To create an entity you need to have write access. You need to either login to the site for entity creation or ignore the access to save it on behalf of another user. See http://docs.elgg.org/wiki/Access_Controls#Write_access

By default, Elgg's security system enforces four different rules for non-admins:

a. View permissions. You can only see content you have permission to see.

b. Write permissions. You can only change content you own.

c. Owner permissions. You can only create new content owned by you and cannot transfer the ownership of your existing content to anyone else.

d. Container permissions. You can only place content in your own user entity or groups for which you are a member.

This means that if no one is logged in, your plugin can only access public content and cannot change any content or create any new content.

There are three mechanisms in place to over-ride the Elgg security system. Before using these you should consider whether you really need to do so because if these mechanisms are not implemented properly, they can create security holes in your site.

The view permissions can be over-ridden by the elgg_set_ignore_access() function.

The write permissions can be over-ridden by the permissions_check plugin hook.

The owner and container permissions can be over-ridden by the container_permissions_check plugin hook. The name of this hook is a little misleading because it actually covers both owner and container permissions.

Notice that creating new content needs the container_permissions_check hook. The permissions_check hook is needed for editing existing content.

In the case of the FAQ plugin you will certainly need the container_permissions_check hook and you may need the other over-rides as well depending upon whether the content is created as public or whether you want to make changes after the content has been created.

I corrected the container permissions section in my comment above.

The pages plugin implements the permissions_check and container_permissions_check hooks if you want to see how a core plugin does it.

Hi Kevin,

Please have a look in to the below code

start.php ---------

register_plugin_hook('container_permissions_check', 'object','faqcontainer_permissions_check');
// container Access Permissions check for container
function faqcontainer_permissions_check ($hook, $type, $returnval, $params){
    global $CONFIG;
    if(get_context()=='user_faqQns' ) {
       return TRUE;
    }
}

action page --------

require_once(dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/engine/start.php");

global $CONFIG;
action_gatekeeper();

$question = get_input("question");
$guid = get_input("userGuid");    // It is the admin user id
$context = get_context();
set_context('user_faqQns');

if(!empty($question) && !empty($guid)){

$user = get_user($guid);

if(!empty($user)){
$faq = new ElggObject();
$faq->subtype = "faq";

$faq->container_guid = $user->guid;
$faq->owner_guid = $user->guid;

$faq->question = $question;
$faq->userQuestion = true;

if($faq->save()){
//$notify = notify_user($user->guid, $user->site_guid, elgg_echo("faq:ask:new_question:subject"), sprintf(elgg_echo("faq:ask:new_question:message"), $question));
$admins = notifyAdminNewQuestion();
set_context($context);
if(in_array(true, $notify)){
system_message(elgg_echo("faq:ask:new_question:send"));
} else {
register_error(elgg_echo("faq:ask:error:not_send"));
}
} else {
set_context($context);
register_error("faq:ask:error:save");
}
} else {
set_context($context);
register_error("faq:ask:error:no_user");
}
} else {
register_error("faq:ask:error:input");
}
set_context($context);
forward($CONFIG->wwwroot . "mod/faq/faq_questions.php");
?>

Is anything wrong with this?

Because still I got the same exception

Not sure, but you are not setting the access_id.

Try

$faq->access_id = ACCESS_PUBLIC;

before the save.

no use dear..still the same exception ..  :(

Just in case, you could add the same handler to the permissions_check hook although it doesn't look as though it should be needed. Remember that any content you create must have ACCESS_PUBLIC or the save will fail if you are logged-out and are not using elgg_set_ignore_access().

nothing can solve my problem..I dont know how to overcome this issue.