Skip to:
Content

Opened 12 months ago

Last modified 10 days ago

#7096 assigned defect (bug)

Messages: member page messages are queried for the loggedin user

Reported by: Offereins Owned by: dcavins
Milestone: Under Consideration Priority: normal
Severity: normal Version:
Component: Messages Keywords: has-patch
Cc: lmoffereins@…, dcavins

Description

An internal @todo already points in the right direction: moderators are shown their own messages when viewing another member's messages pages (inbox, compose, counts). As this is unintentional, can we fix this to display the displayed user's messages?

Attachments (2)

7096.01.diff (8.4 KB) - added by dcavins 12 months ago.
Use the displayed user rather than the logged in user to build the messages loop.
7096.02.diff (20.1 KB) - added by dcavins 2 months ago.
More complete code review.

Download all attachments as: .zip

Change History (20)

#1 @Offereins
12 months ago

Perhaps we can wrap the $user_id declaration within a cap check like 'bp_view_others_messages' which would defer to 'bp_moderate'.

#2 @dcavins
12 months ago

  • Keywords has-patch dev-feedback added

Thanks for creating this ticket.

I think this is almost the same issue as the underlying issue in #7023: referring to the logged-in user when we should be using the displayed user to determine what's up. I've attached a first patch, but would like @r-a-y's input, since he's worked on the messages component recently.

@dcavins
12 months ago

Use the displayed user rather than the logged in user to build the messages loop.

#3 @Offereins
12 months ago

@dcavins Note that in bp-messages/bp-messages-star.php at least a few template tags also default to the loggedin user.

#4 @r-a-y
12 months ago

#6493 was marked as a duplicate.


@Offereins is right about bp-messages-star.php. Also, there are a bunch of logged-in user stuff in the message class methods as well.

#5 @DJPaul
11 months ago

  • Milestone changed from Awaiting Review to 2.7

This patch needs careful checking because it looks like a giant search/replace has happened. :)

What's the root problem with this ticket? As a Admin, if I go to another user's profile and view their Private Messages, I instead see my own Private Messages?

#6 @Offereins
11 months ago

@DJPaul Exactly that is the problem. Though, now you can ask: what then is intentional? Viewing private messages of other members (which is suggested here and partly patched) or not loading the Messages component/screens in other displayed user's pages at all?

#7 @dcavins
11 months ago

  • Keywords has-patch dev-feedback removed
  • Owner set to dcavins
  • Status changed from new to assigned

Ha ha, it wasn't an _automated_ search and replace, and yes, there's more work to do. Basically, this is like the recent fix to the notifications component, which also didn't work well for site admins (only the owner and site admins can view these screens--showing the admin's messages on another user's profile is just weird.)

I'm planning on finishing up these changes and getting them in very early in the 2.7 cycle.

#8 @imath
11 months ago

I meet this bug today! I see it's in good hand :)

My 2 cents: the compose and notices screen should not be displayed when the admin is on another user's profile.

#9 @mercime
8 months ago

  • Milestone changed from 2.7 to Future Release

Have to punt this.

@dcavins
2 months ago

More complete code review.

#10 @dcavins
2 months ago

Hello all, I've just added an updated patch that address the read/unread and starring logic as well as fixing some other issues:

  • If an admin visits a user's message thread, the thread should not be marked read. (Nor should the notifications be removed.)
  • Fix cache deletion to use the thread's recipient.
  • Target "unread counts" in the user nav (displayed user) and in the admin bar (logged-in user).
  • Changes to logic in bp_the_thread_recipients_list()
  • Compose link should only show on logged in user profile.
  • Notices link should only show for logged in user profile that is moderator.
  • Many changes to which user ID to use.

Thanks for your feedback!

This ticket was mentioned in Slack in #buddypress by dcavins. View the logs.


2 months ago

#12 @dcavins
8 weeks ago

  • Cc dcavins added

This ticket was mentioned in Slack in #buddypress by dcavins. View the logs.


2 weeks ago

This ticket was mentioned in Slack in #buddypress by dcavins. View the logs.


10 days ago

#15 @r-a-y
10 days ago

  • Keywords has-patch added
  • Milestone changed from Future Release to Under Consideration

02.diff looks good, @dcavins!

Some minor things:

  • bp-messages-actions.php - Can the bp_current_user_can( 'bp_moderate' ) check be added to the messages_check_thread_access() function instead?
  • bp-messages-template.php, /bp-templates/bp-legacy/buddypress/members/single/messages/single.php - The changes to bp_get_thread_recipients_list() should be done separately. I swear WordPress has a function to separate an array into a comma-delimited string with the and string added to the last item. However, I can't find it at the moment!

#16 @Offereins
10 days ago

@r-a-y You're looking for wp_sprintf_l(), see developer.wordpress.org.

#17 @r-a-y
10 days ago

You're looking for wp_sprintf_l(), see developer.wordpress.org.

Thanks for the detective work, @Offereins. I knew I wasn't crazy! :)

#18 @dcavins
10 days ago

I'm just glad someone else built a hinky list formatter, so I don't have to rely on the hinky one I made up, ha ha. :)

Note: See TracTickets for help on using tickets.