<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[BuddyPress][11776] trunk: Use bp_user_can for group-related permissions.</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta" style="font-size: 105%">
<dt style="float: left; width: 6em; font-weight: bold">Revision</dt> <dd><a style="font-weight: bold" href="http://buddypress.trac.wordpress.org/changeset/11776">11776</a><script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","description":"Review this Commit","action":{"@type":"ViewAction","url":"http://buddypress.trac.wordpress.org/changeset/11776","name":"Review Commit"}}</script></dd>
<dt style="float: left; width: 6em; font-weight: bold">Author</dt> <dd>dcavins</dd>
<dt style="float: left; width: 6em; font-weight: bold">Date</dt> <dd>2017-12-14 13:24:01 +0000 (Thu, 14 Dec 2017)</dd>
</dl>
<pre style='padding-left: 1em; margin: 2em 0; border-left: 2px solid #ccc; line-height: 1.25; font-size: 105%; font-family: sans-serif'>Use bp_user_can for group-related permissions.
Centralize and de-duplicate permissions checks for group-related functions, like checking whether a user can join a group or send invitations from a group.
Props dcavins, djpaul.
Fixes <a href="http://buddypress.trac.wordpress.org/ticket/7610">#7610</a>.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunksrcbpgroupsbpgroupsactionsphp">trunk/src/bp-groups/bp-groups-actions.php</a></li>
<li><a href="#trunksrcbpgroupsbpgroupsfiltersphp">trunk/src/bp-groups/bp-groups-filters.php</a></li>
<li><a href="#trunksrcbpgroupsbpgroupstemplatephp">trunk/src/bp-groups/bp-groups-template.php</a></li>
<li><a href="#trunksrcbpgroupsclassesclassbpgroupscomponentphp">trunk/src/bp-groups/classes/class-bp-groups-component.php</a></li>
<li><a href="#trunksrcbptemplatesbplegacybuddypressfunctionsphp">trunk/src/bp-templates/bp-legacy/buddypress-functions.php</a></li>
</ul>
<h3>Added Paths</h3>
<ul>
<li><a href="#trunktestsphpunittestcasesgroupsuser_canphp">trunk/tests/phpunit/testcases/groups/user_can.php</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunksrcbpgroupsbpgroupsactionsphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/bp-groups/bp-groups-actions.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/bp-groups/bp-groups-actions.php 2017-12-13 10:50:41 UTC (rev 11775)
+++ trunk/src/bp-groups/bp-groups-actions.php 2017-12-14 13:24:01 UTC (rev 11776)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -420,7 +420,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> if ( !groups_is_user_member( bp_loggedin_user_id(), $bp->groups->current_group->id ) && !groups_is_user_banned( bp_loggedin_user_id(), $bp->groups->current_group->id ) ) {
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> // User wants to join a group that is not public.
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- if ( $bp->groups->current_group->status != 'public' ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( bp_current_user_can( 'groups_join_group', array( 'group_id' => $bp->groups->current_group->id ) ) ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> if ( !groups_check_user_has_invite( bp_loggedin_user_id(), $bp->groups->current_group->id ) ) {
</span><span class="cx" style="display: block; padding: 0 10px"> bp_core_add_message( __( 'There was an error joining the group.', 'buddypress' ), 'error' );
</span><span class="cx" style="display: block; padding: 0 10px"> bp_core_redirect( bp_get_group_permalink( $bp->groups->current_group ) );
</span></span></pre></div>
<a id="trunksrcbpgroupsbpgroupsfiltersphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/bp-groups/bp-groups-filters.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/bp-groups/bp-groups-filters.php 2017-12-13 10:50:41 UTC (rev 11775)
+++ trunk/src/bp-groups/bp-groups-filters.php 2017-12-14 13:24:01 UTC (rev 11776)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -158,11 +158,8 @@
</span><span class="cx" style="display: block; padding: 0 10px"> return $send;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- if ( 'groups' === $activity->component ) {
- $group = groups_get_group( $activity->item_id );
- if ( 'public' !== $group->status && ! groups_is_user_member( $user_id, $group->id ) ) {
- $send = false;
- }
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( 'groups' === $activity->component && ! bp_user_can( $user_id, 'groups_access_group', array( 'group_id' => $activity->item_id ) ) ) {
+ $send = false;
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> return $send;
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -190,3 +187,167 @@
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> return $avatar;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
+/**
+ * Filter the bp_user_can value to determine what the user can do
+ * with regards to a specific group.
+ *
+ * @since 3.0.0
+ *
+ * @param bool $retval Whether or not the current user has the capability.
+ * @param int $user_id
+ * @param string $capability The capability being checked for.
+ * @param int $site_id Site ID. Defaults to the BP root blog.
+ * @param array $args Array of extra arguments passed.
+ *
+ * @return bool
+ */
+function bp_groups_user_can_filter( $retval, $user_id, $capability, $site_id, $args ) {
+ if ( empty( $args['group_id'] ) ) {
+ $group_id = bp_get_current_group_id();
+ } else {
+ $group_id = (int) $args['group_id'];
+ }
+
+ switch ( $capability ) {
+ case 'groups_join_group':
+ // Return early if the user isn't logged in or the group ID is unknown.
+ if ( ! $user_id || ! $group_id ) {
+ break;
+ }
+
+ // The group must allow joining, and the user should not currently be a member.
+ $group = groups_get_group( $group_id );
+ if ( 'public' === bp_get_group_status( $group )
+ && ! groups_is_user_member( $user_id, $group->id )
+ && ! groups_is_user_banned( $user_id, $group->id )
+ ) {
+ $retval = true;
+ }
+ break;
+
+ case 'groups_request_membership':
+ // Return early if the user isn't logged in or the group ID is unknown.
+ if ( ! $user_id || ! $group_id ) {
+ break;
+ }
+
+ /*
+ * The group must accept membership requests, and the user should not
+ * currently be a member, have an active request, or be banned.
+ */
+ $group = groups_get_group( $group_id );
+ if ( 'private' === bp_get_group_status( $group )
+ && ! groups_is_user_member( $user_id, $group->id )
+ && ! groups_check_for_membership_request( $user_id, $group->id )
+ && ! groups_is_user_banned( $user_id, $group->id )
+ ) {
+ $retval = true;
+ }
+ break;
+
+ case 'groups_send_invitation':
+ // Return early if the user isn't logged in or the group ID is unknown.
+ if ( ! $user_id || ! $group_id ) {
+ break;
+ }
+
+ /*
+ * The group must allow invitations, and the user should not
+ * currently be a member or be banned from the group.
+ */
+ $group = groups_get_group( $group_id );
+ // Users with the 'bp_moderate' cap can always send invitations.
+ if ( bp_user_can( $user_id, 'bp_moderate' ) ) {
+ $retval = true;
+ } else {
+ $invite_status = bp_group_get_invite_status( $group_id );
+
+ switch ( $invite_status ) {
+ case 'admins' :
+ if ( groups_is_user_admin( $user_id, $group_id ) ) {
+ $retval = true;
+ }
+ break;
+
+ case 'mods' :
+ if ( groups_is_user_mod( $user_id, $group_id ) || groups_is_user_admin( $user_id, $group_id ) ) {
+ $retval = true;
+ }
+ break;
+
+ case 'members' :
+ if ( groups_is_user_member( $user_id, $group_id ) ) {
+ $retval = true;
+ }
+ break;
+ }
+ }
+ break;
+
+ case 'groups_receive_invitation':
+ // Return early if the user isn't logged in or the group ID is unknown.
+ if ( ! $user_id || ! $group_id ) {
+ break;
+ }
+
+ /*
+ * The group must allow invitations, and the user should not
+ * currently be a member or be banned from the group.
+ */
+ $group = groups_get_group( $group_id );
+ if ( in_array( bp_get_group_status( $group ), array( 'private', 'hidden' ), true )
+ && ! groups_is_user_member( $user_id, $group->id )
+ && ! groups_is_user_banned( $user_id, $group->id )
+ ) {
+ $retval = true;
+ }
+ break;
+
+ case 'groups_access_group':
+ // Return early if the group ID is unknown.
+ if ( ! $group_id ) {
+ break;
+ }
+
+ $group = groups_get_group( $group_id );
+
+ // If the check is for the logged-in user, use the BP_Groups_Group property.
+ if ( $user_id === bp_loggedin_user_id() ) {
+ $retval = $group->user_has_access;
+
+ /*
+ * If the check is for a specified user who is not the logged-in user
+ * run the check manually.
+ */
+ } elseif ( 'public' === bp_get_group_status( $group ) || groups_is_user_member( $user_id, $group->id ) ) {
+ $retval = true;
+ }
+ break;
+
+ case 'groups_see_group':
+ // Return early if the group ID is unknown.
+ if ( ! $group_id ) {
+ break;
+ }
+
+ $group = groups_get_group( $group_id );
+
+ // If the check is for the logged-in user, use the BP_Groups_Group property.
+ if ( $user_id === bp_loggedin_user_id() ) {
+ $retval = $group->is_visible;
+
+ /*
+ * If the check is for a specified user who is not the logged-in user
+ * run the check manually.
+ */
+ } elseif ( 'hidden' !== bp_get_group_status( $group ) || groups_is_user_member( $user_id, $group->id ) ) {
+ $retval = true;
+ }
+ break;
+ }
+
+ return $retval;
+
+}
+add_filter( 'bp_user_can', 'bp_groups_user_can_filter', 10, 5 );
</ins></span></pre></div>
<a id="trunksrcbpgroupsbpgroupstemplatephp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/bp-groups/bp-groups-template.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/bp-groups/bp-groups-template.php 2017-12-13 10:50:41 UTC (rev 11775)
+++ trunk/src/bp-groups/bp-groups-template.php 2017-12-14 13:24:01 UTC (rev 11776)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -2185,32 +2185,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> if ( $user_id ) {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- // Users with the 'bp_moderate' cap can always send invitations.
- if ( bp_user_can( $user_id, 'bp_moderate' ) ) {
- $can_send_invites = true;
- } else {
- $invite_status = bp_group_get_invite_status( $group_id );
-
- switch ( $invite_status ) {
- case 'admins' :
- if ( groups_is_user_admin( $user_id, $group_id ) ) {
- $can_send_invites = true;
- }
- break;
-
- case 'mods' :
- if ( groups_is_user_mod( $user_id, $group_id ) || groups_is_user_admin( $user_id, $group_id ) ) {
- $can_send_invites = true;
- }
- break;
-
- case 'members' :
- if ( groups_is_user_member( $user_id, $group_id ) ) {
- $can_send_invites = true;
- }
- break;
- }
- }
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ $can_send_invites = bp_user_can( $user_id, 'groups_send_invitation', array( 'group_id' => $group_id ) );
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> /**
</span></span></pre></div>
<a id="trunksrcbpgroupsclassesclassbpgroupscomponentphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/bp-groups/classes/class-bp-groups-component.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/bp-groups/classes/class-bp-groups-component.php 2017-12-13 10:50:41 UTC (rev 11775)
+++ trunk/src/bp-groups/classes/class-bp-groups-component.php 2017-12-14 13:24:01 UTC (rev 11776)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -543,12 +543,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> // If this is a private group, and the user is not a
</span><span class="cx" style="display: block; padding: 0 10px"> // member and does not have an outstanding invitation,
</span><span class="cx" style="display: block; padding: 0 10px"> // show a "Request Membership" nav item.
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- if ( is_user_logged_in() &&
- ! $this->current_group->is_member &&
- ! groups_check_for_membership_request( bp_loggedin_user_id(), $this->current_group->id ) &&
- $this->current_group->status == 'private' &&
- ! groups_check_user_has_invite( bp_loggedin_user_id(), $this->current_group->id )
- ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( bp_current_user_can( 'groups_request_membership', array( 'group_id' => $this->current_group->id ) ) ) {
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> $sub_nav[] = array(
</span><span class="cx" style="display: block; padding: 0 10px"> 'name' => _x( 'Request Membership','Group screen nav', 'buddypress' ),
</span></span></pre></div>
<a id="trunksrcbptemplatesbplegacybuddypressfunctionsphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/bp-templates/bp-legacy/buddypress-functions.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/bp-templates/bp-legacy/buddypress-functions.php 2017-12-13 10:50:41 UTC (rev 11775)
+++ trunk/src/bp-templates/bp-legacy/buddypress-functions.php 2017-12-14 13:24:01 UTC (rev 11776)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1492,7 +1492,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> return;
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> if ( ! groups_is_user_member( bp_loggedin_user_id(), $group->id ) ) {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- if ( 'public' == $group->status ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( bp_current_user_can( 'groups_join_group', array( 'group_id' => $group->id ) ) ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> check_ajax_referer( 'groups_join_group' );
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> if ( ! groups_join_group( $group->id ) ) {
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1501,7 +1501,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> echo '<a id="group-' . esc_attr( $group->id ) . '" class="group-button leave-group" rel="leave" href="' . wp_nonce_url( bp_get_group_permalink( $group ) . 'leave-group', 'groups_leave_group' ) . '">' . __( 'Leave Group', 'buddypress' ) . '</a>';
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- } elseif ( 'private' == $group->status ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ } elseif ( bp_current_user_can( 'groups_request_membership', array( 'group_id' => $group->id ) ) ) {
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> // If the user has already been invited, then this is
</span><span class="cx" style="display: block; padding: 0 10px"> // an Accept Invitation button.
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1531,9 +1531,9 @@
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> if ( ! groups_leave_group( $group->id ) ) {
</span><span class="cx" style="display: block; padding: 0 10px"> _e( 'Error leaving group', 'buddypress' );
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- } elseif ( 'public' == $group->status ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ } elseif ( bp_current_user_can( 'groups_join_group', array( 'group_id' => $group->id ) ) ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> echo '<a id="group-' . esc_attr( $group->id ) . '" class="group-button join-group" rel="join" href="' . wp_nonce_url( bp_get_group_permalink( $group ) . 'join', 'groups_join_group' ) . '">' . __( 'Join Group', 'buddypress' ) . '</a>';
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- } elseif ( 'private' == $group->status ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ } elseif ( bp_current_user_can( 'groups_request_membership', array( 'group_id' => $group->id ) ) ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> echo '<a id="group-' . esc_attr( $group->id ) . '" class="group-button request-membership" rel="join" href="' . wp_nonce_url( bp_get_group_permalink( $group ) . 'request-membership', 'groups_request_membership' ) . '">' . __( 'Request Membership', 'buddypress' ) . '</a>';
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span></span></pre></div>
<a id="trunktestsphpunittestcasesgroupsuser_canphp"></a>
<div class="addfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Added: trunk/tests/phpunit/testcases/groups/user_can.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/tests/phpunit/testcases/groups/user_can.php (rev 0)
+++ trunk/tests/phpunit/testcases/groups/user_can.php 2017-12-14 13:24:01 UTC (rev 11776)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -0,0 +1,371 @@
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+<?php
+
+/**
+ * @group bp_user_can
+ */
+class BP_Tests_Groups_User_Can_Filter extends BP_UnitTestCase {
+
+ public function test_user_can_join_public_group() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'public'
+ ) );
+ $u1 = $this->factory->user->create();
+
+ $this->assertTrue( bp_user_can( $u1, 'groups_join_group', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_cannot_join_public_group_if_already_member() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'public'
+ ) );
+ $u1 = $this->factory->user->create();
+ $this->add_user_to_group( $u1, $g1 );
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_join_group', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_cannot_join_private_group() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'private'
+ ) );
+ $u1 = $this->factory->user->create();
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_join_group', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_cannot_join_group_if_banned() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'public'
+ ) );
+ $u1 = $this->factory->user->create();
+ $this->add_user_to_group( $u1, $g1 );
+
+ buddypress()->is_item_admin = true;
+ groups_ban_member( $u1, $g1 );
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_join_group', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_cannot_request_membership_in_public_group() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'public'
+ ) );
+ $u1 = $this->factory->user->create();
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_request_membership', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_can_request_membership_in_private_group() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'private'
+ ) );
+ $u1 = $this->factory->user->create();
+
+ $this->assertTrue( bp_user_can( $u1, 'groups_request_membership', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_cannot_request_membership_in_hidden_group() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'hidden'
+ ) );
+ $u1 = $this->factory->user->create();
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_request_membership', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_cannot_request_membership_in_private_group_if_already_member() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'private'
+ ) );
+ $u1 = $this->factory->user->create();
+ $this->add_user_to_group( $u1, $g1 );
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_request_membership', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_cannot_request_membership_in_private_group_if_already_requested() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'private'
+ ) );
+ $u1 = $this->factory->user->create();
+ groups_send_membership_request( $u1, $g1 );
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_request_membership', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_cannot_request_membership_in_private_group_if_banned() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'private'
+ ) );
+ $u1 = $this->factory->user->create();
+ $this->add_user_to_group( $u1, $g1 );
+
+ buddypress()->is_item_admin = true;
+ groups_ban_member( $u1, $g1 );
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_request_membership', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_cannot_receive_invitation_to_public_group() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'public'
+ ) );
+ $u1 = $this->factory->user->create();
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_receive_invitation', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_can_receive_invitation_to_private_group() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'private'
+ ) );
+ $u1 = $this->factory->user->create();
+
+ $this->assertTrue( bp_user_can( $u1, 'groups_receive_invitation', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_cannot_receive_invitation_to_private_group_if_already_member() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'private'
+ ) );
+ $u1 = $this->factory->user->create();
+ $this->add_user_to_group( $u1, $g1 );
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_receive_invitation', array( 'group_id' => $g1 ) ) );
+ }
+
+
+ public function test_user_cannot_receive_invitation_to_private_group_if_banned() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'private'
+ ) );
+ $u1 = $this->factory->user->create();
+ $this->add_user_to_group( $u1, $g1 );
+
+ buddypress()->is_item_admin = true;
+ groups_ban_member( $u1, $g1 );
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_receive_invitation', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_can_receive_invitation_to_hidden_group() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'hidden'
+ ) );
+ $u1 = $this->factory->user->create();
+
+ $this->assertTrue( bp_user_can( $u1, 'groups_receive_invitation', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_cannot_send_invitation_to_public_group_if_not_a_member() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'public'
+ ) );
+ $u1 = $this->factory->user->create();
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_send_invitation', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_cannot_send_invitation_to_private_group_if_not_a_member() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'private'
+ ) );
+ $u1 = $this->factory->user->create();
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_send_invitation', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_cannot_send_invitation_to_private_group_if_banned() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'private'
+ ) );
+ groups_update_groupmeta( $g1, 'invite_status', 'members' );
+ $u1 = $this->factory->user->create();
+ $this->add_user_to_group( $u1, $g1 );
+
+ buddypress()->is_item_admin = true;
+ groups_ban_member( $u1, $g1 );
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_send_invitation', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_can_send_invitation_to_private_group_if_a_member() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'private',
+
+ ) );
+ groups_update_groupmeta( $g1, 'invite_status', 'members' );
+ $u1 = $this->factory->user->create();
+ $this->add_user_to_group( $u1, $g1 );
+
+ $this->assertTrue( bp_user_can( $u1, 'groups_send_invitation', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_can_send_invitation_to_hidden_group_if_a_member() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'hidden'
+ ) );
+ $u1 = $this->factory->user->create();
+ $u1 = $this->factory->user->create();
+ $this->add_user_to_group( $u1, $g1 );
+
+ $this->assertTrue( bp_user_can( $u1, 'groups_send_invitation', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_can_access_public_group_even_when_not_logged_in() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'public'
+ ) );
+ $old_user = get_current_user_id();
+ $this->set_current_user( 0 );
+
+ $this->assertTrue( bp_user_can( 0, 'groups_access_group', array( 'group_id' => $g1 ) ) );
+
+ $this->set_current_user( $old_user );
+ }
+
+ public function test_user_can_access_public_group_if_not_a_member() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'public'
+ ) );
+ $u1 = $this->factory->user->create();
+
+ $this->assertTrue( bp_user_can( $u1, 'groups_access_group', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_cannot_access_private_group_if_not_logged_in() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'private'
+ ) );
+ $old_user = get_current_user_id();
+ $this->set_current_user( 0 );
+
+ $this->assertFalse( bp_user_can( 0, 'groups_access_group', array( 'group_id' => $g1 ) ) );
+
+ $this->set_current_user( $old_user );
+ }
+
+ public function test_user_cannot_access_private_group_if_not_a_member() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'private'
+ ) );
+ $u1 = $this->factory->user->create();
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_access_group', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_can_access_private_group_if_a_member() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'private'
+ ) );
+ $u1 = $this->factory->user->create();
+ $this->add_user_to_group( $u1, $g1 );
+
+ $this->assertTrue( bp_user_can( $u1, 'groups_access_group', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_cannot_access_hidden_group_if_not_logged_in() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'hidden'
+ ) );
+ $old_user = get_current_user_id();
+ $this->set_current_user( 0 );
+
+ $this->assertFalse( bp_user_can( 0, 'groups_access_group', array( 'group_id' => $g1 ) ) );
+
+ $this->set_current_user( $old_user );
+ }
+
+ public function test_user_cannot_access_hidden_group_if_not_a_member() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'hidden'
+ ) );
+ $u1 = $this->factory->user->create();
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_access_group', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_can_access_hidden_group_if_a_member() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'hidden'
+ ) );
+ $u1 = $this->factory->user->create();
+ $this->add_user_to_group( $u1, $g1 );
+
+ $this->assertTrue( bp_user_can( $u1, 'groups_access_group', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_can_see_public_group_even_when_not_logged_in() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'public'
+ ) );
+ $old_user = get_current_user_id();
+ $this->set_current_user( 0 );
+
+ $this->assertTrue( bp_user_can( 0, 'groups_see_group', array( 'group_id' => $g1 ) ) );
+
+ $this->set_current_user( $old_user );
+ }
+
+ public function test_user_can_see_public_group() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'public'
+ ) );
+ $u1 = $this->factory->user->create();
+
+ $this->assertTrue( bp_user_can( $u1, 'groups_see_group', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_can_see_private_group_even_when_not_logged_in() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'private'
+ ) );
+ $old_user = get_current_user_id();
+ $this->set_current_user( 0 );
+
+ $this->assertTrue( bp_user_can( 0, 'groups_see_group', array( 'group_id' => $g1 ) ) );
+
+ $this->set_current_user( $old_user );
+ }
+
+ public function test_user_can_see_private_group() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'private'
+ ) );
+ $u1 = $this->factory->user->create();
+
+ $this->assertTrue( bp_user_can( $u1, 'groups_see_group', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_cannot_see_hidden_group_if_not_logged_in() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'hidden'
+ ) );
+ $old_user = get_current_user_id();
+ $this->set_current_user( 0 );
+
+ $this->assertFalse( bp_user_can( 0, 'groups_see_group', array( 'group_id' => $g1 ) ) );
+
+ $this->set_current_user( $old_user );
+ }
+
+ public function test_user_cannot_see_hidden_group_if_not_a_member() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'hidden'
+ ) );
+ $u1 = $this->factory->user->create();
+
+ $this->assertFalse( bp_user_can( $u1, 'groups_see_group', array( 'group_id' => $g1 ) ) );
+ }
+
+ public function test_user_can_see_hidden_group_if_member() {
+ $g1 = $this->factory->group->create( array(
+ 'status' => 'hidden'
+ ) );
+ $u1 = $this->factory->user->create();
+ $this->add_user_to_group( $u1, $g1 );
+
+ $this->assertTrue( bp_user_can( $u1, 'groups_see_group', array( 'group_id' => $g1 ) ) );
+ }
+
+}
</ins></span></pre>
</div>
</div>
</body>
</html>