<div class="doc-permissions">
<?php
bp_docs_doc_permissions_snapshot();
?>
</div>
<?php
}
?>
</div>
<div class="doc-tabs">
<ul>
<li<?php
if (bp_docs_is_doc_read()) {
?>
class="current"<?php
}
?>
>
<a href="<?php
bp_docs_doc_link();
?>
"><?php
_e('Read', 'bp-docs');
?>
</a>
</li>
<?php
/**
* Catches page loads, determines what to do, and sends users on their merry way
*
* @package BuddyPress Docs
* @since 1.0-beta
* @todo This needs a ton of cleanup
*/
function catch_page_load()
{
global $bp;
if (!empty($_POST['doc-edit-submit'])) {
check_admin_referer('bp_docs_save');
$this_doc = new BP_Docs_Query();
$result = $this_doc->save();
bp_core_add_message($result['message'], $result['message_type']);
bp_core_redirect(trailingslashit($result['redirect_url']));
}
if (!empty($_POST['docs-filter-submit'])) {
$this->handle_filters();
}
// If this is the edit screen, ensure that the user can edit the
// doc before querying, and redirect if necessary
if (bp_docs_is_doc_edit()) {
if (current_user_can('bp_docs_edit')) {
$doc = bp_docs_get_current_doc();
// The user can edit, so we check for edit locks
// Because we're not using WP autosave at the moment, ensure that
// the lock interval always returns as in process
add_filter('wp_check_post_lock_window', create_function(false, 'return time();'));
$lock = bp_docs_check_post_lock($doc->ID);
if ($lock) {
bp_core_add_message(sprintf(__('This doc is currently being edited by %s. To prevent overwrites, you cannot edit until that user has finished. Please try again in a few minutes.', 'bp-docs'), bp_core_get_user_displayname($lock)), 'error');
// Redirect back to the non-edit view of this document
bp_core_redirect(bp_docs_get_doc_link($doc->ID));
die;
}
} else {
if (function_exists('bp_core_no_access') && !is_user_logged_in()) {
bp_core_no_access();
}
// The user does not have edit permission. Redirect.
bp_core_add_message(__('You do not have permission to edit the doc.', 'bp-docs'), 'error');
// Redirect back to the non-edit view of this document
bp_core_redirect(bp_docs_get_doc_link($doc->ID));
die;
}
}
if (bp_docs_is_doc_create()) {
if (!current_user_can('bp_docs_create')) {
// The user does not have edit permission. Redirect.
if (function_exists('bp_core_no_access') && !is_user_logged_in()) {
bp_core_no_access();
}
bp_core_add_message(__('You do not have permission to create a Doc in this group.', 'bp-docs'), 'error');
$group_permalink = bp_get_group_permalink($bp->groups->current_group);
// Redirect back to the Doc list view
bp_core_redirect($group_permalink . $bp->bp_docs->slug . '/');
die;
}
}
if (!empty($bp->bp_docs->current_view) && 'history' == $bp->bp_docs->current_view) {
if (!current_user_can('bp_docs_view_history')) {
// The user does not have edit permission. Redirect.
if (function_exists('bp_core_no_access') && !is_user_logged_in()) {
bp_core_no_access();
}
bp_core_add_message(__('You do not have permission to view this Doc\'s history.', 'bp-docs'), 'error');
$doc = bp_docs_get_current_doc();
$redirect = bp_docs_get_doc_link($doc->ID);
// Redirect back to the Doc list view
bp_core_redirect($redirect);
die;
}
}
// Cancel edit lock
if (!empty($_GET['bpd_action']) && $_GET['bpd_action'] == 'cancel_edit_lock') {
// Check the nonce
check_admin_referer('bp_docs_cancel_edit_lock');
// Todo: make this part of the perms system
if (is_super_admin() || bp_group_is_admin()) {
$doc = bp_docs_get_current_doc();
// Todo: get this into a proper method as well, blech
delete_post_meta($doc->ID, '_bp_docs_last_pinged');
bp_core_add_message(__('Lock successfully removed', 'bp-docs'));
bp_core_redirect(bp_docs_get_doc_link($doc->ID));
die;
}
}
// Cancel edit
// Have to have a catcher for this so the edit lock can be removed
if (!empty($_GET['bpd_action']) && $_GET['bpd_action'] == 'cancel_edit') {
$doc = bp_docs_get_current_doc();
// Todo: get this into a proper method as well, blech
delete_post_meta($doc->ID, '_bp_docs_last_pinged');
bp_core_redirect(bp_docs_get_doc_link($doc->ID));
die;
}
// Todo: get this into a proper method
if (bp_docs_is_doc_read() && !empty($_GET['delete'])) {
check_admin_referer('bp_docs_delete');
if (current_user_can('bp_docs_manage')) {
$delete_doc_id = get_queried_object_id();
if (bp_docs_trash_doc($delete_doc_id)) {
bp_core_add_message(__('Doc successfully deleted!', 'bp-docs'));
} else {
bp_core_add_message(__('Could not delete doc.', 'bp-docs'));
}
} else {
bp_core_add_message(__('You do not have permission to delete that doc.', 'bp-docs'), 'error');
}
bp_core_redirect(home_url(bp_docs_get_docs_slug()));
die;
}
if (bp_docs_is_doc_read() && !empty($_GET['untrash']) && !empty($_GET['doc_id'])) {
check_admin_referer('bp_docs_untrash');
$untrash_doc_id = absint($_GET['doc_id']);
if (current_user_can('bp_docs_manage', $untrash_doc_id)) {
if (bp_docs_untrash_doc($untrash_doc_id)) {
bp_core_add_message(__('Doc successfully removed from Trash!', 'bp-docs'));
} else {
bp_core_add_message(__('Could not remove Doc from Trash.', 'bp-docs'));
}
} else {
bp_core_add_message(__('You do not have permission to remove that Doc from the Trash.', 'bp-docs'), 'error');
}
bp_core_redirect(bp_docs_get_doc_link($untrash_doc_id));
die;
}
}
/**
* Protects group docs from unauthorized access
*
* @since 1.2
* @uses bp_docs_current_user_can() This does most of the heavy lifting
*/
function protect_doc_access()
{
// What is the user trying to do?
if (bp_docs_is_doc_read()) {
$action = 'read';
} else {
if (bp_docs_is_doc_create()) {
$action = 'create';
} else {
if (bp_docs_is_doc_edit()) {
$action = 'edit';
} else {
if (bp_docs_is_doc_history()) {
$action = 'view_history';
}
}
}
}
if (!isset($action)) {
return;
}
if (!bp_docs_current_user_can($action)) {
$redirect_to = wp_get_referer();
if (!$redirect_to || trailingslashit($redirect_to) == trailingslashit(wp_guess_url())) {
$redirect_to = bp_get_root_domain();
}
switch ($action) {
case 'read':
$message = __('You are not allowed to read that Doc.', 'bp-docs');
break;
case 'create':
$message = __('You are not allowed to create Docs.', 'bp-docs');
break;
case 'edit':
$message = __('You are not allowed to edit that Doc.', 'bp-docs');
break;
case 'view_history':
$message = __('You are not allowed to view that Doc\'s history.', 'bp-docs');
break;
}
bp_core_add_message($message, 'error');
bp_core_redirect($redirect_to);
}
}
/**
* Protects group docs from unauthorized access
*
* @since 1.2
*/
function protect_doc_access()
{
// What is the user trying to do?
if (bp_docs_is_doc_read()) {
$action = 'bp_docs_read';
} else {
if (bp_docs_is_doc_create()) {
$action = 'bp_docs_create';
} else {
if (bp_docs_is_doc_edit()) {
$action = 'bp_docs_edit';
} else {
if (bp_docs_is_doc_history()) {
$action = 'bp_docs_view_history';
}
}
}
}
if (!isset($action)) {
return;
}
if (!current_user_can($action)) {
$redirect_to = bp_docs_get_doc_link();
bp_core_no_access(array('mode' => 2, 'redirect' => $redirect_to));
}
}
<?php
global $class;
$is_group_single_doc = '';
if (function_exists('bp_docs_is_doc_edit')) {
//fix boss code with rw_bp_doc_single_group_id()
$is_group_single_doc = (bp_docs_is_doc_edit() || bp_docs_is_doc_read() || bp_docs_is_doc_create() || bp_docs_is_doc_history()) && rw_bp_doc_single_group_id(false);
}
if ($is_group_single_doc) {
$class .= ' group-single';
}
?>
<?php
// Boxed layout cover
if (boss_get_option('boss_cover_profile')) {
if (boss_get_option('boss_layout_style') == 'boxed' && (!bp_is_current_component('events') || bp_is_current_component('events') && 'profile' == bp_current_action())) {
// show here for boxed and if not Events Manager page or if it is My Profile of Events
if (bp_is_user()) {
echo buddyboss_cover_photo("user", bp_displayed_user_id());
}
}
}
?>
<?php
if (bp_is_current_component('groups') && !bp_is_group() && !bp_is_user()) {
?>
<div class="dir-page-entry">
<div class="inner-padding">
<header class="group-header page-header">
