#4735 closed defect (bug) (fixed)
can't delete activity where user_id is empty
Reported by: | magnus78 | Owned by: | |
---|---|---|---|
Milestone: | 1.7 | Priority: | low |
Severity: | minor | Version: | |
Component: | Activity | Keywords: | has-patch has-unit-tests |
Cc: |
Description
Deleting activity where user_id is empty is prohibited. This can e.g. be group activities imported from external feeds.
Works fine when i remove the empty check.
Attachments (1)
Change History (7)
#1
@
12 years ago
- Component changed from Core to Activity
- Milestone changed from Awaiting Review to 1.7
- Priority changed from normal to low
- Severity changed from normal to minor
It's fine to remove the user id check as suggested in the patch, but then we need to modify bp_activity_user_can_delete()
to make sure it doesn't return true for logged-out users (logged-in user id = 0).
#2
@
12 years ago
- Keywords needs-patch added; has-patch removed
This patch needs updating per boonebgorges' feedback in order for 1.7.
#3
@
12 years ago
- Resolution set to fixed
- Status changed from new to closed
(In [6732]) Allow activity items to be deleted when the user_id key is empty
Some plugins create activity items that are not attached to a specific user_id.
The activity deletion request handlers (AJAX and bp-activity-actions) prevent
deletion of activity items when the item's user_id value is empty. This
changeset moves this security measure to the bp_activity_user_can_delete()
function, so that anonymous activity items can still be deleted by item admins.
Props magnus78
Fixes #4735
This ticket was mentioned in PR #273 on buddypress/buddypress by renatonascalves.
5 months ago
#4
- Keywords has-patch has-unit-tests added; needs-patch removed
Trac ticket: https://buddypress.trac.wordpress.org/ticket/4735
renatonascalves commented on PR #273:
5 months ago
#5
The tests will fail here since the final version of the code is still under development and I didn't apply the latest here.
renatonascalves commented on PR #273:
4 months ago
#6
Closing pr since the code was bunbled into the original patch.
proposed fix