Skip to:
Content

BuddyPress.org

Changeset 8556


Ignore:
Timestamp:
07/03/2014 12:04:40 PM (10 years ago)
Author:
boonebgorges
Message:

Introduce 'no_access_url' param to bp_core_new_subnav_item()

bp_core_new_subnav_item() allows access to be controlled using the
'show_for_displayed_user' parameter. When this param is false for a given user,
the function attempts to determine a proper redirect URL. But this URL
determining logic assumes that we are looking at a user profile, while BP uses
bp_core_new_subnav_item() for group navigation as well. Rather than attempting
to bake more URL determination logic into bp_core_new_subnav_item() itself, we
introduce a 'no_access_url' parameter that allows calling functions to specify
dynamically the URL that users should be directed to when they do not have
permission to access a requested subnav item.

Fixes #5720

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/bp-core/bp-core-buddybar.php

    r8544 r8556  
    267267        'item_css_id'     => false, // The CSS ID to apply to the HTML of the nav item
    268268        'user_has_access' => true,  // Can the logged in user see this nav item?
     269        'no_access_url'   => '',
    269270        'site_admin_only' => false, // Can only site admins see this nav item?
    270271        'position'        => 90,    // Index of where this nav item should be positioned
     
    303304        'position'        => $position,
    304305        'user_has_access' => $user_has_access,
     306        'no_access_url'   => $no_access_url,
    305307        'screen_function' => &$screen_function
    306308    );
     
    376378            $bp = buddypress();
    377379
    378             // Redirect to the displayed user's default component
    379             // If the displayed user is different from the logged-
    380             // in user, we first check to ensure that the user has
    381             // access to the default component
    382             if ( bp_is_my_profile() || ! empty( $bp->bp_nav[ $bp->default_component ]['show_for_displayed_user'] ) ) {
     380            // If a redirect URL has been passed to the subnav
     381            // item, respect it
     382            if ( ! empty( $subnav_item['no_access_url'] ) ) {
    383383                $message     = __( 'You do not have access to this page.', 'buddypress' );
    384                 $redirect_to = bp_displayed_user_domain();
    385 
    386             // In some cases, the default tab is not accessible to
    387             // the logged-in user. So we look for a fallback.
     384                $redirect_to = trailingslashit( $subnav_item['no_access_url'] );
     385
     386            // In the case of a user page, we try to assume a
     387            // redirect URL
     388            } else if ( bp_is_user() ) {
     389
     390                // Redirect to the displayed user's default
     391                // component, as long as that component is
     392                // publicly accessible.
     393                if ( bp_is_my_profile() || ! empty( $bp->bp_nav[ $bp->default_component ]['show_for_displayed_user'] ) ) {
     394                    $message     = __( 'You do not have access to this page.', 'buddypress' );
     395                    $redirect_to = bp_displayed_user_domain();
     396
     397                // In some cases, the default tab is not accessible to
     398                // the logged-in user. So we fall back on a tab that we
     399                // know will be accessible.
     400                } else {
     401                    // Try 'activity' first
     402                    if ( bp_is_active( 'activity' ) && isset( $bp->pages->activity ) ) {
     403                        $redirect_to = trailingslashit( bp_displayed_user_domain() . bp_get_activity_slug() );
     404                    // Then try 'profile'
     405                    } else {
     406                        $redirect_to = trailingslashit( bp_displayed_user_domain() . ( 'xprofile' == $bp->profile->id ? 'profile' : $bp->profile->id ) );
     407                    }
     408
     409                    $message     = '';
     410                }
     411
     412            // Fall back to the home page
    388413            } else {
    389                 // Try 'activity' first
    390                 if ( bp_is_active( 'activity' ) && isset( $bp->pages->activity ) ) {
    391                     $redirect_to = trailingslashit( bp_displayed_user_domain() . bp_get_activity_slug() );
    392                 // Then try 'profile'
    393                 } else {
    394                     $redirect_to = trailingslashit( bp_displayed_user_domain() . ( 'xprofile' == $bp->profile->id ? 'profile' : $bp->profile->id ) );
    395                 }
    396 
    397                 $message     = '';
     414                $message     = __( 'You do not have access to this page.', 'buddypress' );
     415                $redirect_to = bp_get_root_domain();
    398416            }
    399417
  • trunk/tests/phpunit/testcases/core/nav.php

    r8545 r8556  
    285285        buddypress()->bp_nav = $old_bp_nav;
    286286    }
     287
     288    /**
     289     * @group bp_core_maybe_hook_new_subnav_screen_function
     290     */
     291    public function test_maybe_hook_new_subnav_screen_function_user_has_access_false_user_logged_in_group() {
     292        $u = $this->create_user();
     293        $g = $this->factory->group->create();
     294        $old_current_user = get_current_user_id();
     295        $this->set_current_user( $u );
     296
     297        $group = groups_get_group( array(
     298            'group_id' => $g,
     299        ) );
     300
     301        $this->go_to( bp_get_group_permalink( $group ) );
     302
     303        $subnav_item = array(
     304            'user_has_access' => false,
     305            'no_access_url' => bp_get_group_permalink( $group ),
     306        );
     307
     308        // Just test relevant info
     309        $found = bp_core_maybe_hook_new_subnav_screen_function( $subnav_item );
     310        $this->assertSame( 'failure', $found['status'] );
     311        $this->assertSame( bp_get_group_permalink( $group ), $found['redirect_args']['root'] );
     312
     313        // Clean up
     314        $this->set_current_user( $old_current_user );
     315    }
     316
     317    /**
     318     * @group bp_core_maybe_hook_new_subnav_screen_function
     319     */
     320    public function test_maybe_hook_new_subnav_screen_function_user_has_access_false_user_logged_in_group_no_redirect_url_provided() {
     321        $u = $this->create_user();
     322        $g = $this->factory->group->create();
     323        $old_current_user = get_current_user_id();
     324        $this->set_current_user( $u );
     325
     326        $group = groups_get_group( array(
     327            'group_id' => $g,
     328        ) );
     329
     330        $this->go_to( bp_get_group_permalink( $group ) );
     331
     332        $subnav_item = array(
     333            'user_has_access' => false,
     334        );
     335
     336        // Just test relevant info
     337        $found = bp_core_maybe_hook_new_subnav_screen_function( $subnav_item );
     338        $this->assertSame( 'failure', $found['status'] );
     339        $this->assertSame( bp_get_root_domain(), $found['redirect_args']['root'] );
     340
     341        // Clean up
     342        $this->set_current_user( $old_current_user );
     343    }
    287344}
Note: See TracChangeset for help on using the changeset viewer.