Skip to:
Content

bbPress.org

Changeset 217


Ignore:
Timestamp:
08/12/2005 11:30:40 PM (19 years ago)
Author:
mdawaffe
Message:

And one diff to rule them and in its largeness bind them. First caps interation: Fixes #124. UNSTABLE.

Location:
trunk
Files:
1 deleted
26 edited

Legend:

Unmodified
Added
Removed
  • trunk/bb-admin/admin-header.php

    r210 r217  
    22require('../bb-config.php');
    33
    4 if ( $current_user->user_type < 2 ) {
     4if ( !$current_user ) {
    55    header('Location: ' . bb_get_option('uri') );
    66    exit();
  • trunk/bb-admin/bb-do-counts.php

    r214 r217  
    1 <?php
     1<?php // ?zap_tags=1 to delete tags with 0 tag_count
    22
    33require('../bb-config.php');
    44header('Content-type: text/plain');
    55
    6 if( $current_user->user_type >= 5 ) :
     6if( current_user_can('recount') ) :
    77
    88if ( $topics = $bbdb->get_col("SELECT topic_id, COUNT(post_id) FROM $bbdb->posts WHERE post_status = '0' GROUP BY topic_id") ) :
     
    1919        $bbdb->query("UPDATE $bbdb->topics SET tag_count = '{$counts[$t]}' WHERE topic_id = $i");
    2020    endforeach;
    21     unset($topics, $t, $i, $counts);
     21    $not_tagged = array_diff($bbdb->get_col("SELECT topic_id FROM $bbdb->topics"), $tags);
     22    foreach ( $not_tagged as $i )
     23        $bbdb->query("UPDATE $bbdb->topics SET tag_count = 0 WHERE topic_id = $i");
     24    unset($topics, $t, $i, $counts, $not_tagged);
    2225endif;
    2326
     
    5053        $bbdb->query("UPDATE $bbdb->tags SET tag_count = '{$counts[$t]}' WHERE tag_id = $i");
    5154    endforeach;
    52     unset($tags, $t, $i, $counts);
     55    $not_tagged = array_diff($bbdb->get_col("SELECT tag_id FROM $bbdb->tags"), $tags);
     56    foreach ( $not_tagged as $i )
     57        $bbdb->query("UPDATE $bbdb->tags SET tag_count = 0 WHERE tag_id = $i");
     58    unset($tags, $t, $i, $counts, $not_tagged);
    5359else :
    5460    $bbdb->query("UPDATE $bbdb->tags SET tag_count = 0");
    5561endif;
    5662
     63if ( 1 == $_GET['zap_tags'] )
     64    $bbdb->query("DELETE FROM $bbdb->tags WHERE tag_count = 0")
    5765endif;
    5866
  • trunk/bb-admin/delete-post.php

    r215 r217  
    22require('admin-header.php');
    33
    4 if ( 0 < $current_user->user_type && 'deleted' == $_GET['view'] ) {
     4if ( !current_user_can('edit_posts') {
     5    header('Location: ' . bb_get_option('uri') );
     6    exit();
     7}
     8
     9if ( current_user_can('edit_deleted') && 'deleted' == $_GET['view'] ) {
    510    bb_add_filter('get_topic_where', 'no_where');
    611    bb_add_filter('bb_delete_post', 'topics_replied_on_undelete_post');
     
    1217if ( !$post )
    1318    die('There is a problem with that post, pardner.');
     19
     20if ( $post->poster_id != $current_user->ID && !current_user_can('edit_others_posts') {
     21    header('Location: ' . bb_get_option('uri') );
     22    exit();
     23}
    1424
    1525bb_delete_post( $post_id );
  • trunk/bb-admin/delete-topic.php

    r215 r217  
    22require('admin-header.php');
    33
    4 if ( 0 < $current_user->user_type && 'deleted' == $_GET['view'] ) {
     4if ( !current_user_can('edit_topics') ) {
     5    header('Location: ' . bb_get_option('uri') );
     6    exit();
     7}
     8
     9if ( current_user_can('edit_deleted') && 'deleted' == $_GET['view'] ) {
    510    bb_add_filter('get_topic_where', 'no_where');
    611    bb_add_filter('get_thread_post_ids_where', 'no_where');
     
    1217if ( !$topic )
    1318    die('There is a problem with that topic, pardner.');
     19
     20if ( $topic->poster != $current_user->ID && !current_user_can('edit_others_topics') ) {
     21    header('Location: ' . bb_get_option('uri') );
     22    exit();
     23}
    1424
    1525bb_delete_topic( $topic->topic_id );
  • trunk/bb-admin/rewrite-rules.php

    r91 r217  
    33
    44header('Content-type: text/plain');
     5
     6if ( !current_user_can('manage_options') ) {
     7    header('Location: ' . bb_get_option('uri') );
     8    exit();
     9}
    510
    611?>
  • trunk/bb-admin/sticky.php

    r210 r217  
    11<?php
    22require('admin-header.php');
     3
     4if ( !current_user_can('edit_topics') ) {
     5    header('Location: ' . bb_get_option('uri') );
     6    exit();
     7}
    38
    49$topic_id = (int) $_GET['id'];
     
    712if ( !$topic )
    813    die('There is a problem with that topic, pardner.');
     14
     15if ( $topic->poster != $current_user->ID && !current_user_can('edit_others_topics') ) {
     16    header('Location: ' . bb_get_option('uri') );
     17    exit();
     18}
    919
    1020if ( topic_is_sticky( $topic_id ) )
  • trunk/bb-admin/tag-destroy.php

    r127 r217  
    44nocache_headers();
    55
    6 if ( $current_user->user_type < 2 )
    7     die('You need to be logged in as a developer to destroy a tag.');
     6if ( !current_user_can('manage_tags') )
     7    die('You are not allowed to manage tags.');
    88
    99$tag_id = (int) $_POST['id' ];
  • trunk/bb-admin/tag-merge.php

    r129 r217  
    44nocache_headers();
    55
    6 if ( $current_user->user_type < 2 )
    7     die('You need to be logged in as a developer to merge tags.');
     6if ( !current_user_can('manage_tags') )
     7    die('You are not allowed to manage tags.');
    88
    99$old_id = (int) $_POST['id' ];
  • trunk/bb-admin/tag-rename.php

    r129 r217  
    44nocache_headers();
    55
    6 if ( $current_user->user_type < 2 )
    7     die('You need to be logged in as a developer to rename a tag.');
     6if ( !current_user_can('manage_tags') )
     7    die('You are not allowed to manage tags.');
    88
    99$tag_id = (int) $_POST['id' ];
  • trunk/bb-admin/topic-move.php

    r211 r217  
    11<?php
    22require_once('admin-header.php');
     3
     4if ( !current_user_can('edit_topics') ) {
     5    header('Location: ' . bb_get_option('uri') );
     6    exit();
     7}
    38
    49$topic_id = $_REQUEST['topic_id'];
     
    1419    die('Your topic or forum caused all manner of confusion');
    1520
     21if ( $topic->poster != $current_user_ID && !current_user_can('edit_others_topics') ) {
     22    header('Location: ' . bb_get_option('uri') );
     23    exit();
     24}
     25
    1626bb_move_topic( $topic_id, $forum_id );
    1727
  • trunk/bb-admin/topic-toggle.php

    r210 r217  
    11<?php
    22require('admin-header.php');
     3
     4if ( !current_user_can('edit_topics') ) {
     5    header('Location: ' . bb_get_option('uri') );
     6    exit();
     7}
    38
    49$topic_id = (int) $_GET['id'];
     
    712if ( !$topic )
    813    die('There is a problem with that topic, pardner.');
     14
     15if ( $topic->poster != $current_user->ID && !current_user_can('edit_others_topics') ) {
     16    header('Location: ' . bb_get_option('uri') );
     17    exit();
     18}
    919
    1020if ( topic_is_open( $topic_id ) )
  • trunk/bb-admin/view-ip.php

    r59 r217  
    11<?php
    22require('admin-header.php');
     3
     4if ( !current_user_can('view_by_ip') ) {
     5    header('Location: ' . bb_get_option('uri') );
     6    exit();
     7}
    38
    49$ip = preg_replace('/[^0-9\.]/', '', $_GET['ip']);
  • trunk/bb-edit.php

    r215 r217  
    44nocache_headers();
    55
    6 if ( 0 < $current_user->user_type && 'deleted' == $_GET['view'] ) {
     6if ( current_user_can('edit_deleted') && 'deleted' == $_GET['view'] ) {
    77    bb_add_filter('bb_is_first_where', 'no_where');
    88}
  • trunk/bb-includes/default-filters.php

    r216 r217  
    3131
    3232bb_add_filter('get_user_link', 'bb_fix_link');
    33 bb_add_filter('get_user_type_label', 'bb_label_user_type');
    3433
    3534bb_add_filter('post_time', 'bb_offset_time');
  • trunk/bb-includes/functions.php

    r215 r217  
    399399    $pass = user_sanitize( $_COOKIE[ $bb->passcookie ] );
    400400    $current_user = $bbdb->get_row("SELECT * FROM $bbdb->users WHERE user_login = '$user' AND MD5( user_pass ) = '$pass'");
    401     if ( $current_user->user_status === '0' )
    402         return bb_append_meta( $current_user, 'user' );
    403     elseif ( $current_user && $current_user->user_status % 2 == 0 )
     401    if ( $current_user->user_status === '0' ) {
     402        bb_append_meta( $current_user, 'user' );
     403        return new BB_User($current_user->ID);
     404    } elseif ( $current_user && $current_user->user_status % 2 == 0 )
    404405        bb_append_meta( $current_user, 'user' );
    405406    else
     
    498499function update_user_status( $user_id, $status = 0 ) {
    499500    global $bbdb, $current_user;
    500     $user = bb_get_user( $user_id );
     501    $user = new BB_User( $user_id );
    501502    $status = (int) $status;
    502     if ( $user->ID != $current_user->ID && can_admin( $user->ID ) )
     503    if ( $user->ID != $current_user->ID && current_user_can('edit_users') ) {
    503504        $bbdb->query("UPDATE $bbdb->users SET user_status = $status WHERE ID = $user->ID");
     505        switch ( $status ) :
     506        case 0 :
     507            $user->set_role('member');
     508            break;
     509        case 1 :
     510            $user->set_role('blocked');
     511            break;
     512        case 2 :
     513            $user->set_role('inactive');
     514            break;
     515        endswitch;
     516    }
    504517    return;
    505518}
     
    529542
    530543    $meta_key = preg_replace('|[^a-z0-9_]|i', '', $meta_key);
    531     if ( 'user' == $type && 'user_type' == $meta_key )
    532         $meta_key = $table_prefix . 'user_type';
     544    if ( 'user' == $type && 'capabilities' == $meta_key )
     545        $meta_key = $table_prefix . 'capabilities';
    533546
    534547    $meta_tuple = compact('type_id', 'meta_key', 'meta_value', 'type');
     
    561574        (topic_title, topic_poster, topic_poster_name, topic_last_poster, topic_last_poster_name, topic_start_time, topic_time, forum_id)
    562575        VALUES
    563         ('$title', $current_user->ID, '$current_user->user_login', $current_user->ID, '$current_user->user_login', '$now', '$now', $forum)");
     576        ('$title', $current_user->ID, '$current_user->data->user_login', $current_user->ID, '$current_user->data->user_login', '$now', '$now', $forum)");
    564577        $topic_id = $bbdb->insert_id;
    565578        if ( !empty( $tags ) )
     
    630643    $now   = bb_current_time('mysql');
    631644    $uid   = $current_user->ID;
    632     $uname = $current_user->user_login;
     645    $uname = $current_user->data->user_login;
    633646    $ip    = addslashes( $_SERVER['REMOTE_ADDR'] );
    634647
     
    650663        $post_ids = get_thread_post_ids( $tid );
    651664        if ( !in_array($uid, array_slice($post_ids['poster'], 0, -1)) )
    652             update_usermeta( $uid, $table_prefix . 'topics_replied', $current_user->topics_replied + 1 );
     665            update_usermeta( $uid, $table_prefix . 'topics_replied', $current_user->data->topics_replied + 1 );
    653666        bb_do_action('bb_new_post', $post_id);
    654667        return $post_id;
     
    752765
    753766function bb_update_post( $post, $post_id ) {
    754     global $bbdb, $current_user;
     767    global $bbdb;
    755768    $post  = bb_apply_filters('pre_post', $post);
    756769    $post_id   = (int) $post_id;
     
    798811    global $current_user;
    799812    if ( !$admin_id ) :
    800         if ( $current_user ) : $admin_id = (int) $current_user->ID;
     813        if ( $current_user ) : $admin =& $current_user;
    801814        else : return false;
    802815        endif;
     816    else :
     817        $admin = new BB_User( $admin_id );
    803818    endif;
    804     if ( !$admin = bb_get_user( $admin_id ) )
     819    if ( !$admin )
    805820        return false;
    806821    if ( !$user  = bb_get_user( $user_id  ) )
     
    810825        return true;
    811826
    812     if ( $user->user_type < $admin->user_type && $admin->user_type != 0 )
     827    if ( $admin->has_cap('edit_others_posts') )
    813828        return true;
    814     else
    815         return false;
     829
     830    return false;
    816831}
    817832
     
    819834    global $current_user;
    820835    if ( !$admin_id ) :
    821         if ( $current_user ) : $admin_id = (int) $current_user->ID;
     836        if ( $current_user ) : $admin =& $current_user;
    822837        else : return false;
    823838        endif;
     839    else :
     840        $admin = new BB_User( $admin_id );
    824841    endif;
    825     if ( !$admin = bb_get_user( $admin_id ) )
     842    if ( !$admin )
    826843        return false;
    827844    if ( !$user  = bb_get_user( $user_id  ) )
    828845        return false;
    829846
    830     if ( 5 == $admin->user_type || $admin_id == $user_id )
     847    if ( $admin_id == $user_id )
    831848        return true;
    832849
     850    if ( $admin->has_cap('edit_users') )
     851        return true;
     852
    833853    return false;
    834 }
    835 
    836 function can_delete( $user_id, $admin_id = 0) {
    837     global $bbdb, $current_user;
    838     if ( !$admin_id )
    839         $admin_id = $current_user->ID;
    840     $admin = bb_get_user( $admin_id );
    841     $user  = bb_get_user( $user_id  );
    842 
    843     if ( $user->user_type < $admin->user_type && $admin->user_type != 0 )
    844         return true;
    845     else
    846         return false;
    847854}
    848855
    849856function can_edit_post( $post_id, $user_id = 0 ) {
    850857    global $bbdb, $current_user;
    851     if ( empty($current_user) )
    852         return false;
    853858    if ( !$user_id )
    854         $user_id = $current_user->ID;
    855     $user = bb_get_user( $user_id );
     859        $user =& $current_user;
     860    else
     861        $user = new BB_User( $user_id );
    856862    $post = get_post( $post_id );
    857     $post_author = bb_get_user ( $post->poster_id );
    858 
    859     if ( $user->user_type > 1 )
    860         return true;
    861 
    862     if ( $user->user_type > $post_author->user_type )
    863         return true;
    864    
    865     if ( $user->ID != $post_author->ID )
    866         return false;
    867 
    868     if ( ! topic_is_open( $post->topic_id ) )
    869         return false;
    870 
    871     $post_time  = strtotime( $post->post_time );
    872     $curr_time  = time();
    873     $time_limit = bb_get_option('edit_lock') * 60;
    874     if ( ($curr_time - $post_time) > $time_limit )
    875         return false;
    876     else
    877         return true;
     863    $topic = get_topic( $post->topic_id );
     864
     865    if ( !$user )
     866        return false;
     867
     868    if ( !topic_is_open( $post->topic_id ) )
     869        if ( !$user->has_cap('edit_topics') || ( $topic->poster != $user->ID && !$user->has_cap('edit_others_topics') ) )
     870            return false;
     871
     872    if ( !$user->has_cap('edit_posts') )
     873        return false;
     874
     875    if ( !$user->has_cap('ignore_edit_lock') ) :
     876        $post_time  = strtotime( $post->post_time );
     877        $curr_time  = time();
     878        $time_limit = bb_get_option('edit_lock') * 60;
     879        if ( ($curr_time - $post_time) > $time_limit )
     880            return false;
     881    endif;
     882
     883    if ( $post->poster_id != $user->ID && !$user->has_cap('edit_others_posts') )
     884        return false;
     885
     886    return true;
    878887}
    879888
    880889function can_edit_topic( $topic_id, $user_id = 0 ) {
    881890    global $current_user;
    882     if ( empty($current_user) )
    883         return false;
    884     if ( ! $user_id )
    885         $user_id = $current_user->ID;
    886     $user = bb_get_user( $user_id );
     891    if ( !$user_id )
     892        $user =& $current_user;
     893    else
     894        $user = new BB_User( $user_id );
    887895    $topic = get_topic( $topic_id );
    888     $topic_poster = bb_get_user( $topic->topic_poster );
    889 
    890     if ( $user->user_type > 1)
    891         return true;
    892 
    893     if ( $user->user_type > $topic_poster->user_type )
    894         return true;
    895 
    896     if ( $user->ID != $topic_poster->ID )
    897         return false;
    898    
    899     if ( ! topic_is_open( $topic_id ) )
     896
     897    if ( !$user )
     898        return false;
     899
     900    if ( !$user->has_cap('edit_topics') )
     901        return false;
     902
     903    if ( $topic->poster != $user->ID && $user->has_cap('edit_others_topics') )
    900904        return false;
    901905
     
    985989function add_topic_tag( $topic_id, $tag ) {
    986990    global $bbdb, $current_user;
    987     if ( !topic_is_open($topic_id) && $current_user->user_type < 1 )
     991    $topic_id = (int) $topic_id;
     992    if ( !$topic = get_topic( $topic_id ) )
     993        return false;
     994    if ( !topic_is_open( $topic_id ) )
     995        if ( !current_user_can('edit_topics') || ( $topic->poster != $user->ID && !current_user_can('edit_others_topics') ) )
     996            return false;
     997    if ( !current_user_can('edit_tags') )
    988998        return false;
    989999    if ( !$tag_id = create_tag( $tag ) )
    9901000        return false;
     1001
    9911002    $now    = bb_current_time('mysql');
    9921003    if ( $user_already = $bbdb->get_var("SELECT user_id FROM $bbdb->tagged WHERE tag_id = '$tag_id' AND topic_id='$topic_id'") )
     
    10361047function rename_tag( $tag_id, $tag ) {
    10371048    global $bbdb, $current_user;
    1038     if ( $current_user->user_type < 2 )
     1049    if ( !current_user_can('manage_tags') )
    10391050        return false;
    10401051    $raw_tag = $tag;
     
    10551066function remove_topic_tag( $tag_id, $user_id, $topic_id ) {
    10561067    global $bbdb, $current_user;
     1068    $tag_id = (int) $tag_id;
     1069    $user_id = (int) $user_id;
     1070    $topic_id = (int) $topic_id;
    10571071    $tagged = serialize( array('tag_id' => $tag_id, 'user_id' => $user_id, 'topic_id' => $topic_id) );
    1058 
    1059     $user = bb_get_user($user_id);
    1060 
    1061     if ( $current_user->user_type < 1 && ( !topic_is_open($topic_id) || $current_user->ID != $user_id ) )
    1062         return false;
    1063    
     1072    if ( !$topic = get_topic( $topic_id ) )
     1073        return false;
     1074    if ( !topic_is_open( $post->topic_id ) )
     1075        if ( !current_user_can('edit_topics') || ( $topic->poster != $user->ID && !current_user_can('edit_others_topics') ) )
     1076            return false;
     1077    if ( !current_user_can('edit_tags') )
     1078        return false;
     1079    if ( $user_id != $current_user->ID && !current_user_can('edit_others_tags') )
     1080        return false;
     1081
    10641082    bb_do_action('bb_tag_removed', $tagged);
    10651083
     
    10801098function merge_tags( $old_id, $new_id ) {
    10811099    global $bbdb, $current_user;
    1082     if ( $current_user->user_type < 2)
     1100    if ( !current_user_can('manage_tags') )
    10831101        return false;
    10841102    if ( $old_id == $new_id )
     
    11121130function destroy_tag( $tag_id ) {
    11131131    global $bbdb, $current_user;
    1114     if ( $current_user->user_type < 2 ) // hmm... 1 can remove, but need 2 to destroy?
     1132    if ( current_user_can('manage_tags') )
    11151133        return false;
    11161134
     
    13781396    global $current_user, $user_id, $profile_menu, $profile_hooks;
    13791397    // Menu item name
    1380     // The minimum type the user needs to access the item (-1 to allow non logged in access)
    1381     // What other users can see this users tab
     1398    // The capability required for own user to view the tab ('' to allow non logged in access)
     1399    // The capability required for other users to view the tab ('' to allow non logged in access)
    13821400    // The URL of the item's file
    1383     $profile_menu[0] = array(__('Edit'), 0, 5, 'profile-edit.php');
    1384     $profile_menu[5] = array(__('Favorites'), 0, 2, 'favorites.php');
     1401    $profile_menu[0] = array(__('Edit'), 'edit_profile', 'edit_users', 'profile-edit.php');
     1402    $profile_menu[5] = array(__('Favorites'), 'edit_favorites', 'edit_others_favorites', 'favorites.php');
    13851403
    13861404    // Create list of page plugin hook names the current user can access
     
    13931411}
    13941412
    1395 function add_profile_tab($tab_title, $access_level, $other_level, $file) {
     1413function add_profile_tab($tab_title, $users_cap, $others_cap, $file) {
    13961414    global $profile_menu, $profile_hooks, $current_user, $user_id;
    13971415
    1398     $profile_tab = array($tab_title, $access_level, $other_level, $file);
     1416    $profile_tab = array($tab_title, $users_cap, $others_cap, $file);
    13991417    $profile_menu[] = $profile_tab;
    14001418    if ( can_access_tab( $profile_tab, $current_user->ID, $user_id ) )
     
    14031421
    14041422function can_access_tab( $profile_tab, $viewer_id, $owner_id ) {
     1423    global $current_user;
    14051424    $viewer_id = (int) $viewer_id;
    14061425    $owner_id = (int) $owner_id;
    1407     $viewer = bb_get_user( $viewer_id );
    1408     $owner = bb_get_user( $owner_id );
    1409     // Is your user_type high enough?
    1410     $can_access = ( ( $viewer && $profile_tab[1] <= (int) $viewer->user_type ) || $profile_tab[1] < 0 );
    1411     // But does it let your kind in?
    1412     if ( $viewer_id != $owner_id )
    1413         $can_access = $can_access && ( ( $viewer && $profile_tab[2] <= (int) $viewer->user_type ) || $profile_tab[2] < 0 );
    1414     return $can_access;
     1426    if ( $viewer_id == $current_user->ID )
     1427        $viewer =& $current_user;
     1428    else
     1429        $viewer = new BB_User( $viewer_id );
     1430
     1431    if ( $owner_id == $viewer_id ) {
     1432        if ( '' === $profile_tab[1] )
     1433            return true;
     1434        else
     1435            return $viewer->has_cap($profile_tab[1]);
     1436    } else {
     1437        if ( '' === $profile_tab[2] )
     1438            return true;
     1439        else
     1440            return $viewer->has_cap($profile_tab[2]);
     1441    }
    14151442}
    14161443
     
    14351462    if ( !isset($views) || !$cache )
    14361463        $views = array('no-replies' => __('Topics with no replies'), 'untagged' => __('Topics with no tags'), 'unresolved' => __('Unresolved topics'));
    1437     if ( 0 < $current_user->user_type )
     1464    if ( current_user_can('browse_deleted') )
    14381465        $views['deleted'] = __('Deleted Topics');
    14391466    return bb_apply_filters('bb_views', $views);
  • trunk/bb-includes/registration-functions.php

    r188 r217  
    3131
    3232    if ( defined( 'BB_INSTALLING' ) ) {
    33         update_usermeta( $user_id, $table_prefix . 'user_type', 5 );
     33        update_usermeta( $user_id, $table_prefix . 'capabilities', array('administrator' => true) );
    3434        bb_do_action('bb_new_user', $user_id);
    3535        return $password;
    3636    } else {       
    37         update_usermeta( $user_id, $table_prefix . 'user_type', 0 );
     37        update_usermeta( $user_id, $table_prefix . 'capabilities', array('memeber' => true) );
    3838        bb_send_pass( $user_id, $password );
    3939        bb_do_action('bb_new_user', $user_id);
  • trunk/bb-includes/template-functions.php

    r216 r217  
    1717    $list .= "\n\t<li" . ( ( $self ) ? '' : ' class="current"' ) . '><a href="' . get_user_profile_link( $user_id ) . '">' . __('Profile') . '</a></li>';
    1818    foreach ($profile_menu as $item) {
    19         // 0 = name, 1 = user_type, 2 = others, 3 = file
     19        // 0 = name, 1 = users cap, 2 = others cap, 3 = file
    2020        $class = '';
    2121        if ( $item[3] == $self ) {
     
    2929    if ( $current_user ) :
    3030        $list .= "\n\t<li class='last'><a href='" . bb_get_option('uri') . 'bb-login.php?logout' . "' title='" . __('Log out of this account') . "'>";
    31         $list .=    __('Logout') . ' (' . $current_user->user_login . ')</a></li>';
     31        $list .=    __('Logout') . ' (' . get_user_name( $current_user->ID ) . ')</a></li>';
    3232    else:
    3333        $list .=  "\n\t<li class='last'><a href='" . bb_get_option('uri') . "bb-login.php'>" . __('Login') . '</a></li>';
     
    4040    global $current_user, $bb;
    4141    if ($current_user) {
    42         echo "<p>Welcome, $current_user->user_login! <a href='" . get_user_profile_link( $current_user->ID) . "'>View your profile &raquo;</a>
     42        echo '<p>Welcome, ' . get_user_name( $current_user->ID ) . "! <a href='" . get_user_profile_link( $current_user->ID ) . "'>View your profile &raquo;</a>
    4343        <small>(<a href='" . bb_get_option('uri') . "bb-login.php?logout'>Logout</a>)</small></p>";
    4444    } else {
     
    422422function topic_delete_link() {
    423423    global $current_user, $topic;
    424 
    425     if ( 1 > $current_user->user_type )
    426         return;
     424    if ( !current_user_can('edit_topics') )
     425        return;
     426    if ( $topic->poster != $current_user->ID && !current_user_can('edit_others_topics') )
     427        return;
     428
    427429    if ( 0 == $topic->topic_status )
    428430        echo "<a href='" . bb_get_option('uri') . 'bb-admin/delete-topic.php?id=' . get_topic_id() . "' onclick=\"return confirm('Are you sure you wanna delete that?')\">Delete entire topic</a>";
     
    432434
    433435function topic_close_link() {
    434     global $current_user;
    435     if ( 0 < $current_user->user_type ) {
    436         if ( topic_is_open( get_topic_id() ) )
    437             $text = 'Close topic';
    438         else
    439             $text = 'Open topic';
    440         echo "<a href='" . bb_get_option('uri') . 'bb-admin/topic-toggle.php?id=' . get_topic_id() . "'>$text</a>";
    441     }
     436    global $current_user, $topic;
     437    if ( !current_user_can('edit_topics') )
     438        return;
     439    if ( $topic->poster != $current_user->ID && !current_user_can('edit_others_topics') )
     440        return;
     441
     442    if ( topic_is_open( get_topic_id() ) )
     443        $text = 'Close topic';
     444    else
     445        $text = 'Open topic';
     446    echo "<a href='" . bb_get_option('uri') . 'bb-admin/topic-toggle.php?id=' . get_topic_id() . "'>$text</a>";
    442447}
    443448
    444449function topic_sticky_link() {
    445     global $current_user;
    446     if ( 0 < $current_user->user_type ) {
    447         if ( topic_is_sticky( get_topic_id() ) )
    448             $text = 'Unstick topic';
    449         else
    450             $text = 'Stick topic';
    451         echo "<a href='" . bb_get_option('uri') . 'bb-admin/sticky.php?id=' . get_topic_id() . "'>$text</a>";
    452     }
     450    global $current_user, $topic;
     451    if ( !current_user_can('edit_topics') )
     452        return;
     453    if ( $topic->poster != $current_user->ID && !current_user_can('edit_others_topics') )
     454        return;
     455
     456    if ( topic_is_sticky( get_topic_id() ) )
     457        $text = 'Unstick topic';
     458    else
     459        $text = 'Stick topic';
     460    echo "<a href='" . bb_get_option('uri') . 'bb-admin/sticky.php?id=' . get_topic_id() . "'>$text</a>";
    453461}
    454462
    455463function topic_show_all_link() {
    456464    global $current_user;
    457     if ( 1 > $current_user->user_type )
     465    if ( !current_user_can('browse_deleted') )
    458466        return;
    459467    if ( 'deleted' == $_GET['view'] )
     
    465473function topic_move_dropdown() {
    466474    global $current_user, $forum_id, $topic;
    467     if ( 0 < $current_user->user_type ) :
    468         $forum_id = $topic->forum_id;
    469         echo '<form id="topic-move" method="post" action="' . bb_get_option('uri') . 'bb-admin/topic-move.php"><div>' . "\n\t";
    470         echo '<input type="hidden" name="topic_id" value="' . get_topic_id() . '" />' . "\n\t";
    471         echo '<label for="forum_id">Move this topic to the selected forum: ';
    472         forum_dropdown();
    473         echo "</label>\n\t";
    474         echo "<input type='submit' name='Submit' value='Move' />\n</div></form>";
    475     endif;
     475    if ( !current_user_can('edit_topics') )
     476        return;
     477    if ( $topic->poster != $current_user->ID && !current_user_can('edit_others_topics') )
     478        return;
     479    $forum_id = $topic->forum_id;
     480    echo '<form id="topic-move" method="post" action="' . bb_get_option('uri') . 'bb-admin/topic-move.php"><div>' . "\n\t";
     481    echo '<input type="hidden" name="topic_id" value="' . get_topic_id() . '" />' . "\n\t";
     482    echo '<label for="forum_id">Move this topic to the selected forum: ';
     483    forum_dropdown();
     484    echo "</label>\n\t";
     485    echo "<input type='submit' name='Submit' value='Move' />\n</div></form>";
    476486}
    477487
     
    548558
    549559function post_edit_link() {
    550     global $current_user, $post;
     560    global $post;
    551561
    552562    if ( can_edit_post( $post->post_id ) )
     
    556566function post_delete_link() {
    557567    global $current_user, $post;
    558 
    559     if ( 1 > $current_user->user_type )
    560         return;
     568    if ( !current_user_can('edit_posts') )
     569        return;
     570    if ( $post->poster_id != $current_user->ID && !current_user_can('edit_others_posts') )
     571        return;
     572
    561573    if ( 0 == $post->post_status )
    562574        echo "<a href='" . bb_get_option('uri') . 'bb-admin/delete-post.php?id=' . get_post_id() . "' onclick=\"return confirm('Are you sure you wanna delete that?')\">Delete</a>";
     
    621633}
    622634
    623 function bb_label_user_type( $type ) {
    624     switch ($type) :
    625         case 0 :
    626             return __('Member');
    627             break;
    628         case 1 :
    629             return __('Moderator');
    630             break;
    631         case 2 :
    632             return __('Developer');
    633             break;
    634         case 5 :
    635             return __('Admin');
    636             break;
    637     endswitch;
    638 }
    639 
    640635function get_user_type_label( $type ) {
    641     return bb_apply_filters('get_user_type_label', $type );
     636    global $bb_roles;
     637    if ( $bb_roles->is_role( $type ) )
     638        return $bb_roles->role_names[$type];
    642639}
    643640
     
    647644
    648645function get_user_type ( $id ) {
    649     global $bbdb;
     646    global $bbdb, $current_user;
    650647    $user = bb_get_user( $id );
     648
    651649    if ( $user->user_status == 2 )
    652650        return __('Inactive');
     
    654652        if ( !empty( $user->title ) )
    655653            return $user->title;
    656         return get_user_type_label( $user->user_type );
     654        $caps = array_keys($user->capabilities);
     655        return get_user_type_label( $caps[0] ); //Just support one role for now.
    657656    else :
    658657        return __('Unregistered');
     
    664663}
    665664
     665function get_user_name( $id ) {
     666    $user = bb_get_user( $id );
     667    return $user->user_login;
     668}
     669
    666670function profile_pages() {
    667671    global $user, $page;
     
    672676function topic_tags () {
    673677    global $tags, $tag, $topic_tag_cache, $user_tags, $other_tags, $current_user;
    674     if ( is_array( $tags ) || $current_user )
     678    if ( is_array( $tags ) || current_user_can('edit_tags') )
    675679        include( BBPATH . '/bb-templates/topic-tags.php');
    676680}
     
    730734function tag_form() {
    731735    global $topic, $current_user;
    732     if ( !$current_user || $current_user->user_type < 1 && !topic_is_open($topic->topic_id) )
    733         return false;
    734     else
    735         include( BBPATH . '/bb-templates/tag-form.php');
     736    if ( !current_user_can('edit_tags') )
     737        return false;
     738    if ( !topic_is_open($topic->topic_id) )
     739        if ( !current_user_can('edit_topics') || ( $topic->poster != $current_user->ID && !current_user_can('edit_others_topics') ) )
     740            return false;
     741
     742    include( BBPATH . '/bb-templates/tag-form.php');
    736743}
    737744
    738745function tag_rename_form() {
    739746    global $tag, $current_user;
    740     if ( $current_user->user_type < 2 )
     747    if ( !current_user_can('manage_tags') )
    741748        return false;
    742749    $tag_rename_form  = '<form id="tag-rename" method="post" action="' . bb_get_option('uri') . 'bb-admin/tag-rename.php">' . "\n";
     
    749756function tag_merge_form() {
    750757    global $tag, $current_user;
    751     if ( $current_user->user_type < 2 )
     758    if ( !current_user_can('manage_tags') )
    752759        return false;
    753760    $tag_merge_form  = '<form id="tag-merge" method="post" action="' . bb_get_option('uri') . 'bb-admin/tag-merge.php">' . "\n";
     
    761768function tag_destroy_form() {
    762769    global $tag, $current_user;
    763     if ( $current_user->user_type < 2 )
     770    if ( !current_user_can('manage_tags') )
    764771        return false;
    765772    $tag_destroy_form  = '<form id="tag-destroy" method="post" action="' . bb_get_option('uri') . 'bb-admin/tag-destroy.php">' . "\n";
     
    771778
    772779function tag_remove_link( $tag_id = 0, $user_id = 0, $topic_id = 0 ) {
    773     global $tag, $current_user;
    774     if ( $current_user->user_type < 1 && ( !topic_is_open($tag->topic_id) || $current_user->ID != $tag->user_id ) )
    775         return false;
     780    global $tag, $current_user, $topic;
     781    if ( !current_user_can('edit_tags') )
     782        return false;
     783    if ( !topic_is_open($topic->topic_id) )
     784        if ( !current_user_can('edit_topics') || ( $topic->poster != $current_user->ID && !current_user_can('edit_others_topics') ) )
     785            return false;
     786    if ( $tag->user_id != $current_user->ID && !current_user_can('edit_others_tags') )
     787        return false;
     788
    776789    echo '[<a href="' . bb_get_option('uri') . 'tag-remove.php?tag=' . $tag->tag_id . '&#038;user=' . $tag->user_id . '&#038;topic=' . $tag->topic_id . '" onclick="return confirm(\'Are you sure you want to remove the \\\'' . bb_specialchars( $tag->raw_tag ) . '\\\' tag?\')" title="Remove this tag">x</a>]';
    777790}
     
    832845function user_favorites_link($add = 'Add to Favorites', $rem = 'Remove from Favorites') {
    833846    global $topic, $current_user;
    834     if ( $favs = explode(',', $current_user->favorites) )
     847    if ( $favs = explode(',', $current_user->data->favorites) )
    835848        if ( in_array($topic->topic_id, $favs) ) :
    836849            $favs = array('fav' => '0', 'topic_id' => $topic->topic_id);
  • trunk/bb-settings.php

    r209 r217  
    3939require( BBPATH . 'bb-includes/formatting-functions.php');
    4040require( BBPATH . 'bb-includes/template-functions.php');
     41require( BBPATH . 'bb-includes/capabilities.php');
    4142require( BBPATH . 'bb-includes/default-filters.php');
    4243
     
    5051$bbdb->tagged    = $table_prefix . 'tagged';
    5152
    52 $plugins = glob( BBPATH . 'bb-plugins/*.php');
    53 if ( $plugins ) : foreach ( $plugins as $plugin ) :
    54     require($plugin);
    55 endforeach; endif;
    56 
    5753if ( defined('CUSTOM_USER_TABLE') )
    5854    $bbdb->users = CUSTOM_USER_TABLE;
    5955if ( defined('CUSTOM_USER_META_TABLE') )
    6056    $bbdb->usermeta = CUSTOM_USER_META_TABLE;
    61 
    6257
    6358define('BBHASH', md5($table_prefix) );
     
    7974$_SERVER = bb_global_sanitize($_SERVER);
    8075
     76$plugins = glob( BBPATH . 'bb-plugins/*.php');
     77if ( $plugins ) : foreach ( $plugins as $plugin ) :
     78    require($plugin);
     79endforeach; endif;
     80bb_do_action('bb_plugins_loaded', '');
     81
     82$bb_roles = new BB_Roles();
     83bb_do_action('bb_got_roles', '');
     84
    8185function bb_shutdown_action_hook() {
    8286    bb_do_action('bb_shutdown', '');
  • trunk/bb-templates/profile-edit.php

    r204 r217  
    2626<?php endif; ?>
    2727</fieldset>
    28 
    29 <?php if ( $current_user->user_type >= 5 ) : $required = false; ?>
     28<?php if ( current_user_can('edit_users') ) : $required = false; ?>
    3029<fieldset>
    3130<legend>Administration</legend>
     
    3332<tr>
    3433  <th scope="row">User Type:</th>
    35   <td><select name="user_type">
    36 <?php $t = 0; while ( $t < 6 ) : if ( '' != get_user_type_label($t) ) : ?>
    37        <option value="<?php echo $t; ?>"<?php if ( $t == $user->user_type ) echo ' selected="selected"'; ?>><?php user_type_label($t); ?></option>
    38 <?php endif; $t++; endwhile; ?>
     34  <td><select name="role">
     35<?php foreach( $bb_roles->role_names as $r => $n ) : if ( 'keymaster' != $r || current_user_can('keep_gate') ) : ?>
     36       <option value="<?php echo $r; ?>"<?php if ( array_key_exists($r, $user->capabilities) ) echo ' selected="selected"'; ?>><?php echo $n; ?></option>
     37<?php endif; endforeach; ?>
    3938      </select>
    4039  </td>
     
    6463<?php endif; ?>
    6564<p><sup>**</sup>Deletion attributes all content to Anonymous and cannot be easily undone.  Deactivation maintains proper attribution and can be easily changed.</p>
     65<p>User types Inactive and Blocked have no practical difference at the moment.  Both can log in and view content.</p>
    6666</fieldset>
    6767<?php endif; ?>
  • trunk/edit.php

    r215 r217  
    22require('bb-config.php');
    33
    4 if ( 0 < $current_user->user_type && 'deleted' == $_GET['view'] ) {
     4if ( current_user_can('edit_deleted') && 'deleted' == $_GET['view'] ) {
    55    bb_add_filter('bb_is_first_where', 'no_where');
    66}
  • trunk/favorites.php

    r202 r217  
    1111
    1212    if ( $fav ) {
    13         $fav = $current_user->favorites ? explode(',', $current_user->favorites) : array();
     13        $fav = $current_user->data->favorites ? explode(',', $current_user->data->favorites) : array();
    1414        if ( ! in_array( $topic_id, $fav ) ) {
    1515            $fav[] = $topic_id;
     
    1818        }
    1919    } else {
    20         $fav = explode(',', $current_user->favorites);
     20        $fav = explode(',', $current_user->data->favorites);
    2121        if ( is_int( $pos = array_search($topic_id, $fav) ) ) {
    2222            array_splice($fav, $pos, 1);
  • trunk/index.php

    r213 r217  
    1313bb_do_action( 'bb_index.php', '' );
    1414
     15var_dump($current_user);
     16
    1517if (file_exists( BBPATH . 'my-templates/front-page.php' ))
    1618    require( BBPATH . 'my-templates/front-page.php' );
  • trunk/profile-edit.php

    r205 r217  
    1717
    1818$profile_info_keys = get_profile_info_keys();
    19 if ( $current_user->user_type >= 5 )
     19if ( current_user_can('edit_users') )
    2020    $profile_admin_keys = get_profile_admin_keys();
    2121$updated = false;
     
    3939    endforeach;
    4040
    41     if ( $current_user->user_type >=5 ):
    42         $user_type = bb_specialchars( $_POST['user_type'], 1 );
     41    if ( current_user_can('edit_users') ):
     42        $role = bb_specialchars( $_POST['role'], 1 );
    4343        foreach ( $profile_admin_keys as $key => $label ) :
    4444            $$key = bb_specialchars( $_POST[$key], 1 );
     
    6464        endif;
    6565
    66         if ( $current_user->user_type >= 5 ) :
    67             if ( $user_type != $user->user_type && $user_type < 6 )
    68                 update_usermeta( $user->ID, 'user_type', $user_type );
     66        if ( current_user_can('edit_users') ) :
     67            if ( !in_array($role, $user->capabilities) && array_key_exists($role, $bb_roles->roles) ) {
     68                $user_obj = new BB_User( $user->ID );
     69                $user_obj->set_role($role); // Only support one role for now
     70            }
    6971            if ( $user_status != $user->user_status && $user_status < 3 )
    7072                update_user_status( $user->ID, $user_status );
  • trunk/profile.php

    r198 r217  
    1313
    1414bb_repermalink(); // The magic happens here.
    15 
    1615$user = bb_get_user( $user_id );
    17 
     16var_dump($user);
    1817if ( !$user )
    1918    die('User not found.');
  • trunk/topic.php

    r215 r217  
    44$topic_id = $page = 0;
    55
    6 if ( 0 < $current_user->user_type && 'deleted' == $_GET['view'] ) {
     6if ( current_user_can('browse_deleted') && 'deleted' == $_GET['view'] ) {
    77    bb_add_filter('get_topic_where', 'no_where');
    88    bb_add_filter('get_thread_where', 'no_where');
  • trunk/view.php

    r215 r217  
    2323    break;
    2424case 'deleted' :
    25     if ( 1 > $current_user->user_type )
     25    if ( !current_user_can('browse_deleted') )
    2626        die("Now how'd you get here?  And what did you think you'd being doing?"); //This should never happen.
    2727    bb_add_filter( 'get_latest_topics_where', 'deleted_topics' );
Note: See TracChangeset for help on using the changeset viewer.