/** * Map our caps to WP's * * @since 1.2 * * @param array $caps Capabilities for meta capability * @param string $cap Capability name * @param int $user_id User id * @param mixed $args Arguments passed to map_meta_cap filter * @uses get_post() To get the post * @uses get_post_type_object() To get the post type object * @uses apply_filters() Calls 'bp_docs_map_meta_caps' with caps, cap, user id and * args * @return array Actual capabilities for meta capability */ function bp_docs_map_meta_caps($caps, $cap, $user_id, $args) { global $post, $wp_post_types; // No need to continue if BuddyPress Docs hasn't been initialized $pt = bp_docs_get_post_type_name(); if (empty($pt)) { return $caps; } // Set up some data we'll need for these permission checks $doc = bp_docs_get_doc_for_caps($args); // Nothing to check if (empty($doc)) { return $caps; } $post_type = get_post_type_object($doc->post_type); $doc_settings = bp_docs_get_doc_settings($doc_id); // Reset all caps. We bake from scratch $caps = array(); switch ($cap) { case 'create_bp_doc': // @todo This will probably need more thought if (!is_user_logged_in()) { $caps[] = 'do_not_allow'; } else { // @todo - need to detect group membership $caps[] = $cap; } break; case 'read_bp_doc': $caps[] = 'exist'; // anyone can read Docs by default break; case 'edit_bp_doc': if ($user_id == $doc->post_author) { $caps[] = $cap; } else { if (isset($doc_settings['edit'])) { var_dump($doc_settings['edit']); } else { if (bp_docs_user_has_custom_access($user_id, $doc_settings, 'edit')) { $caps[] = $cap; } else { $caps[] = 'do_not_allow'; } } } break; case 'view_bp_doc_history': if ($user_id == $doc->post_author) { $caps[] = $cap; } else { if (bp_docs_user_has_custom_access($user_id, $doc_settings, 'view_history')) { $caps[] = $cap; } else { $caps[] = 'do_not_allow'; } } break; } return apply_filters('bp_docs_map_meta_caps', $caps, $cap, $user_id, $args); }
/** * Group-specific meta cap mapping. * * Some bp_docs_ capabilities require referencing group-specific info. We do * this here. * * @since 1.8 */ function bp_docs_groups_map_meta_caps($caps, $cap, $user_id, $args) { switch ($cap) { case 'bp_docs_read': case 'bp_docs_edit': case 'bp_docs_view_history': case 'bp_docs_manage': case 'bp_docs_read_comments': case 'bp_docs_post_comments': $doc = bp_docs_get_doc_for_caps($args); if (empty($doc)) { break; } $group_id = bp_docs_get_associated_group_id($doc->ID, $doc); // If not associated with a group, nothing to do here if (!$group_id) { break; } if (user_can($user_id, 'bp_moderate')) { return array('exist'); } $doc_settings = bp_docs_get_doc_settings($doc->ID); // Caps are stored without the 'bp_docs_' prefix, // mostly for legacy reasons $cap_name = substr($cap, 8); switch ($doc_settings[$cap_name]) { case 'group-members': $caps = array(); if (groups_is_user_member($user_id, $group_id)) { $caps[] = 'exist'; } else { $caps[] = 'do_not_allow'; } break; case 'admins-mods': $caps = array(); if (groups_is_user_admin($user_id, $group_id) || groups_is_user_mod($user_id, $group_id)) { $caps[] = 'exist'; } else { $caps[] = 'do_not_allow'; } break; } break; case 'bp_docs_associate_with_group': if (isset($args[0])) { $group_id = intval($args[0]); } else { if (bp_is_group()) { $group_id = bp_get_current_group_id(); } } if (empty($group_id)) { break; } if (user_can($user_id, 'bp_moderate')) { return array('exist'); } $caps = array(); $group_settings = bp_docs_get_group_settings($group_id); switch ($group_settings['can-create']) { case 'admin': if (groups_is_user_admin($user_id, $group_id)) { $caps[] = 'exist'; } else { $caps[] = 'do_not_allow'; } break; case 'mod': if (groups_is_user_mod($user_id, $group_id) || groups_is_user_admin($user_id, $group_id)) { $caps[] = 'exist'; } else { $caps[] = 'do_not_allow'; } break; case 'member': default: if (groups_is_user_member($user_id, $group_id)) { $caps[] = 'exist'; } else { $caps[] = 'do_not_allow'; } break; } break; case 'bp_docs_dissociate_from_group': if (isset($args[0])) { $group_id = intval($args[0]); } elseif (bp_is_group()) { $group_id = bp_get_current_group_id(); } else { $group_id = bp_docs_get_associated_group_id(get_the_ID()); } if (empty($group_id)) { break; } if (user_can($user_id, 'bp_moderate')) { return array('exist'); } $caps = array(); // Group admins or mods should able to remove docs from groups if (groups_is_user_mod($user_id, $group_id) || groups_is_user_admin($user_id, $group_id)) { $caps[] = 'exist'; } else { $caps[] = 'do_not_allow'; } break; } return $caps; }
/** * Map our caps to WP's * * @since 1.2 * * @param array $caps Capabilities for meta capability * @param string $cap Capability name * @param int $user_id User id * @param mixed $args Arguments passed to map_meta_cap filter * @return array Actual capabilities for meta capability */ function bp_docs_map_meta_caps($caps, $cap, $user_id, $args) { global $post, $wp_post_types; // No need to continue if BuddyPress Docs hasn't been initialized $pt = bp_docs_get_post_type_name(); if (empty($pt)) { return $caps; } switch ($cap) { case 'bp_docs_create': // Reset all caps. We bake from scratch $caps = array(); // Should never get here if there's no user if (!$user_id) { $caps[] = 'do_not_allow'; // All logged-in users can create } else { $caps[] = 'exist'; } break; case 'bp_docs_read': case 'bp_docs_edit': case 'bp_docs_view_history': case 'bp_docs_manage': case 'bp_docs_read_comments': case 'bp_docs_post_comments': // Reset all caps. We bake from scratch $caps = array(); $doc = bp_docs_get_doc_for_caps($args); if (empty($doc)) { break; } // Special case: view_history requires post revisions // @todo Move this to addon-history if ('bp_docs_view_history' === $cap && !wp_revisions_enabled($doc)) { return array('do_not_allow'); } // Admins can do everything if (user_can($user_id, 'bp_moderate')) { return array('exist'); } $doc_settings = bp_docs_get_doc_settings($doc->ID); // Caps are stored without the 'bp_docs_' prefix, // mostly for legacy reasons $cap_name = substr($cap, 8); switch ($doc_settings[$cap_name]) { case 'anyone': $caps[] = 'exist'; break; case 'loggedin': if (!$user_id) { $caps[] = 'do_not_allow'; } else { $caps[] = 'exist'; } break; case 'creator': if ($user_id == $doc->post_author) { $caps[] = 'exist'; } else { $caps[] = 'do_not_allow'; } break; case 'no-one': default: $caps[] = 'do_not_allow'; break; // Group-specific caps get passed to filter } break; } return apply_filters('bp_docs_map_meta_caps', $caps, $cap, $user_id, $args); }