Skip to:
Content

bbPress.org

Changeset 6571


Ignore:
Timestamp:
06/16/2017 07:45:05 PM (8 years ago)
Author:
johnjamesjacoby
Message:

Capabilities: Logic improvements to help with per-forum moderation.

  • Introduce moderate_forum capability check, used to check if a user has the ability to moderate a specific forum
  • Limit number of direct keep_gate checks, and use bbp_is_user_keymaster() where possible
  • Make bbp_is_user_forum_moderator() check the new moderate_forum mapped capability
  • Have the moderate mapped capability check moderate_forum if the $args[0] can be bubbled up to being a forum ID
  • Map admin post-type areas to their appropriate edit_ capabilities – they are now properly handled via other mapped conditions

This change (along with r6567 & r6569) allows private & hidden forums to appear in forums queries for users who can moderate them.

Location:
trunk/src/includes
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/includes/forums/capabilities.php

    r6438 r6571  
    108108            break;
    109109
     110        /** Moderating ********************************************************/
     111
     112        case 'moderate_forum' :
     113
     114            // Get the post
     115            $_post = get_post( $args[0] );
     116            if ( ! empty( $_post ) && bbp_allow_forum_mods() ) {
     117
     118                // Make sure feature is enabled & user is mod on this forum
     119                if ( bbp_is_object_of_user( $_post->ID, $user_id, '_bbp_moderator_id' ) ) {
     120                    $caps = array( 'spectate' );
     121                }
     122            }
     123
     124            break;
     125
    110126        /** Publishing ********************************************************/
    111127
     
    126142
    127143            // Moderators can always edit
    128             if ( user_can( $user_id, 'keep_gate' ) ) {
    129                 $caps = array( 'keep_gate' );
     144            if ( bbp_is_user_keymaster( $user_id ) ) {
     145                $caps = array( 'spectate' );
    130146
    131147            // Otherwise, block
     
    150166                    $caps = array( 'do_not_allow' );
    151167
     168                // Moderators can always read forum content
     169                } elseif ( user_can( $user_id, 'moderate', $_post->ID ) ) {
     170                    $caps = array( 'spectate' );
     171
    152172                // User is author so allow edit if not in admin
    153173                } elseif ( ! is_admin() && ( (int) $user_id === (int) $_post->post_author ) ) {
    154174                    $caps = array( $post_type->cap->edit_posts );
    155 
    156                 // Moderators can always read forum content
    157                 } elseif ( user_can( $user_id, 'moderate', $_post->ID ) ) {
    158                     $caps = array( 'spectate' );
    159175
    160176                // Unknown, so map to edit_others_posts
     
    198214        // Forum admin area.
    199215        case 'bbp_forums_admin' :
    200             $caps = array( 'keep_gate' );
     216            $caps = array( 'edit_forums' );
    201217            break;
    202218    }
     
    248264 */
    249265function bbp_is_user_forum_moderator( $user_id = 0, $forum_id = 0 ) {
    250 
    251     // Validate user ID - fallback to current user if no ID passed.
    252     $user_id  = bbp_get_user_id( $user_id, false, ! empty( $user_id ) );
     266    $user_id  = bbp_get_user_id( $user_id, false, empty( $user_id ) );
    253267    $forum_id = bbp_get_forum_id( $forum_id );
    254 
    255     // Check if per-forum moderation is enabled, or assume false
    256     $retval = bbp_allow_forum_mods()
    257         ? bbp_is_object_of_user( $forum_id, $user_id, '_bbp_moderator_id' )
    258         : false;
     268    $retval   = user_can( $user_id, 'moderate_forum', $forum_id );
    259269
    260270    // Filter & return
  • trunk/src/includes/replies/capabilities.php

    r6438 r6571  
    4343 * @uses get_post_type_object() To get the post type object
    4444 * @uses bbp_get_public_status_id() To get the public status id
    45  * @uses bbp_is_user_forum_moderator() To check if the user is a forum moderator
    46  * @uses bbp_get_reply_forum_id() To get the repliy forum id
     45 * @uses bbp_get_reply_forum_id() To get the reply forum id
    4746 * @uses apply_filters() Filter mapped results
    4847 *
     
    181180                // Moderators can always edit forum content
    182181                } elseif ( user_can( $user_id, 'moderate', $_post->ID ) ) {
    183                      $caps = array( 'spectate' );
     182                    $caps = array( 'spectate' );
    184183
    185184                // Unknown so map to delete_others_posts
     
    205204
    206205        case 'bbp_replies_admin' :
    207             $caps = array( 'moderate' );
     206            $caps = array( 'edit_replies' );
    208207            break;
    209208    }
  • trunk/src/includes/topics/capabilities.php

    r6438 r6571  
    6363 * @uses get_post_type_object() To get the post type object
    6464 * @uses bbp_get_public_status_id() To get the  public status id
    65  * @uses bbp_is_user_forum_moderator() To check if the user is a forum moderator
    66  * @uses bbp_get_topic_forum_id() To get the opic forum id
     65 * @uses bbp_get_topic_forum_id() To get the topic forum id
    6766 * @uses apply_filters() Filter capability map results
    6867 *
     
    225224
    226225        case 'bbp_topics_admin' :
    227             $caps = array( 'moderate' );
     226            $caps = array( 'edit_topics' );
    228227            break;
    229228    }
  • trunk/src/includes/users/capabilities.php

    r6561 r6571  
    6565                $caps = array( 'do_not_allow' );
    6666
     67            // Keymasters can always moderate
     68            } elseif ( bbp_is_user_keymaster( $user_id ) ) {
     69                $caps = array( 'spectate' );
     70
    6771            // Default to the current cap.
    6872            } else {
     
    685689function bbp_is_user_active( $user_id = 0 ) {
    686690
    687     // Default to current user
    688     if ( empty( $user_id ) && is_user_logged_in() ) {
    689         $user_id = bbp_get_current_user_id();
    690     }
    691 
    692691    // No user to check
     692    $user_id = bbp_get_user_id( $user_id, false, true );
    693693    if ( empty( $user_id ) ) {
    694694        return false;
     
    732732 */
    733733function bbp_is_user_keymaster( $user_id = 0 ) {
    734 
    735     // Default to current user ID if none is passed
    736734    $_user_id = bbp_get_user_id( $user_id, false, true );
    737 
    738     // Check the 'keep_gate' capability
    739735    $retval   = user_can( $_user_id, 'keep_gate' );
    740736
Note: See TracChangeset for help on using the changeset viewer.