Ticket #7048: 7048-8.diff
File 7048-8.diff, 1.6 KB (added by , 6 years ago) |
---|
-
src/bp-activity/bp-activity-screens.php
224 224 $activity = $activity['activities'][0]; 225 225 } 226 226 227 $user_id = bp_displayed_user_id();228 229 227 /** 230 228 * Check user access to the activity item. 231 229 * 232 230 * @since 3.0.0 233 231 */ 234 $has_access = bp_activity_user_can_read( $activity , $user_id);232 $has_access = bp_activity_user_can_read( $activity ); 235 233 236 234 // If activity author does not match displayed user, block access. 237 235 // More info:https://buddypress.trac.wordpress.org/ticket/7048#comment:28 238 if ( true === $has_access && $user_id!== $activity->user_id ) {236 if ( true === $has_access && bp_displayed_user_id() !== $activity->user_id ) { 239 237 $has_access = false; 240 238 } 241 239 … … 251 249 252 250 // Access is specifically disallowed. 253 251 if ( false === $has_access ) { 252 // If not logged in, prompt for login. 253 if ( ! is_user_logged_in() ) { 254 bp_core_no_access(); 254 255 255 // User feedback. 256 bp_core_add_message( __( 'You do not have access to this activity.', 'buddypress' ), 'error' ); 257 258 // Redirect based on logged in status. 259 if ( is_user_logged_in() ) { 260 $url = bp_loggedin_user_domain(); 261 256 // Redirect away. 262 257 } else { 263 $url = sprintf( 264 wp_login_url( 'wp-login.php?redirect_to=%s' ), 265 esc_url_raw( bp_activity_get_permalink( $action ) ) 266 ); 258 bp_core_add_message( __( 'You do not have access to this activity.', 'buddypress' ), 'error' ); 259 bp_core_redirect( bp_loggedin_user_domain() ); 267 260 } 268 269 bp_core_redirect( $url );270 261 } 271 262 272 263 /**