Message info
 
To:buddypress-trac@lists.automattic.com From:buddypress-trac@lists.automattic.com Subject:[buddypress-trac] [BuddyPress][6060] trunk/bp-xprofile/bp-xprofile-functions.php: Ensures that admin-enforced visibility settings are actually enforced. Date:Wed, 6 Jun 2012 19:26:17 +0000 (UTC)
 

Revision
6060
Author
boonebgorges
Date
2012-06-06 19:26:17 +0000 (Wed, 06 Jun 2012)

Log Message

Ensures that admin-enforced visibility settings are actually enforced. Fixes #4233

Modified Paths

Diff

Modified: trunk/bp-xprofile/bp-xprofile-functions.php (6059 => 6060)


--- trunk/bp-xprofile/bp-xprofile-functions.php	2012-06-02 21:38:48 UTC (rev 6059)
+++ trunk/bp-xprofile/bp-xprofile-functions.php	2012-06-06 19:26:17 UTC (rev 6060)
@@ -714,9 +714,21 @@
 	}
 	
 	$user_visibility_levels = bp_get_user_meta( $user_id, 'bp_xprofile_visibility_levels', true );
-	
+
+	// Parse the user-provided visibility levels with the default levels, which may take
+	// precedence
+	$default_visibility_levels = BP_XProfile_Group::fetch_default_visibility_levels();
+
+	foreach( (array) $default_visibility_levels as $d_field_id => $defaults ) {
+		// If the admin has forbidden custom visibility levels for this field, replace
+		// the user-provided setting with the default specified by the admin
+		if ( isset( $defaults['allow_custom'] ) && isset( $defaults['default'] ) && 'disabled' == $defaults['allow_custom'] && isset( $user_visibility_levels[$d_field_id] ) ) {
+			$user_visibility_levels[$d_field_id] = $defaults['default'];
+		}
+	}
+
 	$field_ids = array();
-	foreach( (array)$user_visibility_levels as $field_id => $field_visibility ) {
+	foreach( (array) $user_visibility_levels as $field_id => $field_visibility ) {
 		if ( in_array( $field_visibility, $levels ) ) {
 			$field_ids[] = $field_id;
 		}