access.php

Go to the documentation of this file.

<?php
function elgg_set_ignore_access($ignore = true) {
    return _elgg_services()->session->setIgnoreAccess($ignore);
}

function elgg_get_ignore_access() {
    return _elgg_services()->session->getIgnoreAccess();
}

function get_access_list($user_guid = 0, $site_guid = 0, $flush = false) {
    return _elgg_services()->accessCollections->getAccessList($user_guid, $site_guid, $flush);
}

function get_access_array($user_guid = 0, $site_guid = 0, $flush = false) {
    return _elgg_services()->accessCollections->getAccessArray($user_guid, $site_guid, $flush);
}

function get_default_access(ElggUser $user = null, array $input_params = array()) {
    global $CONFIG;

    // site default access
    $default_access = $CONFIG->default_access;

    // user default access if enabled
    if ($CONFIG->allow_user_default_access) {
        $user = $user ? $user : _elgg_services()->session->getLoggedInUser();
        if ($user) {
            $user_access = $user->getPrivateSetting('elgg_default_access');
            if ($user_access !== null) {
                $default_access = $user_access;
            }
        }
    }

    $params = array(
        'user' => $user,
        'default_access' => $default_access,
        'input_params' => $input_params,
    );
    return _elgg_services()->hooks->trigger('default', 'access', $params, $default_access);
}

$ENTITY_SHOW_HIDDEN_OVERRIDE = false;

function access_show_hidden_entities($show_hidden) {
    global $ENTITY_SHOW_HIDDEN_OVERRIDE;
    $current_value = $ENTITY_SHOW_HIDDEN_OVERRIDE;
    $ENTITY_SHOW_HIDDEN_OVERRIDE = $show_hidden;
    return $current_value;
}

function access_get_show_hidden_status() {
    global $ENTITY_SHOW_HIDDEN_OVERRIDE;
    return $ENTITY_SHOW_HIDDEN_OVERRIDE;
}

function _elgg_get_access_where_sql(array $options = array()) {
    return _elgg_services()->accessCollections->getWhereSql($options);
}

function has_access_to_entity($entity, $user = null) {
    return _elgg_services()->accessCollections->hasAccessToEntity($entity, $user);
}

function get_write_access_array($user_guid = 0, $site_guid = 0, $flush = false, array $input_params = array()) {
    return _elgg_services()->accessCollections->getWriteAccessArray($user_guid, $site_guid, $flush, $input_params);
}

function can_edit_access_collection($collection_id, $user_guid = null) {
    return _elgg_services()->accessCollections->canEdit($collection_id, $user_guid);
}

function create_access_collection($name, $owner_guid = 0, $site_guid = 0) {
    return _elgg_services()->accessCollections->create($name, $owner_guid, $site_guid);
}

function update_access_collection($collection_id, $members) {
    return _elgg_services()->accessCollections->update($collection_id, $members);
}

function delete_access_collection($collection_id) {
    return _elgg_services()->accessCollections->delete($collection_id);
}

function get_access_collection($collection_id) {
    return _elgg_services()->accessCollections->get($collection_id);
}

function add_user_to_access_collection($user_guid, $collection_id) {
    return _elgg_services()->accessCollections->addUser($user_guid, $collection_id);
}

function remove_user_from_access_collection($user_guid, $collection_id) {
    return _elgg_services()->accessCollections->removeUser($user_guid, $collection_id);
}

function get_user_access_collections($owner_guid, $site_guid = 0) {
    return _elgg_services()->accessCollections->getEntityCollections($owner_guid, $site_guid);
}

function get_members_of_access_collection($collection_id, $guids_only = false) {
    return _elgg_services()->accessCollections->getMembers($collection_id, $guids_only);
}

function elgg_get_entities_from_access_id(array $options = array()) {
    // restrict the resultset to access collection provided
    if (!isset($options['access_id'])) {
        return false;
    }

    // @todo add support for an array of collection_ids
    $where = "e.access_id = '{$options['access_id']}'";
    if (isset($options['wheres'])) {
        if (is_array($options['wheres'])) {
            $options['wheres'][] = $where;
        } else {
            $options['wheres'] = array($options['wheres'], $where);
        }
    } else {
        $options['wheres'] = array($where);
    }

    // return entities with the desired options
    return _elgg_services()->entityTable->getEntities($options);
}

function elgg_list_entities_from_access_id(array $options = array()) {
    return elgg_list_entities($options, 'elgg_get_entities_from_access_id');
}

function get_readable_access_level($entity_access_id) {
    return _elgg_services()->accessCollections->getReadableAccessLevel($entity_access_id);
}

function elgg_check_access_overrides($user_guid = 0) {
    if (!$user_guid || $user_guid <= 0) {
        $is_admin = false;
    } else {
        $is_admin = elgg_is_admin_user($user_guid);
    }

    return ($is_admin || _elgg_services()->session->getIgnoreAccess());
}

$init_finished = false;

function access_init() {
    global $init_finished;
    $init_finished = true;
}

function elgg_override_permissions($hook, $type, $value, $params) {
    $user = elgg_extract('user', $params);
    if ($user) {
        $user_guid = $user->guid;
    } else {
        $user_guid = _elgg_services()->session->getLoggedInUserGuid();
    }

    // don't do this so ignore access still works with no one logged in
    //if (!$user instanceof \ElggUser) {
    //  return false;
    //}

    // check for admin
    if ($user_guid && elgg_is_admin_user($user_guid)) {
        return true;
    }

    // check access overrides
    if (elgg_check_access_overrides($user_guid)) {
        return true;
    }

    // consult other hooks
    return null;
}

function access_test($hook, $type, $value, $params) {
    global $CONFIG;
    $value[] = $CONFIG->path . 'engine/tests/ElggCoreAccessCollectionsTest.php';
    $value[] = $CONFIG->path . 'engine/tests/ElggCoreAccessSQLTest.php';
    return $value;
}

return function(\Elgg\EventsService $events, \Elgg\HooksRegistrationService $hooks) {
    // Tell the access functions the system has booted, plugins are loaded,
    // and the user is logged in so it can start caching
    $events->registerHandler('ready', 'system', 'access_init');

    // For overrided permissions
    $hooks->registerHandler('permissions_check', 'all', 'elgg_override_permissions', 600);
    $hooks->registerHandler('container_permissions_check', 'all', 'elgg_override_permissions', 600);

    $hooks->registerHandler('unit_test', 'system', 'access_test');
};