diff --git src/bp-core/admin/bp-core-admin-settings.php src/bp-core/admin/bp-core-admin-settings.php
index 0dc6b02c9..cd8ab22b9 100644
|
|
|
function bp_admin_setting_callback_group_cover_image_uploads() { |
| 349 | 349 | <?php |
| 350 | 350 | } |
| 351 | 351 | |
| | 352 | /** |
| | 353 | * 'Enable group activity deletions. |
| | 354 | * |
| | 355 | * @since 14.0.0 |
| | 356 | */ |
| | 357 | function bp_admin_setting_callback_group_activity_deletions() { |
| | 358 | ?> |
| | 359 | <input id="bp-enable-group-activity-deletions" name="bp-enable-group-activity-deletions" type="checkbox" value="1" <?php checked( bp_enable_group_activity_deletions() ); ?> /> |
| | 360 | <label for="bp-enable-group-activity-deletions"><?php esc_html_e( "Allow group administrators and moderators to delete activity items from their group's activity stream", 'buddypress' ); ?></label> |
| | 361 | <?php |
| | 362 | } |
| | 363 | |
| 352 | 364 | /** Account settings Section ************************************************************/ |
| 353 | 365 | |
| 354 | 366 | /** |
diff --git src/bp-core/bp-core-options.php src/bp-core/bp-core-options.php
index c0ec714dd..614ccd64e 100644
|
|
|
function bp_get_default_options() { |
| 62 | 62 | // Group Cover image uploads. |
| 63 | 63 | 'bp-disable-group-cover-image-uploads' => false, |
| 64 | 64 | |
| | 65 | // Allow Group Activity Deletions. |
| | 66 | 'bp-enable-group-activity-deletions' => false, |
| | 67 | |
| 65 | 68 | // Allow users to delete their own accounts. |
| 66 | 69 | 'bp-disable-account-deletion' => false, |
| 67 | 70 | |
| … |
… |
function bp_disable_group_cover_image_uploads( $default = false ) { |
| 585 | 588 | return (bool) apply_filters( 'bp_disable_group_cover_image_uploads', (bool) bp_get_option( 'bp-disable-group-cover-image-uploads', $default ) ); |
| 586 | 589 | } |
| 587 | 590 | |
| | 591 | /** |
| | 592 | * Are group activity deletions enabled? |
| | 593 | * |
| | 594 | * @since 14.0.0 |
| | 595 | * |
| | 596 | * @param bool $default Optional. Fallback value if not found in the database. |
| | 597 | * Default: false. |
| | 598 | * @return bool True if group activity deletions are enabled, otherwise false. |
| | 599 | */ |
| | 600 | function bp_enable_group_activity_deletions( $default = false ) { |
| | 601 | |
| | 602 | /** |
| | 603 | * Filters whether or not group creator, group admin or group mod are able to delete group activity posts. |
| | 604 | * |
| | 605 | * @since 14.0.0 |
| | 606 | * |
| | 607 | * @param bool $value Whether or not group creator, group admin or group mod are able to delete group activity post. |
| | 608 | */ |
| | 609 | return (bool) apply_filters( 'bp_enable_group_activity_deletions', (bool) bp_get_option( 'bp-enable-group-activity-deletions', $default ) ); |
| | 610 | } |
| | 611 | |
| 588 | 612 | /** |
| 589 | 613 | * Are members able to delete their own accounts? |
| 590 | 614 | * |
diff --git src/bp-core/classes/class-bp-admin.php src/bp-core/classes/class-bp-admin.php
index 7b263e133..680cf6cbc 100644
|
|
|
class BP_Admin { |
| 567 | 567 | add_settings_field( 'bp-disable-group-cover-image-uploads', __( 'Group Cover Image Uploads', 'buddypress' ), 'bp_admin_setting_callback_group_cover_image_uploads', 'buddypress', 'bp_groups' ); |
| 568 | 568 | register_setting( 'buddypress', 'bp-disable-group-cover-image-uploads', 'intval' ); |
| 569 | 569 | } |
| | 570 | |
| | 571 | // Allow group activity deletions. |
| | 572 | add_settings_field( 'bp-enable-group-activity-deletions', esc_html__( 'Group Activity Deletions', 'buddypress' ), 'bp_admin_setting_callback_group_activity_deletions', 'buddypress', 'bp_groups' ); |
| | 573 | register_setting( 'buddypress', 'bp-enable-group-activity-deletions', 'intval' ); |
| 570 | 574 | } |
| 571 | 575 | |
| 572 | 576 | /* Activity Section **************************************************/ |
diff --git src/bp-groups/bp-groups-activity.php src/bp-groups/bp-groups-activity.php
index 1cafacd66..143d1e177 100644
|
|
|
function groups_post_update( $args = '' ) { |
| 650 | 650 | * @return bool |
| 651 | 651 | */ |
| 652 | 652 | function bp_groups_filter_activity_user_can_delete( $retval, $activity ) { |
| 653 | | // Bail if no current user |
| 654 | | if ( ! is_user_logged_in() |
| | 653 | // Bail if no current user or group activity deletions are disabled. |
| | 654 | if ( ! is_user_logged_in() || ! bp_enable_group_activity_deletions() ) { |
| 655 | 655 | return $retval; |
| 656 | 656 | } |
| 657 | 657 | |
| 658 | | if ( isset( $activity->component ) || 'groups' !== $activity->component ) { |
| | 658 | if ( isset( $activity->component ) && 'groups' !== $activity->component ) { |
| 659 | 659 | return $retval; |
| 660 | 660 | } |
| 661 | 661 | |
| 662 | | // Trust the passed value for administrators. |
| 663 | | if ( bp_current_user_can( 'bp_moderate' ) ) { |
| | 662 | // The first conditional statement will trust the passed value for administrators. |
| | 663 | // The second conditional statement does not allow "site admin" activity posts to be deleted by "non site admins". |
| | 664 | if ( bp_current_user_can( 'bp_moderate' ) || bp_user_can( $activity->user_id, 'bp_moderate' ) ) { |
| 664 | 665 | return $retval; |
| 665 | 666 | } |
| 666 | 667 | |
| 667 | | // Group administrators or moderators can delete content in that group that doesn't belong to them. |
| 668 | 668 | $group_id = $activity->item_id; |
| | 669 | |
| | 670 | // Group administrators or moderators can delete content in which deletions are allowed for that group. |
| 669 | 671 | if ( groups_is_user_admin( bp_loggedin_user_id(), $group_id ) || groups_is_user_mod( bp_loggedin_user_id(), $group_id ) ) { |
| 670 | 672 | $retval = true; |
| 671 | 673 | } |