public function testUpdateACL() { // another fake user to test with $user = new \ElggUser(); $user->username = '******' . rand(); $user->email = '*****@*****.**' . rand(); $user->name = 'fake user'; $user->access_id = ACCESS_PUBLIC; $user->setPassword(rand()); $user->owner_guid = 0; $user->container_guid = 0; $user->save(); $acl_id = create_access_collection('test acl'); $member_lists = array(array($this->user->guid, $user->guid), array($user->guid), array($this->user->guid), array()); foreach ($member_lists as $members) { $result = update_access_collection($acl_id, $members); $this->assertTrue($result); if ($result) { $q = "SELECT * FROM {$this->dbPrefix}access_collection_membership\n\t\t\t\t\tWHERE access_collection_id = {$acl_id}"; $data = get_data($q); if (count($members) == 0) { $this->assertFalse($data); } else { $this->assertEqual(count($members), count($data)); } foreach ($data as $row) { $this->assertTrue(in_array($row->user_guid, $members)); } } } delete_access_collection($acl_id); $user->delete(); }
/** * Creates a new access collection and adds members * * @param string $name Name of the collection * @param array $members Members to add to the collection * @return int ID of the created collection */ public function createCollection($name, $members = array()) { $site = elgg_get_site_entity(); $acl_id = create_access_collection($name, $site->guid); if (!empty($members)) { update_access_collection($acl_id, $members); } return $acl_id; }
<?php /** * Friends collection edit action * * @package Elgg.Core * @subpackage Friends.Collections */ $collection_id = get_input('collection_id'); $friends = get_input('friend'); // check it exists and we can edit if (!can_edit_access_collection($collection_id)) { system_message(elgg_echo('friends:collection:edit_failed')); } if (update_access_collection($collection_id, $friends)) { system_message(elgg_echo('friends:collections:edited')); } else { system_message(elgg_echo('friends:collection:edit_failed')); } forward(REFERER);
<?php /** * Elgg collection add page * * @package Elgg.Core * @subpackage Friends.Collections */ $collection_name = htmlspecialchars(get_input('collection_name', '', false), ENT_QUOTES, 'UTF-8'); $friends = get_input('friends_collection'); if (!$collection_name) { register_error(elgg_echo("friends:nocollectionname")); forward(REFERER); } $id = create_access_collection($collection_name); if ($id) { $result = update_access_collection($id, $friends); if ($result) { system_message(elgg_echo("friends:collectionadded")); forward("collections/owner/" . elgg_get_logged_in_user_entity()->username); } else { register_error(elgg_echo("friends:nocollectionname")); forward(REFERER); } } else { register_error(elgg_echo("friends:nocollectionname")); forward(REFERER); }
<?php set_time_limit(0); $rel_member = $rel_invited = $rel_membership_request = 0; $member_count_max = (int) get_input('max'); $groups = new ElggBatch('elgg_get_entities_from_metadata', array('types' => 'group', 'metadata_names' => '__faker', 'limit' => 0)); foreach ($groups as $group) { remove_entity_relationships($group->guid, 'member', true); remove_entity_relationships($group->guid, 'membership_request', true); remove_entity_relationships($group->guid, 'invited'); update_access_collection($group->group_acl, array($group->owner_guid)); $group->join(get_entity($group->owner_guid)); $members_count = rand(1, $member_count_max); $members = elgg_get_entities_from_metadata(array('types' => 'user', 'limit' => $members_count, 'order_by' => 'RAND()', 'metadata_names' => '__faker')); foreach ($members as $member) { if ($group->join($member)) { $rel_member++; } } if (!$group->isPublicMembership()) { $invites_count = rand(1, $member_count_max); $invitees = elgg_get_entities_from_metadata(array('types' => 'user', 'limit' => $invites_count, 'order_by' => 'RAND()', 'metadata_names' => '__faker')); foreach ($invitees as $invitee) { if (!check_entity_relationship($invitee->guid, 'member', $group->guid)) { if (add_entity_relationship($group->guid, 'invited', $invitee->guid)) { $rel_invited++; } } } $requests_count = rand(1, $member_count_max); $requestors = elgg_get_entities_from_metadata(array('types' => 'user', 'limit' => $requests_count, 'order_by' => 'RAND()', 'metadata_names' => '__faker'));
/** * Send a message to specified recipients * * @param int $sender_guid GUID of the sender entity * @param array $recipient_guids An array of recipient GUIDs * @param str $subject Subject of the message * @param str $message Body of the message * @param str $message_type Type of the message * @param array $params Additional parameters, e.g. 'message_hash', 'attachments' * @return boolean */ function hj_inbox_send_message($sender_guid, $recipient_guids, $subject = '', $message = '', $message_type = '', array $params = array()) { $ia = elgg_set_ignore_access(); if (!is_array($recipient_guids)) { $recipient_guids = array($recipient_guids); } if (isset($params['message_hash'])) { $message_hash = elgg_extract('message_hash', $params); } if (isset($params['attachments'])) { $attachments = elgg_extract('attachments', $params); } $user_guids = $recipient_guids; $user_guids[] = $sender_guid; sort($user_guids); if (!$message_hash) { $title = strtolower($subject); $title = trim(str_replace('re:', '', $title)); $message_hash = sha1(implode(':', $user_guids) . $title); } $acl_hash = sha1(implode(':', $user_guids)); $dbprefix = elgg_get_config('dbprefix'); $query = "SELECT * FROM {$dbprefix}access_collections WHERE name = '{$acl_hash}'"; $collection = get_data_row($query); //error_log(print_r($collection, true)); $acl_id = $collection->id; if (!$acl_id) { $site = elgg_get_site_entity(); $acl_id = create_access_collection($acl_hash, $site->guid); update_access_collection($acl_id, $user_guids); } //error_log($acl_id); $message_sent = new ElggObject(); $message_sent->subtype = "messages"; $message_sent->owner_guid = $sender_guid; $message_sent->container_guid = $sender_guid; $message_sent->access_id = ACCESS_PRIVATE; $message_sent->title = $subject; $message_sent->description = $message; $message_sent->toId = $recipient_guids; // the users receiving the message $message_sent->fromId = $sender_guid; // the user sending the message $message_sent->readYet = 1; // this is a toggle between 0 / 1 (1 = read) $message_sent->hiddenFrom = 0; // this is used when a user deletes a message in their sentbox, it is a flag $message_sent->hiddenTo = 0; // this is used when a user deletes a message in their inbox $message_sent->msg = 1; $message_sent->msgType = $message_type; $message_sent->msgHash = $message_hash; $message_sent->save(); if ($attachments) { $count = count($attachments['name']); for ($i = 0; $i < $count; $i++) { if ($attachments['error'][$i] || !$attachments['name'][$i]) { continue; } $name = $attachments['name'][$i]; $file = new ElggFile(); $file->container_guid = $message_sent->guid; $file->title = $name; $file->access_id = (int) $acl_id; $prefix = "file/"; $filestorename = elgg_strtolower(time() . $name); $file->setFilename($prefix . $filestorename); $file->open("write"); $file->close(); move_uploaded_file($attachments['tmp_name'][$i], $file->getFilenameOnFilestore()); $saved = $file->save(); if ($saved) { $mime_type = ElggFile::detectMimeType($attachments['tmp_name'][$i], $attachments['type'][$i]); $info = pathinfo($name); $office_formats = array('docx', 'xlsx', 'pptx'); if ($mime_type == "application/zip" && in_array($info['extension'], $office_formats)) { switch ($info['extension']) { case 'docx': $mime_type = "application/vnd.openxmlformats-officedocument.wordprocessingml.document"; break; case 'xlsx': $mime_type = "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"; break; case 'pptx': $mime_type = "application/vnd.openxmlformats-officedocument.presentationml.presentation"; break; } } // check for bad ppt detection if ($mime_type == "application/vnd.ms-office" && $info['extension'] == "ppt") { $mime_type = "application/vnd.ms-powerpoint"; } $file->msgHash = $message_hash; $file->toId = $recipient_guids; $file->fromId = $sender_guid; $file->setMimeType($mime_type); $file->originalfilename = $name; if (elgg_is_active_plugin('file')) { $file->simpletype = file_get_simple_type($mime_type); } $file->save(); $guid = $file->getGUID(); $uploaded_attachments[] = $guid; $attachment_urls .= '<div class="inbox-attachment">' . elgg_view('output/url', array('href' => "messages/download/{$guid}", 'text' => $file->title, 'is_trusted' => true)) . '</div>'; if ($file->simpletype == "image") { $file->icontime = time(); $thumbnail = get_resized_image_from_existing_file($file->getFilenameOnFilestore(), 60, 60, true); if ($thumbnail) { $thumb = new ElggFile(); $thumb->setMimeType($attachments['type'][$i]); $thumb->setFilename($prefix . "thumb" . $filestorename); $thumb->open("write"); $thumb->write($thumbnail); $thumb->close(); $file->thumbnail = $prefix . "thumb" . $filestorename; unset($thumbnail); } $thumbsmall = get_resized_image_from_existing_file($file->getFilenameOnFilestore(), 153, 153, true); if ($thumbsmall) { $thumb->setFilename($prefix . "smallthumb" . $filestorename); $thumb->open("write"); $thumb->write($thumbsmall); $thumb->close(); $file->smallthumb = $prefix . "smallthumb" . $filestorename; unset($thumbsmall); } $thumblarge = get_resized_image_from_existing_file($file->getFilenameOnFilestore(), 600, 600, false); if ($thumblarge) { $thumb->setFilename($prefix . "largethumb" . $filestorename); $thumb->open("write"); $thumb->write($thumblarge); $thumb->close(); $file->largethumb = $prefix . "largethumb" . $filestorename; unset($thumblarge); } } } } } $success = $error = 0; foreach ($recipient_guids as $recipient_guid) { $message_to = new ElggObject(); $message_to->subtype = "messages"; $message_to->owner_guid = $recipient_guid; $message_to->container_guid = $recipient_guid; $message_to->access_id = ACCESS_PRIVATE; $message_to->title = $subject; $message_to->description = $message; $message_to->toId = $recipient_guids; // the users receiving the message $message_to->fromId = $sender_guid; // the user sending the message $message_to->readYet = 0; // this is a toggle between 0 / 1 (1 = read) $message_to->hiddenFrom = 0; // this is used when a user deletes a message in their sentbox, it is a flag $message_to->hiddenTo = 0; // this is used when a user deletes a message in their inbox $message_to->msg = 1; $message_to->msgType = $message_type; $message_to->msgHash = $message_hash; if ($message_to->save()) { $success++; // Make attachments if ($uploaded_attachments) { foreach ($uploaded_attachments as $attachment_guid) { make_attachment($message_to->guid, $attachment_guid); } } // Send out notifications skipping 'site' notification handler if ($recipient_guid != $sender_guid) { $methods = (array) get_user_notification_settings($recipient_guid); unset($methods['site']); if (count($methods)) { $recipient = get_user($recipient_guid); $sender = get_user($sender_guid); $notification_subject = elgg_echo('messages:email:subject'); $notification_message = strip_tags($message); if ($uploaded_attachments) { $notification_message .= elgg_view_module('inbox-attachments', elgg_echo('messages:attachments'), $attachment_urls); } $notification_body = elgg_echo('messages:email:body', array($sender->name, $notification_message, elgg_get_site_url() . "messages/inbox/{$recipient->username}?message_type={$message_type}", $sender->name, elgg_get_site_url() . "messages/thread/{$message_hash}")); notify_user($recipient_guid, $sender_guid, $notification_subject, $notification_body, null, $methods); } } } else { $error++; } } if ($success > 0) { // Make attachments if ($uploaded_attachments) { foreach ($uploaded_attachments as $attachment_guid) { make_attachment($message_sent->guid, $attachment_guid); } } $return = true; } else { $message_sent->delete(); $return = false; } elgg_set_ignore_access($ia); return $return; }
// Wall post access id is set to private, which means it should be visible only to the poster and tagged users // Creating a new ACL for that if ($access_id == ACCESS_PRIVATE && count($friend_guids)) { $user_guids = array($poster->guid, $container->guid); $user_guids = array_merge($user_guids, $friend_guids); $user_guids = array_unique($user_guids); sort($user_guids); $acl_hash = sha1(implode(':', $user_guids)); $dbprefix = elgg_get_config('dbprefix'); $query = "SELECT * FROM {$dbprefix}access_collections WHERE name = '{$acl_hash}'"; $collection = get_data_row($query); $acl_id = $collection->id; if (!$acl_id) { $site = elgg_get_site_entity(); $acl_id = create_access_collection($acl_hash, $site->guid); update_access_collection($acl_id, $user_guids); } $wall_post->access_id = $acl_id; $wall_post->save(); } $extractor = Extractor::extract($status); if (count($extractor->hashtags)) { $wall_post->tags = $extractor->hashtags; } if (count($extractor->usernames)) { foreach ($extractor->usernames as $username) { $user = get_user_by_username($username); if (elgg_instanceof($user) && !in_array($user->guid, $friend_guids)) { $friend_guids[] = $user->guid; } }