/**
* Updates an item
*
* @uses check_admin_referer() for security reasons
* @uses buddydrive_get_buddyfile() to get the item
* @uses buddydrive_get_folder_post_type() to get the BuddyFolder post type
* @uses buddydrive_get_file_post_type() to get the BuddyFile post type
* @uses wp_kses() to sannitize data
* @uses buddydrive_update_item() to update the item (folder or file)
* @uses the BuddyDrive Loop to get the item updated
* @uses buddydrive_get_template() to get the template for bp-default or any theme
* @return array containing the updated item
*/
function buddydrive_ajax_update_item()
{
// Bail if not a POST action
if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) {
return;
}
// Check the nonce
check_admin_referer('buddydrive_actions', '_wpnonce_buddydrive_actions');
$item_id = intval($_POST['id']);
$item = buddydrive_get_buddyfile($item_id, array(buddydrive_get_folder_post_type(), buddydrive_get_file_post_type()));
if (empty($item->title)) {
echo json_encode(array(0));
die;
}
$args = array();
if (!empty($_POST['title'])) {
$args['title'] = wp_kses($_POST['title'], array());
}
if (!empty($_POST['content'])) {
$args['content'] = wp_kses($_POST['content'], array());
}
if (!empty($_POST['sharing'])) {
$args['privacy'] = $_POST['sharing'];
}
if (!empty($_POST['password'])) {
$args['password'] = wp_kses($_POST['password'], array());
}
if (!empty($_POST['group'])) {
$args['group'] = $_POST['group'];
}
$args['parent_folder_id'] = !empty($_POST['folder']) ? intval($_POST['folder']) : 0;
// We need to check if the parent folder is attached to a group.
if (!empty($args['parent_folder_id'])) {
$maybe_in_group = get_post_meta($args['parent_folder_id'], '_buddydrive_sharing_groups', true);
if (!empty($maybe_in_group)) {
$args['group'] = intval($maybe_in_group);
}
}
if (!empty($_POST['customs'])) {
$args['buddydrive_meta'] = json_decode(wp_unslash($_POST['customs']));
}
$updated = buddydrive_update_item($args, $item);
$result = array();
if (!empty($updated)) {
if (buddydrive_has_items('id=' . $updated)) {
ob_start();
while (buddydrive_has_items()) {
buddydrive_the_item();
bp_get_template_part('buddydrive-entry', false);
}
$result[] = ob_get_contents();
ob_end_clean();
}
$result[] = $args['parent_folder_id'];
echo json_encode($result);
} else {
echo json_encode(array(0));
}
die;
}
/**
* Loads and choose the right action to do in the administration of BuddyDrive Items
*
* @global object $buddydrive_list_table
* @uses remove_query_arg() to remove some args to the url
* @uses check_admin_referer() for security reasons
* @uses wp_parse_id_list() to parse ids from a comma separated list
* @uses buddydrive_delete_item() to delete one or more items
* @uses add_query_arg() to add args to the url
* @uses bp_core_redirect() to safely redirect to the right admin area
* @uses add_screen_option() to organize the layout
* @uses get_current_screen() to get the admin screen
* @uses add_meta_box() to register the meta boxes
* @uses wp_enqueue_script() to enqueue the needed scripts
* @uses BuddyDrive_List_Table() to init the list of items
* @uses buddydrive_get_buddyfile() to get a single BuddyDrive item
* @uses buddydrive_get_folder_post_type() to get the BuddyFolder post type
* @uses buddydrive_get_file_post_type() to get the BuddyFile post type
* @uses wp_kses() to sanitize datas
* @uses buddydrive_update_item() to update a BuddyDrive item
* @uses wp_redirect() to redirect to the right admin area
*/
function buddydrive_files_admin_load()
{
global $buddydrive_list_table;
$doaction = !empty($_REQUEST['action']) ? $_REQUEST['action'] : '';
// If the bottom is set, let it override the action
if (!empty($_REQUEST['action2']) && $_REQUEST['action2'] != "-1") {
$doaction = $_REQUEST['action2'];
}
$redirect_to = remove_query_arg(array('action', 'action2', 'bid', 'deleted', 'error', 'updated'), $_SERVER['REQUEST_URI']);
do_action('buddydrive_files_admin_load', $doaction);
if ('do_delete' == $doaction && !empty($_GET['bid'])) {
check_admin_referer('buddydrive-delete');
$item_ids = wp_parse_id_list($_GET['bid']);
$count = buddydrive_delete_item(array('ids' => $item_ids, 'user_id' => false));
$redirect_to = add_query_arg('deleted', $count, $redirect_to);
bp_core_redirect($redirect_to);
} elseif ('edit' == $doaction && !empty($_GET['bid'])) {
// columns screen option
add_screen_option('layout_columns', array('default' => 2, 'max' => 2));
get_current_screen()->add_help_tab(array('id' => 'buddydrive-edit-overview', 'title' => __('Overview', 'buddydrive'), 'content' => '<p>' . __('This page is a convenient way to edit the details associated with one of your file or folder.', 'buddydrive') . '</p>' . '<p>' . __('The Name and Description box is fixed in place, but you can reposition all the other boxes using drag and drop, and can minimize or expand them by clicking the title bar of each box. Use the Screen Options tab to hide or unhide, or to choose a 1- or 2-column layout for this screen.', 'buddydrive') . '</p>'));
// Register metaboxes for the edit screen.
add_meta_box('submitdiv', _x('Save', 'buddydrive-item admin edit screen', 'buddydrive'), 'buddydrive_admin_edit_metabox_status', get_current_screen()->id, 'side', 'high');
add_meta_box('buddydrive_item_privacy', _x('Privacy', 'buddydrive-item admin edit screen', 'buddydrive'), 'buddydrive_admin_edit_metabox_privacy', get_current_screen()->id, 'side', 'core');
add_meta_box('buddydrive_item_children', _x('Files', 'buddydrive-item admin edit screen', 'buddydrive'), 'buddydrive_admin_edit_metabox_list_files', get_current_screen()->id, 'normal', 'core');
do_action('buddydrive_files_admin_meta_boxes');
// Enqueue javascripts
wp_enqueue_script('postbox');
wp_enqueue_script('dashboard');
wp_enqueue_script('comment');
// Index screen
} else {
$buddydrive_list_table = new BuddyDrive_List_Table();
}
if ($doaction && 'save' == $doaction) {
// Get item ID
$item_id = isset($_REQUEST['bid']) ? (int) $_REQUEST['bid'] : '';
$redirect_to = add_query_arg(array('bid' => (int) $item_id, 'action' => 'edit'), $redirect_to);
// Check this is a valid form submission
check_admin_referer('edit-buddydrive-item_' . $item_id);
$item = buddydrive_get_buddyfile($item_id, array(buddydrive_get_folder_post_type(), buddydrive_get_file_post_type()));
if (empty($item->title)) {
wp_redirect($redirect_to);
exit;
}
$args = array();
if (!empty($_POST['buddydrive-edit']['item-title'])) {
$args['title'] = wp_kses($_POST['buddydrive-edit']['item-title'], array());
}
if (!empty($_POST['buddydrive-edit']['item-content'])) {
$args['content'] = wp_kses($_POST['buddydrive-edit']['item-content'], array());
}
if (!empty($_POST['buddydrive-edit']['sharing'])) {
$args['privacy'] = $_POST['buddydrive-edit']['sharing'];
}
if (!empty($_POST['buddydrive-edit']['password'])) {
$args['password'] = wp_kses($_POST['buddydrive-edit']['password'], array());
}
if (!empty($_POST['buddydrive-edit']['buddygroup'])) {
$args['group'] = $_POST['buddydrive-edit']['buddygroup'];
}
$args['parent_folder_id'] = !empty($_POST['buddydrive-edit']['folder']) ? intval($_POST['buddydrive-edit']['folder']) : 0;
$updated = buddydrive_update_item($args, $item);
if (!empty($updated)) {
$redirect_to = add_query_arg('updated', 1, $redirect_to);
} else {
$redirect_to = add_query_arg('error', 1, $redirect_to);
}
wp_redirect(apply_filters('buddydrive_item_admin_edit_redirect', $redirect_to));
exit;
}
}
/**
* @group save
* @group update
*/
public function test_buddydrive_update_item()
{
// create the upload dir
$upload_dir = buddydrive_get_upload_data();
$meta = new stdClass();
$meta->privacy = 'public';
$expected_ids = array();
$expected_ids['file_id'] = buddydrive_save_item(array('type' => buddydrive_get_file_post_type(), 'user_id' => $this->user_id, 'title' => 'screenshot-1.png', 'content' => 'foo bar file', 'mime_type' => 'image/png', 'guid' => trailingslashit($upload_dir['url']) . 'screenshot-1.png', 'metas' => $meta));
$file_object = buddydrive_get_buddyfile($expected_ids['file_id']);
$this->assertTrue('public' === $file_object->check_for);
$meta->privacy = 'private';
$expected_ids['folder_id'] = buddydrive_save_item(array('type' => buddydrive_get_folder_post_type(), 'title' => 'foo', 'content' => 'foo bar folder', 'metas' => $meta));
buddydrive_update_item(array('parent_folder_id' => $expected_ids['folder_id']), $file_object);
$file_object = buddydrive_get_buddyfile($expected_ids['file_id']);
$this->assertTrue((int) $file_object->post_parent === (int) $expected_ids['folder_id']);
$this->assertTrue('private' === $file_object->check_for);
$folder_object = buddydrive_get_buddyfile($expected_ids['folder_id'], buddydrive_get_folder_post_type());
buddydrive_update_item(array('privacy' => 'public'), $folder_object);
$file_object = buddydrive_get_buddyfile($expected_ids['file_id']);
$this->assertTrue('public' === $file_object->check_for);
}
/**
* @group get
* @group scope
*/
public function test_buddydrive_item_get_by_scope()
{
$u2 = $this->factory->user->create();
// Admin
$this->set_current_user(1);
$by_scope = new BuddyDrive_Item();
// Get by scope
$by_scope->get(array('type' => buddydrive_get_file_post_type(), 'buddydrive_scope' => 'admin'));
// Admin should see everything
$this->assertTrue((int) $by_scope->query->found_posts === 2);
// Update the privacy of the file
$file_object = buddydrive_get_buddyfile($this->expected_ids['foo']);
buddydrive_update_item(array('privacy' => 'public'), $file_object);
// Any user
$this->set_current_user($u2);
add_filter('bp_displayed_user_id', array($this, 'set_displayed_user_id'), 10, 1);
$by_scope = new BuddyDrive_Item();
// Get by scope
$by_scope->get(array('type' => buddydrive_get_file_post_type(), 'buddydrive_scope' => 'files'));
$file = wp_list_pluck($by_scope->query->posts, 'ID');
$this->assertTrue($this->expected_ids['foo'] === (int) $file[0], 'only public files should be listed');
// The owner
$this->set_current_user($this->user_id);
$by_scope = new BuddyDrive_Item();
// Get by scope
$by_scope->get(array('type' => buddydrive_get_file_post_type(), 'buddydrive_scope' => 'files'));
// Owner should see everything
$this->assertTrue((int) $by_scope->query->found_posts === 2);
remove_filter('bp_displayed_user_id', array($this, 'set_displayed_user_id'), 10, 1);
// Any user
$this->set_current_user($u2);
// Update the privacy and owner of the file
$file_object = buddydrive_get_buddyfile($this->expected_ids['bar']);
buddydrive_update_item(array('privacy' => 'public', 'user_id' => $u2), $file_object);
$by_scope = new BuddyDrive_Item();
// Get by scope
$by_scope->get(array('type' => buddydrive_get_file_post_type(), 'buddydrive_scope' => 'public'));
// Custom loops should be able to list all public files
$this->assertTrue((int) $by_scope->query->found_posts === 2);
buddydrive_update_item(array('privacy' => 'private'), $file_object);
$by_scope = new BuddyDrive_Item();
// Get by scope
$by_scope->get(array('type' => buddydrive_get_file_post_type(), 'buddydrive_scope' => 'public'));
// Custom loops should be able to list all public files
$this->assertTrue((int) $by_scope->query->found_posts === 1);
}
