Skip to:
Content

bbPress.org

Changeset 4244


Ignore:
Timestamp:
10/12/2012 08:02:47 PM (12 years ago)
Author:
johnjamesjacoby
Message:

Capabilities:

  • Separate capabilities into files for their respective components.
  • Add minimum capability to topic views. (Assume no cap is public.)
  • Make bbp_map_meta_caps a subaction, and move it to bbp-core-dependency.php.
  • Introduce component meta map functions in each -caps.php file.
  • Update bbp_current_user_can_see() to use capabilities instead of being a boolean switch.
  • Working towards removing the need to add/remove caps to existing roles, allowing them to be strictly per user as needed.
Location:
trunk
Files:
4 added
6 edited

Legend:

Unmodified
Added
Removed
  • trunk/bbp-admin/bbp-admin.php

    r4198 r4244  
    127127        add_filter( 'plugin_action_links', array( $this, 'modify_plugin_action_links' ), 10, 2 );
    128128
     129        // Map settings capabilities
     130        add_filter( 'bbp_map_meta_caps',   array( $this, 'map_settings_meta_caps' ), 10, 4 );
     131
    129132        /** Network Admin *****************************************************/
    130133
     
    152155
    153156        // These are later removed in admin_head
    154         if ( bbp_current_user_can_see( 'bbp_tools_page' ) ) {
    155             if ( bbp_current_user_can_see( 'bbp_tools_repair_page' ) ) {
     157        if ( current_user_can( 'bbp_tools_page' ) ) {
     158            if ( current_user_can( 'bbp_tools_repair_page' ) ) {
    156159                $hooks[] = add_management_page(
    157160                    __( 'Repair Forums', 'bbpress' ),
     
    163166            }
    164167
    165             if ( bbp_current_user_can_see( 'bbp_tools_import_page' ) ) {
     168            if ( current_user_can( 'bbp_tools_import_page' ) ) {
    166169                $hooks[] = add_management_page(
    167170                    __( 'Import Forums', 'bbpress' ),
     
    173176            }
    174177
    175             if ( bbp_current_user_can_see( 'bbp_tools_reset_page' ) ) {
     178            if ( current_user_can( 'bbp_tools_reset_page' ) ) {
    176179                $hooks[] = add_management_page(
    177180                    __( 'Reset Forums', 'bbpress' ),
     
    199202
    200203        // Are settings enabled?
    201         if ( bbp_current_user_can_see( 'bbp_settings_page' ) ) {
     204        if ( current_user_can( 'bbp_settings_page' ) ) {
    202205            add_options_page(
    203206                __( 'Forums',  'bbpress' ),
     
    210213
    211214        // These are later removed in admin_head
    212         if ( bbp_current_user_can_see( 'bbp_about_page' ) ) {
     215        if ( current_user_can( 'bbp_about_page' ) ) {
    213216
    214217            // About
     
    300303
    301304            // Only proceed if current user can see this section
    302             if ( ! bbp_current_user_can_see( $section_id ) )
     305            if ( ! current_user_can( $section_id ) )
    303306                continue;
    304307
     
    320323            }
    321324        }
     325    }
     326
     327    /**
     328     * Maps settings capabilities
     329     *
     330     * @since bbPress (r4242)
     331     *
     332     * @param array $caps Capabilities for meta capability
     333     * @param string $cap Capability name
     334     * @param int $user_id User id
     335     * @param mixed $args Arguments
     336     * @uses get_post() To get the post
     337     * @uses get_post_type_object() To get the post type object
     338     * @uses apply_filters() Calls 'bbp_map_meta_caps' with caps, cap, user id and
     339     *                        args
     340     * @return array Actual capabilities for meta capability
     341     */
     342    public static function map_settings_meta_caps( $caps, $cap, $user_id, $args ) {
     343
     344        // What capability is being checked?
     345        switch ( $cap ) {
     346
     347            // BuddyPress
     348            case 'bbp_settings_buddypress' :
     349                if ( ( is_plugin_active( 'buddypress/bp-loader.php' ) && defined( 'BP_VERSION' ) ) && is_super_admin() ) {
     350                    $caps = array( 'manage_options', $cap );
     351                } else {
     352                    $caps = array( 'do_not_allow' );
     353                }
     354
     355                break;
     356
     357            // Akismet
     358            case 'bbp_settings_akismet' :
     359                if ( ( is_plugin_active( 'akismet/akismet.php' ) && defined( 'AKISMET_VERSION' ) ) && is_super_admin() ) {
     360                    $caps = array( 'manage_options', $cap );
     361                } else {
     362                    $caps = array( 'do_not_allow' );
     363                }
     364
     365                break;
     366
     367            // bbPress
     368            case 'bbp_tools_page'            : // Tools Page
     369            case 'bbp_tools_repair_page'     : // Tools - Repair Page
     370            case 'bbp_tools_import_page'     : // Tools - Import Page
     371            case 'bbp_tools_reset_page'      : // Tools - Reset Page
     372            case 'bbp_settings_page'         : // Settings Page
     373            case 'bbp_settings_main'         : // Settings - General
     374            case 'bbp_settings_theme_compat' : // Settings - Theme compat
     375            case 'bbp_settings_root_slugs'   : // Settings - Root slugs
     376            case 'bbp_settings_single_slugs' : // Settings - Single slugs
     377            case 'bbp_settings_per_page'     : // Settings - Single slugs
     378            case 'bbp_settings_per_page_rss' : // Settings - Single slugs
     379                $caps = array( 'manage_options', bbpress()->admin->minimum_capability );
     380                break;
     381        }
     382
     383        return apply_filters( 'bbp_map_settings_meta_caps', $caps, $cap, $user_id, $args );
    322384    }
    323385
  • trunk/bbp-includes/bbp-core-caps.php

    r4236 r4244  
    33/**
    44 * bbPress Capabilites
     5 *
     6 * The functions in this file are used primarily as convenient wrappers for
     7 * capability output in user profiles. This includes mapping capabilities and
     8 * groups to human readable strings,
    59 *
    610 * @package bbPress
     
    1115if ( !defined( 'ABSPATH' ) ) exit;
    1216
    13 /**
    14  * Adds capabilities to WordPress user roles.
    15  *
    16  * @since bbPress (r2608)
    17  */
    18 function bbp_add_caps() {
    19     global $wp_roles;
    20 
    21     // Load roles if not set
    22     if ( ! isset( $wp_roles ) )
    23         $wp_roles = new WP_Roles();
    24 
    25     // Loop through available roles and add caps
    26     foreach( $wp_roles->role_objects as $role ) {
    27         foreach ( bbp_get_caps_for_role( $role->name ) as $cap ) {
    28             $role->add_cap( $cap );
    29         }
    30     }
    31 
    32     do_action( 'bbp_add_caps' );
    33 }
    34 
    35 /**
    36  * Removes capabilities from WordPress user roles.
    37  *
    38  * @since bbPress (r2608)
    39  */
    40 function bbp_remove_caps() {
    41     global $wp_roles;
    42 
    43     // Load roles if not set
    44     if ( ! isset( $wp_roles ) )
    45         $wp_roles = new WP_Roles();
    46 
    47     // Loop through available roles and remove caps
    48     foreach( $wp_roles->role_objects as $role ) {
    49         foreach ( bbp_get_caps_for_role( $role->name ) as $cap ) {
    50             $role->remove_cap( $cap );
    51         }
    52     }
    53 
    54     do_action( 'bbp_remove_caps' );
    55 }
    56 
    57 /**
    58  * Get the capability groups
     17/** Output ********************************************************************/
     18
     19/**
     20 * Return the capability groups
    5921 *
    6022 * @since bbPress (r4163)
     
    6426function bbp_get_capability_groups() {
    6527    return apply_filters( 'bbp_get_capability_groups', array(
    66         'general',
     28        'primary',
    6729        'forums',
    6830        'topics',
     
    7335
    7436/**
    75  * Get capabilities for the group
     37 * Return capabilities for the group
    7638 *
    7739 * @since bbPress (r4163)
     
    8244function bbp_get_capabilities_for_group( $group = '' ) {
    8345    switch ( $group ) {
    84         case 'general'    :
    85             return bbp_get_general_capabilities();
     46        case 'primary'    :
     47            return bbp_get_primary_capabilities();
    8648            break;
    8749        case 'forums'     :
     
    10264    }
    10365}
    104 
    105 /**
    106  * Get the general forum capabilities
    107  *
    108  * @since bbPress (r4163)
    109  *
    110  * @return array of general capabilities
    111  */
    112 function bbp_get_general_capabilities() {
    113     return apply_filters( 'bbp_get_general_capabilities', array(
    114         'participate',
    115         'moderate',
    116         'throttle',
    117         'view_trash'
    118     ) );
    119 }
    120 
    121 /**
    122  * Get the forum post-type capabilities
    123  *
    124  * @since bbPress (r4163)
    125  *
    126  * @return array of forums capabilities
    127  */
    128 function bbp_get_forums_capabilities() {
    129     return apply_filters( 'bbp_get_forums_capabilities', array(
    130         'publish_forums',
    131         'edit_forums',
    132         'edit_others_forums',
    133         'delete_forums',
    134         'delete_others_forums',
    135         'read_private_forums',
    136         'read_hidden_forums'
    137     ) );
    138 }
    139 
    140 /**
    141  * Get the topic post-type capabilities
    142  *
    143  * @since bbPress (r4163)
    144  *
    145  * @return array of topics capabilities
    146  */
    147 function bbp_get_topics_capabilities() {
    148     return apply_filters( 'bbp_get_topics_capabilities', array(
    149         'publish_topics',
    150         'edit_topics',
    151         'edit_others_topics',
    152         'delete_topics',
    153         'delete_others_topics',
    154         'read_private_topics'
    155     ) );
    156 }
    157 
    158 /**
    159  * Get the topic-tag taxonomy capabilities
    160  *
    161  * @since bbPress (r4163)
    162  *
    163  * @return array of topic-tag capabilities
    164  */
    165 function bbp_get_topic_tags_capabilities() {
    166     return apply_filters( 'bbp_get_topic_tags_capabilities', array(
    167         'manage_topic_tags',
    168         'edit_topic_tags',
    169         'delete_topic_tags',
    170         'assign_topic_tags'
    171     ) );
    172 }
    173 
    174 /**
    175  * Get the reply post-type capabilities
    176  *
    177  * @since bbPress (r4163)
    178  *
    179  * @return array of replies capabilities
    180  */
    181 function bbp_get_replies_capabilities() {
    182     return apply_filters( 'bbp_get_replies_capabilities', array(
    183         'publish_replies',
    184         'edit_replies',
    185         'edit_others_replies',
    186         'delete_replies',
    187         'delete_others_replies',
    188         'read_private_replies'
    189     ) );
    190 }
    191 
    192 /** Output ********************************************************************/
    19366
    19467/**
     
    21790
    21891        switch( $group ) {
    219             case 'general' :
    220                 $retval = __( 'General capabilities', 'bbpress' );
     92            case 'primary' :
     93                $retval = __( 'Primary capabilities', 'bbpress' );
    22194                break;
    22295            case 'forums' :
     
    400273    }
    401274
    402 /**
    403  * Maps forum/topic/reply caps to built in WordPress caps
    404  *
    405  * @since bbPress (r2593)
    406  *
    407  * @param array $caps Capabilities for meta capability
    408  * @param string $cap Capability name
    409  * @param int $user_id User id
    410  * @param mixed $args Arguments
    411  * @uses get_post() To get the post
    412  * @uses get_post_type_object() To get the post type object
    413  * @uses apply_filters() Calls 'bbp_map_meta_caps' with caps, cap, user id and
    414  *                        args
    415  * @return array Actual capabilities for meta capability
    416  */
    417 function bbp_map_meta_caps( $caps, $cap, $user_id, $args ) {
    418 
    419     // What capability is being checked?
    420     switch ( $cap ) {
    421 
    422         /** General ***********************************************************/
    423 
    424         /**
    425          * The 'participate' capability is similar to WordPress's 'read' cap,
    426          * in that it is the minimum required cap to perform any other bbPress
    427          * related thing.
    428          */
    429         case 'participate' :
    430 
    431             // Inactive users cannot participate
    432             if ( bbp_is_user_inactive( $user_id ) ) {
    433                 $caps = array( 'do_not_allow' );
    434 
    435             // Moderators are always participants
    436             } elseif ( user_can( $user_id, 'moderate' ) ) {
    437                 $caps = array( $cap );
    438 
    439             // Map to read
    440             } else {
    441                 $caps = array( 'read' );
    442             }
    443 
    444             break;
    445            
    446         case 'moderate' :
    447 
    448             // All admins are administrators
    449             if ( user_can( $user_id, 'administrator' ) ) {
    450                 $caps = array( 'read' );
    451             }
    452             break;
    453 
    454         /** Reading ***********************************************************/
    455 
    456         case 'read_private_forums' :
    457         case 'read_hidden_forums'  :
    458 
    459             // Non-participants cannot never read private/hidden forums
    460             if ( ! user_can( $user_id, 'participate' ) ) {
    461                 $caps = array( 'do_not_allow' );
    462 
    463             // Moderators can always read private/hidden forums
    464             } elseif ( user_can( $user_id, 'moderate' ) ) {
    465                 $caps = array( $cap );
    466             }
    467 
    468             break;
    469 
    470         case 'read_forum' :
    471         case 'read_topic' :
    472         case 'read_reply' :
    473 
    474             // User cannot participate
    475             if ( ! user_can( $user_id, 'participate' ) ) {
    476                 $caps = array( 'do_not_allow' );
    477 
    478             // Do some post ID based logic
    479             } else {
    480            
    481                 // Get the post
    482                 $_post = get_post( $args[0] );
    483                 if ( !empty( $_post ) ) {
    484 
    485                     // Get caps for post type object
    486                     $post_type = get_post_type_object( $_post->post_type );
    487 
    488                     // Post is public
    489                     if ( bbp_get_public_status_id() == $_post->post_status ) {
    490                         $caps = array( 'particpate' );
    491 
    492                     // User is author so allow read
    493                     } elseif ( (int) $user_id == (int) $_post->post_author ) {
    494                         $caps = array( 'participate' );
    495 
    496                     // Unknown so map to private posts
    497                     } else {
    498                         $caps = array( $post_type->cap->read_private_forums );
    499                     }
    500                 }
    501             }
    502 
    503             break;
    504 
    505         /** Publishing ********************************************************/
    506 
    507         case 'publish_forums'  :
    508         case 'publish_topics'  :
    509         case 'publish_replies' :
    510 
    511             // Non participants cannot participate
    512             if ( ! user_can( $user_id, 'participate' ) ) {
    513                 $caps = array( 'do_not_allow' );
    514 
    515             // Moderators can always edit
    516             } elseif ( user_can( $user_id, 'moderate' ) ) {
    517                 $caps = array( $cap );
    518             }
    519 
    520             break;
    521 
    522         /** Editing ***********************************************************/
    523 
    524         // Used primarily in wp-admin
    525         case 'edit_forums'         :
    526         case 'edit_topics'         :
    527         case 'edit_replies'        :
    528         case 'edit_others_topics'  :
    529         case 'edit_others_replies' :
    530 
    531             // Moderators can always edit
    532             if ( ! user_can( $user_id, 'participate' ) ) {
    533                 $caps = array( 'do_not_allow' );
    534 
    535             // Moderators can always edit forum content
    536             } elseif ( user_can( $user_id, 'moderate' ) ) {
    537                 $caps = array( $cap );
    538             }
    539 
    540             break;
    541 
    542         // Used everywhere
    543         case 'edit_forum' :
    544         case 'edit_topic' :
    545         case 'edit_reply' :
    546 
    547             // Get the post
    548             $_post = get_post( $args[0] );
    549             if ( !empty( $_post ) ) {
    550 
    551                 // Get caps for post type object
    552                 $post_type = get_post_type_object( $_post->post_type );
    553                 $caps      = array();
    554 
    555                 // Add 'do_not_allow' cap if user is spam or deleted
    556                 if ( bbp_is_user_inactive( $user_id ) ) {
    557                     $caps[] = 'do_not_allow';
    558 
    559                 // User is author so allow edit
    560                 } elseif ( (int) $user_id == (int) $_post->post_author ) {
    561                     $caps[] = $post_type->cap->edit_posts;
    562 
    563                 // Unknown, so map to edit_others_posts
    564                 } else {
    565                     $caps[] = $post_type->cap->edit_others_posts;
    566                 }
    567             }
    568 
    569             break;
    570 
    571         /** Deleting **********************************************************/
    572 
    573         // Allow forum authors to delete forums (for BuddyPress groups, etc)
    574         case 'delete_forum' :
    575 
    576             // Get the post
    577             $_post = get_post( $args[0] );
    578             if ( !empty( $_post ) ) {
    579 
    580                 // Get caps for post type object
    581                 $post_type = get_post_type_object( $_post->post_type );
    582                 $caps      = array();
    583 
    584                 // Add 'do_not_allow' cap if user is spam or deleted
    585                 if ( bbp_is_user_inactive( $user_id ) ) {
    586                     $caps[] = 'do_not_allow';
    587 
    588                 // User is author so allow to delete
    589                 } elseif ( (int) $user_id == (int) $_post->post_author ) {
    590                     $caps[] = $post_type->cap->delete_posts;
    591 
    592                 // Unknown so map to delete_others_posts
    593                 } else {
    594                     $caps[] = $post_type->cap->delete_others_posts;
    595                 }
    596             }
    597 
    598             break;
    599 
    600         case 'delete_topic' :
    601         case 'delete_reply' :
    602 
    603             // Get the post
    604             $_post = get_post( $args[0] );
    605             if ( !empty( $_post ) ) {
    606 
    607                 // Get caps for post type object
    608                 $post_type = get_post_type_object( $_post->post_type );
    609                 $caps      = array();
    610 
    611                 // Add 'do_not_allow' cap if user is spam or deleted
    612                 if ( bbp_is_user_inactive( $user_id ) ) {
    613                     $caps[] = 'do_not_allow';
    614 
    615                 // Moderators can always edit forum content
    616                 } elseif ( user_can( $user_id, 'moderate' ) ) {
    617                     $caps[] = 'participate';
    618 
    619                 // Unknown so map to delete_others_posts
    620                 } else {
    621                     $caps[] = $post_type->cap->delete_others_posts;
    622                 }
    623             }
    624 
    625             break;
    626            
    627         // Moderation override
    628         case 'delete_topics'         :
    629         case 'delete_replies'        :
    630         case 'delete_others_topics'  :
    631         case 'delete_others_replies' :
    632 
    633             // Moderators can always edit
    634             if ( ! user_can( $user_id, 'participate' ) ) {
    635                 $caps = array( 'do_not_allow' );
    636 
    637             // Moderators can always edit forum content
    638             } elseif ( user_can( $user_id, 'moderate' ) ) {
    639                 $caps = array( $cap );
    640             }
    641 
    642             break;
    643            
    644         /** Topic Tags ********************************************************/
    645 
    646         case 'manage_topic_tags' :
    647         case 'edit_topic_tags'   :
    648         case 'delete_topic_tags' :
    649         case 'assign_topic_tags' :
    650 
    651             // Moderators can always edit
    652             if ( ! user_can( $user_id, 'participate' ) ) {
    653                 $caps = array( 'do_not_allow' );
    654 
    655             // Moderators can always edit forum content
    656             } elseif ( user_can( $user_id, 'moderate' ) ) {
    657                 $caps = array( $cap );
    658             }
    659 
    660             break;
    661     }
    662 
    663     return apply_filters( 'bbp_map_meta_caps', $caps, $cap, $user_id, $args );
    664 }
    665 
    666 /** Post Types and Taxonomies *************************************************/
    667 
    668 /**
    669  * Return forum capabilities
    670  *
    671  * @since bbPress (r2593)
    672  *
    673  * @uses apply_filters() Calls 'bbp_get_forum_caps' with the capabilities
    674  * @return array Forum capabilities
    675  */
    676 function bbp_get_forum_caps() {
    677     return apply_filters( 'bbp_get_forum_caps', array (
    678         'edit_posts'          => 'edit_forums',
    679         'edit_others_posts'   => 'edit_others_forums',
    680         'publish_posts'       => 'publish_forums',
    681         'read_private_posts'  => 'read_private_forums',
    682         'read_hidden_posts'   => 'read_hidden_forums',
    683         'delete_posts'        => 'delete_forums',
    684         'delete_others_posts' => 'delete_others_forums'
    685     ) );
    686 }
    687 
    688 /**
    689  * Return topic capabilities
    690  *
    691  * @since bbPress (r2593)
    692  *
    693  * @uses apply_filters() Calls 'bbp_get_topic_caps' with the capabilities
    694  * @return array Topic capabilities
    695  */
    696 function bbp_get_topic_caps() {
    697     return apply_filters( 'bbp_get_topic_caps', array (
    698         'edit_posts'          => 'edit_topics',
    699         'edit_others_posts'   => 'edit_others_topics',
    700         'publish_posts'       => 'publish_topics',
    701         'read_private_posts'  => 'read_private_topics',
    702         'read_hidden_posts'   => 'read_hidden_topics',
    703         'delete_posts'        => 'delete_topics',
    704         'delete_others_posts' => 'delete_others_topics'
    705     ) );
    706 }
    707 
    708 /**
    709  * Return reply capabilities
    710  *
    711  * @since bbPress (r2593)
    712  *
    713  * @uses apply_filters() Calls 'bbp_get_reply_caps' with the capabilities
    714  * @return array Reply capabilities
    715  */
    716 function bbp_get_reply_caps() {
    717     return apply_filters( 'bbp_get_reply_caps', array (
    718         'edit_posts'          => 'edit_replies',
    719         'edit_others_posts'   => 'edit_others_replies',
    720         'publish_posts'       => 'publish_replies',
    721         'read_private_posts'  => 'read_private_replies',
    722         'delete_posts'        => 'delete_replies',
    723         'delete_others_posts' => 'delete_others_replies'
    724     ) );
    725 }
    726 
    727 /**
    728  * Return topic tag capabilities
    729  *
    730  * @since bbPress (r2593)
    731  *
    732  * @uses apply_filters() Calls 'bbp_get_topic_tag_caps' with the capabilities
    733  * @return array Topic tag capabilities
    734  */
    735 function bbp_get_topic_tag_caps() {
    736     return apply_filters( 'bbp_get_topic_tag_caps', array (
    737         'manage_terms' => 'manage_topic_tags',
    738         'edit_terms'   => 'edit_topic_tags',
    739         'delete_terms' => 'delete_topic_tags',
    740         'assign_terms' => 'assign_topic_tags'
    741     ) );
    742 }
    743 
    744 /** Roles *********************************************************************/
     275/** Mapping *******************************************************************/
    745276
    746277/**
     
    748279 *
    749280 * @since bbPress (r2994)
     281 *
     282 * @todo Map all of these and deprecate
    750283 *
    751284 * @param string $role Optional. Defaults to The role to load caps for
     
    763296            $caps = array(
    764297
    765                 // General caps
     298                // Primary caps
    766299                'participate',
    767300                'moderate',
     
    804337
    805338        // Any other role
    806         case 'editor'      :
    807         case 'author'      :
    808         case 'contributor' :
    809         case 'subscriber'  :
    810         default            :
     339        default :
    811340            $caps = array(
    812341
    813                 // General caps
     342                // Primary caps
    814343                'participate',
    815344
     
    836365
    837366/**
    838  * Remove all bbPress capabilities for a given user
    839  *
    840  * @since bbPress (r4221)
    841  *
    842  * @param int $user_id
    843  * @return boolean True on success, false on failure
    844  */
    845 function bbp_remove_user_caps( $user_id = 0 ) {
    846 
    847     // Bail if no user was passed
    848     if ( empty( $user_id ) )
    849         return false;
    850 
    851     // Load up the user
    852     $user = new WP_User( $user_id );
    853 
    854     // Remove all caps
    855     foreach ( bbp_get_capability_groups() as $group )
    856         foreach ( bbp_get_capabilities_for_group( $group ) as $capability )
    857             $user->remove_cap( $capability );
    858 
    859     // Success
    860     return true;
    861 }
    862 
    863 /**
    864  * Remove all bbPress capabilities for a given user
    865  *
    866  * @since bbPress (r4221)
    867  *
    868  * @param int $user_id
    869  * @return boolean True on success, false on failure
    870  */
    871 function bbp_reset_user_caps( $user_id = 0 ) {
    872 
    873     // Bail if no user was passed
    874     if ( empty( $user_id ) )
    875         return false;
    876 
    877     // Bail if current user cannot edit this user
    878     if ( ! current_user_can( 'edit_user', $user_id ) )
    879         return false;
    880 
    881     // Remove all caps for user
    882     bbp_remove_user_caps( $user_id );
    883 
    884     // Load up the user
    885     $user = new WP_User( $user_id );
    886 
    887     // User has no role so bail
    888     if ( ! isset( $user->roles ) )
    889         return false;
    890 
    891     // Use first user role
    892     $caps = bbp_get_caps_for_role( array_shift( $user->roles ) );
    893 
    894     // Add caps for the first role
    895     foreach ( $caps as $cap )
    896         $user->add_cap( $cap, true );
    897 
    898     // Success
    899     return true;
    900 }
    901 
    902 /**
    903  * Save all bbPress capabilities for a given user
    904  *
    905  * @since bbPress (r4221)
    906  *
    907  * @param type $user_id
    908  * @return boolean
    909  */
    910 function bbp_save_user_caps( $user_id = 0 ) {
    911 
    912     // Bail if no user was passed
    913     if ( empty( $user_id ) )
    914         return false;
    915 
    916     // Bail if current user cannot edit this user
    917     if ( ! current_user_can( 'edit_user', $user_id ) )
    918         return false;
    919 
    920     // Load up the user
    921     $user = new WP_User( $user_id );
    922 
    923     // Loop through capability groups
    924     foreach ( bbp_get_capability_groups() as $group ) {
    925         foreach ( bbp_get_capabilities_for_group( $group ) as $capability ) {
    926 
    927             // Maybe add cap
    928             if ( ! empty( $_POST['_bbp_' . $capability] ) && ! $user->has_cap( $capability ) ) {
    929                 $user->add_cap( $capability, true );
    930 
    931             // Maybe remove cap
    932             } elseif ( empty( $_POST['_bbp_' . $capability] ) && $user->has_cap( $capability ) ) {
    933                 $user->add_cap( $capability, false );
    934             }
     367 * Adds capabilities to WordPress user roles.
     368 *
     369 * @since bbPress (r2608)
     370 */
     371function bbp_add_caps() {
     372    global $wp_roles;
     373
     374    // Load roles if not set
     375    if ( ! isset( $wp_roles ) )
     376        $wp_roles = new WP_Roles();
     377
     378    // Loop through available roles and add caps
     379    foreach( $wp_roles->role_objects as $role ) {
     380        foreach ( bbp_get_caps_for_role( $role->name ) as $cap ) {
     381            $role->add_cap( $cap );
    935382        }
    936383    }
    937384
    938     // Success
    939     return true;
    940 }
    941 
    942 /**
    943  * Helper function hooked to 'bbp_edit_user_profile_update' action to save or update
    944  * user roles and capabilities.
    945  *
    946  * @since bbPress (r4235)
    947  *
    948  * @param int $user_id
    949  * @uses bbp_reset_user_caps() to reset caps
    950  * @usse bbp_save_user_caps() to save caps
    951  */
    952 function bbp_edit_user_profile_update_capabilities( $user_id = 0 ) {
    953 
    954     // Bail if no user ID was passed
    955     if ( empty( $user_id ) )
    956         return;
    957 
    958     // Either reset caps for role
    959     if ( ! empty( $_POST['bbp-default-caps'] ) ) {
    960         bbp_reset_user_caps( $user_id );
    961 
    962     // Or set caps individually
    963     } else {
    964         bbp_save_user_caps( $user_id );
    965     }
    966 }
    967 
    968 /**
    969  * Add the default role to the current user if needed
    970  *
    971  * This function will bail if the forum is not global in a multisite
    972  * installation of WordPress, or if the user is marked as spam or deleted.
    973  *
    974  * @since bbPress (r3380)
    975  *
    976  * @uses bbp_allow_global_access()
    977  * @uses bbp_is_user_inactive()
    978  * @uses is_user_logged_in()
    979  * @uses is_user_member_of_blog()
    980  * @uses get_option()
    981  *
    982  * @return If not multisite, not global, or user is deleted/spammed
    983  */
    984 function bbp_set_current_user_default_role() {
    985 
    986     // Bail if forum is not global
    987     if ( ! bbp_allow_global_access() )
    988         return;
    989 
    990     // Bail if not logged in or already a member of this site
    991     if ( ! is_user_logged_in() || current_user_can( 'read' ) )
    992         return;
    993 
    994     // Bail if user is marked as spam or is deleted
    995     if ( bbp_is_user_inactive() )
    996         return;
    997 
    998     // Assign the default role to the current user
    999     bbpress()->current_user->set_role( get_option( 'default_role', 'subscriber' ) );
    1000 }
    1001 
    1002 /**
    1003  * Can the current user see a specific UI element?
    1004  *
    1005  * Used when registering post-types and taxonomies to decide if 'show_ui' should
    1006  * be set to true or false. Also used for fine-grained control over which admin
    1007  * sections are visible under what conditions.
    1008  *
    1009  * This function is in bbp-core-caps.php rather than in /bbp-admin so that it
    1010  * can be used during the bbp_register_post_types action.
    1011  *
    1012  * @since bbPress (r3944)
    1013  *
    1014  * @todo use meta caps and maybe deprecate
    1015  * @uses current_user_can() To check the 'moderate' capability
    1016  * @uses bbp_get_forum_post_type()
    1017  * @uses bbp_get_topic_post_type()
    1018  * @uses bbp_get_reply_post_type()
    1019  * @uses bbp_get_topic_tag_tax_id()
    1020  * @uses is_plugin_active()
    1021  * @uses is_super_admin()
    1022  * @return bool Results of current_user_can( 'moderate' ) check.
    1023  */
    1024 function bbp_current_user_can_see( $component = '' ) {
    1025 
    1026     // Define local variable
    1027     $retval = false;
    1028 
    1029     // Which component are we checking UI visibility for?
    1030     switch ( $component ) {
    1031 
    1032         /** Everywhere ********************************************************/
    1033 
    1034         case bbp_get_forum_post_type()   : // Forums
    1035         case bbp_get_topic_post_type()   : // Topics
    1036         case bbp_get_reply_post_type()   : // Replies
    1037         case bbp_get_topic_tag_tax_id()  : // Topic-Tags
    1038             $retval = current_user_can( 'moderate' );
    1039             break;
    1040 
    1041         /** Admin Exclusive ***************************************************/
    1042 
    1043         case 'bbp_settings_buddypress'  : // BuddyPress Extension
    1044             $retval = ( is_plugin_active( 'buddypress/bp-loader.php' ) && defined( 'BP_VERSION' ) ) && is_super_admin();
    1045             break;
    1046 
    1047         case 'bbp_settings_akismet'     : // Akismet Extension
    1048             $retval = ( is_plugin_active( 'akismet/akismet.php' ) && defined( 'AKISMET_VERSION' ) ) && is_super_admin();
    1049             break;
    1050 
    1051         case 'bbp_tools_page'            : // Tools Page
    1052         case 'bbp_tools_repair_page'     : // Tools - Repair Page
    1053         case 'bbp_tools_import_page'     : // Tools - Import Page
    1054         case 'bbp_tools_reset_page'      : // Tools - Reset Page
    1055         case 'bbp_settings_page'         : // Settings Page
    1056         case 'bbp_settings_main'         : // Settings - General
    1057         case 'bbp_settings_theme_compat' : // Settings - Theme compat
    1058         case 'bbp_settings_root_slugs'   : // Settings - Root slugs
    1059         case 'bbp_settings_single_slugs' : // Settings - Single slugs
    1060         case 'bbp_settings_per_page'     : // Settings - Single slugs
    1061         case 'bbp_settings_per_page_rss' : // Settings - Single slugs
    1062         default                          : // Anything else
    1063             $retval = current_user_can( bbpress()->admin->minimum_capability );
    1064             break;
    1065     }
    1066 
    1067     return (bool) apply_filters( 'bbp_current_user_can_see', (bool) $retval, $component );
     385    do_action( 'bbp_add_caps' );
     386}
     387
     388/**
     389 * Removes capabilities from WordPress user roles.
     390 *
     391 * @since bbPress (r2608)
     392 */
     393function bbp_remove_caps() {
     394    global $wp_roles;
     395
     396    // Load roles if not set
     397    if ( ! isset( $wp_roles ) )
     398        $wp_roles = new WP_Roles();
     399
     400    // Loop through available roles and remove caps
     401    foreach( $wp_roles->role_objects as $role ) {
     402        foreach ( bbp_get_caps_for_role( $role->name ) as $cap ) {
     403            $role->remove_cap( $cap );
     404        }
     405    }
     406
     407    do_action( 'bbp_remove_caps' );
    1068408}
    1069409
  • trunk/bbp-includes/bbp-core-dependency.php

    r4236 r4244  
    363363    return apply_filters( 'bbp_allowed_themes', $themes );
    364364}
     365
     366/**
     367 * Maps forum/topic/reply caps to built in WordPress caps
     368 *
     369 * @since bbPress (r2593)
     370 *
     371 * @param array $caps Capabilities for meta capability
     372 * @param string $cap Capability name
     373 * @param int $user_id User id
     374 * @param mixed $args Arguments
     375 */
     376function bbp_map_meta_caps( $caps = array(), $cap = '', $user_id = 0, $args = array() ) {
     377    return apply_filters( 'bbp_map_meta_caps', $caps, $cap, $user_id, $args );
     378}
  • trunk/bbp-includes/bbp-core-filters.php

    r4214 r4244  
    205205add_filter( 'posts_request', '_bbp_has_replies_where', 10, 2 );
    206206
     207// Capabilities
     208add_filter( 'bbp_map_meta_caps', 'bbp_map_primary_meta_caps',   10, 4 ); // Primary caps
     209add_filter( 'bbp_map_meta_caps', 'bbp_map_forum_meta_caps',     10, 4 ); // Forums
     210add_filter( 'bbp_map_meta_caps', 'bbp_map_topic_meta_caps',     10, 4 ); // Topics
     211add_filter( 'bbp_map_meta_caps', 'bbp_map_reply_meta_caps',     10, 4 ); // Replies
     212add_filter( 'bbp_map_meta_caps', 'bbp_map_topic_tag_meta_caps', 10, 4 ); // Topic tags
     213
    207214/** Deprecated ****************************************************************/
    208215
  • trunk/bbp-includes/bbp-core-functions.php

    r4222 r4244  
    149149 * @param mixed $query_args {@link bbp_has_topics()} arguments.
    150150 * @param bool $feed Have a feed for the view? Defaults to true. NOT IMPLEMENTED
     151 * @param string $capability Capability that the current user must have
    151152 * @uses sanitize_title() To sanitize the view name
    152153 * @uses esc_html() To sanitize the view title
    153154 * @return array The just registered (but processed) view
    154155 */
    155 function bbp_register_view( $view, $title, $query_args = '', $feed = true ) {
     156function bbp_register_view( $view, $title, $query_args = '', $feed = true, $capability = '' ) {
     157
     158    // Bail if user does not have capability
     159    if ( ! empty( $capability ) && ! current_user_can( $capability ) )
     160        return false;
     161
    156162    $bbp   = bbpress();
    157163    $view  = sanitize_title( $view );
     
    163169    $query_args = bbp_parse_args( $query_args, '', 'register_view' );
    164170
    165     // Set exclude_stickies to true if it wasn't supplied
     171    // Set show_stickies to false if it wasn't supplied
    166172    if ( !isset( $query_args['show_stickies'] ) )
    167173        $query_args['show_stickies'] = false;
  • trunk/bbpress.php

    r4237 r4244  
    174174        /** Versions **********************************************************/
    175175
    176         $this->version    = '2.2-alpha-4237';
     176        $this->version    = '2.2-alpha-4242';
    177177        $this->db_version = '214';
    178178
     
    293293        require( $this->plugin_dir . 'bbp-includes/bbp-common-template.php'  ); // Common template tags
    294294
     295        require( $this->plugin_dir . 'bbp-includes/bbp-forum-caps.php'       ); // Forum capabilities
    295296        require( $this->plugin_dir . 'bbp-includes/bbp-forum-functions.php'  ); // Forum functions
    296297        require( $this->plugin_dir . 'bbp-includes/bbp-forum-template.php'   ); // Forum template tags
    297298
     299        require( $this->plugin_dir . 'bbp-includes/bbp-topic-caps.php'       ); // Topic capabilities
    298300        require( $this->plugin_dir . 'bbp-includes/bbp-topic-functions.php'  ); // Topic functions
    299301        require( $this->plugin_dir . 'bbp-includes/bbp-topic-template.php'   ); // Topic template tags
    300302
     303        require( $this->plugin_dir . 'bbp-includes/bbp-reply-caps.php'       ); // Reply capabilities
    301304        require( $this->plugin_dir . 'bbp-includes/bbp-reply-functions.php'  ); // Reply functions
    302305        require( $this->plugin_dir . 'bbp-includes/bbp-reply-template.php'   ); // Reply template tags
    303306
     307        require( $this->plugin_dir . 'bbp-includes/bbp-user-caps.php'        ); // User capabilities
    304308        require( $this->plugin_dir . 'bbp-includes/bbp-user-functions.php'   ); // User functions
    305309        require( $this->plugin_dir . 'bbp-includes/bbp-user-template.php'    ); // User template tags
     
    497501                'show_in_nav_menus'   => true,
    498502                'public'              => true,
    499                 'show_ui'             => bbp_current_user_can_see( bbp_get_forum_post_type() ),
     503                'show_ui'             => current_user_can( 'bbp_forums_admin' ),
    500504                'can_export'          => true,
    501505                'hierarchical'        => true,
     
    554558                'show_in_nav_menus'   => false,
    555559                'public'              => true,
    556                 'show_ui'             => bbp_current_user_can_see( bbp_get_topic_post_type() ),
     560                'show_ui'             => current_user_can( 'bbp_topics_admin' ),
    557561                'can_export'          => true,
    558562                'hierarchical'        => false,
     
    611615                'show_in_nav_menus'   => false,
    612616                'public'              => true,
    613                 'show_ui'             => bbp_current_user_can_see( bbp_get_reply_post_type() ),
     617                'show_ui'             => current_user_can( 'bbp_replies_admin' ),
    614618                'can_export'          => true,
    615619                'hierarchical'        => false,
     
    752756                'hierarchical'          => false,
    753757                'public'                => true,
    754                 'show_ui'               => bbp_allow_topic_tags() && bbp_current_user_can_see( bbp_get_topic_tag_tax_id() )
     758                'show_ui'               => bbp_allow_topic_tags() && current_user_can( 'bbp_topic_tags_admin' )
    755759            )
    756760        ) );
Note: See TracChangeset for help on using the changeset viewer.