Skip to:
Content

bbPress.org

Changeset 3607


Ignore:
Timestamp:
11/14/2011 03:50:25 AM (10 years ago)
Author:
johnjamesjacoby
Message:

Introduce bbp_template_redirect() and use for checking various edit screens:

  • Introduce bbp_check_forum_edit() to check for forum edit
  • Introduce bbp_check_topic_edit() to check for topic edit
  • Introduce bbp_check_reply_edit() to check for reply edit
  • Introduce bbp_check_topic_tag_edit() to check for topic tag edit
  • Introduce bbp_check_user_edit() to check for user edit
  • Remove these checks from bbp_pre_get_posts() and only use it to setup query vars
  • Fixes #1684, r3605
  • For 2.1 (plugin) branch
Location:
branches/plugin/bbp-includes
Files:
7 edited

Legend:

Unmodified
Added
Removed
  • branches/plugin/bbp-includes/bbp-common-template.php

    r3586 r3607  
    484484    $retval = false;
    485485
    486     if ( !empty( $bbp->displayed_user ) && is_user_logged_in() )
     486    if ( bbp_is_single_user() && is_user_logged_in() )
    487487        $retval = (bool) ( bbp_get_displayed_user_id() == bbp_get_current_user_id() );
    488488
  • branches/plugin/bbp-includes/bbp-core-compatibility.php

    r3601 r3607  
    16851685        if ( !empty( $is_edit ) ) {
    16861686
    1687             // Only allow super admins on multisite to edit every user.
    1688             if ( !is_user_logged_in() || ( is_multisite() && !current_user_can( 'manage_network_users' ) && ( $user->ID != bbp_get_current_user_id() ) && !apply_filters( 'enable_edit_any_user_configuration', true ) ) || !current_user_can( 'edit_user', $user->ID ) ) {
    1689                 wp_die( __( 'You do not have permission to edit this user.', 'bbpress' ) );
    1690             }
    1691 
    16921687            // We are editing a profile
    16931688            $posts_query->bbp_is_single_user_edit = true;
     
    17481743    // Topic/Reply Edit Page
    17491744    } elseif ( !empty( $is_edit ) ) {
    1750 
    1751         // Bail from edit if user is not logged in
    1752         if ( !is_user_logged_in() )
    1753             return;
    17541745
    17551746        // Get the post type from the main query loop
  • branches/plugin/bbp-includes/bbp-core-hooks.php

    r3589 r3607  
    3737add_action( 'generate_rewrite_rules', 'bbp_generate_rewrite_rules', 10 );
    3838add_action( 'wp_enqueue_scripts',     'bbp_enqueue_scripts',        10 );
     39add_action( 'template_redirect',      'bbp_template_redirect',      10 );
    3940add_filter( 'template_include',       'bbp_template_include',       10 );
    4041
     
    228229add_action( 'bbp_activation',   'flush_rewrite_rules' );
    229230add_action( 'bbp_deactivation', 'flush_rewrite_rules' );
     231
     232// Redirect user if needed
     233add_action( 'bbp_template_redirect', 'bbp_check_user_edit',      10 );
     234add_action( 'bbp_template_redirect', 'bbp_check_forum_edit',     10 );
     235add_action( 'bbp_template_redirect', 'bbp_check_topic_edit',     10 );
     236add_action( 'bbp_template_redirect', 'bbp_check_reply_edit',     10 );
     237add_action( 'bbp_template_redirect', 'bbp_check_topic_tag_edit', 10 );
    230238
    231239/**
     
    741749}
    742750
     751/** Theme Permissions *********************************************************/
     752
     753/**
     754 * The main action used for redirecting bbPress theme actions that are not
     755 * permitted by the current_user
     756 *
     757 * @since bbPress (r3605)
     758 *
     759 * @uses do_action()
     760 */
     761function bbp_template_redirect() {
     762    do_action( 'bbp_template_redirect' );
     763}
     764
    743765?>
  • branches/plugin/bbp-includes/bbp-forum-functions.php

    r3589 r3607  
    11471147}
    11481148
     1149/** Permissions ***************************************************************/
     1150
     1151/**
     1152 * Redirect if unathorized user is attempting to edit a forum
     1153 *
     1154 * @since bbPress (r3607)
     1155 *
     1156 * @uses bbp_is_forum_edit()
     1157 * @uses current_user_can()
     1158 * @uses bbp_get_forum_id()
     1159 * @uses wp_safe_redirect()
     1160 * @uses bbp_get_forum_permalink()
     1161 */
     1162function bbp_check_forum_edit() {
     1163
     1164    // Bail if not editing a topic
     1165    if ( !bbp_is_forum_edit() )
     1166        return;
     1167
     1168    // User cannot edit topic, so redirect back to reply
     1169    if ( !current_user_can( 'edit_forum', bbp_get_forum_id() ) ) {
     1170        wp_safe_redirect( bbp_get_forum_permalink() );
     1171        exit();
     1172    }
     1173}
     1174
    11491175?>
  • branches/plugin/bbp-includes/bbp-reply-functions.php

    r3589 r3607  
    14591459}
    14601460
     1461/** Permissions ***************************************************************/
     1462
     1463/**
     1464 * Redirect if unathorized user is attempting to edit a reply
     1465 *
     1466 * @since bbPress (r3605)
     1467 *
     1468 * @uses bbp_is_reply_edit()
     1469 * @uses current_user_can()
     1470 * @uses bbp_get_topic_id()
     1471 * @uses wp_safe_redirect()
     1472 * @uses bbp_get_topic_permalink()
     1473 */
     1474function bbp_check_reply_edit() {
     1475
     1476    // Bail if not editing a topic
     1477    if ( !bbp_is_reply_edit() )
     1478        return;
     1479
     1480    // User cannot edit topic, so redirect back to reply
     1481    if ( !current_user_can( 'edit_reply', bbp_get_reply_id() ) ) {
     1482        wp_safe_redirect( bbp_get_reply_url() );
     1483        exit();
     1484    }
     1485}
     1486
    14611487?>
  • branches/plugin/bbp-includes/bbp-topic-functions.php

    r3589 r3607  
    30573057}
    30583058
     3059/** Permissions ***************************************************************/
     3060
     3061/**
     3062 * Redirect if unathorized user is attempting to edit a topic
     3063 *
     3064 * @since bbPress (r3605)
     3065 *
     3066 * @uses bbp_is_topic_edit()
     3067 * @uses current_user_can()
     3068 * @uses bbp_get_topic_id()
     3069 * @uses wp_safe_redirect()
     3070 * @uses bbp_get_topic_permalink()
     3071 */
     3072function bbp_check_topic_edit() {
     3073
     3074    // Bail if not editing a topic
     3075    if ( !bbp_is_topic_edit() )
     3076        return;
     3077
     3078    // User cannot edit topic, so redirect back to topic
     3079    if ( !current_user_can( 'edit_topic', bbp_get_topic_id() ) ) {
     3080        wp_safe_redirect( bbp_get_topic_permalink() );
     3081        exit();
     3082    }
     3083}
     3084
     3085/**
     3086 * Redirect if unathorized user is attempting to edit a topic tag
     3087 *
     3088 * @since bbPress (r3605)
     3089 *
     3090 * @uses bbp_is_topic_tag_edit()
     3091 * @uses current_user_can()
     3092 * @uses bbp_get_topic_tag_id()
     3093 * @uses wp_safe_redirect()
     3094 * @uses bbp_get_topic_tag_link()
     3095 */
     3096function bbp_check_topic_tag_edit() {
     3097
     3098    // Bail if not editing a topic tag
     3099    if ( !bbp_is_topic_tag_edit() )
     3100        return;
     3101
     3102    // Bail if current user cannot edit topic tags
     3103    if ( !current_user_can( 'edit_topic_tags', bbp_get_topic_tag_id() ) ) {
     3104        wp_safe_redirect( bbp_get_topic_tag_link() );
     3105        exit();
     3106    }
     3107}
     3108
    30593109?>
  • branches/plugin/bbp-includes/bbp-user-functions.php

    r3505 r3607  
    12491249}
    12501250
     1251/** Premissions ***************************************************************/
     1252
     1253/**
     1254 * Redirect if unathorized user is attempting to edit a topic
     1255 *
     1256 * @since bbPress (r3605)
     1257 *
     1258 * @uses bbp_is_topic_edit()
     1259 * @uses current_user_can()
     1260 * @uses bbp_get_topic_id()
     1261 * @uses wp_safe_redirect()
     1262 * @uses bbp_get_topic_permalink()
     1263 */
     1264function bbp_check_user_edit() {
     1265
     1266    // Bail if not editing a topic
     1267    if ( !bbp_is_single_user_edit() )
     1268        return;
     1269
     1270    // Only allow super admins on multisite to edit every user.
     1271    if ( !is_user_logged_in() || ( is_multisite() && !current_user_can( 'manage_network_users' ) && bbp_is_user_home() && !apply_filters( 'enable_edit_any_user_configuration', true ) ) || !current_user_can( 'edit_user', bbp_get_displayed_user_id() ) ) {
     1272        wp_safe_redirect( bbp_get_user_profile_url( bbp_get_displayed_user_id() ) );
     1273        exit();
     1274    }
     1275}
     1276
    12511277?>
Note: See TracChangeset for help on using the changeset viewer.