Skip to:
Content

bbPress.org


Ignore:
Timestamp:
06/16/2017 07:45:05 PM (7 years ago)
Author:
johnjamesjacoby
Message:

Capabilities: Logic improvements to help with per-forum moderation.

  • Introduce moderate_forum capability check, used to check if a user has the ability to moderate a specific forum
  • Limit number of direct keep_gate checks, and use bbp_is_user_keymaster() where possible
  • Make bbp_is_user_forum_moderator() check the new moderate_forum mapped capability
  • Have the moderate mapped capability check moderate_forum if the $args[0] can be bubbled up to being a forum ID
  • Map admin post-type areas to their appropriate edit_ capabilities – they are now properly handled via other mapped conditions

This change (along with r6567 & r6569) allows private & hidden forums to appear in forums queries for users who can moderate them.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/includes/forums/capabilities.php

    r6438 r6571  
    108108            break;
    109109
     110        /** Moderating ********************************************************/
     111
     112        case 'moderate_forum' :
     113
     114            // Get the post
     115            $_post = get_post( $args[0] );
     116            if ( ! empty( $_post ) && bbp_allow_forum_mods() ) {
     117
     118                // Make sure feature is enabled & user is mod on this forum
     119                if ( bbp_is_object_of_user( $_post->ID, $user_id, '_bbp_moderator_id' ) ) {
     120                    $caps = array( 'spectate' );
     121                }
     122            }
     123
     124            break;
     125
    110126        /** Publishing ********************************************************/
    111127
     
    126142
    127143            // Moderators can always edit
    128             if ( user_can( $user_id, 'keep_gate' ) ) {
    129                 $caps = array( 'keep_gate' );
     144            if ( bbp_is_user_keymaster( $user_id ) ) {
     145                $caps = array( 'spectate' );
    130146
    131147            // Otherwise, block
     
    150166                    $caps = array( 'do_not_allow' );
    151167
     168                // Moderators can always read forum content
     169                } elseif ( user_can( $user_id, 'moderate', $_post->ID ) ) {
     170                    $caps = array( 'spectate' );
     171
    152172                // User is author so allow edit if not in admin
    153173                } elseif ( ! is_admin() && ( (int) $user_id === (int) $_post->post_author ) ) {
    154174                    $caps = array( $post_type->cap->edit_posts );
    155 
    156                 // Moderators can always read forum content
    157                 } elseif ( user_can( $user_id, 'moderate', $_post->ID ) ) {
    158                     $caps = array( 'spectate' );
    159175
    160176                // Unknown, so map to edit_others_posts
     
    198214        // Forum admin area.
    199215        case 'bbp_forums_admin' :
    200             $caps = array( 'keep_gate' );
     216            $caps = array( 'edit_forums' );
    201217            break;
    202218    }
     
    248264 */
    249265function bbp_is_user_forum_moderator( $user_id = 0, $forum_id = 0 ) {
    250 
    251     // Validate user ID - fallback to current user if no ID passed.
    252     $user_id  = bbp_get_user_id( $user_id, false, ! empty( $user_id ) );
     266    $user_id  = bbp_get_user_id( $user_id, false, empty( $user_id ) );
    253267    $forum_id = bbp_get_forum_id( $forum_id );
    254 
    255     // Check if per-forum moderation is enabled, or assume false
    256     $retval = bbp_allow_forum_mods()
    257         ? bbp_is_object_of_user( $forum_id, $user_id, '_bbp_moderator_id' )
    258         : false;
     268    $retval   = user_can( $user_id, 'moderate_forum', $forum_id );
    259269
    260270    // Filter & return
Note: See TracChangeset for help on using the changeset viewer.