* @link http://elgg.org/
*/
+/**
+ * Temporary class used to determing if access is being ignored
+ */
+class ElggAccess {
+ /**
+ * Bypass Elgg's access control if true.
+ * @var bool
+ */
+ private $ignore_access;
+
+ /**
+ * Get current ignore access setting.
+ * @return bool
+ */
+ public function get_ignore_access() {
+ return $ignore_access;
+ }
+
+ /**
+ * Set ignore access.
+ *
+ * @param $ignore bool true || false to ignore
+ * @return bool Previous setting
+ */
+ public function set_ignore_access($ignore = true) {
+ $prev = $this->ignore_access;
+ $this->ignore_access = $ignore;
+
+ return $prev;
+ }
+}
+
+
/**
* Return a string of access_ids for $user_id appropriate for inserting into an SQL IN clause.
*
}
}
- $is_admin = is_admin_user($user_id);
+ $ignore_access = elgg_is_ignore_access($user_id);
- if ($is_admin == true) {
+ if ($ignore_access == true) {
$tmp_access_array[] = ACCESS_PRIVATE;
}
$owner = -1;
}
- $is_admin = is_admin_user($owner);
+ $ignore_access = elgg_get_ignore_access($owner);
$access = get_access_list($owner);
- if ($is_admin) {
+ if ($ignore_access) {
$sql = " (1 = 1) ";
} else if ($owner != -1) {
$friends_bit = "{$table_prefix}access_id = " . ACCESS_FRIENDS . "
return false;
}
+/**
+ * Set if entity access system should be ignored.
+ *
+ * @return bool Previous ignore_access setting.
+ */
+function elgg_set_ignore_access($ignore = true) {
+ $elgg_access = elgg_get_access_object();
+
+ return $elgg_access->set_ignore_access($ignore);
+}
+
+/**
+ * Get current ignore access setting.
+ *
+ * @return bool
+ */
+function elgg_get_ignore_access() {
+ return elgg_get_access_object()->get_ignore_access();
+}
+
+/**
+ * Decides if the access system is being ignored.
+ *
+ * @return bool
+ */
+function elgg_is_ignore_access($user_guid = null) {
+ if (!$user_guid || $user_guid <= 0) {
+ $is_admin = false;
+ } else {
+ $is_admin = elgg_is_admin_user($user_guid);
+ }
+
+ return ($is_admin || elgg_get_ignore_access());
+}
+
+/**
+ * Returns the ElggAccess object.
+ *
+ * @return ElggAccess
+ */
+function elgg_get_access_object() {
+ static $elgg_access;
+
+ if (!$elgg_access) {
+ $elgg_access = new ElggAccess();
+ }
+
+ return $elgg_access;
+}
+
global $init_finished;
$init_finished = false;
* @param $user_guid
* @return bool
*/
-function is_admin_user($user_guid) {
+function elgg_is_admin_user($user_guid) {
global $CONFIG;
- // cannot use metadata here because
+ // cannot use metadata here because of recursion
+
// caching is done at the db level so no need to here.
- $query = "SELECT * FROM {$CONFIG->dbprefix}users_entity as e, {$CONFIG->dbprefix}metastrings as ms1, {$CONFIG->dbprefix}metastrings as ms2, {$CONFIG->dbprefix}metadata as md
+ $query = "SELECT * FROM {$CONFIG->dbprefix}users_entity as e,
+ {$CONFIG->dbprefix}metastrings as ms1,
+ {$CONFIG->dbprefix}metastrings as ms2,
+ {$CONFIG->dbprefix}metadata as md
WHERE (
- ms1.string = 'admin' AND ms2.string = 'yes'
- AND md.name_id = ms1.id AND md.value_id = ms2.id
- AND e.guid = md.entity_guid
- AND e.guid = {$user_guid}
- AND e.banned = 'no'
+ (
+ (ms1.string = 'admin' AND ms2.string = 'yes')
+ OR (ms1.string = 'admin' AND ms2.string = '1')
)
- OR (
- ms1.string = 'admin' AND ms2.string = '1'
AND md.name_id = ms1.id AND md.value_id = ms2.id
AND e.guid = md.entity_guid
AND e.guid = {$user_guid}
AND e.banned = 'no'
)";
+// OR (
+// ms1.string = 'admin' AND ms2.string = '1'
+// AND md.name_id = ms1.id AND md.value_id = ms2.id
+// AND e.guid = md.entity_guid
+// AND e.guid = {$user_guid}
+// AND e.banned = 'no'
+// )";
+
// normalizing the results from get_data()
// See #1242
reset_login_failure_count($user->guid); // Reset any previous failed login attempts
// Set admin shortcut flag if this is an admin
- if (isadminloggedin()) {
- //@todo REMOVE THIS.
- global $is_admin;
- $is_admin = true;
- }
+// if (isadminloggedin()) {
+// //@todo REMOVE THIS.
+// global $is_admin;
+// $is_admin = true;
+// }
return true;
}
projects / lorea / elgg.git / commitdiff