1 | <?php |
||||||
2 | /** |
||||||
3 | * Elgg groups plugin edit action. |
||||||
4 | * |
||||||
5 | * If editing an existing group, only the "group_guid" must be submitted. All other form |
||||||
6 | * elements may be omitted and the corresponding data will be left as is. |
||||||
7 | * |
||||||
8 | * @package ElggGroups |
||||||
9 | */ |
||||||
10 | |||||||
11 | elgg_make_sticky_form('groups'); |
||||||
12 | |||||||
13 | // Get group fields |
||||||
14 | $input = []; |
||||||
15 | foreach (elgg_get_config('group') as $shortname => $valuetype) { |
||||||
16 | $value = get_input($shortname); |
||||||
17 | |||||||
18 | if ($value === null) { |
||||||
19 | // only submitted fields should be updated |
||||||
20 | continue; |
||||||
21 | } |
||||||
22 | |||||||
23 | $input[$shortname] = $value; |
||||||
24 | |||||||
25 | // @todo treat profile fields as unescaped: don't filter, encode on output |
||||||
26 | if (is_array($input[$shortname])) { |
||||||
27 | array_walk_recursive($input[$shortname], function (&$v) { |
||||||
28 | $v = elgg_html_decode($v); |
||||||
29 | }); |
||||||
30 | } else { |
||||||
31 | $input[$shortname] = elgg_html_decode($input[$shortname]); |
||||||
32 | } |
||||||
33 | |||||||
34 | if ($valuetype == 'tags') { |
||||||
35 | $input[$shortname] = string_to_tag_array($input[$shortname]); |
||||||
36 | } |
||||||
37 | } |
||||||
38 | |||||||
39 | // only set if submitted |
||||||
40 | $name = elgg_get_title_input('name', null); |
||||||
41 | if ($name !== null) { |
||||||
42 | $input['name'] = $name; |
||||||
43 | } |
||||||
44 | |||||||
45 | $user = elgg_get_logged_in_user_entity(); |
||||||
46 | |||||||
47 | $group_guid = (int) get_input('group_guid'); |
||||||
48 | |||||||
49 | if ($group_guid) { |
||||||
50 | $is_new_group = false; |
||||||
51 | $group = get_entity($group_guid); |
||||||
52 | if (!$group instanceof ElggGroup || !$group->canEdit()) { |
||||||
53 | $error = elgg_echo('groups:cantedit'); |
||||||
54 | return elgg_error_response($error); |
||||||
55 | } |
||||||
56 | } else { |
||||||
57 | if (elgg_get_plugin_setting('limited_groups', 'groups') == 'yes' && !$user->isAdmin()) { |
||||||
58 | $error = elgg_echo('groups:cantcreate'); |
||||||
59 | return elgg_error_response($error); |
||||||
60 | } |
||||||
61 | |||||||
62 | $container_guid = get_input('container_guid', $user->guid); |
||||||
63 | $container = get_entity($container_guid); |
||||||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||||||
64 | |||||||
65 | if (!$container || !$container->canWriteToContainer($user->guid, 'group')) { |
||||||
66 | $error = elgg_echo('groups:cantcreate'); |
||||||
67 | return elgg_error_response($error); |
||||||
68 | } |
||||||
69 | |||||||
70 | $is_new_group = true; |
||||||
71 | $group = new ElggGroup(); |
||||||
72 | $group->container_guid = $container->guid; |
||||||
73 | } |
||||||
74 | |||||||
75 | // Assume we can edit or this is a new group |
||||||
76 | foreach ($input as $shortname => $value) { |
||||||
77 | if ($value === '' && !in_array($shortname, ['name', 'description'])) { |
||||||
78 | // The group profile displays all profile fields that have a value. |
||||||
79 | // We don't want to display fields with empty string value, so we |
||||||
80 | // remove the metadata completely. |
||||||
81 | $group->deleteMetadata($shortname); |
||||||
82 | continue; |
||||||
83 | } |
||||||
84 | |||||||
85 | $group->$shortname = $value; |
||||||
86 | } |
||||||
87 | |||||||
88 | // Validate create |
||||||
89 | if (!$group->name) { |
||||||
90 | return elgg_error_response(elgg_echo('groups:notitle')); |
||||||
91 | } |
||||||
92 | |||||||
93 | // Set group tool options (only pass along saved entities) |
||||||
94 | $tool_entity = !$is_new_group ? $group : null; |
||||||
95 | $tool_options = elgg_get_group_tool_options($tool_entity); |
||||||
96 | if ($tool_options) { |
||||||
0 ignored issues
–
show
The expression
$tool_options of type array is implicitly converted to a boolean; are you sure this is intended? If so, consider using ! empty($expr) instead to make it clear that you intend to check for an array without elements.
This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using
Loading history...
|
|||||||
97 | foreach ($tool_options as $group_option) { |
||||||
98 | $option_toggle_name = $group_option->name . "_enable"; |
||||||
99 | $value = get_input($option_toggle_name); |
||||||
100 | if ($value === null) { |
||||||
101 | continue; |
||||||
102 | } |
||||||
103 | |||||||
104 | if ($value === 'yes') { |
||||||
105 | $group->enableTool($group_option->name); |
||||||
106 | } else { |
||||||
107 | $group->disableTool($group_option->name); |
||||||
108 | } |
||||||
109 | } |
||||||
110 | } |
||||||
111 | |||||||
112 | // Group membership - should these be treated with same constants as access permissions? |
||||||
113 | $value = get_input('membership'); |
||||||
114 | if ($group->membership === null || $value !== null) { |
||||||
115 | $is_public_membership = ($value == ACCESS_PUBLIC); |
||||||
116 | $group->membership = $is_public_membership ? ACCESS_PUBLIC : ACCESS_PRIVATE; |
||||||
117 | } |
||||||
118 | |||||||
119 | $group->setContentAccessMode((string) get_input('content_access_mode')); |
||||||
0 ignored issues
–
show
The method
setContentAccessMode() does not exist on ElggEntity . It seems like you code against a sub-type of ElggEntity such as ElggGroup .
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||||
120 | |||||||
121 | if ($is_new_group) { |
||||||
122 | $group->access_id = ACCESS_PUBLIC; |
||||||
123 | } |
||||||
124 | |||||||
125 | $old_owner_guid = $is_new_group ? 0 : $group->owner_guid; |
||||||
126 | |||||||
127 | $value = get_input('owner_guid'); |
||||||
128 | $new_owner_guid = ($value === null) ? $old_owner_guid : (int) $value; |
||||||
129 | |||||||
130 | if (!$is_new_group && $new_owner_guid && $new_owner_guid != $old_owner_guid) { |
||||||
131 | // verify new owner is member and old owner/admin is logged in |
||||||
132 | if ($group->isMember(get_user($new_owner_guid)) && ($old_owner_guid == $user->guid || $user->isAdmin())) { |
||||||
133 | $group->owner_guid = $new_owner_guid; |
||||||
134 | if ($group->container_guid == $old_owner_guid) { |
||||||
135 | // Even though this action defaults container_guid to the logged in user guid, |
||||||
136 | // the group may have initially been created with a custom script that assigned |
||||||
137 | // a different container entity. We want to make sure we preserve the original |
||||||
138 | // container if it the group is not contained by the original owner. |
||||||
139 | $group->container_guid = $new_owner_guid; |
||||||
140 | } |
||||||
141 | } |
||||||
142 | } |
||||||
143 | |||||||
144 | if ($is_new_group) { |
||||||
145 | // if new group, we need to save so group acl gets set in event handler |
||||||
146 | if (!$group->save()) { |
||||||
147 | return elgg_error_response(elgg_echo('groups:save_error')); |
||||||
148 | } |
||||||
149 | } |
||||||
150 | |||||||
151 | // Invisible group support |
||||||
152 | // @todo this requires save to be called to create the acl for the group. This |
||||||
153 | // is an odd requirement and should be removed. Either the acl creation happens |
||||||
154 | // in the action or the visibility moves to a plugin hook |
||||||
155 | if (elgg_get_plugin_setting('hidden_groups', 'groups') == 'yes') { |
||||||
156 | $value = get_input('vis'); |
||||||
157 | if ($is_new_group || $value !== null) { |
||||||
158 | $visibility = (int) $value; |
||||||
159 | |||||||
160 | if ($visibility == ACCESS_PRIVATE) { |
||||||
161 | // Make this group visible only to group members. We need to use |
||||||
162 | // ACCESS_PRIVATE on the form and convert it to group_acl here |
||||||
163 | // because new groups do not have acl until they have been saved once. |
||||||
164 | $acl = _groups_get_group_acl($group); |
||||||
165 | if ($acl) { |
||||||
166 | $visibility = $acl->id; |
||||||
167 | } |
||||||
168 | |||||||
169 | // Force all new group content to be available only to members |
||||||
170 | $group->setContentAccessMode(ElggGroup::CONTENT_ACCESS_MODE_MEMBERS_ONLY); |
||||||
171 | } |
||||||
172 | |||||||
173 | $group->access_id = $visibility; |
||||||
174 | } |
||||||
175 | } |
||||||
176 | |||||||
177 | if (!$group->save()) { |
||||||
178 | return elgg_error_response(elgg_echo('groups:save_error')); |
||||||
179 | } |
||||||
180 | |||||||
181 | // group saved so clear sticky form |
||||||
182 | elgg_clear_sticky_form('groups'); |
||||||
183 | |||||||
184 | // group creator needs to be member of new group and river entry created |
||||||
185 | if ($is_new_group) { |
||||||
186 | // @todo this should not be necessary... |
||||||
187 | elgg_set_page_owner_guid($group->guid); |
||||||
188 | |||||||
189 | $group->join($user); |
||||||
190 | elgg_create_river_item([ |
||||||
191 | 'view' => 'river/group/create', |
||||||
192 | 'action_type' => 'create', |
||||||
193 | 'object_guid' => $group->guid, |
||||||
194 | ]); |
||||||
195 | } |
||||||
196 | |||||||
197 | $group->saveIconFromUploadedFile('icon'); |
||||||
198 | |||||||
199 | $data = [ |
||||||
200 | 'entity' => $group, |
||||||
201 | ]; |
||||||
202 | return elgg_ok_response($data, elgg_echo('groups:saved'), $group->getURL()); |
||||||
203 |