[buddypress-trac] [BuddyPress Trac] #7048: Move permission checks in `bp_activity_screen_single_activity_permalink` into new function

buddypress-trac noreply at wordpress.org
Wed Jan 10 17:29:55 UTC 2018

#7048: Move permission checks in `bp_activity_screen_single_activity_permalink`
into new function
 Reporter:  DJPaul                    |       Owner:
     Type:  enhancement               |      Status:  assigned
 Priority:  high                      |   Milestone:  3.0
Component:  Activity                  |     Version:
 Severity:  normal                    |  Resolution:
 Keywords:  has-patch has-unit-tests  |

Comment (by espellcaste):


 If you remove `if ( ! groups_is_user_member( $user_id, $group_id ) ) {`.
 And run PHPUnit
 `test_non_member_cannot_access_to_someone_elses_activity_in_a_group` will
 give you an error. Suggesting a user outside of a public group can see
 other people activity.

 I presume that's the correct approach. Hence, I updated above with your
 suggestion. The comment above is just so that you are aware. :)

Ticket URL: <https://buddypress.trac.wordpress.org/ticket/7048#comment:27>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac

More information about the buddypress-trac mailing list