[ Index ]

PHP Cross Reference of BBPress

title

Body

[close]

/src/includes/forums/ -> capabilities.php (source)

   1  <?php
   2  
   3  /**
   4   * bbPress Forum Capabilites
   5   *
   6   * Used to map forum capabilities to WordPress's existing capabilities.
   7   *
   8   * @package bbPress
   9   * @subpackage Capabilities
  10   */
  11  
  12  /**
  13   * Return forum capabilities
  14   *
  15   * @since 2.0.0 bbPress (r2593)
  16   *
  17   * @return array Forum capabilities
  18   */
  19  function bbp_get_forum_caps() {
  20  
  21      // Filter & return
  22      return (array) apply_filters( 'bbp_get_forum_caps', array(
  23          'edit_posts'          => 'edit_forums',
  24          'edit_others_posts'   => 'edit_others_forums',
  25          'publish_posts'       => 'publish_forums',
  26          'read_private_posts'  => 'read_private_forums',
  27          'read_hidden_posts'   => 'read_hidden_forums',
  28          'delete_posts'        => 'delete_forums',
  29          'delete_others_posts' => 'delete_others_forums'
  30      ) );
  31  }
  32  
  33  /**
  34   * Maps forum capabilities
  35   *
  36   * @since 2.2.0 bbPress (r4242)
  37   *
  38   * @param array $caps Capabilities for meta capability
  39   * @param string $cap Capability name
  40   * @param int $user_id User id
  41   * @param array $args Arguments
  42   * @return array Actual capabilities for meta capability
  43   */
  44  function bbp_map_forum_meta_caps( $caps = array(), $cap = '', $user_id = 0, $args = array() ) {
  45  
  46      // What capability is being checked?
  47      switch ( $cap ) {
  48  
  49          /** Reading ***********************************************************/
  50  
  51          case 'read_private_forums' :
  52          case 'read_hidden_forums'  :
  53  
  54              // Moderators can always read private/hidden forums
  55              if ( user_can( $user_id, 'moderate' ) ) {
  56                  $caps = array( 'moderate' );
  57              }
  58  
  59              break;
  60  
  61          case 'read_forum' :
  62  
  63              // User cannot spectate
  64              if ( ! user_can( $user_id, 'spectate' ) ) {
  65                  $caps = array( 'do_not_allow' );
  66  
  67              // Do some post ID based logic
  68              } else {
  69  
  70                  // Bail if no post ID
  71                  if ( empty( $args[0] ) ) {
  72                      return $caps;
  73                  }
  74  
  75                  // Get the post.
  76                  $_post = get_post( $args[0] );
  77                  if ( ! empty( $_post ) ) {
  78  
  79                      // Get caps for post type object
  80                      $post_type = get_post_type_object( $_post->post_type );
  81  
  82                      // Post is public
  83                      if ( bbp_get_public_status_id() === $_post->post_status ) {
  84                          $caps = array( 'spectate' );
  85  
  86                      // User is author so allow read
  87                      } elseif ( (int) $user_id === (int) $_post->post_author ) {
  88                          $caps = array( 'spectate' );
  89  
  90                      // Moderators can always read forum content
  91                      } elseif ( user_can( $user_id, 'moderate', $_post->ID ) ) {
  92                          $caps = array( 'spectate' );
  93  
  94                      // Private
  95                      } elseif ( bbp_get_hidden_status_id() === $_post->post_status ) {
  96                          $caps = array( $post_type->cap->read_hidden_posts );
  97  
  98                      // Hidden
  99                      } elseif ( bbp_get_private_status_id() === $_post->post_status ) {
 100                          $caps = array( $post_type->cap->read_private_posts );
 101  
 102                      // Unknown, so map to private
 103                      } else {
 104                          $caps = array( $post_type->cap->read_private_posts );
 105                      }
 106                  }
 107              }
 108  
 109              break;
 110  
 111          /** Moderating ********************************************************/
 112  
 113          case 'moderate_forum' :
 114  
 115              // Bail if no post ID
 116              if ( empty( $args[0] ) ) {
 117                  return $caps;
 118              }
 119  
 120              // Get the post.
 121              $_post = get_post( $args[0] );
 122              if ( ! empty( $_post ) && bbp_allow_forum_mods() ) {
 123  
 124                  // Make sure feature is enabled & user is mod on this forum
 125                  if ( bbp_is_object_of_user( $_post->ID, $user_id, '_bbp_moderator_id' ) ) {
 126                      $caps = array( 'spectate' );
 127                  }
 128              }
 129  
 130              break;
 131  
 132          /** Publishing ********************************************************/
 133  
 134          case 'publish_forums'  :
 135  
 136              // Moderators can always edit
 137              if ( user_can( $user_id, 'moderate' ) ) {
 138                  $caps = array( 'moderate' );
 139              }
 140  
 141              break;
 142  
 143          /** Editing ***********************************************************/
 144  
 145          // Used primarily in wp-admin
 146          case 'edit_forums'         :
 147          case 'edit_others_forums'  :
 148  
 149              // Moderators can always edit
 150              if ( bbp_is_user_keymaster( $user_id ) ) {
 151                  $caps = array( 'spectate' );
 152  
 153              // Otherwise, block
 154              } else {
 155                  $caps = array( 'do_not_allow' );
 156              }
 157  
 158              break;
 159  
 160          // Used everywhere
 161          case 'edit_forum' :
 162  
 163              // Bail if no post ID
 164              if ( empty( $args[0] ) ) {
 165                  return $caps;
 166              }
 167  
 168              // Get the post.
 169              $_post = get_post( $args[0] );
 170              if ( ! empty( $_post ) ) {
 171  
 172                  // Get caps for post type object
 173                  $post_type = get_post_type_object( $_post->post_type );
 174  
 175                  // Add 'do_not_allow' cap if user is spam or deleted
 176                  if ( bbp_is_user_inactive( $user_id ) ) {
 177                      $caps = array( 'do_not_allow' );
 178  
 179                  // Moderators can always read forum content
 180                  } elseif ( user_can( $user_id, 'moderate', $_post->ID ) ) {
 181                      $caps = array( 'spectate' );
 182  
 183                  // User is author so allow edit if not in admin
 184                  } elseif ( ! is_admin() && ( (int) $user_id === (int) $_post->post_author ) ) {
 185                      $caps = array( $post_type->cap->edit_posts );
 186  
 187                  // Unknown, so map to edit_others_posts
 188                  } else {
 189                      $caps = array( $post_type->cap->edit_others_posts );
 190                  }
 191              }
 192  
 193              break;
 194  
 195          /** Deleting **********************************************************/
 196  
 197          // Allow forum authors to delete forums (for BuddyPress groups, etc)
 198          case 'delete_forum' :
 199  
 200              // Bail if no post ID
 201              if ( empty( $args[0] ) ) {
 202                  return $caps;
 203              }
 204  
 205              // Get the post.
 206              $_post = get_post( $args[0] );
 207              if ( ! empty( $_post ) ) {
 208  
 209                  // Get caps for post type object
 210                  $post_type = get_post_type_object( $_post->post_type );
 211  
 212                  // Add 'do_not_allow' cap if user is spam or deleted
 213                  if ( bbp_is_user_inactive( $user_id ) ) {
 214                      $caps = array( 'do_not_allow' );
 215  
 216                  // User is author so allow to delete
 217                  } elseif ( (int) $user_id === (int) $_post->post_author ) {
 218                      $caps = array( $post_type->cap->delete_posts );
 219  
 220                  // Unknown so map to delete_others_posts
 221                  } else {
 222                      $caps = array( $post_type->cap->delete_others_posts );
 223                  }
 224              }
 225  
 226              break;
 227  
 228          /** Admin *************************************************************/
 229  
 230          // Forum admin area.
 231          case 'bbp_forums_admin' :
 232              $caps = array( 'edit_forums' );
 233              break;
 234      }
 235  
 236      // Filter & return
 237      return (array) apply_filters( 'bbp_map_forum_meta_caps', $caps, $cap, $user_id, $args );
 238  }
 239  
 240  /**
 241   * Can a user moderate a forum?
 242   *
 243   * @since 2.6.0 bbPress (r5834)
 244   *
 245   * @param int $user_id User id.
 246   * @param int $forum_id Forum id.
 247   *
 248   * @return bool Return true if user is moderator of forum
 249   */
 250  function bbp_is_user_forum_moderator( $user_id = 0, $forum_id = 0 ) {
 251      $user_id  = bbp_get_user_id( $user_id, false, empty( $user_id ) );
 252      $forum_id = bbp_get_forum_id( $forum_id );
 253      $retval   = user_can( $user_id, 'moderate_forum', $forum_id );
 254  
 255      // Filter & return
 256      return (bool) apply_filters( 'bbp_is_user_forum_moderator', $retval, $user_id, $forum_id );
 257  }
 258  
 259  /**
 260   * Filter an array of forum IDs that are being excluded, and remove any forum
 261   * IDs a user explicitly has access to.
 262   *
 263   * This typically means private or hidden forums the user has moderation rights
 264   * to, but it can be filtered to mean just about anything.
 265   *
 266   * This function filters the return values of the following functions:
 267   * - `bbp_get_private_forum_ids()`
 268   * - `bbp_get_hidden_forum_ids()`
 269   *
 270   * @since 2.6.0 bbPress (r6426)
 271   *
 272   * @param array $forum_ids Forum IDs to check if the user ID is a moderator of
 273   * @param int   $user_id   User ID to check if is a moderator of forums
 274   *
 275   * @return array
 276   */
 277  function bbp_allow_forums_of_user( $forum_ids = array(), $user_id = 0 ) {
 278  
 279      // Store the original forum IDs
 280      $original_forum_ids = $forum_ids;
 281  
 282      // Per-forum Moderators
 283      if ( bbp_allow_forum_mods() ) {
 284  
 285          // Loop through forum IDs
 286          foreach ( $forum_ids as $key => $forum_id ) {
 287  
 288              // Unset forum ID if user is a moderator
 289              if ( bbp_is_user_forum_moderator( $user_id, $forum_id ) ) {
 290                  unset( $forum_ids[ $key ] );
 291              }
 292          }
 293      }
 294  
 295      // Filter & return
 296      return (array) apply_filters( 'bbp_allow_forums_of_user', $forum_ids, $user_id, $original_forum_ids );
 297  }


Generated: Wed Jul 24 01:01:31 2019 Cross-referenced by PHPXref 0.7.1