Out of the box, Elgg 1.1 has three access levels: private, logged-in users, and public.
A few people have asked about how to add a further access level: friends. Currently, the only way to give friends access to an item is to create a friends collection, then specify that collection for the access level. The problem with this approach is that every you add or remove a friend, you need to update your collection manually.
The Elgg development philosophy is not to modify the core files, but instead to write plugins, if you need to modify any of the core functionality. However, in this case, there are no Elgg events that we can hook into, as access level is such a fundamental part of the core. Thus, we are forced to modify a couple of the core files.
Note that this won’t work for MySQL versions prior to 4.1, as they do not support subqueries.
Add line 147 in engine/lib/access.php
:
function get_access_sql_suffix($table_prefix = "")
{
global $CONFIG;
global $ENTITY_SHOW_HIDDEN_OVERRIDE;
Change line 167 in engine/lib/access.php
:
if (empty($sql))
$sql = " ({$table_prefix}access_id in {$access} or ({$table_prefix}access_id = 0 and {$table_prefix}owner_guid = $owner) or ({$table_prefix}access_id = -1 and ({$table_prefix}owner_guid = $owner or {$table_prefix}owner_guid in (select guid_two from {$CONFIG->dbprefix}entity_relationships er where er.guid_one = $owner and er.relationship = 'friend'))))";
Change line 201 to the following:
$tmp_access_array = array(0 => elgg_echo("PRIVATE"), -1 => elgg_echo("FRIENDS"), 1 => elgg_echo("LOGGED_IN"), 2 => elgg_echo("PUBLIC"));
The last change in core is to add line 190 in languages/en.php
:
'PRIVATE' => "Private",
'LOGGED_IN' => "Logged in users",
'PUBLIC' => "Public",
'FRIENDS' => "Friends",
'access' => "Access",
Finally, the pages module needs to respect the new access level, so modify mod/pages/start.php
by adding lines 252-256, and 262-269:
if (($write_permission!=0) && (in_array($write_permission,$list)))
return true;
if ($write_permission == -1) {
$friends = get_friends($params['entity']);
if (in_array($user->guid, $friends))
return true;
}
}
}
}
function get_friends($entity)
{
$friends = array();
$entities = get_entities_from_relationship('friend', $entity->owner_guid, false, 'user', '', 0, '', 1000000);
foreach ($entities as $friend)
$friends[] = $friend->guid;
return $friends;
}
That’s an interesting solution. However, doesn’t this mean that ALL plug-ins would need to be modified to work with Friends access permissions as well?
Gabriel Monge-Franco
http://gabriel.mongefranco.com
http://oakpages.com
Comment by Gabriel Monge-Franco — January 24, 2009 @ 1:13 am
For the modules that come with Elgg out of the box, only the pages module needs to be modified, as it uses a “write” permission that other modules do not use. Read permissions are handled by the modification to the core file access.php.
Comment by admin — January 30, 2009 @ 4:06 pm