1 | <?php |
||
2 | /** |
||
3 | * Elgg groups plugin edit action. |
||
4 | * |
||
5 | * If editing an existing group, only the "group_guid" must be submitted. All other form |
||
6 | * elements may be omitted and the corresponding data will be left as is. |
||
7 | * |
||
8 | * @package ElggGroups |
||
9 | */ |
||
10 | |||
11 | elgg_make_sticky_form('groups'); |
||
12 | |||
13 | // Get group fields |
||
14 | $input = []; |
||
15 | foreach (elgg_get_config('group') as $shortname => $valuetype) { |
||
16 | $value = get_input($shortname); |
||
17 | |||
18 | if ($value === null) { |
||
19 | // only submitted fields should be updated |
||
20 | continue; |
||
21 | } |
||
22 | |||
23 | $input[$shortname] = $value; |
||
24 | |||
25 | // @todo treat profile fields as unescaped: don't filter, encode on output |
||
26 | if (is_array($input[$shortname])) { |
||
27 | array_walk_recursive($input[$shortname], function (&$v) { |
||
28 | $v = elgg_html_decode($v); |
||
29 | }); |
||
30 | } else { |
||
31 | $input[$shortname] = elgg_html_decode($input[$shortname]); |
||
32 | } |
||
33 | |||
34 | if ($valuetype == 'tags') { |
||
35 | $input[$shortname] = string_to_tag_array($input[$shortname]); |
||
36 | } |
||
37 | } |
||
38 | |||
39 | // only set if submitted |
||
40 | $name = elgg_get_title_input('name', null); |
||
41 | if ($name !== null) { |
||
42 | $input['name'] = $name; |
||
43 | } |
||
44 | |||
45 | $user = elgg_get_logged_in_user_entity(); |
||
46 | |||
47 | $group_guid = (int) get_input('group_guid'); |
||
48 | |||
49 | if ($group_guid) { |
||
50 | $is_new_group = false; |
||
51 | $group = get_entity($group_guid); |
||
52 | if (!$group instanceof ElggGroup || !$group->canEdit()) { |
||
53 | $error = elgg_echo('groups:cantedit'); |
||
54 | return elgg_error_response($error); |
||
55 | } |
||
56 | } else { |
||
57 | if (elgg_get_plugin_setting('limited_groups', 'groups') == 'yes' && !$user->isAdmin()) { |
||
58 | $error = elgg_echo('groups:cantcreate'); |
||
59 | return elgg_error_response($error); |
||
60 | } |
||
61 | |||
62 | $container_guid = get_input('container_guid', $user->guid); |
||
63 | $container = get_entity($container_guid); |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
64 | |||
65 | if (!$container || !$container->canWriteToContainer($user->guid, 'group')) { |
||
66 | $error = elgg_echo('groups:cantcreate'); |
||
67 | return elgg_error_response($error); |
||
68 | } |
||
69 | |||
70 | $is_new_group = true; |
||
71 | $group = new ElggGroup(); |
||
72 | $group->container_guid = $container->guid; |
||
73 | } |
||
74 | |||
75 | // Assume we can edit or this is a new group |
||
76 | foreach ($input as $shortname => $value) { |
||
77 | if ($value === '' && !in_array($shortname, ['name', 'description'])) { |
||
78 | // The group profile displays all profile fields that have a value. |
||
79 | // We don't want to display fields with empty string value, so we |
||
80 | // remove the metadata completely. |
||
81 | $group->deleteMetadata($shortname); |
||
82 | continue; |
||
83 | } |
||
84 | |||
85 | $group->$shortname = $value; |
||
86 | } |
||
87 | |||
88 | // Validate create |
||
89 | if (!$group->name) { |
||
90 | return elgg_error_response(elgg_echo('groups:notitle')); |
||
91 | } |
||
92 | |||
93 | // Set group tool options (only pass along saved entities) |
||
94 | $tool_entity = !$is_new_group ? $group : null; |
||
95 | $tool_options = elgg_get_group_tool_options($tool_entity); |
||
96 | if ($tool_options) { |
||
0 ignored issues
–
show
The expression
$tool_options of type array is implicitly converted to a boolean; are you sure this is intended? If so, consider using ! empty($expr) instead to make it clear that you intend to check for an array without elements.
This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using
Loading history...
|
|||
97 | foreach ($tool_options as $group_option) { |
||
98 | $option_toggle_name = $group_option->name . "_enable"; |
||
99 | $value = get_input($option_toggle_name); |
||
100 | if ($value === null) { |
||
101 | continue; |
||
102 | } |
||
103 | |||
104 | if ($value === 'yes') { |
||
105 | $group->enableTool($group_option->name); |
||
106 | } else { |
||
107 | $group->disableTool($group_option->name); |
||
108 | } |
||
109 | } |
||
110 | } |
||
111 | |||
112 | // Group membership - should these be treated with same constants as access permissions? |
||
113 | $value = get_input('membership'); |
||
114 | if ($group->membership === null || $value !== null) { |
||
115 | $is_public_membership = ($value == ACCESS_PUBLIC); |
||
116 | $group->membership = $is_public_membership ? ACCESS_PUBLIC : ACCESS_PRIVATE; |
||
117 | } |
||
118 | |||
119 | $group->setContentAccessMode((string) get_input('content_access_mode')); |
||
120 | |||
121 | if ($is_new_group) { |
||
122 | $group->access_id = ACCESS_PUBLIC; |
||
123 | } |
||
124 | |||
125 | $old_owner_guid = $is_new_group ? 0 : $group->owner_guid; |
||
126 | |||
127 | $value = get_input('owner_guid'); |
||
128 | $new_owner_guid = ($value === null) ? $old_owner_guid : (int) $value; |
||
129 | |||
130 | if (!$is_new_group && $new_owner_guid && $new_owner_guid != $old_owner_guid) { |
||
131 | // verify new owner is member and old owner/admin is logged in |
||
132 | if ($group->isMember(get_user($new_owner_guid)) && ($old_owner_guid == $user->guid || $user->isAdmin())) { |
||
133 | $group->owner_guid = $new_owner_guid; |
||
134 | if ($group->container_guid == $old_owner_guid) { |
||
135 | // Even though this action defaults container_guid to the logged in user guid, |
||
136 | // the group may have initially been created with a custom script that assigned |
||
137 | // a different container entity. We want to make sure we preserve the original |
||
138 | // container if it the group is not contained by the original owner. |
||
139 | $group->container_guid = $new_owner_guid; |
||
140 | } |
||
141 | } |
||
142 | } |
||
143 | |||
144 | if ($is_new_group) { |
||
145 | // if new group, we need to save so group acl gets set in event handler |
||
146 | if (!$group->save()) { |
||
147 | return elgg_error_response(elgg_echo('groups:save_error')); |
||
148 | } |
||
149 | } |
||
150 | |||
151 | // Invisible group support |
||
152 | // @todo this requires save to be called to create the acl for the group. This |
||
153 | // is an odd requirement and should be removed. Either the acl creation happens |
||
154 | // in the action or the visibility moves to a plugin hook |
||
155 | if (elgg_get_plugin_setting('hidden_groups', 'groups') == 'yes') { |
||
156 | $value = get_input('vis'); |
||
157 | if ($is_new_group || $value !== null) { |
||
158 | $visibility = (int) $value; |
||
159 | |||
160 | if ($visibility == ACCESS_PRIVATE) { |
||
161 | // Make this group visible only to group members. We need to use |
||
162 | // ACCESS_PRIVATE on the form and convert it to group_acl here |
||
163 | // because new groups do not have acl until they have been saved once. |
||
164 | $acl = _groups_get_group_acl($group); |
||
165 | if ($acl) { |
||
166 | $visibility = $acl->id; |
||
167 | } |
||
168 | |||
169 | // Force all new group content to be available only to members |
||
170 | $group->setContentAccessMode(ElggGroup::CONTENT_ACCESS_MODE_MEMBERS_ONLY); |
||
171 | } |
||
172 | |||
173 | $group->access_id = $visibility; |
||
174 | } |
||
175 | } |
||
176 | |||
177 | if (!$group->save()) { |
||
178 | return elgg_error_response(elgg_echo('groups:save_error')); |
||
179 | } |
||
180 | |||
181 | // group saved so clear sticky form |
||
182 | elgg_clear_sticky_form('groups'); |
||
183 | |||
184 | // group creator needs to be member of new group and river entry created |
||
185 | if ($is_new_group) { |
||
186 | // @todo this should not be necessary... |
||
187 | elgg_set_page_owner_guid($group->guid); |
||
188 | |||
189 | $group->join($user); |
||
190 | elgg_create_river_item([ |
||
191 | 'view' => 'river/group/create', |
||
192 | 'action_type' => 'create', |
||
193 | 'object_guid' => $group->guid, |
||
194 | ]); |
||
195 | } |
||
196 | |||
197 | $group->saveIconFromUploadedFile('icon'); |
||
198 | |||
199 | $data = [ |
||
200 | 'entity' => $group, |
||
201 | ]; |
||
202 | return elgg_ok_response($data, elgg_echo('groups:saved'), $group->getURL()); |
||
203 |