Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
05/24/2024 05:43:34 AM (22 months ago)
Author:
imath
Message:

Groups: improve group activity moderation delegation to admins & mods

  • Introduce a new BP Groups global setting to let Site Administrators decide whether group admins & mods can delete their group activities or not.
  • NB: Group creators can keep the control about who can delete their group activities using group role promotion (allow: promote some members as mods or admins. Disallow: do not promote anyone).
  • Make sure the bp_groups_filter_activity_user_can_delete() filter takes in account this setting and behaves as expected (eventually allowing group admins/mods to delete group activities).
  • Add unit tests

This ticket is a perfect example of a great collaborative work between all members of the BP Team. Great job 💪.

Props: emaralive, vapvarun, dcavins, espellcaste, needle

Fixes #8728
Closes https://github.com/buddypress/buddypress/pull/278

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/bp-groups/bp-groups-activity.php

    r13496 r13870  
    651651 */
    652652function bp_groups_filter_activity_user_can_delete( $retval, $activity ) {
    653     // Bail if no current user.
    654     if ( ! is_user_logged_in() ) {
     653    // Bail if no current user or group activity deletions are disabled.
     654    if ( ! is_user_logged_in() || bp_disable_group_activity_deletions() ) {
    655655        return $retval;
    656656    }
    657657
    658     if ( isset( $activity->component ) || 'groups' !== $activity->component ) {
     658    if ( ! isset( $activity->component ) || 'groups' !== $activity->component ) {
    659659        return $retval;
    660660    }
    661661
    662     // Trust the passed value for administrators.
    663     if ( bp_current_user_can( 'bp_moderate' ) ) {
     662    // The first conditional statement will trust the passed value for administrators.
     663    // The second conditional statement does not allow "site admin" activity posts to be deleted by "non site admins".
     664    if ( bp_current_user_can( 'bp_moderate' ) || bp_user_can( $activity->user_id, 'bp_moderate' ) ) {
    664665        return $retval;
    665666    }
    666667
    667     // Group administrators or moderators can delete content in that group that doesn't belong to them.
    668668    $group_id = $activity->item_id;
     669
     670    // Group administrators or moderators can delete content in which deletions are allowed for that group.
    669671    if ( groups_is_user_admin( bp_loggedin_user_id(), $group_id ) || groups_is_user_mod( bp_loggedin_user_id(), $group_id ) ) {
    670672        $retval = true;
Note: See TracChangeset for help on using the changeset viewer.