Skip to:
Content

BuddyPress.org

Ticket #7610: 7610-after-ray.patch

File 7610-after-ray.patch, 5.9 KB (added by dcavins, 6 years ago)

Add some special logic for site admins.

  • src/bp-groups/actions/join.php

    diff --git a/src/bp-groups/actions/join.php b/src/bp-groups/actions/join.php
    index 31b35b34f..4e19c3fb9 100644
    a b function groups_action_join_group() { 
    2828        // Skip if banned or already a member.
    2929        if ( !groups_is_user_member( bp_loggedin_user_id(), $bp->groups->current_group->id ) && !groups_is_user_banned( bp_loggedin_user_id(), $bp->groups->current_group->id ) ) {
    3030
    31                 // User wants to join a group that is not public.
    32                 if ( bp_current_user_can( 'groups_join_group', array( 'group_id' => $bp->groups->current_group->id ) ) ) {
     31                // User wants to join a group that requires an invitation to join.
     32                if ( ! bp_current_user_can( 'groups_join_group', array( 'group_id' => $bp->groups->current_group->id ) ) ) {
    3333                        if ( !groups_check_user_has_invite( bp_loggedin_user_id(), $bp->groups->current_group->id ) ) {
    3434                                bp_core_add_message( __( 'There was an error joining the group.', 'buddypress' ), 'error' );
    3535                                bp_core_redirect( bp_get_group_permalink( $bp->groups->current_group ) );
    function groups_action_join_group() { 
    5454         */
    5555        bp_core_load_template( apply_filters( 'groups_template_group_home', 'groups/single/home' ) );
    5656}
    57 add_action( 'bp_actions', 'groups_action_join_group' );
    58  No newline at end of file
     57add_action( 'bp_actions', 'groups_action_join_group' );
  • src/bp-groups/bp-groups-filters.php

    diff --git a/src/bp-groups/bp-groups-filters.php b/src/bp-groups/bp-groups-filters.php
    index f7920a352..d0a42a003 100644
    a b function bp_groups_user_can_filter( $retval, $user_id, $capability, $site_id, $a 
    216216                                break;
    217217                        }
    218218
     219                        // Set to false to begin with.
     220                        $retval = false;
     221
    219222                        // The group must allow joining, and the user should not currently be a member.
    220223                        $group = groups_get_group( $group_id );
    221                         if ( 'public' === bp_get_group_status( $group )
     224                        if ( ( 'public' === bp_get_group_status( $group )
    222225                                && ! groups_is_user_member( $user_id, $group->id )
    223                                 && ! groups_is_user_banned( $user_id, $group->id )
     226                                && ! groups_is_user_banned( $user_id, $group->id ) )
     227                                // Site admins can join any group they are not a member of.
     228                                || ( bp_user_can( $user_id, 'bp_moderate' )
     229                                && ! groups_is_user_member( $user_id, $group->id ) )
    224230                        ) {
    225231                                $retval = true;
    226232                        }
    function bp_groups_user_can_filter( $retval, $user_id, $capability, $site_id, $a 
    232238                                break;
    233239                        }
    234240
     241                        // Set to false to begin with.
     242                        $retval = false;
     243
    235244                        /*
    236245                        * The group must accept membership requests, and the user should not
    237246                        * currently be a member, have an active request, or be banned.
    function bp_groups_user_can_filter( $retval, $user_id, $capability, $site_id, $a 
    256265                        * The group must allow invitations, and the user should not
    257266                        * currently be a member or be banned from the group.
    258267                        */
    259                         $group = groups_get_group( $group_id );
    260268                        // Users with the 'bp_moderate' cap can always send invitations.
    261269                        if ( bp_user_can( $user_id, 'bp_moderate' ) ) {
    262270                                $retval = true;
    function bp_groups_user_can_filter( $retval, $user_id, $capability, $site_id, $a 
    291299                                break;
    292300                        }
    293301
     302                        // Set to false to begin with.
     303                        $retval = false;
     304
    294305                        /*
    295306                        * The group must allow invitations, and the user should not
    296307                        * currently be a member or be banned from the group.
  • tests/phpunit/testcases/groups/user_can.php

    diff --git a/tests/phpunit/testcases/groups/user_can.php b/tests/phpunit/testcases/groups/user_can.php
    index 19df3a0d9..8a7a1d5e1 100644
    a b class BP_Tests_Groups_User_Can_Filter extends BP_UnitTestCase { 
    2424                $this->assertFalse( bp_user_can( $u1, 'groups_join_group', array( 'group_id' => $g1 ) ) );
    2525        }
    2626
     27        /**
     28         * @ticket BP7610
     29         */
     30        public function test_user_cannot_join_public_group_if_already_member_even_superadmin() {
     31                $g1 = $this->factory->group->create( array(
     32                        'status'      => 'public'
     33                ) );
     34                $u1 = $this->factory->user->create();
     35                $this->add_user_to_group( $u1, $g1 );
     36
     37                // Grant super admin status.
     38                grant_super_admin( $u1 );
     39
     40                $this->assertFalse( bp_user_can( $u1, 'groups_join_group', array( 'group_id' => $g1 ) ) );
     41        }
     42
    2743        public function test_user_cannot_join_private_group() {
    2844                $g1 = $this->factory->group->create( array(
    2945                        'status'      => 'private'
    class BP_Tests_Groups_User_Can_Filter extends BP_UnitTestCase { 
    134150                $this->assertFalse( bp_user_can( $u1, 'groups_receive_invitation', array( 'group_id' => $g1 ) ) );
    135151        }
    136152
     153        /**
     154         * @ticket BP7610
     155         */
     156        public function test_user_cannot_receive_invitation_to_private_group_if_already_member_even_superadmin() {
     157                $g1 = $this->factory->group->create( array(
     158                        'status'      => 'private'
     159                ) );
     160                $u1 = $this->factory->user->create();
     161                $this->add_user_to_group( $u1, $g1 );
     162
     163                // Grant super admin status.
     164                grant_super_admin( $u1 );
     165
     166                $this->assertFalse( bp_user_can( $u1, 'groups_receive_invitation', array( 'group_id' => $g1 ) ) );
     167        }
    137168
    138169        public function test_user_cannot_receive_invitation_to_private_group_if_banned() {
    139170                $g1 = $this->factory->group->create( array(
    class BP_Tests_Groups_User_Can_Filter extends BP_UnitTestCase { 
    368399                $this->assertTrue( bp_user_can( $u1, 'groups_see_group', array( 'group_id' => $g1 ) ) );
    369400        }
    370401
     402        /**
     403         * @ticket BP7610
     404         */
     405        public function test_user_can_groups_request_membership_for_super_admin() {
     406                if ( ! is_multisite() ) {
     407                        return;
     408                }
     409
     410                $g1 = $this->factory->group->create( array(
     411                        'status' => 'public'
     412                ) );
     413                $u1 = $this->factory->user->create();
     414                $this->add_user_to_group( $u1, $g1 );
     415
     416                // Grant super admin status.
     417                grant_super_admin( $u1 );
     418
     419                // Assert false since public groups shouldn't be able to request membership.
     420                $this->assertFalse( bp_user_can( $u1, 'groups_request_membership', array( 'group_id' => $g1 ) ) );
     421        }
    371422}