/includes/users/capabilities.php

  1. <?php 
  2.  
  3. /** 
  4. * bbPress User Capabilites 
  5. * 
  6. * Used to map user capabilities to WordPress's existing capabilities. 
  7. * 
  8. * @package bbPress 
  9. * @subpackage Capabilities 
  10. */ 
  11.  
  12. /** 
  13. * Maps primary capabilities 
  14. * 
  15. * @since bbPress (r4242) 
  16. * 
  17. * @param array $caps Capabilities for meta capability 
  18. * @param string $cap Capability name 
  19. * @param int $user_id User id 
  20. * @param mixed $args Arguments 
  21. * @uses apply_filters() Filter mapped results 
  22. * @return array Actual capabilities for meta capability 
  23. */ 
  24. function bbp_map_primary_meta_caps( $caps = array(), $cap = '', $user_id = 0, $args = array() ) { 
  25.  
  26. // What capability is being checked? 
  27. switch ( $cap ) { 
  28. case 'spectate' : 
  29. case 'participate' : 
  30. case 'moderate' : 
  31.  
  32. // Do not allow inactive users 
  33. if ( bbp_is_user_inactive( $user_id ) ) { 
  34. $caps = array( 'do_not_allow' ); 
  35.  
  36. // Moderators are always participants 
  37. } else { 
  38. $caps = array( $cap ); 
  39.  
  40. break; 
  41.  
  42. return apply_filters( 'bbp_map_primary_meta_caps', $caps, $cap, $user_id, $args ); 
  43.  
  44. /** 
  45. * Return a user's main role 
  46. * 
  47. * @since bbPress (r3860) 
  48. * 
  49. * @param int $user_id 
  50. * @uses bbp_get_user_id() To get the user id 
  51. * @uses get_userdata() To get the user data 
  52. * @uses apply_filters() Calls 'bbp_set_user_role' with the role and user id 
  53. * @return string 
  54. */ 
  55. function bbp_set_user_role( $user_id = 0, $new_role = '' ) { 
  56.  
  57. // Validate user id 
  58. $user_id = bbp_get_user_id( $user_id, false, false ); 
  59. $user = get_userdata( $user_id ); 
  60.  
  61. // User exists 
  62. if ( !empty( $user ) ) { 
  63.  
  64. // Get users forum role 
  65. $role = bbp_get_user_role( $user_id ); 
  66.  
  67. // User already has this role so no new role is set 
  68. if ( $new_role === $role ) { 
  69. $new_role = false; 
  70.  
  71. // Users role is different than the new role 
  72. } else { 
  73.  
  74. // Remove the old role 
  75. if ( ! empty( $role ) ) { 
  76. $user->remove_role( $role ); 
  77.  
  78. // Add the new role 
  79. if ( !empty( $new_role ) ) { 
  80.  
  81. // Make sure bbPress roles are added 
  82. bbp_add_forums_roles(); 
  83.  
  84. $user->add_role( $new_role ); 
  85.  
  86. // User does don exist so return false 
  87. } else { 
  88. $new_role = false; 
  89.  
  90. return apply_filters( 'bbp_set_user_role', $new_role, $user_id, $user ); 
  91.  
  92. /** 
  93. * Return a user's forums role 
  94. * 
  95. * @since bbPress (r3860) 
  96. * 
  97. * @param int $user_id 
  98. * @uses bbp_get_user_id() To get the user id 
  99. * @uses get_userdata() To get the user data 
  100. * @uses apply_filters() Calls 'bbp_get_user_role' with the role and user id 
  101. * @return string 
  102. */ 
  103. function bbp_get_user_role( $user_id = 0 ) { 
  104.  
  105. // Validate user id 
  106. $user_id = bbp_get_user_id( $user_id ); 
  107. $user = get_userdata( $user_id ); 
  108. $role = false; 
  109.  
  110. // User has roles so look for a bbPress one 
  111. if ( ! empty( $user->roles ) ) { 
  112.  
  113. // Look for a bbPress role 
  114. $roles = array_intersect( 
  115. array_values( $user->roles ),  
  116. array_keys( bbp_get_dynamic_roles() ) 
  117. ); 
  118.  
  119. // If there's a role in the array, use the first one. This isn't very 
  120. // smart, but since roles aren't exactly hierarchical, and bbPress 
  121. // does not yet have a UI for multiple user roles, it's fine for now. 
  122. if ( !empty( $roles ) ) { 
  123. $role = array_shift( $roles ); 
  124.  
  125. return apply_filters( 'bbp_get_user_role', $role, $user_id, $user ); 
  126.  
  127. /** 
  128. * Return a user's blog role 
  129. * 
  130. * @since bbPress (r4446) 
  131. * 
  132. * @param int $user_id 
  133. * @uses bbp_get_user_id() To get the user id 
  134. * @uses get_userdata() To get the user data 
  135. * @uses apply_filters() Calls 'bbp_get_user_blog_role' with the role and user id 
  136. * @return string 
  137. */ 
  138. function bbp_get_user_blog_role( $user_id = 0 ) { 
  139.  
  140. // Add bbPress roles (returns $wp_roles global) 
  141. bbp_add_forums_roles(); 
  142.  
  143. // Validate user id 
  144. $user_id = bbp_get_user_id( $user_id ); 
  145. $user = get_userdata( $user_id ); 
  146. $role = false; 
  147.  
  148. // User has roles so lets 
  149. if ( ! empty( $user->roles ) ) { 
  150.  
  151. // Look for a non bbPress role 
  152. $roles = array_intersect( 
  153. array_values( $user->roles ),  
  154. array_keys( bbp_get_blog_roles() ) 
  155. ); 
  156.  
  157. // If there's a role in the array, use the first one. This isn't very 
  158. // smart, but since roles aren't exactly hierarchical, and WordPress 
  159. // does not yet have a UI for multiple user roles, it's fine for now. 
  160. if ( !empty( $roles ) ) { 
  161. $role = array_shift( $roles ); 
  162.  
  163. return apply_filters( 'bbp_get_user_blog_role', $role, $user_id, $user ); 
  164.  
  165. /** 
  166. * Helper function hooked to 'bbp_profile_update' action to save or 
  167. * update user roles and capabilities. 
  168. * 
  169. * @since bbPress (r4235) 
  170. * 
  171. * @param int $user_id 
  172. * @uses bbp_reset_user_caps() to reset caps 
  173. * @usse bbp_save_user_caps() to save caps 
  174. */ 
  175. function bbp_profile_update_role( $user_id = 0 ) { 
  176.  
  177. // Bail if no user ID was passed 
  178. if ( empty( $user_id ) ) 
  179. return; 
  180.  
  181. // Bail if no role 
  182. if ( ! isset( $_POST['bbp-forums-role'] ) ) 
  183. return; 
  184.  
  185. // Fromus role we want the user to have 
  186. $new_role = sanitize_text_field( $_POST['bbp-forums-role'] ); 
  187. $forums_role = bbp_get_user_role( $user_id ); 
  188.  
  189. // Bail if no role change 
  190. if ( $new_role === $forums_role ) 
  191. return; 
  192.  
  193. // Bail if trying to set their own role 
  194. if ( bbp_is_user_home_edit() ) 
  195. return; 
  196.  
  197. // Bail if current user cannot promote the passing user 
  198. if ( ! current_user_can( 'promote_user', $user_id ) ) 
  199. return; 
  200.  
  201. // Set the new forums role 
  202. bbp_set_user_role( $user_id, $new_role ); 
  203.  
  204. /** 
  205. * Add the default role to the current user if needed 
  206. * 
  207. * This function will bail if the forum is not global in a multisite 
  208. * installation of WordPress, or if the user is marked as spam or deleted. 
  209. * 
  210. * @since bbPress (r3380) 
  211. * 
  212. * @uses is_user_logged_in() To bail if user is not logged in 
  213. * @uses bbp_get_user_role() To bail if user already has a role 
  214. * @uses bbp_is_user_inactive() To bail if user is inactive 
  215. * @uses bbp_allow_global_access() To know whether to save role to database 
  216. * @uses bbp_get_user_role_map() To get the WP to BBP role map array 
  217. * @uses bbp_get_default_role() To get the site's default forums role 
  218. * @uses get_option() 
  219. * 
  220. * @return If not multisite, not global, or user is deleted/spammed 
  221. */ 
  222. function bbp_set_current_user_default_role() { 
  223.  
  224. /** Sanity ****************************************************************/ 
  225.  
  226. // Bail if deactivating bbPress 
  227. if ( bbp_is_deactivation() ) 
  228. return; 
  229.  
  230. // Catch all, to prevent premature user initialization 
  231. if ( ! did_action( 'set_current_user' ) ) 
  232. return; 
  233.  
  234. // Bail if not logged in or already a member of this site 
  235. if ( ! is_user_logged_in() ) 
  236. return; 
  237.  
  238. // Get the current user ID 
  239. $user_id = bbp_get_current_user_id(); 
  240.  
  241. // Bail if user already has a forums role 
  242. if ( bbp_get_user_role( $user_id ) ) 
  243. return; 
  244.  
  245. // Bail if user is marked as spam or is deleted 
  246. if ( bbp_is_user_inactive( $user_id ) ) 
  247. return; 
  248.  
  249. /** Ready *****************************************************************/ 
  250.  
  251. // Load up bbPress once 
  252. $bbp = bbpress(); 
  253.  
  254. // Get whether or not to add a role to the user account 
  255. $add_to_site = bbp_allow_global_access(); 
  256.  
  257. // Get the current user's WordPress role. Set to empty string if none found. 
  258. $user_role = bbp_get_user_blog_role( $user_id ); 
  259.  
  260. // Get the role map 
  261. $role_map = bbp_get_user_role_map(); 
  262.  
  263. /** Forum Role ************************************************************/ 
  264.  
  265. // Use a mapped role 
  266. if ( isset( $role_map[$user_role] ) ) { 
  267. $new_role = $role_map[$user_role]; 
  268.  
  269. // Use the default role 
  270. } else { 
  271. $new_role = bbp_get_default_role(); 
  272.  
  273. /** Add or Map ************************************************************/ 
  274.  
  275. // Add the user to the site 
  276. if ( true === $add_to_site ) { 
  277.  
  278. // Make sure bbPress roles are added 
  279. bbp_add_forums_roles(); 
  280.  
  281. $bbp->current_user->add_role( $new_role ); 
  282.  
  283. // Don't add the user, but still give them the correct caps dynamically 
  284. } else {  
  285. $bbp->current_user->caps[$new_role] = true; 
  286. $bbp->current_user->get_role_caps(); 
  287.  
  288. /** 
  289. * Return a map of WordPress roles to bbPress roles. Used to automatically grant 
  290. * appropriate bbPress roles to WordPress users that wouldn't already have a 
  291. * role in the forums. Also guarantees WordPress admins get the Keymaster role. 
  292. * 
  293. * @since bbPress (r4334) 
  294. * 
  295. * @return array Filtered array of WordPress roles to bbPress roles 
  296. */ 
  297. function bbp_get_user_role_map() { 
  298.  
  299. // Get the default role once here 
  300. $default_role = bbp_get_default_role(); 
  301.  
  302. // Return filtered results, forcing admins to keymasters. 
  303. return (array) apply_filters( 'bbp_get_user_role_map', array ( 
  304. 'administrator' => bbp_get_keymaster_role(),  
  305. 'editor' => $default_role,  
  306. 'author' => $default_role,  
  307. 'contributor' => $default_role,  
  308. 'subscriber' => $default_role 
  309. ) ); 
  310.  
  311. /** User Status ***************************************************************/ 
  312.  
  313. /** 
  314. * Checks if the user has been marked as a spammer. 
  315. * 
  316. * @since bbPress (r3355) 
  317. * 
  318. * @param int $user_id int The ID for the user. 
  319. * @return bool True if spammer, False if not. 
  320. */ 
  321. function bbp_is_user_spammer( $user_id = 0 ) { 
  322.  
  323. // Default to current user 
  324. if ( empty( $user_id ) && is_user_logged_in() ) 
  325. $user_id = bbp_get_current_user_id(); 
  326.  
  327. // No user to check 
  328. if ( empty( $user_id ) ) 
  329. return false; 
  330.  
  331. // Assume user is not spam 
  332. $is_spammer = false; 
  333.  
  334. // Get user data 
  335. $user = get_userdata( $user_id ); 
  336.  
  337. // No user found 
  338. if ( empty( $user ) ) { 
  339. $is_spammer = false; 
  340.  
  341. // Check if spam 
  342. } elseif ( !empty( $user->spam ) ) { 
  343. $is_spammer = true; 
  344.  
  345. return (bool) apply_filters( 'bbp_core_is_user_spammer', $is_spammer ); 
  346.  
  347. /** 
  348. * Mark a users topics and replies as spam when the user is marked as spam 
  349. * 
  350. * @since bbPress (r3405) 
  351. * 
  352. * @global WPDB $wpdb 
  353. * @param int $user_id Optional. User ID to spam. Defaults to displayed user. 
  354.   
  355. * @uses bbp_is_single_user() 
  356. * @uses bbp_is_user_home() 
  357. * @uses bbp_get_displayed_user_id() 
  358. * @uses bbp_is_user_keymaster() 
  359. * @uses get_blogs_of_user() 
  360. * @uses get_current_blog_id() 
  361. * @uses bbp_get_topic_post_type() 
  362. * @uses bbp_get_reply_post_type() 
  363. * @uses switch_to_blog() 
  364. * @uses get_post_type() 
  365. * @uses bbp_spam_topic() 
  366. * @uses bbp_spam_reply() 
  367. * @uses restore_current_blog() 
  368. * 
  369. * @return If no user ID passed 
  370. */ 
  371. function bbp_make_spam_user( $user_id = 0 ) { 
  372.  
  373. // Use displayed user if it's not yourself 
  374. if ( empty( $user_id ) && bbp_is_single_user() && !bbp_is_user_home() ) 
  375. $user_id = bbp_get_displayed_user_id(); 
  376.  
  377. // Bail if no user ID 
  378. if ( empty( $user_id ) ) 
  379. return false; 
  380.  
  381. // Bail if user ID is keymaster 
  382. if ( bbp_is_user_keymaster( $user_id ) ) 
  383. return false; 
  384.  
  385. // Arm the torpedos 
  386. global $wpdb; 
  387.  
  388. // Get the blog IDs of the user to mark as spam 
  389. $blogs = get_blogs_of_user( $user_id, true ); 
  390.  
  391. // If user has no blogs, they are a guest on this site 
  392. if ( empty( $blogs ) ) 
  393. $blogs[$wpdb->blogid] = array(); 
  394.  
  395. // Make array of post types to mark as spam 
  396. $post_types = array( bbp_get_topic_post_type(), bbp_get_reply_post_type() ); 
  397. $post_types = "'" . implode( "', '", $post_types ) . "'"; 
  398.  
  399. // Loop through blogs and remove their posts 
  400. foreach ( (array) array_keys( $blogs ) as $blog_id ) { 
  401.  
  402. // Switch to the blog ID 
  403. switch_to_blog( $blog_id ); 
  404.  
  405. // Get topics and replies 
  406. $posts = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM {$wpdb->posts} WHERE post_author = %d AND post_status = '%s' AND post_type IN ( {$post_types} )", $user_id, bbp_get_public_status_id() ) ); 
  407.  
  408. // Loop through posts and spam them 
  409. if ( !empty( $posts ) ) { 
  410. foreach ( $posts as $post_id ) { 
  411.  
  412. // The routines for topics ang replies are different, so use the 
  413. // correct one based on the post type 
  414. switch ( get_post_type( $post_id ) ) { 
  415.  
  416. case bbp_get_topic_post_type() : 
  417. bbp_spam_topic( $post_id ); 
  418. break; 
  419.  
  420. case bbp_get_reply_post_type() : 
  421. bbp_spam_reply( $post_id ); 
  422. break; 
  423.  
  424. // Switch back to current blog 
  425. restore_current_blog(); 
  426.  
  427. // Success 
  428. return true; 
  429.  
  430. /** 
  431. * Mark a users topics and replies as spam when the user is marked as spam 
  432. * 
  433. * @since bbPress (r3405) 
  434. * 
  435. * @global WPDB $wpdb 
  436. * @param int $user_id Optional. User ID to unspam. Defaults to displayed user. 
  437. * 
  438. * @uses bbp_is_single_user() 
  439. * @uses bbp_is_user_home() 
  440. * @uses bbp_get_displayed_user_id() 
  441. * @uses bbp_is_user_keymaster() 
  442. * @uses get_blogs_of_user() 
  443. * @uses bbp_get_topic_post_type() 
  444. * @uses bbp_get_reply_post_type() 
  445. * @uses switch_to_blog() 
  446. * @uses get_post_type() 
  447. * @uses bbp_unspam_topic() 
  448. * @uses bbp_unspam_reply() 
  449. * @uses restore_current_blog() 
  450. * 
  451. * @return If no user ID passed 
  452. */ 
  453. function bbp_make_ham_user( $user_id = 0 ) { 
  454.  
  455. // Use displayed user if it's not yourself 
  456. if ( empty( $user_id ) && bbp_is_single_user() && !bbp_is_user_home() ) 
  457. $user_id = bbp_get_displayed_user_id(); 
  458.  
  459. // Bail if no user ID 
  460. if ( empty( $user_id ) ) 
  461. return false; 
  462.  
  463. // Bail if user ID is keymaster 
  464. if ( bbp_is_user_keymaster( $user_id ) ) 
  465. return false; 
  466.  
  467. // Arm the torpedos 
  468. global $wpdb; 
  469.  
  470. // Get the blog IDs of the user to mark as spam 
  471. $blogs = get_blogs_of_user( $user_id, true ); 
  472.  
  473. // If user has no blogs, they are a guest on this site 
  474. if ( empty( $blogs ) ) 
  475. $blogs[$wpdb->blogid] = array(); 
  476.  
  477. // Make array of post types to mark as spam 
  478. $post_types = array( bbp_get_topic_post_type(), bbp_get_reply_post_type() ); 
  479. $post_types = "'" . implode( "', '", $post_types ) . "'"; 
  480.  
  481. // Loop through blogs and remove their posts 
  482. foreach ( (array) array_keys( $blogs ) as $blog_id ) { 
  483.  
  484. // Switch to the blog ID 
  485. switch_to_blog( $blog_id ); 
  486.  
  487. // Get topics and replies 
  488. $posts = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM {$wpdb->posts} WHERE post_author = %d AND post_status = '%s' AND post_type IN ( {$post_types} )", $user_id, bbp_get_spam_status_id() ) ); 
  489.  
  490. // Loop through posts and spam them 
  491. if ( !empty( $posts ) ) { 
  492. foreach ( $posts as $post_id ) { 
  493.  
  494. // The routines for topics ang replies are different, so use the 
  495. // correct one based on the post type 
  496. switch ( get_post_type( $post_id ) ) { 
  497.  
  498. case bbp_get_topic_post_type() : 
  499. bbp_unspam_topic( $post_id ); 
  500. break; 
  501.  
  502. case bbp_get_reply_post_type() : 
  503. bbp_unspam_reply( $post_id ); 
  504. break; 
  505.  
  506. // Switch back to current blog 
  507. restore_current_blog(); 
  508.  
  509. // Success 
  510. return true; 
  511.  
  512. /** 
  513. * Checks if the user has been marked as deleted. 
  514. * 
  515. * @since bbPress (r3355) 
  516. * 
  517. * @param int $user_id int The ID for the user. 
  518. * @return bool True if deleted, False if not. 
  519. */ 
  520. function bbp_is_user_deleted( $user_id = 0 ) { 
  521.  
  522. // Default to current user 
  523. if ( empty( $user_id ) && is_user_logged_in() ) 
  524. $user_id = bbp_get_current_user_id(); 
  525.  
  526. // No user to check 
  527. if ( empty( $user_id ) ) 
  528. return false; 
  529.  
  530. // Assume user is not deleted 
  531. $is_deleted = false; 
  532.  
  533. // Get user data 
  534. $user = get_userdata( $user_id ); 
  535.  
  536. // No user found 
  537. if ( empty( $user ) ) { 
  538. $is_deleted = true; 
  539.  
  540. // Check if deleted 
  541. } elseif ( !empty( $user->deleted ) ) { 
  542. $is_deleted = true; 
  543.  
  544. return (bool) apply_filters( 'bbp_core_is_user_deleted', $is_deleted ); 
  545.  
  546. /** 
  547. * Checks if user is active 
  548. * 
  549. * @since bbPress (r3502) 
  550. * 
  551. * @uses is_user_logged_in() To check if user is logged in 
  552. * @uses bbp_get_displayed_user_id() To get current user ID 
  553. * @uses bbp_is_user_spammer() To check if user is spammer 
  554. * @uses bbp_is_user_deleted() To check if user is deleted 
  555. * 
  556. * @param int $user_id The user ID to check 
  557. * @return bool True if public, false if not 
  558. */ 
  559. function bbp_is_user_active( $user_id = 0 ) { 
  560.  
  561. // Default to current user 
  562. if ( empty( $user_id ) && is_user_logged_in() ) 
  563. $user_id = bbp_get_current_user_id(); 
  564.  
  565. // No user to check 
  566. if ( empty( $user_id ) ) 
  567. return false; 
  568.  
  569. // Check spam 
  570. if ( bbp_is_user_spammer( $user_id ) ) 
  571. return false; 
  572.  
  573. // Check deleted 
  574. if ( bbp_is_user_deleted( $user_id ) ) 
  575. return false; 
  576.  
  577. // Assume true if not spam or deleted 
  578. return true; 
  579.  
  580. /** 
  581. * Checks if user is not active. 
  582. * 
  583. * @since bbPress (r3502) 
  584. * 
  585. * @uses is_user_logged_in() To check if user is logged in 
  586. * @uses bbp_get_displayed_user_id() To get current user ID 
  587. * @uses bbp_is_user_active() To check if user is active 
  588. * 
  589. * @param int $user_id The user ID to check. Defaults to current user ID 
  590. * @return bool True if inactive, false if active 
  591. */ 
  592. function bbp_is_user_inactive( $user_id = 0 ) { 
  593.  
  594. // Default to current user 
  595. if ( empty( $user_id ) && is_user_logged_in() ) 
  596. $user_id = bbp_get_current_user_id(); 
  597.  
  598. // No user to check 
  599. if ( empty( $user_id ) ) 
  600. return false; 
  601.  
  602. // Return the inverse of active 
  603. return !bbp_is_user_active( $user_id ); 
  604.  
  605. /** 
  606. * Checks if user is a keymaster 
  607. * 
  608. * @since bbPress (r4783) 
  609. * 
  610. * @param int $user_id  
  611. * @return bool True if keymaster, false if not 
  612. */ 
  613. function bbp_is_user_keymaster( $user_id = 0 ) { 
  614.  
  615. // Default to current user ID if none is passed 
  616. $_user_id = (int) ! empty( $user_id ) ? $user_id : bbp_get_current_user_id(); 
  617.  
  618. // Filter and return 
  619. return (bool) apply_filters( 'bbp_is_user_keymaster', user_can( $_user_id, 'keep_gate' ), $_user_id, $user_id ); 
  620.  
  621. /** 
  622. * Does a user have a profile for the current site 
  623. * 
  624. * @since bbPress (r4362) 
  625. * 
  626. * @param int $user_id User ID to check 
  627. * @param int $blog_id Blog ID to check 
  628. * 
  629. * @uses bbp_get_user_id() To verify the user ID 
  630. * @uses get_userdata() To get the user's data 
  631. * @uses bbp_is_user_keymaster() To determine if user can see inactive users 
  632. * @uses bbp_is_user_inactive() To check if user is spammer or deleted 
  633. * @uses apply_filters() To allow override of this functions result 
  634. * 
  635. * @return boolean Whether or not the user has a profile on this blog_id 
  636. */ 
  637. function bbp_user_has_profile( $user_id = 0 ) { 
  638.  
  639. // Assume every user has a profile 
  640. $retval = true; 
  641.  
  642. // Validate user ID, default to displayed or current user 
  643. $user_id = bbp_get_user_id( $user_id, true, true ); 
  644.  
  645. // Try to get this user's data 
  646. $user = get_userdata( $user_id ); 
  647.  
  648. // No user found, return false 
  649. if ( empty( $user ) ) { 
  650. $retval = false; 
  651.  
  652. // User is inactive, and current user is not a keymaster 
  653. } elseif ( ! bbp_is_user_keymaster() && bbp_is_user_inactive( $user->ID ) ) { 
  654. $retval = false; 
  655.  
  656. // Filter and return 
  657. return (bool) apply_filters( 'bbp_show_user_profile', $retval, $user_id ); 
.