->status != 'published' && $user->guid != $blog->owner_guid) { $return['content'] = elgg_echo('blog:error:post_not_found'); return $return; } } else { if ($blog->access_id != 2) { $return['content'] = elgg_echo('blog:error:post_not_found'); return $return; } } $return['guid'] = $guid; $return['title'] = htmlspecialchars($blog->title); $return['description'] = $blog->description; $return['excerpt'] = $blog->excerpt; if ($blog->tags == null) { $return['tags'] = ''; } else { $return['tags'] = implode(",", $blog->tags); } $comments = elgg_get_entities(array('type' => 'object', 'subtype' => 'comment', 'container_guid' => $guid, 'limit' => 0)); $return['owner'] = getBlogOwner($blog->owner_guid); $return['access_id'] = $blog->access_id; $return['status'] = $blog->status; $return['comments_on'] = $blog->comments_on; $return['time_created'] = time_ago($blog->time_created); $return['like_count'] = likes_count_number_of_likes($guid); $return['like'] = checkLike($guid, $user->guid); $return['comment_count'] = sizeof($comments); return $return; }
/** * Check if requested page is a static page * * @param string $hook name of the hook * @param string $type type of the hook * @param array $return_value return value * @param array $params hook parameters * * @return array */ public static function routeAll($hook, $type, $return_value, $params) { if (!is_array($return_value)) { // someone else already routed this page return; } /** * $return_value contains: * $return_value['identifier'] => requested handler * $return_value['segments'] => url parts ($page) */ $identifier = elgg_extract('identifier', $return_value); if (empty($identifier)) { return; } $handlers = _elgg_services()->router->getPageHandlers(); if (elgg_extract($identifier, $handlers)) { return; } $ia = elgg_set_ignore_access(true); $entities = elgg_get_entities_from_metadata(['type' => 'object', 'subtype' => \StaticPage::SUBTYPE, 'limit' => 1, 'metadata_name_value_pairs' => ['friendly_title' => $identifier], 'metadata_case_sensitive' => false]); elgg_set_ignore_access($ia); if (empty($entities)) { return; } $entity = $entities[0]; if (!has_access_to_entity($entity) && !$entity->canEdit()) { return; } $return_value['segments'] = ['view', $entity->getGUID()]; $return_value['identifier'] = 'static'; return $return_value; }
function plugins_send_notifications($entity) { global $CONFIG, $NOTIFICATION_HANDLERS; $owner = $entity->getOwnerEntity(); // Get users interested in content from this person and notify them foreach ($NOTIFICATION_HANDLERS as $method => $foo) { $interested_users = elgg_get_entities_from_relationship(array('relationship' => 'notify' . $method, 'relationship_guid' => $owner->guid, 'inverse_relationship' => TRUE, 'types' => 'user', 'limit' => 99999)); if ($interested_users && is_array($interested_users)) { foreach ($interested_users as $user) { if ($user instanceof ElggUser && !$user->isBanned()) { if ($user->guid != get_loggedin_userid() && has_access_to_entity($entity, $user)) { $subtype = $entity->getSubtype(); if ($subtype == 'plugin_project') { $text = $entity->description; } else { $text = $entity->release_notes; } $subject = sprintf(elgg_echo("plugins:{$subtype}:notify:subject"), $owner->name, $entity->title); $body = sprintf(elgg_echo("plugins:{$subtype}:notify:body"), $owner->name, $entity->title, $text, $entity->getURL()); notify_user($user->guid, $entity->owner_guid, $subject, $body, NULL, array($method)); } } } } } }
/** * Caches menu items for a given entity and returns an array of the menu items * * @param \StaticPage $root_entity Root entity to fetch the menu items for * * @return array|false */ public static function generateMenuItemsCache(\StaticPage $root_entity) { if (!$root_entity instanceof \StaticPage) { return false; } $static_items = []; $priority = (int) $root_entity->order; if (empty($priority)) { $priority = (int) $root_entity->time_created; } $root_menu_options = ['name' => $root_entity->getGUID(), 'rel' => $root_entity->getGUID(), 'href' => $root_entity->getURL(), 'text' => elgg_format_element('span', [], $root_entity->title), 'priority' => $priority, 'section' => 'static']; if ($root_entity->canEdit()) { $root_menu_options['itemClass'] = ['static-sortable']; } // add main menu items $static_items[$root_entity->getGUID()] = \ElggMenuItem::factory($root_menu_options); // add all sub menu items so they are cacheable $ia = elgg_set_ignore_access(true); $submenu_entities = elgg_get_entities_from_relationship(['type' => 'object', 'subtype' => \StaticPage::SUBTYPE, 'relationship_guid' => $root_entity->getGUID(), 'relationship' => 'subpage_of', 'limit' => false, 'inverse_relationship' => true]); if ($submenu_entities) { foreach ($submenu_entities as $submenu_item) { if (!has_access_to_entity($submenu_item) && !$submenu_item->canEdit()) { continue; } $priority = (int) $submenu_item->order; if (empty($priority)) { $priority = (int) $submenu_item->time_created; } $static_items[$submenu_item->getGUID()] = \ElggMenuItem::factory(['name' => $submenu_item->getGUID(), 'rel' => $submenu_item->getGUID(), 'href' => $submenu_item->getURL(), 'text' => elgg_format_element('span', [], $submenu_item->title), 'priority' => $priority, 'parent_name' => $submenu_item->getContainerGUID(), 'section' => 'static']); } } elgg_set_ignore_access($ia); $file = new \ElggFile(); $file->owner_guid = $root_entity->getGUID(); $file->setFilename('static_menu_item_cache'); $file->open('write'); $file->write(serialize($static_items)); $file->close(); return $static_items; }
/** * Check if an assigne can be assigned * * @param mixed $assignee the new assignee (can be empty to unassign) * @param bool $register_error register an error (default: false) * * @return bool */ public function canAssign($assignee = null, $register_error = false) { $register_error = (bool) $register_error; if (empty($assignee)) { // unassign return true; } if (is_array($assignee) && count($assignee) > 1) { // can only assign to 1 user if ($register_error) { register_error(elgg_echo('todos:todoitem:error:assignee:too_many')); } return false; } if (is_array($assignee)) { $assignee = $assignee[0]; } $assignee = sanitise_int($assignee, false); $user = get_user($assignee); if (empty($user)) { // no a user if ($register_error) { register_error(elgg_echo('todos:todoitem:error:assignee:no_user')); } return false; } if (!has_access_to_entity($this, $user)) { // assigne has no access if ($register_error) { register_error(elgg_echo('todos:todoitem:error:assignee:access', array($user->name))); } return false; } return true; }
/** * Automatically triggered notification on 'create' events that looks at registered * objects and attempts to send notifications to anybody who's interested * * @see register_notification_object * * @param string $event create * @param string $object_type mixed * @param mixed $object The object created * * @return void * @access private */ function object_notifications($event, $object_type, $object) { // We only want to trigger notification events for ElggEntities if ($object instanceof ElggEntity) { // Get config data global $CONFIG, $SESSION, $NOTIFICATION_HANDLERS; $hookresult = elgg_trigger_plugin_hook('object:notifications', $object_type, array('event' => $event, 'object_type' => $object_type, 'object' => $object), false); if ($hookresult === true) { return true; } // Have we registered notifications for this type of entity? $object_type = $object->getType(); if (empty($object_type)) { $object_type = '__BLANK__'; } $object_subtype = $object->getSubtype(); if (empty($object_subtype)) { $object_subtype = '__BLANK__'; } if (isset($CONFIG->register_objects[$object_type][$object_subtype])) { $descr = $CONFIG->register_objects[$object_type][$object_subtype]; $string = $descr . ": " . $object->getURL(); // Get users interested in content from this person and notify them // (Person defined by container_guid so we can also subscribe to groups if we want) foreach ($NOTIFICATION_HANDLERS as $method => $foo) { $interested_users = elgg_get_entities_from_relationship(array('site_guids' => ELGG_ENTITIES_ANY_VALUE, 'relationship' => 'notify' . $method, 'relationship_guid' => $object->container_guid, 'inverse_relationship' => TRUE, 'types' => 'user', 'limit' => 99999)); if ($interested_users && is_array($interested_users)) { foreach ($interested_users as $user) { if ($user instanceof ElggUser && !$user->isBanned()) { if ($user->guid != $SESSION['user']->guid && has_access_to_entity($object, $user) && $object->access_id != ACCESS_PRIVATE) { $methodstring = elgg_trigger_plugin_hook('notify:entity:message', $object->getType(), array('entity' => $object, 'to_entity' => $user, 'method' => $method), $string); if (empty($methodstring) && $methodstring !== false) { $methodstring = $string; } if ($methodstring !== false) { notify_user($user->guid, $object->container_guid, $descr, $methodstring, NULL, array($method)); } } } } } } } } }
<?php elgg_gatekeeper(); $site = elgg_get_site_entity(); $ia = elgg_set_ignore_access(true); $entities = elgg_get_entities(['type' => 'object', 'subtype' => StaticPage::SUBTYPE, 'limit' => false, 'container_guid' => $site->getGUID(), 'joins' => ['JOIN ' . elgg_get_config('dbprefix') . 'objects_entity oe ON e.guid = oe.guid'], 'order_by' => 'oe.title asc']); elgg_set_ignore_access($ia); if ($entities) { elgg_require_js('static/list_reorder'); $ordered_entities = []; foreach ($entities as $index => $entity) { if (!has_access_to_entity($entity) && !$entity->canEdit()) { continue; } $order = $entity->order; if (empty($order)) { $order = 1000000 + $index; } $ordered_entities[$order] = $entity; } ksort($ordered_entities); $body = ''; if ($site->canEdit()) { $body .= elgg_format_element('div', ['class' => 'mbm'], elgg_echo('static:list:info')); } $body .= elgg_format_element('div', ['class' => 'static-list-reorder', 'data-container-guid' => $site->guid], elgg_view_entity_list($ordered_entities, ['item_view' => 'object/static/simple'])); } else { $body = elgg_echo('static:admin:empty'); } $filter = ''; if (static_out_of_date_enabled()) {
/** * Catch reply to discussion topic and generate notifications * * @todo this will be replaced in Elgg 1.9 and is a clone of object_notifications() * * @param string $event * @param string $type * @param ElggAnnotation $annotation * @return void */ function discussion_reply_notifications($event, $type, $annotation) { global $CONFIG, $NOTIFICATION_HANDLERS; if ($annotation->name !== 'group_topic_post') { return; } // Have we registered notifications for this type of entity? $object_type = 'object'; $object_subtype = 'groupforumtopic'; $topic = $annotation->getEntity(); if (!$topic) { return; } $poster = $annotation->getOwnerEntity(); if (!$poster) { return; } if (isset($CONFIG->register_objects[$object_type][$object_subtype])) { $subject = $CONFIG->register_objects[$object_type][$object_subtype]; $string = $subject . ": " . $topic->getURL(); // Get users interested in content from this person and notify them // (Person defined by container_guid so we can also subscribe to groups if we want) foreach ($NOTIFICATION_HANDLERS as $method => $foo) { $interested_users = elgg_get_entities_from_relationship(array('relationship' => 'notify' . $method, 'relationship_guid' => $topic->getContainerGUID(), 'inverse_relationship' => true, 'type' => 'user', 'limit' => 0)); if ($interested_users && is_array($interested_users)) { foreach ($interested_users as $user) { if ($user instanceof ElggUser && !$user->isBanned()) { if ($user->guid != $poster->guid && has_access_to_entity($topic, $user) && $topic->access_id != ACCESS_PRIVATE) { $body = elgg_trigger_plugin_hook('notify:annotation:message', $annotation->getSubtype(), array('annotation' => $annotation, 'to_entity' => $user, 'method' => $method), $string); if (empty($body) && $body !== false) { $body = $string; } if ($body !== false) { notify_user($user->guid, $topic->getContainerGUID(), $subject, $body, null, array($method)); } } } } } } } }
/** * Catch all create events and scan for @username tags to notify user. * * @param unknown_type $event * @param unknown_type $type * @param unknown_type $object * @return unknown_type */ function mentions_entity_notification_handler($event, $type, $object) { global $CONFIG; if ($type == 'annotation' && $object->name != 'generic_comment') { return NULL; } // excludes messages - otherwise an endless loop of notifications occur! if ($object->getSubtype() == "messages") { return NULL; } $fields = array('name', 'title', 'description', 'value'); // store the guids of notified users so they only get one notification per creation event $notified_guids = array(); foreach ($fields as $field) { $content = $object->{$field}; // it's ok in in this case if 0 matches == FALSE if (preg_match_all($CONFIG->mentions_match_regexp, $content, $matches)) { // match against the 2nd index since the first is everything foreach ($matches[1] as $username) { if (!($user = get_user_by_username($username))) { continue; } if ($type == 'annotation') { if ($parent = get_entity($object->entity_guid)) { $access = has_access_to_entity($parent, $user); } else { continue; } } else { $access = has_access_to_entity($object, $user); } if ($user && $access && !in_array($user->getGUID(), $notified_guids)) { // if they haven't set the notification status default to sending. $notification_setting = elgg_get_plugin_user_setting('notify', $user->getGUID(), 'mentions'); if (!$notification_setting && $notification_setting !== FALSE) { $notified_guids[] = $user->getGUID(); continue; } // figure out the link switch ($type) { case 'annotation': //@todo permalinks for comments? if ($parent = get_entity($object->entity_guid)) { $link = $parent->getURL(); } else { $link = 'Unavailable'; } break; default: $link = $object->getURL(); break; } $owner = get_entity($object->owner_guid); $type_key = "mentions:notification_types:{$type}"; if ($subtype = $object->getSubtype()) { $type_key .= ":{$subtype}"; } $type_str = elgg_echo($type_key); $subject = sprintf(elgg_echo('mentions:notification:subject'), $owner->name, $type_str); // use the search function to pull out relevant parts of the content //$content = search_get_highlighted_relevant_substrings($content, "@{$user->username}"); $body = sprintf(elgg_echo('mentions:notification:body'), $owner->name, $type_str, $content, $link); if (notify_user($user->getGUID(), $CONFIG->site->getGUID(), $subject, $body)) { $notified_guids[] = $user->getGUID(); } } } } } }