Elgg  Version 2.3
UserCapabilities.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg;
4 
5 use Elgg\Database\EntityTable;
6 use Elgg\Database\EntityTable\UserFetchFailureException;
7 use ElggAnnotation;
8 use ElggEntity;
9 use ElggRiverItem;
10 use ElggMetadata;
11 use ElggSession;
12 use InvalidArgumentException;
13 
22 class UserCapabilities {
23 
27  private $hooks;
28 
32  private $entities;
33 
37  private $session;
38 
46  public function __construct(PluginHooksService $hooks, EntityTable $entities, ElggSession $session) {
47  $this->hooks = $hooks;
48  $this->entities = $entities;
49  $this->session = $session;
50  }
51 
63  public function canEdit(ElggEntity $entity, $user_guid = 0) {
64  try {
65  $user = $this->entities->getUserForPermissionsCheck($user_guid);
66  } catch (UserFetchFailureException $e) {
67  return false;
68  }
69 
70  // Test user if possible - should default to false unless a plugin hook says otherwise
71  $default = call_user_func(function () use ($entity, $user) {
72  if (!$user) {
73  return false;
74  }
75 
76  // favor the persisted attributes if not saved
77  $attrs = array_merge(
78  [
79  'owner_guid' => $entity->owner_guid,
80  'container_guid' => $entity->container_guid,
81  ], $entity->getOriginalAttributes()
82  );
83 
84  if ($attrs['owner_guid'] == $user->guid) {
85  return true;
86  }
87 
88  if ($attrs['container_guid'] == $user->guid) {
89  return true;
90  }
91 
92  if ($entity->guid == $user->guid) {
93  return true;
94  }
95 
96  $container = $this->entities->get($attrs['container_guid']);
97 
98  return ($container && $container->canEdit($user->guid));
99  });
100 
101  $params = array('entity' => $entity, 'user' => $user);
102  return $this->hooks->trigger('permissions_check', $entity->getType(), $params, $default);
103  }
104 
117  public function canDelete(ElggEntity $entity, $user_guid = 0) {
118  try {
119  $user = $this->entities->getUserForPermissionsCheck($user_guid);
120  } catch (UserFetchFailureException $e) {
121  return false;
122  }
123 
124  $return = $entity->canEdit($user_guid);
125 
126  $params = [
127  'entity' => $entity,
128  'user' => $user
129  ];
130  return $this->hooks->trigger('permissions_check:delete', $entity->getType(), $params, $return);
131  }
132 
147  public function canDeleteRiverItem(ElggRiverItem $item, $user_guid = 0) {
148  try {
149  $user = $this->entities->getUserForPermissionsCheck($user_guid);
150  } catch (UserFetchFailureException $e) {
151  return false;
152  }
153 
154  $return = ($user && $user->isAdmin());
155 
156  $params = [
157  'item' => $item,
158  'user' => $user,
159  ];
160  return $this->hooks->trigger('permissions_check:delete', 'river', $params, $return);
161  }
162 
179  public function canEditMetadata(ElggEntity $entity, $user_guid = 0, ElggMetadata $metadata = null) {
180  if (!$entity->guid) {
181  // @todo cannot edit metadata on unsaved entity?
182  return false;
183  }
184 
185  try {
186  $user = $this->entities->getUserForPermissionsCheck($user_guid);
187  } catch (UserFetchFailureException $e) {
188  return false;
189  }
190 
191  if ($user) {
192  $user_guid = $user->guid;
193  }
194 
195  // if metadata is not owned or owned by the user, then can edit
196  if ($metadata && ($metadata->owner_guid == 0 || $metadata->owner_guid == $user_guid)) {
197  $return = true;
198  } else {
199  $return = $entity->canEdit($user_guid);
200  }
201 
202  // metadata and user may be null
203  $params = [
204  'entity' => $entity,
205  'user' => $user,
206  'metadata' => $metadata
207  ];
208  return $this->hooks->trigger('permissions_check:metadata', $entity->getType(), $params, $return);
209  }
210 
221  public function canEditAnnotation(ElggEntity $entity, $user_guid = 0, ElggAnnotation $annotation = null) {
222  if (!$annotation) {
223  return false;
224  }
225  try {
226  $user = $this->entities->getUserForPermissionsCheck($user_guid);
227  } catch (UserFetchFailureException $e) {
228  return false;
229  }
230 
231  $result = false;
232 
233  if ($user) {
234  // If the owner of annotation is the specified user, they can edit.
235  if ($annotation->owner_guid == $user->guid) {
236  $result = true;
237  }
238 
239  // If the user can edit the entity this is attached to, they can edit.
240  if ($result == false && $entity->canEdit($user->guid)) {
241  $result = true;
242  }
243  }
244 
245  // Trigger plugin hook - note that $user may be null
246  $params = [
247  'entity' => $entity,
248  'user' => $user,
249  'annotation' => $annotation
250  ];
251 
252  return $this->hooks->trigger('permissions_check', 'annotation', $params, $result);
253  }
254 
266  public function canWriteToContainer(ElggEntity $entity, $user_guid = 0, $type = 'all', $subtype = 'all') {
267  try {
268  $user = $this->entities->getUserForPermissionsCheck($user_guid);
269  } catch (UserFetchFailureException $e) {
270  return false;
271  }
272 
273  if ($user) {
274  $user_guid = $user->guid;
275  }
276 
277  $params = [
278  'container' => $entity,
279  'user' => $user,
280  'subtype' => $subtype
281  ];
282 
283  // Unlike permissions, logic check can be used to prevent certain entity
284  // types from being contained by other entity types,
285  // e.g. discussion reply objects can only be contained by discussion objects.
286  // This hook can also be used to apply status logic, e.g. to disallow
287  // new replies in closed discussions.
288  // We do not take a stand hence the return is null. This can be used by
289  // handlers to check if another hook has modified the value.
290  $logic_check = $this->hooks->trigger('container_logic_check', $type, $params);
291 
292  if ($logic_check === false) {
293  return false;
294  }
295 
296  $return = false;
297  if ($entity) {
298  // If the user can edit the container, they can also write to it
299  if ($entity->canEdit($user_guid)) {
300  $return = true;
301  }
302  }
303 
304  // Container permissions can prevent users from writing to an entity.
305  // For instance, these permissions can prevent non-group members from writing
306  // content to the group.
307  return $this->hooks->trigger('container_permissions_check', $type, $params, $return);
308  }
309 
321  public function canComment(ElggEntity $entity, $user_guid = 0, $default = null) {
322  try {
323  $user = $this->entities->getUserForPermissionsCheck($user_guid);
324  } catch (UserFetchFailureException $e) {
325  return false;
326  }
327 
328  // By default, we don't take a position of whether commenting is allowed
329  // because it is handled by the subclasses of \ElggEntity
330  $params = [
331  'entity' => $entity,
332  'user' => $user
333  ];
334  return $this->hooks->trigger('permissions_check:comment', $entity->getType(), $params, $default);
335  }
336 
352  public function canAnnotate(ElggEntity $entity, $user_guid = 0, $annotation_name = '') {
353  if ($annotation_name === null || $annotation_name === false) {
354  // accepting these for BC
355  $annotation_name = '';
356  } elseif (!is_string($annotation_name)) {
357  throw new InvalidArgumentException(__METHOD__ . ' expects \$annotation_name to be a string');
358  }
359 
360  try {
361  $user = $this->entities->getUserForPermissionsCheck($user_guid);
362  } catch (UserFetchFailureException $e) {
363  return false;
364  }
365 
366  $return = (bool) $user;
367 
368  $params = [
369  'entity' => $entity,
370  'user' => $user,
371  'annotation_name' => $annotation_name,
372  ];
373 
374  if (!empty($annotation_name)) {
375  $return = $this->hooks->trigger("permissions_check:annotate:$annotation_name", $entity->getType(), $params, $return);
376  }
377 
378  return $this->hooks->trigger('permissions_check:annotate', $entity->getType(), $params, $return);
379  }
380 
381 }
$result
$result
Definition: set_maintenance_mode.php:11
$session
$session
Definition: login.php:9
$params
$params
Definition: login.php:72
$attrs
$attrs
Definition: ajax_loader.php:30
$user_guid
$user_guid
Avatar remove action.
Definition: remove.php:6
$user
$user
Definition: ban.php:13
Elgg\Database\EntityTable\UserFetchFailureException
Exception indicating a user could not be looked up for a permissions check.
Definition: UserFetchFailureException.php:8
Elgg\UserCapabilities
WARNING: API IN FLUX.
Definition: UserCapabilities.php:22
Elgg\UserCapabilities\canWriteToContainer
canWriteToContainer(ElggEntity $entity, $user_guid=0, $type='all', $subtype='all')
Can a user add an entity to this container.
Definition: UserCapabilities.php:266
Elgg\UserCapabilities\canAnnotate
canAnnotate(ElggEntity $entity, $user_guid=0, $annotation_name='')
Can a user annotate an entity?
Definition: UserCapabilities.php:352
Elgg\UserCapabilities\canEditMetadata
canEditMetadata(ElggEntity $entity, $user_guid=0, ElggMetadata $metadata=null)
Can a user edit metadata on this entity?
Definition: UserCapabilities.php:179
Elgg\UserCapabilities\canComment
canComment(ElggEntity $entity, $user_guid=0, $default=null)
Can a user comment on an entity?
Definition: UserCapabilities.php:321
Elgg\UserCapabilities\__construct
__construct(PluginHooksService $hooks, EntityTable $entities, ElggSession $session)
Constructor.
Definition: UserCapabilities.php:46
Elgg\UserCapabilities\canEditAnnotation
canEditAnnotation(ElggEntity $entity, $user_guid=0, ElggAnnotation $annotation=null)
Determines whether or not the user can edit this annotation.
Definition: UserCapabilities.php:221
Elgg\UserCapabilities\canEdit
canEdit(ElggEntity $entity, $user_guid=0)
Can a user edit this entity?
Definition: UserCapabilities.php:63
Elgg\UserCapabilities\canDelete
canDelete(ElggEntity $entity, $user_guid=0)
Can a user delete this entity?
Definition: UserCapabilities.php:117
Elgg\UserCapabilities\canDeleteRiverItem
canDeleteRiverItem(ElggRiverItem $item, $user_guid=0)
Can a user delete this river item?
Definition: UserCapabilities.php:147
$annotation
$annotation
Elgg default annotation view.
Definition: default.php:10
$metadata
$metadata
Definition: entity.php:19
$default
$default
Definition: checkbox.php:34
$subtype
$subtype
Definition: delete.php:28
$entity
$entity
Definition: delete.php:7
$container
$container
Definition: delete.php:29
$type
if(! $display_name) $type
Definition: delete.php:27
Elgg
Save menu items.
$return
$return
Definition: opendd.php:15
$item
if(! $items) $item
Definition: delete.php:17
$e
$e
Definition: metadata.php:12
Generated on Fri Aug 29 2025 00:00:46 for Elgg by doxygen 1.9.1