Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
10/04/2020 04:44:28 PM (4 years ago)
Author:
imath
Message:

Core: improve the way BuddyPress adds the bp_moderate cap to Admins

This capability is dynamically added to the users having the manage_options one on regular configurations of WordPress (non multisite).

The private function _bp_enforce_bp_moderate_cap_for_admins() has been deprecated and we are now using the private function _bp_roles_init() to do this capability mapping.

This need for improvement has been revealed by an issue about the incapacity for Admins to edit BP Emails if they weren't their authors.

Props shanebp, boonebgorges, johnjamesjacoby

Fixes #8355

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/bp-core/bp-core-caps.php

    r11107 r12740  
    346346
    347347/**
     348 * Adds the `bp_moderate` cap to Roles having the `manage_options` cap when
     349 * BuddyPress is not active on the network.
     350 *
     351 * @since 7.0.0
     352 *
     353 * @access private
     354 *
     355 * @param WP_Roles $wp_roles The WordPress roles object.
     356 */
     357function _bp_roles_init( WP_Roles $wp_roles ) {
     358    $roles_list = array();
     359    $caps_list  = wp_list_pluck( $wp_roles->role_objects, 'capabilities' );
     360
     361    // Look for roles having the `manage_options` capability set to true.
     362    $filtered_list = wp_list_filter( $caps_list, array( 'manage_options' => true ) );
     363
     364    if ( $filtered_list ) {
     365        $roles_list = array_keys( $filtered_list );
     366
     367        // Loop into roles list to add the `bp_moderate` capability.
     368        foreach ( $roles_list as $role ) {
     369            if ( isset( $wp_roles->roles[ $role ] ) ) {
     370                $wp_roles->roles[ $role ]['capabilities']['bp_moderate'] = true;
     371            }
     372
     373            if ( isset( $wp_roles->role_objects[ $role ] ) ) {
     374                $wp_roles->role_objects[ $role ]->capabilities['bp_moderate'] = true;
     375            }
     376        }
     377    }
     378
     379    // Make sure to remove the `bp_moderate` capability from roles when BuddyPress is network activated.
     380    if ( bp_is_network_activated() ) {
     381        foreach ( $roles_list as $role ) {
     382            unset( $wp_roles->roles[ $role ]['capabilities']['bp_moderate'], $wp_roles->role_objects[ $role ]->capabilities['bp_moderate'] );
     383        }
     384    }
     385}
     386add_action( 'wp_roles_init', '_bp_roles_init', 10, 1 );
     387
     388/** Deprecated ****************************************************************/
     389
     390/**
    348391 * Temporary implementation of 'bp_moderate' cap.
    349392 *
     
    364407 *
    365408 * @since 1.6.0
     409 * @deprecated 7.0.0
    366410 *
    367411 * @access private
     
    376420 */
    377421function _bp_enforce_bp_moderate_cap_for_admins( $caps = array(), $cap = '', $user_id = 0, $args = array() ) {
     422    _deprecated_function( __FUNCTION__, '7.0.0' );
    378423
    379424    // Bail if not checking the 'bp_moderate' cap.
     
    395440    return array( 'manage_options' );
    396441}
    397 add_filter( 'map_meta_cap', '_bp_enforce_bp_moderate_cap_for_admins', 10, 4 );
    398 
    399 /** Deprecated ****************************************************************/
    400442
    401443/**
Note: See TracChangeset for help on using the changeset viewer.