Abstract.php
9 years ago
Capability.php
9 years ago
Contact.php
9 years ago
Extension.php
9 years ago
LoginRedirect.php
9 years ago
Menu.php
9 years ago
Metabox.php
9 years ago
Post.php
9 years ago
Redirect.php
9 years ago
Role.php
9 years ago
Security.php
9 years ago
Teaser.php
9 years ago
User.php
9 years ago
Utility.php
9 years ago
Capability.php
327 lines
| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * ====================================================================== |
| 5 | * LICENSE: This file is subject to the terms and conditions defined in * |
| 6 | * file 'license.txt', which is part of this source code package. * |
| 7 | * ====================================================================== |
| 8 | */ |
| 9 | |
| 10 | /** |
| 11 | * Backend capability manager |
| 12 | * |
| 13 | * @package AAM |
| 14 | * @author Vasyl Martyniuk <vasyl@vasyltech.com> |
| 15 | */ |
| 16 | class AAM_Backend_Feature_Capability extends AAM_Backend_Feature_Abstract { |
| 17 | |
| 18 | /** |
| 19 | * Capability groups |
| 20 | * |
| 21 | * @var array |
| 22 | * |
| 23 | * @access private |
| 24 | */ |
| 25 | private $_groups = array( |
| 26 | 'system' => array( |
| 27 | 'level_0', 'level_1', 'level_2', 'level_3', 'level_4', 'level_5', |
| 28 | 'level_6', 'level_7', 'level_8', 'level_9', 'level_10' |
| 29 | ), |
| 30 | 'post' => array( |
| 31 | 'delete_others_pages', 'delete_others_posts', 'edit_others_pages', |
| 32 | 'delete_posts', 'delete_private_pages', 'delete_private_posts', |
| 33 | 'delete_published_pages', 'delete_published_posts', 'delete_pages', |
| 34 | 'edit_others_posts', 'edit_pages', 'edit_private_posts', |
| 35 | 'edit_private_pages', 'edit_posts', 'edit_published_pages', |
| 36 | 'edit_published_posts', 'publish_pages', 'publish_posts', 'read', |
| 37 | 'read_private_pages', 'read_private_posts', 'edit_permalink' |
| 38 | ), |
| 39 | 'backend' => array( |
| 40 | 'aam_manage', 'activate_plugins', 'add_users', 'update_plugins', |
| 41 | 'delete_users', 'delete_themes', 'edit_dashboard', 'edit_files', |
| 42 | 'edit_plugins', 'edit_theme_options', 'edit_themes', 'edit_users', |
| 43 | 'export', 'import', 'install_plugins', 'install_themes', |
| 44 | 'manage_options', 'manage_links', 'manage_categories', 'customize', |
| 45 | 'unfiltered_html', 'unfiltered_upload', 'update_themes', |
| 46 | 'update_core', 'upload_files', 'delete_plugins', 'remove_users', |
| 47 | 'switch_themes', 'list_users', 'promote_users', 'create_users' |
| 48 | ) |
| 49 | ); |
| 50 | |
| 51 | /** |
| 52 | * |
| 53 | * @return type |
| 54 | */ |
| 55 | public function getTable() { |
| 56 | $response = array('data' => array()); |
| 57 | |
| 58 | $subject = AAM_Backend_View::getSubject(); |
| 59 | if ($subject instanceof AAM_Core_Subject_Role) { |
| 60 | $response['data'] = $this->retrieveAllCaps(); |
| 61 | } else { |
| 62 | foreach ($this->getCapabilityList($subject) as $cap) { |
| 63 | $response['data'][] = array( |
| 64 | $cap, |
| 65 | $this->getGroup($cap), |
| 66 | $cap, |
| 67 | $this->prepareActionList($cap) |
| 68 | ); |
| 69 | } |
| 70 | } |
| 71 | |
| 72 | return json_encode($response); |
| 73 | } |
| 74 | |
| 75 | /** |
| 76 | * Update capability tag |
| 77 | * |
| 78 | * @return string |
| 79 | * |
| 80 | * @access public |
| 81 | */ |
| 82 | public function update() { |
| 83 | $capability = AAM_Core_Request::post('capability'); |
| 84 | $updated = AAM_Core_Request::post('updated'); |
| 85 | $roles = AAM_Core_API::getRoles(); |
| 86 | |
| 87 | //first make sure that similar capability does not exist already |
| 88 | $allcaps = AAM_Core_API::getAllCapabilities(); |
| 89 | |
| 90 | if (!isset($allcaps[$updated])) { |
| 91 | foreach($roles->role_objects as $role) { |
| 92 | //check if capability is present for current role! Please notice, we |
| 93 | //can not use the native WP_Role::has_cap function because it will |
| 94 | //return false if capability exists but not checked |
| 95 | if (isset($role->capabilities[$capability])) { |
| 96 | $role->add_cap($updated, $role->capabilities[$capability]); |
| 97 | $role->remove_cap($capability); |
| 98 | } |
| 99 | } |
| 100 | $response = array('status' => 'success'); |
| 101 | } else { |
| 102 | $response = array( |
| 103 | 'status' => 'failure', |
| 104 | 'message' => __('Capability already exists', AAM_KEY) |
| 105 | ); |
| 106 | } |
| 107 | |
| 108 | return json_encode($response); |
| 109 | } |
| 110 | |
| 111 | /** |
| 112 | * Delete capability |
| 113 | * |
| 114 | * This function delete capability in all roles. |
| 115 | * |
| 116 | * @return string |
| 117 | * |
| 118 | * @access public |
| 119 | */ |
| 120 | public function delete() { |
| 121 | $capability = AAM_Core_Request::post('capability'); |
| 122 | $roles = AAM_Core_API::getRoles(); |
| 123 | $subject = AAM_Backend_View::getSubject(); |
| 124 | |
| 125 | if (is_a($subject, 'AAM_Core_Subject_Role')) { |
| 126 | foreach($roles->role_objects as $role) { |
| 127 | $role->remove_cap($capability); |
| 128 | } |
| 129 | $response = array('status' => 'success'); |
| 130 | } else { |
| 131 | $response = array( |
| 132 | 'status' => 'failure', |
| 133 | 'message' => __('Can not remove the capability', AAM_KEY) |
| 134 | ); |
| 135 | } |
| 136 | |
| 137 | return json_encode($response); |
| 138 | } |
| 139 | |
| 140 | /** |
| 141 | * @inheritdoc |
| 142 | */ |
| 143 | public static function getAccessOption() { |
| 144 | return 'feature.capability.capability'; |
| 145 | } |
| 146 | |
| 147 | /** |
| 148 | * @inheritdoc |
| 149 | */ |
| 150 | public static function getTemplate() { |
| 151 | return 'object/capability.phtml'; |
| 152 | } |
| 153 | |
| 154 | /** |
| 155 | * |
| 156 | * @param AAM_Core_Subject_User $subject |
| 157 | * @return type |
| 158 | */ |
| 159 | protected function getCapabilityList(AAM_Core_Subject_User $subject) { |
| 160 | $list = array(); |
| 161 | |
| 162 | //IMPORTANT! Cause it is possible that user is not assigned to any role |
| 163 | $roles = $subject->roles; |
| 164 | |
| 165 | if (is_array($roles)) { |
| 166 | foreach($roles as $slug) { |
| 167 | $role = AAM_Core_API::getRoles()->get_role($slug); |
| 168 | if ($role) { |
| 169 | $list = array_keys($role->capabilities); |
| 170 | break; |
| 171 | } |
| 172 | } |
| 173 | } |
| 174 | return $list; |
| 175 | } |
| 176 | |
| 177 | /** |
| 178 | * |
| 179 | * @param type $cap |
| 180 | * @return type |
| 181 | */ |
| 182 | protected function prepareActionList($cap) { |
| 183 | $subject = AAM_Backend_View::getSubject(); |
| 184 | $actions = array(); |
| 185 | |
| 186 | $actions[] = ($subject->hasCapability($cap) ? 'checked' : 'unchecked'); |
| 187 | |
| 188 | //allow to delete or update capability only for roles! |
| 189 | if (AAM_Core_Config::get('manage-capability', false) |
| 190 | && is_a($subject, 'AAM_Core_Subject_Role')) { |
| 191 | $actions[] = 'edit'; |
| 192 | $actions[] = 'delete'; |
| 193 | } |
| 194 | |
| 195 | return implode( |
| 196 | ',', apply_filters('aam-cap-row-actions-filter', $actions, $subject) |
| 197 | ); |
| 198 | } |
| 199 | |
| 200 | /** |
| 201 | * Get list of user roles |
| 202 | * |
| 203 | * @param array $roles |
| 204 | * |
| 205 | * @return array |
| 206 | * |
| 207 | * @access protected |
| 208 | */ |
| 209 | protected function getUserRoles($roles) { |
| 210 | $response = array(); |
| 211 | |
| 212 | $names = AAM_Core_API::getRoles()->get_names(); |
| 213 | |
| 214 | if (is_array($roles)) { |
| 215 | foreach($roles as $role) { |
| 216 | if (isset($names[$role])) { |
| 217 | $response[] = translate_user_role($names[$role]); |
| 218 | } |
| 219 | } |
| 220 | } |
| 221 | |
| 222 | return $response; |
| 223 | } |
| 224 | |
| 225 | /** |
| 226 | * |
| 227 | * @return type |
| 228 | */ |
| 229 | protected function retrieveAllCaps() { |
| 230 | $response = array(); |
| 231 | $caps = AAM_Core_API::getAllCapabilities(); |
| 232 | |
| 233 | foreach (array_keys($caps) as $cap) { |
| 234 | $response[] = array( |
| 235 | $cap, |
| 236 | $this->getGroup($cap), |
| 237 | $cap, |
| 238 | $this->prepareActionList($cap) |
| 239 | ); |
| 240 | } |
| 241 | |
| 242 | return $response; |
| 243 | } |
| 244 | |
| 245 | /** |
| 246 | * Get capability group list |
| 247 | * |
| 248 | * @return array |
| 249 | * |
| 250 | * @access public |
| 251 | */ |
| 252 | public function getGroupList() { |
| 253 | return apply_filters('aam-capability-groups-filter', array( |
| 254 | __('System', AAM_KEY), |
| 255 | __('Posts & Pages', AAM_KEY), |
| 256 | __('Backend', AAM_KEY), |
| 257 | __('Miscellaneous', AAM_KEY) |
| 258 | )); |
| 259 | } |
| 260 | |
| 261 | /** |
| 262 | * Add new capability |
| 263 | * |
| 264 | * @return string |
| 265 | * |
| 266 | * @access public |
| 267 | */ |
| 268 | public function add() { |
| 269 | $capability = sanitize_text_field(AAM_Core_Request::post('capability')); |
| 270 | |
| 271 | if ($capability) { |
| 272 | //add the capability to administrator's role as default behavior |
| 273 | AAM_Core_API::getRoles()->add_cap('administrator', $capability); |
| 274 | $response = array('status' => 'success'); |
| 275 | } else { |
| 276 | $response = array('status' => 'failure'); |
| 277 | } |
| 278 | |
| 279 | return json_encode($response); |
| 280 | } |
| 281 | |
| 282 | /** |
| 283 | * Get capability group name |
| 284 | * |
| 285 | * @param string $capability |
| 286 | * |
| 287 | * @return string |
| 288 | * |
| 289 | * @access protected |
| 290 | */ |
| 291 | protected function getGroup($capability) { |
| 292 | if (in_array($capability, $this->_groups['system'])) { |
| 293 | $response = __('System', AAM_KEY); |
| 294 | } elseif (in_array($capability, $this->_groups['post'])) { |
| 295 | $response = __('Posts & Pages', AAM_KEY); |
| 296 | } elseif (in_array($capability, $this->_groups['backend'])) { |
| 297 | $response = __('Backend', AAM_KEY); |
| 298 | } else { |
| 299 | $response = __('Miscellaneous', AAM_KEY); |
| 300 | } |
| 301 | |
| 302 | return apply_filters( |
| 303 | 'aam-capability-group-filter', $response, $capability |
| 304 | ); |
| 305 | } |
| 306 | |
| 307 | /** |
| 308 | * Register capability feature |
| 309 | * |
| 310 | * @return void |
| 311 | * |
| 312 | * @access public |
| 313 | */ |
| 314 | public static function register() { |
| 315 | $cap = AAM_Core_Config::get(self::getAccessOption(), 'administrator'); |
| 316 | |
| 317 | AAM_Backend_Feature::registerFeature((object) array( |
| 318 | 'uid' => 'capability', |
| 319 | 'position' => 15, |
| 320 | 'title' => __('Capabilities', AAM_KEY), |
| 321 | 'capability' => $cap, |
| 322 | 'subjects' => array('AAM_Core_Subject_Role', 'AAM_Core_Subject_User'), |
| 323 | 'view' => __CLASS__ |
| 324 | )); |
| 325 | } |
| 326 | |
| 327 | } |