56 if (($site_guid == 0) && $this->
site_guid) {
57 $site_guid = $this->site_guid;
60 $site_guid = (int) $site_guid;
62 $hash =
$user_guid . $site_guid .
'get_access_list';
69 $access =
"(" . implode(
",", $access_array) .
")";
116 if (($site_guid == 0) && $this->
site_guid) {
117 $site_guid = $this->site_guid;
121 $site_guid = (int) $site_guid;
123 $hash =
$user_guid . $site_guid .
'get_access_array';
126 $access_array = $cache[$hash];
133 $prefix = $db->getTablePrefix();
138 $query =
"SELECT am.access_collection_id" 139 .
" FROM {$prefix}access_collection_membership am" 140 .
" LEFT JOIN {$prefix}access_collections ag ON ag.id = am.access_collection_id" 141 .
" WHERE am.user_guid = $user_guid AND (ag.site_guid = $site_guid OR ag.site_guid = 0)";
143 $collections = $db->getData($query);
146 if (!empty($collection->access_collection_id)) {
147 $access_array[] = (int)$collection->access_collection_id;
153 $query =
"SELECT ag.id FROM {$prefix}access_collections ag ";
154 $query .=
"WHERE ag.owner_guid = $user_guid AND (ag.site_guid = $site_guid OR ag.site_guid = 0)";
156 $collections = $db->getData($query);
159 if (!empty($collection->id)) {
160 $access_array[] = (int)$collection->id;
167 if ($ignore_access ==
true) {
172 if ($init_finished) {
173 $cache[$hash] = $access_array;
179 'site_id' => $site_guid
229 'table_alias' =>
'e',
232 'access_column' =>
'access_id',
233 'owner_guid_column' =>
'owner_guid',
234 'guid_column' =>
'guid',
240 $options[
'table_alias'] = rtrim($options[
'table_alias'],
'.');
242 foreach (array(
'table_alias',
'access_column',
'owner_guid_column',
'guid_column') as
$key) {
245 $options[
'user_guid'] =
sanitize_int($options[
'user_guid'],
false);
248 $table_alias = $options[
'table_alias'] ? $options[
'table_alias'] .
'.' :
'';
259 if ($options[
'ignore_access']) {
260 $clauses[
'ors'][] =
'1 = 1';
261 }
else if ($options[
'user_guid']) {
263 $clauses[
'ors'][] =
"$table_alias{$options['access_column']} = " .
ACCESS_FRIENDS .
" 264 AND $table_alias{$options['owner_guid_column']} IN ( 265 SELECT guid_one FROM {$prefix}entity_relationships 266 WHERE relationship = 'friend' AND guid_two = {$options['user_guid']} 270 $clauses[
'ors'][] =
"$table_alias{$options['owner_guid_column']} = {$options['user_guid']}";
274 if (!$options[
'ignore_access']) {
276 $clauses[
'ors'][] =
"$table_alias{$options['access_column']} IN {$access_list}";
279 if ($options[
'use_enabled_clause']) {
280 $clauses[
'ands'][] =
"{$table_alias}enabled = 'yes'";
283 $clauses =
_elgg_services()->hooks->trigger(
'get_sql',
'access', $options, $clauses);
286 if (is_array($clauses[
'ors']) && $clauses[
'ors']) {
287 $clauses_str =
'(' . implode(
' OR ', $clauses[
'ors']) .
')';
290 if (is_array($clauses[
'ands']) && $clauses[
'ands']) {
292 $clauses_str .=
' AND ';
294 $clauses_str .=
'(' . implode(
' AND ', $clauses[
'ands']) .
')';
297 return "($clauses_str)";
334 $prefix = $db->getTablePrefix();
336 $query =
"SELECT guid from {$prefix}entities e WHERE e.guid = {$entity->guid}";
338 $query .=
" AND " . $access_bit;
339 if ($db->getData($query)) {
383 if (($site_guid == 0) && $this->
site_guid) {
384 $site_guid = $this->site_guid;
388 $site_guid = (int) $site_guid;
390 $hash =
$user_guid . $site_guid .
'get_write_access_array';
393 $access_array = $cache[$hash];
396 $access_array = array(
404 $prefix = $db->getTablePrefix();
406 $query =
"SELECT ag.* FROM {$prefix}access_collections ag ";
407 $query .=
" WHERE (ag.site_guid = $site_guid OR ag.site_guid = 0)";
408 $query .=
" AND (ag.owner_guid = $user_guid)";
410 $collections = $db->getData($query);
413 $access_array[$collection->id] = $collection->name;
417 if ($init_finished) {
418 $cache[$hash] = $access_array;
424 'site_id' => $site_guid
426 return _elgg_services()->hooks->trigger(
'access:collections:write',
'user',
493 if (($site_guid == 0) && $this->
site_guid) {
494 $site_guid = $this->site_guid;
498 $prefix = $db->getTablePrefix();
502 $q =
"INSERT INTO {$prefix}access_collections 503 SET name = '{$name}', 504 owner_guid = {$owner_guid}, 505 site_guid = {$site_guid}";
506 $id = $db->insertData($q);
512 'collection_id' =>
$id 515 if (!
_elgg_services()->hooks->trigger(
'access:collections:addcollection',
'collection',
$params,
true)) {
545 $cur_members = (is_array($cur_members)) ? $cur_members : array();
547 $remove_members = array_diff($cur_members,
$members);
548 $add_members = array_diff(
$members, $cur_members);
552 foreach ($add_members as
$guid) {
556 foreach ($remove_members as $guid) {
574 if (!
_elgg_services()->hooks->trigger(
'access:collections:deletecollection',
'collection',
$params,
true)) {
579 $prefix = $db->getTablePrefix();
582 $q =
"DELETE FROM {$prefix}access_collection_membership 583 WHERE access_collection_id = {$collection_id}";
586 $q =
"DELETE FROM {$prefix}access_collections 587 WHERE id = {$collection_id}";
610 $prefix = $db->getTablePrefix();
612 $query =
"SELECT * FROM {$prefix}access_collections WHERE id = {$collection_id}";
613 $get_collection = $db->getDataRow($query);
615 return $get_collection;
650 $prefix = $db->getTablePrefix();
653 $q =
"INSERT INTO {$prefix}access_collection_membership 654 SET access_collection_id = $collection_id, user_guid = $user_guid 655 ON DUPLICATE KEY UPDATE user_guid = user_guid";
687 if (!
_elgg_services()->hooks->trigger(
'access:collections:remove_user',
'collection',
$params,
true)) {
692 $prefix = $db->getTablePrefix();
694 $q =
"DELETE FROM {$prefix}access_collection_membership 695 WHERE access_collection_id = {$collection_id} 696 AND user_guid = {$user_guid}";
698 return (
bool)$db->deleteData($q);
711 $site_guid = (int) $site_guid;
713 if (($site_guid == 0) && $this->site_guid) {
714 $site_guid = $this->site_guid;
718 $prefix = $db->getTablePrefix();
720 $query =
"SELECT * FROM {$prefix}access_collections 721 WHERE owner_guid = {$owner_guid} 722 AND site_guid = {$site_guid} 725 $collections = $db->getData($query);
742 $prefix = $db->getTablePrefix();
745 $query =
"SELECT e.* FROM {$prefix}access_collection_membership m" 746 .
" JOIN {$prefix}entities e ON e.guid = m.user_guid" 747 .
" WHERE m.access_collection_id = {$collection}";
748 $collection_members = $db->getData($query,
"entity_row_to_elggstar");
750 $query =
"SELECT e.guid FROM {$prefix}access_collection_membership m" 751 .
" JOIN {$prefix}entities e ON e.guid = m.user_guid" 752 .
" WHERE m.access_collection_id = {$collection}";
753 $collection_members = $db->getData($query);
754 if (!$collection_members) {
757 foreach ($collection_members as
$key => $val) {
758 $collection_members[
$key] = $val->guid;
762 return $collection_members;
getAccessList($user_guid=0, $site_guid=0, $flush=false)
Return a string of access_ids for $user_guid appropriate for inserting into an SQL IN clause...
getUserCollections($owner_guid, $site_guid=0)
Returns an array of database row objects of the access collections owned by $owner_guid.
__construct($site_guid)
Constructor.
removeUser($user_guid, $collection_id)
Removes a user from an access collection.
get_access_array($user_guid=0, $site_guid=0, $flush=false)
Returns an array of access IDs a user is permitted to see.
if($guid==elgg_get_logged_in_user_guid()) $name
$CONFIG site_guid
The guid of the current site object.
hasAccessToEntity($entity, $user=null)
Can a user access an entity.
update($collection_id, $members)
Updates the membership in an access collection.
getAccessArray($user_guid=0, $site_guid=0, $flush=false)
Returns an array of access IDs a user is permitted to see.
if(!$autoload_available) _elgg_services()
$guid
Removes an admin notice.
getWhereSql(array $options=array())
Returns the SQL where clause for enforcing read access to data.
get_access_collection($collection_id)
Get a specified access collection.
sanitize_string($string)
Sanitize a string for database use.
elgg_get_ignore_access()
Get current ignore access setting.
addUser($user_guid, $collection_id)
Adds a user to an access collection.
$init_finished
A flag to set if Elgg's access initialization is finished.
elgg_check_access_overrides($user_guid=0)
Decides if the access system should be ignored for a user.
get_user($guid)
Get a user object from a GUID.
elgg_set_ignore_access($ignore=true)
Set if Elgg's access system should be ignored.
getMembers($collection, $idonly=false)
Get all of members of an access collection.
$ENTITY_SHOW_HIDDEN_OVERRIDE
Allow disabled entities and metadata to be returned by getter functions.
elgg global
Pointer to the global context.
get_access_list($user_guid=0, $site_guid=0, $flush=false)
Return a string of access_ids for $user_guid appropriate for inserting into an SQL IN clause...
getWriteAccessArray($user_guid=0, $site_guid=0, $flush=false)
Returns an array of access permissions that the user is allowed to save content with.
create($name, $owner_guid=0, $site_guid=0)
Creates a new access collection.
sanitize_int($int, $signed=true)
Sanitizes an integer for database use.
$user_guid
Avatar remove action.
_elgg_get_access_where_sql(array $options=array())
Returns the SQL where clause for enforcing read access to data.
if(!$collection_name) $id
canEdit($collection_id, $user_guid=null)
Can the user change this access collection?
get_write_access_array($user_guid=0, $site_guid=0, $flush=false)
Returns an array of access permissions that the user is allowed to save content with.