Cannot set "Unrestricted" subgroup content accessibility if "Members of the parent group" subgroup visibility is set

[oseg]

Context:
Core+plugins: elgg v1.12.8 + au_subgroups v2.1.0
Settings: Invisible groups = "yes"

Scenario:

1/ Create a group called "Parent group" with:

• Group membership permissions: "Open"
• Who can see this group?: "Logged in users"
• Accessibility of group content: "Members only"

2/ Create a subgroup of "Parent group" called "Child group":

• Group membership permissions: "Open"
• Who can see this group?: "Members of the parent group"
• Accessibility of group content: "Unrestricted"

=> No error is displayed at subgroup creation. But on "child" subgroup edition, the accessibility of group content is set to "Members only"

=> The only way to set the "Unrestricted" accessibility of subgroup content is to set its visibility to "logged in users" or "public"

[oseg]

After a few investigations, I found out the root cause in the "group" plugin:
In the mod/groups/actions/groups/edit.php file, there is a peace of code managing invisible groups:

// Invisible group support
// @todo this requires save to be called to create the acl for the group. This
// is an odd requirement and should be removed. Either the acl creation happens
// in the action or the visibility moves to a plugin hook
if (elgg_get_plugin_setting('hidden_groups', 'groups') == 'yes') {
    $visibility = (int)get_input('vis');

    if ($visibility == ACCESS_PRIVATE) {
        // Make this group visible only to group members. We need to use
        // ACCESS_PRIVATE on the form and convert it to group_acl here
        // because new groups do not have acl until they have been saved once.
        $visibility = $group->group_acl;

        // Force all new group content to be available only to members
        $group->setContentAccessMode(ElggGroup::CONTENT_ACCESS_MODE_MEMBERS_ONLY);
    }

    $group->access_id = $visibility;
}

In our case, the subgroup $visibility is not equal to ACCESS_PRIVATE but to 'parent_group_acl'.
However because of the (int) cast, 'parent_group_acl' is converted to 0 (ACCESS_PRIVATE)
To workaround/fix this issue the code should be:

if (elgg_get_plugin_setting('hidden_groups', 'groups') == 'yes') {
    $visibility = get_input('vis'); // without (int) cast

    if ($visibility == ACCESS_PRIVATE) { // ACCESS_PRIVATE or any string: for instance 'parent_group_acl'
        // Force all new group content to be available only to members
                if ($visibility === ACCESS_PRIVATE) { // Only for ACCESS_PRIVATE
                    $group->setContentAccessMode(ElggGroup::CONTENT_ACCESS_MODE_MEMBERS_ONLY);
                }

        // Make this group visible only to group members. We need to use
        // ACCESS_PRIVATE on the form and convert it to group_acl here
        // because new groups do not have acl until they have been saved once.
        $visibility = $group->group_acl;
    }

    $group->access_id = $visibility;
}

Another way to workaround the issue in the "au_subgroups" plugin would be to replace the 'parent_group_acl' string value by a numeric value, but it is more intrusive and side effects could happen.