/** * {@inheritdoc} */ public function handle(ElggEntity $entity) { $value = get_input($this->getShortname()); $value = strip_tags($value); // update access collection name if group name changes if ($entity->guid && $value != $entity->name) { $entity_name = html_entity_decode($value, ENT_QUOTES, 'UTF-8'); $ac_name = sanitize_string(elgg_echo('groups:group') . ": " . $entity_name); $acl = get_access_collection($entity->group_acl); if ($acl) { $db_prefix = elgg_get_config('dbprefix'); $query = "UPDATE {$db_prefix}access_collections SET name = '{$ac_name}'\n\t\t\t\tWHERE id = {$entity->group_acl}"; update_data($query); } } $entity->name = $value; return $entity; }
/** * add in our own page in the friends/collections URI * * @param type $hook * @param type $type * @param type $return * @param type $params * @return boolean */ function friend_collection_message_router($hook, $type, $return, $params) { if (!($return['segments'][0] == 'collections' && $return['segments'][1] == 'message')) { return $return; } $id = $return['segments'][2]; $collection = get_access_collection($id); $owner = get_user($collection->owner_guid); $can_message = elgg_trigger_plugin_hook('can_message', 'collection', array('collection_id' => $id), true); if (!$collection || !$owner || !$owner->canEdit() || !$can_message) { return $return; } $step = get_input('step', 1); // if we don't havea subject/message we will force step 1 $subject = get_input('subject'); $message = get_input('message'); if (!$subject || !$message) { $step = 1; } $title = elgg_echo('friend_collection_message:title', array($collection->name)); $collections_link = elgg_normalize_url('collections/' . $owner->username); elgg_push_breadcrumb(elgg_echo('friends:collections'), $collections_link); elgg_push_breadcrumb($title); switch ($step) { case 2: $action = 'action/friend_collection_message/send'; $content = elgg_view_form('friend_collection_message/send', array('action' => $action), array('collection' => $collection)); break; default: $action = elgg_http_remove_url_query_element(current_page_url(), 'step'); $action = elgg_http_add_url_query_elements($action, array('step' => 2)); $content = elgg_view_form('friend_collection_message/compose', array('action' => $action), array('collection' => $collection)); break; } $layout = elgg_view_layout('content', array('title' => $title, 'content' => $content, 'filter' => false)); echo elgg_view_page($title, $layout); return false; }
<?php namespace GranularAccess; elgg_require_js('granular_access'); // check to see if the current value is a granular access $acl = get_access_collection($vars['value']); $granular_access = false; $hidden = ' hidden'; $set_custom = false; if ($acl) { $ga = elgg_get_entities_from_metadata(array('type' => 'object', 'subtype' => 'granular_access', 'metadata_name_value_pairs' => array('name' => 'acl_id', 'value' => $acl->id))); if ($ga) { $granular_access = $ga[0]; } } // determine whether we display this filled out by default // only do this if $granluar_access is valid // AND there's no existing matching option in the dropdown if ($granular_access) { if (is_array($vars['options_values'])) { $options_values = $vars['options_values']; } else { $options_values = get_write_access_array(); } if (array_search($vars['value'], $options_values) === false) { $set_custom = true; } } $name = $vars['name'] ? $vars['name'] : 'access_id'; echo elgg_view('input/hidden', array('name' => 'granular_access_names[]', 'value' => $name));
/** * Update notifications for changes in access collection membership. * * This function assumes that only friends can belong to access collections. * * @param string $event * @param string $object_type * @param bool $returnvalue * @param array $params */ function notifications_update_collection_notify($event, $object_type, $returnvalue, $params) { global $NOTIFICATION_HANDLERS; // only update notifications for user owned collections $collection_id = $params['collection_id']; $collection = get_access_collection($collection_id); $user = get_entity($collection->owner_guid); if (!$user instanceof ElggUser) { return $returnvalue; } $member_guid = $params['user_guid']; // loop through all notification types foreach ($NOTIFICATION_HANDLERS as $method => $foo) { $metaname = 'collections_notifications_preferences_' . $method; $collections_preferences = $user->{$metaname}; if (!$collections_preferences) { continue; } if (!is_array($collections_preferences)) { $collections_preferences = array($collections_preferences); } if (in_array(-1, $collections_preferences)) { // if "all friends" notify is on, we don't change any notifications // since must be a friend to be in an access collection continue; } if (in_array($collection_id, $collections_preferences)) { // notifications are on for this collection so we add/remove if ($event == 'access:collections:add_user') { add_entity_relationship($user->guid, "notify{$method}", $member_guid); } elseif ($event == 'access:collections:remove_user') { // removing someone from an access collection is not a guarantee // that they should be removed from notifications //remove_entity_relationship($user->guid, "notify$method", $member_guid); } } } }
/** * Removes a user from an access collection. * * Triggers the 'access:collections:remove_user', 'collection' plugin hook. * * @param int $user_guid The user GUID * @param int $collection_id The access collection ID * * @return bool * @see update_access_collection() * @see remove_user_from_access_collection() * @link http://docs.elgg.org/Access/Collections */ function remove_user_from_access_collection($user_guid, $collection_id) { global $CONFIG; $collection_id = (int) $collection_id; $user_guid = (int) $user_guid; $user = get_user($user_guid); $collection = get_access_collection($collection_id); if (!$user instanceof Elgguser || !$collection) { return false; } $params = array('collection_id' => $collection_id, 'user_guid' => $user_guid); if (!elgg_trigger_plugin_hook('access:collections:remove_user', 'collection', $params, true)) { return false; } $q = "DELETE FROM {$CONFIG->dbprefix}access_collection_membership\n\t\tWHERE access_collection_id = {$collection_id}\n\t\t\tAND user_guid = {$user_guid}"; return (bool) delete_data($q); }
/** * Can the user change this access collection? * * Use the plugin hook of 'access:collections:write', 'user' to change this. * @see get_write_access_array() for details on the hook. * * Respects access control disabling for admin users and {@link elgg_set_ignore_access()} * * @see get_write_access_array() * * @param int $collection_id The collection id * @param mixed $user_guid The user GUID to check for. Defaults to logged in user. * @return bool */ function canEdit($collection_id, $user_guid = null) { if ($user_guid) { $user = _elgg_services()->entityTable->get((int) $user_guid); } else { $user = _elgg_services()->session->getLoggedInUser(); } $collection = get_access_collection($collection_id); if (!$user instanceof \ElggUser || !$collection) { return false; } $write_access = get_write_access_array($user->getGUID(), 0, true); // don't ignore access when checking users. if ($user_guid) { return array_key_exists($collection_id, $write_access); } else { return elgg_get_ignore_access() || array_key_exists($collection_id, $write_access); } }
/** * Remove a user from an access collection, * can't use remove_user_from_access_collection() because user might not exists any more * * @param int $user_guid the user GUID to remove * @param int $collection_id the ID of the ACL to be removed from * * @return boolean true on success */ function group_tools_remove_user_from_access_collection($user_guid, $collection_id) { $collection_id = sanitise_int($collection_id, false); $user_guid = sanitise_int($user_guid, false); $collection = get_access_collection($collection_id); if (empty($user_guid) || !$collection) { return false; } $params = array("collection_id" => $collection_id, "user_guid" => $user_guid); if (!elgg_trigger_plugin_hook("access:collections:remove_user", "collection", $params, true)) { return false; } $dbprefix = elgg_get_config("dbprefix"); $query = "DELETE"; $query .= " FROM " . $dbprefix . "access_collection_membership"; $query .= " WHERE access_collection_id = " . $collection_id; $query .= " AND user_guid = " . $user_guid; return (bool) delete_data($query); }
forward(REFERER); } $group = new ElggGroup($group_guid); // load if present, if not create a new group if ($group_guid && !$group->canEdit()) { register_error(elgg_echo("groups:cantedit")); forward(REFERER); } // Assume we can edit or this is a new group if (sizeof($input) > 0) { foreach ($input as $shortname => $value) { // update access collection name if group name changes if (!$is_new_group && $shortname == 'name' && $value != $group->name) { $group_name = html_entity_decode($value, ENT_QUOTES, 'UTF-8'); $ac_name = sanitize_string(elgg_echo('groups:group') . ": " . $group_name); $acl = get_access_collection($group->group_acl); if ($acl) { // @todo Elgg api does not support updating access collection name $db_prefix = elgg_get_config('dbprefix'); $query = "UPDATE {$db_prefix}access_collections SET name = '{$ac_name}' \n\t\t\t\t\tWHERE id = {$group->group_acl}"; update_data($query); } } $group->{$shortname} = $value; } } // Validate create if (!$group->name) { register_error(elgg_echo("groups:notitle")); forward(REFERER); }
function pleio_api_send_tweio($message, $access_id = "", $reply = 0, $group_id = 0) { $access_ids = explode(",", $access_id); $user = elgg_get_logged_in_user_entity(); $user_id = $user !== false ? $user->guid : 0; $method = "api"; $parent_guid = $reply; $guid = false; $group_id = intval($group_id); foreach ($access_ids as $access_id) { $access = get_access_collection($access_id); if ($access || $access_id < 3) { $site_guid = false; if ($access && strpos($access->name, "subsite_acl_") === 0) { $site_guid = intval(substr($access->name, 12)); } $guid = thewire_save_post($message, $user_id, $access_id, $parent_guid, $method); if ($site_guid) { $site_guid = $site_guid; // site_guid wordt niet gezet door thewire_save_post update_data(sprintf("update %sentities set site_guid = %d where guid = %d", get_config("dbprefix"), $site_guid, $guid)); update_data(sprintf("update %sriver set site_guid = %d where object_guid = %d", get_config("dbprefix"), $site_guid, $guid)); } if ($group_id) { // container_guid wordt niet gezet door thewire_save_post update_data(sprintf("update %sentities set container_guid = %d where guid = %d", get_config("dbprefix"), $group_id, $guid)); } } } if ($guid) { return new SuccessResult(elgg_echo("thewire:posted")); } else { return new ErrorResult(elgg_echo("thewire:error")); } }
$trip->summaryPreOrderConfirmed = array('_', '_'); } //initialize variable to the given by the trip promoter $trip->bultosDisponibles = $trip->nbultos; if (elgg_instanceof($trip, "trip") && !$trip->canEdit()) { register_error(elgg_echo("mytrips:cantedit")); forward(REFERER); } // Assume we can edit or this is a new trip if (sizeof($input) > 0) { foreach ($input as $shortname => $value) { // update access collection name if trip name changes if (!$is_new_trip && $shortname == 'name' && $value != $trip->name) { $trip_name = html_entity_decode($value, ENT_QUOTES, 'UTF-8'); $ac_name = sanitize_string(elgg_echo('mytrips:trip') . ": " . $trip_name); $acl = get_access_collection($trip->trip_acl); if ($acl) { // @todo Elgg api does not support updating access collection name $db_prefix = elgg_get_config('dbprefix'); $query = "UPDATE {$db_prefix}access_collections SET name = '{$ac_name}'\n\t\t\t\t\tWHERE id = {$trip->trip_acl}"; update_data($query); } } if ($value === '') { // The trip profile displays all profile fields that have a value. // We don't want to display fields with empty string value, so we // remove the metadata completely. $trip->deleteMetadata($shortname); continue; } $trip->{$shortname} = $value;
/** * {@inheritdoc} */ public function put(ParameterBag $params) { hypeGraph()->logger->vardump('params', $params); $user = isset($params->owner_guid) && $params->owner_guid ? get_entity($params->owner_guid) : elgg_get_logged_in_user_entity(); $group_guid = isset($params->guid) ? $params->guid : 0; // allows us to recycle this method from SiteGroups controller $is_new_group = $group_guid == 0; if ($is_new_group && elgg_get_plugin_setting('limited_groups', 'groups') == 'yes' && !$user->isAdmin()) { throw new GraphException(elgg_echo("groups:cantcreate"), 403); } $group = $group_guid ? get_entity($group_guid) : new ElggGroup(); if (elgg_instanceof($group, "group") && !$group->canEdit()) { throw new GraphException(elgg_echo("groups:cantedit"), 403); } if (!$is_new_group) { foreach ($params as $key => $value) { if ($value === null) { $params->{$key} = $group->{$key}; } } } $input = array(); foreach (elgg_get_config('group') as $shortname => $valuetype) { $input[$shortname] = $params->{$shortname}; if (is_array($input[$shortname])) { array_walk_recursive($input[$shortname], function (&$v) { $v = _elgg_html_decode($v); }); } else { $input[$shortname] = _elgg_html_decode($input[$shortname]); } if ($valuetype == 'tags') { $input[$shortname] = string_to_tag_array($input[$shortname]); } } $input = array_filter($input); $input['name'] = htmlspecialchars(get_input('name', '', false), ENT_QUOTES, 'UTF-8'); // Assume we can edit or this is a new group if (sizeof($input) > 0) { foreach ($input as $shortname => $value) { // update access collection name if group name changes if (!$is_new_group && $shortname == 'name' && $value != $group->name) { $group_name = html_entity_decode($value, ENT_QUOTES, 'UTF-8'); $ac_name = sanitize_string(elgg_echo('groups:group') . ": " . $group_name); $acl = get_access_collection($group->group_acl); if ($acl) { // @todo Elgg api does not support updating access collection name $db_prefix = elgg_get_config('dbprefix'); $query = "UPDATE {$db_prefix}access_collections SET name = '{$ac_name}'\n\t\t\t\t\tWHERE id = {$group->group_acl}"; update_data($query); } } if ($value === '') { // The group profile displays all profile fields that have a value. // We don't want to display fields with empty string value, so we // remove the metadata completely. $group->deleteMetadata($shortname); continue; } $group->{$shortname} = $value; } } // Validate create if (!$group->name) { throw new GraphException(elgg_echo("groups:notitle"), 400); } // Set group tool options $tool_options = elgg_get_config('group_tool_options'); if ($tool_options) { foreach ($tool_options as $group_option) { $option_toggle_name = $group_option->name . "_enable"; $option_default = $group->{$option_toggle_name} ?: $group_option->default_on ? 'yes' : 'no'; $group->{$option_toggle_name} = $params->{$option_toggle_name} ?: $option_default; } } // Group membership - should these be treated with same constants as access permissions? $is_public_membership = (int) $params->membership == ACCESS_PUBLIC; $group->membership = $is_public_membership ? ACCESS_PUBLIC : ACCESS_PRIVATE; $group->setContentAccessMode($params->content_access_mode); if ($is_new_group) { $group->owner_guid = $user->guid; $group->access_id = ACCESS_PUBLIC; } if ($is_new_group) { // if new group, we need to save so group acl gets set in event handler if (!$group->save()) { throw new GraphException(elgg_echo("groups:save_error")); } } if (elgg_get_plugin_setting('hidden_groups', 'groups') == 'yes') { $visibility = (int) $params->vis; if ($visibility == ACCESS_PRIVATE) { // Make this group visible only to group members. We need to use // ACCESS_PRIVATE on the form and convert it to group_acl here // because new groups do not have acl until they have been saved once. $visibility = $group->group_acl; // Force all new group content to be available only to members $group->setContentAccessMode(ElggGroup::CONTENT_ACCESS_MODE_MEMBERS_ONLY); } $group->access_id = $visibility; } if (!$group->save()) { throw new GraphException(elgg_echo("groups:save_error")); } $river_id = false; if ($is_new_group) { elgg_set_page_owner_guid($group->guid); $group->join($user); $river_id = elgg_create_river_item(array('view' => 'river/group/create', 'action_type' => 'create', 'subject_guid' => $user->guid, 'object_guid' => $group->guid)); } $return = array('nodes' => array('group' => $group)); if ($river_id) { $river = elgg_get_river(array('ids' => $river_id)); $return['nodes']['activity'] = $river ? $river[0] : $river_id; } return $return; }
/** * Removes a user from an access collection * * @param int $user_guid The user GUID * @param int $collection_id The access collection ID * @return true|false Depending on success */ function remove_user_from_access_collection($user_guid, $collection_id) { $collection_id = (int) $collection_id; $user_guid = (int) $user_guid; $collections = get_write_access_array(); if (!($collection = get_access_collection($collection_id))) { return false; } if ((array_key_exists($collection_id, $collections) || $collection->owner_guid == 0) && ($user = get_user($user_guid))) { global $CONFIG; delete_data("delete from {$CONFIG->dbprefix}access_collection_membership where access_collection_id = {$collection_id} and user_guid = {$user_guid}"); return true; } return false; }
/** * Remove a user from an access collection, * can't use remove_user_from_access_collection() because user might not exists any more * * @param int $user_guid the user GUID to remove * @param int $collection_id the ID of the ACL to be removed from * * @return bool */ function group_tools_remove_user_from_access_collection($user_guid, $collection_id) { $collection_id = sanitize_int($collection_id, false); $user_guid = sanitize_int($user_guid, false); $collection = get_access_collection($collection_id); if (empty($user_guid) || empty($collection)) { return false; } $params = ['collection_id' => $collection_id, 'user_guid' => $user_guid]; if (!elgg_trigger_plugin_hook('access:collections:remove_user', 'collection', $params, true)) { return false; } $dbprefix = elgg_get_config('dbprefix'); $query = 'DELETE'; $query .= " FROM {$dbprefix}access_collection_membership"; $query .= " WHERE access_collection_id = {$collection_id}"; $query .= " AND user_guid = {$user_guid}"; return (bool) delete_data($query); }
/*$members = get_input('members',''); if (!empty($members)) { $members = explode(',',$members); } else { $members = array(); }*/ $collection = (int) get_input('collection', 0); $members = get_members_of_access_collection($collection, true); if (!$members) { $members = array(); } $friendspicker = (int) get_input('friendspicker', 0); // Get page owner (bomb out if there isn't one) $pageowner = page_owner_entity(); if (!$pageowner) { forward(); exit; } // Depending on the view type, launch a different view switch ($type) { case 'list': $js_segment = elgg_view('friends/tablelistcountupdate', array('friendspicker' => $friendspicker, 'count' => sizeof($members))); $content = elgg_view('friends/tablelist', array('entities' => $members, 'content' => $js_segment)); break; default: $friends = $pageowner->getFriends('', 9999); $content = elgg_view('friends/picker', array('entities' => $friends, 'value' => $members, 'callback' => true, 'friendspicker' => $friendspicker, 'formcontents' => elgg_view('friends/forms/collectionfields', array('collection' => get_access_collection($collection))), 'formtarget' => $CONFIG->wwwroot . 'action/friends/editcollection')); break; } // Output the content echo $content;
<?php $collection = false; if (isset($vars['entity']->friend_collection)) { $collection = get_access_collection($vars['entity']->friend_collection); } $owner = $vars['entity']->getOwnerEntity(); if ($collection && $owner->canEdit()) { $can_message = elgg_trigger_plugin_hook('can_message', 'collection', array('collection_id' => $collection->id), true); if (!$can_message) { return; } $text = elgg_view_icon('mail') . ' ' . elgg_echo('friend_collection_message:widget:send'); $href = elgg_normalize_url('friends/collections/message/' . $vars['entity']->friend_collection); $link = elgg_view('output/url', array('text' => $text, 'href' => $href, 'is_trusted' => true, 'encode_text' => false)); echo '<br>'; echo $link; }
<?php /** * Elgg add a collection of friends * * @package Elgg.Core * @subpackage Social.Collections */ // You need to be logged in for this one elgg_gatekeeper(); //get which collection we are using $collection = (int) get_input("collection"); //add page menu items back for edit page //friends $params = array('name' => 'friends', 'text' => elgg_echo('friends'), 'href' => 'friends/' . elgg_get_logged_in_user_entity()->username, 'contexts' => array('friends')); elgg_register_menu_item('page', $params); //friend circles elgg_register_menu_item('page', array('name' => 'friends:view:collections', 'text' => elgg_echo('friends:collections'), 'href' => "collections/owner/" . elgg_get_logged_in_user_entity()->username, 'contexts' => array('friends'))); //friend request $menu_item = array("name" => "friend_request", "text" => elgg_echo("friend_request:menu") . $extra, "href" => "friend_request/" . $page_owner->username, "contexts" => array("friends", "friendsof", "collections")); elgg_register_menu_item("page", $menu_item); $title = elgg_echo('friends:collections:edit'); elgg_set_context('friends'); $content = elgg_view_form('friends/collections/edit', array(), array('friends' => elgg_get_logged_in_user_entity()->getFriends(array('limit' => 0)), 'collection' => get_access_collection($collection))); $body = elgg_view_layout('one_sidebar', array('title' => $title, 'content' => $content)); echo elgg_view_page($title, $body);
public function testCreateDeleteGroupACL() { if (!elgg_is_active_plugin('groups')) { return; } $group = new ElggGroup(); $group->name = 'Test group'; $group->save(); $acl = get_access_collection($group->group_acl); // ACLs are owned by groups $this->assertEqual($acl->owner_guid, $group->guid); // removing group and acl $this->assertTrue($group->delete()); $acl = get_access_collection($group->group_acl); $this->assertFalse($acl); $group->delete(); }
/** * Make sure the provided access_id is valid for this container * * @param int $access_id the current access_id * @param int $container_guid the container where the entity will be placed * * @return int */ function questions_validate_access_id($access_id, $container_guid) { $access_id = sanitise_int($access_id); if ($access_id === ACCESS_DEFAULT) { $access_id = get_default_access(); } if (empty($container_guid)) { return $access_id; } $container = get_entity($container_guid); if (empty($container)) { return $access_id; } if ($container instanceof ElggUser) { // is a default level defined in the plugin settings $personal_access_id = questions_get_personal_access_level(); if ($personal_access_id !== false) { $access_id = $personal_access_id; } else { // make sure access_id is not a group acl $acl = get_access_collection($access_id); if (!empty($acl) && $acl->owner_guid != $container->getGUID()) { // this acl is a group acl, so set to something else $access_id = ACCESS_LOGGED_IN; } } } elseif ($container instanceof ElggGroup) { // is a default level defined in the plugin settings $group_access_id = questions_get_group_access_level($container); if ($group_access_id !== false) { $access_id = $group_access_id; } else { // friends access not allowed in groups if ($access_id === ACCESS_FRIENDS) { // so set it to group access $access_id = (int) $container->group_acl; } // check if access is an acl $acl = get_access_collection($access_id); if (!empty($acl) && $acl->owner_guid != $container->getGUID()) { // this acl is an acl, make sure it's the group acl $access_id = (int) $container->group_acl; } } } return $access_id; }
/** * Removes a user from an access collection * * @param int $user_guid The user GUID * @param int $collection_id The access collection ID * @return true|false Depending on success */ function remove_user_from_access_collection($user_guid, $collection_id) { $collection_id = (int) $collection_id; $user_guid = (int) $user_guid; $collections = get_write_access_array(); if (!($collection = get_access_collection($collection_id))) { return false; } if ((array_key_exists($collection_id, $collections) || $collection->owner_guid == 0) && ($user = get_user($user_guid))) { global $CONFIG; $params = array('collection_id' => $collection_id, 'user_guid' => $user_guid); if (!trigger_plugin_hook('access:collections:remove_user', 'collection', $params, true)) { return false; } delete_data("delete from {$CONFIG->dbprefix}access_collection_membership where access_collection_id = {$collection_id} and user_guid = {$user_guid}"); return true; } return false; }
<?php /** * Elgg add a collection of friends * * @package Elgg * @subpackage Core * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 * @author Curverider Ltd * @copyright Curverider Ltd 2008-2009 * @link http://elgg.org/ */ // Start engine require_once dirname(dirname(__FILE__)) . "/engine/start.php"; // You need to be logged in for this one gatekeeper(); //set the title $area1 = elgg_view_title(elgg_echo('friends:collectionedit'), false); //grab the collection id passed to the edit form $collection_id = get_input('collection'); //get the full collection $collection = get_access_collection($collection_id); //get all members of the collection $collection_members = get_members_of_access_collection($collection_id); $area2 = elgg_view('friends/forms/edit', array('collection' => $collection, 'collection_members' => $collection_members)); // Format page $body = elgg_view_layout('two_column_left_sidebar', $area1 . $area2); // Draw it page_draw(elgg_echo('friends:add'), $body);
/** * Can the user change this access collection? * * Use the plugin hook of 'access:collections:write', 'user' to change this. * @see get_write_access_array() for details on the hook. * * Respects access control disabling for admin users and {@link elgg_set_ignore_access()} * * @see get_write_access_array() * * @param int $collection_id The collection id * @param mixed $user_guid The user GUID to check for. Defaults to logged in user. * @return bool */ function canEdit($collection_id, $user_guid = null) { try { $user = _elgg_services()->entityTable->getUserForPermissionsCheck($user_guid); } catch (UserFetchFailureException $e) { return false; } $collection = get_access_collection($collection_id); if (!$user || !$collection) { return false; } $write_access = get_write_access_array($user->guid, 0, true); // don't ignore access when checking users. if ($user_guid) { return array_key_exists($collection_id, $write_access); } else { return elgg_get_ignore_access() || array_key_exists($collection_id, $write_access); } }