Ticket #4785: extension-access.patch
| File extension-access.patch, 6.5 KB (added by , 10 years ago) |
|---|
-
bp-groups/bp-groups-classes.php
diff --git bp-groups/bp-groups-classes.php bp-groups/bp-groups-classes.php index de6110a..4799976 100644
class BP_Group_Extension { 2749 2749 public $visibility = 'public'; 2750 2750 2751 2751 /** 2752 * The access setting of the extension tab when used with a public group. 2753 * Accepted values: anyone, logged_in, group_member, group_mod, group_admin. 2754 * 2755 * @since Buddypress 2.0.0 2756 * @var string 2757 */ 2758 public $access_public_group = 'anyone'; 2759 2760 /** 2761 * The access setting of the extension tab when used with a private group. 2762 * Accepted values: anyone, logged_in, group_member, group_mod, group_admin. 2763 * 2764 * @since Buddypress 2.0.0 2765 * @var string 2766 */ 2767 public $access_private_group = 'group-members'; 2768 2769 /** 2752 2770 * The numeric position of the main nav item. 2753 2771 * 2754 2772 * @var int … … class BP_Group_Extension { 2914 2932 'slug' => $this->slug, 2915 2933 'name' => $this->name, 2916 2934 'visibility' => $this->visibility, 2935 'access_public_group' => $this->$access_public_group, 2936 'access_private_group' => $this->$access_private_group, 2917 2937 'nav_item_position' => $this->nav_item_position, 2918 2938 'enable_nav_item' => (bool) $this->enable_nav_item, 2919 2939 'nav_item_name' => $this->nav_item_name, … … class BP_Group_Extension { 2955 2975 $this->slug = $this->params['slug']; 2956 2976 $this->name = $this->params['name']; 2957 2977 $this->visibility = $this->params['visibility']; 2978 $this->access_public_group = $this->params['access_public_group']; 2979 $this->access_private_group = $this->params['access_private_group']; 2958 2980 $this->nav_item_position = $this->params['nav_item_position']; 2959 2981 $this->nav_item_name = $this->params['nav_item_name']; 2960 2982 $this->display_hook = $this->params['display_hook']; … … class BP_Group_Extension { 3100 3122 return; 3101 3123 } 3102 3124 3125 if ( ! $this->extension_user_can_access() ) { 3126 return; 3127 } 3128 3103 3129 if ( true === $this->enable_nav_item ) { 3104 3130 bp_core_new_subnav_item( array( 3105 3131 'name' => ! $this->nav_item_name ? $this->name : $this->nav_item_name, … … class BP_Group_Extension { 3133 3159 bp_core_load_template( apply_filters( 'bp_core_template_plugin', $this->template_file ) ); 3134 3160 } 3135 3161 3162 /** 3163 * Access support for custom access settings for plugins. 3164 */ 3165 public function extension_user_can_access() { 3166 global $bp; 3167 3168 //return true for site admins 3169 if ( current_user_can( 'bp_moderate' ) ) 3170 return true; 3171 3172 // Cases for group status 3173 $group_status = groups_get_group( array( 'group_id' => $this->group_id ) )->status; 3174 3175 $bp->groups->current_group->extension_access[$this->slug] = array( 3176 'access_public_group' => $this->access_public_group, 3177 'access_private_group' => $this->access_private_group, 3178 ); 3179 3180 if ( $group_status == 'public' ) { 3181 // Use the setting for 'access_public_group' to determine whether this user has access to this extension, Possible values: anyone, logged_in, group_member, group_mod, group_admin 3182 switch ( $this->access_public_group ) { 3183 case 'group_admin': 3184 return groups_is_user_admin( bp_loggedin_user_id(), $this->group_id ); 3185 break; 3186 case 'group_mod': 3187 return groups_is_user_mod( bp_loggedin_user_id(), $this->group_id ); 3188 break; 3189 case 'group_member': 3190 return groups_is_user_member( bp_loggedin_user_id(), $this->group_id ); 3191 break; 3192 case 'logged_in': 3193 return is_user_logged_in(); 3194 break; 3195 case 'anyone': 3196 return true; 3197 break; 3198 } 3199 3200 } elseif ( $group_status == 'private' ) { 3201 // Use the setting for 'access_private_group' to determine whether this user has access to this extension. 3202 switch ( $this->access_private_group ) { 3203 case 'group_admin': 3204 return groups_is_user_admin( bp_loggedin_user_id(), $this->group_id ); 3205 break; 3206 case 'group_mod': 3207 return groups_is_user_mod( bp_loggedin_user_id(), $this->group_id ); 3208 break; 3209 case 'group_member': 3210 return groups_is_user_member( bp_loggedin_user_id(), $this->group_id); 3211 break; 3212 case 'logged_in': 3213 return is_user_logged_in(); 3214 break; 3215 case 'anyone': 3216 return true; 3217 break; 3218 } 3219 3220 } else { // Hidden groups 3221 return $user_has_access; 3222 } 3223 } 3224 3225 3136 3226 /** Create ************************************************************/ 3137 3227 3138 3228 /** … … class BP_Group_Extension { 3721 3811 'create_name', 3722 3812 'create_slug', 3723 3813 'visibility', 3814 'access_public_group', 3815 'access_private_group', 3724 3816 'create_step_position', 3725 3817 'nav_item_position', 3726 3818 'admin_metabox_context', -
bp-groups/bp-groups-functions.php
diff --git bp-groups/bp-groups-functions.php bp-groups/bp-groups-functions.php index 251ae96..96e921e 100644
function groups_remove_data_for_user( $user_id ) { 1133 1133 add_action( 'wpmu_delete_user', 'groups_remove_data_for_user' ); 1134 1134 add_action( 'delete_user', 'groups_remove_data_for_user' ); 1135 1135 add_action( 'bp_make_spam_user', 'groups_remove_data_for_user' ); 1136 1137 /** Access support for custom access settings for plugins. */ 1138 function bp_group_extension_user_can_access() { 1139 return true; 1140 } 1141 No newline at end of file -
bp-groups/bp-groups-loader.php
diff --git bp-groups/bp-groups-loader.php bp-groups/bp-groups-loader.php index d28e808..da3f56a 100644
class BP_Groups_Component extends BP_Component { 275 275 // Skip the no_access check on home and membership request pages 276 276 } elseif ( !bp_is_current_action( 'home' ) && !bp_is_current_action( 'request-membership' ) ) { 277 277 278 $this_is_a_plugin_page = true; 279 // Maybe off-limits to this user. Check if the plugin allows access. 280 // But this is all done before extensions are registered, I think... 281 if ( $this_is_a_plugin_page && bp_group_extension_user_can_access() ) { 282 // Do nothing; let the request go through. 283 278 284 // Off-limits to this user. Throw an error and redirect to the group's home page 279 if ( is_user_logged_in() ) {285 } elseif ( is_user_logged_in() ) { 280 286 bp_core_no_access( array( 281 287 'message' => __( 'You do not have access to this group.', 'buddypress' ), 282 288 'root' => bp_get_group_permalink( $bp->groups->current_group ) . 'home/', … … class BP_Groups_Component extends BP_Component { 300 306 } 301 307 } 302 308 309 303 310 // Preconfigured group creation steps 304 311 $this->group_creation_steps = apply_filters( 'groups_create_group_steps', array( 305 312 'group-details' => array(