Skip to:
Content

BuddyPress.org

Changeset 6185


Ignore:
Timestamp:
07/18/2012 06:16:32 PM (12 years ago)
Author:
boonebgorges
Message:

Improves current_user_can( 'bp_moderate' ) implementation for 1.6 release

The newly introduced bp_moderate cap must be manually added to the
Administrator role on order for it to work properly under the current
implementation of BP caps, wherein they are not stored in the database like
other caps.

This is a workaround, which will be reverted for BP 1.7.

Allows other caps passing through bp_current_user_can() to be evaluated
properly, without being overridden for super admins.

Fixes #4296

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/bp-core/bp-core-caps.php

    r6093 r6185  
    380380function bp_current_user_can( $capability, $blog_id = 0 ) {
    381381
    382     // @todo: remove this when implemented
    383     if ( is_super_admin() )
    384         return true;
    385 
    386382    // Use root blog if no ID passed
    387383    if ( empty( $blog_id ) )
     
    393389}
    394390
     391/**
     392 * Temporary implementation of 'bp_moderate' cap
     393 *
     394 * In BuddyPress 1.6, the 'bp_moderate' cap was introduced. In order to enforce that
     395 * bp_current_user_can( 'bp_moderate' ) always returns true for Administrators, we must manually
     396 * add the 'bp_moderate' cap to the list of user caps for Admins.
     397 *
     398 * Note that this level of enforcement is only necessary in the case of non-Multisite. This is
     399 * because WordPress automatically assigns every capability - and thus 'bp_moderate' - to Super
     400 * Admins on a Multisite installation. See WP_User::has_cap().
     401 *
     402 * This implementation of 'bp_moderate' is temporary, until BuddyPress properly matches caps to
     403 * roles and stores them in the database. Plugin authors: Do not use this function.
     404 *
     405 * @since BuddyPress (1.6)
     406 * @see WP_User::has_cap()
     407 *
     408 * @param array $allcaps The caps that WP associates with the given role
     409 * @param array $caps The caps being tested for in WP_User::has_cap()
     410 * @param array $args Miscellaneous arguments passed to the user_has_cap filter
     411 * @return array $allcaps The user's cap list, with 'bp_moderate' appended, if relevant
     412 */
     413function _bp_enforce_bp_moderate_cap_for_admins( $allcaps, $caps, $args ) {
     414    if ( in_array( 'bp_moderate', $caps ) &&   // We only care if checking for bp_moderate
     415         !in_array( 'do_not_allow', $caps ) && // 'do_not_allow' overrides everything else
     416         !is_multisite() &&                    // Check not necessary on Multisite
     417         isset( $allcaps['delete_users'] ) )   // Mimicking WP's check for Administrator status
     418    {
     419        $allcaps['bp_moderate'] = true;
     420    }
     421
     422    return $allcaps;
     423}
     424add_filter( 'user_has_cap', '_bp_enforce_bp_moderate_cap_for_admins', 10, 3 );
     425
    395426?>
Note: See TracChangeset for help on using the changeset viewer.