capacity4dev · anvmn · Nov 3, 2016 · Nov 3, 2016 · Nov 3, 2016
diff --git a/bin b/bin
diff --git a/project/profiles/capacity4more/behat/features/group_status.feature b/project/profiles/capacity4more/behat/features/group_status.feature
@@ -56,12 +56,6 @@ Feature: Group Status
     And   the "#edit-c4m-og-status-und" element should not contain "pending"
     And   the "#edit-c4m-og-status-und" element should not contain "draft"
 
-  @api
-  Scenario: Check archived group as group owner
-    Given I am logged in as user "alfrednobel"
-    When  I start editing group "Archived group"
-    Then  I should not see an "#edit-c4m-og-status-und" element
-
   @api
   Scenario: Check deleted group as admin
     Given I am logged in as user "mariecurie"
@@ -133,7 +127,7 @@ Feature: Group Status
     Given I am logged in as user "turing"
     When  I visit "Archived group" node of type "group"
     Then  I should not see "Access denied"
-    And   I should be allowed to edit a group "Archived group"
+    And   I should not be allowed to edit a group "Archived group"
 
   @api
   Scenario: Check Deleted group access by group admin

diff --git a/project/profiles/capacity4more/modules/c4m/content/c4m_content/c4m_content.module b/project/profiles/capacity4more/modules/c4m/content/c4m_content/c4m_content.module
@@ -1088,6 +1088,8 @@ function _c4m_content_taxonomy_extract_root_item(&$items) {
  * For OG type 'group', allows access for group members and power users.
  */
 function c4m_content_create_group_content_access() {
+  return;
+
   $item = menu_get_item();
 
   // Making sure the current request is for the node/add form.

diff --git a/project/profiles/capacity4more/modules/c4m/message/c4m_message/c4m_message.module b/project/profiles/capacity4more/modules/c4m/message/c4m_message/c4m_message.module
@@ -487,37 +487,6 @@ function _c4m_message_format_from_field_to_simple_pattern(&$message, $add_team =
       '@mail' => 'capacity4dev@ec.europa.eu',
     )
   );
-
-  _c4m_message_process_email_body($message);
-}
-
-/**
- * Implements hook_theme().
- */
-function c4m_message_theme() {
-
-  $theme['c4m_message_email_body'] = array(
-    'variables' => array(
-      'body' => '',
-    ),
-    'path' => drupal_get_path('theme', 'kapablo') . '/templates',
-    'template' => 'mimemail-message-orig',
-  );
-
-  return $theme;
-}
-
-/**
- * Implements hook_theme().
- */
-function _c4m_message_process_email_body(&$message) {
-  $body = $message['body'][0];
-  $variables = array(
-    'body' => $body,
-  );
-
-  $body[0] = theme('c4m_message_email_body', $variables);
-  $message['body']  = $body;
 }
 
 /**

diff --git a/project/profiles/capacity4more/modules/c4m/og/c4m_og/c4m_og.module b/project/profiles/capacity4more/modules/c4m/og/c4m_og/c4m_og.module
@@ -2216,90 +2216,133 @@ function c4m_og_node_access($node, $op, $account) {
     }
   }
 
+  // When updating wiki page by member, allow access, if 'editable by members'
+  // option is enabled for this page.
   if ($op == 'update' && ($group = c4m_og_get_group_of_content($node)) && $node->type == 'wiki_page') {
-    if (!_c4m_features_og_members_is_power_user($group) && !c4m_content_wiki_page_is_editable_by_members($node)) {
-      return NODE_ACCESS_DENY;
+    if (_c4m_features_og_members_get_user_type($group) == 'member' && c4m_content_wiki_page_is_editable_by_members($node)) {
+      return NODE_ACCESS_ALLOW;
     }
   }
 
-  // Grant access to group content by the same access to the group.
-  if (is_object($node) && og_is_group_content_type('node', $node->type)) {
+  // When $node is string (happens when creating content), it contains the
+  // type of created content.
+  $node_type = is_string($node) ? $node : $node->type;
+
+  // When viewing group content, assigns access to group content to be the
+  // same as access of the group.
+  if ($op == 'view' && is_object($node) && og_is_group_content_type('node', $node->type)) {
+
+    // Group content is saved as draft.
+    if ($node->status == NODE_NOT_PUBLISHED) {
+      return NODE_ACCESS_IGNORE;
+    }
+
+    // Couldn't resolve the group of the content.
+    if (!$group = c4m_og_get_group_of_content($node)) {
+      return NODE_ACCESS_IGNORE;
+    }
+
+    $group_access = node_access($op, $group, $account);
 
-//    // Couldn't resolve the group of the content.
-//    if (!$group = c4m_og_get_group_of_content($node)) {
-//      return NODE_ACCESS_IGNORE;
-//    }
-//
-//    if (c4m_og_get_group_status($group) != 'pending') {
-//      return NODE_ACCESS_IGNORE;
-//    }
-//
-//    $group_access = node_access($group, $op, $account);
-//
-//    return $group_access ? NODE_ACCESS_ALLOW : NODE_ACCESS_DENY;
+    return $group_access ? NODE_ACCESS_ALLOW : NODE_ACCESS_DENY;
   }
 
-  $node_type = is_string($node) ? $node : $node->type;
+  // When viewing group content, assigns access to group content to be the
+  // same as access of the group.
+  if ($op == 'view' && is_object($node) && og_is_group_content_type('node', $node->type)) {
+
+    // Group content is saved as draft.
+    if ($node->status == NODE_NOT_PUBLISHED) {
+      return NODE_ACCESS_IGNORE;
+    }
+
+    // Couldn't resolve the group of the content.
+    if (!$group = c4m_og_get_group_of_content($node)) {
+      return NODE_ACCESS_IGNORE;
+    }
+
+    $group_access = node_access($op, $group, $account);
+
+    return $group_access ? NODE_ACCESS_ALLOW : NODE_ACCESS_DENY;
+  }
 
   // When adding / editing group content, deny access, if current user is not a
   // site admin, group member, owner or admin, or group state does not allow
   // the operation.
   if (in_array($node_type, c4m_og_get_group_content_bundles())) {
+    // Group content is saved as draft.
+    if ($op != 'create' && $node->status == NODE_NOT_PUBLISHED) {
+      return NODE_ACCESS_IGNORE;
+    }
+
     $allowed_user_types = array('member', 'admin', 'owner', 'site-admin');
     $user_type = _c4m_features_og_members_get_user_type();
 
+    // Can't resolve user type - couldn't get OG context to resolve group.
+    if ($user_type == 'unknown') {
+      return NODE_ACCESS_IGNORE;
+    }
+
     if (!in_array($user_type, $allowed_user_types)) {
       return NODE_ACCESS_DENY;
     }
 
     $group = c4m_og_current_group();
     $group_state = c4m_og_get_group_status($group);
-    $group_access = c4m_og_get_access_type($group);
     $allowed_states = array('draft', 'published');
 
-    if ($group_access['type'] == 'restricted') {
-      $allowed_states[] = 'archived';
-    }
+    return in_array($group_state, $allowed_states) ? NODE_ACCESS_ALLOW : NODE_ACCESS_DENY;
+  }
 
-    if (!in_array($group_state, $allowed_states)) {
-      return NODE_ACCESS_DENY;
-    }
+  // Any authenticated user can create any kind of group.
+  if ($op == 'create' && is_string($node) && $node_type == 'group') {
+    return user_is_anonymous() ? NODE_ACCESS_DENY : NODE_ACCESS_ALLOW;
   }
 
-  // Allow access to group, based on group state and user role within the group.
+  // View/Edit group, based on group state and user role within the group.
   if (is_object($node) && og_is_group('node', $node) && $node->type == 'group') {
-    // Allowed states for Public group Viewing.
-    $allowed_states = array(
-      'visitor' => array(),
-      'non-member' => array(),
-      'member' => array('archived', 'published'),
-      'admin' => array('draft', 'archived', 'published'),
-      'owner' => array('pending', 'draft', 'archived', 'published'),
-    );
+    // Allowed states for viewing any kind of  group.
+    if ($op == 'view') {
+      $allowed_states = array(
+        'visitor' => array(),
+        'non-member' => array(),
+        'member' => array('draft', 'archived', 'published'),
+        'admin' => array('draft', 'archived', 'published'),
+        'owner' => array('pending', 'draft', 'archived', 'published'),
+      );
 
-    $group_access = c4m_og_get_access_type($node);
+      $group_access = c4m_og_get_access_type($node);
 
-    if ($group_access['type'] == 'public') {
-      $allowed_states['visitor'] = $allowed_states['non-member'] = array('archived', 'published');
-    }
-    elseif ($group_access['type'] == 'restricted') {
-      // User is not a member, but cas access restricted group.
-      if (c4m_og_user_can_access_restricted_group($node, $account, $op)) {
-        $allowed_states['non-member'][] = 'published';
+      if ($group_access['type'] == 'public') {
+        // Adjustments for allowed states of public group.
+        $allowed_states['visitor'] = $allowed_states['non-member'] = array('archived', 'published');
+      }
+      elseif ($group_access['type'] == 'restricted') {
+        // User is not a member, but can access restricted group.
+        if (c4m_og_user_can_access_restricted_group($node, $account, $op)) {
+          // Adjustments for allowed states of restricted group.
+          $allowed_states['non-member'][] = 'published';
+        }
+      }
+      elseif ($group_access['type'] == 'private') {
+        // Adjustments for allowed states of private group.
       }
-      $allowed_states['member'][] = 'draft';
     }
-    elseif ($group_access['type'] == 'private') {
-      // Adjustments for allowed states of Private group Viewing.
-      $allowed_states['member'][] = 'draft';
+    // Allowed states for editing any kind of  group.
+    elseif ($op == 'update' || $op == 'delete') {
+      $allowed_states = array(
+        'visitor' => array(),
+        'non-member' => array(),
+        'member' => array(),
+        'admin' => array('draft', 'published'),
+        'owner' => array('pending', 'draft', 'published'),
+      );
     }
 
     $user_type = _c4m_features_og_members_get_user_type($node);
     $group_state = c4m_og_get_group_status($node);
 
-    if (!in_array($group_state, $allowed_states[$user_type])) {
-      return NODE_ACCESS_DENY;
-    }
+    return in_array($group_state, $allowed_states[$user_type]) ? NODE_ACCESS_ALLOW : NODE_ACCESS_DENY;
   }
 
   return NODE_ACCESS_IGNORE;
@@ -2486,7 +2529,7 @@ function c4m_og_is_invite_allowed($group_type, $gid) {
 
   // Either 'open' or 'moderated'.
   $group_moderation_state = c4m_og_get_group_membership_request($group);
-  $user_type = _c4m_features_og_members_get_user_type();
+  $user_type = _c4m_features_og_members_get_user_type($group);
   $group_access = c4m_og_get_access_type($group);
 
   // Group members can't invite to private group, or group that is moderated.

diff --git a/...e/modules/c4m/og/c4m_og/plugins/entityreference/selection/C4MOgSelectionHandler.class.php b/...e/modules/c4m/og/c4m_og/plugins/entityreference/selection/C4MOgSelectionHandler.class.php
@@ -149,16 +149,28 @@ public function buildEntityFieldQuery(
       return $query;
     }
 
-    $unallowed_values = array(
-      'pending',
-      'archived',
-      'deleted',
-    );
+    $allowed_user_types = array('member', 'admin', 'owner', 'site-admin');
+    $user_type = _c4m_features_og_members_get_user_type();
+    // If user is not of type that can create the content, falsify the query.
+    if (!in_array($user_type, $allowed_user_types)) {
+      $query->propertyCondition($entity_info['entity keys']['id'], static::FALSE_ID, '=');
+      return $query;
+    }
+
+    $group = c4m_og_current_group();
+    $group_access = c4m_og_get_access_type($group);
+    $allowed_states = array('draft', 'published');
+    // At public groups, it's possible to add content when
+    // group is at 'archived' state.
+    if ($group_access['type'] == 'public') {
+      $allowed_states[] = 'archived';
+    }
+
     $query->fieldCondition(
       'c4m_og_status',
       'value',
-      $unallowed_values,
-      'NOT IN'
+      $allowed_states,
+      'IN'
     );
 
     return $query;