Permalink
Browse files

feature(gatekeeper): entity gatekeeper result can now be filtered

"gatekeeper, $entity_type:$entity_subtype" hook can now be used to filter the
resulf of elgg_entity_gatekeeper(). Also adds 4th argument to indicate whether
or not a forward should be issued

Refs #9483
  • Loading branch information...
hypeJunction committed Mar 15, 2016
1 parent c2b2f7f commit 75af2fd54d5e5e2be629b205babc486085e685df
Showing with 31 additions and 7 deletions.
  1. +4 −0 docs/guides/hooks-list.rst
  2. +27 −7 engine/lib/pagehandler.php
@@ -291,6 +291,10 @@ Permission hooks
**get_sql, access**
Filters the SQL clauses used in ``_elgg_get_access_where_sql()``.
**gatekeeper, <entity_type>:<entity_subtype>**
Filters the result of ``elgg_entity_gatekeeper()`` to prevent access to an entity that user would otherwise have access to. A handler should return false to deny access to an entity.
Routing
=======
View
@@ -179,12 +179,14 @@ function group_gatekeeper($forward = true, $page_owner_guid = null) {
* @param int $guid Entity GUID
* @param string $type Optional required entity type
* @param string $subtype Optional required entity subtype
* @return void
* @param bool $forward If set to true (default), will forward the page;
* if set to false, will return true or false.
* @return bool Will return if $forward is set to false.
* @since 1.9.0
*/
function elgg_entity_gatekeeper($guid, $type = null, $subtype = null) {
function elgg_entity_gatekeeper($guid, $type = null, $subtype = null, $forward = true) {
$entity = get_entity($guid);
if (!$entity) {
if (!$entity && $forward) {
if (!elgg_entity_exists($guid)) {
// entity doesn't exist
forward('', '404');
@@ -195,15 +197,33 @@ function elgg_entity_gatekeeper($guid, $type = null, $subtype = null) {
// user is logged in but still does not have access to it
register_error(elgg_echo('limited_access'));
forward();
}
}
} else if (!$entity) {
return false;
}
if ($type) {
if (!elgg_instanceof($entity, $type, $subtype)) {
// entity is of wrong type/subtype
if ($type && !elgg_instanceof($entity, $type, $subtype)) {
// entity is of wrong type/subtype
if ($forward) {
forward('', '404');
} else {
return false;
}
}
$hook_type = "{$entity->getType()}:{$entity->getSubtype()}";
$hook_params = [
'entity' => $entity,
];
if (!elgg_trigger_plugin_hook('gatekeeper', $hook_type, $hook_params, true)) {
if ($forward) {
forward('', '403');
} else {
return false;
}
}
return true;
}
/**

0 comments on commit 75af2fd

Please sign in to comment.