| [ Index ] |
PHP Cross Reference of BuddyPress |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * BuddyPress Capabilities. 4 * 5 * @package BuddyPress 6 * @subpackage Capabilities 7 * @since 1.6.0 8 */ 9 10 // Exit if accessed directly. 11 defined( 'ABSPATH' ) || exit; 12 13 /** 14 * Return an array of roles from the currently loaded blog. 15 * 16 * WordPress roles are dynamically flipped when calls to switch_to_blog() and 17 * restore_current_blog() are made, so we use and trust WordPress core to have 18 * loaded the correct results for us here. As enhancements are made to 19 * WordPress's RBAC, so should our capability functions here. 20 * 21 * @since 2.1.0 22 * 23 * @return object 24 */ 25 function bp_get_current_blog_roles() { 26 global $wp_roles; 27 28 // Sanity check on roles global variable. 29 $roles = isset( $wp_roles->roles ) 30 ? $wp_roles->roles 31 : array(); 32 33 /** 34 * Filters the list of editable roles. 35 * 36 * @since 2.1.0 37 * 38 * @param array $roles List of roles. 39 */ 40 $roles = apply_filters( 'editable_roles', $roles ); 41 42 /** 43 * Filters the array of roles from the currently loaded blog. 44 * 45 * @since 2.1.0 46 * 47 * @param array $roles Available roles. 48 * @param WP_Roles $wp_roles Object of WordPress roles. 49 */ 50 return apply_filters( 'bp_get_current_blog_roles', $roles, $wp_roles ); 51 } 52 53 /** 54 * Add capabilities to WordPress user roles. 55 * 56 * This is called on plugin activation. 57 * 58 * @since 1.6.0 59 */ 60 function bp_add_caps() { 61 global $wp_roles; 62 63 // Load roles if not set. 64 if ( ! isset( $wp_roles ) ) { 65 $wp_roles = new WP_Roles(); 66 } 67 68 // Loop through available roles and add them. 69 foreach( $wp_roles->role_objects as $role ) { 70 foreach ( bp_get_caps_for_role( $role->name ) as $cap ) { 71 $role->add_cap( $cap ); 72 } 73 } 74 75 /** 76 * Fires after the addition of capabilities to WordPress user roles. 77 * 78 * This is called on plugin activation. 79 * 80 * @since 1.6.0 81 */ 82 do_action( 'bp_add_caps' ); 83 } 84 85 /** 86 * Remove capabilities from WordPress user roles. 87 * 88 * This is called on plugin deactivation. 89 * 90 * @since 1.6.0 91 */ 92 function bp_remove_caps() { 93 global $wp_roles; 94 95 // Load roles if not set. 96 if ( ! isset( $wp_roles ) ) { 97 $wp_roles = new WP_Roles(); 98 } 99 100 // Loop through available roles and remove them. 101 foreach( $wp_roles->role_objects as $role ) { 102 foreach ( bp_get_caps_for_role( $role->name ) as $cap ) { 103 $role->remove_cap( $cap ); 104 } 105 } 106 107 /** 108 * Fires after the removal of capabilities from WordPress user roles. 109 * 110 * This is called on plugin deactivation. 111 * 112 * @since 1.6.0 113 */ 114 do_action( 'bp_remove_caps' ); 115 } 116 117 /** 118 * Map community caps to built in WordPress caps. 119 * 120 * @since 1.6.0 121 * 122 * @see WP_User::has_cap() for description of the arguments passed to the 123 * 'map_meta_cap' filter. 124 * args. 125 * 126 * @param array $caps See {@link WP_User::has_cap()}. 127 * @param string $cap See {@link WP_User::has_cap()}. 128 * @param int $user_id See {@link WP_User::has_cap()}. 129 * @param mixed $args See {@link WP_User::has_cap()}. 130 * @return array Actual capabilities for meta capability. See {@link WP_User::has_cap()}. 131 */ 132 function bp_map_meta_caps( $caps, $cap, $user_id, $args ) { 133 134 /** 135 * Filters the community caps mapping to be built in WordPress caps. 136 * 137 * @since 1.6.0 138 * 139 * @param array $caps Returns the user's actual capabilities. 140 * @param string $cap Capability name. 141 * @param int $user_id The user ID. 142 * @param array $args Adds the context to the cap. Typically the object ID. 143 */ 144 return apply_filters( 'bp_map_meta_caps', $caps, $cap, $user_id, $args ); 145 } 146 147 /** 148 * Return community capabilities. 149 * 150 * @since 1.6.0 151 * 152 * @return array Community capabilities. 153 */ 154 function bp_get_community_caps() { 155 156 // Forum meta caps. 157 $caps = array(); 158 159 /** 160 * Filters community capabilities. 161 * 162 * @since 1.6.0 163 * 164 * @param array $caps Array of capabilities to add. Empty by default. 165 */ 166 return apply_filters( 'bp_get_community_caps', $caps ); 167 } 168 169 /** 170 * Return an array of capabilities based on the role that is being requested. 171 * 172 * @since 1.6.0 173 * 174 * @param string $role The role for which you're loading caps. 175 * @return array Capabilities for $role. 176 */ 177 function bp_get_caps_for_role( $role = '' ) { 178 179 // Which role are we looking for? 180 switch ( $role ) { 181 182 // Administrator. 183 case 'administrator' : 184 $caps = array( 185 // Misc. 186 'bp_moderate', 187 ); 188 189 break; 190 191 // All other default WordPress blog roles. 192 case 'editor' : 193 case 'author' : 194 case 'contributor' : 195 case 'subscriber' : 196 default : 197 $caps = array(); 198 break; 199 } 200 201 /** 202 * Filters the array of capabilities based on the role that is being requested. 203 * 204 * @since 1.6.0 205 * 206 * @param array $caps Array of capabilities to return. 207 * @param string $role The role currently being loaded. 208 */ 209 return apply_filters( 'bp_get_caps_for_role', $caps, $role ); 210 } 211 212 /** 213 * Set a default role for the current user. 214 * 215 * Give a user the default role when creating content on a site they do not 216 * already have a role or capability on. 217 * 218 * @since 1.6.0 219 */ 220 function bp_set_current_user_default_role() { 221 222 // Bail if not multisite or not root blog. 223 if ( ! is_multisite() || ! bp_is_root_blog() ) { 224 return; 225 } 226 227 // Bail if user is not logged in or already a member. 228 if ( ! is_user_logged_in() || is_user_member_of_blog() ) { 229 return; 230 } 231 232 // Bail if user is not active. 233 if ( bp_is_user_inactive() ) { 234 return; 235 } 236 237 // Set the current users default role. 238 buddypress()->current_user->set_role( bp_get_option( 'default_role', 'subscriber' ) ); 239 } 240 241 /** 242 * Check whether the current user has a given capability. 243 * 244 * @since 1.6.0 245 * @since 2.4.0 Second argument modified to accept an array, rather than `$blog_id`. 246 * @since 2.7.0 Deprecated $args['blog_id'] in favor of $args['site_id']. 247 * 248 * @param string $capability Capability or role name. 249 * @param array|int $args { 250 * Array of extra arguments applicable to the capability check. 251 * @type int $site_id Optional. Blog ID. Defaults to the BP root blog. 252 * @type int $blog_id Deprecated. Use $site_id instead. 253 * @type mixed $a,... Optional. Extra arguments applicable to the capability check. 254 * } 255 * @return bool True if the user has the cap for the given parameters. 256 */ 257 function bp_current_user_can( $capability, $args = array() ) { 258 // Backward compatibility for older $blog_id parameter. 259 if ( is_int( $args ) ) { 260 $site_id = $args; 261 $args = array(); 262 $args['site_id'] = $site_id; 263 264 // New format for second parameter. 265 } elseif ( is_array( $args ) && isset( $args['blog_id'] ) ) { 266 // Get the blog ID if set, but don't pass along to `current_user_can_for_blog()`. 267 $args['site_id'] = (int) $args['blog_id']; 268 unset( $args['blog_id'] ); 269 } 270 271 // Cast $args as an array. 272 $args = (array) $args; 273 274 // Use root blog if no ID passed. 275 if ( empty( $args['site_id'] ) ) { 276 $args['site_id'] = bp_get_root_blog_id(); 277 } 278 279 /** This filter is documented in /bp-core/bp-core-template.php */ 280 $current_user_id = apply_filters( 'bp_loggedin_user_id', get_current_user_id() ); 281 282 // Call bp_user_can(). 283 $retval = bp_user_can( $current_user_id, $capability, $args ); 284 285 /** 286 * Filters whether or not the current user has a given capability. 287 * 288 * @since 1.6.0 289 * @since 2.4.0 Pass `$args` variable. 290 * @since 2.7.0 Change format of $args variable array. 291 * 292 * @param bool $retval Whether or not the current user has the capability. 293 * @param string $capability The capability being checked for. 294 * @param int $blog_id Blog ID. Defaults to the BP root blog. 295 * @param array $args Array of extra arguments as originally passed. 296 */ 297 return (bool) apply_filters( 'bp_current_user_can', $retval, $capability, $args['site_id'], $args ); 298 } 299 300 /** 301 * Check whether the specified user has a given capability on a given site. 302 * 303 * @since 2.7.0 304 * 305 * @param int $user_id 306 * @param string $capability Capability or role name. 307 * @param array|int $args { 308 * Array of extra arguments applicable to the capability check. 309 * 310 * @type int $site_id Optional. Site ID. Defaults to the BP root blog. 311 * @type mixed $a,... Optional. Extra arguments applicable to the capability check. 312 * } 313 * @return bool True if the user has the cap for the given parameters. 314 */ 315 function bp_user_can( $user_id, $capability, $args = array() ) { 316 $site_id = bp_get_root_blog_id(); 317 318 // Get the site ID if set, but don't pass along to user_can(). 319 if ( isset( $args['site_id'] ) ) { 320 $site_id = (int) $args['site_id']; 321 unset( $args['site_id'] ); 322 } 323 324 $switched = is_multisite() ? switch_to_blog( $site_id ) : false; 325 $retval = call_user_func_array( 'user_can', array( $user_id, $capability, $args ) ); 326 327 /** 328 * Filters whether or not the specified user has a given capability on a given site. 329 * 330 * @since 2.7.0 331 * 332 * @param bool $retval Whether or not the current user has the capability. 333 * @param int $user_id 334 * @param string $capability The capability being checked for. 335 * @param int $site_id Site ID. Defaults to the BP root blog. 336 * @param array $args Array of extra arguments passed. 337 */ 338 $retval = (bool) apply_filters( 'bp_user_can', $retval, $user_id, $capability, $site_id, $args ); 339 340 if ( $switched ) { 341 restore_current_blog(); 342 } 343 344 return $retval; 345 } 346 347 /** 348 * Adds the `bp_moderate` cap to Roles having the `manage_options` cap when 349 * BuddyPress is not active on the network. 350 * 351 * @since 7.0.0 352 * 353 * @access private 354 * 355 * @param WP_Roles $wp_roles The WordPress roles object. 356 */ 357 function _bp_roles_init( WP_Roles $wp_roles ) { 358 $roles_list = array(); 359 $caps_list = wp_list_pluck( $wp_roles->role_objects, 'capabilities' ); 360 361 // Look for roles having the `manage_options` capability set to true. 362 $filtered_list = wp_list_filter( $caps_list, array( 'manage_options' => true ) ); 363 364 if ( $filtered_list ) { 365 $roles_list = array_keys( $filtered_list ); 366 367 // Loop into roles list to add the `bp_moderate` capability. 368 foreach ( $roles_list as $role ) { 369 if ( isset( $wp_roles->roles[ $role ] ) ) { 370 $wp_roles->roles[ $role ]['capabilities']['bp_moderate'] = true; 371 } 372 373 if ( isset( $wp_roles->role_objects[ $role ] ) ) { 374 $wp_roles->role_objects[ $role ]->capabilities['bp_moderate'] = true; 375 } 376 } 377 } 378 379 // Make sure to remove the `bp_moderate` capability from roles when BuddyPress is network activated. 380 if ( bp_is_network_activated() ) { 381 foreach ( $roles_list as $role ) { 382 unset( $wp_roles->roles[ $role ]['capabilities']['bp_moderate'], $wp_roles->role_objects[ $role ]->capabilities['bp_moderate'] ); 383 } 384 } 385 } 386 add_action( 'wp_roles_init', '_bp_roles_init', 10, 1 ); 387 388 /** Deprecated ****************************************************************/ 389 390 /** 391 * Temporary implementation of 'bp_moderate' cap. 392 * 393 * In BuddyPress 1.6, the 'bp_moderate' cap was introduced. In order to 394 * enforce that bp_current_user_can( 'bp_moderate' ) always returns true for 395 * Administrators, we must manually add the 'bp_moderate' cap to the list of 396 * user caps for Admins. 397 * 398 * Note that this level of enforcement is only necessary in the case of 399 * non-Multisite. This is because WordPress automatically assigns every 400 * capability - and thus 'bp_moderate' - to Super Admins on a Multisite 401 * installation. See {@link WP_User::has_cap()}. 402 * 403 * This implementation of 'bp_moderate' is temporary, until BuddyPress properly 404 * matches caps to roles and stores them in the database. 405 * 406 * Plugin authors: Please do not use this function; thank you. :) 407 * 408 * @since 1.6.0 409 * @deprecated 7.0.0 410 * 411 * @access private 412 * 413 * @see WP_User::has_cap() 414 * 415 * @param array $caps The caps that WP associates with the given role. 416 * @param string $cap The caps being tested for in WP_User::has_cap(). 417 * @param int $user_id ID of the user being checked against. 418 * @param array $args Miscellaneous arguments passed to the user_has_cap filter. 419 * @return array $allcaps The user's cap list, with 'bp_moderate' appended, if relevant. 420 */ 421 function _bp_enforce_bp_moderate_cap_for_admins( $caps = array(), $cap = '', $user_id = 0, $args = array() ) { 422 _deprecated_function( __FUNCTION__, '7.0.0' ); 423 424 // Bail if not checking the 'bp_moderate' cap. 425 if ( 'bp_moderate' !== $cap ) { 426 return $caps; 427 } 428 429 // Bail if BuddyPress is not network activated. 430 if ( bp_is_network_activated() ) { 431 return $caps; 432 } 433 434 // Never trust inactive users. 435 if ( bp_is_user_inactive( $user_id ) ) { 436 return $caps; 437 } 438 439 // Only users that can 'manage_options' on this site can 'bp_moderate'. 440 return array( 'manage_options' ); 441 } 442 443 /** 444 * Adds BuddyPress-specific user roles. 445 * 446 * This is called on plugin activation. 447 * 448 * @since 1.6.0 449 * @deprecated 1.7.0 450 */ 451 function bp_add_roles() { 452 _doing_it_wrong( 'bp_add_roles', __( 'Special community roles no longer exist. Use mapped capabilities instead', 'buddypress' ), '1.7' ); 453 } 454 455 /** 456 * Removes BuddyPress-specific user roles. 457 * 458 * This is called on plugin deactivation. 459 * 460 * @since 1.6.0 461 * @deprecated 1.7.0 462 */ 463 function bp_remove_roles() { 464 _doing_it_wrong( 'bp_remove_roles', __( 'Special community roles no longer exist. Use mapped capabilities instead', 'buddypress' ), '1.7' ); 465 } 466 467 468 /** 469 * The participant role for registered users without roles. 470 * 471 * This is primarily for multisite compatibility when users without roles on 472 * sites that have global communities enabled. 473 * 474 * @since 1.6.0 475 * @deprecated 1.7.0 476 */ 477 function bp_get_participant_role() { 478 _doing_it_wrong( 'bp_get_participant_role', __( 'Special community roles no longer exist. Use mapped capabilities instead', 'buddypress' ), '1.7' ); 479 } 480 481 /** 482 * The moderator role for BuddyPress users. 483 * 484 * @since 1.6.0 485 * @deprecated 1.7.0 486 */ 487 function bp_get_moderator_role() { 488 _doing_it_wrong( 'bp_get_moderator_role', __( 'Special community roles no longer exist. Use mapped capabilities instead', 'buddypress' ), '1.7' ); 489 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Thu Nov 21 01:00:57 2024 | Cross-referenced by PHPXref 0.7.1 |