BuddyPress-Registration-Options icon indicating copy to clipboard operation
BuddyPress-Registration-Options copied to clipboard
verified publisher icon WebDevStudios

Multisite compatibility

Open tw2113 opened this issue 12 years ago • 5 comments

Make it so admins of individual sites can manage the user list, not just the super admin. Will help those using WP for SaaS instances and need to allow others to maintain their own subsite.

tw2113 avatar Aug 15 '13 22:08 tw2113

http://thereforei.am/2011/03/15/how-to-allow-administrators-to-edit-users-in-a-wordpress-network/

function wds_bp_registration_options_allow_bp_users_caps( $caps, $cap, $user_id, $args ) {
    foreach( $caps as $key => $capability ){
        if( $capability != 'do_not_allow' )
            continue;

        switch( $cap ) {
            case 'edit_user':
            case 'edit_users':
                $caps[$key] = 'edit_users';
                break;
            case 'delete_user':
            case 'delete_users':
                $caps[$key] = 'delete_users';
                break;
            case 'create_users':
                $caps[$key] = $cap;
                break;
        }
    }
    return $caps;
}
add_filter( 'map_meta_cap', 'wds_bp_registration_options_allow_bp_users_caps', 1, 4 );
remove_all_filters( 'enable_edit_any_user_configuration' );
add_filter( 'enable_edit_any_user_configuration', '__return_true');

/**
 * Checks that both the editing user and the user being edited are
 * members of the blog and prevents the super admin being edited.
 */
function wds_bp_registration_options_edit_permission_check() {
    global $current_user, $profileuser;

    $screen = get_current_screen();

    get_currentuserinfo();

    if( ! is_super_admin( $current_user->ID ) && in_array( $screen->base, array( 'user-edit', 'user-edit-network' ) ) ) { // editing a user profile
        if ( is_super_admin( $profileuser->ID ) ) { // trying to edit a superadmin while less than a superadmin
            wp_die( __( 'You do not have permission to edit this user.' ) );
        } elseif ( ! ( is_user_member_of_blog( $profileuser->ID, get_current_blog_id() ) && is_user_member_of_blog( $current_user->ID, get_current_blog_id() ) )) { // editing user and edited user aren't members of the same blog
            wp_die( __( 'You do not have permission to edit this user.' ) );
        }
    }
}
add_filter( 'admin_head', 'mc_edit_permission_check', 1, 4 );

tw2113 avatar Aug 27 '13 00:08 tw2113

I think we could get away with this being enabled within just the scope of the plugin, by having the add_action only be called within the page rendering callback. Needs testing though, for sure.

tw2113 avatar Sep 06 '13 06:09 tw2113

add hook to admin init, inside the callback, check what screen we're on. If we're on any of our plugin's screens, do the add_action() on our map_meta_cap callback, else return.

tw2113 avatar Sep 09 '13 22:09 tw2113

*_user_meta() appears to work regardless of super admin status. At the point of BPRO moderation, the user is actually already created. At least on the approval side, all that's left is removing the user meta key. Deletion and eventually banning, still involves editing a user.

tw2113 avatar Sep 03 '15 04:09 tw2113

Bumping as it's a larger topic than I want to deal with for 4.3.0 😈

tw2113 avatar Nov 17 '16 06:11 tw2113