1 | <?php |
||||
2 | /** |
||||
3 | * Elgg groups plugin edit action. |
||||
4 | * |
||||
5 | * If editing an existing group, only the "group_guid" must be submitted. All other form |
||||
6 | * elements may be omitted and the corresponding data will be left as is. |
||||
7 | * |
||||
8 | * @package ElggGroups |
||||
9 | */ |
||||
10 | |||||
11 | elgg_make_sticky_form('groups'); |
||||
12 | |||||
13 | // Get group fields |
||||
14 | $input = []; |
||||
15 | foreach (elgg_get_config('group') as $shortname => $valuetype) { |
||||
16 | $value = get_input($shortname); |
||||
17 | |||||
18 | if ($value === null) { |
||||
19 | // only submitted fields should be updated |
||||
20 | continue; |
||||
21 | } |
||||
22 | |||||
23 | $input[$shortname] = $value; |
||||
24 | |||||
25 | // @todo treat profile fields as unescaped: don't filter, encode on output |
||||
26 | if (is_array($input[$shortname])) { |
||||
27 | array_walk_recursive($input[$shortname], function (&$v) { |
||||
28 | $v = elgg_html_decode($v); |
||||
29 | }); |
||||
30 | } else { |
||||
31 | $input[$shortname] = elgg_html_decode($input[$shortname]); |
||||
32 | } |
||||
33 | |||||
34 | if ($valuetype == 'tags') { |
||||
35 | $input[$shortname] = string_to_tag_array($input[$shortname]); |
||||
36 | } |
||||
37 | } |
||||
38 | |||||
39 | // only set if submitted |
||||
40 | $name = elgg_get_title_input('name', null); |
||||
41 | if ($name !== null) { |
||||
42 | $input['name'] = $name; |
||||
43 | } |
||||
44 | |||||
45 | $user = elgg_get_logged_in_user_entity(); |
||||
46 | |||||
47 | $group_guid = (int) get_input('group_guid'); |
||||
48 | |||||
49 | if ($group_guid) { |
||||
50 | $is_new_group = false; |
||||
51 | $group = get_entity($group_guid); |
||||
52 | if (!$group instanceof ElggGroup || !$group->canEdit()) { |
||||
53 | $error = elgg_echo('groups:cantedit'); |
||||
54 | return elgg_error_response($error); |
||||
55 | } |
||||
56 | } else { |
||||
57 | if (elgg_get_plugin_setting('limited_groups', 'groups') == 'yes' && !$user->isAdmin()) { |
||||
58 | $error = elgg_echo('groups:cantcreate'); |
||||
59 | return elgg_error_response($error); |
||||
60 | } |
||||
61 | |||||
62 | $container_guid = get_input('container_guid', $user->guid); |
||||
63 | $container = get_entity($container_guid); |
||||
64 | |||||
65 | if (!$container || !$container->canWriteToContainer($user->guid, 'group')) { |
||||
66 | $error = elgg_echo('groups:cantcreate'); |
||||
67 | return elgg_error_response($error); |
||||
68 | } |
||||
69 | |||||
70 | $is_new_group = true; |
||||
71 | $group = new ElggGroup(); |
||||
72 | $group->container_guid = $container->guid; |
||||
73 | } |
||||
74 | |||||
75 | // Assume we can edit or this is a new group |
||||
76 | foreach ($input as $shortname => $value) { |
||||
77 | if ($value === '' && !in_array($shortname, ['name', 'description'])) { |
||||
78 | // The group profile displays all profile fields that have a value. |
||||
79 | // We don't want to display fields with empty string value, so we |
||||
80 | // remove the metadata completely. |
||||
81 | $group->deleteMetadata($shortname); |
||||
82 | continue; |
||||
83 | } |
||||
84 | |||||
85 | $group->$shortname = $value; |
||||
86 | } |
||||
87 | |||||
88 | // Validate create |
||||
89 | if (!$group->name) { |
||||
90 | return elgg_error_response(elgg_echo('groups:notitle')); |
||||
91 | } |
||||
92 | |||||
93 | // Set group tool options (only pass along saved entities) |
||||
94 | $tool_entity = !$is_new_group ? $group : null; |
||||
95 | $tool_options = elgg_get_group_tool_options($tool_entity); |
||||
96 | if ($tool_options) { |
||||
97 | foreach ($tool_options as $group_option) { |
||||
98 | $option_toggle_name = $group_option->name . "_enable"; |
||||
99 | $value = get_input($option_toggle_name); |
||||
100 | if ($value === null) { |
||||
101 | continue; |
||||
102 | } |
||||
103 | |||||
104 | if ($value === 'yes') { |
||||
105 | $group->enableTool($group_option->name); |
||||
106 | } else { |
||||
107 | $group->disableTool($group_option->name); |
||||
108 | } |
||||
109 | } |
||||
110 | } |
||||
111 | |||||
112 | // Group membership - should these be treated with same constants as access permissions? |
||||
113 | $value = get_input('membership'); |
||||
114 | if ($group->membership === null || $value !== null) { |
||||
115 | $is_public_membership = ($value == ACCESS_PUBLIC); |
||||
116 | $group->membership = $is_public_membership ? ACCESS_PUBLIC : ACCESS_PRIVATE; |
||||
117 | } |
||||
118 | |||||
119 | $group->setContentAccessMode((string) get_input('content_access_mode')); |
||||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||||
120 | |||||
121 | if ($is_new_group) { |
||||
122 | $group->access_id = ACCESS_PUBLIC; |
||||
123 | } |
||||
124 | |||||
125 | $old_owner_guid = $is_new_group ? 0 : $group->owner_guid; |
||||
126 | |||||
127 | $value = get_input('owner_guid'); |
||||
128 | $new_owner_guid = ($value === null) ? $old_owner_guid : (int) $value; |
||||
129 | |||||
130 | if (!$is_new_group && $new_owner_guid && $new_owner_guid != $old_owner_guid) { |
||||
131 | // verify new owner is member and old owner/admin is logged in |
||||
132 | if ($group->isMember(get_user($new_owner_guid)) && ($old_owner_guid == $user->guid || $user->isAdmin())) { |
||||
0 ignored issues
–
show
The method
isMember() does not exist on ElggEntity . It seems like you code against a sub-type of ElggEntity such as ElggGroup .
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||
133 | $group->owner_guid = $new_owner_guid; |
||||
134 | if ($group->container_guid == $old_owner_guid) { |
||||
135 | // Even though this action defaults container_guid to the logged in user guid, |
||||
136 | // the group may have initially been created with a custom script that assigned |
||||
137 | // a different container entity. We want to make sure we preserve the original |
||||
138 | // container if it the group is not contained by the original owner. |
||||
139 | $group->container_guid = $new_owner_guid; |
||||
140 | } |
||||
141 | } |
||||
142 | } |
||||
143 | |||||
144 | if ($is_new_group) { |
||||
145 | // if new group, we need to save so group acl gets set in event handler |
||||
146 | if (!$group->save()) { |
||||
147 | return elgg_error_response(elgg_echo('groups:save_error')); |
||||
148 | } |
||||
149 | } |
||||
150 | |||||
151 | // Invisible group support |
||||
152 | // @todo this requires save to be called to create the acl for the group. This |
||||
153 | // is an odd requirement and should be removed. Either the acl creation happens |
||||
154 | // in the action or the visibility moves to a plugin hook |
||||
155 | if (elgg_get_plugin_setting('hidden_groups', 'groups') == 'yes') { |
||||
156 | $value = get_input('vis'); |
||||
157 | if ($is_new_group || $value !== null) { |
||||
158 | $visibility = (int) $value; |
||||
159 | |||||
160 | if ($visibility == ACCESS_PRIVATE) { |
||||
161 | // Make this group visible only to group members. We need to use |
||||
162 | // ACCESS_PRIVATE on the form and convert it to group_acl here |
||||
163 | // because new groups do not have acl until they have been saved once. |
||||
164 | $acl = _groups_get_group_acl($group); |
||||
165 | if ($acl) { |
||||
166 | $visibility = $acl->id; |
||||
167 | } |
||||
168 | |||||
169 | // Force all new group content to be available only to members |
||||
170 | $group->setContentAccessMode(ElggGroup::CONTENT_ACCESS_MODE_MEMBERS_ONLY); |
||||
171 | } |
||||
172 | |||||
173 | $group->access_id = $visibility; |
||||
174 | } |
||||
175 | } |
||||
176 | |||||
177 | if (!$group->save()) { |
||||
178 | return elgg_error_response(elgg_echo('groups:save_error')); |
||||
179 | } |
||||
180 | |||||
181 | // group saved so clear sticky form |
||||
182 | elgg_clear_sticky_form('groups'); |
||||
183 | |||||
184 | // group creator needs to be member of new group and river entry created |
||||
185 | if ($is_new_group) { |
||||
186 | // @todo this should not be necessary... |
||||
187 | elgg_set_page_owner_guid($group->guid); |
||||
188 | |||||
189 | $group->join($user); |
||||
190 | elgg_create_river_item([ |
||||
191 | 'view' => 'river/group/create', |
||||
192 | 'action_type' => 'create', |
||||
193 | 'object_guid' => $group->guid, |
||||
194 | ]); |
||||
195 | } |
||||
196 | |||||
197 | $group->saveIconFromUploadedFile('icon'); |
||||
198 | |||||
199 | $data = [ |
||||
200 | 'entity' => $group, |
||||
201 | ]; |
||||
202 | return elgg_ok_response($data, elgg_echo('groups:saved'), $group->getURL()); |
||||
203 |