@@ -37,22 +37,22 @@ discard block |
||
37 | 37 | * @return bool |
38 | 38 | */ |
39 | 39 | function register_pam_handler($handler, $importance = "sufficient", $policy = "user") { |
40 | - // setup array for this type of pam if not already set |
|
41 | - if (!isset(\ElggPAM::$_handlers[$policy])) { |
|
42 | - \ElggPAM::$_handlers[$policy] = []; |
|
43 | - } |
|
40 | + // setup array for this type of pam if not already set |
|
41 | + if (!isset(\ElggPAM::$_handlers[$policy])) { |
|
42 | + \ElggPAM::$_handlers[$policy] = []; |
|
43 | + } |
|
44 | 44 | |
45 | - // @todo remove requirement that $handle be a global function |
|
46 | - if (is_string($handler) && is_callable($handler, true)) { |
|
47 | - \ElggPAM::$_handlers[$policy][$handler] = new \stdClass; |
|
45 | + // @todo remove requirement that $handle be a global function |
|
46 | + if (is_string($handler) && is_callable($handler, true)) { |
|
47 | + \ElggPAM::$_handlers[$policy][$handler] = new \stdClass; |
|
48 | 48 | |
49 | - \ElggPAM::$_handlers[$policy][$handler]->handler = $handler; |
|
50 | - \ElggPAM::$_handlers[$policy][$handler]->importance = strtolower($importance); |
|
49 | + \ElggPAM::$_handlers[$policy][$handler]->handler = $handler; |
|
50 | + \ElggPAM::$_handlers[$policy][$handler]->importance = strtolower($importance); |
|
51 | 51 | |
52 | - return true; |
|
53 | - } |
|
52 | + return true; |
|
53 | + } |
|
54 | 54 | |
55 | - return false; |
|
55 | + return false; |
|
56 | 56 | } |
57 | 57 | |
58 | 58 | /** |
@@ -65,5 +65,5 @@ discard block |
||
65 | 65 | * @since 1.7.0 |
66 | 66 | */ |
67 | 67 | function unregister_pam_handler($handler, $policy = "user") { |
68 | - unset(\ElggPAM::$_handlers[$policy][$handler]); |
|
68 | + unset(\ElggPAM::$_handlers[$policy][$handler]); |
|
69 | 69 | } |
@@ -5,105 +5,105 @@ |
||
5 | 5 | */ |
6 | 6 | class ElggPAM { |
7 | 7 | |
8 | - /** |
|
9 | - * @var array |
|
10 | - * @access private |
|
11 | - * @todo move state into a PAM service |
|
12 | - */ |
|
13 | - public static $_handlers = []; |
|
8 | + /** |
|
9 | + * @var array |
|
10 | + * @access private |
|
11 | + * @todo move state into a PAM service |
|
12 | + */ |
|
13 | + public static $_handlers = []; |
|
14 | 14 | |
15 | - /** |
|
16 | - * @var string PAM policy type: user, api or plugin-defined policies |
|
17 | - */ |
|
18 | - protected $policy; |
|
15 | + /** |
|
16 | + * @var string PAM policy type: user, api or plugin-defined policies |
|
17 | + */ |
|
18 | + protected $policy; |
|
19 | 19 | |
20 | - /** |
|
21 | - * @var array Failure mesages |
|
22 | - */ |
|
23 | - protected $messages; |
|
20 | + /** |
|
21 | + * @var array Failure mesages |
|
22 | + */ |
|
23 | + protected $messages; |
|
24 | 24 | |
25 | - /** |
|
26 | - * \ElggPAM constructor |
|
27 | - * |
|
28 | - * @param string $policy PAM policy type: user, api, or plugin-defined policies |
|
29 | - */ |
|
30 | - public function __construct($policy) { |
|
31 | - $this->policy = $policy; |
|
32 | - $this->messages = ['sufficient' => [], 'required' => []]; |
|
33 | - } |
|
25 | + /** |
|
26 | + * \ElggPAM constructor |
|
27 | + * |
|
28 | + * @param string $policy PAM policy type: user, api, or plugin-defined policies |
|
29 | + */ |
|
30 | + public function __construct($policy) { |
|
31 | + $this->policy = $policy; |
|
32 | + $this->messages = ['sufficient' => [], 'required' => []]; |
|
33 | + } |
|
34 | 34 | |
35 | - /** |
|
36 | - * Authenticate a set of credentials against a policy |
|
37 | - * This function will process all registered PAM handlers or stop when the first |
|
38 | - * handler fails. A handler fails by either returning false or throwing an |
|
39 | - * exception. The advantage of throwing an exception is that it returns a message |
|
40 | - * that can be passed to the user. The processing order of the handlers is |
|
41 | - * determined by the order that they were registered. |
|
42 | - * |
|
43 | - * If $credentials are provided, the PAM handler should authenticate using the |
|
44 | - * provided credentials. If not, then credentials should be prompted for or |
|
45 | - * otherwise retrieved (eg from the HTTP header or $_SESSION). |
|
46 | - * |
|
47 | - * @param array $credentials Credentials array dependant on policy type |
|
48 | - * @return bool |
|
49 | - */ |
|
50 | - public function authenticate($credentials = []) { |
|
51 | - if (!isset(self::$_handlers[$this->policy]) || |
|
52 | - !is_array(self::$_handlers[$this->policy])) { |
|
53 | - return false; |
|
54 | - } |
|
35 | + /** |
|
36 | + * Authenticate a set of credentials against a policy |
|
37 | + * This function will process all registered PAM handlers or stop when the first |
|
38 | + * handler fails. A handler fails by either returning false or throwing an |
|
39 | + * exception. The advantage of throwing an exception is that it returns a message |
|
40 | + * that can be passed to the user. The processing order of the handlers is |
|
41 | + * determined by the order that they were registered. |
|
42 | + * |
|
43 | + * If $credentials are provided, the PAM handler should authenticate using the |
|
44 | + * provided credentials. If not, then credentials should be prompted for or |
|
45 | + * otherwise retrieved (eg from the HTTP header or $_SESSION). |
|
46 | + * |
|
47 | + * @param array $credentials Credentials array dependant on policy type |
|
48 | + * @return bool |
|
49 | + */ |
|
50 | + public function authenticate($credentials = []) { |
|
51 | + if (!isset(self::$_handlers[$this->policy]) || |
|
52 | + !is_array(self::$_handlers[$this->policy])) { |
|
53 | + return false; |
|
54 | + } |
|
55 | 55 | |
56 | - $authenticated = false; |
|
56 | + $authenticated = false; |
|
57 | 57 | |
58 | - foreach (self::$_handlers[$this->policy] as $v) { |
|
59 | - $handler = $v->handler; |
|
60 | - if (!is_callable($handler)) { |
|
61 | - continue; |
|
62 | - } |
|
63 | - /* @var callable $handler */ |
|
58 | + foreach (self::$_handlers[$this->policy] as $v) { |
|
59 | + $handler = $v->handler; |
|
60 | + if (!is_callable($handler)) { |
|
61 | + continue; |
|
62 | + } |
|
63 | + /* @var callable $handler */ |
|
64 | 64 | |
65 | - $importance = $v->importance; |
|
65 | + $importance = $v->importance; |
|
66 | 66 | |
67 | - try { |
|
68 | - // Execute the handler |
|
69 | - // @todo don't assume $handler is a global function |
|
70 | - $result = call_user_func($handler, $credentials); |
|
71 | - if ($result) { |
|
72 | - $authenticated = true; |
|
73 | - } elseif ($result === false) { |
|
74 | - if ($importance == 'required') { |
|
75 | - $this->messages['required'][] = "$handler:failed"; |
|
76 | - return false; |
|
77 | - } else { |
|
78 | - $this->messages['sufficient'][] = "$handler:failed"; |
|
79 | - } |
|
80 | - } |
|
81 | - } catch (Exception $e) { |
|
82 | - if ($importance == 'required') { |
|
83 | - $this->messages['required'][] = $e->getMessage(); |
|
84 | - return false; |
|
85 | - } else { |
|
86 | - $this->messages['sufficient'][] = $e->getMessage(); |
|
87 | - } |
|
88 | - } |
|
89 | - } |
|
67 | + try { |
|
68 | + // Execute the handler |
|
69 | + // @todo don't assume $handler is a global function |
|
70 | + $result = call_user_func($handler, $credentials); |
|
71 | + if ($result) { |
|
72 | + $authenticated = true; |
|
73 | + } elseif ($result === false) { |
|
74 | + if ($importance == 'required') { |
|
75 | + $this->messages['required'][] = "$handler:failed"; |
|
76 | + return false; |
|
77 | + } else { |
|
78 | + $this->messages['sufficient'][] = "$handler:failed"; |
|
79 | + } |
|
80 | + } |
|
81 | + } catch (Exception $e) { |
|
82 | + if ($importance == 'required') { |
|
83 | + $this->messages['required'][] = $e->getMessage(); |
|
84 | + return false; |
|
85 | + } else { |
|
86 | + $this->messages['sufficient'][] = $e->getMessage(); |
|
87 | + } |
|
88 | + } |
|
89 | + } |
|
90 | 90 | |
91 | - return $authenticated; |
|
92 | - } |
|
91 | + return $authenticated; |
|
92 | + } |
|
93 | 93 | |
94 | - /** |
|
95 | - * Get a failure message to display to user |
|
96 | - * |
|
97 | - * @return string |
|
98 | - */ |
|
99 | - public function getFailureMessage() { |
|
100 | - $message = _elgg_services()->translator->translate('auth:nopams'); |
|
101 | - if (!empty($this->messages['required'])) { |
|
102 | - $message = $this->messages['required'][0]; |
|
103 | - } elseif (!empty($this->messages['sufficient'])) { |
|
104 | - $message = $this->messages['sufficient'][0]; |
|
105 | - } |
|
94 | + /** |
|
95 | + * Get a failure message to display to user |
|
96 | + * |
|
97 | + * @return string |
|
98 | + */ |
|
99 | + public function getFailureMessage() { |
|
100 | + $message = _elgg_services()->translator->translate('auth:nopams'); |
|
101 | + if (!empty($this->messages['required'])) { |
|
102 | + $message = $this->messages['required'][0]; |
|
103 | + } elseif (!empty($this->messages['sufficient'])) { |
|
104 | + $message = $this->messages['sufficient'][0]; |
|
105 | + } |
|
106 | 106 | |
107 | - return _elgg_services()->hooks->trigger('fail', 'auth', $this->messages, $message); |
|
108 | - } |
|
107 | + return _elgg_services()->hooks->trigger('fail', 'auth', $this->messages, $message); |
|
108 | + } |
|
109 | 109 | } |
@@ -11,231 +11,231 @@ |
||
11 | 11 | */ |
12 | 12 | class ExternalFiles { |
13 | 13 | |
14 | - /** |
|
15 | - * @var ElggPriorityList[] |
|
16 | - */ |
|
17 | - protected $externals = []; |
|
18 | - |
|
19 | - /** |
|
20 | - * @var array |
|
21 | - */ |
|
22 | - protected $externals_map = []; |
|
23 | - |
|
24 | - /** |
|
25 | - * Core registration function for external files |
|
26 | - * |
|
27 | - * @param string $type Type of external resource (js or css) |
|
28 | - * @param string $name Identifier used as key |
|
29 | - * @param string $url URL |
|
30 | - * @param string $location Location in the page to include the file |
|
31 | - * @param int $priority Loading priority of the file |
|
32 | - * |
|
33 | - * @return bool |
|
34 | - */ |
|
35 | - public function register($type, $name, $url, $location, $priority = 500) { |
|
36 | - if (empty($name) || empty($url)) { |
|
37 | - return false; |
|
38 | - } |
|
39 | - |
|
40 | - $url = elgg_normalize_url($url); |
|
41 | - |
|
42 | - $this->setupType($type); |
|
43 | - |
|
44 | - $name = trim(strtolower($name)); |
|
45 | - |
|
46 | - // normalize bogus priorities, but allow empty, null, and false to be defaults. |
|
47 | - if (!is_numeric($priority)) { |
|
48 | - $priority = 500; |
|
49 | - } |
|
50 | - |
|
51 | - // no negative priorities right now. |
|
52 | - $priority = max((int) $priority, 0); |
|
53 | - |
|
54 | - $item = elgg_extract($name, $this->externals_map[$type]); |
|
55 | - |
|
56 | - if ($item) { |
|
57 | - // updating a registered item |
|
58 | - // don't update loaded because it could already be set |
|
59 | - $item->url = $url; |
|
60 | - $item->location = $location; |
|
61 | - |
|
62 | - // if loaded before registered, that means it hasn't been added to the list yet |
|
63 | - if ($this->externals[$type]->contains($item)) { |
|
64 | - $priority = $this->externals[$type]->move($item, $priority); |
|
65 | - } else { |
|
66 | - $priority = $this->externals[$type]->add($item, $priority); |
|
67 | - } |
|
68 | - } else { |
|
69 | - $item = (object) [ |
|
70 | - 'loaded' => false, |
|
71 | - 'url' => $url, |
|
72 | - 'location' => $location, |
|
73 | - ]; |
|
74 | - $priority = $this->externals[$type]->add($item, $priority); |
|
75 | - } |
|
76 | - |
|
77 | - $this->externals_map[$type][$name] = $item; |
|
78 | - |
|
79 | - return $priority !== false; |
|
80 | - } |
|
81 | - |
|
82 | - /** |
|
83 | - * Unregister an external file |
|
84 | - * |
|
85 | - * @param string $type Type of file: js or css |
|
86 | - * @param string $name The identifier of the file |
|
87 | - * |
|
88 | - * @return bool |
|
89 | - */ |
|
90 | - public function unregister($type, $name) { |
|
91 | - $this->setupType($type); |
|
92 | - |
|
93 | - $name = trim(strtolower($name)); |
|
94 | - $item = elgg_extract($name, $this->externals_map[$type]); |
|
95 | - |
|
96 | - if ($item) { |
|
97 | - unset($this->externals_map[$type][$name]); |
|
98 | - return $this->externals[$type]->remove($item); |
|
99 | - } |
|
100 | - |
|
101 | - return false; |
|
102 | - } |
|
103 | - |
|
104 | - /** |
|
105 | - * Get metadata for a registered file |
|
106 | - * |
|
107 | - * @param string $type |
|
108 | - * @param string $name |
|
109 | - * |
|
110 | - * @return \stdClass|null |
|
111 | - */ |
|
112 | - public function getFile($type, $name) { |
|
113 | - $this->setupType($type); |
|
114 | - |
|
115 | - $name = trim(strtolower($name)); |
|
116 | - if (!isset($this->externals_map[$type][$name])) { |
|
117 | - return null; |
|
118 | - } |
|
119 | - |
|
120 | - $item = $this->externals_map[$type][$name]; |
|
121 | - $priority = $this->externals[$type]->getPriority($item); |
|
122 | - |
|
123 | - // don't allow internal properties to be altered |
|
124 | - $clone = clone $item; |
|
125 | - $clone->priority = $priority; |
|
126 | - |
|
127 | - return $clone; |
|
128 | - } |
|
129 | - |
|
130 | - /** |
|
131 | - * Load an external resource for use on this page |
|
132 | - * |
|
133 | - * @param string $type Type of file: js or css |
|
134 | - * @param string $name The identifier for the file |
|
135 | - * |
|
136 | - * @return void |
|
137 | - */ |
|
138 | - public function load($type, $name) { |
|
139 | - $this->setupType($type); |
|
140 | - |
|
141 | - $name = trim(strtolower($name)); |
|
142 | - |
|
143 | - $item = elgg_extract($name, $this->externals_map[$type]); |
|
144 | - |
|
145 | - if ($item) { |
|
146 | - // update a registered item |
|
147 | - $item->loaded = true; |
|
148 | - } else { |
|
149 | - $item = (object) [ |
|
150 | - 'loaded' => true, |
|
151 | - 'url' => '', |
|
152 | - 'location' => '', |
|
153 | - ]; |
|
154 | - if (elgg_view_exists($name)) { |
|
155 | - $item->url = elgg_get_simplecache_url($name); |
|
156 | - $item->location = ($type == 'js') ? 'foot' : 'head'; |
|
157 | - } |
|
158 | - |
|
159 | - $this->externals[$type]->add($item); |
|
160 | - $this->externals_map[$type][$name] = $item; |
|
161 | - } |
|
162 | - } |
|
163 | - |
|
164 | - /** |
|
165 | - * Get external resource descriptors |
|
166 | - * |
|
167 | - * @param string $type Type of file: js or css |
|
168 | - * @param string $location Page location |
|
169 | - * |
|
170 | - * @return string[] URLs of files to load |
|
171 | - */ |
|
172 | - public function getLoadedFiles($type, $location) { |
|
173 | - if (!isset($this->externals[$type])) { |
|
174 | - return []; |
|
175 | - } |
|
176 | - |
|
177 | - $items = $this->externals[$type]->getElements(); |
|
178 | - |
|
179 | - $items = array_filter($items, function($v) use ($location) { |
|
180 | - return $v->loaded == true && $v->location == $location; |
|
181 | - }); |
|
182 | - if ($items) { |
|
183 | - array_walk($items, function(&$v, $k){ |
|
184 | - $v = $v->url; |
|
185 | - }); |
|
186 | - } |
|
187 | - return $items; |
|
188 | - } |
|
189 | - |
|
190 | - /** |
|
191 | - * Get registered file objects |
|
192 | - * |
|
193 | - * @param string $type Type of file: js or css |
|
194 | - * @param string $location Page location |
|
195 | - * |
|
196 | - * @return \stdClass[] |
|
197 | - */ |
|
198 | - public function getRegisteredFiles($type, $location) { |
|
199 | - if (!isset($this->externals[$type])) { |
|
200 | - return []; |
|
201 | - } |
|
202 | - |
|
203 | - $ret = []; |
|
204 | - $items = $this->externals[$type]->getElements(); |
|
205 | - $items = array_filter($items, function($v) use ($location) { |
|
206 | - return ($v->location == $location); |
|
207 | - }); |
|
208 | - |
|
209 | - foreach ($items as $item) { |
|
210 | - $ret[] = clone $item; |
|
211 | - } |
|
212 | - |
|
213 | - return $ret; |
|
214 | - } |
|
215 | - |
|
216 | - /** |
|
217 | - * Unregister all files |
|
218 | - * |
|
219 | - * @return void |
|
220 | - */ |
|
221 | - public function reset() { |
|
222 | - $this->externals = []; |
|
223 | - $this->externals_map = []; |
|
224 | - } |
|
225 | - |
|
226 | - /** |
|
227 | - * Bootstraps the externals data structure |
|
228 | - * |
|
229 | - * @param string $type The type of external, js or css. |
|
230 | - * @return void |
|
231 | - */ |
|
232 | - protected function setupType($type) { |
|
233 | - if (!isset($this->externals[$type])) { |
|
234 | - $this->externals[$type] = new \ElggPriorityList(); |
|
235 | - } |
|
236 | - |
|
237 | - if (!isset($this->externals_map[$type])) { |
|
238 | - $this->externals_map[$type] = []; |
|
239 | - } |
|
240 | - } |
|
14 | + /** |
|
15 | + * @var ElggPriorityList[] |
|
16 | + */ |
|
17 | + protected $externals = []; |
|
18 | + |
|
19 | + /** |
|
20 | + * @var array |
|
21 | + */ |
|
22 | + protected $externals_map = []; |
|
23 | + |
|
24 | + /** |
|
25 | + * Core registration function for external files |
|
26 | + * |
|
27 | + * @param string $type Type of external resource (js or css) |
|
28 | + * @param string $name Identifier used as key |
|
29 | + * @param string $url URL |
|
30 | + * @param string $location Location in the page to include the file |
|
31 | + * @param int $priority Loading priority of the file |
|
32 | + * |
|
33 | + * @return bool |
|
34 | + */ |
|
35 | + public function register($type, $name, $url, $location, $priority = 500) { |
|
36 | + if (empty($name) || empty($url)) { |
|
37 | + return false; |
|
38 | + } |
|
39 | + |
|
40 | + $url = elgg_normalize_url($url); |
|
41 | + |
|
42 | + $this->setupType($type); |
|
43 | + |
|
44 | + $name = trim(strtolower($name)); |
|
45 | + |
|
46 | + // normalize bogus priorities, but allow empty, null, and false to be defaults. |
|
47 | + if (!is_numeric($priority)) { |
|
48 | + $priority = 500; |
|
49 | + } |
|
50 | + |
|
51 | + // no negative priorities right now. |
|
52 | + $priority = max((int) $priority, 0); |
|
53 | + |
|
54 | + $item = elgg_extract($name, $this->externals_map[$type]); |
|
55 | + |
|
56 | + if ($item) { |
|
57 | + // updating a registered item |
|
58 | + // don't update loaded because it could already be set |
|
59 | + $item->url = $url; |
|
60 | + $item->location = $location; |
|
61 | + |
|
62 | + // if loaded before registered, that means it hasn't been added to the list yet |
|
63 | + if ($this->externals[$type]->contains($item)) { |
|
64 | + $priority = $this->externals[$type]->move($item, $priority); |
|
65 | + } else { |
|
66 | + $priority = $this->externals[$type]->add($item, $priority); |
|
67 | + } |
|
68 | + } else { |
|
69 | + $item = (object) [ |
|
70 | + 'loaded' => false, |
|
71 | + 'url' => $url, |
|
72 | + 'location' => $location, |
|
73 | + ]; |
|
74 | + $priority = $this->externals[$type]->add($item, $priority); |
|
75 | + } |
|
76 | + |
|
77 | + $this->externals_map[$type][$name] = $item; |
|
78 | + |
|
79 | + return $priority !== false; |
|
80 | + } |
|
81 | + |
|
82 | + /** |
|
83 | + * Unregister an external file |
|
84 | + * |
|
85 | + * @param string $type Type of file: js or css |
|
86 | + * @param string $name The identifier of the file |
|
87 | + * |
|
88 | + * @return bool |
|
89 | + */ |
|
90 | + public function unregister($type, $name) { |
|
91 | + $this->setupType($type); |
|
92 | + |
|
93 | + $name = trim(strtolower($name)); |
|
94 | + $item = elgg_extract($name, $this->externals_map[$type]); |
|
95 | + |
|
96 | + if ($item) { |
|
97 | + unset($this->externals_map[$type][$name]); |
|
98 | + return $this->externals[$type]->remove($item); |
|
99 | + } |
|
100 | + |
|
101 | + return false; |
|
102 | + } |
|
103 | + |
|
104 | + /** |
|
105 | + * Get metadata for a registered file |
|
106 | + * |
|
107 | + * @param string $type |
|
108 | + * @param string $name |
|
109 | + * |
|
110 | + * @return \stdClass|null |
|
111 | + */ |
|
112 | + public function getFile($type, $name) { |
|
113 | + $this->setupType($type); |
|
114 | + |
|
115 | + $name = trim(strtolower($name)); |
|
116 | + if (!isset($this->externals_map[$type][$name])) { |
|
117 | + return null; |
|
118 | + } |
|
119 | + |
|
120 | + $item = $this->externals_map[$type][$name]; |
|
121 | + $priority = $this->externals[$type]->getPriority($item); |
|
122 | + |
|
123 | + // don't allow internal properties to be altered |
|
124 | + $clone = clone $item; |
|
125 | + $clone->priority = $priority; |
|
126 | + |
|
127 | + return $clone; |
|
128 | + } |
|
129 | + |
|
130 | + /** |
|
131 | + * Load an external resource for use on this page |
|
132 | + * |
|
133 | + * @param string $type Type of file: js or css |
|
134 | + * @param string $name The identifier for the file |
|
135 | + * |
|
136 | + * @return void |
|
137 | + */ |
|
138 | + public function load($type, $name) { |
|
139 | + $this->setupType($type); |
|
140 | + |
|
141 | + $name = trim(strtolower($name)); |
|
142 | + |
|
143 | + $item = elgg_extract($name, $this->externals_map[$type]); |
|
144 | + |
|
145 | + if ($item) { |
|
146 | + // update a registered item |
|
147 | + $item->loaded = true; |
|
148 | + } else { |
|
149 | + $item = (object) [ |
|
150 | + 'loaded' => true, |
|
151 | + 'url' => '', |
|
152 | + 'location' => '', |
|
153 | + ]; |
|
154 | + if (elgg_view_exists($name)) { |
|
155 | + $item->url = elgg_get_simplecache_url($name); |
|
156 | + $item->location = ($type == 'js') ? 'foot' : 'head'; |
|
157 | + } |
|
158 | + |
|
159 | + $this->externals[$type]->add($item); |
|
160 | + $this->externals_map[$type][$name] = $item; |
|
161 | + } |
|
162 | + } |
|
163 | + |
|
164 | + /** |
|
165 | + * Get external resource descriptors |
|
166 | + * |
|
167 | + * @param string $type Type of file: js or css |
|
168 | + * @param string $location Page location |
|
169 | + * |
|
170 | + * @return string[] URLs of files to load |
|
171 | + */ |
|
172 | + public function getLoadedFiles($type, $location) { |
|
173 | + if (!isset($this->externals[$type])) { |
|
174 | + return []; |
|
175 | + } |
|
176 | + |
|
177 | + $items = $this->externals[$type]->getElements(); |
|
178 | + |
|
179 | + $items = array_filter($items, function($v) use ($location) { |
|
180 | + return $v->loaded == true && $v->location == $location; |
|
181 | + }); |
|
182 | + if ($items) { |
|
183 | + array_walk($items, function(&$v, $k){ |
|
184 | + $v = $v->url; |
|
185 | + }); |
|
186 | + } |
|
187 | + return $items; |
|
188 | + } |
|
189 | + |
|
190 | + /** |
|
191 | + * Get registered file objects |
|
192 | + * |
|
193 | + * @param string $type Type of file: js or css |
|
194 | + * @param string $location Page location |
|
195 | + * |
|
196 | + * @return \stdClass[] |
|
197 | + */ |
|
198 | + public function getRegisteredFiles($type, $location) { |
|
199 | + if (!isset($this->externals[$type])) { |
|
200 | + return []; |
|
201 | + } |
|
202 | + |
|
203 | + $ret = []; |
|
204 | + $items = $this->externals[$type]->getElements(); |
|
205 | + $items = array_filter($items, function($v) use ($location) { |
|
206 | + return ($v->location == $location); |
|
207 | + }); |
|
208 | + |
|
209 | + foreach ($items as $item) { |
|
210 | + $ret[] = clone $item; |
|
211 | + } |
|
212 | + |
|
213 | + return $ret; |
|
214 | + } |
|
215 | + |
|
216 | + /** |
|
217 | + * Unregister all files |
|
218 | + * |
|
219 | + * @return void |
|
220 | + */ |
|
221 | + public function reset() { |
|
222 | + $this->externals = []; |
|
223 | + $this->externals_map = []; |
|
224 | + } |
|
225 | + |
|
226 | + /** |
|
227 | + * Bootstraps the externals data structure |
|
228 | + * |
|
229 | + * @param string $type The type of external, js or css. |
|
230 | + * @return void |
|
231 | + */ |
|
232 | + protected function setupType($type) { |
|
233 | + if (!isset($this->externals[$type])) { |
|
234 | + $this->externals[$type] = new \ElggPriorityList(); |
|
235 | + } |
|
236 | + |
|
237 | + if (!isset($this->externals_map[$type])) { |
|
238 | + $this->externals_map[$type] = []; |
|
239 | + } |
|
240 | + } |
|
241 | 241 | } |
@@ -23,171 +23,171 @@ discard block |
||
23 | 23 | */ |
24 | 24 | class AccessCollections { |
25 | 25 | |
26 | - /** |
|
27 | - * @var Conf |
|
28 | - */ |
|
29 | - protected $config; |
|
30 | - |
|
31 | - /** |
|
32 | - * @var Database |
|
33 | - */ |
|
34 | - protected $db; |
|
35 | - |
|
36 | - /** |
|
37 | - * @vars \ElggStateVariableCache |
|
38 | - */ |
|
39 | - protected $access_cache; |
|
40 | - |
|
41 | - /** |
|
42 | - * @var PluginHooksService |
|
43 | - */ |
|
44 | - protected $hooks; |
|
45 | - |
|
46 | - /** |
|
47 | - * @var ElggSession |
|
48 | - */ |
|
49 | - protected $session; |
|
50 | - |
|
51 | - /** |
|
52 | - * @var EntityTable |
|
53 | - */ |
|
54 | - protected $entities; |
|
55 | - |
|
56 | - /** |
|
57 | - * @var Translator |
|
58 | - */ |
|
59 | - protected $translator; |
|
60 | - |
|
61 | - /** |
|
62 | - * @var string |
|
63 | - */ |
|
64 | - protected $table; |
|
65 | - |
|
66 | - /** |
|
67 | - * @var string |
|
68 | - */ |
|
69 | - protected $membership_table; |
|
70 | - |
|
71 | - /** |
|
72 | - * @var bool |
|
73 | - */ |
|
74 | - protected $init_complete = false; |
|
75 | - |
|
76 | - /** |
|
77 | - * Constructor |
|
78 | - * |
|
79 | - * @param Conf $config Config |
|
80 | - * @param Database $db Database |
|
81 | - * @param EntityTable $entities Entity table |
|
82 | - * @param ElggStaticVariableCache $cache Access cache |
|
83 | - * @param PluginHooksService $hooks Hooks |
|
84 | - * @param ElggSession $session Session |
|
85 | - * @param Translator $translator Translator |
|
86 | - */ |
|
87 | - public function __construct( |
|
88 | - Conf $config, |
|
89 | - Database $db, |
|
90 | - EntityTable $entities, |
|
91 | - ElggStaticVariableCache $cache, |
|
92 | - PluginHooksService $hooks, |
|
93 | - ElggSession $session, |
|
94 | - Translator $translator) { |
|
95 | - $this->config = $config; |
|
96 | - $this->db = $db; |
|
97 | - $this->entities = $entities; |
|
98 | - $this->access_cache = $cache; |
|
99 | - $this->hooks = $hooks; |
|
100 | - $this->session = $session; |
|
101 | - $this->translator = $translator; |
|
102 | - |
|
103 | - $this->table = "{$this->db->prefix}access_collections"; |
|
104 | - $this->membership_table = "{$this->db->prefix}access_collection_membership"; |
|
105 | - } |
|
106 | - |
|
107 | - /** |
|
108 | - * Mark the access system as initialized |
|
109 | - * |
|
110 | - * @return void |
|
111 | - */ |
|
112 | - public function markInitComplete() { |
|
113 | - $this->init_complete = true; |
|
114 | - } |
|
115 | - |
|
116 | - /** |
|
117 | - * Returns a string of access_ids for $user_guid appropriate for inserting into an SQL IN clause. |
|
118 | - * |
|
119 | - * @see get_access_array() |
|
120 | - * |
|
121 | - * @param int $user_guid User ID; defaults to currently logged in user |
|
122 | - * @param bool $flush If set to true, will refresh the access list from the |
|
123 | - * database rather than using this function's cache. |
|
124 | - * |
|
125 | - * @return string A concatenated string of access collections suitable for using in an SQL IN clause |
|
126 | - * @access private |
|
127 | - */ |
|
128 | - public function getAccessList($user_guid = 0, $flush = false) { |
|
129 | - $access_array = $this->getAccessArray($user_guid, $flush); |
|
130 | - $access_ids = implode(',', $access_array); |
|
131 | - $list = "($access_ids)"; |
|
132 | - |
|
133 | - // for BC, populate the cache |
|
134 | - $hash = $user_guid . 'get_access_list'; |
|
135 | - $this->access_cache->add($hash, $list); |
|
136 | - |
|
137 | - return $list; |
|
138 | - } |
|
139 | - |
|
140 | - /** |
|
141 | - * Returns an array of access IDs a user is permitted to see. |
|
142 | - * |
|
143 | - * Can be overridden with the 'access:collections:read', 'user' plugin hook. |
|
144 | - * @warning A callback for that plugin hook needs to either not retrieve data |
|
145 | - * from the database that would use the access system (triggering the plugin again) |
|
146 | - * or ignore the second call. Otherwise, an infinite loop will be created. |
|
147 | - * |
|
148 | - * This returns a list of all the collection ids a user owns or belongs |
|
149 | - * to plus public and logged in access levels. If the user is an admin, it includes |
|
150 | - * the private access level. |
|
151 | - * |
|
152 | - * @internal this is only used in core for creating the SQL where clause when |
|
153 | - * retrieving content from the database. The friends access level is handled by |
|
154 | - * _elgg_get_access_where_sql(). |
|
155 | - * |
|
156 | - * @see get_write_access_array() for the access levels that a user can write to. |
|
157 | - * |
|
158 | - * @param int $user_guid User ID; defaults to currently logged in user |
|
159 | - * @param bool $flush If set to true, will refresh the access ids from the |
|
160 | - * database rather than using this function's cache. |
|
161 | - * |
|
162 | - * @return array An array of access collections ids |
|
163 | - */ |
|
164 | - public function getAccessArray($user_guid = 0, $flush = false) { |
|
165 | - $cache = $this->access_cache; |
|
166 | - |
|
167 | - if ($flush) { |
|
168 | - $cache->clear(); |
|
169 | - } |
|
170 | - |
|
171 | - if ($user_guid == 0) { |
|
172 | - $user_guid = $this->session->getLoggedInUserGuid(); |
|
173 | - } |
|
174 | - |
|
175 | - $user_guid = (int) $user_guid; |
|
176 | - |
|
177 | - $hash = $user_guid . 'get_access_array'; |
|
178 | - |
|
179 | - if ($cache[$hash]) { |
|
180 | - $access_array = $cache[$hash]; |
|
181 | - } else { |
|
182 | - // Public access is always visible |
|
183 | - $access_array = [ACCESS_PUBLIC]; |
|
184 | - |
|
185 | - // The following can only return sensible data for a known user. |
|
186 | - if ($user_guid) { |
|
187 | - $access_array[] = ACCESS_LOGGED_IN; |
|
188 | - |
|
189 | - // Get ACLs that user owns or is a member of |
|
190 | - $query = " |
|
26 | + /** |
|
27 | + * @var Conf |
|
28 | + */ |
|
29 | + protected $config; |
|
30 | + |
|
31 | + /** |
|
32 | + * @var Database |
|
33 | + */ |
|
34 | + protected $db; |
|
35 | + |
|
36 | + /** |
|
37 | + * @vars \ElggStateVariableCache |
|
38 | + */ |
|
39 | + protected $access_cache; |
|
40 | + |
|
41 | + /** |
|
42 | + * @var PluginHooksService |
|
43 | + */ |
|
44 | + protected $hooks; |
|
45 | + |
|
46 | + /** |
|
47 | + * @var ElggSession |
|
48 | + */ |
|
49 | + protected $session; |
|
50 | + |
|
51 | + /** |
|
52 | + * @var EntityTable |
|
53 | + */ |
|
54 | + protected $entities; |
|
55 | + |
|
56 | + /** |
|
57 | + * @var Translator |
|
58 | + */ |
|
59 | + protected $translator; |
|
60 | + |
|
61 | + /** |
|
62 | + * @var string |
|
63 | + */ |
|
64 | + protected $table; |
|
65 | + |
|
66 | + /** |
|
67 | + * @var string |
|
68 | + */ |
|
69 | + protected $membership_table; |
|
70 | + |
|
71 | + /** |
|
72 | + * @var bool |
|
73 | + */ |
|
74 | + protected $init_complete = false; |
|
75 | + |
|
76 | + /** |
|
77 | + * Constructor |
|
78 | + * |
|
79 | + * @param Conf $config Config |
|
80 | + * @param Database $db Database |
|
81 | + * @param EntityTable $entities Entity table |
|
82 | + * @param ElggStaticVariableCache $cache Access cache |
|
83 | + * @param PluginHooksService $hooks Hooks |
|
84 | + * @param ElggSession $session Session |
|
85 | + * @param Translator $translator Translator |
|
86 | + */ |
|
87 | + public function __construct( |
|
88 | + Conf $config, |
|
89 | + Database $db, |
|
90 | + EntityTable $entities, |
|
91 | + ElggStaticVariableCache $cache, |
|
92 | + PluginHooksService $hooks, |
|
93 | + ElggSession $session, |
|
94 | + Translator $translator) { |
|
95 | + $this->config = $config; |
|
96 | + $this->db = $db; |
|
97 | + $this->entities = $entities; |
|
98 | + $this->access_cache = $cache; |
|
99 | + $this->hooks = $hooks; |
|
100 | + $this->session = $session; |
|
101 | + $this->translator = $translator; |
|
102 | + |
|
103 | + $this->table = "{$this->db->prefix}access_collections"; |
|
104 | + $this->membership_table = "{$this->db->prefix}access_collection_membership"; |
|
105 | + } |
|
106 | + |
|
107 | + /** |
|
108 | + * Mark the access system as initialized |
|
109 | + * |
|
110 | + * @return void |
|
111 | + */ |
|
112 | + public function markInitComplete() { |
|
113 | + $this->init_complete = true; |
|
114 | + } |
|
115 | + |
|
116 | + /** |
|
117 | + * Returns a string of access_ids for $user_guid appropriate for inserting into an SQL IN clause. |
|
118 | + * |
|
119 | + * @see get_access_array() |
|
120 | + * |
|
121 | + * @param int $user_guid User ID; defaults to currently logged in user |
|
122 | + * @param bool $flush If set to true, will refresh the access list from the |
|
123 | + * database rather than using this function's cache. |
|
124 | + * |
|
125 | + * @return string A concatenated string of access collections suitable for using in an SQL IN clause |
|
126 | + * @access private |
|
127 | + */ |
|
128 | + public function getAccessList($user_guid = 0, $flush = false) { |
|
129 | + $access_array = $this->getAccessArray($user_guid, $flush); |
|
130 | + $access_ids = implode(',', $access_array); |
|
131 | + $list = "($access_ids)"; |
|
132 | + |
|
133 | + // for BC, populate the cache |
|
134 | + $hash = $user_guid . 'get_access_list'; |
|
135 | + $this->access_cache->add($hash, $list); |
|
136 | + |
|
137 | + return $list; |
|
138 | + } |
|
139 | + |
|
140 | + /** |
|
141 | + * Returns an array of access IDs a user is permitted to see. |
|
142 | + * |
|
143 | + * Can be overridden with the 'access:collections:read', 'user' plugin hook. |
|
144 | + * @warning A callback for that plugin hook needs to either not retrieve data |
|
145 | + * from the database that would use the access system (triggering the plugin again) |
|
146 | + * or ignore the second call. Otherwise, an infinite loop will be created. |
|
147 | + * |
|
148 | + * This returns a list of all the collection ids a user owns or belongs |
|
149 | + * to plus public and logged in access levels. If the user is an admin, it includes |
|
150 | + * the private access level. |
|
151 | + * |
|
152 | + * @internal this is only used in core for creating the SQL where clause when |
|
153 | + * retrieving content from the database. The friends access level is handled by |
|
154 | + * _elgg_get_access_where_sql(). |
|
155 | + * |
|
156 | + * @see get_write_access_array() for the access levels that a user can write to. |
|
157 | + * |
|
158 | + * @param int $user_guid User ID; defaults to currently logged in user |
|
159 | + * @param bool $flush If set to true, will refresh the access ids from the |
|
160 | + * database rather than using this function's cache. |
|
161 | + * |
|
162 | + * @return array An array of access collections ids |
|
163 | + */ |
|
164 | + public function getAccessArray($user_guid = 0, $flush = false) { |
|
165 | + $cache = $this->access_cache; |
|
166 | + |
|
167 | + if ($flush) { |
|
168 | + $cache->clear(); |
|
169 | + } |
|
170 | + |
|
171 | + if ($user_guid == 0) { |
|
172 | + $user_guid = $this->session->getLoggedInUserGuid(); |
|
173 | + } |
|
174 | + |
|
175 | + $user_guid = (int) $user_guid; |
|
176 | + |
|
177 | + $hash = $user_guid . 'get_access_array'; |
|
178 | + |
|
179 | + if ($cache[$hash]) { |
|
180 | + $access_array = $cache[$hash]; |
|
181 | + } else { |
|
182 | + // Public access is always visible |
|
183 | + $access_array = [ACCESS_PUBLIC]; |
|
184 | + |
|
185 | + // The following can only return sensible data for a known user. |
|
186 | + if ($user_guid) { |
|
187 | + $access_array[] = ACCESS_LOGGED_IN; |
|
188 | + |
|
189 | + // Get ACLs that user owns or is a member of |
|
190 | + $query = " |
|
191 | 191 | SELECT ac.id |
192 | 192 | FROM {$this->table} ac |
193 | 193 | WHERE ac.owner_guid = :user_guid |
@@ -197,686 +197,686 @@ discard block |
||
197 | 197 | AND user_guid = :user_guid) |
198 | 198 | "; |
199 | 199 | |
200 | - $collections = $this->db->getData($query, null, [ |
|
201 | - ':user_guid' => $user_guid, |
|
202 | - ]); |
|
203 | - |
|
204 | - if ($collections) { |
|
205 | - foreach ($collections as $collection) { |
|
206 | - $access_array[] = (int) $collection->id; |
|
207 | - } |
|
208 | - } |
|
209 | - |
|
210 | - $ignore_access = elgg_check_access_overrides($user_guid); |
|
211 | - |
|
212 | - if ($ignore_access == true) { |
|
213 | - $access_array[] = ACCESS_PRIVATE; |
|
214 | - } |
|
215 | - } |
|
216 | - |
|
217 | - if ($this->init_complete) { |
|
218 | - $cache[$hash] = $access_array; |
|
219 | - } |
|
220 | - } |
|
221 | - |
|
222 | - $options = [ |
|
223 | - 'user_id' => $user_guid, |
|
224 | - ]; |
|
225 | - |
|
226 | - // see the warning in the docs for this function about infinite loop potential |
|
227 | - return $this->hooks->trigger('access:collections:read', 'user', $options, $access_array); |
|
228 | - } |
|
229 | - |
|
230 | - /** |
|
231 | - * Returns the SQL where clause for enforcing read access to data. |
|
232 | - * |
|
233 | - * Note that if this code is executed in privileged mode it will return (1=1). |
|
234 | - * |
|
235 | - * Otherwise it returns a where clause to retrieve the data that a user has |
|
236 | - * permission to read. |
|
237 | - * |
|
238 | - * Plugin authors can hook into the 'get_sql', 'access' plugin hook to modify, |
|
239 | - * remove, or add to the where clauses. The plugin hook will pass an array with the current |
|
240 | - * ors and ands to the function in the form: |
|
241 | - * array( |
|
242 | - * 'ors' => array(), |
|
243 | - * 'ands' => array() |
|
244 | - * ) |
|
245 | - * |
|
246 | - * The results will be combined into an SQL where clause in the form: |
|
247 | - * ((or1 OR or2 OR orN) AND (and1 AND and2 AND andN)) |
|
248 | - * |
|
249 | - * @param array $options Array in format: |
|
250 | - * |
|
251 | - * table_alias => STR Optional table alias. This is based on the select and join clauses. |
|
252 | - * Default is 'e'. |
|
253 | - * |
|
254 | - * user_guid => INT Optional GUID for the user that we are retrieving data for. |
|
255 | - * Defaults to the logged in user if null. |
|
256 | - * Passing 0 will build a query for a logged out user (even if there is a logged in user) |
|
257 | - * |
|
258 | - * use_enabled_clause => BOOL Optional. Should we append the enabled clause? The default |
|
259 | - * is set by access_show_hidden_entities(). |
|
260 | - * |
|
261 | - * access_column => STR Optional access column name. Default is 'access_id'. |
|
262 | - * |
|
263 | - * owner_guid_column => STR Optional owner_guid column. Default is 'owner_guid'. |
|
264 | - * |
|
265 | - * guid_column => STR Optional guid_column. Default is 'guid'. |
|
266 | - * |
|
267 | - * @return string |
|
268 | - * @access private |
|
269 | - */ |
|
270 | - public function getWhereSql(array $options = []) { |
|
271 | - |
|
272 | - $defaults = [ |
|
273 | - 'table_alias' => 'e', |
|
274 | - 'user_guid' => $this->session->getLoggedInUserGuid(), |
|
275 | - 'use_enabled_clause' => !access_get_show_hidden_status(), |
|
276 | - 'access_column' => 'access_id', |
|
277 | - 'owner_guid_column' => 'owner_guid', |
|
278 | - 'guid_column' => 'guid', |
|
279 | - ]; |
|
280 | - |
|
281 | - foreach ($options as $key => $value) { |
|
282 | - if (is_null($value)) { |
|
283 | - // remove null values so we don't loose defaults in array_merge |
|
284 | - unset($options[$key]); |
|
285 | - } |
|
286 | - } |
|
287 | - |
|
288 | - $options = array_merge($defaults, $options); |
|
289 | - |
|
290 | - // just in case someone passes a . at the end |
|
291 | - $options['table_alias'] = rtrim($options['table_alias'], '.'); |
|
292 | - |
|
293 | - foreach (['table_alias', 'access_column', 'owner_guid_column', 'guid_column'] as $key) { |
|
294 | - $options[$key] = sanitize_string($options[$key]); |
|
295 | - } |
|
296 | - $options['user_guid'] = sanitize_int($options['user_guid'], false); |
|
297 | - |
|
298 | - // only add dot if we have an alias or table name |
|
299 | - $table_alias = $options['table_alias'] ? $options['table_alias'] . '.' : ''; |
|
300 | - |
|
301 | - if (!isset($options['ignore_access'])) { |
|
302 | - $options['ignore_access'] = elgg_check_access_overrides($options['user_guid']); |
|
303 | - } |
|
304 | - |
|
305 | - $clauses = [ |
|
306 | - 'ors' => [], |
|
307 | - 'ands' => [] |
|
308 | - ]; |
|
309 | - |
|
310 | - $prefix = $this->db->prefix; |
|
311 | - |
|
312 | - if ($options['ignore_access']) { |
|
313 | - $clauses['ors']['ignore_access'] = '1 = 1'; |
|
314 | - } else if ($options['user_guid']) { |
|
315 | - // include content of user's friends |
|
316 | - $clauses['ors']['friends_access'] = "$table_alias{$options['access_column']} = " . ACCESS_FRIENDS . " |
|
200 | + $collections = $this->db->getData($query, null, [ |
|
201 | + ':user_guid' => $user_guid, |
|
202 | + ]); |
|
203 | + |
|
204 | + if ($collections) { |
|
205 | + foreach ($collections as $collection) { |
|
206 | + $access_array[] = (int) $collection->id; |
|
207 | + } |
|
208 | + } |
|
209 | + |
|
210 | + $ignore_access = elgg_check_access_overrides($user_guid); |
|
211 | + |
|
212 | + if ($ignore_access == true) { |
|
213 | + $access_array[] = ACCESS_PRIVATE; |
|
214 | + } |
|
215 | + } |
|
216 | + |
|
217 | + if ($this->init_complete) { |
|
218 | + $cache[$hash] = $access_array; |
|
219 | + } |
|
220 | + } |
|
221 | + |
|
222 | + $options = [ |
|
223 | + 'user_id' => $user_guid, |
|
224 | + ]; |
|
225 | + |
|
226 | + // see the warning in the docs for this function about infinite loop potential |
|
227 | + return $this->hooks->trigger('access:collections:read', 'user', $options, $access_array); |
|
228 | + } |
|
229 | + |
|
230 | + /** |
|
231 | + * Returns the SQL where clause for enforcing read access to data. |
|
232 | + * |
|
233 | + * Note that if this code is executed in privileged mode it will return (1=1). |
|
234 | + * |
|
235 | + * Otherwise it returns a where clause to retrieve the data that a user has |
|
236 | + * permission to read. |
|
237 | + * |
|
238 | + * Plugin authors can hook into the 'get_sql', 'access' plugin hook to modify, |
|
239 | + * remove, or add to the where clauses. The plugin hook will pass an array with the current |
|
240 | + * ors and ands to the function in the form: |
|
241 | + * array( |
|
242 | + * 'ors' => array(), |
|
243 | + * 'ands' => array() |
|
244 | + * ) |
|
245 | + * |
|
246 | + * The results will be combined into an SQL where clause in the form: |
|
247 | + * ((or1 OR or2 OR orN) AND (and1 AND and2 AND andN)) |
|
248 | + * |
|
249 | + * @param array $options Array in format: |
|
250 | + * |
|
251 | + * table_alias => STR Optional table alias. This is based on the select and join clauses. |
|
252 | + * Default is 'e'. |
|
253 | + * |
|
254 | + * user_guid => INT Optional GUID for the user that we are retrieving data for. |
|
255 | + * Defaults to the logged in user if null. |
|
256 | + * Passing 0 will build a query for a logged out user (even if there is a logged in user) |
|
257 | + * |
|
258 | + * use_enabled_clause => BOOL Optional. Should we append the enabled clause? The default |
|
259 | + * is set by access_show_hidden_entities(). |
|
260 | + * |
|
261 | + * access_column => STR Optional access column name. Default is 'access_id'. |
|
262 | + * |
|
263 | + * owner_guid_column => STR Optional owner_guid column. Default is 'owner_guid'. |
|
264 | + * |
|
265 | + * guid_column => STR Optional guid_column. Default is 'guid'. |
|
266 | + * |
|
267 | + * @return string |
|
268 | + * @access private |
|
269 | + */ |
|
270 | + public function getWhereSql(array $options = []) { |
|
271 | + |
|
272 | + $defaults = [ |
|
273 | + 'table_alias' => 'e', |
|
274 | + 'user_guid' => $this->session->getLoggedInUserGuid(), |
|
275 | + 'use_enabled_clause' => !access_get_show_hidden_status(), |
|
276 | + 'access_column' => 'access_id', |
|
277 | + 'owner_guid_column' => 'owner_guid', |
|
278 | + 'guid_column' => 'guid', |
|
279 | + ]; |
|
280 | + |
|
281 | + foreach ($options as $key => $value) { |
|
282 | + if (is_null($value)) { |
|
283 | + // remove null values so we don't loose defaults in array_merge |
|
284 | + unset($options[$key]); |
|
285 | + } |
|
286 | + } |
|
287 | + |
|
288 | + $options = array_merge($defaults, $options); |
|
289 | + |
|
290 | + // just in case someone passes a . at the end |
|
291 | + $options['table_alias'] = rtrim($options['table_alias'], '.'); |
|
292 | + |
|
293 | + foreach (['table_alias', 'access_column', 'owner_guid_column', 'guid_column'] as $key) { |
|
294 | + $options[$key] = sanitize_string($options[$key]); |
|
295 | + } |
|
296 | + $options['user_guid'] = sanitize_int($options['user_guid'], false); |
|
297 | + |
|
298 | + // only add dot if we have an alias or table name |
|
299 | + $table_alias = $options['table_alias'] ? $options['table_alias'] . '.' : ''; |
|
300 | + |
|
301 | + if (!isset($options['ignore_access'])) { |
|
302 | + $options['ignore_access'] = elgg_check_access_overrides($options['user_guid']); |
|
303 | + } |
|
304 | + |
|
305 | + $clauses = [ |
|
306 | + 'ors' => [], |
|
307 | + 'ands' => [] |
|
308 | + ]; |
|
309 | + |
|
310 | + $prefix = $this->db->prefix; |
|
311 | + |
|
312 | + if ($options['ignore_access']) { |
|
313 | + $clauses['ors']['ignore_access'] = '1 = 1'; |
|
314 | + } else if ($options['user_guid']) { |
|
315 | + // include content of user's friends |
|
316 | + $clauses['ors']['friends_access'] = "$table_alias{$options['access_column']} = " . ACCESS_FRIENDS . " |
|
317 | 317 | AND $table_alias{$options['owner_guid_column']} IN ( |
318 | 318 | SELECT guid_one FROM {$prefix}entity_relationships |
319 | 319 | WHERE relationship = 'friend' AND guid_two = {$options['user_guid']} |
320 | 320 | )"; |
321 | 321 | |
322 | - // include user's content |
|
323 | - $clauses['ors']['owner_access'] = "$table_alias{$options['owner_guid_column']} = {$options['user_guid']}"; |
|
324 | - } |
|
325 | - |
|
326 | - // include standard accesses (public, logged in, access collections) |
|
327 | - if (!$options['ignore_access']) { |
|
328 | - $access_list = $this->getAccessList($options['user_guid']); |
|
329 | - $clauses['ors']['acl_access'] = "$table_alias{$options['access_column']} IN {$access_list}"; |
|
330 | - } |
|
331 | - |
|
332 | - if ($options['use_enabled_clause']) { |
|
333 | - $clauses['ands']['use_enabled'] = "{$table_alias}enabled = 'yes'"; |
|
334 | - } |
|
335 | - |
|
336 | - $clauses = $this->hooks->trigger('get_sql', 'access', $options, $clauses); |
|
337 | - |
|
338 | - $clauses_str = ''; |
|
339 | - if (is_array($clauses['ors']) && $clauses['ors']) { |
|
340 | - $clauses_str = '(' . implode(' OR ', $clauses['ors']) . ')'; |
|
341 | - } |
|
342 | - |
|
343 | - if (is_array($clauses['ands']) && $clauses['ands']) { |
|
344 | - if ($clauses_str) { |
|
345 | - $clauses_str .= ' AND '; |
|
346 | - } |
|
347 | - $clauses_str .= '(' . implode(' AND ', $clauses['ands']) . ')'; |
|
348 | - } |
|
349 | - |
|
350 | - return "($clauses_str)"; |
|
351 | - } |
|
352 | - |
|
353 | - /** |
|
354 | - * Can a user access an entity. |
|
355 | - * |
|
356 | - * @warning If a logged in user doesn't have access to an entity, the |
|
357 | - * core engine will not load that entity. |
|
358 | - * |
|
359 | - * @tip This is mostly useful for checking if a user other than the logged in |
|
360 | - * user has access to an entity that is currently loaded. |
|
361 | - * |
|
362 | - * @todo This function would be much more useful if we could pass the guid of the |
|
363 | - * entity to test access for. We need to be able to tell whether the entity exists |
|
364 | - * and whether the user has access to the entity. |
|
365 | - * |
|
366 | - * @param ElggEntity $entity The entity to check access for. |
|
367 | - * @param ElggUser $user Optionally user to check access for. Defaults to |
|
368 | - * logged in user (which is a useless default). |
|
369 | - * |
|
370 | - * @return bool |
|
371 | - */ |
|
372 | - public function hasAccessToEntity($entity, $user = null) { |
|
373 | - if (!$entity instanceof \ElggEntity) { |
|
374 | - return false; |
|
375 | - } |
|
376 | - |
|
377 | - if ($entity->access_id == ACCESS_PUBLIC) { |
|
378 | - // Public entities are always accessible |
|
379 | - return true; |
|
380 | - } |
|
381 | - |
|
382 | - $user_guid = isset($user) ? (int) $user->guid : elgg_get_logged_in_user_guid(); |
|
383 | - |
|
384 | - if ($user_guid && $user_guid == $entity->owner_guid) { |
|
385 | - // Owners have access to their own content |
|
386 | - return true; |
|
387 | - } |
|
388 | - |
|
389 | - if ($user_guid && $entity->access_id == ACCESS_LOGGED_IN) { |
|
390 | - // Existing users have access to entities with logged in access |
|
391 | - return true; |
|
392 | - } |
|
393 | - |
|
394 | - // See #7159. Must not allow ignore access to affect query |
|
395 | - $ia = elgg_set_ignore_access(false); |
|
322 | + // include user's content |
|
323 | + $clauses['ors']['owner_access'] = "$table_alias{$options['owner_guid_column']} = {$options['user_guid']}"; |
|
324 | + } |
|
325 | + |
|
326 | + // include standard accesses (public, logged in, access collections) |
|
327 | + if (!$options['ignore_access']) { |
|
328 | + $access_list = $this->getAccessList($options['user_guid']); |
|
329 | + $clauses['ors']['acl_access'] = "$table_alias{$options['access_column']} IN {$access_list}"; |
|
330 | + } |
|
331 | + |
|
332 | + if ($options['use_enabled_clause']) { |
|
333 | + $clauses['ands']['use_enabled'] = "{$table_alias}enabled = 'yes'"; |
|
334 | + } |
|
335 | + |
|
336 | + $clauses = $this->hooks->trigger('get_sql', 'access', $options, $clauses); |
|
337 | + |
|
338 | + $clauses_str = ''; |
|
339 | + if (is_array($clauses['ors']) && $clauses['ors']) { |
|
340 | + $clauses_str = '(' . implode(' OR ', $clauses['ors']) . ')'; |
|
341 | + } |
|
342 | + |
|
343 | + if (is_array($clauses['ands']) && $clauses['ands']) { |
|
344 | + if ($clauses_str) { |
|
345 | + $clauses_str .= ' AND '; |
|
346 | + } |
|
347 | + $clauses_str .= '(' . implode(' AND ', $clauses['ands']) . ')'; |
|
348 | + } |
|
349 | + |
|
350 | + return "($clauses_str)"; |
|
351 | + } |
|
352 | + |
|
353 | + /** |
|
354 | + * Can a user access an entity. |
|
355 | + * |
|
356 | + * @warning If a logged in user doesn't have access to an entity, the |
|
357 | + * core engine will not load that entity. |
|
358 | + * |
|
359 | + * @tip This is mostly useful for checking if a user other than the logged in |
|
360 | + * user has access to an entity that is currently loaded. |
|
361 | + * |
|
362 | + * @todo This function would be much more useful if we could pass the guid of the |
|
363 | + * entity to test access for. We need to be able to tell whether the entity exists |
|
364 | + * and whether the user has access to the entity. |
|
365 | + * |
|
366 | + * @param ElggEntity $entity The entity to check access for. |
|
367 | + * @param ElggUser $user Optionally user to check access for. Defaults to |
|
368 | + * logged in user (which is a useless default). |
|
369 | + * |
|
370 | + * @return bool |
|
371 | + */ |
|
372 | + public function hasAccessToEntity($entity, $user = null) { |
|
373 | + if (!$entity instanceof \ElggEntity) { |
|
374 | + return false; |
|
375 | + } |
|
376 | + |
|
377 | + if ($entity->access_id == ACCESS_PUBLIC) { |
|
378 | + // Public entities are always accessible |
|
379 | + return true; |
|
380 | + } |
|
381 | + |
|
382 | + $user_guid = isset($user) ? (int) $user->guid : elgg_get_logged_in_user_guid(); |
|
383 | + |
|
384 | + if ($user_guid && $user_guid == $entity->owner_guid) { |
|
385 | + // Owners have access to their own content |
|
386 | + return true; |
|
387 | + } |
|
388 | + |
|
389 | + if ($user_guid && $entity->access_id == ACCESS_LOGGED_IN) { |
|
390 | + // Existing users have access to entities with logged in access |
|
391 | + return true; |
|
392 | + } |
|
393 | + |
|
394 | + // See #7159. Must not allow ignore access to affect query |
|
395 | + $ia = elgg_set_ignore_access(false); |
|
396 | 396 | |
397 | - $row = $this->entities->getRow($entity->guid, $user_guid); |
|
398 | - |
|
399 | - elgg_set_ignore_access($ia); |
|
400 | - |
|
401 | - return !empty($row); |
|
402 | - } |
|
403 | - |
|
404 | - /** |
|
405 | - * Returns an array of access permissions that the user is allowed to save content with. |
|
406 | - * Permissions returned are of the form (id => 'name'). |
|
407 | - * |
|
408 | - * Example return value in English: |
|
409 | - * array( |
|
410 | - * 0 => 'Private', |
|
411 | - * -2 => 'Friends', |
|
412 | - * 1 => 'Logged in users', |
|
413 | - * 2 => 'Public', |
|
414 | - * 34 => 'My favorite friends', |
|
415 | - * ); |
|
416 | - * |
|
417 | - * Plugin hook of 'access:collections:write', 'user' |
|
418 | - * |
|
419 | - * @warning this only returns access collections that the user owns plus the |
|
420 | - * standard access levels. It does not return access collections that the user |
|
421 | - * belongs to such as the access collection for a group. |
|
422 | - * |
|
423 | - * @param int $user_guid The user's GUID. |
|
424 | - * @param bool $flush If this is set to true, this will ignore a cached access array |
|
425 | - * @param array $input_params Some parameters passed into an input/access view |
|
426 | - * |
|
427 | - * @return array List of access permissions |
|
428 | - */ |
|
429 | - public function getWriteAccessArray($user_guid = 0, $flush = false, array $input_params = []) { |
|
430 | - $cache = $this->access_cache; |
|
431 | - |
|
432 | - if ($flush) { |
|
433 | - $cache->clear(); |
|
434 | - } |
|
435 | - |
|
436 | - if ($user_guid == 0) { |
|
437 | - $user_guid = $this->session->getLoggedInUserGuid(); |
|
438 | - } |
|
439 | - |
|
440 | - $user_guid = (int) $user_guid; |
|
441 | - |
|
442 | - $hash = $user_guid . 'get_write_access_array'; |
|
443 | - |
|
444 | - if ($cache[$hash]) { |
|
445 | - $access_array = $cache[$hash]; |
|
446 | - } else { |
|
447 | - // @todo is there such a thing as public write access? |
|
448 | - $access_array = [ |
|
449 | - ACCESS_PRIVATE => $this->getReadableAccessLevel(ACCESS_PRIVATE), |
|
450 | - ACCESS_LOGGED_IN => $this->getReadableAccessLevel(ACCESS_LOGGED_IN), |
|
451 | - ACCESS_PUBLIC => $this->getReadableAccessLevel(ACCESS_PUBLIC) |
|
452 | - ]; |
|
453 | - |
|
454 | - $collections = $this->getEntityCollections($user_guid); |
|
455 | - if ($collections) { |
|
456 | - foreach ($collections as $collection) { |
|
457 | - $access_array[$collection->id] = $collection->name; |
|
458 | - } |
|
459 | - } |
|
460 | - |
|
461 | - if ($this->init_complete) { |
|
462 | - $cache[$hash] = $access_array; |
|
463 | - } |
|
464 | - } |
|
465 | - |
|
466 | - $options = [ |
|
467 | - 'user_id' => $user_guid, |
|
468 | - 'input_params' => $input_params, |
|
469 | - ]; |
|
470 | - return $this->hooks->trigger('access:collections:write', 'user', $options, $access_array); |
|
471 | - } |
|
472 | - |
|
473 | - /** |
|
474 | - * Can the user change this access collection? |
|
475 | - * |
|
476 | - * Use the plugin hook of 'access:collections:write', 'user' to change this. |
|
477 | - * @see get_write_access_array() for details on the hook. |
|
478 | - * |
|
479 | - * Respects access control disabling for admin users and {@link elgg_set_ignore_access()} |
|
480 | - * |
|
481 | - * @see get_write_access_array() |
|
482 | - * |
|
483 | - * @param int $collection_id The collection id |
|
484 | - * @param mixed $user_guid The user GUID to check for. Defaults to logged in user. |
|
485 | - * @return bool |
|
486 | - */ |
|
487 | - public function canEdit($collection_id, $user_guid = null) { |
|
488 | - try { |
|
489 | - $user = $this->entities->getUserForPermissionsCheck($user_guid); |
|
490 | - } catch (UserFetchFailureException $e) { |
|
491 | - return false; |
|
492 | - } |
|
493 | - |
|
494 | - $collection = $this->get($collection_id); |
|
495 | - |
|
496 | - if (!$user || !$collection) { |
|
497 | - return false; |
|
498 | - } |
|
499 | - |
|
500 | - if (elgg_check_access_overrides($user->guid)) { |
|
501 | - return true; |
|
502 | - } |
|
503 | - |
|
504 | - $write_access = $this->getWriteAccessArray($user->guid, true); |
|
505 | - return array_key_exists($collection_id, $write_access); |
|
506 | - } |
|
507 | - |
|
508 | - /** |
|
509 | - * Creates a new access collection. |
|
510 | - * |
|
511 | - * Access colletions allow plugins and users to create granular access |
|
512 | - * for entities. |
|
513 | - * |
|
514 | - * Triggers plugin hook 'access:collections:addcollection', 'collection' |
|
515 | - * |
|
516 | - * @internal Access collections are stored in the access_collections table. |
|
517 | - * Memberships to collections are in access_collections_membership. |
|
518 | - * |
|
519 | - * @param string $name The name of the collection. |
|
520 | - * @param int $owner_guid The GUID of the owner (default: currently logged in user). |
|
521 | - * |
|
522 | - * @return int|false The collection ID if successful and false on failure. |
|
523 | - */ |
|
524 | - public function create($name, $owner_guid = 0) { |
|
525 | - $name = trim($name); |
|
526 | - if (empty($name)) { |
|
527 | - return false; |
|
528 | - } |
|
529 | - |
|
530 | - if ($owner_guid == 0) { |
|
531 | - $owner_guid = $this->session->getLoggedInUserGuid(); |
|
532 | - } |
|
533 | - |
|
534 | - $query = " |
|
397 | + $row = $this->entities->getRow($entity->guid, $user_guid); |
|
398 | + |
|
399 | + elgg_set_ignore_access($ia); |
|
400 | + |
|
401 | + return !empty($row); |
|
402 | + } |
|
403 | + |
|
404 | + /** |
|
405 | + * Returns an array of access permissions that the user is allowed to save content with. |
|
406 | + * Permissions returned are of the form (id => 'name'). |
|
407 | + * |
|
408 | + * Example return value in English: |
|
409 | + * array( |
|
410 | + * 0 => 'Private', |
|
411 | + * -2 => 'Friends', |
|
412 | + * 1 => 'Logged in users', |
|
413 | + * 2 => 'Public', |
|
414 | + * 34 => 'My favorite friends', |
|
415 | + * ); |
|
416 | + * |
|
417 | + * Plugin hook of 'access:collections:write', 'user' |
|
418 | + * |
|
419 | + * @warning this only returns access collections that the user owns plus the |
|
420 | + * standard access levels. It does not return access collections that the user |
|
421 | + * belongs to such as the access collection for a group. |
|
422 | + * |
|
423 | + * @param int $user_guid The user's GUID. |
|
424 | + * @param bool $flush If this is set to true, this will ignore a cached access array |
|
425 | + * @param array $input_params Some parameters passed into an input/access view |
|
426 | + * |
|
427 | + * @return array List of access permissions |
|
428 | + */ |
|
429 | + public function getWriteAccessArray($user_guid = 0, $flush = false, array $input_params = []) { |
|
430 | + $cache = $this->access_cache; |
|
431 | + |
|
432 | + if ($flush) { |
|
433 | + $cache->clear(); |
|
434 | + } |
|
435 | + |
|
436 | + if ($user_guid == 0) { |
|
437 | + $user_guid = $this->session->getLoggedInUserGuid(); |
|
438 | + } |
|
439 | + |
|
440 | + $user_guid = (int) $user_guid; |
|
441 | + |
|
442 | + $hash = $user_guid . 'get_write_access_array'; |
|
443 | + |
|
444 | + if ($cache[$hash]) { |
|
445 | + $access_array = $cache[$hash]; |
|
446 | + } else { |
|
447 | + // @todo is there such a thing as public write access? |
|
448 | + $access_array = [ |
|
449 | + ACCESS_PRIVATE => $this->getReadableAccessLevel(ACCESS_PRIVATE), |
|
450 | + ACCESS_LOGGED_IN => $this->getReadableAccessLevel(ACCESS_LOGGED_IN), |
|
451 | + ACCESS_PUBLIC => $this->getReadableAccessLevel(ACCESS_PUBLIC) |
|
452 | + ]; |
|
453 | + |
|
454 | + $collections = $this->getEntityCollections($user_guid); |
|
455 | + if ($collections) { |
|
456 | + foreach ($collections as $collection) { |
|
457 | + $access_array[$collection->id] = $collection->name; |
|
458 | + } |
|
459 | + } |
|
460 | + |
|
461 | + if ($this->init_complete) { |
|
462 | + $cache[$hash] = $access_array; |
|
463 | + } |
|
464 | + } |
|
465 | + |
|
466 | + $options = [ |
|
467 | + 'user_id' => $user_guid, |
|
468 | + 'input_params' => $input_params, |
|
469 | + ]; |
|
470 | + return $this->hooks->trigger('access:collections:write', 'user', $options, $access_array); |
|
471 | + } |
|
472 | + |
|
473 | + /** |
|
474 | + * Can the user change this access collection? |
|
475 | + * |
|
476 | + * Use the plugin hook of 'access:collections:write', 'user' to change this. |
|
477 | + * @see get_write_access_array() for details on the hook. |
|
478 | + * |
|
479 | + * Respects access control disabling for admin users and {@link elgg_set_ignore_access()} |
|
480 | + * |
|
481 | + * @see get_write_access_array() |
|
482 | + * |
|
483 | + * @param int $collection_id The collection id |
|
484 | + * @param mixed $user_guid The user GUID to check for. Defaults to logged in user. |
|
485 | + * @return bool |
|
486 | + */ |
|
487 | + public function canEdit($collection_id, $user_guid = null) { |
|
488 | + try { |
|
489 | + $user = $this->entities->getUserForPermissionsCheck($user_guid); |
|
490 | + } catch (UserFetchFailureException $e) { |
|
491 | + return false; |
|
492 | + } |
|
493 | + |
|
494 | + $collection = $this->get($collection_id); |
|
495 | + |
|
496 | + if (!$user || !$collection) { |
|
497 | + return false; |
|
498 | + } |
|
499 | + |
|
500 | + if (elgg_check_access_overrides($user->guid)) { |
|
501 | + return true; |
|
502 | + } |
|
503 | + |
|
504 | + $write_access = $this->getWriteAccessArray($user->guid, true); |
|
505 | + return array_key_exists($collection_id, $write_access); |
|
506 | + } |
|
507 | + |
|
508 | + /** |
|
509 | + * Creates a new access collection. |
|
510 | + * |
|
511 | + * Access colletions allow plugins and users to create granular access |
|
512 | + * for entities. |
|
513 | + * |
|
514 | + * Triggers plugin hook 'access:collections:addcollection', 'collection' |
|
515 | + * |
|
516 | + * @internal Access collections are stored in the access_collections table. |
|
517 | + * Memberships to collections are in access_collections_membership. |
|
518 | + * |
|
519 | + * @param string $name The name of the collection. |
|
520 | + * @param int $owner_guid The GUID of the owner (default: currently logged in user). |
|
521 | + * |
|
522 | + * @return int|false The collection ID if successful and false on failure. |
|
523 | + */ |
|
524 | + public function create($name, $owner_guid = 0) { |
|
525 | + $name = trim($name); |
|
526 | + if (empty($name)) { |
|
527 | + return false; |
|
528 | + } |
|
529 | + |
|
530 | + if ($owner_guid == 0) { |
|
531 | + $owner_guid = $this->session->getLoggedInUserGuid(); |
|
532 | + } |
|
533 | + |
|
534 | + $query = " |
|
535 | 535 | INSERT INTO {$this->table} |
536 | 536 | SET name = :name, |
537 | 537 | owner_guid = :owner_guid |
538 | 538 | "; |
539 | 539 | |
540 | - $params = [ |
|
541 | - ':name' => $name, |
|
542 | - ':owner_guid' => (int) $owner_guid, |
|
543 | - ]; |
|
544 | - |
|
545 | - $id = $this->db->insertData($query, $params); |
|
546 | - if (!$id) { |
|
547 | - return false; |
|
548 | - } |
|
549 | - |
|
550 | - $this->access_cache->clear(); |
|
551 | - |
|
552 | - $hook_params = [ |
|
553 | - 'collection_id' => $id, |
|
554 | - 'name' => $name, |
|
555 | - 'owner_guid' => $owner_guid, |
|
556 | - ]; |
|
557 | - |
|
558 | - if (!$this->hooks->trigger('access:collections:addcollection', 'collection', $hook_params, true)) { |
|
559 | - $this->delete($id); |
|
560 | - return false; |
|
561 | - } |
|
562 | - |
|
563 | - return $id; |
|
564 | - } |
|
565 | - |
|
566 | - /** |
|
567 | - * Renames an access collection |
|
568 | - * |
|
569 | - * @param int $collection_id ID of the collection |
|
570 | - * @param string $name The name of the collection |
|
571 | - * @return bool |
|
572 | - */ |
|
573 | - public function rename($collection_id, $name) { |
|
574 | - |
|
575 | - $query = " |
|
540 | + $params = [ |
|
541 | + ':name' => $name, |
|
542 | + ':owner_guid' => (int) $owner_guid, |
|
543 | + ]; |
|
544 | + |
|
545 | + $id = $this->db->insertData($query, $params); |
|
546 | + if (!$id) { |
|
547 | + return false; |
|
548 | + } |
|
549 | + |
|
550 | + $this->access_cache->clear(); |
|
551 | + |
|
552 | + $hook_params = [ |
|
553 | + 'collection_id' => $id, |
|
554 | + 'name' => $name, |
|
555 | + 'owner_guid' => $owner_guid, |
|
556 | + ]; |
|
557 | + |
|
558 | + if (!$this->hooks->trigger('access:collections:addcollection', 'collection', $hook_params, true)) { |
|
559 | + $this->delete($id); |
|
560 | + return false; |
|
561 | + } |
|
562 | + |
|
563 | + return $id; |
|
564 | + } |
|
565 | + |
|
566 | + /** |
|
567 | + * Renames an access collection |
|
568 | + * |
|
569 | + * @param int $collection_id ID of the collection |
|
570 | + * @param string $name The name of the collection |
|
571 | + * @return bool |
|
572 | + */ |
|
573 | + public function rename($collection_id, $name) { |
|
574 | + |
|
575 | + $query = " |
|
576 | 576 | UPDATE {$this->table} |
577 | 577 | SET name = :name |
578 | 578 | WHERE id = :id |
579 | 579 | "; |
580 | 580 | |
581 | - $params = [ |
|
582 | - ':name' => $name, |
|
583 | - ':id' => (int) $collection_id, |
|
584 | - ]; |
|
585 | - |
|
586 | - if ($this->db->insertData($query, $params)) { |
|
587 | - $this->access_cache->clear(); |
|
588 | - return (int) $collection_id; |
|
589 | - } |
|
590 | - |
|
591 | - return false; |
|
592 | - } |
|
593 | - |
|
594 | - |
|
595 | - /** |
|
596 | - * Updates the membership in an access collection. |
|
597 | - * |
|
598 | - * @warning Expects a full list of all members that should |
|
599 | - * be part of the access collection |
|
600 | - * |
|
601 | - * @note This will run all hooks associated with adding or removing |
|
602 | - * members to access collections. |
|
603 | - * |
|
604 | - * @param int $collection_id ID of the collection. |
|
605 | - * @param array $new_members Array of member entities or GUIDs |
|
606 | - * @return bool |
|
607 | - */ |
|
608 | - public function update($collection_id, array $new_members = []) { |
|
609 | - $acl = $this->get($collection_id); |
|
610 | - |
|
611 | - if (!$acl) { |
|
612 | - return false; |
|
613 | - } |
|
581 | + $params = [ |
|
582 | + ':name' => $name, |
|
583 | + ':id' => (int) $collection_id, |
|
584 | + ]; |
|
585 | + |
|
586 | + if ($this->db->insertData($query, $params)) { |
|
587 | + $this->access_cache->clear(); |
|
588 | + return (int) $collection_id; |
|
589 | + } |
|
590 | + |
|
591 | + return false; |
|
592 | + } |
|
593 | + |
|
594 | + |
|
595 | + /** |
|
596 | + * Updates the membership in an access collection. |
|
597 | + * |
|
598 | + * @warning Expects a full list of all members that should |
|
599 | + * be part of the access collection |
|
600 | + * |
|
601 | + * @note This will run all hooks associated with adding or removing |
|
602 | + * members to access collections. |
|
603 | + * |
|
604 | + * @param int $collection_id ID of the collection. |
|
605 | + * @param array $new_members Array of member entities or GUIDs |
|
606 | + * @return bool |
|
607 | + */ |
|
608 | + public function update($collection_id, array $new_members = []) { |
|
609 | + $acl = $this->get($collection_id); |
|
610 | + |
|
611 | + if (!$acl) { |
|
612 | + return false; |
|
613 | + } |
|
614 | 614 | |
615 | - $to_guid = function($elem) { |
|
616 | - if (empty($elem)) { |
|
617 | - return 0; |
|
618 | - } |
|
619 | - if (is_object($elem)) { |
|
620 | - return (int) $elem->guid; |
|
621 | - } |
|
622 | - return (int) $elem; |
|
623 | - }; |
|
615 | + $to_guid = function($elem) { |
|
616 | + if (empty($elem)) { |
|
617 | + return 0; |
|
618 | + } |
|
619 | + if (is_object($elem)) { |
|
620 | + return (int) $elem->guid; |
|
621 | + } |
|
622 | + return (int) $elem; |
|
623 | + }; |
|
624 | 624 | |
625 | - $current_members = []; |
|
626 | - $new_members = array_map($to_guid, $new_members); |
|
625 | + $current_members = []; |
|
626 | + $new_members = array_map($to_guid, $new_members); |
|
627 | 627 | |
628 | - $current_members_batch = $this->getMembers($collection_id, [ |
|
629 | - 'batch' => true, |
|
630 | - 'limit' => 0, |
|
631 | - 'callback' => false, |
|
632 | - ]); |
|
628 | + $current_members_batch = $this->getMembers($collection_id, [ |
|
629 | + 'batch' => true, |
|
630 | + 'limit' => 0, |
|
631 | + 'callback' => false, |
|
632 | + ]); |
|
633 | 633 | |
634 | - foreach ($current_members_batch as $row) { |
|
635 | - $current_members[] = $to_guid($row); |
|
636 | - } |
|
634 | + foreach ($current_members_batch as $row) { |
|
635 | + $current_members[] = $to_guid($row); |
|
636 | + } |
|
637 | 637 | |
638 | - $remove_members = array_diff($current_members, $new_members); |
|
639 | - $add_members = array_diff($new_members, $current_members); |
|
638 | + $remove_members = array_diff($current_members, $new_members); |
|
639 | + $add_members = array_diff($new_members, $current_members); |
|
640 | 640 | |
641 | - $result = true; |
|
641 | + $result = true; |
|
642 | 642 | |
643 | - foreach ($add_members as $guid) { |
|
644 | - $result = $result && $this->addUser($guid, $collection_id); |
|
645 | - } |
|
643 | + foreach ($add_members as $guid) { |
|
644 | + $result = $result && $this->addUser($guid, $collection_id); |
|
645 | + } |
|
646 | 646 | |
647 | - foreach ($remove_members as $guid) { |
|
648 | - $result = $result && $this->removeUser($guid, $collection_id); |
|
649 | - } |
|
647 | + foreach ($remove_members as $guid) { |
|
648 | + $result = $result && $this->removeUser($guid, $collection_id); |
|
649 | + } |
|
650 | 650 | |
651 | - $this->access_cache->clear(); |
|
651 | + $this->access_cache->clear(); |
|
652 | 652 | |
653 | - return $result; |
|
654 | - } |
|
653 | + return $result; |
|
654 | + } |
|
655 | 655 | |
656 | - /** |
|
657 | - * Deletes a collection and its membership information |
|
658 | - * |
|
659 | - * @param int $collection_id ID of the collection |
|
660 | - * @return bool |
|
661 | - */ |
|
662 | - public function delete($collection_id) { |
|
663 | - $collection_id = (int) $collection_id; |
|
656 | + /** |
|
657 | + * Deletes a collection and its membership information |
|
658 | + * |
|
659 | + * @param int $collection_id ID of the collection |
|
660 | + * @return bool |
|
661 | + */ |
|
662 | + public function delete($collection_id) { |
|
663 | + $collection_id = (int) $collection_id; |
|
664 | 664 | |
665 | - $params = [ |
|
666 | - 'collection_id' => $collection_id, |
|
667 | - ]; |
|
665 | + $params = [ |
|
666 | + 'collection_id' => $collection_id, |
|
667 | + ]; |
|
668 | 668 | |
669 | - if (!$this->hooks->trigger('access:collections:deletecollection', 'collection', $params, true)) { |
|
670 | - return false; |
|
671 | - } |
|
669 | + if (!$this->hooks->trigger('access:collections:deletecollection', 'collection', $params, true)) { |
|
670 | + return false; |
|
671 | + } |
|
672 | 672 | |
673 | - // Deleting membership doesn't affect result of deleting ACL. |
|
674 | - $query = " |
|
673 | + // Deleting membership doesn't affect result of deleting ACL. |
|
674 | + $query = " |
|
675 | 675 | DELETE FROM {$this->membership_table} |
676 | 676 | WHERE access_collection_id = :access_collection_id |
677 | 677 | "; |
678 | - $this->db->deleteData($query, [ |
|
679 | - ':access_collection_id' => $collection_id, |
|
680 | - ]); |
|
678 | + $this->db->deleteData($query, [ |
|
679 | + ':access_collection_id' => $collection_id, |
|
680 | + ]); |
|
681 | 681 | |
682 | - $query = " |
|
682 | + $query = " |
|
683 | 683 | DELETE FROM {$this->table} |
684 | 684 | WHERE id = :id |
685 | 685 | "; |
686 | - $result = $this->db->deleteData($query, [ |
|
687 | - ':id' => $collection_id, |
|
688 | - ]); |
|
686 | + $result = $this->db->deleteData($query, [ |
|
687 | + ':id' => $collection_id, |
|
688 | + ]); |
|
689 | 689 | |
690 | - $this->access_cache->clear(); |
|
690 | + $this->access_cache->clear(); |
|
691 | 691 | |
692 | - return (bool) $result; |
|
693 | - } |
|
694 | - |
|
695 | - /** |
|
696 | - * Transforms a database row to an instance of ElggAccessCollection |
|
697 | - * |
|
698 | - * @param \stdClass $row Database row |
|
699 | - * @return \ElggAccessCollection |
|
700 | - */ |
|
701 | - public function rowToElggAccessCollection(\stdClass $row) { |
|
702 | - return new \ElggAccessCollection($row); |
|
703 | - } |
|
704 | - |
|
705 | - /** |
|
706 | - * Get a specified access collection |
|
707 | - * |
|
708 | - * @note This doesn't return the members of an access collection, |
|
709 | - * just the database row of the actual collection. |
|
710 | - * |
|
711 | - * @see get_members_of_access_collection() |
|
712 | - * |
|
713 | - * @param int $collection_id The collection ID |
|
714 | - * @return \ElggAccessCollection|false |
|
715 | - */ |
|
716 | - public function get($collection_id) { |
|
717 | - |
|
718 | - $callback = [$this, 'rowToElggAccessCollection']; |
|
719 | - |
|
720 | - $query = " |
|
692 | + return (bool) $result; |
|
693 | + } |
|
694 | + |
|
695 | + /** |
|
696 | + * Transforms a database row to an instance of ElggAccessCollection |
|
697 | + * |
|
698 | + * @param \stdClass $row Database row |
|
699 | + * @return \ElggAccessCollection |
|
700 | + */ |
|
701 | + public function rowToElggAccessCollection(\stdClass $row) { |
|
702 | + return new \ElggAccessCollection($row); |
|
703 | + } |
|
704 | + |
|
705 | + /** |
|
706 | + * Get a specified access collection |
|
707 | + * |
|
708 | + * @note This doesn't return the members of an access collection, |
|
709 | + * just the database row of the actual collection. |
|
710 | + * |
|
711 | + * @see get_members_of_access_collection() |
|
712 | + * |
|
713 | + * @param int $collection_id The collection ID |
|
714 | + * @return \ElggAccessCollection|false |
|
715 | + */ |
|
716 | + public function get($collection_id) { |
|
717 | + |
|
718 | + $callback = [$this, 'rowToElggAccessCollection']; |
|
719 | + |
|
720 | + $query = " |
|
721 | 721 | SELECT * FROM {$this->table} |
722 | 722 | WHERE id = :id |
723 | 723 | "; |
724 | 724 | |
725 | - return $this->db->getDataRow($query, $callback, [ |
|
726 | - ':id' => (int) $collection_id, |
|
727 | - ]); |
|
728 | - } |
|
729 | - |
|
730 | - /** |
|
731 | - * Check if user is already in the collection |
|
732 | - * |
|
733 | - * @param int $user_guid GUID of the user |
|
734 | - * @param int $collection_id ID of the collection |
|
735 | - * @return bool |
|
736 | - */ |
|
737 | - public function hasUser($user_guid, $collection_id) { |
|
738 | - $options = [ |
|
739 | - 'guids' => (int) $user_guid, |
|
740 | - 'count' => true, |
|
741 | - ]; |
|
742 | - return (bool) $this->getMembers($collection_id, $options); |
|
743 | - } |
|
744 | - |
|
745 | - /** |
|
746 | - * Adds a user to an access collection. |
|
747 | - * |
|
748 | - * Triggers the 'access:collections:add_user', 'collection' plugin hook. |
|
749 | - * |
|
750 | - * @param int $user_guid GUID of the user to add |
|
751 | - * @param int $collection_id ID of the collection to add them to |
|
752 | - * @return bool |
|
753 | - */ |
|
754 | - public function addUser($user_guid, $collection_id) { |
|
755 | - |
|
756 | - $collection = $this->get($collection_id); |
|
757 | - |
|
758 | - if (!$collection) { |
|
759 | - return false; |
|
760 | - } |
|
761 | - |
|
762 | - if (!$this->entities->exists($user_guid)) { |
|
763 | - return false; |
|
764 | - } |
|
765 | - |
|
766 | - $hook_params = [ |
|
767 | - 'collection_id' => $collection->id, |
|
768 | - 'user_guid' => (int) $user_guid |
|
769 | - ]; |
|
770 | - |
|
771 | - $result = $this->hooks->trigger('access:collections:add_user', 'collection', $hook_params, true); |
|
772 | - if ($result == false) { |
|
773 | - return false; |
|
774 | - } |
|
775 | - |
|
776 | - // if someone tries to insert the same data twice, we do a no-op on duplicate key |
|
777 | - $query = " |
|
725 | + return $this->db->getDataRow($query, $callback, [ |
|
726 | + ':id' => (int) $collection_id, |
|
727 | + ]); |
|
728 | + } |
|
729 | + |
|
730 | + /** |
|
731 | + * Check if user is already in the collection |
|
732 | + * |
|
733 | + * @param int $user_guid GUID of the user |
|
734 | + * @param int $collection_id ID of the collection |
|
735 | + * @return bool |
|
736 | + */ |
|
737 | + public function hasUser($user_guid, $collection_id) { |
|
738 | + $options = [ |
|
739 | + 'guids' => (int) $user_guid, |
|
740 | + 'count' => true, |
|
741 | + ]; |
|
742 | + return (bool) $this->getMembers($collection_id, $options); |
|
743 | + } |
|
744 | + |
|
745 | + /** |
|
746 | + * Adds a user to an access collection. |
|
747 | + * |
|
748 | + * Triggers the 'access:collections:add_user', 'collection' plugin hook. |
|
749 | + * |
|
750 | + * @param int $user_guid GUID of the user to add |
|
751 | + * @param int $collection_id ID of the collection to add them to |
|
752 | + * @return bool |
|
753 | + */ |
|
754 | + public function addUser($user_guid, $collection_id) { |
|
755 | + |
|
756 | + $collection = $this->get($collection_id); |
|
757 | + |
|
758 | + if (!$collection) { |
|
759 | + return false; |
|
760 | + } |
|
761 | + |
|
762 | + if (!$this->entities->exists($user_guid)) { |
|
763 | + return false; |
|
764 | + } |
|
765 | + |
|
766 | + $hook_params = [ |
|
767 | + 'collection_id' => $collection->id, |
|
768 | + 'user_guid' => (int) $user_guid |
|
769 | + ]; |
|
770 | + |
|
771 | + $result = $this->hooks->trigger('access:collections:add_user', 'collection', $hook_params, true); |
|
772 | + if ($result == false) { |
|
773 | + return false; |
|
774 | + } |
|
775 | + |
|
776 | + // if someone tries to insert the same data twice, we do a no-op on duplicate key |
|
777 | + $query = " |
|
778 | 778 | INSERT INTO {$this->membership_table} |
779 | 779 | SET access_collection_id = :access_collection_id, |
780 | 780 | user_guid = :user_guid |
781 | 781 | ON DUPLICATE KEY UPDATE user_guid = user_guid |
782 | 782 | "; |
783 | 783 | |
784 | - $result = $this->db->insertData($query, [ |
|
785 | - ':access_collection_id' => (int) $collection->id, |
|
786 | - ':user_guid' => (int) $user_guid, |
|
787 | - ]); |
|
784 | + $result = $this->db->insertData($query, [ |
|
785 | + ':access_collection_id' => (int) $collection->id, |
|
786 | + ':user_guid' => (int) $user_guid, |
|
787 | + ]); |
|
788 | 788 | |
789 | - $this->access_cache->clear(); |
|
789 | + $this->access_cache->clear(); |
|
790 | 790 | |
791 | - return $result !== false; |
|
792 | - } |
|
793 | - |
|
794 | - /** |
|
795 | - * Removes a user from an access collection. |
|
796 | - * |
|
797 | - * Triggers the 'access:collections:remove_user', 'collection' plugin hook. |
|
798 | - * |
|
799 | - * @param int $user_guid GUID of the user |
|
800 | - * @param int $collection_id ID of the collection |
|
801 | - * @return bool |
|
802 | - */ |
|
803 | - public function removeUser($user_guid, $collection_id) { |
|
804 | - |
|
805 | - $params = [ |
|
806 | - 'collection_id' => (int) $collection_id, |
|
807 | - 'user_guid' => (int) $user_guid, |
|
808 | - ]; |
|
809 | - |
|
810 | - if (!$this->hooks->trigger('access:collections:remove_user', 'collection', $params, true)) { |
|
811 | - return false; |
|
812 | - } |
|
813 | - |
|
814 | - $query = " |
|
791 | + return $result !== false; |
|
792 | + } |
|
793 | + |
|
794 | + /** |
|
795 | + * Removes a user from an access collection. |
|
796 | + * |
|
797 | + * Triggers the 'access:collections:remove_user', 'collection' plugin hook. |
|
798 | + * |
|
799 | + * @param int $user_guid GUID of the user |
|
800 | + * @param int $collection_id ID of the collection |
|
801 | + * @return bool |
|
802 | + */ |
|
803 | + public function removeUser($user_guid, $collection_id) { |
|
804 | + |
|
805 | + $params = [ |
|
806 | + 'collection_id' => (int) $collection_id, |
|
807 | + 'user_guid' => (int) $user_guid, |
|
808 | + ]; |
|
809 | + |
|
810 | + if (!$this->hooks->trigger('access:collections:remove_user', 'collection', $params, true)) { |
|
811 | + return false; |
|
812 | + } |
|
813 | + |
|
814 | + $query = " |
|
815 | 815 | DELETE FROM {$this->membership_table} |
816 | 816 | WHERE access_collection_id = :access_collection_id |
817 | 817 | AND user_guid = :user_guid |
818 | 818 | "; |
819 | 819 | |
820 | - $this->access_cache->clear(); |
|
820 | + $this->access_cache->clear(); |
|
821 | 821 | |
822 | - return (bool) $this->db->deleteData($query, [ |
|
823 | - ':access_collection_id' => (int) $collection_id, |
|
824 | - ':user_guid' => (int) $user_guid, |
|
825 | - ]); |
|
826 | - } |
|
822 | + return (bool) $this->db->deleteData($query, [ |
|
823 | + ':access_collection_id' => (int) $collection_id, |
|
824 | + ':user_guid' => (int) $user_guid, |
|
825 | + ]); |
|
826 | + } |
|
827 | 827 | |
828 | - /** |
|
829 | - * Returns access collections owned by the user |
|
830 | - * |
|
831 | - * @param int $owner_guid GUID of the owner |
|
832 | - * @return ElggAccessCollection[]|false |
|
833 | - */ |
|
834 | - public function getEntityCollections($owner_guid) { |
|
828 | + /** |
|
829 | + * Returns access collections owned by the user |
|
830 | + * |
|
831 | + * @param int $owner_guid GUID of the owner |
|
832 | + * @return ElggAccessCollection[]|false |
|
833 | + */ |
|
834 | + public function getEntityCollections($owner_guid) { |
|
835 | 835 | |
836 | - $callback = [$this, 'rowToElggAccessCollection']; |
|
836 | + $callback = [$this, 'rowToElggAccessCollection']; |
|
837 | 837 | |
838 | - $query = " |
|
838 | + $query = " |
|
839 | 839 | SELECT * FROM {$this->table} |
840 | 840 | WHERE owner_guid = :owner_guid |
841 | 841 | ORDER BY name ASC |
842 | 842 | "; |
843 | 843 | |
844 | - $params = [ |
|
845 | - ':owner_guid' => (int) $owner_guid, |
|
846 | - ]; |
|
844 | + $params = [ |
|
845 | + ':owner_guid' => (int) $owner_guid, |
|
846 | + ]; |
|
847 | 847 | |
848 | - return $this->db->getData($query, $callback, $params); |
|
849 | - } |
|
848 | + return $this->db->getData($query, $callback, $params); |
|
849 | + } |
|
850 | 850 | |
851 | - /** |
|
852 | - * Get members of an access collection |
|
853 | - * |
|
854 | - * @param int $collection_id The collection's ID |
|
855 | - * @param array $options Ege* options |
|
856 | - * @return ElggEntity[]|false |
|
857 | - */ |
|
858 | - public function getMembers($collection_id, array $options = []) { |
|
851 | + /** |
|
852 | + * Get members of an access collection |
|
853 | + * |
|
854 | + * @param int $collection_id The collection's ID |
|
855 | + * @param array $options Ege* options |
|
856 | + * @return ElggEntity[]|false |
|
857 | + */ |
|
858 | + public function getMembers($collection_id, array $options = []) { |
|
859 | 859 | |
860 | - $options['joins'][] = "JOIN {$this->membership_table} acm"; |
|
860 | + $options['joins'][] = "JOIN {$this->membership_table} acm"; |
|
861 | 861 | |
862 | - $collection_id = (int) $collection_id; |
|
863 | - $options['wheres'][] = "e.guid = acm.user_guid AND acm.access_collection_id = {$collection_id}"; |
|
862 | + $collection_id = (int) $collection_id; |
|
863 | + $options['wheres'][] = "e.guid = acm.user_guid AND acm.access_collection_id = {$collection_id}"; |
|
864 | 864 | |
865 | - return $this->entities->getEntities($options); |
|
866 | - } |
|
865 | + return $this->entities->getEntities($options); |
|
866 | + } |
|
867 | 867 | |
868 | - /** |
|
869 | - * Return an array of collections that the entity is member of |
|
870 | - * |
|
871 | - * @param int $member_guid GUID of th member |
|
872 | - * |
|
873 | - * @return ElggAccessCollection[]|false |
|
874 | - */ |
|
875 | - public function getCollectionsByMember($member_guid) { |
|
868 | + /** |
|
869 | + * Return an array of collections that the entity is member of |
|
870 | + * |
|
871 | + * @param int $member_guid GUID of th member |
|
872 | + * |
|
873 | + * @return ElggAccessCollection[]|false |
|
874 | + */ |
|
875 | + public function getCollectionsByMember($member_guid) { |
|
876 | 876 | |
877 | - $callback = [$this, 'rowToElggAccessCollection']; |
|
877 | + $callback = [$this, 'rowToElggAccessCollection']; |
|
878 | 878 | |
879 | - $query = " |
|
879 | + $query = " |
|
880 | 880 | SELECT ac.* FROM {$this->table} ac |
881 | 881 | JOIN {$this->membership_table} acm |
882 | 882 | ON ac.id = acm.access_collection_id |
@@ -884,58 +884,58 @@ discard block |
||
884 | 884 | ORDER BY name ASC |
885 | 885 | "; |
886 | 886 | |
887 | - return $this->db->getData($query, $callback, [ |
|
888 | - ':member_guid' => (int) $member_guid, |
|
889 | - ]); |
|
890 | - } |
|
891 | - |
|
892 | - /** |
|
893 | - * Return the name of an ACCESS_* constant or an access collection, |
|
894 | - * but only if the logged in user owns the access collection or is an admin. |
|
895 | - * Ownership requirement prevents us from exposing names of access collections |
|
896 | - * that current user has been added to by other members and may contain |
|
897 | - * sensitive classification of the current user (e.g. close friends vs acquaintances). |
|
898 | - * |
|
899 | - * Returns a string in the language of the user for global access levels, e.g.'Public, 'Friends', 'Logged in', 'Private'; |
|
900 | - * or a name of the owned access collection, e.g. 'My work colleagues'; |
|
901 | - * or a name of the group or other access collection, e.g. 'Group: Elgg technical support'; |
|
902 | - * or 'Limited' if the user access is restricted to read-only, e.g. a friends collection the user was added to |
|
903 | - * |
|
904 | - * @param int $entity_access_id The entity's access id |
|
905 | - * |
|
906 | - * @return string |
|
907 | - * @since 1.11 |
|
908 | - */ |
|
909 | - public function getReadableAccessLevel($entity_access_id) { |
|
910 | - $access = (int) $entity_access_id; |
|
911 | - |
|
912 | - $translator = $this->translator; |
|
913 | - |
|
914 | - // Check if entity access id is a defined global constant |
|
915 | - $access_array = [ |
|
916 | - ACCESS_PRIVATE => $translator->translate("PRIVATE"), |
|
917 | - ACCESS_FRIENDS => $translator->translate("access:friends:label"), |
|
918 | - ACCESS_LOGGED_IN => $translator->translate("LOGGED_IN"), |
|
919 | - ACCESS_PUBLIC => $translator->translate("PUBLIC"), |
|
920 | - ]; |
|
921 | - |
|
922 | - if (array_key_exists($access, $access_array)) { |
|
923 | - return $access_array[$access]; |
|
924 | - } |
|
925 | - |
|
926 | - // Entity access id is probably a custom access collection |
|
927 | - // Check if the user has write access to it and can see it's label |
|
928 | - // Admins should always be able to see the readable version |
|
929 | - $collection = $this->get($access); |
|
930 | - |
|
931 | - $user_guid = $this->session->getLoggedInUserGuid(); |
|
887 | + return $this->db->getData($query, $callback, [ |
|
888 | + ':member_guid' => (int) $member_guid, |
|
889 | + ]); |
|
890 | + } |
|
891 | + |
|
892 | + /** |
|
893 | + * Return the name of an ACCESS_* constant or an access collection, |
|
894 | + * but only if the logged in user owns the access collection or is an admin. |
|
895 | + * Ownership requirement prevents us from exposing names of access collections |
|
896 | + * that current user has been added to by other members and may contain |
|
897 | + * sensitive classification of the current user (e.g. close friends vs acquaintances). |
|
898 | + * |
|
899 | + * Returns a string in the language of the user for global access levels, e.g.'Public, 'Friends', 'Logged in', 'Private'; |
|
900 | + * or a name of the owned access collection, e.g. 'My work colleagues'; |
|
901 | + * or a name of the group or other access collection, e.g. 'Group: Elgg technical support'; |
|
902 | + * or 'Limited' if the user access is restricted to read-only, e.g. a friends collection the user was added to |
|
903 | + * |
|
904 | + * @param int $entity_access_id The entity's access id |
|
905 | + * |
|
906 | + * @return string |
|
907 | + * @since 1.11 |
|
908 | + */ |
|
909 | + public function getReadableAccessLevel($entity_access_id) { |
|
910 | + $access = (int) $entity_access_id; |
|
911 | + |
|
912 | + $translator = $this->translator; |
|
913 | + |
|
914 | + // Check if entity access id is a defined global constant |
|
915 | + $access_array = [ |
|
916 | + ACCESS_PRIVATE => $translator->translate("PRIVATE"), |
|
917 | + ACCESS_FRIENDS => $translator->translate("access:friends:label"), |
|
918 | + ACCESS_LOGGED_IN => $translator->translate("LOGGED_IN"), |
|
919 | + ACCESS_PUBLIC => $translator->translate("PUBLIC"), |
|
920 | + ]; |
|
921 | + |
|
922 | + if (array_key_exists($access, $access_array)) { |
|
923 | + return $access_array[$access]; |
|
924 | + } |
|
925 | + |
|
926 | + // Entity access id is probably a custom access collection |
|
927 | + // Check if the user has write access to it and can see it's label |
|
928 | + // Admins should always be able to see the readable version |
|
929 | + $collection = $this->get($access); |
|
930 | + |
|
931 | + $user_guid = $this->session->getLoggedInUserGuid(); |
|
932 | 932 | |
933 | - if (!$collection || !$user_guid) { |
|
934 | - // return 'Limited' if there is no logged in user or collection can not be loaded |
|
935 | - return $translator->translate('access:limited:label'); |
|
936 | - } |
|
933 | + if (!$collection || !$user_guid) { |
|
934 | + // return 'Limited' if there is no logged in user or collection can not be loaded |
|
935 | + return $translator->translate('access:limited:label'); |
|
936 | + } |
|
937 | 937 | |
938 | - return $collection->getDisplayName(); |
|
939 | - } |
|
938 | + return $collection->getDisplayName(); |
|
939 | + } |
|
940 | 940 | |
941 | 941 | } |
@@ -9,13 +9,13 @@ |
||
9 | 9 | $translations = $all_translations['en']; |
10 | 10 | |
11 | 11 | if ($language != 'en' && !isset($all_translations[$language])) { |
12 | - // try to reload missing translations |
|
13 | - reload_all_translations(); |
|
14 | - $all_translations = _elgg_services()->translator->getLoadedTranslations(); |
|
12 | + // try to reload missing translations |
|
13 | + reload_all_translations(); |
|
14 | + $all_translations = _elgg_services()->translator->getLoadedTranslations(); |
|
15 | 15 | } |
16 | 16 | |
17 | 17 | if ($language != 'en' && isset($all_translations[$language])) { |
18 | - $translations = array_merge($translations, $all_translations[$language]); |
|
18 | + $translations = array_merge($translations, $all_translations[$language]); |
|
19 | 19 | } |
20 | 20 | |
21 | 21 | ?> |
@@ -2,7 +2,7 @@ |
||
2 | 2 | $autoload_path = __DIR__ . '/vendor/autoload.php'; |
3 | 3 | $autoload_available = include_once($autoload_path); |
4 | 4 | if (!$autoload_available) { |
5 | - die("Couldn't include '$autoload_path'. Did you run `composer install`?"); |
|
5 | + die("Couldn't include '$autoload_path'. Did you run `composer install`?"); |
|
6 | 6 | } |
7 | 7 | |
8 | 8 | return \Elgg\Application::index(); |
@@ -23,135 +23,135 @@ |
||
23 | 23 | */ |
24 | 24 | class ElggSite extends \ElggEntity { |
25 | 25 | |
26 | - /** |
|
27 | - * {@inheritdoc} |
|
28 | - */ |
|
29 | - public function getType() { |
|
30 | - return 'site'; |
|
31 | - } |
|
26 | + /** |
|
27 | + * {@inheritdoc} |
|
28 | + */ |
|
29 | + public function getType() { |
|
30 | + return 'site'; |
|
31 | + } |
|
32 | 32 | |
33 | - /** |
|
34 | - * {@inheritdoc} |
|
35 | - */ |
|
36 | - public function save() { |
|
37 | - $db = $this->getDatabase(); |
|
38 | - $row = $db->getDataRow(" |
|
33 | + /** |
|
34 | + * {@inheritdoc} |
|
35 | + */ |
|
36 | + public function save() { |
|
37 | + $db = $this->getDatabase(); |
|
38 | + $row = $db->getDataRow(" |
|
39 | 39 | SELECT guid FROM {$db->prefix}sites_entity |
40 | 40 | "); |
41 | - if ($row) { |
|
42 | - if ($row->guid == $this->attributes['guid']) { |
|
43 | - // can save active site |
|
44 | - return parent::save(); |
|
45 | - } |
|
41 | + if ($row) { |
|
42 | + if ($row->guid == $this->attributes['guid']) { |
|
43 | + // can save active site |
|
44 | + return parent::save(); |
|
45 | + } |
|
46 | 46 | |
47 | - _elgg_services()->logger->error('More than 1 site entity cannot be created.'); |
|
48 | - return false; |
|
49 | - } |
|
47 | + _elgg_services()->logger->error('More than 1 site entity cannot be created.'); |
|
48 | + return false; |
|
49 | + } |
|
50 | 50 | |
51 | - return parent::save(); // TODO: Change the autogenerated stub |
|
52 | - } |
|
51 | + return parent::save(); // TODO: Change the autogenerated stub |
|
52 | + } |
|
53 | 53 | |
54 | - /** |
|
55 | - * Delete the site. |
|
56 | - * |
|
57 | - * @note You cannot delete the current site. |
|
58 | - * |
|
59 | - * @return bool |
|
60 | - * @throws SecurityException |
|
61 | - */ |
|
62 | - public function delete() { |
|
63 | - if ($this->guid == 1) { |
|
64 | - throw new \SecurityException('You cannot delete the current site'); |
|
65 | - } |
|
54 | + /** |
|
55 | + * Delete the site. |
|
56 | + * |
|
57 | + * @note You cannot delete the current site. |
|
58 | + * |
|
59 | + * @return bool |
|
60 | + * @throws SecurityException |
|
61 | + */ |
|
62 | + public function delete() { |
|
63 | + if ($this->guid == 1) { |
|
64 | + throw new \SecurityException('You cannot delete the current site'); |
|
65 | + } |
|
66 | 66 | |
67 | - return parent::delete(); |
|
68 | - } |
|
67 | + return parent::delete(); |
|
68 | + } |
|
69 | 69 | |
70 | - /** |
|
71 | - * Disable the site |
|
72 | - * |
|
73 | - * @note You cannot disable the current site. |
|
74 | - * |
|
75 | - * @param string $reason Optional reason for disabling |
|
76 | - * @param bool $recursive Recursively disable all contained entities? |
|
77 | - * |
|
78 | - * @return bool |
|
79 | - * @throws SecurityException |
|
80 | - */ |
|
81 | - public function disable($reason = "", $recursive = true) { |
|
82 | - if ($this->guid == 1) { |
|
83 | - throw new \SecurityException('You cannot disable the current site'); |
|
84 | - } |
|
70 | + /** |
|
71 | + * Disable the site |
|
72 | + * |
|
73 | + * @note You cannot disable the current site. |
|
74 | + * |
|
75 | + * @param string $reason Optional reason for disabling |
|
76 | + * @param bool $recursive Recursively disable all contained entities? |
|
77 | + * |
|
78 | + * @return bool |
|
79 | + * @throws SecurityException |
|
80 | + */ |
|
81 | + public function disable($reason = "", $recursive = true) { |
|
82 | + if ($this->guid == 1) { |
|
83 | + throw new \SecurityException('You cannot disable the current site'); |
|
84 | + } |
|
85 | 85 | |
86 | - return parent::disable($reason, $recursive); |
|
87 | - } |
|
86 | + return parent::disable($reason, $recursive); |
|
87 | + } |
|
88 | 88 | |
89 | - /** |
|
90 | - * {@inheritdoc} |
|
91 | - */ |
|
92 | - public function __set($name, $value) { |
|
93 | - if ($name === 'url') { |
|
94 | - _elgg_services()->logger->warn("ElggSite::url cannot be set"); |
|
95 | - return; |
|
96 | - } |
|
97 | - parent::__set($name, $value); |
|
98 | - } |
|
89 | + /** |
|
90 | + * {@inheritdoc} |
|
91 | + */ |
|
92 | + public function __set($name, $value) { |
|
93 | + if ($name === 'url') { |
|
94 | + _elgg_services()->logger->warn("ElggSite::url cannot be set"); |
|
95 | + return; |
|
96 | + } |
|
97 | + parent::__set($name, $value); |
|
98 | + } |
|
99 | 99 | |
100 | - /** |
|
101 | - * {@inheritdoc} |
|
102 | - */ |
|
103 | - public function __get($name) { |
|
104 | - if ($name === 'url') { |
|
105 | - return $this->getURL(); |
|
106 | - } |
|
107 | - return parent::__get($name); |
|
108 | - } |
|
100 | + /** |
|
101 | + * {@inheritdoc} |
|
102 | + */ |
|
103 | + public function __get($name) { |
|
104 | + if ($name === 'url') { |
|
105 | + return $this->getURL(); |
|
106 | + } |
|
107 | + return parent::__get($name); |
|
108 | + } |
|
109 | 109 | |
110 | - /** |
|
111 | - * Returns the URL for this site |
|
112 | - * |
|
113 | - * @return string The URL |
|
114 | - */ |
|
115 | - public function getURL() { |
|
116 | - return _elgg_config()->wwwroot; |
|
117 | - } |
|
110 | + /** |
|
111 | + * Returns the URL for this site |
|
112 | + * |
|
113 | + * @return string The URL |
|
114 | + */ |
|
115 | + public function getURL() { |
|
116 | + return _elgg_config()->wwwroot; |
|
117 | + } |
|
118 | 118 | |
119 | - /** |
|
120 | - * {@inheritdoc} |
|
121 | - */ |
|
122 | - protected function prepareObject($object) { |
|
123 | - $object = parent::prepareObject($object); |
|
124 | - $object->name = $this->getDisplayName(); |
|
125 | - $object->description = $this->description; |
|
126 | - unset($object->read_access); |
|
127 | - return $object; |
|
128 | - } |
|
119 | + /** |
|
120 | + * {@inheritdoc} |
|
121 | + */ |
|
122 | + protected function prepareObject($object) { |
|
123 | + $object = parent::prepareObject($object); |
|
124 | + $object->name = $this->getDisplayName(); |
|
125 | + $object->description = $this->description; |
|
126 | + unset($object->read_access); |
|
127 | + return $object; |
|
128 | + } |
|
129 | 129 | |
130 | - /** |
|
131 | - * Get the domain for this site |
|
132 | - * |
|
133 | - * @return string |
|
134 | - * @since 1.9 |
|
135 | - */ |
|
136 | - public function getDomain() { |
|
137 | - $breakdown = parse_url($this->url); |
|
138 | - return $breakdown['host']; |
|
139 | - } |
|
130 | + /** |
|
131 | + * Get the domain for this site |
|
132 | + * |
|
133 | + * @return string |
|
134 | + * @since 1.9 |
|
135 | + */ |
|
136 | + public function getDomain() { |
|
137 | + $breakdown = parse_url($this->url); |
|
138 | + return $breakdown['host']; |
|
139 | + } |
|
140 | 140 | |
141 | - /** |
|
142 | - * Get the email address for the site |
|
143 | - * |
|
144 | - * This can be set in the basic site settings or fallback to noreply@domain |
|
145 | - * |
|
146 | - * @return string |
|
147 | - * @since 3.0.0 |
|
148 | - */ |
|
149 | - public function getEmailAddress() { |
|
150 | - $email = $this->email; |
|
151 | - if (empty($email)) { |
|
152 | - $email = "noreply@{$this->getDomain()}"; |
|
153 | - } |
|
141 | + /** |
|
142 | + * Get the email address for the site |
|
143 | + * |
|
144 | + * This can be set in the basic site settings or fallback to noreply@domain |
|
145 | + * |
|
146 | + * @return string |
|
147 | + * @since 3.0.0 |
|
148 | + */ |
|
149 | + public function getEmailAddress() { |
|
150 | + $email = $this->email; |
|
151 | + if (empty($email)) { |
|
152 | + $email = "noreply@{$this->getDomain()}"; |
|
153 | + } |
|
154 | 154 | |
155 | - return $email; |
|
156 | - } |
|
155 | + return $email; |
|
156 | + } |
|
157 | 157 | } |
@@ -17,340 +17,340 @@ |
||
17 | 17 | */ |
18 | 18 | class ElggSession { |
19 | 19 | |
20 | - /** |
|
21 | - * @var SessionInterface |
|
22 | - */ |
|
23 | - protected $storage; |
|
24 | - |
|
25 | - /** |
|
26 | - * @var \ElggUser|null |
|
27 | - */ |
|
28 | - protected $logged_in_user; |
|
29 | - |
|
30 | - /** |
|
31 | - * @var bool |
|
32 | - */ |
|
33 | - protected $ignore_access = false; |
|
34 | - |
|
35 | - /** |
|
36 | - * Constructor |
|
37 | - * |
|
38 | - * @param SessionInterface $storage The underlying Session implementation |
|
39 | - * @access private Use elgg_get_session() |
|
40 | - */ |
|
41 | - public function __construct(SessionInterface $storage) { |
|
42 | - $this->storage = $storage; |
|
43 | - } |
|
44 | - |
|
45 | - /** |
|
46 | - * Start the session |
|
47 | - * |
|
48 | - * @return boolean |
|
49 | - * @throws RuntimeException If session fails to start. |
|
50 | - * @since 1.9 |
|
51 | - */ |
|
52 | - public function start() { |
|
53 | - $result = $this->storage->start(); |
|
54 | - $this->generateSessionToken(); |
|
55 | - return $result; |
|
56 | - } |
|
57 | - |
|
58 | - /** |
|
59 | - * Migrates the session to a new session id while maintaining session attributes |
|
60 | - * |
|
61 | - * @param boolean $destroy Whether to delete the session or let gc handle clean up |
|
62 | - * @return boolean |
|
63 | - * @since 1.9 |
|
64 | - */ |
|
65 | - public function migrate($destroy = false) { |
|
66 | - return $this->storage->migrate($destroy); |
|
67 | - } |
|
68 | - |
|
69 | - /** |
|
70 | - * Invalidates the session |
|
71 | - * |
|
72 | - * Deletes session data and session persistence. Starts a new session. |
|
73 | - * |
|
74 | - * @return boolean |
|
75 | - * @since 1.9 |
|
76 | - */ |
|
77 | - public function invalidate() { |
|
78 | - $this->storage->clear(); |
|
79 | - $this->logged_in_user = null; |
|
80 | - $result = $this->migrate(true); |
|
81 | - $this->generateSessionToken(); |
|
82 | - return $result; |
|
83 | - } |
|
84 | - |
|
85 | - /** |
|
86 | - * Has the session been started |
|
87 | - * |
|
88 | - * @return boolean |
|
89 | - * @since 1.9 |
|
90 | - */ |
|
91 | - public function isStarted() { |
|
92 | - return $this->storage->isStarted(); |
|
93 | - } |
|
94 | - |
|
95 | - /** |
|
96 | - * Get the session ID |
|
97 | - * |
|
98 | - * @return string |
|
99 | - * @since 1.9 |
|
100 | - */ |
|
101 | - public function getId() { |
|
102 | - return $this->storage->getId(); |
|
103 | - } |
|
104 | - |
|
105 | - /** |
|
106 | - * Set the session ID |
|
107 | - * |
|
108 | - * @param string $id Session ID |
|
109 | - * @return void |
|
110 | - * @since 1.9 |
|
111 | - */ |
|
112 | - public function setId($id) { |
|
113 | - $this->storage->setId($id); |
|
114 | - } |
|
115 | - |
|
116 | - /** |
|
117 | - * Get the session name |
|
118 | - * |
|
119 | - * @return string |
|
120 | - * @since 1.9 |
|
121 | - */ |
|
122 | - public function getName() { |
|
123 | - return $this->storage->getName(); |
|
124 | - } |
|
125 | - |
|
126 | - /** |
|
127 | - * Set the session name |
|
128 | - * |
|
129 | - * @param string $name Session name |
|
130 | - * @return void |
|
131 | - * @since 1.9 |
|
132 | - */ |
|
133 | - public function setName($name) { |
|
134 | - $this->storage->setName($name); |
|
135 | - } |
|
136 | - |
|
137 | - /** |
|
138 | - * Get an attribute of the session |
|
139 | - * |
|
140 | - * @param string $name Name of the attribute to get |
|
141 | - * @param mixed $default Value to return if attribute is not set (default is null) |
|
142 | - * @return mixed |
|
143 | - */ |
|
144 | - public function get($name, $default = null) { |
|
145 | - return $this->storage->get($name, $default); |
|
146 | - } |
|
147 | - |
|
148 | - /** |
|
149 | - * Set an attribute |
|
150 | - * |
|
151 | - * @param string $name Name of the attribute to set |
|
152 | - * @param mixed $value Value to be set |
|
153 | - * @return void |
|
154 | - */ |
|
155 | - public function set($name, $value) { |
|
156 | - $this->storage->set($name, $value); |
|
157 | - } |
|
158 | - |
|
159 | - /** |
|
160 | - * Remove an attribute |
|
161 | - * |
|
162 | - * @param string $name The name of the attribute to remove |
|
163 | - * @return mixed The removed attribute |
|
164 | - * @since 1.9 |
|
165 | - */ |
|
166 | - public function remove($name) { |
|
167 | - return $this->storage->remove($name); |
|
168 | - } |
|
169 | - |
|
170 | - /** |
|
171 | - * Has the attribute been defined |
|
172 | - * |
|
173 | - * @param string $name Name of the attribute |
|
174 | - * @return bool |
|
175 | - * @since 1.9 |
|
176 | - */ |
|
177 | - public function has($name) { |
|
178 | - return $this->storage->has($name); |
|
179 | - } |
|
180 | - |
|
181 | - /** |
|
182 | - * Sets the logged in user |
|
183 | - * |
|
184 | - * @param \ElggUser $user The user who is logged in |
|
185 | - * @return void |
|
186 | - * @since 1.9 |
|
187 | - */ |
|
188 | - public function setLoggedInUser(\ElggUser $user) { |
|
189 | - $current_user = $this->getLoggedInUser(); |
|
190 | - if ($current_user != $user) { |
|
191 | - $this->set('guid', $user->guid); |
|
192 | - $this->logged_in_user = $user; |
|
193 | - _elgg_services()->entityCache->clear(); |
|
194 | - } |
|
195 | - } |
|
196 | - |
|
197 | - /** |
|
198 | - * Gets the logged in user |
|
199 | - * |
|
200 | - * @return \ElggUser|null |
|
201 | - * @since 1.9 |
|
202 | - */ |
|
203 | - public function getLoggedInUser() { |
|
204 | - return $this->logged_in_user; |
|
205 | - } |
|
206 | - |
|
207 | - /** |
|
208 | - * Return the current logged in user by guid. |
|
209 | - * |
|
210 | - * @see elgg_get_logged_in_user_entity() |
|
211 | - * @return int |
|
212 | - */ |
|
213 | - public function getLoggedInUserGuid() { |
|
214 | - $user = $this->getLoggedInUser(); |
|
215 | - return $user ? $user->guid : 0; |
|
216 | - } |
|
20 | + /** |
|
21 | + * @var SessionInterface |
|
22 | + */ |
|
23 | + protected $storage; |
|
24 | + |
|
25 | + /** |
|
26 | + * @var \ElggUser|null |
|
27 | + */ |
|
28 | + protected $logged_in_user; |
|
29 | + |
|
30 | + /** |
|
31 | + * @var bool |
|
32 | + */ |
|
33 | + protected $ignore_access = false; |
|
34 | + |
|
35 | + /** |
|
36 | + * Constructor |
|
37 | + * |
|
38 | + * @param SessionInterface $storage The underlying Session implementation |
|
39 | + * @access private Use elgg_get_session() |
|
40 | + */ |
|
41 | + public function __construct(SessionInterface $storage) { |
|
42 | + $this->storage = $storage; |
|
43 | + } |
|
44 | + |
|
45 | + /** |
|
46 | + * Start the session |
|
47 | + * |
|
48 | + * @return boolean |
|
49 | + * @throws RuntimeException If session fails to start. |
|
50 | + * @since 1.9 |
|
51 | + */ |
|
52 | + public function start() { |
|
53 | + $result = $this->storage->start(); |
|
54 | + $this->generateSessionToken(); |
|
55 | + return $result; |
|
56 | + } |
|
57 | + |
|
58 | + /** |
|
59 | + * Migrates the session to a new session id while maintaining session attributes |
|
60 | + * |
|
61 | + * @param boolean $destroy Whether to delete the session or let gc handle clean up |
|
62 | + * @return boolean |
|
63 | + * @since 1.9 |
|
64 | + */ |
|
65 | + public function migrate($destroy = false) { |
|
66 | + return $this->storage->migrate($destroy); |
|
67 | + } |
|
68 | + |
|
69 | + /** |
|
70 | + * Invalidates the session |
|
71 | + * |
|
72 | + * Deletes session data and session persistence. Starts a new session. |
|
73 | + * |
|
74 | + * @return boolean |
|
75 | + * @since 1.9 |
|
76 | + */ |
|
77 | + public function invalidate() { |
|
78 | + $this->storage->clear(); |
|
79 | + $this->logged_in_user = null; |
|
80 | + $result = $this->migrate(true); |
|
81 | + $this->generateSessionToken(); |
|
82 | + return $result; |
|
83 | + } |
|
84 | + |
|
85 | + /** |
|
86 | + * Has the session been started |
|
87 | + * |
|
88 | + * @return boolean |
|
89 | + * @since 1.9 |
|
90 | + */ |
|
91 | + public function isStarted() { |
|
92 | + return $this->storage->isStarted(); |
|
93 | + } |
|
94 | + |
|
95 | + /** |
|
96 | + * Get the session ID |
|
97 | + * |
|
98 | + * @return string |
|
99 | + * @since 1.9 |
|
100 | + */ |
|
101 | + public function getId() { |
|
102 | + return $this->storage->getId(); |
|
103 | + } |
|
104 | + |
|
105 | + /** |
|
106 | + * Set the session ID |
|
107 | + * |
|
108 | + * @param string $id Session ID |
|
109 | + * @return void |
|
110 | + * @since 1.9 |
|
111 | + */ |
|
112 | + public function setId($id) { |
|
113 | + $this->storage->setId($id); |
|
114 | + } |
|
115 | + |
|
116 | + /** |
|
117 | + * Get the session name |
|
118 | + * |
|
119 | + * @return string |
|
120 | + * @since 1.9 |
|
121 | + */ |
|
122 | + public function getName() { |
|
123 | + return $this->storage->getName(); |
|
124 | + } |
|
125 | + |
|
126 | + /** |
|
127 | + * Set the session name |
|
128 | + * |
|
129 | + * @param string $name Session name |
|
130 | + * @return void |
|
131 | + * @since 1.9 |
|
132 | + */ |
|
133 | + public function setName($name) { |
|
134 | + $this->storage->setName($name); |
|
135 | + } |
|
136 | + |
|
137 | + /** |
|
138 | + * Get an attribute of the session |
|
139 | + * |
|
140 | + * @param string $name Name of the attribute to get |
|
141 | + * @param mixed $default Value to return if attribute is not set (default is null) |
|
142 | + * @return mixed |
|
143 | + */ |
|
144 | + public function get($name, $default = null) { |
|
145 | + return $this->storage->get($name, $default); |
|
146 | + } |
|
147 | + |
|
148 | + /** |
|
149 | + * Set an attribute |
|
150 | + * |
|
151 | + * @param string $name Name of the attribute to set |
|
152 | + * @param mixed $value Value to be set |
|
153 | + * @return void |
|
154 | + */ |
|
155 | + public function set($name, $value) { |
|
156 | + $this->storage->set($name, $value); |
|
157 | + } |
|
158 | + |
|
159 | + /** |
|
160 | + * Remove an attribute |
|
161 | + * |
|
162 | + * @param string $name The name of the attribute to remove |
|
163 | + * @return mixed The removed attribute |
|
164 | + * @since 1.9 |
|
165 | + */ |
|
166 | + public function remove($name) { |
|
167 | + return $this->storage->remove($name); |
|
168 | + } |
|
169 | + |
|
170 | + /** |
|
171 | + * Has the attribute been defined |
|
172 | + * |
|
173 | + * @param string $name Name of the attribute |
|
174 | + * @return bool |
|
175 | + * @since 1.9 |
|
176 | + */ |
|
177 | + public function has($name) { |
|
178 | + return $this->storage->has($name); |
|
179 | + } |
|
180 | + |
|
181 | + /** |
|
182 | + * Sets the logged in user |
|
183 | + * |
|
184 | + * @param \ElggUser $user The user who is logged in |
|
185 | + * @return void |
|
186 | + * @since 1.9 |
|
187 | + */ |
|
188 | + public function setLoggedInUser(\ElggUser $user) { |
|
189 | + $current_user = $this->getLoggedInUser(); |
|
190 | + if ($current_user != $user) { |
|
191 | + $this->set('guid', $user->guid); |
|
192 | + $this->logged_in_user = $user; |
|
193 | + _elgg_services()->entityCache->clear(); |
|
194 | + } |
|
195 | + } |
|
196 | + |
|
197 | + /** |
|
198 | + * Gets the logged in user |
|
199 | + * |
|
200 | + * @return \ElggUser|null |
|
201 | + * @since 1.9 |
|
202 | + */ |
|
203 | + public function getLoggedInUser() { |
|
204 | + return $this->logged_in_user; |
|
205 | + } |
|
206 | + |
|
207 | + /** |
|
208 | + * Return the current logged in user by guid. |
|
209 | + * |
|
210 | + * @see elgg_get_logged_in_user_entity() |
|
211 | + * @return int |
|
212 | + */ |
|
213 | + public function getLoggedInUserGuid() { |
|
214 | + $user = $this->getLoggedInUser(); |
|
215 | + return $user ? $user->guid : 0; |
|
216 | + } |
|
217 | 217 | |
218 | - /** |
|
219 | - * Returns whether or not the viewer is currently logged in and an admin user. |
|
220 | - * |
|
221 | - * @return bool |
|
222 | - */ |
|
223 | - public function isAdminLoggedIn() { |
|
224 | - $user = $this->getLoggedInUser(); |
|
218 | + /** |
|
219 | + * Returns whether or not the viewer is currently logged in and an admin user. |
|
220 | + * |
|
221 | + * @return bool |
|
222 | + */ |
|
223 | + public function isAdminLoggedIn() { |
|
224 | + $user = $this->getLoggedInUser(); |
|
225 | 225 | |
226 | - return $user && $user->isAdmin(); |
|
227 | - } |
|
226 | + return $user && $user->isAdmin(); |
|
227 | + } |
|
228 | 228 | |
229 | - /** |
|
230 | - * Returns whether or not the user is currently logged in |
|
231 | - * |
|
232 | - * @return bool |
|
233 | - */ |
|
234 | - public function isLoggedIn() { |
|
235 | - return (bool) $this->getLoggedInUser(); |
|
236 | - } |
|
237 | - |
|
238 | - /** |
|
239 | - * Remove the logged in user |
|
240 | - * |
|
241 | - * @return void |
|
242 | - * @since 1.9 |
|
243 | - */ |
|
244 | - public function removeLoggedInUser() { |
|
245 | - $this->logged_in_user = null; |
|
246 | - $this->remove('guid'); |
|
247 | - _elgg_services()->entityCache->clear(); |
|
248 | - } |
|
249 | - |
|
250 | - /** |
|
251 | - * Get current ignore access setting. |
|
252 | - * |
|
253 | - * @return bool |
|
254 | - */ |
|
255 | - public function getIgnoreAccess() { |
|
256 | - return $this->ignore_access; |
|
257 | - } |
|
258 | - |
|
259 | - /** |
|
260 | - * Set ignore access. |
|
261 | - * |
|
262 | - * @param bool $ignore Ignore access |
|
263 | - * |
|
264 | - * @return bool Previous setting |
|
265 | - */ |
|
266 | - public function setIgnoreAccess($ignore = true) { |
|
267 | - _elgg_services()->accessCache->clear(); |
|
268 | - |
|
269 | - $prev = $this->ignore_access; |
|
270 | - $this->ignore_access = $ignore; |
|
271 | - |
|
272 | - return $prev; |
|
273 | - } |
|
274 | - |
|
275 | - /** |
|
276 | - * Adds a token to the session |
|
277 | - * |
|
278 | - * This is used in creation of CSRF token, and is passed to the client to allow validating tokens |
|
279 | - * later, even if the PHP session was destroyed. |
|
280 | - * |
|
281 | - * @return void |
|
282 | - */ |
|
283 | - protected function generateSessionToken() { |
|
284 | - // Generate a simple token that we store server side |
|
285 | - if (!$this->has('__elgg_session')) { |
|
286 | - $this->set('__elgg_session', _elgg_services()->crypto->getRandomString(22)); |
|
287 | - } |
|
288 | - } |
|
289 | - |
|
290 | - /** |
|
291 | - * Get an isolated ElggSession that does not persist between requests |
|
292 | - * |
|
293 | - * @return self |
|
294 | - */ |
|
295 | - public static function getMock() { |
|
296 | - $storage = new MockArraySessionStorage(); |
|
297 | - $session = new Session($storage); |
|
298 | - return new self($session); |
|
299 | - } |
|
300 | - |
|
301 | - /** |
|
302 | - * Create a session stored in the DB. |
|
303 | - * |
|
304 | - * @param Config $config Config |
|
305 | - * @param Database $db Database |
|
306 | - * |
|
307 | - * @return ElggSession |
|
308 | - */ |
|
309 | - public static function fromDatabase(Config $config, Database $db) { |
|
310 | - $params = $config->getCookieConfig()['session']; |
|
311 | - $options = [ |
|
312 | - // session.cache_limiter is unfortunately set to "" by the NativeSessionStorage |
|
313 | - // constructor, so we must capture and inject it directly. |
|
314 | - 'cache_limiter' => session_cache_limiter(), |
|
315 | - |
|
316 | - 'name' => $params['name'], |
|
317 | - 'cookie_path' => $params['path'], |
|
318 | - 'cookie_domain' => $params['domain'], |
|
319 | - 'cookie_secure' => $params['secure'], |
|
320 | - 'cookie_httponly' => $params['httponly'], |
|
321 | - 'cookie_lifetime' => $params['lifetime'], |
|
322 | - ]; |
|
323 | - |
|
324 | - $handler = new DatabaseSessionHandler($db); |
|
325 | - $storage = new NativeSessionStorage($options, $handler); |
|
326 | - $session = new Session($storage); |
|
327 | - return new self($session); |
|
328 | - } |
|
329 | - |
|
330 | - /** |
|
331 | - * Create a session stored in files |
|
332 | - * |
|
333 | - * @param Config $config Config |
|
334 | - * |
|
335 | - * @return ElggSession |
|
336 | - */ |
|
337 | - public static function fromFiles(Config $config) { |
|
338 | - $params = $config->getCookieConfig()['session']; |
|
339 | - $options = [ |
|
340 | - // session.cache_limiter is unfortunately set to "" by the NativeSessionStorage |
|
341 | - // constructor, so we must capture and inject it directly. |
|
342 | - 'cache_limiter' => session_cache_limiter(), |
|
343 | - |
|
344 | - 'name' => $params['name'], |
|
345 | - 'cookie_path' => $params['path'], |
|
346 | - 'cookie_domain' => $params['domain'], |
|
347 | - 'cookie_secure' => $params['secure'], |
|
348 | - 'cookie_httponly' => $params['httponly'], |
|
349 | - 'cookie_lifetime' => $params['lifetime'], |
|
350 | - ]; |
|
351 | - |
|
352 | - $storage = new NativeSessionStorage($options); |
|
353 | - $session = new Session($storage); |
|
354 | - return new self($session); |
|
355 | - } |
|
229 | + /** |
|
230 | + * Returns whether or not the user is currently logged in |
|
231 | + * |
|
232 | + * @return bool |
|
233 | + */ |
|
234 | + public function isLoggedIn() { |
|
235 | + return (bool) $this->getLoggedInUser(); |
|
236 | + } |
|
237 | + |
|
238 | + /** |
|
239 | + * Remove the logged in user |
|
240 | + * |
|
241 | + * @return void |
|
242 | + * @since 1.9 |
|
243 | + */ |
|
244 | + public function removeLoggedInUser() { |
|
245 | + $this->logged_in_user = null; |
|
246 | + $this->remove('guid'); |
|
247 | + _elgg_services()->entityCache->clear(); |
|
248 | + } |
|
249 | + |
|
250 | + /** |
|
251 | + * Get current ignore access setting. |
|
252 | + * |
|
253 | + * @return bool |
|
254 | + */ |
|
255 | + public function getIgnoreAccess() { |
|
256 | + return $this->ignore_access; |
|
257 | + } |
|
258 | + |
|
259 | + /** |
|
260 | + * Set ignore access. |
|
261 | + * |
|
262 | + * @param bool $ignore Ignore access |
|
263 | + * |
|
264 | + * @return bool Previous setting |
|
265 | + */ |
|
266 | + public function setIgnoreAccess($ignore = true) { |
|
267 | + _elgg_services()->accessCache->clear(); |
|
268 | + |
|
269 | + $prev = $this->ignore_access; |
|
270 | + $this->ignore_access = $ignore; |
|
271 | + |
|
272 | + return $prev; |
|
273 | + } |
|
274 | + |
|
275 | + /** |
|
276 | + * Adds a token to the session |
|
277 | + * |
|
278 | + * This is used in creation of CSRF token, and is passed to the client to allow validating tokens |
|
279 | + * later, even if the PHP session was destroyed. |
|
280 | + * |
|
281 | + * @return void |
|
282 | + */ |
|
283 | + protected function generateSessionToken() { |
|
284 | + // Generate a simple token that we store server side |
|
285 | + if (!$this->has('__elgg_session')) { |
|
286 | + $this->set('__elgg_session', _elgg_services()->crypto->getRandomString(22)); |
|
287 | + } |
|
288 | + } |
|
289 | + |
|
290 | + /** |
|
291 | + * Get an isolated ElggSession that does not persist between requests |
|
292 | + * |
|
293 | + * @return self |
|
294 | + */ |
|
295 | + public static function getMock() { |
|
296 | + $storage = new MockArraySessionStorage(); |
|
297 | + $session = new Session($storage); |
|
298 | + return new self($session); |
|
299 | + } |
|
300 | + |
|
301 | + /** |
|
302 | + * Create a session stored in the DB. |
|
303 | + * |
|
304 | + * @param Config $config Config |
|
305 | + * @param Database $db Database |
|
306 | + * |
|
307 | + * @return ElggSession |
|
308 | + */ |
|
309 | + public static function fromDatabase(Config $config, Database $db) { |
|
310 | + $params = $config->getCookieConfig()['session']; |
|
311 | + $options = [ |
|
312 | + // session.cache_limiter is unfortunately set to "" by the NativeSessionStorage |
|
313 | + // constructor, so we must capture and inject it directly. |
|
314 | + 'cache_limiter' => session_cache_limiter(), |
|
315 | + |
|
316 | + 'name' => $params['name'], |
|
317 | + 'cookie_path' => $params['path'], |
|
318 | + 'cookie_domain' => $params['domain'], |
|
319 | + 'cookie_secure' => $params['secure'], |
|
320 | + 'cookie_httponly' => $params['httponly'], |
|
321 | + 'cookie_lifetime' => $params['lifetime'], |
|
322 | + ]; |
|
323 | + |
|
324 | + $handler = new DatabaseSessionHandler($db); |
|
325 | + $storage = new NativeSessionStorage($options, $handler); |
|
326 | + $session = new Session($storage); |
|
327 | + return new self($session); |
|
328 | + } |
|
329 | + |
|
330 | + /** |
|
331 | + * Create a session stored in files |
|
332 | + * |
|
333 | + * @param Config $config Config |
|
334 | + * |
|
335 | + * @return ElggSession |
|
336 | + */ |
|
337 | + public static function fromFiles(Config $config) { |
|
338 | + $params = $config->getCookieConfig()['session']; |
|
339 | + $options = [ |
|
340 | + // session.cache_limiter is unfortunately set to "" by the NativeSessionStorage |
|
341 | + // constructor, so we must capture and inject it directly. |
|
342 | + 'cache_limiter' => session_cache_limiter(), |
|
343 | + |
|
344 | + 'name' => $params['name'], |
|
345 | + 'cookie_path' => $params['path'], |
|
346 | + 'cookie_domain' => $params['domain'], |
|
347 | + 'cookie_secure' => $params['secure'], |
|
348 | + 'cookie_httponly' => $params['httponly'], |
|
349 | + 'cookie_lifetime' => $params['lifetime'], |
|
350 | + ]; |
|
351 | + |
|
352 | + $storage = new NativeSessionStorage($options); |
|
353 | + $session = new Session($storage); |
|
354 | + return new self($session); |
|
355 | + } |
|
356 | 356 | } |
@@ -10,252 +10,252 @@ |
||
10 | 10 | * Test if URL rewriting is working. |
11 | 11 | */ |
12 | 12 | class ElggRewriteTester { |
13 | - protected $webserver; |
|
14 | - protected $serverSupportsRemoteRead; |
|
15 | - protected $rewriteTestPassed; |
|
16 | - protected $htaccessIssue; |
|
13 | + protected $webserver; |
|
14 | + protected $serverSupportsRemoteRead; |
|
15 | + protected $rewriteTestPassed; |
|
16 | + protected $htaccessIssue; |
|
17 | 17 | |
18 | - /** |
|
19 | - * Set the webserver as unknown. |
|
20 | - */ |
|
21 | - public function __construct() { |
|
22 | - $this->webserver = 'unknown'; |
|
23 | - } |
|
18 | + /** |
|
19 | + * Set the webserver as unknown. |
|
20 | + */ |
|
21 | + public function __construct() { |
|
22 | + $this->webserver = 'unknown'; |
|
23 | + } |
|
24 | 24 | |
25 | - /** |
|
26 | - * Run the rewrite test and return a status array |
|
27 | - * |
|
28 | - * @param string $url URL of rewrite test |
|
29 | - * @param string $path Root directory of Elgg with trailing slash |
|
30 | - * |
|
31 | - * @return array |
|
32 | - */ |
|
33 | - public function run($url, $path) { |
|
25 | + /** |
|
26 | + * Run the rewrite test and return a status array |
|
27 | + * |
|
28 | + * @param string $url URL of rewrite test |
|
29 | + * @param string $path Root directory of Elgg with trailing slash |
|
30 | + * |
|
31 | + * @return array |
|
32 | + */ |
|
33 | + public function run($url, $path) { |
|
34 | 34 | |
35 | - $this->webserver = \ElggRewriteTester::guessWebServer(); |
|
35 | + $this->webserver = \ElggRewriteTester::guessWebServer(); |
|
36 | 36 | |
37 | - $this->rewriteTestPassed = $this->runRewriteTest($url); |
|
37 | + $this->rewriteTestPassed = $this->runRewriteTest($url); |
|
38 | 38 | |
39 | - if ($this->rewriteTestPassed == false) { |
|
40 | - if ($this->webserver == 'apache' || $this->webserver == 'unknown') { |
|
41 | - if ($this->createHtaccess($url, $path)) { |
|
42 | - $this->rewriteTestPassed = $this->runRewriteTest($url); |
|
43 | - } |
|
44 | - } |
|
45 | - } |
|
39 | + if ($this->rewriteTestPassed == false) { |
|
40 | + if ($this->webserver == 'apache' || $this->webserver == 'unknown') { |
|
41 | + if ($this->createHtaccess($url, $path)) { |
|
42 | + $this->rewriteTestPassed = $this->runRewriteTest($url); |
|
43 | + } |
|
44 | + } |
|
45 | + } |
|
46 | 46 | |
47 | - return $this->returnStatus($url); |
|
48 | - } |
|
47 | + return $this->returnStatus($url); |
|
48 | + } |
|
49 | 49 | |
50 | - /** |
|
51 | - * Guess the web server from $_SERVER['SERVER_SOFTWARE'] |
|
52 | - * |
|
53 | - * @return string |
|
54 | - */ |
|
55 | - public static function guessWebServer() { |
|
56 | - $serverString = strtolower($_SERVER['SERVER_SOFTWARE']); |
|
57 | - $possibleServers = ['apache', 'nginx', 'lighttpd', 'iis']; |
|
58 | - foreach ($possibleServers as $server) { |
|
59 | - if (strpos($serverString, $server) !== false) { |
|
60 | - return $server; |
|
61 | - } |
|
62 | - } |
|
63 | - return 'unknown'; |
|
64 | - } |
|
50 | + /** |
|
51 | + * Guess the web server from $_SERVER['SERVER_SOFTWARE'] |
|
52 | + * |
|
53 | + * @return string |
|
54 | + */ |
|
55 | + public static function guessWebServer() { |
|
56 | + $serverString = strtolower($_SERVER['SERVER_SOFTWARE']); |
|
57 | + $possibleServers = ['apache', 'nginx', 'lighttpd', 'iis']; |
|
58 | + foreach ($possibleServers as $server) { |
|
59 | + if (strpos($serverString, $server) !== false) { |
|
60 | + return $server; |
|
61 | + } |
|
62 | + } |
|
63 | + return 'unknown'; |
|
64 | + } |
|
65 | 65 | |
66 | - /** |
|
67 | - * Guess if url contains subdirectory or not. |
|
68 | - * |
|
69 | - * @param string $url Rewrite test URL |
|
70 | - * |
|
71 | - * @return string|bool Subdirectory string with beginning and trailing slash or false if were unable to determine subdirectory |
|
72 | - * or pointing at root of domain already |
|
73 | - */ |
|
74 | - public function guessSubdirectory($url) { |
|
75 | - $elements = parse_url($url); |
|
76 | - if (!$elements || !isset($elements['path'])) { |
|
77 | - return false; |
|
78 | - } |
|
79 | - $subdir = trim(dirname($elements['path']), '/'); |
|
80 | - if (!$subdir) { |
|
81 | - return false; |
|
82 | - } else { |
|
83 | - return "/$subdir/"; |
|
84 | - } |
|
85 | - } |
|
66 | + /** |
|
67 | + * Guess if url contains subdirectory or not. |
|
68 | + * |
|
69 | + * @param string $url Rewrite test URL |
|
70 | + * |
|
71 | + * @return string|bool Subdirectory string with beginning and trailing slash or false if were unable to determine subdirectory |
|
72 | + * or pointing at root of domain already |
|
73 | + */ |
|
74 | + public function guessSubdirectory($url) { |
|
75 | + $elements = parse_url($url); |
|
76 | + if (!$elements || !isset($elements['path'])) { |
|
77 | + return false; |
|
78 | + } |
|
79 | + $subdir = trim(dirname($elements['path']), '/'); |
|
80 | + if (!$subdir) { |
|
81 | + return false; |
|
82 | + } else { |
|
83 | + return "/$subdir/"; |
|
84 | + } |
|
85 | + } |
|
86 | 86 | |
87 | - /** |
|
88 | - * Hit the rewrite test URL to determine if the rewrite rules are working |
|
89 | - * |
|
90 | - * @param string $url Rewrite test URL |
|
91 | - * |
|
92 | - * @return bool |
|
93 | - */ |
|
94 | - public function runRewriteTest($url) { |
|
95 | - $this->serverSupportsRemoteRead = ($this->fetchUrl($url) === Request::REWRITE_TEST_OUTPUT); |
|
96 | - return $this->serverSupportsRemoteRead; |
|
97 | - } |
|
87 | + /** |
|
88 | + * Hit the rewrite test URL to determine if the rewrite rules are working |
|
89 | + * |
|
90 | + * @param string $url Rewrite test URL |
|
91 | + * |
|
92 | + * @return bool |
|
93 | + */ |
|
94 | + public function runRewriteTest($url) { |
|
95 | + $this->serverSupportsRemoteRead = ($this->fetchUrl($url) === Request::REWRITE_TEST_OUTPUT); |
|
96 | + return $this->serverSupportsRemoteRead; |
|
97 | + } |
|
98 | 98 | |
99 | - /** |
|
100 | - * Check whether the site homepage can be fetched via curl |
|
101 | - * |
|
102 | - * @return boolean |
|
103 | - */ |
|
104 | - public function runLocalhostAccessTest() { |
|
105 | - $url = _elgg_config()->wwwroot; |
|
106 | - return (bool) $this->fetchUrl($url); |
|
107 | - } |
|
99 | + /** |
|
100 | + * Check whether the site homepage can be fetched via curl |
|
101 | + * |
|
102 | + * @return boolean |
|
103 | + */ |
|
104 | + public function runLocalhostAccessTest() { |
|
105 | + $url = _elgg_config()->wwwroot; |
|
106 | + return (bool) $this->fetchUrl($url); |
|
107 | + } |
|
108 | 108 | |
109 | - /** |
|
110 | - * Fetch a URL |
|
111 | - * |
|
112 | - * @param string $url The URL |
|
113 | - * |
|
114 | - * @return string Note that empty string may imply failure in fetching or empty response |
|
115 | - */ |
|
116 | - private function fetchUrl($url) { |
|
117 | - $response = ''; |
|
109 | + /** |
|
110 | + * Fetch a URL |
|
111 | + * |
|
112 | + * @param string $url The URL |
|
113 | + * |
|
114 | + * @return string Note that empty string may imply failure in fetching or empty response |
|
115 | + */ |
|
116 | + private function fetchUrl($url) { |
|
117 | + $response = ''; |
|
118 | 118 | |
119 | - if (ini_get('allow_url_fopen')) { |
|
120 | - $ctx = stream_context_create([ |
|
121 | - 'http' => [ |
|
122 | - 'follow_location' => 0, |
|
123 | - 'timeout' => 5, |
|
124 | - ], |
|
125 | - ]); |
|
126 | - $response = @file_get_contents($url, null, $ctx); |
|
127 | - } |
|
119 | + if (ini_get('allow_url_fopen')) { |
|
120 | + $ctx = stream_context_create([ |
|
121 | + 'http' => [ |
|
122 | + 'follow_location' => 0, |
|
123 | + 'timeout' => 5, |
|
124 | + ], |
|
125 | + ]); |
|
126 | + $response = @file_get_contents($url, null, $ctx); |
|
127 | + } |
|
128 | 128 | |
129 | - if (!$response && function_exists('curl_init')) { |
|
130 | - $ch = curl_init(); |
|
131 | - curl_setopt($ch, CURLOPT_URL, $url); |
|
132 | - curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); |
|
133 | - curl_setopt($ch, CURLOPT_TIMEOUT, 5); |
|
134 | - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); |
|
135 | - $response = curl_exec($ch); |
|
136 | - curl_close($ch); |
|
137 | - } |
|
129 | + if (!$response && function_exists('curl_init')) { |
|
130 | + $ch = curl_init(); |
|
131 | + curl_setopt($ch, CURLOPT_URL, $url); |
|
132 | + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); |
|
133 | + curl_setopt($ch, CURLOPT_TIMEOUT, 5); |
|
134 | + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); |
|
135 | + $response = curl_exec($ch); |
|
136 | + curl_close($ch); |
|
137 | + } |
|
138 | 138 | |
139 | - return (string) $response; |
|
140 | - } |
|
139 | + return (string) $response; |
|
140 | + } |
|
141 | 141 | |
142 | - /** |
|
143 | - * Create Elgg's .htaccess file or confirm that it exists |
|
144 | - * |
|
145 | - * @param string $url URL of rewrite test |
|
146 | - * |
|
147 | - * @return bool |
|
148 | - */ |
|
149 | - public function createHtaccess($url) { |
|
150 | - $root = Directory\Local::projectRoot(); |
|
151 | - $file = $root->getFile(".htaccess"); |
|
142 | + /** |
|
143 | + * Create Elgg's .htaccess file or confirm that it exists |
|
144 | + * |
|
145 | + * @param string $url URL of rewrite test |
|
146 | + * |
|
147 | + * @return bool |
|
148 | + */ |
|
149 | + public function createHtaccess($url) { |
|
150 | + $root = Directory\Local::projectRoot(); |
|
151 | + $file = $root->getFile(".htaccess"); |
|
152 | 152 | |
153 | - if ($file->exists()) { |
|
154 | - // check that this is the Elgg .htaccess |
|
155 | - $data = $file->getContents(); |
|
156 | - if ($data === false) { |
|
157 | - // don't have permission to read the file |
|
158 | - $this->htaccessIssue = 'read_permission'; |
|
159 | - return false; |
|
160 | - } |
|
153 | + if ($file->exists()) { |
|
154 | + // check that this is the Elgg .htaccess |
|
155 | + $data = $file->getContents(); |
|
156 | + if ($data === false) { |
|
157 | + // don't have permission to read the file |
|
158 | + $this->htaccessIssue = 'read_permission'; |
|
159 | + return false; |
|
160 | + } |
|
161 | 161 | |
162 | - if (strpos($data, 'Elgg') === false) { |
|
163 | - $this->htaccessIssue = 'non_elgg_htaccess'; |
|
164 | - return false; |
|
165 | - } |
|
162 | + if (strpos($data, 'Elgg') === false) { |
|
163 | + $this->htaccessIssue = 'non_elgg_htaccess'; |
|
164 | + return false; |
|
165 | + } |
|
166 | 166 | |
167 | - // check if this is an old Elgg htaccess |
|
168 | - if (strpos($data, 'RewriteRule ^rewrite.php$ install.php') == false) { |
|
169 | - $this->htaccessIssue = 'old_elgg_htaccess'; |
|
170 | - return false; |
|
171 | - } |
|
172 | - return true; |
|
173 | - } |
|
167 | + // check if this is an old Elgg htaccess |
|
168 | + if (strpos($data, 'RewriteRule ^rewrite.php$ install.php') == false) { |
|
169 | + $this->htaccessIssue = 'old_elgg_htaccess'; |
|
170 | + return false; |
|
171 | + } |
|
172 | + return true; |
|
173 | + } |
|
174 | 174 | |
175 | - if (!is_writable($root->getPath())) { |
|
176 | - $this->htaccessIssue = 'write_permission'; |
|
177 | - return false; |
|
178 | - } |
|
175 | + if (!is_writable($root->getPath())) { |
|
176 | + $this->htaccessIssue = 'write_permission'; |
|
177 | + return false; |
|
178 | + } |
|
179 | 179 | |
180 | - // create the .htaccess file |
|
181 | - $result = copy(Paths::elgg() . "install/config/htaccess.dist", $file->getPath()); |
|
182 | - if (!$result) { |
|
183 | - $this->htaccessIssue = 'cannot_copy'; |
|
184 | - return false; |
|
185 | - } |
|
180 | + // create the .htaccess file |
|
181 | + $result = copy(Paths::elgg() . "install/config/htaccess.dist", $file->getPath()); |
|
182 | + if (!$result) { |
|
183 | + $this->htaccessIssue = 'cannot_copy'; |
|
184 | + return false; |
|
185 | + } |
|
186 | 186 | |
187 | - // does default RewriteBase work already? |
|
188 | - if (!$this->runRewriteTest($url)) { |
|
189 | - //try to rewrite to guessed subdirectory |
|
190 | - if ($subdir = $this->guessSubdirectory($url)) { |
|
191 | - $contents = $file->getContents(); |
|
192 | - $contents = preg_replace("/#RewriteBase \/(\r?\n)/", "RewriteBase $subdir\$1", $contents); |
|
193 | - if ($contents) { |
|
194 | - $file->putContents($contents); |
|
195 | - } |
|
196 | - } |
|
197 | - } |
|
187 | + // does default RewriteBase work already? |
|
188 | + if (!$this->runRewriteTest($url)) { |
|
189 | + //try to rewrite to guessed subdirectory |
|
190 | + if ($subdir = $this->guessSubdirectory($url)) { |
|
191 | + $contents = $file->getContents(); |
|
192 | + $contents = preg_replace("/#RewriteBase \/(\r?\n)/", "RewriteBase $subdir\$1", $contents); |
|
193 | + if ($contents) { |
|
194 | + $file->putContents($contents); |
|
195 | + } |
|
196 | + } |
|
197 | + } |
|
198 | 198 | |
199 | - return true; |
|
200 | - } |
|
199 | + return true; |
|
200 | + } |
|
201 | 201 | |
202 | - /** |
|
203 | - * Create the status array required by the ElggInstaller |
|
204 | - * |
|
205 | - * @param string $url Rewrite test URL |
|
206 | - * |
|
207 | - * @return array |
|
208 | - */ |
|
209 | - protected function returnStatus($url) { |
|
210 | - if ($this->rewriteTestPassed) { |
|
211 | - return [ |
|
212 | - 'severity' => 'pass', |
|
213 | - 'message' => _elgg_services()->translator->translate('install:check:rewrite:success'), |
|
214 | - ]; |
|
215 | - } |
|
202 | + /** |
|
203 | + * Create the status array required by the ElggInstaller |
|
204 | + * |
|
205 | + * @param string $url Rewrite test URL |
|
206 | + * |
|
207 | + * @return array |
|
208 | + */ |
|
209 | + protected function returnStatus($url) { |
|
210 | + if ($this->rewriteTestPassed) { |
|
211 | + return [ |
|
212 | + 'severity' => 'pass', |
|
213 | + 'message' => _elgg_services()->translator->translate('install:check:rewrite:success'), |
|
214 | + ]; |
|
215 | + } |
|
216 | 216 | |
217 | - if ($this->serverSupportsRemoteRead == false) { |
|
218 | - $msg = _elgg_services()->translator->translate('install:warning:rewrite:unknown', [$url]); |
|
219 | - $msg .= elgg_view('install/js_rewrite_check', ['url' => $url]); |
|
217 | + if ($this->serverSupportsRemoteRead == false) { |
|
218 | + $msg = _elgg_services()->translator->translate('install:warning:rewrite:unknown', [$url]); |
|
219 | + $msg .= elgg_view('install/js_rewrite_check', ['url' => $url]); |
|
220 | 220 | |
221 | - return [ |
|
222 | - 'severity' => 'warning', |
|
223 | - 'message' => $msg, |
|
224 | - ]; |
|
225 | - } |
|
221 | + return [ |
|
222 | + 'severity' => 'warning', |
|
223 | + 'message' => $msg, |
|
224 | + ]; |
|
225 | + } |
|
226 | 226 | |
227 | - if ($this->webserver == 'apache') { |
|
228 | - $serverString = _elgg_services()->translator->translate('install:error:rewrite:apache'); |
|
229 | - $msg = "$serverString\n\n"; |
|
230 | - if (!isset($this->htaccessIssue)) { |
|
231 | - $msg .= _elgg_services()->translator->translate('install:error:rewrite:allowoverride'); |
|
232 | - $msg .= elgg_view('install/js_rewrite_check', ['url' => $url]); |
|
227 | + if ($this->webserver == 'apache') { |
|
228 | + $serverString = _elgg_services()->translator->translate('install:error:rewrite:apache'); |
|
229 | + $msg = "$serverString\n\n"; |
|
230 | + if (!isset($this->htaccessIssue)) { |
|
231 | + $msg .= _elgg_services()->translator->translate('install:error:rewrite:allowoverride'); |
|
232 | + $msg .= elgg_view('install/js_rewrite_check', ['url' => $url]); |
|
233 | 233 | |
234 | - return [ |
|
235 | - 'severity' => 'warning', |
|
236 | - 'message' => $msg, |
|
237 | - ]; |
|
238 | - } |
|
239 | - $msg .= _elgg_services()->translator->translate("install:error:rewrite:htaccess:{$this->htaccessIssue}"); |
|
240 | - return [ |
|
241 | - 'severity' => 'warning', |
|
242 | - 'message' => $msg, |
|
243 | - ]; |
|
244 | - } |
|
234 | + return [ |
|
235 | + 'severity' => 'warning', |
|
236 | + 'message' => $msg, |
|
237 | + ]; |
|
238 | + } |
|
239 | + $msg .= _elgg_services()->translator->translate("install:error:rewrite:htaccess:{$this->htaccessIssue}"); |
|
240 | + return [ |
|
241 | + 'severity' => 'warning', |
|
242 | + 'message' => $msg, |
|
243 | + ]; |
|
244 | + } |
|
245 | 245 | |
246 | - if ($this->webserver != 'unknown') { |
|
247 | - $serverString = _elgg_services()->translator->translate("install:error:rewrite:{$this->webserver}"); |
|
248 | - $msg = "$serverString\n\n"; |
|
249 | - $msg .= _elgg_services()->translator->translate("install:error:rewrite:altserver"); |
|
250 | - return [ |
|
251 | - 'severity' => 'warning', |
|
252 | - 'message' => $msg, |
|
253 | - ]; |
|
254 | - } |
|
246 | + if ($this->webserver != 'unknown') { |
|
247 | + $serverString = _elgg_services()->translator->translate("install:error:rewrite:{$this->webserver}"); |
|
248 | + $msg = "$serverString\n\n"; |
|
249 | + $msg .= _elgg_services()->translator->translate("install:error:rewrite:altserver"); |
|
250 | + return [ |
|
251 | + 'severity' => 'warning', |
|
252 | + 'message' => $msg, |
|
253 | + ]; |
|
254 | + } |
|
255 | 255 | |
256 | - return [ |
|
257 | - 'severity' => 'warning', |
|
258 | - 'message' => _elgg_services()->translator->translate('install:error:rewrite:unknown'), |
|
259 | - ]; |
|
260 | - } |
|
256 | + return [ |
|
257 | + 'severity' => 'warning', |
|
258 | + 'message' => _elgg_services()->translator->translate('install:error:rewrite:unknown'), |
|
259 | + ]; |
|
260 | + } |
|
261 | 261 | } |