Metadata access for other users

Hey,

i'm confronted with a problem which needs an easy solution. So users can create objects which have metadata. These metadata are private. Users can change the access of the objects which have those metadata. So if any other user gets access for an object which has private metadata he can't receive those data. I have thwo workarounds in mind.

1. (obvious but kinda dirty): call elgg_set_ignore_access(true) before i try to get the metadata

2. Change all access_ids for the metadata if the access for the object is changed. 

Is there a simpler way to sync the access_ids of the metadata with the access_id of the object or do i have to pick one of the workarounds from above?

greets!

  • Unless you are saving the metadata's as independent they inherit the access of their parent object.

  • That's what i thought so far but i could receive the object but not the metadata. I tried to call a elgg_set_ignore_access(true) before i wanted to get the metadata and it worked. Am i wrong now?

    greets

  • How are you saving the metadata?

    $entity->metadata_name = $metadata_value

    should work just fine, but if you are using an API function in my experience sometimes there is trouble.

     

  • @rob2109, this is not an appropriate time to use the elgg_set_ignore_access function. I haven't looked into the details, but if I had to guess, the problem is likely that metadata has an owner_guid too, so when the acl is private, it remains private to the original owner, even though the associated entity has had its owner changed.