diff --git a/src/bp-groups/actions/join.php b/src/bp-groups/actions/join.php
index 31b35b34f..4e19c3fb9 100644
a
|
b
|
function groups_action_join_group() { |
28 | 28 | // Skip if banned or already a member. |
29 | 29 | if ( !groups_is_user_member( bp_loggedin_user_id(), $bp->groups->current_group->id ) && !groups_is_user_banned( bp_loggedin_user_id(), $bp->groups->current_group->id ) ) { |
30 | 30 | |
31 | | // User wants to join a group that is not public. |
32 | | if ( bp_current_user_can( 'groups_join_group', array( 'group_id' => $bp->groups->current_group->id ) ) ) { |
| 31 | // User wants to join a group that requires an invitation to join. |
| 32 | if ( ! bp_current_user_can( 'groups_join_group', array( 'group_id' => $bp->groups->current_group->id ) ) ) { |
33 | 33 | if ( !groups_check_user_has_invite( bp_loggedin_user_id(), $bp->groups->current_group->id ) ) { |
34 | 34 | bp_core_add_message( __( 'There was an error joining the group.', 'buddypress' ), 'error' ); |
35 | 35 | bp_core_redirect( bp_get_group_permalink( $bp->groups->current_group ) ); |
… |
… |
function groups_action_join_group() { |
54 | 54 | */ |
55 | 55 | bp_core_load_template( apply_filters( 'groups_template_group_home', 'groups/single/home' ) ); |
56 | 56 | } |
57 | | add_action( 'bp_actions', 'groups_action_join_group' ); |
58 | | No newline at end of file |
| 57 | add_action( 'bp_actions', 'groups_action_join_group' ); |
diff --git a/src/bp-groups/bp-groups-filters.php b/src/bp-groups/bp-groups-filters.php
index f7920a352..d0a42a003 100644
a
|
b
|
function bp_groups_user_can_filter( $retval, $user_id, $capability, $site_id, $a |
216 | 216 | break; |
217 | 217 | } |
218 | 218 | |
| 219 | // Set to false to begin with. |
| 220 | $retval = false; |
| 221 | |
219 | 222 | // The group must allow joining, and the user should not currently be a member. |
220 | 223 | $group = groups_get_group( $group_id ); |
221 | | if ( 'public' === bp_get_group_status( $group ) |
| 224 | if ( ( 'public' === bp_get_group_status( $group ) |
222 | 225 | && ! groups_is_user_member( $user_id, $group->id ) |
223 | | && ! groups_is_user_banned( $user_id, $group->id ) |
| 226 | && ! groups_is_user_banned( $user_id, $group->id ) ) |
| 227 | // Site admins can join any group they are not a member of. |
| 228 | || ( bp_user_can( $user_id, 'bp_moderate' ) |
| 229 | && ! groups_is_user_member( $user_id, $group->id ) ) |
224 | 230 | ) { |
225 | 231 | $retval = true; |
226 | 232 | } |
… |
… |
function bp_groups_user_can_filter( $retval, $user_id, $capability, $site_id, $a |
232 | 238 | break; |
233 | 239 | } |
234 | 240 | |
| 241 | // Set to false to begin with. |
| 242 | $retval = false; |
| 243 | |
235 | 244 | /* |
236 | 245 | * The group must accept membership requests, and the user should not |
237 | 246 | * currently be a member, have an active request, or be banned. |
… |
… |
function bp_groups_user_can_filter( $retval, $user_id, $capability, $site_id, $a |
256 | 265 | * The group must allow invitations, and the user should not |
257 | 266 | * currently be a member or be banned from the group. |
258 | 267 | */ |
259 | | $group = groups_get_group( $group_id ); |
260 | 268 | // Users with the 'bp_moderate' cap can always send invitations. |
261 | 269 | if ( bp_user_can( $user_id, 'bp_moderate' ) ) { |
262 | 270 | $retval = true; |
… |
… |
function bp_groups_user_can_filter( $retval, $user_id, $capability, $site_id, $a |
291 | 299 | break; |
292 | 300 | } |
293 | 301 | |
| 302 | // Set to false to begin with. |
| 303 | $retval = false; |
| 304 | |
294 | 305 | /* |
295 | 306 | * The group must allow invitations, and the user should not |
296 | 307 | * currently be a member or be banned from the group. |
diff --git a/tests/phpunit/testcases/groups/user_can.php b/tests/phpunit/testcases/groups/user_can.php
index 19df3a0d9..8a7a1d5e1 100644
a
|
b
|
class BP_Tests_Groups_User_Can_Filter extends BP_UnitTestCase { |
24 | 24 | $this->assertFalse( bp_user_can( $u1, 'groups_join_group', array( 'group_id' => $g1 ) ) ); |
25 | 25 | } |
26 | 26 | |
| 27 | /** |
| 28 | * @ticket BP7610 |
| 29 | */ |
| 30 | public function test_user_cannot_join_public_group_if_already_member_even_superadmin() { |
| 31 | $g1 = $this->factory->group->create( array( |
| 32 | 'status' => 'public' |
| 33 | ) ); |
| 34 | $u1 = $this->factory->user->create(); |
| 35 | $this->add_user_to_group( $u1, $g1 ); |
| 36 | |
| 37 | // Grant super admin status. |
| 38 | grant_super_admin( $u1 ); |
| 39 | |
| 40 | $this->assertFalse( bp_user_can( $u1, 'groups_join_group', array( 'group_id' => $g1 ) ) ); |
| 41 | } |
| 42 | |
27 | 43 | public function test_user_cannot_join_private_group() { |
28 | 44 | $g1 = $this->factory->group->create( array( |
29 | 45 | 'status' => 'private' |
… |
… |
class BP_Tests_Groups_User_Can_Filter extends BP_UnitTestCase { |
134 | 150 | $this->assertFalse( bp_user_can( $u1, 'groups_receive_invitation', array( 'group_id' => $g1 ) ) ); |
135 | 151 | } |
136 | 152 | |
| 153 | /** |
| 154 | * @ticket BP7610 |
| 155 | */ |
| 156 | public function test_user_cannot_receive_invitation_to_private_group_if_already_member_even_superadmin() { |
| 157 | $g1 = $this->factory->group->create( array( |
| 158 | 'status' => 'private' |
| 159 | ) ); |
| 160 | $u1 = $this->factory->user->create(); |
| 161 | $this->add_user_to_group( $u1, $g1 ); |
| 162 | |
| 163 | // Grant super admin status. |
| 164 | grant_super_admin( $u1 ); |
| 165 | |
| 166 | $this->assertFalse( bp_user_can( $u1, 'groups_receive_invitation', array( 'group_id' => $g1 ) ) ); |
| 167 | } |
137 | 168 | |
138 | 169 | public function test_user_cannot_receive_invitation_to_private_group_if_banned() { |
139 | 170 | $g1 = $this->factory->group->create( array( |
… |
… |
class BP_Tests_Groups_User_Can_Filter extends BP_UnitTestCase { |
368 | 399 | $this->assertTrue( bp_user_can( $u1, 'groups_see_group', array( 'group_id' => $g1 ) ) ); |
369 | 400 | } |
370 | 401 | |
| 402 | /** |
| 403 | * @ticket BP7610 |
| 404 | */ |
| 405 | public function test_user_can_groups_request_membership_for_super_admin() { |
| 406 | if ( ! is_multisite() ) { |
| 407 | return; |
| 408 | } |
| 409 | |
| 410 | $g1 = $this->factory->group->create( array( |
| 411 | 'status' => 'public' |
| 412 | ) ); |
| 413 | $u1 = $this->factory->user->create(); |
| 414 | $this->add_user_to_group( $u1, $g1 ); |
| 415 | |
| 416 | // Grant super admin status. |
| 417 | grant_super_admin( $u1 ); |
| 418 | |
| 419 | // Assert false since public groups shouldn't be able to request membership. |
| 420 | $this->assertFalse( bp_user_can( $u1, 'groups_request_membership', array( 'group_id' => $g1 ) ) ); |
| 421 | } |
371 | 422 | } |