[buddypress-trac] [BuddyPress Trac] #7048: Move permission checks in `bp_activity_screen_single_activity_permalink` into new function

buddypress-trac noreply at wordpress.org
Wed Jan 3 14:14:14 UTC 2018

#7048: Move permission checks in `bp_activity_screen_single_activity_permalink`
into new function
 Reporter:  DJPaul                    |       Owner:
     Type:  enhancement               |      Status:  assigned
 Priority:  high                      |   Milestone:  3.0
Component:  Activity                  |     Version:
 Severity:  normal                    |  Resolution:
 Keywords:  has-patch has-unit-tests  |

Comment (by DJPaul):

 Looking at the new function, I'm not sure the name "permalink access" is
 correct -- it's not specifically dealing with the permalink. Perhaps
 something like `bp_activity_user_can_read()`? That way  Maybe
 @boonebgorges has an idea.

 What do you think about moving the "If activity is from a group, do an
 extra cap check" underneath "If activity author match user, allow access
 as well", and add a check - e.g. `if ( ! $retval && bp_is_active( 'groups'
 ) && $activity->component === $bp->groups->id ) {` -- I'm not sure if `
 $retval = $group->user_has_access; ` could ever be false and thus prevent
 a `true` we explicitly set earlier, but this would avoid that.

 And finally for the PHPDoc throughout, `$activity` is probably of type
 `BP_Activity_Activity` so we can use that to describe it instead of the
 more general `object`.

Ticket URL: <https://buddypress.trac.wordpress.org/ticket/7048#comment:13>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac

More information about the buddypress-trac mailing list