/**
* There's no great unit test way to do this
*/
function test_htaccess_creation()
{
$doc_id = $this->factory->doc->create();
$uploads = wp_upload_dir();
$subdir = DIRECTORY_SEPARATOR . 'bp-attachments' . DIRECTORY_SEPARATOR . $doc_id;
$dir = $uploads['basedir'] . $subdir;
$htaccess_path = $dir . DIRECTORY_SEPARATOR . '.htaccess';
// for cleanup later
$dir_exists = file_exists($dir);
$htaccess_exists = file_exists($htaccess_path);
if ($dir_exists) {
rename($dir, $dir . '.bu');
} else {
if ($htaccess_exists) {
rename($htaccess_path, $htaccess_path . '.bu');
}
}
$settings = bp_docs_get_doc_settings();
// Test private first
$settings['read'] = 'loggedin';
update_post_meta($doc_id, 'bp_docs_settings', $settings);
bp_docs_update_doc_access($doc_id, 'loggedin');
$query = new BP_Docs_Query();
$query->doc_id = $doc_id;
do_action('bp_docs_doc_saved', $query);
$this->assertTrue(file_exists($htaccess_path));
// Clean up and test with public
unlink($htaccess_path);
rmdir($dir);
$settings['read'] = 'anyone';
update_post_meta($doc_id, 'bp_docs_settings', $settings);
bp_docs_update_doc_access($doc_id, 'anyone');
$query2 = new BP_Docs_Query();
$query2->doc_id = $doc_id;
do_action('bp_docs_doc_saved', $query2);
$this->assertFalse(file_exists($htaccess_path));
// Clean up
@unlink($htaccess_path);
@rmdir($dir);
if ($dir_exists) {
rename($dir . '.bu', $dir);
} else {
if ($htaccess_exists) {
rename($htaccess_path . '.bu', $htaccess_path);
}
}
}
/**
* Saves a doc.
*
* This method handles saving for both new and existing docs. It detects the difference by
* looking for the presence of $this->doc_slug
*
* @package BuddyPress Docs
* @since 1.0-beta
*/
function save($args = false)
{
global $bp;
// bbPress plays naughty with revision saving
add_action('pre_post_update', 'wp_save_post_revision');
// Get the required taxonomy items associated with the group. We only run this
// on a save because it requires extra database hits.
$this->setup_terms();
// Set up the default value for the result message
$results = array('message' => __('Unknown error. Please try again.', 'bp-docs'), 'redirect' => 'create');
// Backward compatibility. Had to change to doc_content to work with wp_editor
$doc_content = '';
if (isset($_POST['doc_content'])) {
$doc_content = $_POST['doc_content'];
} else {
if (isset($_POST['doc']['content'])) {
$doc_content = $_POST['doc']['content'];
}
}
// Check group associations
// @todo Move into group integration piece
if (bp_is_active('groups')) {
$associated_group_id = isset($_POST['associated_group_id']) ? intval($_POST['associated_group_id']) : 0;
if ($associated_group_id && !BP_Docs_Groups_Integration::user_can_associate_doc_with_group(bp_loggedin_user_id(), $associated_group_id)) {
bp_core_add_message(__('You are not allowed to associate a Doc with that group.', 'bp-docs'), 'error');
bp_core_redirect(bp_docs_get_create_link());
}
}
if (empty($_POST['doc']['title']) || empty($doc_content)) {
// Both the title and the content fields are required
$result['message'] = __('Both the title and the content fields are required.', 'bp-docs');
$result['redirect'] = $this->current_view;
} else {
// If both the title and content fields are filled in, we can proceed
$defaults = array('post_type' => $this->post_type_name, 'post_title' => $_POST['doc']['title'], 'post_name' => isset($_POST['doc']['permalink']) ? sanitize_title($_POST['doc']['permalink']) : sanitize_title($_POST['doc']['title']), 'post_content' => stripslashes(sanitize_post_field('post_content', $doc_content, 0, 'db')), 'post_status' => 'publish');
$r = wp_parse_args($args, $defaults);
if (empty($this->doc_slug)) {
$this->is_new_doc = true;
$r['post_author'] = bp_loggedin_user_id();
// This is a new doc
if (!($post_id = wp_insert_post($r))) {
$result['message'] = __('There was an error when creating the doc.', 'bp-docs');
$result['redirect'] = 'create';
} else {
$this->doc_id = $post_id;
$the_doc = get_post($this->doc_id);
$this->doc_slug = $the_doc->post_name;
// A normal, successful save
$result['message'] = __('Doc successfully created!', 'bp-docs');
$result['redirect'] = 'single';
}
} else {
$this->is_new_doc = false;
$doc = get_queried_object();
$this->doc_id = $doc->ID;
$r['ID'] = $this->doc_id;
// Make sure the post_name is set
if (empty($r['post_name'])) {
$r['post_name'] = sanitize_title($r['post_title']);
}
// Make sure the post_name is unique
$r['post_name'] = wp_unique_post_slug($r['post_name'], $this->doc_id, $r['post_status'], $this->post_type_name, $doc->post_parent);
$this->doc_slug = $r['post_name'];
if (!wp_update_post($r)) {
$result['message'] = __('There was an error when saving the doc.', 'bp-docs');
$result['redirect'] = 'edit';
} else {
// Remove the edit lock
delete_post_meta($this->doc_id, '_edit_lock');
// When the post has been autosaved, we need to leave a
// special success message
if (!empty($_POST['is_auto']) && $_POST['is_auto']) {
$result['message'] = __('You idled a bit too long while in Edit mode. In order to allow others to edit the doc you were working on, your changes have been autosaved. Click the Edit button to return to Edit mode.', 'bp-docs');
} else {
// A normal, successful save
$result['message'] = __('Doc successfully edited!', 'bp-docs');
}
$result['redirect'] = 'single';
}
$post_id = $this->doc_id;
}
}
// Add to a group, if necessary
if (isset($associated_group_id)) {
bp_docs_set_associated_group_id($post_id, $associated_group_id);
}
// Make sure the current user is added as one of the authors
wp_set_post_terms($post_id, $this->user_term_id, $this->associated_item_tax_name, true);
// Save the last editor id. We'll use this to create an activity item
update_post_meta($this->doc_id, 'bp_docs_last_editor', bp_loggedin_user_id());
// Save settings
$settings = !empty($_POST['settings']) ? $_POST['settings'] : array();
$verified_settings = bp_docs_verify_settings($settings, $post_id, bp_loggedin_user_id());
$new_settings = array();
foreach ($verified_settings as $verified_setting_name => $verified_setting) {
$new_settings[$verified_setting_name] = $verified_setting['verified_value'];
if ($verified_setting['verified_value'] != $verified_setting['original_value']) {
$result['message'] = __('Your Doc was successfully saved, but some of your access settings have been changed to match the Doc\'s permissions.', 'bp-docs');
}
}
update_post_meta($this->doc_id, 'bp_docs_settings', $new_settings);
// The 'read' setting must also be saved to a taxonomy, for
// easier directory queries
$read_setting = isset($new_settings['read']) ? $new_settings['read'] : 'anyone';
bp_docs_update_doc_access($this->doc_id, $read_setting);
// Increment the revision count
$revision_count = get_post_meta($this->doc_id, 'bp_docs_revision_count', true);
update_post_meta($this->doc_id, 'bp_docs_revision_count', intval($revision_count) + 1);
// Provide a custom hook for plugins and optional components.
// WP's default save_post isn't enough, because we need something that fires
// only when we save from the front end (for things like taxonomies, which
// the WP admin handles automatically)
do_action('bp_docs_doc_saved', $this);
$message_type = $result['redirect'] == 'single' ? 'success' : 'error';
$redirect_url = trailingslashit(bp_get_root_domain() . '/' . BP_DOCS_SLUG);
if ($result['redirect'] == 'single') {
$redirect_url .= $this->doc_slug;
} else {
if ($result['redirect'] == 'edit') {
$redirect_url .= $this->doc_slug . '/' . BP_DOCS_EDIT_SLUG;
} else {
if ($result['redirect'] == 'create') {
$redirect_url .= BP_DOCS_CREATE_SLUG;
}
}
}
$retval = array('message_type' => $message_type, 'message' => $result['message'], 'redirect_url' => $redirect_url);
return $retval;
}
function bp_docs_upgrade_1_2($udata = array())
{
global $wpdb;
$url_base = admin_url(add_query_arg(array('post_type' => bp_docs_get_post_type_name(), 'page' => 'bp-docs-upgrade'), 'edit.php'));
if (empty($udata['total'])) {
$udata['total'] = $wpdb->get_var($wpdb->prepare("SELECT COUNT(*) FROM {$wpdb->posts} WHERE post_type = %s", bp_docs_get_post_type_name()));
}
if (!isset($udata['done'])) {
$udata['done'] = 0;
}
if (empty($udata['group_terms_migrated'])) {
$tn = bp_docs_get_associated_item_tax_name();
// Get the group parent term
$group_parent_term = term_exists('group', $tn);
// Get all the group terms
if ($group_parent_term) {
// Delete the cached children terms, for good measure
delete_option($tn . '_children');
$group_terms = get_terms($tn, array('parent' => intval($group_parent_term['term_id'])));
foreach ($group_terms as $group_term) {
// Concatenate new term slugs
$new_desc = sprintf(__('Docs associated with the group %s', 'bp-docs'), $group_term->description);
$new_slug = 'bp_docs_associated_group_' . $group_term->name;
$new_name = $group_term->description;
wp_update_term($group_term->term_id, $tn, array('description' => $new_desc, 'slug' => $new_slug, 'name' => $new_name, 'parent' => 0));
}
}
// Store that we're done
$udata['group_terms_migrated'] = 1;
$udata['message'] = __('Group terms migrated. Now migrating Doc access terms....', 'bp-docs');
$udata['refresh_url'] = add_query_arg(array('do_upgrade' => '1', '_wpnonce' => wp_create_nonce('bp-docs-upgrade')), $url_base);
$udata['total'] = 0;
} else {
if (intval($udata['done']) < intval($udata['total'])) {
$counter = 0;
while ($counter < 5) {
$next_doc_id = $wpdb->get_var($wpdb->prepare("SELECT ID FROM {$wpdb->posts} WHERE post_type = %s AND ID > %d LIMIT 1", bp_docs_get_post_type_name(), intval($udata['last'])));
if (!$next_doc_id) {
$udata['done'] = $udata['total'];
$all_done = true;
break;
}
// Set the 'read' setting to a taxonomy
$doc_settings = get_post_meta($next_doc_id, 'bp_docs_settings', true);
if (isset($doc_settings['read'])) {
$read_setting = $doc_settings['read'];
} else {
$group = groups_get_group('group_id=' . bp_docs_get_associated_group_id($next_doc_id));
if (!empty($group->status) && 'public' != $group->status) {
$read_setting = 'group-members';
// Sanitize settings as well
foreach ($doc_settings as $doc_settings_key => $doc_settings_value) {
if (in_array($doc_settings_value, array('anyone', 'loggedin'))) {
$doc_settings[$doc_settings_key] = 'group-members';
}
}
$doc_settings['read'] = 'group-members';
update_post_meta($next_doc_id, 'bp_docs_settings', $doc_settings);
} else {
$read_setting = 'anyone';
}
}
bp_docs_update_doc_access($next_doc_id, $read_setting);
// Count the total number of edits
$count = $wpdb->get_var($wpdb->prepare("SELECT COUNT(*) FROM {$wpdb->posts} WHERE post_type = 'revision' AND post_status = 'inherit' AND post_parent = %d", $next_doc_id));
update_post_meta($next_doc_id, 'bp_docs_revision_count', $count + 1);
$counter++;
$udata['done']++;
$udata['last'] = $next_doc_id;
$udata['message'] = sprintf(__('Migrated %s of %s Docs. Migrating....', 'bp-docs'), $udata['done'], $udata['total']);
$udata['refresh_url'] = add_query_arg(array('do_upgrade' => '1', '_wpnonce' => wp_create_nonce('bp-docs-upgrade')), $url_base);
}
} else {
$all_done = true;
$udata['refresh_url'] = add_query_arg(array('bp_docs_upgraded' => 1), admin_url());
}
}
if (isset($all_done)) {
bp_update_option('_bp_docs_done_upgrade_1_2', 1);
}
return $udata;
}
/**
* Saves the settings associated with a given Doc
*
* @since 1.6.1
* @param int $doc_id The numeric ID of the doc
* @return null
*/
function bp_docs_save_doc_access_settings($doc_id)
{
// Two cases:
// 1. User is saving a doc for which he can update the access settings
if (isset($_POST['settings'])) {
$settings = !empty($_POST['settings']) ? $_POST['settings'] : array();
$verified_settings = bp_docs_verify_settings($settings, $doc_id, bp_loggedin_user_id());
$new_settings = array();
foreach ($verified_settings as $verified_setting_name => $verified_setting) {
$new_settings[$verified_setting_name] = $verified_setting['verified_value'];
if ($verified_setting['verified_value'] != $verified_setting['original_value']) {
$result['message'] = __('Your Doc was successfully saved, but some of your access settings have been changed to match the Doc\'s permissions.', 'bp-docs');
}
}
update_post_meta($doc_id, 'bp_docs_settings', $new_settings);
// The 'read' setting must also be saved to a taxonomy, for
// easier directory queries
$read_setting = isset($new_settings['read']) ? $new_settings['read'] : 'anyone';
bp_docs_update_doc_access($doc_id, $read_setting);
// 2. User is saving a doc for which he can't manage the access settings
// isset( $_POST['settings'] ) is false; the access settings section
// isn't included on the edit form
} else {
// Do nothing.
// Leave the access settings intact.
}
}
/**
* Reset group-related doc access settings to "creator"
*
* @since 1.9.0
* @param int $doc_id The numeric ID of the doc
* @return void
*/
function bp_docs_remove_group_related_doc_access_settings($doc_id)
{
if (empty($doc_id)) {
return;
}
// When a doc's privacy relies on group association, and that doc loses that group association, we need to make sure that it doesn't become public.
$settings = bp_docs_get_doc_settings($doc_id);
$group_settings = array('admins-mods', 'group-members');
$settings_modified = false;
foreach ($settings as $capability => $audience) {
if (in_array($audience, $group_settings)) {
$new_settings[$capability] = 'creator';
$settings_modified = true;
} else {
$new_settings[$capability] = $audience;
}
}
if ($settings_modified) {
update_post_meta($doc_id, 'bp_docs_settings', $new_settings);
}
// The 'read' setting must also be saved to a taxonomy, for
// easier directory queries. Update if modified.
if ($settings['read'] != $new_settings['read']) {
bp_docs_update_doc_access($doc_id, $new_settings['read']);
}
}
