Skip to:
Content

BuddyPress.org

Changeset 11970


Ignore:
Timestamp:
04/13/2018 02:01:12 PM (6 years ago)
Author:
dcavins
Message:

Fix admin user cases in bp_groups_user_can_filter().

If a user is an admin, he or she is pretty much allowed to do anything, so the capability has been approved before bp_groups_user_can_filter() filters the value. In a few cases, even admins need to satisfy a few other requirements before being allowed to do something, like request membership in a group, where even site admins need to not be members of the group.

Props r-a-y, dcavins.

See #7610.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/bp-groups/bp-groups-filters.php

    r11776 r11970  
    217217            }
    218218
     219            // Set to false to begin with.
     220            $retval = false;
     221
    219222            // The group must allow joining, and the user should not currently be a member.
    220223            $group = groups_get_group( $group_id );
    221             if ( 'public' === bp_get_group_status( $group )
     224            if ( ( 'public' === bp_get_group_status( $group )
    222225                && ! groups_is_user_member( $user_id, $group->id )
    223                 && ! groups_is_user_banned( $user_id, $group->id )
     226                && ! groups_is_user_banned( $user_id, $group->id ) )
     227                // Site admins can join any group they are not a member of.
     228                || ( bp_user_can( $user_id, 'bp_moderate' )
     229                && ! groups_is_user_member( $user_id, $group->id ) )
    224230            ) {
    225231                $retval = true;
     
    232238                break;
    233239            }
     240
     241            // Set to false to begin with.
     242            $retval = false;
    234243
    235244            /*
     
    257266            * currently be a member or be banned from the group.
    258267            */
    259             $group = groups_get_group( $group_id );
    260268            // Users with the 'bp_moderate' cap can always send invitations.
    261269            if ( bp_user_can( $user_id, 'bp_moderate' ) ) {
     
    292300            }
    293301
     302            // Set to false to begin with.
     303            $retval = false;
     304
    294305            /*
    295306            * The group must allow invitations, and the user should not
  • trunk/tests/phpunit/testcases/groups/user_can.php

    r11776 r11970  
    2525    }
    2626
     27    /**
     28     * @ticket BP7610
     29     */
     30    public function test_user_cannot_join_public_group_if_already_member_even_superadmin() {
     31        $g1 = $this->factory->group->create( array(
     32            'status'      => 'public'
     33        ) );
     34        $u1 = $this->factory->user->create();
     35        $this->add_user_to_group( $u1, $g1 );
     36
     37        // Grant super admin status.
     38        grant_super_admin( $u1 );
     39
     40        $this->assertFalse( bp_user_can( $u1, 'groups_join_group', array( 'group_id' => $g1 ) ) );
     41    }
     42
    2743    public function test_user_cannot_join_private_group() {
    2844        $g1 = $this->factory->group->create( array(
     
    135151    }
    136152
     153    /**
     154     * @ticket BP7610
     155     */
     156    public function test_user_cannot_receive_invitation_to_private_group_if_already_member_even_superadmin() {
     157        $g1 = $this->factory->group->create( array(
     158            'status'      => 'private'
     159        ) );
     160        $u1 = $this->factory->user->create();
     161        $this->add_user_to_group( $u1, $g1 );
     162
     163        // Grant super admin status.
     164        grant_super_admin( $u1 );
     165
     166        $this->assertFalse( bp_user_can( $u1, 'groups_receive_invitation', array( 'group_id' => $g1 ) ) );
     167    }
    137168
    138169    public function test_user_cannot_receive_invitation_to_private_group_if_banned() {
     
    369400    }
    370401
     402    /**
     403     * @ticket BP7610
     404     */
     405    public function test_user_can_groups_request_membership_for_super_admin() {
     406        if ( ! is_multisite() ) {
     407            return;
     408        }
     409
     410        $g1 = $this->factory->group->create( array(
     411            'status' => 'public'
     412        ) );
     413        $u1 = $this->factory->user->create();
     414        $this->add_user_to_group( $u1, $g1 );
     415
     416        // Grant super admin status.
     417        grant_super_admin( $u1 );
     418
     419        // Assert false since public groups shouldn't be able to request membership.
     420        $this->assertFalse( bp_user_can( $u1, 'groups_request_membership', array( 'group_id' => $g1 ) ) );
     421    }
    371422}
Note: See TracChangeset for help on using the changeset viewer.