[ Index ]

PHP Cross Reference of BuddyPress

title

Body

[close]

/src/bp-core/ -> bp-core-caps.php (source)

   1  <?php
   2  /**
   3   * BuddyPress Capabilities.
   4   *
   5   * @package BuddyPress
   6   * @subpackage Capabilities
   7   * @since 1.6.0
   8   */
   9  
  10  // Exit if accessed directly.
  11  defined( 'ABSPATH' ) || exit;
  12  
  13  /**
  14   * Return an array of roles from the currently loaded blog.
  15   *
  16   * WordPress roles are dynamically flipped when calls to switch_to_blog() and
  17   * restore_current_blog() are made, so we use and trust WordPress core to have
  18   * loaded the correct results for us here. As enhancements are made to
  19   * WordPress's RBAC, so should our capability functions here.
  20   *
  21   * @since 2.1.0
  22   *
  23   * @return object
  24   */
  25  function bp_get_current_blog_roles() {
  26      global $wp_roles;
  27  
  28      // Sanity check on roles global variable.
  29      $roles = isset( $wp_roles->roles )
  30          ? $wp_roles->roles
  31          : array();
  32  
  33      /**
  34       * Filters the list of editable roles.
  35       *
  36       * @since 2.1.0
  37       *
  38       * @param array $roles List of roles.
  39       */
  40      $roles = apply_filters( 'editable_roles', $roles );
  41  
  42      /**
  43       * Filters the array of roles from the currently loaded blog.
  44       *
  45       * @since 2.1.0
  46       *
  47       * @param array    $roles    Available roles.
  48       * @param WP_Roles $wp_roles Object of WordPress roles.
  49       */
  50      return apply_filters( 'bp_get_current_blog_roles', $roles, $wp_roles );
  51  }
  52  
  53  /**
  54   * Add capabilities to WordPress user roles.
  55   *
  56   * This is called on plugin activation.
  57   *
  58   * @since 1.6.0
  59   */
  60  function bp_add_caps() {
  61      global $wp_roles;
  62  
  63      // Load roles if not set.
  64      if ( ! isset( $wp_roles ) ) {
  65          $wp_roles = new WP_Roles();
  66      }
  67  
  68      // Loop through available roles and add them.
  69      foreach( $wp_roles->role_objects as $role ) {
  70          foreach ( bp_get_caps_for_role( $role->name ) as $cap ) {
  71              $role->add_cap( $cap );
  72          }
  73      }
  74  
  75      /**
  76       * Fires after the addition of capabilities to WordPress user roles.
  77       *
  78       * This is called on plugin activation.
  79       *
  80       * @since 1.6.0
  81       */
  82      do_action( 'bp_add_caps' );
  83  }
  84  
  85  /**
  86   * Remove capabilities from WordPress user roles.
  87   *
  88   * This is called on plugin deactivation.
  89   *
  90   * @since 1.6.0
  91   */
  92  function bp_remove_caps() {
  93      global $wp_roles;
  94  
  95      // Load roles if not set.
  96      if ( ! isset( $wp_roles ) ) {
  97          $wp_roles = new WP_Roles();
  98      }
  99  
 100      // Loop through available roles and remove them.
 101      foreach( $wp_roles->role_objects as $role ) {
 102          foreach ( bp_get_caps_for_role( $role->name ) as $cap ) {
 103              $role->remove_cap( $cap );
 104          }
 105      }
 106  
 107      /**
 108       * Fires after the removal of capabilities from WordPress user roles.
 109       *
 110       * This is called on plugin deactivation.
 111       *
 112       * @since 1.6.0
 113       */
 114      do_action( 'bp_remove_caps' );
 115  }
 116  
 117  /**
 118   * Map community caps to built in WordPress caps.
 119   *
 120   * @since 1.6.0
 121   *
 122   * @see WP_User::has_cap() for description of the arguments passed to the
 123   *      'map_meta_cap' filter.
 124   *       args.
 125   *
 126   * @param array  $caps    See {@link WP_User::has_cap()}.
 127   * @param string $cap     See {@link WP_User::has_cap()}.
 128   * @param int    $user_id See {@link WP_User::has_cap()}.
 129   * @param mixed  $args    See {@link WP_User::has_cap()}.
 130   * @return array Actual capabilities for meta capability. See {@link WP_User::has_cap()}.
 131   */
 132  function bp_map_meta_caps( $caps, $cap, $user_id, $args ) {
 133  
 134      /**
 135       * Filters the community caps mapping to be built in WordPress caps.
 136       *
 137       * @since 1.6.0
 138       *
 139       * @param array  $caps    Returns the user's actual capabilities.
 140       * @param string $cap     Capability name.
 141       * @param int    $user_id The user ID.
 142       * @param array  $args    Adds the context to the cap. Typically the object ID.
 143       */
 144      return apply_filters( 'bp_map_meta_caps', $caps, $cap, $user_id, $args );
 145  }
 146  
 147  /**
 148   * Return community capabilities.
 149   *
 150   * @since 1.6.0
 151   *
 152   * @return array Community capabilities.
 153   */
 154  function bp_get_community_caps() {
 155  
 156      // Forum meta caps.
 157      $caps = array();
 158  
 159      /**
 160       * Filters community capabilities.
 161       *
 162       * @since 1.6.0
 163       *
 164       * @param array $caps Array of capabilities to add. Empty by default.
 165       */
 166      return apply_filters( 'bp_get_community_caps', $caps );
 167  }
 168  
 169  /**
 170   * Return an array of capabilities based on the role that is being requested.
 171   *
 172   * @since 1.6.0
 173   *
 174   * @param string $role The role for which you're loading caps.
 175   * @return array Capabilities for $role.
 176   */
 177  function bp_get_caps_for_role( $role = '' ) {
 178  
 179      // Which role are we looking for?
 180      switch ( $role ) {
 181  
 182          // Administrator.
 183          case 'administrator' :
 184              $caps = array(
 185                  // Misc.
 186                  'bp_moderate',
 187              );
 188  
 189              break;
 190  
 191          // All other default WordPress blog roles.
 192          case 'editor'      :
 193          case 'author'      :
 194          case 'contributor' :
 195          case 'subscriber'  :
 196          default            :
 197              $caps = array();
 198              break;
 199      }
 200  
 201      /**
 202       * Filters the array of capabilities based on the role that is being requested.
 203       *
 204       * @since 1.6.0
 205       *
 206       * @param array  $caps Array of capabilities to return.
 207       * @param string $role The role currently being loaded.
 208       */
 209      return apply_filters( 'bp_get_caps_for_role', $caps, $role );
 210  }
 211  
 212  /**
 213   * Set a default role for the current user.
 214   *
 215   * Give a user the default role when creating content on a site they do not
 216   * already have a role or capability on.
 217   *
 218   * @since 1.6.0
 219   */
 220  function bp_set_current_user_default_role() {
 221  
 222      // Bail if not multisite or not root blog.
 223      if ( ! is_multisite() || ! bp_is_root_blog() ) {
 224          return;
 225      }
 226  
 227      // Bail if user is not logged in or already a member.
 228      if ( ! is_user_logged_in() || is_user_member_of_blog() ) {
 229          return;
 230      }
 231  
 232      // Bail if user is not active.
 233      if ( bp_is_user_inactive() ) {
 234          return;
 235      }
 236  
 237      // Set the current users default role.
 238      buddypress()->current_user->set_role( bp_get_option( 'default_role', 'subscriber' ) );
 239  }
 240  
 241  /**
 242   * Check whether the current user has a given capability.
 243   *
 244   * @since 1.6.0
 245   * @since 2.4.0 Second argument modified to accept an array, rather than `$blog_id`.
 246   * @since 2.7.0 Deprecated $args['blog_id'] in favor of $args['site_id'].
 247   *
 248   * @param string    $capability Capability or role name.
 249   * @param array|int $args {
 250   *     Array of extra arguments applicable to the capability check.
 251   *     @type int   $site_id Optional. Blog ID. Defaults to the BP root blog.
 252   *     @type int   $blog_id Deprecated. Use $site_id instead.
 253   *     @type mixed $a,...   Optional. Extra arguments applicable to the capability check.
 254   * }
 255   * @return bool True if the user has the cap for the given parameters.
 256   */
 257  function bp_current_user_can( $capability, $args = array() ) {
 258      // Backward compatibility for older $blog_id parameter.
 259      if ( is_int( $args ) ) {
 260          $site_id = $args;
 261          $args = array();
 262          $args['site_id'] = $site_id;
 263  
 264      // New format for second parameter.
 265      } elseif ( is_array( $args ) && isset( $args['blog_id'] ) ) {
 266          // Get the blog ID if set, but don't pass along to `current_user_can_for_blog()`.
 267          $args['site_id'] = (int) $args['blog_id'];
 268          unset( $args['blog_id'] );
 269      }
 270  
 271      // Cast $args as an array.
 272      $args = (array) $args;
 273  
 274      // Use root blog if no ID passed.
 275      if ( empty( $args['site_id'] ) ) {
 276          $args['site_id'] = bp_get_root_blog_id();
 277      }
 278  
 279      /** This filter is documented in /bp-core/bp-core-template.php */
 280      $current_user_id = apply_filters( 'bp_loggedin_user_id', get_current_user_id() );
 281  
 282      // Call bp_user_can().
 283      $retval = bp_user_can( $current_user_id, $capability, $args );
 284  
 285      /**
 286       * Filters whether or not the current user has a given capability.
 287       *
 288       * @since 1.6.0
 289       * @since 2.4.0 Pass `$args` variable.
 290       * @since 2.7.0 Change format of $args variable array.
 291       *
 292       * @param bool   $retval     Whether or not the current user has the capability.
 293       * @param string $capability The capability being checked for.
 294       * @param int    $blog_id    Blog ID. Defaults to the BP root blog.
 295       * @param array  $args       Array of extra arguments as originally passed.
 296       */
 297      return (bool) apply_filters( 'bp_current_user_can', $retval, $capability, $args['site_id'], $args );
 298  }
 299  
 300  /**
 301   * Check whether the specified user has a given capability on a given site.
 302   *
 303   * @since 2.7.0
 304   *
 305   * @param int       $user_id
 306   * @param string    $capability Capability or role name.
 307   * @param array|int $args {
 308   *     Array of extra arguments applicable to the capability check.
 309   *
 310   *     @type int   $site_id Optional. Site ID. Defaults to the BP root blog.
 311   *     @type mixed $a,...   Optional. Extra arguments applicable to the capability check.
 312   * }
 313   * @return bool True if the user has the cap for the given parameters.
 314   */
 315  function bp_user_can( $user_id, $capability, $args = array() ) {
 316      $site_id = bp_get_root_blog_id();
 317  
 318      // Get the site ID if set, but don't pass along to user_can().
 319      if ( isset( $args['site_id'] ) ) {
 320          $site_id = (int) $args['site_id'];
 321          unset( $args['site_id'] );
 322      }
 323  
 324      $switched = is_multisite() ? switch_to_blog( $site_id ) : false;
 325      $retval   = call_user_func_array( 'user_can', array( $user_id, $capability, $args ) );
 326  
 327      /**
 328       * Filters whether or not the specified user has a given capability on a given site.
 329       *
 330       * @since 2.7.0
 331       *
 332       * @param bool   $retval     Whether or not the current user has the capability.
 333       * @param int    $user_id
 334       * @param string $capability The capability being checked for.
 335       * @param int    $site_id    Site ID. Defaults to the BP root blog.
 336       * @param array  $args       Array of extra arguments passed.
 337       */
 338      $retval = (bool) apply_filters( 'bp_user_can', $retval, $user_id, $capability, $site_id, $args );
 339  
 340      if ( $switched ) {
 341          restore_current_blog();
 342      }
 343  
 344      return $retval;
 345  }
 346  
 347  /**
 348   * Adds the `bp_moderate` cap to Roles having the `manage_options` cap when
 349   * BuddyPress is not active on the network.
 350   *
 351   * @since 7.0.0
 352   *
 353   * @access private
 354   *
 355   * @param WP_Roles $wp_roles The WordPress roles object.
 356   */
 357  function _bp_roles_init( WP_Roles $wp_roles ) {
 358      $roles_list = array();
 359      $caps_list  = wp_list_pluck( $wp_roles->role_objects, 'capabilities' );
 360  
 361      // Look for roles having the `manage_options` capability set to true.
 362      $filtered_list = wp_list_filter( $caps_list, array( 'manage_options' => true ) );
 363  
 364      if ( $filtered_list ) {
 365          $roles_list = array_keys( $filtered_list );
 366  
 367          // Loop into roles list to add the `bp_moderate` capability.
 368          foreach ( $roles_list as $role ) {
 369              if ( isset( $wp_roles->roles[ $role ] ) ) {
 370                  $wp_roles->roles[ $role ]['capabilities']['bp_moderate'] = true;
 371              }
 372  
 373              if ( isset( $wp_roles->role_objects[ $role ] ) ) {
 374                  $wp_roles->role_objects[ $role ]->capabilities['bp_moderate'] = true;
 375              }
 376          }
 377      }
 378  
 379      // Make sure to remove the `bp_moderate` capability from roles when BuddyPress is network activated.
 380      if ( bp_is_network_activated() ) {
 381          foreach ( $roles_list as $role ) {
 382              unset( $wp_roles->roles[ $role ]['capabilities']['bp_moderate'], $wp_roles->role_objects[ $role ]->capabilities['bp_moderate'] );
 383          }
 384      }
 385  }
 386  add_action( 'wp_roles_init', '_bp_roles_init', 10, 1 );
 387  
 388  /** Deprecated ****************************************************************/
 389  
 390  /**
 391   * Temporary implementation of 'bp_moderate' cap.
 392   *
 393   * In BuddyPress 1.6, the 'bp_moderate' cap was introduced. In order to
 394   * enforce that bp_current_user_can( 'bp_moderate' ) always returns true for
 395   * Administrators, we must manually add the 'bp_moderate' cap to the list of
 396   * user caps for Admins.
 397   *
 398   * Note that this level of enforcement is only necessary in the case of
 399   * non-Multisite. This is because WordPress automatically assigns every
 400   * capability - and thus 'bp_moderate' - to Super Admins on a Multisite
 401   * installation. See {@link WP_User::has_cap()}.
 402   *
 403   * This implementation of 'bp_moderate' is temporary, until BuddyPress properly
 404   * matches caps to roles and stores them in the database.
 405   *
 406   * Plugin authors: Please do not use this function; thank you. :)
 407   *
 408   * @since 1.6.0
 409   * @deprecated 7.0.0
 410   *
 411   * @access private
 412   *
 413   * @see WP_User::has_cap()
 414   *
 415   * @param array  $caps    The caps that WP associates with the given role.
 416   * @param string $cap     The caps being tested for in WP_User::has_cap().
 417   * @param int    $user_id ID of the user being checked against.
 418   * @param array  $args    Miscellaneous arguments passed to the user_has_cap filter.
 419   * @return array $allcaps The user's cap list, with 'bp_moderate' appended, if relevant.
 420   */
 421  function _bp_enforce_bp_moderate_cap_for_admins( $caps = array(), $cap = '', $user_id = 0, $args = array() ) {
 422      _deprecated_function( __FUNCTION__, '7.0.0' );
 423  
 424      // Bail if not checking the 'bp_moderate' cap.
 425      if ( 'bp_moderate' !== $cap ) {
 426          return $caps;
 427      }
 428  
 429      // Bail if BuddyPress is not network activated.
 430      if ( bp_is_network_activated() ) {
 431          return $caps;
 432      }
 433  
 434      // Never trust inactive users.
 435      if ( bp_is_user_inactive( $user_id ) ) {
 436          return $caps;
 437      }
 438  
 439      // Only users that can 'manage_options' on this site can 'bp_moderate'.
 440      return array( 'manage_options' );
 441  }
 442  
 443  /**
 444   * Adds BuddyPress-specific user roles.
 445   *
 446   * This is called on plugin activation.
 447   *
 448   * @since 1.6.0
 449   * @deprecated 1.7.0
 450   */
 451  function bp_add_roles() {
 452      _doing_it_wrong( 'bp_add_roles', __( 'Special community roles no longer exist. Use mapped capabilities instead', 'buddypress' ), '1.7' );
 453  }
 454  
 455  /**
 456   * Removes BuddyPress-specific user roles.
 457   *
 458   * This is called on plugin deactivation.
 459   *
 460   * @since 1.6.0
 461   * @deprecated 1.7.0
 462   */
 463  function bp_remove_roles() {
 464      _doing_it_wrong( 'bp_remove_roles', __( 'Special community roles no longer exist. Use mapped capabilities instead', 'buddypress' ), '1.7' );
 465  }
 466  
 467  
 468  /**
 469   * The participant role for registered users without roles.
 470   *
 471   * This is primarily for multisite compatibility when users without roles on
 472   * sites that have global communities enabled.
 473   *
 474   * @since 1.6.0
 475   * @deprecated 1.7.0
 476   */
 477  function bp_get_participant_role() {
 478      _doing_it_wrong( 'bp_get_participant_role', __( 'Special community roles no longer exist. Use mapped capabilities instead', 'buddypress' ), '1.7' );
 479  }
 480  
 481  /**
 482   * The moderator role for BuddyPress users.
 483   *
 484   * @since 1.6.0
 485   * @deprecated 1.7.0
 486   */
 487  function bp_get_moderator_role() {
 488      _doing_it_wrong( 'bp_get_moderator_role', __( 'Special community roles no longer exist. Use mapped capabilities instead', 'buddypress' ), '1.7' );
 489  }


Generated: Fri Oct 4 01:00:58 2024 Cross-referenced by PHPXref 0.7.1