105 $this->access_cache = $cache;
117 $this->init_complete =
true;
152 $user_guid = $this->session->getLoggedInUserGuid();
158 $access_array = $cache[$hash];
170 $membership_query = $select->subquery(self::MEMBERSHIP_TABLE_NAME);
171 $membership_query->select(
'access_collection_id')
174 $select->select(
'id')
176 ->orWhere($select->compare(
'id',
'in', $membership_query->getSQL()));
178 $collections = $this->db->getData($select);
179 if (!empty($collections)) {
180 foreach ($collections as $collection) {
181 $access_array[] = (int) $collection->id;
185 $ignore_access = $this->capabilities->canBypassPermissionsCheck(
$user_guid);
187 if ($ignore_access ===
true) {
192 if ($this->init_complete) {
193 $cache[$hash] = $access_array;
202 return $this->hooks->trigger(
'access:collections:read',
'user',
$options, $access_array);
245 return $this->entities->getRow($entity->guid,
$user_guid);
284 $user_guid = $this->session->getLoggedInUserGuid();
289 $hash =
$user_guid .
'get_write_access_array';
292 $access_array = $cache[$hash];
302 if ($this->init_complete) {
303 $cache[$hash] = $access_array;
312 $access_array = $this->hooks->trigger(
'access:collections:write',
'user',
$options, $access_array);
316 if (!isset($access_array[$access])) {
320 $temp = $access_array[
$access];
321 unset($access_array[$access]);
322 $access_array[
$access] = $temp;
326 return $access_array;
339 $subtypes = $this->hooks->trigger(
'access:collections:write:subtypes',
'user', [
'owner_guid' => $owner_guid], []);
344 $select->compare(
'subtype',
'is null'),
351 ->where($select->compare(
'owner_guid',
'=', $owner_guid,
ELGG_VALUE_GUID))
352 ->andWhere($select->merge($ors,
'OR'))
353 ->orderBy(
'name',
'ASC');
355 $collections = $this->db->getData($select, [$this,
'rowToElggAccessCollection']);
356 if (empty($collections)) {
361 foreach ($collections as $collection) {
362 $result[$collection->id] = $collection->getDisplayName();
392 $collection = $this->
get($collection_id);
397 if ($this->capabilities->canBypassPermissionsCheck(
$user->guid)) {
402 return array_key_exists($collection_id, $write_access);
431 $this->
getLogger()->error(
"The subtype length for access collections cannot be greater than 255");
437 $owner_guid = $this->session->getLoggedInUserGuid();
447 $id = $this->db->insertData($insert);
452 $this->access_cache->clear();
455 'collection_id' =>
$id,
461 if (!$this->hooks->trigger(
'access:collections:addcollection',
'collection', $hook_params,
true)) {
481 ->where($update->compare(
'id',
'=', $collection_id,
ELGG_VALUE_ID));
483 if ($this->db->updateData($update,
true)) {
484 $this->access_cache->clear();
505 public function update($collection_id, array $new_members = []) {
506 $acl = $this->
get($collection_id);
512 $to_guid =
function($elem) {
516 if (is_object($elem)) {
517 return (
int) $elem->guid;
522 $current_members = [];
523 $new_members = array_map($to_guid, $new_members);
525 $current_members_batch = $this->
getMembers($collection_id, [
531 foreach ($current_members_batch as $row) {
532 $current_members[] = $to_guid($row);
535 $remove_members = array_diff($current_members, $new_members);
536 $add_members = array_diff($new_members, $current_members);
540 foreach ($add_members as
$guid) {
544 foreach ($remove_members as $guid) {
548 $this->access_cache->clear();
560 public function delete(
int $collection_id):
bool {
562 'collection_id' => $collection_id,
565 if (!$this->hooks->trigger(
'access:collections:deletecollection',
'collection',
$params,
true)) {
571 $delete_membership->where($delete_membership->compare(
'access_collection_id',
'=', $collection_id,
ELGG_VALUE_ID));
573 $this->db->deleteData($delete_membership);
580 $this->access_cache->clear();
593 return new \ElggAccessCollection($row);
608 return $this->db->getDataRow(
$query, [$this,
'rowToElggAccessCollection']) ?: null;
638 $collection = $this->
get($collection_id);
643 $user = $this->entities->get($user_guid);
649 'collection_id' => $collection->id,
653 $result = $this->hooks->trigger(
'access:collections:add_user',
'collection', $hook_params,
true);
661 'access_collection_id' => $insert->param($collection_id,
ELGG_VALUE_ID),
666 $result = $this->db->insertData($insert);
668 $prev = $e->getPrevious();
669 if ($prev instanceof UniqueConstraintViolationException) {
677 $this->access_cache->clear();
695 'collection_id' => $collection_id,
699 if (!$this->hooks->trigger(
'access:collections:remove_user',
'collection',
$params,
true)) {
707 $this->access_cache->clear();
709 return (
bool) $this->db->deleteData(
$delete);
721 $supported_options = [
'owner_guid',
'subtype'];
725 ->orderBy(
'name',
'ASC');
727 foreach ($supported_options as $option) {
729 if (!isset($option_value)) {
735 $select->andWhere($select->compare($option,
'=', $option_value,
ELGG_VALUE_GUID));
738 $select->andWhere($select->compare($option,
'=', $option_value,
ELGG_VALUE_STRING));
743 return $this->db->getData($select, [$this,
'rowToElggAccessCollection']);
756 $qb->
join($table_alias, self::MEMBERSHIP_TABLE_NAME,
'acm', $qb->
compare(
'acm.user_guid',
'=',
"{$table_alias}.guid"));
773 $select->join(
'ac', self::MEMBERSHIP_TABLE_NAME,
'acm', $select->compare(
'ac.id',
'=',
'acm.access_collection_id'));
775 $select->select(
'ac.*')
776 ->where($select->compare(
'acm.user_guid',
'=', $member_guid,
ELGG_VALUE_GUID))
777 ->orderBy(
'name',
'ASC');
779 return $this->db->getData($select, [$this,
'rowToElggAccessCollection']);
810 if (array_key_exists($entity_access_id, $access_array)) {
811 return $access_array[$entity_access_id];
817 $collection = $this->
get($entity_access_id);
821 return $translator->translate(
'access:limited:label');
824 return $collection->getDisplayName();
getReadableAccessLevel(int $entity_access_id)
Return the name of an ACCESS_* constant or an access collection, but only if the logged in user owns ...
elgg_call(int $flags, Closure $closure)
Calls a callable autowiring the arguments using public DI services and applying logic based on flags...
create(string $name, int $owner_guid=0, string $subtype=null)
Creates a new access collection.
removeUser(int $user_guid, int $collection_id)
Removes a user from an access collection.
hasAccessToEntity(\ElggEntity $entity, int $user_guid=0)
Can a user access an entity.
$params
Saves global plugin settings.
const ELGG_ENFORCE_ACCESS
static find(array $options=[])
Build and execute a new query from an array of legacy options.
canEdit($user_guid=null)
Check if user can edit this collection.
rename(int $collection_id, string $name)
Renames an access collection.
if(!$user||!$user->canDelete()) $name
static table($table, $alias=null)
{}
markInitComplete()
Mark the access system as initialized.
const ELGG_VALUE_INTEGER
Value types.
const MEMBERSHIP_TABLE_NAME
canEdit(int $collection_id, int $user_guid=null)
Can the user change this access collection?
Database abstraction query builder.
__construct(Config $config, Database $db, EntityTable $entities, UserCapabilities $capabilities,\ElggCache $cache, PluginHooksService $hooks,\ElggSession $session, Translator $translator)
Constructor.
getCollectionsForWriteAccess(int $owner_guid)
Returns an array of access collections to be used in the write access array.
trait Loggable
Enables adding a logger.
static intoTable($table)
{}
getWriteAccessArray($user_guid=0, $flush=false, array $input_params=[])
Returns an array of access permissions that the user is allowed to save content with.
getCollectionsByMember(int $member_guid)
Return an array of collections that the entity is member of.
Exception indicating a user could not be looked up for a permissions check.
rowToElggAccessCollection(\stdClass $row)
Transforms a database row to an instance of ElggAccessCollection.
hasUser($user_guid, $collection_id)
Check if user is already in the collection.
join($fromAlias, $join, $alias, $condition=null)
{}
A generic parent class for database exceptions.
compare($x, $comparison, $y=null, $type=null, $case_sensitive=null)
Build value comparison clause.
getEntityCollections(array $options=[])
Returns access collections.
elgg_extract($key, $array, $default=null, $strict=true)
Checks for $array[$key] and returns its value if it exists, else returns $default.
static fromTable($table, $alias=null)
{}
getLogger()
Returns logger.
addUser(int $user_guid, int $collection_id)
Adds a user to an access collection.
getAccessArray(int $user_guid=0, bool $flush=false)
Returns an array of access IDs a user is permitted to see.
User capabilities service.
Access collections database service.
$id
Generic annotation delete action.
static fromTable($table, $alias=null)
{}
Entity table database service.
$guid
Reset an ElggUpgrade.
getMembers(int $collection_id, array $options=[])
Get members of an access collection.
update($collection_id, array $new_members=[])
Updates the membership in an access collection.