Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
07/12/2014 01:26:36 AM (12 years ago)
Author:
boonebgorges
Message:

Overhaul access and visibility control for group tabs

Previously, access control to group tabs was handled in two ways:

  • for BP_Group_Extension tabs, the 'enable_nav_item' and 'visibility' provided some control over access to plugin developers, though it was inconsistent, buggy, and difficult to implement properly
  • for tabs provided by bp-groups, access to the tabs of non-public groups was controlled directly in the BP_Groups_Component::setup_globals() method

Aside from being unclear for developers, this technique for controlling access
was also inflexible. For non-public groups, tab access was hardcoded and
handled before BP_Group_Extension plugins even had a chance to load. As a
result, it was essentially impossible to add public tabs to non-public groups
(among other non-standard customizations).

The current changeset comprises a number of changes that make tab access more
consistent and flexible:

  • Access control is moved to the new bp_groups_group_access_protection() function. This function has the necessary filters to customize access protection in arbitrary ways. And because it loads at 'bp_actions' - just before the page begins to render - all extensions have had a chance to load and register themselves with the desired access settings.
  • The 'visibility' and 'enable_nav_item' properties of BP_Group_Extension are phased out in favor of 'access' and 'show_tab' params. 'access' controls who can visit the tab, while 'show_tab' controls who can see the item in the navigation. These new properties have intelligent defaults (based on the privacy level of the group), but can be overridden with a number of custom settings: 'admin', 'mod', 'member', 'loggedin', 'anyone', or 'noone'. Backward compatibility is maintained, so that existing BP_Group_Extension plugins that use enable_nav_item or visibility will continue to work as before.

Fixes #4785

Props boonebgorges, dcavins, imath

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/tests/phpunit/testcases/groups/class-bp-group-extension.php

    r8538 r8605  
    347347        $this->set_current_user( $old_current_user );
    348348    }
     349
     350    /**
     351     * @group user_can_visit
     352     */
     353    public function test_user_can_visit_inferred_from_enable_nav_item() {
     354        $old_current_user = get_current_user_id();
     355
     356        $g = $this->factory->group->create( array(
     357            'status' => 'public',
     358        ) );
     359        $g_obj = groups_get_group( array( 'group_id' => $g ) );
     360        $this->go_to( bp_get_group_permalink( $g_obj ) );
     361
     362        $this->set_current_user( 0 );
     363
     364        $e = new BPTest_Group_Extension_Inferred_Access_Settings_EnableNavItem_True();
     365        $e->_register();
     366        $this->assertTrue( $e->user_can_visit() );
     367
     368        $e2 = new BPTest_Group_Extension_Inferred_Access_Settings_EnableNavItem_False();
     369        $e2->_register();
     370        $this->assertFalse( $e2->user_can_visit() );
     371
     372        $this->set_current_user( $old_current_user );
     373    }
     374
     375    /**
     376     * @group user_can_visit
     377     */
     378    public function test_user_can_visit_explicit_for_logged_out_user() {
     379        $old_current_user = get_current_user_id();
     380        $this->set_current_user( 0 );
     381
     382        $g = $this->factory->group->create( array(
     383            'status' => 'public',
     384        ) );
     385        $g_obj = groups_get_group( array( 'group_id' => $g ) );
     386        $this->go_to( bp_get_group_permalink( $g_obj ) );
     387
     388        $e1 = new BPTest_Group_Extension_Access_Anyone();
     389        $e1->_register();
     390        $this->assertTrue( $e1->user_can_visit() );
     391
     392        $e2 = new BPTest_Group_Extension_Access_Loggedin();
     393        $e2->_register();
     394        $this->assertFalse( $e2->user_can_visit() );
     395
     396        $e3 = new BPTest_Group_Extension_Access_Member();
     397        $e3->_register();
     398        $this->assertFalse( $e3->user_can_visit() );
     399
     400        $e4 = new BPTest_Group_Extension_Access_AdminMod();
     401        $e4->_register();
     402        $this->assertFalse( $e4->user_can_visit() );
     403
     404        $e5 = new BPTest_Group_Extension_Access_Admin();
     405        $e5->_register();
     406        $this->assertFalse( $e5->user_can_visit() );
     407
     408        $e6 = new BPTest_Group_Extension_Access_Noone();
     409        $e6->_register();
     410        $this->assertFalse( $e6->user_can_visit() );
     411
     412        $this->set_current_user( $old_current_user );
     413    }
     414
     415    /**
     416     * @group user_can_visit
     417     */
     418    public function test_user_can_visit_explicit_for_logged_in_user() {
     419        $g = $this->factory->group->create( array(
     420            'status' => 'public',
     421        ) );
     422        $g_obj = groups_get_group( array( 'group_id' => $g ) );
     423
     424        $u = $this->create_user();
     425        $old_current_user = get_current_user_id();
     426        $this->set_current_user( $u );
     427
     428        $this->go_to( bp_get_group_permalink( $g_obj ) );
     429
     430        $e1 = new BPTest_Group_Extension_Access_Anyone();
     431        $e1->_register();
     432        $this->assertTrue( $e1->user_can_visit() );
     433
     434        $e2 = new BPTest_Group_Extension_Access_Loggedin();
     435        $e2->_register();
     436        $this->assertTrue( $e2->user_can_visit() );
     437
     438        $e3 = new BPTest_Group_Extension_Access_Member();
     439        $e3->_register();
     440        $this->assertFalse( $e3->user_can_visit() );
     441
     442        $e4 = new BPTest_Group_Extension_Access_AdminMod();
     443        $e4->_register();
     444        $this->assertFalse( $e4->user_can_visit() );
     445
     446        $e5 = new BPTest_Group_Extension_Access_Admin();
     447        $e5->_register();
     448        $this->assertFalse( $e5->user_can_visit() );
     449
     450        $e6 = new BPTest_Group_Extension_Access_Noone();
     451        $e6->_register();
     452        $this->assertFalse( $e6->user_can_visit() );
     453
     454        $this->set_current_user( $old_current_user );
     455    }
     456
     457    /**
     458     * @group user_can_visit
     459     */
     460    public function test_user_can_visit_explicit_for_group_member() {
     461        $g = $this->factory->group->create( array(
     462            'status' => 'public',
     463        ) );
     464        $g_obj = groups_get_group( array( 'group_id' => $g ) );
     465
     466        $u = $this->create_user();
     467        $old_current_user = get_current_user_id();
     468        $this->set_current_user( $u );
     469
     470        $this->add_user_to_group( $u, $g );
     471
     472        $this->go_to( bp_get_group_permalink( $g_obj ) );
     473
     474        $e1 = new BPTest_Group_Extension_Access_Anyone();
     475        $e1->_register();
     476        $this->assertTrue( $e1->user_can_visit() );
     477
     478        $e2 = new BPTest_Group_Extension_Access_Loggedin();
     479        $e2->_register();
     480        $this->assertTrue( $e2->user_can_visit() );
     481
     482        $e3 = new BPTest_Group_Extension_Access_Member();
     483        $e3->_register();
     484        $this->assertTrue( $e3->user_can_visit() );
     485
     486        $e4 = new BPTest_Group_Extension_Access_AdminMod();
     487        $e4->_register();
     488        $this->assertFalse( $e4->user_can_visit() );
     489
     490        $e5 = new BPTest_Group_Extension_Access_Admin();
     491        $e5->_register();
     492        $this->assertFalse( $e5->user_can_visit() );
     493
     494        $e6 = new BPTest_Group_Extension_Access_Noone();
     495        $e6->_register();
     496        $this->assertFalse( $e6->user_can_visit() );
     497
     498        $this->set_current_user( $old_current_user );
     499    }
     500
     501    /**
     502     * @group user_can_visit
     503     */
     504    public function test_user_can_visit_explicit_for_group_mod() {
     505        $g = $this->factory->group->create( array(
     506            'status' => 'public',
     507        ) );
     508        $g_obj = groups_get_group( array( 'group_id' => $g ) );
     509
     510        $u = $this->create_user();
     511        $old_current_user = get_current_user_id();
     512        $this->set_current_user( $u );
     513
     514        $m = $this->add_user_to_group( $u, $g );
     515        $gm = new BP_Groups_Member( $u, $g );
     516        $gm->promote( 'mod' );
     517
     518        $this->go_to( bp_get_group_permalink( $g_obj ) );
     519
     520        $e1 = new BPTest_Group_Extension_Access_Anyone();
     521        $e1->_register();
     522        $this->assertTrue( $e1->user_can_visit() );
     523
     524        $e2 = new BPTest_Group_Extension_Access_Loggedin();
     525        $e2->_register();
     526        $this->assertTrue( $e2->user_can_visit() );
     527
     528        $e3 = new BPTest_Group_Extension_Access_Member();
     529        $e3->_register();
     530        $this->assertTrue( $e3->user_can_visit() );
     531
     532        $e4 = new BPTest_Group_Extension_Access_AdminMod();
     533        $e4->_register();
     534        $this->assertTrue( $e4->user_can_visit() );
     535
     536        $e5 = new BPTest_Group_Extension_Access_Admin();
     537        $e5->_register();
     538        $this->assertFalse( $e5->user_can_visit() );
     539
     540        $e6 = new BPTest_Group_Extension_Access_Noone();
     541        $e6->_register();
     542        $this->assertFalse( $e6->user_can_visit() );
     543
     544        $this->set_current_user( $old_current_user );
     545    }
     546
     547    /**
     548     * @group user_can_visit
     549     */
     550    public function test_user_can_visit_explicit_for_group_admin() {
     551        $g = $this->factory->group->create( array(
     552            'status' => 'public',
     553        ) );
     554        $g_obj = groups_get_group( array( 'group_id' => $g ) );
     555
     556        $u = $this->create_user();
     557        $old_current_user = get_current_user_id();
     558        $this->set_current_user( $u );
     559
     560        $m = $this->add_user_to_group( $u, $g );
     561        $gm = new BP_Groups_Member( $u, $g );
     562        $gm->promote( 'admin' );
     563
     564        $this->go_to( bp_get_group_permalink( $g_obj ) );
     565
     566        $e1 = new BPTest_Group_Extension_Access_Anyone();
     567        $e1->_register();
     568        $this->assertTrue( $e1->user_can_visit() );
     569
     570        $e2 = new BPTest_Group_Extension_Access_Loggedin();
     571        $e2->_register();
     572        $this->assertTrue( $e2->user_can_visit() );
     573
     574        $e3 = new BPTest_Group_Extension_Access_Member();
     575        $e3->_register();
     576        $this->assertTrue( $e3->user_can_visit() );
     577
     578        $e4 = new BPTest_Group_Extension_Access_AdminMod();
     579        $e4->_register();
     580        $this->assertTrue( $e4->user_can_visit() );
     581
     582        $e5 = new BPTest_Group_Extension_Access_Admin();
     583        $e5->_register();
     584        $this->assertTrue( $e5->user_can_visit() );
     585
     586        $e6 = new BPTest_Group_Extension_Access_Noone();
     587        $e6->_register();
     588        $this->assertFalse( $e6->user_can_visit() );
     589
     590        $this->set_current_user( $old_current_user );
     591    }
     592
     593    /**
     594     * @group user_can_see_nav_item
     595     */
     596    public function test_user_can_see_nav_item_implied() {
     597        $g = $this->factory->group->create( array(
     598            'status' => 'public',
     599        ) );
     600        $g_obj = groups_get_group( array( 'group_id' => $g ) );
     601
     602        $old_current_user = get_current_user_id();
     603        $this->set_current_user( 0 );
     604
     605        $this->go_to( bp_get_group_permalink( $g_obj ) );
     606
     607        $e1 = new BPTest_Group_Extension_Access_Anyone();
     608        $e1->_register();
     609        $this->assertTrue( $e1->user_can_see_nav_item() );
     610
     611        $e2 = new BPTest_Group_Extension_Access_Loggedin();
     612        $e2->_register();
     613        $this->assertFalse( $e2->user_can_see_nav_item() );
     614
     615        $e3 = new BPTest_Group_Extension_Access_Member();
     616        $e3->_register();
     617        $this->assertFalse( $e3->user_can_see_nav_item() );
     618
     619        $e4 = new BPTest_Group_Extension_Access_AdminMod();
     620        $e4->_register();
     621        $this->assertFalse( $e4->user_can_see_nav_item() );
     622
     623        $e5 = new BPTest_Group_Extension_Access_Admin();
     624        $e5->_register();
     625        $this->assertFalse( $e5->user_can_see_nav_item() );
     626
     627        $e6 = new BPTest_Group_Extension_Access_Noone();
     628        $e6->_register();
     629        $this->assertFalse( $e6->user_can_visit() );
     630
     631        $this->set_current_user( $old_current_user );
     632    }
     633
     634    /**
     635     * @group user_can_see_nav_item
     636     */
     637    public function test_user_can_see_nav_item_explicit_for_logged_out_user() {
     638        $g = $this->factory->group->create( array(
     639            'status' => 'public',
     640        ) );
     641        $g_obj = groups_get_group( array( 'group_id' => $g ) );
     642
     643        $old_current_user = get_current_user_id();
     644        $this->set_current_user( 0 );
     645
     646        $this->go_to( bp_get_group_permalink( $g_obj ) );
     647
     648        $e1 = new BPTest_Group_Extension_ShowTab_Anyone();
     649        $e1->_register();
     650        $this->assertTrue( $e1->user_can_see_nav_item() );
     651
     652        $e2 = new BPTest_Group_Extension_ShowTab_Loggedin();
     653        $e2->_register();
     654        $this->assertFalse( $e2->user_can_see_nav_item() );
     655
     656        $e3 = new BPTest_Group_Extension_ShowTab_Member();
     657        $e3->_register();
     658        $this->assertFalse( $e3->user_can_see_nav_item() );
     659
     660        $e4 = new BPTest_Group_Extension_ShowTab_AdminMod();
     661        $e4->_register();
     662        $this->assertFalse( $e4->user_can_see_nav_item() );
     663
     664        $e5 = new BPTest_Group_Extension_ShowTab_Admin();
     665        $e5->_register();
     666        $this->assertFalse( $e5->user_can_see_nav_item() );
     667
     668        $e6 = new BPTest_Group_Extension_ShowTab_Noone();
     669        $e6->_register();
     670        $this->assertFalse( $e6->user_can_see_nav_item() );
     671
     672        $this->set_current_user( $old_current_user );
     673    }
     674
     675    /**
     676     * @group user_can_see_nav_item
     677     */
     678    public function test_user_can_see_nav_item_explicit_for_logged_in_user() {
     679        $g = $this->factory->group->create( array(
     680            'status' => 'public',
     681        ) );
     682        $g_obj = groups_get_group( array( 'group_id' => $g ) );
     683
     684        $u = $this->create_user();
     685        $old_current_user = get_current_user_id();
     686        $this->set_current_user( $u );
     687
     688        $this->go_to( bp_get_group_permalink( $g_obj ) );
     689
     690        $e1 = new BPTest_Group_Extension_ShowTab_Anyone();
     691        $e1->_register();
     692        $this->assertTrue( $e1->user_can_see_nav_item() );
     693
     694        $e2 = new BPTest_Group_Extension_ShowTab_Loggedin();
     695        $e2->_register();
     696        $this->assertTrue( $e2->user_can_see_nav_item() );
     697
     698        $e3 = new BPTest_Group_Extension_ShowTab_Member();
     699        $e3->_register();
     700        $this->assertFalse( $e3->user_can_see_nav_item() );
     701
     702        $e4 = new BPTest_Group_Extension_ShowTab_AdminMod();
     703        $e4->_register();
     704        $this->assertFalse( $e4->user_can_see_nav_item() );
     705
     706        $e5 = new BPTest_Group_Extension_ShowTab_Admin();
     707        $e5->_register();
     708        $this->assertFalse( $e5->user_can_see_nav_item() );
     709
     710        $e6 = new BPTest_Group_Extension_ShowTab_Noone();
     711        $e6->_register();
     712        $this->assertFalse( $e6->user_can_see_nav_item() );
     713
     714        $this->set_current_user( $old_current_user );
     715    }
     716
     717    /**
     718     * @group user_can_see_nav_item
     719     */
     720    public function test_user_can_see_nav_item_explicit_for_group_member() {
     721        $g = $this->factory->group->create( array(
     722            'status' => 'public',
     723        ) );
     724        $g_obj = groups_get_group( array( 'group_id' => $g ) );
     725
     726        $u = $this->create_user();
     727        $old_current_user = get_current_user_id();
     728        $this->set_current_user( $u );
     729
     730        $this->add_user_to_group( $u, $g );
     731
     732        $this->go_to( bp_get_group_permalink( $g_obj ) );
     733
     734        $e1 = new BPTest_Group_Extension_ShowTab_Anyone();
     735        $e1->_register();
     736        $this->assertTrue( $e1->user_can_see_nav_item() );
     737
     738        $e2 = new BPTest_Group_Extension_ShowTab_Loggedin();
     739        $e2->_register();
     740        $this->assertTrue( $e2->user_can_see_nav_item() );
     741
     742        $e3 = new BPTest_Group_Extension_ShowTab_Member();
     743        $e3->_register();
     744        $this->assertTrue( $e3->user_can_see_nav_item() );
     745
     746        $e4 = new BPTest_Group_Extension_ShowTab_AdminMod();
     747        $e4->_register();
     748        $this->assertFalse( $e4->user_can_see_nav_item() );
     749
     750        $e5 = new BPTest_Group_Extension_ShowTab_Admin();
     751        $e5->_register();
     752        $this->assertFalse( $e5->user_can_see_nav_item() );
     753
     754        $e6 = new BPTest_Group_Extension_ShowTab_Noone();
     755        $e6->_register();
     756        $this->assertFalse( $e6->user_can_see_nav_item() );
     757
     758        $this->set_current_user( $old_current_user );
     759    }
     760
     761    /**
     762     * @group user_can_see_nav_item
     763     */
     764    public function test_user_can_see_nav_item_explicit_for_group_mod() {
     765        $g = $this->factory->group->create( array(
     766            'status' => 'public',
     767        ) );
     768        $g_obj = groups_get_group( array( 'group_id' => $g ) );
     769
     770        $u = $this->create_user();
     771        $old_current_user = get_current_user_id();
     772        $this->set_current_user( $u );
     773
     774        $this->add_user_to_group( $u, $g );
     775        $gm = new BP_Groups_Member( $u, $g );
     776        $gm->promote( 'mod' );
     777
     778        $this->go_to( bp_get_group_permalink( $g_obj ) );
     779
     780        $e1 = new BPTest_Group_Extension_ShowTab_Anyone();
     781        $e1->_register();
     782        $this->assertTrue( $e1->user_can_see_nav_item() );
     783
     784        $e2 = new BPTest_Group_Extension_ShowTab_Loggedin();
     785        $e2->_register();
     786        $this->assertTrue( $e2->user_can_see_nav_item() );
     787
     788        $e3 = new BPTest_Group_Extension_ShowTab_Member();
     789        $e3->_register();
     790        $this->assertTrue( $e3->user_can_see_nav_item() );
     791
     792        $e4 = new BPTest_Group_Extension_ShowTab_AdminMod();
     793        $e4->_register();
     794        $this->assertTrue( $e4->user_can_see_nav_item() );
     795
     796        $e5 = new BPTest_Group_Extension_ShowTab_Admin();
     797        $e5->_register();
     798        $this->assertFalse( $e5->user_can_see_nav_item() );
     799
     800        $e6 = new BPTest_Group_Extension_ShowTab_Noone();
     801        $e6->_register();
     802        $this->assertFalse( $e6->user_can_see_nav_item() );
     803
     804        $this->set_current_user( $old_current_user );
     805    }
     806
     807    /**
     808     * @group user_can_see_nav_item
     809     */
     810    public function test_user_can_see_nav_item_explicit_for_group_admin() {
     811        $g = $this->factory->group->create( array(
     812            'status' => 'public',
     813        ) );
     814        $g_obj = groups_get_group( array( 'group_id' => $g ) );
     815
     816        $u = $this->create_user();
     817        $old_current_user = get_current_user_id();
     818        $this->set_current_user( $u );
     819
     820        $this->add_user_to_group( $u, $g );
     821        $gm = new BP_Groups_Member( $u, $g );
     822        $gm->promote( 'admin' );
     823
     824        $this->go_to( bp_get_group_permalink( $g_obj ) );
     825
     826        $e1 = new BPTest_Group_Extension_ShowTab_Anyone();
     827        $e1->_register();
     828        $this->assertTrue( $e1->user_can_see_nav_item() );
     829
     830        $e2 = new BPTest_Group_Extension_ShowTab_Loggedin();
     831        $e2->_register();
     832        $this->assertTrue( $e2->user_can_see_nav_item() );
     833
     834        $e3 = new BPTest_Group_Extension_ShowTab_Member();
     835        $e3->_register();
     836        $this->assertTrue( $e3->user_can_see_nav_item() );
     837
     838        $e4 = new BPTest_Group_Extension_ShowTab_AdminMod();
     839        $e4->_register();
     840        $this->assertTrue( $e4->user_can_see_nav_item() );
     841
     842        $e5 = new BPTest_Group_Extension_ShowTab_Admin();
     843        $e5->_register();
     844        $this->assertTrue( $e5->user_can_see_nav_item() );
     845
     846        $e6 = new BPTest_Group_Extension_ShowTab_Noone();
     847        $e6->_register();
     848        $this->assertFalse( $e6->user_can_see_nav_item() );
     849
     850        $this->set_current_user( $old_current_user );
     851    }
    349852}
Note: See TracChangeset for help on using the changeset viewer.