Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
04/13/2018 02:01:12 PM (6 years ago)
Author:
dcavins
Message:

Fix admin user cases in bp_groups_user_can_filter().

If a user is an admin, he or she is pretty much allowed to do anything, so the capability has been approved before bp_groups_user_can_filter() filters the value. In a few cases, even admins need to satisfy a few other requirements before being allowed to do something, like request membership in a group, where even site admins need to not be members of the group.

Props r-a-y, dcavins.

See #7610.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/tests/phpunit/testcases/groups/user_can.php

    r11776 r11970  
    2525    }
    2626
     27    /**
     28     * @ticket BP7610
     29     */
     30    public function test_user_cannot_join_public_group_if_already_member_even_superadmin() {
     31        $g1 = $this->factory->group->create( array(
     32            'status'      => 'public'
     33        ) );
     34        $u1 = $this->factory->user->create();
     35        $this->add_user_to_group( $u1, $g1 );
     36
     37        // Grant super admin status.
     38        grant_super_admin( $u1 );
     39
     40        $this->assertFalse( bp_user_can( $u1, 'groups_join_group', array( 'group_id' => $g1 ) ) );
     41    }
     42
    2743    public function test_user_cannot_join_private_group() {
    2844        $g1 = $this->factory->group->create( array(
     
    135151    }
    136152
     153    /**
     154     * @ticket BP7610
     155     */
     156    public function test_user_cannot_receive_invitation_to_private_group_if_already_member_even_superadmin() {
     157        $g1 = $this->factory->group->create( array(
     158            'status'      => 'private'
     159        ) );
     160        $u1 = $this->factory->user->create();
     161        $this->add_user_to_group( $u1, $g1 );
     162
     163        // Grant super admin status.
     164        grant_super_admin( $u1 );
     165
     166        $this->assertFalse( bp_user_can( $u1, 'groups_receive_invitation', array( 'group_id' => $g1 ) ) );
     167    }
    137168
    138169    public function test_user_cannot_receive_invitation_to_private_group_if_banned() {
     
    369400    }
    370401
     402    /**
     403     * @ticket BP7610
     404     */
     405    public function test_user_can_groups_request_membership_for_super_admin() {
     406        if ( ! is_multisite() ) {
     407            return;
     408        }
     409
     410        $g1 = $this->factory->group->create( array(
     411            'status' => 'public'
     412        ) );
     413        $u1 = $this->factory->user->create();
     414        $this->add_user_to_group( $u1, $g1 );
     415
     416        // Grant super admin status.
     417        grant_super_admin( $u1 );
     418
     419        // Assert false since public groups shouldn't be able to request membership.
     420        $this->assertFalse( bp_user_can( $u1, 'groups_request_membership', array( 'group_id' => $g1 ) ) );
     421    }
    371422}
Note: See TracChangeset for help on using the changeset viewer.