/** * Catches page loads, determines what to do, and sends users on their merry way * * @package BuddyPress Docs * @since 1.0-beta * @todo This needs a ton of cleanup */ function catch_page_load() { global $bp; if (!empty($_POST['doc-edit-submit'])) { check_admin_referer('bp_docs_save'); $this_doc = new BP_Docs_Query(); $result = $this_doc->save(); bp_core_add_message($result['message'], $result['message_type']); bp_core_redirect(trailingslashit($result['redirect_url'])); } if (!empty($_POST['docs-filter-submit'])) { $this->handle_filters(); } // If this is the edit screen, ensure that the user can edit the // doc before querying, and redirect if necessary if (bp_docs_is_doc_edit()) { if (current_user_can('bp_docs_edit')) { $doc = bp_docs_get_current_doc(); // The user can edit, so we check for edit locks // Because we're not using WP autosave at the moment, ensure that // the lock interval always returns as in process add_filter('wp_check_post_lock_window', create_function(false, 'return time();')); $lock = bp_docs_check_post_lock($doc->ID); if ($lock) { bp_core_add_message(sprintf(__('This doc is currently being edited by %s. To prevent overwrites, you cannot edit until that user has finished. Please try again in a few minutes.', 'bp-docs'), bp_core_get_user_displayname($lock)), 'error'); // Redirect back to the non-edit view of this document bp_core_redirect(bp_docs_get_doc_link($doc->ID)); die; } } else { if (function_exists('bp_core_no_access') && !is_user_logged_in()) { bp_core_no_access(); } // The user does not have edit permission. Redirect. bp_core_add_message(__('You do not have permission to edit the doc.', 'bp-docs'), 'error'); // Redirect back to the non-edit view of this document bp_core_redirect(bp_docs_get_doc_link($doc->ID)); die; } } if (bp_docs_is_doc_create()) { if (!current_user_can('bp_docs_create')) { // The user does not have edit permission. Redirect. if (function_exists('bp_core_no_access') && !is_user_logged_in()) { bp_core_no_access(); } bp_core_add_message(__('You do not have permission to create a Doc in this group.', 'bp-docs'), 'error'); $group_permalink = bp_get_group_permalink($bp->groups->current_group); // Redirect back to the Doc list view bp_core_redirect($group_permalink . $bp->bp_docs->slug . '/'); die; } } if (!empty($bp->bp_docs->current_view) && 'history' == $bp->bp_docs->current_view) { if (!current_user_can('bp_docs_view_history')) { // The user does not have edit permission. Redirect. if (function_exists('bp_core_no_access') && !is_user_logged_in()) { bp_core_no_access(); } bp_core_add_message(__('You do not have permission to view this Doc\'s history.', 'bp-docs'), 'error'); $doc = bp_docs_get_current_doc(); $redirect = bp_docs_get_doc_link($doc->ID); // Redirect back to the Doc list view bp_core_redirect($redirect); die; } } // Cancel edit lock if (!empty($_GET['bpd_action']) && $_GET['bpd_action'] == 'cancel_edit_lock') { // Check the nonce check_admin_referer('bp_docs_cancel_edit_lock'); // Todo: make this part of the perms system if (is_super_admin() || bp_group_is_admin()) { $doc = bp_docs_get_current_doc(); // Todo: get this into a proper method as well, blech delete_post_meta($doc->ID, '_bp_docs_last_pinged'); bp_core_add_message(__('Lock successfully removed', 'bp-docs')); bp_core_redirect(bp_docs_get_doc_link($doc->ID)); die; } } // Cancel edit // Have to have a catcher for this so the edit lock can be removed if (!empty($_GET['bpd_action']) && $_GET['bpd_action'] == 'cancel_edit') { $doc = bp_docs_get_current_doc(); // Todo: get this into a proper method as well, blech delete_post_meta($doc->ID, '_bp_docs_last_pinged'); bp_core_redirect(bp_docs_get_doc_link($doc->ID)); die; } // Todo: get this into a proper method if (bp_docs_is_doc_read() && !empty($_GET['delete'])) { check_admin_referer('bp_docs_delete'); if (current_user_can('bp_docs_manage')) { $delete_doc_id = get_queried_object_id(); if (bp_docs_trash_doc($delete_doc_id)) { bp_core_add_message(__('Doc successfully deleted!', 'bp-docs')); } else { bp_core_add_message(__('Could not delete doc.', 'bp-docs')); } } else { bp_core_add_message(__('You do not have permission to delete that doc.', 'bp-docs'), 'error'); } bp_core_redirect(home_url(bp_docs_get_docs_slug())); die; } if (bp_docs_is_doc_read() && !empty($_GET['untrash']) && !empty($_GET['doc_id'])) { check_admin_referer('bp_docs_untrash'); $untrash_doc_id = absint($_GET['doc_id']); if (current_user_can('bp_docs_manage', $untrash_doc_id)) { if (bp_docs_untrash_doc($untrash_doc_id)) { bp_core_add_message(__('Doc successfully removed from Trash!', 'bp-docs')); } else { bp_core_add_message(__('Could not remove Doc from Trash.', 'bp-docs')); } } else { bp_core_add_message(__('You do not have permission to remove that Doc from the Trash.', 'bp-docs'), 'error'); } bp_core_redirect(bp_docs_get_doc_link($untrash_doc_id)); die; } }
/** * AJAX handler for setting edit lock. * * Called when a user enters an Edit page. * * @since 1.6.0 */ function bp_docs_add_edit_lock_cb() { $doc_id = isset($_POST['doc_id']) ? (int) $_POST['doc_id'] : false; if (!$doc_id) { return; } $doc = get_post($doc_id); if (!$doc || is_wp_error($doc)) { return; } if (bp_docs_get_post_type_name() !== $doc->post_type) { return; } if (!is_user_logged_in()) { return; } // Is this post already locked? $lock = bp_docs_check_post_lock($doc_id); if (!empty($lock) && $lock != bp_loggedin_user_id()) { die; } $now = time(); $user_id = bp_loggedin_user_id(); $lock = "{$now}:{$user_id}"; update_post_meta($doc_id, '_bp_docs_last_pinged', $lock); die(json_encode('1')); }
/** * Get the lock status of a doc * * The function first tries to get the lock status out of $bp. If it has to look it up, it * stores the data in $bp for future use. * * @package BuddyPress Docs * @since 1.0-beta-2 * * @param int $doc_id Optional. Defaults to the doc currently being viewed * @return int Returns 0 if there is no lock, otherwise returns the user_id of the locker */ function bp_docs_is_doc_edit_locked($doc_id = false) { global $bp, $post; // Try to get the lock out of $bp first if (isset($bp->bp_docs->current_doc_lock)) { $is_edit_locked = $bp->bp_docs->current_doc_lock; } else { $is_edit_locked = 0; if (empty($doc_id)) { $doc_id = !empty($post->ID) ? $post->ID : false; } if ($doc_id) { // Because we're not using WP autosave at the moment, ensure that // the lock interval always returns as in process add_filter('wp_check_post_lock_window', create_function(false, 'return time();')); $is_edit_locked = bp_docs_check_post_lock($doc_id); } // Put into the $bp global to avoid extra lookups $bp->bp_docs->current_doc_lock = $is_edit_locked; } return apply_filters('bp_docs_is_doc_edit_locked', $is_edit_locked, $doc_id); }