WordPress.org
Get WordPress

Making WordPress.org


Ignore:
Timestamp:
07/18/2023 05:41:27 AM (2 years ago)
Author:
dd32
Message:

Support Forums: Moderators: Allow moderators on the English forums to block users.

Fixes #5707.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • sites/trunk/wordpress.org/public_html/wp-content/plugins/support-forums/inc/class-moderators.php

    r12012 r12747  
    2121        add_filter( 'bbp_map_primary_meta_caps',        array( $this, 'map_meta_caps' ), 10, 4 );
    2222        add_action( 'bbp_post_request',                 array( $this, 'edit_user_handler' ), 0 );
     23
     24        // Allow moderators to manage user roles.
     25        add_filter( 'bbp_get_caps_for_role',            array( $this, 'bbp_get_caps_for_role' ), 10, 2 );
     26
     27        // Limit which roles a moderator can assign to a user. Before bbp_profile_update_role().
     28        add_action( 'bbp_profile_update',               array( $this, 'bbp_profile_update' ), 1 );
    2329
    2430        // Append 'view=all' to forum, topic, and reply URLs in moderator views.
     
    185191                    }
    186192
    187                     if ( 'promote_user' === $cap || 'promote_users' === $cap ) {
    188                         // Only keymasters can promote users.
    189                         $caps = array( 'keep_gate' );
    190                     } else {
    191                         $caps = array( 'moderate' );
    192                     }
     193                    $caps = array( 'moderate' );
    193194                }
    194195                break;
     
    196197
    197198        return $caps;
     199    }
     200
     201    /**
     202     * Allow (global) moderators to assign roles to users.
     203     *
     204     * @param array  $caps Role capabilities.
     205     * @param string $role Role name.
     206     * @return array
     207     */
     208    function bbp_get_caps_for_role( $caps, $role ) {
     209        if (
     210            $role === bbp_get_moderator_role() &&
     211            Plugin::get_instance()->is_main_forums
     212        ) {
     213            $caps['promote_users'] = true;
     214        }
     215   
     216        return $caps;
     217    }
     218
     219    /**
     220     * Limit the site/forum roles a moderator can set.
     221     */
     222    public function bbp_profile_update() {
     223        // Keymasters need no special handling.
     224        if ( bbp_is_user_keymaster( get_current_user_id() ) ) {
     225            return;
     226        }
     227
     228        $new_forum_role = sanitize_key( $_POST['bbp-forums-role'] ?? '' );
     229
     230        // Prevent setting any roles.
     231        unset( $_POST['role'], $_POST['bbp-forums-role'] );
     232
     233        $allowed_roles = array(
     234            bbp_get_participant_role(),
     235            bbp_get_spectator_role(),
     236            bbp_get_blocked_role()
     237        );
     238
     239        // If it's an allowed role, add it back so it can be processed by bbp_profile_update_role().
     240        if ( in_array( $new_forum_role, $allowed_roles, true ) ) {
     241            $_POST['bbp-forums-role'] = $new_forum_role;
     242        }
    198243    }
    199244
Note: See TracChangeset for help on using the changeset viewer.