Skip to:
Content

bbPress.org

Changeset 4180


Ignore:
Timestamp:
08/29/2012 02:52:38 PM (12 years ago)
Author:
johnjamesjacoby
Message:

Capabilities:

  • Remove bbp_masked capability when setting the user role.
  • Do not set a fake role in bbp_global_access_role_mask().
  • Rename variable in bbp_global_access_role_mask() to be more literal.
  • Add note to phpdoc of bbp_global_access_role_mask().
File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/plugin/bbp-includes/bbp-core-caps.php

    r4179 r4180  
    726726        return;
    727727
     728    // Bail if not logged in or already a member of this site
     729    if ( ! is_user_logged_in() || is_user_member_of_blog() )
     730        return;
     731
    728732    // Bail if user is not active
    729733    if ( bbp_is_user_inactive() )
    730734        return;
    731735
    732     // Bail if user is not logged in
    733     if ( !is_user_logged_in() )
     736    // Give the user the default role
     737    if ( ! current_user_can( 'bbp_masked' ) )
    734738        return;
    735739
    736     // Give the user the default role
    737     if ( current_user_can( 'bbp_masked' ) ) {
    738         bbpress()->current_user->set_role( get_option( 'default_role' ) );
    739     }
     740    // Make sure the bbp_masked cap doesn't get saved to the DB
     741    bbpress()->current_user->remove_cap( 'bbp_masked' );
     742
     743    // Set user to default role for blog
     744    bbpress()->current_user->set_role( get_option( 'default_role', 'subscriber' ) );
    740745}
    741746
     
    745750 * This function will bail if the forum is not global in a multisite
    746751 * installation of WordPress, or if the user is marked as spam or deleted.
     752 *
     753 * Note that we do not currently add a capability for the default role of the
     754 * site. This is to prevent unauthorized role-based access, since we have no
     755 * idea what plugins might be doing to that role. This may change in the future,
     756 * so it's best not to rely heavily on this for now.
    747757 *
    748758 * @since bbPress (r3380)
     
    771781        return;
    772782
    773     // Assign user the default role to map caps to
    774     $default_role  = get_option( 'default_role', 'subscriber' );
    775 
    776     // Get bbPress caps for the default role
    777     $caps_for_role = bbp_get_caps_for_role( $default_role );
    778 
    779783    // Set all caps to true
    780     foreach ( $caps_for_role as $cap )
     784    foreach ( bbp_get_caps_for_role() as $cap )
    781785        $default_caps[$cap] = true;
    782786
    783787    // Add 'read' cap just in case
    784     $default_caps['read']       = true;
    785788    $default_caps['bbp_masked'] = true;
    786789
     
    790793    // Assign the role and mapped caps to the current user
    791794    $bbp = bbpress();
    792     $bbp->current_user->roles[0] = $default_role;
    793795    $bbp->current_user->caps     = $default_caps;
    794796    $bbp->current_user->allcaps  = $default_caps;
Note: See TracChangeset for help on using the changeset viewer.