/**
* Extend container permissions checking to extend can_write_to_container for write users.
*
* @param string $hook
* @param string $entity_type
* @param bool $returnvalue
* @param array $params
*
* @return bool
*/
function pages_container_permission_check($hook, $entity_type, $returnvalue, $params)
{
if (elgg_get_context() != "pages") {
return null;
}
if (elgg_get_page_owner_guid() && can_write_to_container(elgg_get_logged_in_user_guid(), elgg_get_page_owner_guid())) {
return true;
}
if ($page_guid = get_input('page_guid', 0)) {
$entity = get_entity($page_guid);
} elseif ($parent_guid = get_input('parent_guid', 0)) {
$entity = get_entity($parent_guid);
}
if (isset($entity) && pages_is_page($entity)) {
if (can_write_to_container(elgg_get_logged_in_user_guid(), $entity->container_guid) || in_array($entity->write_access_id, get_access_list())) {
return true;
}
}
}
<?php
/**
* View a single page
*
* @package ElggPages
*/
$guid = elgg_extract('guid', $vars);
elgg_entity_gatekeeper($guid, 'object');
$page = get_entity($guid);
if (!pages_is_page($page)) {
forward('', '404');
}
elgg_set_page_owner_guid($page->getContainerGUID());
elgg_group_gatekeeper();
$container = elgg_get_page_owner_entity();
if (!$container) {
forward(REFERER);
}
$title = $page->title;
if (elgg_instanceof($container, 'group')) {
elgg_push_breadcrumb($container->name, "pages/group/{$container->guid}/all");
} else {
elgg_push_breadcrumb($container->name, "pages/owner/{$container->username}");
}
pages_prepare_parent_breadcrumbs($page);
elgg_push_breadcrumb($title);
$content = elgg_view_entity($page, array('full_view' => true));
$content .= elgg_view_comments($page);
// can add subpage if can edit this page and write to container (such as a group)
if ($page->canEdit() && $container->canWriteToContainer(0, 'object', 'page')) {
<?php
/**
* Remove a page (revision) annotation
*
* @package ElggPages
*/
// Make sure we can get the annotations and entity in question
$annotation_id = (int) get_input('annotation_id');
$annotation = elgg_get_annotation_from_id($annotation_id);
if ($annotation) {
$entity = get_entity($annotation->entity_guid);
if (pages_is_page($entity) && $entity->canEdit() && $annotation->canEdit()) {
$annotation->delete();
system_message(elgg_echo("pages:revision:delete:success"));
forward("pages/history/{$annotation->entity_guid}");
}
}
register_error(elgg_echo("pages:revision:delete:failure"));
forward(REFERER);
/**
* Extend container permissions checking to extend can_write_to_container for write users.
*
* @param string $hook
* @param string $entity_type
* @param bool $returnvalue
* @param array $params
*
* @return bool
*/
function pages_container_permission_check($hook, $entity_type, $returnvalue, $params)
{
$container = elgg_extract('container', $params);
$user = elgg_extract('user', $params);
$subtype = elgg_extract('subtype', $params);
// check type/subtype
if ($entity_type !== 'object' || !in_array($subtype, ['page', 'page_top'])) {
return null;
}
// OK if you can write to the container
if ($container && $container->canWriteToContainer($user->guid)) {
return true;
}
// look up a page object given via input
if ($page_guid = get_input('page_guid', 0)) {
$page = get_entity($page_guid);
} elseif ($parent_guid = get_input('parent_guid', 0)) {
$page = get_entity($parent_guid);
}
if (!pages_is_page($page)) {
return null;
}
// try the page's container
$page_container = $page->getContainerEntity();
if ($page_container && $page_container->canWriteToContainer($user->guid)) {
return true;
}
// I don't understand this but it's old - mrclay
if (in_array($page->write_access_id, get_access_list())) {
return true;
}
}
<?php
/**
* Remove a page
*
* Subpages are not deleted but are moved up a level in the tree
*
* @package ElggPages
*/
$guid = get_input('guid');
$page = get_entity($guid);
if (pages_is_page($page)) {
// only allow owners and admin to delete
if (elgg_is_admin_logged_in() || elgg_get_logged_in_user_guid() == $page->getOwnerGuid()) {
$container = get_entity($page->container_guid);
// Bring all child elements forward
$parent = $page->parent_guid;
$children = elgg_get_entities_from_metadata(array('metadata_name' => 'parent_guid', 'metadata_value' => $page->getGUID()));
if ($children) {
$db_prefix = elgg_get_config('dbprefix');
$subtype_id = (int) get_subtype_id('object', 'page_top');
$newentity_cache = is_memcache_available() ? new ElggMemcache('new_entity_cache') : null;
foreach ($children as $child) {
if ($parent) {
$child->parent_guid = $parent;
} else {
// If no parent, we need to transform $child to a page_top
$child_guid = (int) $child->guid;
update_data("UPDATE {$db_prefix}entities\n\t\t\t\t\t\tSET subtype = {$subtype_id} WHERE guid = {$child_guid}");
elgg_delete_metadata(array('guid' => $child_guid, 'metadata_name' => 'parent_guid'));
_elgg_invalidate_cache_for_entity($child_guid);
if ($type == 'tags') {
$input[$name] = string_to_tag_array($input[$name]);
}
}
// Get guids
$page_guid = (int) get_input('page_guid');
$container_guid = (int) get_input('container_guid');
$parent_guid = (int) get_input('parent_guid');
elgg_make_sticky_form('page');
if (!$input['title']) {
register_error(elgg_echo('pages:error:no_title'));
forward(REFERER);
}
if ($page_guid) {
$page = get_entity($page_guid);
if (!pages_is_page($page) || !$page->canEdit()) {
register_error(elgg_echo('pages:cantedit'));
forward(REFERER);
}
$new_page = false;
} else {
$page = new ElggObject();
if ($parent_guid) {
$page->subtype = 'page';
} else {
$page->subtype = 'page_top';
}
$new_page = true;
}
if (sizeof($input) > 0) {
// don't change access if not an owner/admin
<?php
/**
* Remove a page
*
* Subpages are not deleted but are moved up a level in the tree
*
* @package ElggPages
*/
$guid = get_input('guid');
$page = get_entity($guid);
/* @var ElggObject $page */
elgg_load_library('elgg:pages');
if (!pages_is_page($page) || !pages_can_delete_page($page)) {
register_error(elgg_echo('pages:delete:failure'));
forward(REFERER);
}
$container = $page->getContainerEntity();
// Bring all child elements forward
$parent = $page->parent_guid;
$children = new ElggBatch('elgg_get_entities_from_metadata', ['metadata_name' => 'parent_guid', 'metadata_value' => $page->guid, 'limit' => 0]);
$db_prefix = elgg_get_config('dbprefix');
$subtype_id = (int) get_subtype_id('object', 'page_top');
foreach ($children as $child) {
if ($parent) {
$child->parent_guid = $parent;
continue;
}
// If no parent, we need to transform $child to a page_top
$child_guid = (int) $child->guid;
update_data("\n\t\tUPDATE {$db_prefix}entities\n\t\tSET subtype = {$subtype_id}\n\t\tWHERE guid = {$child_guid}\n\t");
/**
* Can the user delete the page?
*
* @param ElggObject $page Page/page-top object
*
* @return bool
*/
function pages_can_delete_page($page)
{
if (!pages_is_page($page)) {
return false;
}
/* @var ElggObject $page */
$user = elgg_get_logged_in_user_entity();
if ($user) {
if ($user->guid == $page->owner_guid || $user->isAdmin()) {
return true;
}
}
$container = $page->getContainerEntity();
return $container ? $container->canEdit() : false;
}
