74 $this->session = $session;
76 $this->redirects = $redirects;
77 $this->entities = $entities;
79 $this->translator = $translator;
88 if ($this->session->isLoggedIn()) {
92 $this->redirects->setLastForwardFrom();
103 if (!$this->session->isLoggedIn()) {
120 $this->assertAuthenticatedUser();
122 $user = $this->session->getLoggedInUser();
123 if (
$user->isAdmin()) {
127 $this->redirects->setLastForwardFrom();
157 'route' => $this->request->get(
'_route'),
179 if (!$this->session->getIgnoreAccess() && !$this->access->hasAccessToEntity($entity,
$user)) {
181 $msg = $this->translator->translate(
'limited_access');
186 'route' => $this->request->get(
'_route'),
191 if (!$entity->
isEnabled() && !$this->session->getDisabledEntityVisibility()) {
197 'route' => $this->request->get(
'_route'),
203 $this->assertAccessibleGroup($entity,
$user);
206 foreach ([
'owner_guid',
'container_guid'] as $prop) {
207 if (!$entity->$prop) {
211 $parent = $this->assertExists($entity->$prop);
212 $this->assertAccessibleEntity($parent,
$user);
221 'route' => $this->request->get(
'_route'),
228 }
else if (
$result ===
false) {
229 throw new HttpException();
247 if (!isset($viewer)) {
248 $viewer = $this->session->getLoggedInUser();
251 if (!$viewer || !$viewer->isAdmin()) {
256 'route' => $this->request->get(
'_route'),
277 $this->assertAuthenticatedUser();
279 $this->redirects->setLastForwardFrom();
285 'route' => $this->request->get(
'_route'),
298 if ($this->request->isXmlHttpRequest()) {
Thrown when the request is not a valid ajax request.
elgg_call(int $flags, Closure $closure)
Calls a callable autowiring the arguments using public DI services and applying logic based on flags...
assertXmlHttpRequest()
Require XmlHttpRequest.
assertAccessibleGroup(ElggGroup $group, ElggUser $user=null)
Validate group content visibility.
$request
Page handler for autocomplete endpoint.
$guid
Removes an admin notice.
assertAccessibleUser(ElggUser $user, ElggUser $viewer=null)
Validate active user account.
assertExists($guid, $type=null, $subtype=null)
Require an entity with a given guid, type and subtype to proceed with code execution.
Thrown when logged in but this isn't allowed.
Thrown when entity can not be found.
assertUnauthenticatedUser()
Require a user to be not authenticated (logged out) to with code execution.
Thrown when the logged in user is not an admin.
assertAccessibleEntity(ElggEntity $entity, ElggUser $user=null)
Require that authenticated user has access to entity.
Handles common tasks when redirecting a request.
const ELGG_IGNORE_ACCESS
elgg_call() flags
const ELGG_SHOW_DISABLED_ENTITIES
assertAuthenticatedAdmin()
Require an admin user to be authenticated to proceed with code execution.
elgg_get_site_url()
Get the URL for the current (or specified) site, ending with "/".
isEnabled()
Is this entity enabled?
Thrown when entity can not be edited or container permissions do not allow it to be written...
assertAuthenticatedUser()
Require a user to be authenticated to with code execution.
Thrown when one of the gatekeepers prevents access.
Thrown when the not logged in.
__construct(ElggSession $session, HttpRequest $request, RedirectService $redirects, EntityTable $entities, AccessCollections $access, Translator $translator)
Constructor.
_elgg_services()
Get the global service provider.
isBanned()
Is this user banned or not?
canAccessContent(ElggUser $user=null)
Check if current user can access group content based on his/her membership status and group's content...
getURL()
Gets the URL for this entity.