Skip to:
Content

Opened 20 months ago

Closed 18 months ago

Last modified 9 months ago

#1939 closed enhancement (fixed)

Capabilities clean-up, admin-side cap UI, deprecate roles

Reported by: johnjamesjacoby Owned by: johnjamesjacoby
Milestone: 2.2 Priority: normal
Severity: normal Version: 2.1
Component: Users Keywords:
Cc: stephen@…

Description

The code to add/remove roles and capabilities is clumsy, making it impossible to adapt bbPress to an existing installations userbase without making decisions on what users will play what roles.

A few things need to happen:

  • Deprecate adding/removing of roles and capabilities
  • Map all capabilities as needed
  • Create UI to assign/remove capabilities per user
  • Deprecate and remove all associated code

Change History (56)

comment:1 johnjamesjacoby20 months ago

(In [4164]) Capabilities:

  • Remove roles and move everything to mapped capabilities.
  • First pass at admin-side forum capability manager.
  • Deprecate moderator, anonymous, and participant roles and associated functions.
  • Deprecate add/remove role/cap functions.
  • More cap mapping needed for users that are not explicitly blocked.
  • Adds cap check to forms for topic-tag adding/editing.
  • See #1939

comment:2 johnjamesjacoby20 months ago

(In [4165]) Capabilities:

  • Reference correct function in bbp_add_caps()
  • See #1939

comment:3 netweb20 months ago

  • Cc stephen@… added

comment:4 johnjamesjacoby18 months ago

Forgot I had created this ticket. Please see the following changesets for work done on this ticket:

The end result is that users with edit_user(s) cap are now presented with a UI for selectively enabling/disabling bbPress capabilities. The Forum Participant and Forum Moderator roles are gone, as is the fake Anonymous role. A large majority of the role code is deprecated.

Left to do:

  • Map remaining caps in core/capabilities.php.
  • Deprecate functions used for adding those caps to all existing roles.

comment:5 johnjamesjacoby18 months ago

  • Milestone changed from 2.3 to 2.2

comment:6 johnjamesjacoby18 months ago

(In [4288]) Capabilities:

  • Introduce bbp_edit_user_forums_role() and rename bbp_edit_user_role() to bbp_edit_user_blog_role().
  • See #1939.

comment:7 johnjamesjacoby18 months ago

(In [4289]) Capabilities:

  • Introduce bbp_set_user_role() and add $context parameter to bbp_get_user_role().
  • See #1939.

comment:8 johnjamesjacoby18 months ago

(In [4290]) Capabilities:

  • Add support for forum specific roles in core/capabilities.php.
  • See #1939.

comment:9 johnjamesjacoby18 months ago

(In [4291]) Capabilities:

  • Tweak phpdoc and cast type on return of bbp_use_advanced_capability_editor().
  • See #1939.

comment:10 johnjamesjacoby18 months ago

(In [4292]) Capabilities:

  • Remove trailing whitespace in core/capabilities.php.
  • See #1939.

comment:11 johnjamesjacoby18 months ago

(In [4293]) Capabilities:

  • Introduce bbp_get_wp_roles() and use in place of $wp_roles global.
  • See #1939.

comment:12 johnjamesjacoby18 months ago

(In [4294]) Capabilities:

  • Introduce bbp_get_default_role() in core/options.php and set default option value.
  • See #1939.

comment:13 johnjamesjacoby18 months ago

(In [4297]) Capabilities:

  • Update bbp_set_user_role() and bbp_get_user_role() to only work with bbPress forums roles.
  • See #1939.

comment:14 johnjamesjacoby18 months ago

(In [4298]) Capabilities:

  • Use correct $roles variable in bbp_get_user_role().
  • See #1939.

comment:15 johnjamesjacoby18 months ago

(In [4299]) Capabilities:

  • Add setting callback for default_role.
  • Update verbiage for auto-role/global-access.
  • See #1939.

comment:16 johnjamesjacoby18 months ago

(In [4300]) Capabilities:

  • Do no call bbp_add_caps() on activation anymore.
  • This is handled by new forums roles.
  • See #1939.

comment:17 johnjamesjacoby18 months ago

(In [4301]) Capabilities:

  • Update BBP_User_Admin to use roles UI instead of capabilities.
  • Leave capabilities in for now, but hidden behind a switch function.
  • See #1939.

comment:18 johnjamesjacoby18 months ago

(In [4302]) Capabilities:

  • Update bbp_edit_user_blog_role() and bbp_edit_user_forums_role() to use appropriate functions to get role arrays.
  • See #1939.

comment:19 johnjamesjacoby18 months ago

(In [4303]) Capabilities:

  • Introduce 'bbp_profile_update' sub-action.
  • Use in place of piggy-backed admin user profile actions.
  • See #1939.

comment:20 johnjamesjacoby18 months ago

(In [4304]) Capabilities:

  • Filter out bbPress roles from editable_roles array.
  • Introduce bbp_filter_blog_editable_roles() and hook to 'editable_roles'.
  • See #1939.

comment:21 johnjamesjacoby18 months ago

(In [4305]) Capabilities:

  • Introduce bbp_user_register() and bbp_profile_update() sub-actions.
  • See #1939.

comment:22 johnjamesjacoby18 months ago

(In [4306]) Capabilities:

  • Update bbp-default templates to support new roles UI.
  • See #1939.

comment:23 johnjamesjacoby18 months ago

(In [4307]) Capabilities:

  • Always show roles UI; only show capabilities if switch is on.
  • See #1939.

comment:24 johnjamesjacoby18 months ago

(In [4308]) Capabilities:

  • Update bbp_profile_update_capabilities() to include saving forums roles.
  • When saving a role, remove any individual forums capabilities that were set.
  • Add some legacy caps to primary group, so they are correctly removed.
  • See #1939.

comment:25 johnjamesjacoby18 months ago

(In [4309]) Capabilities:

  • Add label to admin user role UI, to match WordPress core convention.
  • See #1939.

comment:26 johnjamesjacoby18 months ago

(In [4311]) Capabilities:

  • Update bbp_map_primary_meta_caps() to block for inactive users, and check cap for active users.
  • See #1939.

comment:27 johnjamesjacoby18 months ago

(In [4312]) Capabilities:

  • Use bbp_get_current_user_id() in bbp_set_current_user_default_role().
  • See #1939.

comment:28 johnjamesjacoby18 months ago

(In [4313]) Capabilities:

  • Add 'blocked' capability for Blocked role.
  • See #1939.

comment:29 johnjamesjacoby18 months ago

(In [4314]) Capabilities:

  • Revert r4313.
  • Remove negative 'blocked' capability; use not 'spectate' instead.
  • See #1939.

comment:30 johnjamesjacoby18 months ago

(In [4316]) Capabilities:

  • Enforce blocked logged in users by showing them a 404 if they cannot spectate.
  • See #1939.

comment:31 johnjamesjacoby18 months ago

(In [4317]) Capabilities:

  • Use correct 'bbp_set_user_role' filter name.
  • Reset user caps when setting auto-role.
  • See #1939.

comment:32 johnjamesjacoby18 months ago

(In [4319]) Capabilities:

  • Remove caps before setting new role in bbp_profile_update_capabilities().
  • See #1939.

comment:33 johnjamesjacoby18 months ago

(In [4320]) Capabilities:

  • Remove all previous forums roles in bbp_set_user_role().
  • Use direct array intersection instead of bbp_get_user_role().
  • Fixes issue where users can have more than 1 forum role.
  • See #1939.

comment:34 johnjamesjacoby18 months ago

  • Resolution set to fixed
  • Status changed from new to closed

Marking as closed. Feature is complete. Any issues related to roles and capabilities should have their own new tickets.

comment:35 johnjamesjacoby18 months ago

(In [4330]) Capabilities:

  • Remove advanced capabilities code, template part, and UI helpers.
  • This has been replaced by the forums roles selection.
  • See #1939.

comment:36 johnjamesjacoby18 months ago

(In [4335]) Capabilities:

  • Introduce bbp_get_user_role_map() to more intelligently map WordPress roles to bbPress roles.
  • Use bbp_get_user_role_map() in bbp_set_current_user_default_role().
  • See #1939.
  • Fixes #2010.

comment:37 johnjamesjacoby18 months ago

(In [4336]) Capabilities:

  • Switch default value of global access to 1.
  • Fixes confusion about why users are not automatically added to forums.
  • See #1939.

comment:38 johnjamesjacoby18 months ago

(In [4337]) Capabilities:

  • Use bbp_get_default_role() in bbp_get_user_role_map().
  • See #1939.

comment:39 johnjamesjacoby18 months ago

(In [4340]) Capabilities:

  • Use bbp_get_user_role() to get the user's forums role.
  • Update bbp_set_user_role() to return false if trying to set a role the user already has.
  • Remove foreach loop to remove existing roles, since there's no way to naturally have more than one.
  • See #1939.

comment:40 johnjamesjacoby18 months ago

(In [4341]) Capabilities:

  • Add tool for remapping site users to the expected forums role.
  • Does not remove existing WordPress core roles.
  • See #1939, #2010.

comment:41 johnjamesjacoby18 months ago

(In [4346]) Capabilities:

  • Move status and role user functions out of users/functions.php and into users/capabilities.php.
  • See #1939.

comment:42 johnjamesjacoby18 months ago

(In [4352]) Capabilities:

  • Rename bbp_get_editable_roles() to bbp_get_dynamic_roles().
  • This new function name better represents bbPress's approach to secondary user roles, in that these roles are no longer intentionally saved to the database.
  • See #1939.

comment:43 johnjamesjacoby18 months ago

(In [4353]) Capabilities:

  • Update inline doc for 'spectate' VS 'participate'.
  • See #1939.

comment:44 johnjamesjacoby18 months ago

(In [4354]) Capabilities:

  • Rename 'anonymous' role to 'visitor' to avoid confusion with logged-out anonymity.
  • Renames functions, keys, filters, et all.
  • See #1939.

comment:45 johnjamesjacoby18 months ago

(In [4355]) Capabilities:

  • When transitioning a user role, avoid giving them the visitor role unless explicitly intended.
  • See #1939.

comment:46 netweb18 months ago

  • Resolution fixed deleted
  • Status changed from closed to reopened

Unable to deactivate bbPress plugin

Fatal error: Call to undefined method stdClass::add_role() in /home/mysite/public_html/wp-content/plugins/bbpress/includes/users/capabilities.php on line 216

http://bbpress.trac.wordpress.org/browser/trunk/includes/users/capabilities.php#L216

Haven't wrapped my head around (inside?) caps yet, thus no patch ;)

comment:47 johnjamesjacoby18 months ago

  • Resolution set to fixed
  • Status changed from reopened to closed

(In [4360]) Capabilities:

  • Only setup the default current user role when the current user has been byref copied into bbPress's instance.
  • Fixes issue where some core actions are suppressed during the deactivation process, causing an action order conflict with current_user.
  • Fixes #1939.

comment:48 johnjamesjacoby18 months ago

(In [4363]) Capabilities:

  • Introduce bbp_user_has_profile() function in /users/capabilities.php.
  • Use this function to suppress links to a profile of a user with no role on the site.
  • Replaces some logic in bbp_parse_query() for setting user profile query variables.
  • See #1939.

comment:49 johnjamesjacoby18 months ago

(In [4364]) Capabilities:

  • Introduce two helper functions: bbp_filter_user_roles_option() and _bbp_reinit_dynamic_roles()
  • Fixes bug where switching to a new blog would wipe out dynamically loaded roles.
  • Filter the *_user_roles option, and add bbPress's roles to it.
  • See #1939.

comment:50 johnjamesjacoby18 months ago

(In [4365]) Capabilities:

  • Introduce functionality for bulk-edit of user forums roles.
  • Uses new 'keep_gate' capability to prevent granting keymaster role from a non-keymaster.
  • For WordPress 3.5 and higher.
  • Props jmdodd.
  • See #1939.
  • Fixes #2016.

comment:51 johnjamesjacoby18 months ago

(In [4366]) Capabilities:

  • Update notices in deprecated add/remove roles functions.
  • See #1939.

comment:52 johnjamesjacoby18 months ago

(In [4367]) Capabilities:

  • Reverse logic in bbp_user_has_profile().
  • Assume all users have profiles, and they must be explicitly disabled.
  • This is a more natural default behavior, as rarely will a site need to restrict a user's profile to a specific central site.
  • See #1939.

comment:53 johnjamesjacoby18 months ago

(In [4371]) Capabilities:

  • Hook bbp_set_current_user_default_role() to 'switch_blog'
  • Fixes bug where mapped forums role was lost on multisite when WP_Admin_Bar::initialize() would switch to a blog that a user is a member of, if the user was viewing a forum on a site they do not have a role on.
  • See #1939.

comment:54 johnjamesjacoby18 months ago

(In [4374]) Capabilities:

  • Since bbp_set_current_user_default_role() is directly hooked to switch_blog, add deactivation check to prevent php warnings.
  • See #1939.

comment:55 johnjamesjacoby18 months ago

(In [4375]) Capabilities:

  • Rehook bbp_set_current_user_default_role() back to 'bbp_setup_current_user'.
  • Now that deactivation check has moved, it's safe to hook this directly again.
  • Remove from bbPress::setup_current_user().
  • See #1939.

comment:56 johnjamesjacoby9 months ago

In 5030:

Remove hard-coded negative capabilities from bbp_get_caps_for_role() for all roles expect 'Blocked'. Prevents over-aggressively and explicitly disallowing role based capabilities, and allows role manager plugins to more effectively manipulate bbPress user capabilities.

Fixes bug where negative user capabilities could not be overridden if negative caps were saved to all_caps array. See #1939.

Note: See TracTickets for help on using tickets.