diff --git a/includes/core/class-access.php b/includes/core/class-access.php index 7f1c1fc5..a6008639 100644 --- a/includes/core/class-access.php +++ b/includes/core/class-access.php @@ -65,6 +65,10 @@ if ( ! class_exists( 'um\core\Access' ) ) { add_action( 'template_redirect', array( &$this, 'template_redirect' ), 1000 ); add_action( 'um_access_check_individual_term_settings', array( &$this, 'um_access_check_individual_term_settings' ) ); add_action( 'um_access_check_global_settings', array( &$this, 'um_access_check_global_settings' ) ); + + /* Disable comments if user has not permission to access current post */ + add_filter( 'comments_open', array( $this, 'disable_comments_open' ), 99, 2 ); + add_filter( 'get_comments_number', array( $this, 'disable_comments_open' ), 99, 2 ); } @@ -932,6 +936,41 @@ if ( ! class_exists( 'um\core\Access' ) ) { $content = $this->current_single_post->post_content; return $content; } + + /** + * Disable comments if user has not permission to access this post + * @param mixed $open + * @param int $post_id + * @return boolean + */ + public function disable_comments_open( $open, $post_id ) { + + static $cache = array(); + + if( isset($cache[$post_id]) ){ + return $cache[$post_id] ? $open : false; + } + + $restriction = get_post_meta( $post_id, 'um_content_restriction', true ); + + if ( $restriction ) { + if ( is_user_logged_in() ) { + if ( '1' == $restriction['_um_accessible'] && ! current_user_can( 'administrator' ) ) { + $open = false; + }else + if ( ! empty($restriction['_um_access_roles']) && ! $this->user_can( get_current_user_id(), $restriction['_um_access_roles'] ) ) { + $open = false; + } + + } elseif ( '2' == $restriction['_um_accessible'] ) { + $open = false; + } + } + + $cache[$post_id] = $open; + + return $open; + } /**