PluginProbe ʕ •ᴥ•ʔ
Advanced Access Manager – Access Governance for WordPress / 4.0
Advanced Access Manager – Access Governance for WordPress v4.0
6.8.4 6.8.5 6.9.0 6.9.1 6.9.10 6.9.11 6.9.12 6.9.13 6.9.14 6.9.15 6.9.16 6.9.17 6.9.18 6.9.19 6.9.2 6.9.20 6.9.21 6.9.22 6.9.23 6.9.24 6.9.25 6.9.26 6.9.27 6.9.28 6.9.29 6.9.3 6.9.30 6.9.31 6.9.32 6.9.33 6.9.34 6.9.35 6.9.36 6.9.37 6.9.38 6.9.39 6.9.4 6.9.41 6.9.42 6.9.43 6.9.44 6.9.45 6.9.46 6.9.47 6.9.48 6.9.49 6.9.5 6.9.51 6.9.6 6.9.7 6.9.8 6.9.9 7.0.0 7.0.0-alpha.6 7.0.0-alpha.7 7.0.0-beta.1 7.0.0-rc1 7.0.0-rc2 7.0.0-rc3 7.0.1 7.0.10 7.0.11 7.0.2 7.0.3 7.0.4 7.0.5 7.0.6 7.0.7 7.0.8 7.0.9 7.1.0 7.1.1 trunk 3.0 4.0 4.0.1 4.1 4.2 4.3 4.4 4.4.1 4.5 4.6 4.6.1 4.6.2 4.7 4.7.1 4.7.2 4.7.5 4.7.6 4.8 4.8.1 4.9 4.9.1 4.9.2 4.9.3 4.9.4 4.9.5 4.9.5.1 4.9.5.2 5.0 5.0.1 5.0.2 5.0.3 5.0.4 5.0.5 5.0.6 5.0.7 5.0.8 5.1 5.1.1 5.10 5.11 5.2 5.2.1 5.2.5 5.2.6 5.2.7 5.3 5.3.1 5.3.2 5.3.3 5.3.4 5.3.5 5.4 5.4.1 5.4.2 5.4.3 5.4.3.1 5.4.3.2 5.5 5.5.1 5.5.2 5.6 5.6.1 5.6.1.1 5.7 5.7.1 5.7.2 5.7.3 5.8 5.8.1 5.8.2 5.8.3 5.9 5.9.1 5.9.1.1 5.9.2 5.9.2.1 5.9.3 5.9.4 5.9.5 5.9.6 5.9.6.1 5.9.6.2 5.9.6.3 5.9.7 5.9.7.1 5.9.7.2 5.9.7.3 5.9.8 5.9.8.1 5.9.9 5.9.9.1 6.0.0 6.0.1 6.0.2 6.0.3 6.0.4 6.0.5 6.1.0 6.1.1 6.2.0 6.2.1 6.2.2 6.3.0 6.3.1 6.3.2 6.3.3 6.4.0 6.4.1 6.4.2 6.4.3 6.5.0 6.5.1 6.5.2 6.5.3 6.5.4 6.6.0 6.6.1 6.6.2 6.6.3 6.6.4 6.7.0 6.7.1 6.7.2 6.7.3 6.7.4 6.7.5 6.7.6 6.7.7 6.7.8 6.7.9 6.8.0 6.8.1 6.8.2 6.8.3
advanced-access-manager / Application / Backend / Feature / Capability.php
advanced-access-manager / Application / Backend / Feature Last commit date
Abstract.php 9 years ago Capability.php 9 years ago Contact.php 9 years ago Extension.php 9 years ago LoginRedirect.php 9 years ago Menu.php 9 years ago Metabox.php 9 years ago Post.php 9 years ago Redirect.php 9 years ago Role.php 9 years ago Security.php 9 years ago Teaser.php 9 years ago User.php 9 years ago Utility.php 9 years ago
Capability.php
327 lines
1 <?php
2
3 /**
4 * ======================================================================
5 * LICENSE: This file is subject to the terms and conditions defined in *
6 * file 'license.txt', which is part of this source code package. *
7 * ======================================================================
8 */
9
10 /**
11 * Backend capability manager
12 *
13 * @package AAM
14 * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15 */
16 class AAM_Backend_Feature_Capability extends AAM_Backend_Feature_Abstract {
17
18 /**
19 * Capability groups
20 *
21 * @var array
22 *
23 * @access private
24 */
25 private $_groups = array(
26 'system' => array(
27 'level_0', 'level_1', 'level_2', 'level_3', 'level_4', 'level_5',
28 'level_6', 'level_7', 'level_8', 'level_9', 'level_10'
29 ),
30 'post' => array(
31 'delete_others_pages', 'delete_others_posts', 'edit_others_pages',
32 'delete_posts', 'delete_private_pages', 'delete_private_posts',
33 'delete_published_pages', 'delete_published_posts', 'delete_pages',
34 'edit_others_posts', 'edit_pages', 'edit_private_posts',
35 'edit_private_pages', 'edit_posts', 'edit_published_pages',
36 'edit_published_posts', 'publish_pages', 'publish_posts', 'read',
37 'read_private_pages', 'read_private_posts', 'edit_permalink'
38 ),
39 'backend' => array(
40 'aam_manage', 'activate_plugins', 'add_users', 'update_plugins',
41 'delete_users', 'delete_themes', 'edit_dashboard', 'edit_files',
42 'edit_plugins', 'edit_theme_options', 'edit_themes', 'edit_users',
43 'export', 'import', 'install_plugins', 'install_themes',
44 'manage_options', 'manage_links', 'manage_categories', 'customize',
45 'unfiltered_html', 'unfiltered_upload', 'update_themes',
46 'update_core', 'upload_files', 'delete_plugins', 'remove_users',
47 'switch_themes', 'list_users', 'promote_users', 'create_users'
48 )
49 );
50
51 /**
52 *
53 * @return type
54 */
55 public function getTable() {
56 $response = array('data' => array());
57
58 $subject = AAM_Backend_View::getSubject();
59 if ($subject instanceof AAM_Core_Subject_Role) {
60 $response['data'] = $this->retrieveAllCaps();
61 } else {
62 foreach ($this->getCapabilityList($subject) as $cap) {
63 $response['data'][] = array(
64 $cap,
65 $this->getGroup($cap),
66 $cap,
67 $this->prepareActionList($cap)
68 );
69 }
70 }
71
72 return json_encode($response);
73 }
74
75 /**
76 * Update capability tag
77 *
78 * @return string
79 *
80 * @access public
81 */
82 public function update() {
83 $capability = AAM_Core_Request::post('capability');
84 $updated = AAM_Core_Request::post('updated');
85 $roles = AAM_Core_API::getRoles();
86
87 //first make sure that similar capability does not exist already
88 $allcaps = AAM_Core_API::getAllCapabilities();
89
90 if (!isset($allcaps[$updated])) {
91 foreach($roles->role_objects as $role) {
92 //check if capability is present for current role! Please notice, we
93 //can not use the native WP_Role::has_cap function because it will
94 //return false if capability exists but not checked
95 if (isset($role->capabilities[$capability])) {
96 $role->add_cap($updated, $role->capabilities[$capability]);
97 $role->remove_cap($capability);
98 }
99 }
100 $response = array('status' => 'success');
101 } else {
102 $response = array(
103 'status' => 'failure',
104 'message' => __('Capability already exists', AAM_KEY)
105 );
106 }
107
108 return json_encode($response);
109 }
110
111 /**
112 * Delete capability
113 *
114 * This function delete capability in all roles.
115 *
116 * @return string
117 *
118 * @access public
119 */
120 public function delete() {
121 $capability = AAM_Core_Request::post('capability');
122 $roles = AAM_Core_API::getRoles();
123 $subject = AAM_Backend_View::getSubject();
124
125 if (is_a($subject, 'AAM_Core_Subject_Role')) {
126 foreach($roles->role_objects as $role) {
127 $role->remove_cap($capability);
128 }
129 $response = array('status' => 'success');
130 } else {
131 $response = array(
132 'status' => 'failure',
133 'message' => __('Can not remove the capability', AAM_KEY)
134 );
135 }
136
137 return json_encode($response);
138 }
139
140 /**
141 * @inheritdoc
142 */
143 public static function getAccessOption() {
144 return 'feature.capability.capability';
145 }
146
147 /**
148 * @inheritdoc
149 */
150 public static function getTemplate() {
151 return 'object/capability.phtml';
152 }
153
154 /**
155 *
156 * @param AAM_Core_Subject_User $subject
157 * @return type
158 */
159 protected function getCapabilityList(AAM_Core_Subject_User $subject) {
160 $list = array();
161
162 //IMPORTANT! Cause it is possible that user is not assigned to any role
163 $roles = $subject->roles;
164
165 if (is_array($roles)) {
166 foreach($roles as $slug) {
167 $role = AAM_Core_API::getRoles()->get_role($slug);
168 if ($role) {
169 $list = array_keys($role->capabilities);
170 break;
171 }
172 }
173 }
174 return $list;
175 }
176
177 /**
178 *
179 * @param type $cap
180 * @return type
181 */
182 protected function prepareActionList($cap) {
183 $subject = AAM_Backend_View::getSubject();
184 $actions = array();
185
186 $actions[] = ($subject->hasCapability($cap) ? 'checked' : 'unchecked');
187
188 //allow to delete or update capability only for roles!
189 if (AAM_Core_Config::get('manage-capability', false)
190 && is_a($subject, 'AAM_Core_Subject_Role')) {
191 $actions[] = 'edit';
192 $actions[] = 'delete';
193 }
194
195 return implode(
196 ',', apply_filters('aam-cap-row-actions-filter', $actions, $subject)
197 );
198 }
199
200 /**
201 * Get list of user roles
202 *
203 * @param array $roles
204 *
205 * @return array
206 *
207 * @access protected
208 */
209 protected function getUserRoles($roles) {
210 $response = array();
211
212 $names = AAM_Core_API::getRoles()->get_names();
213
214 if (is_array($roles)) {
215 foreach($roles as $role) {
216 if (isset($names[$role])) {
217 $response[] = translate_user_role($names[$role]);
218 }
219 }
220 }
221
222 return $response;
223 }
224
225 /**
226 *
227 * @return type
228 */
229 protected function retrieveAllCaps() {
230 $response = array();
231 $caps = AAM_Core_API::getAllCapabilities();
232
233 foreach (array_keys($caps) as $cap) {
234 $response[] = array(
235 $cap,
236 $this->getGroup($cap),
237 $cap,
238 $this->prepareActionList($cap)
239 );
240 }
241
242 return $response;
243 }
244
245 /**
246 * Get capability group list
247 *
248 * @return array
249 *
250 * @access public
251 */
252 public function getGroupList() {
253 return apply_filters('aam-capability-groups-filter', array(
254 __('System', AAM_KEY),
255 __('Posts & Pages', AAM_KEY),
256 __('Backend', AAM_KEY),
257 __('Miscellaneous', AAM_KEY)
258 ));
259 }
260
261 /**
262 * Add new capability
263 *
264 * @return string
265 *
266 * @access public
267 */
268 public function add() {
269 $capability = sanitize_text_field(AAM_Core_Request::post('capability'));
270
271 if ($capability) {
272 //add the capability to administrator's role as default behavior
273 AAM_Core_API::getRoles()->add_cap('administrator', $capability);
274 $response = array('status' => 'success');
275 } else {
276 $response = array('status' => 'failure');
277 }
278
279 return json_encode($response);
280 }
281
282 /**
283 * Get capability group name
284 *
285 * @param string $capability
286 *
287 * @return string
288 *
289 * @access protected
290 */
291 protected function getGroup($capability) {
292 if (in_array($capability, $this->_groups['system'])) {
293 $response = __('System', AAM_KEY);
294 } elseif (in_array($capability, $this->_groups['post'])) {
295 $response = __('Posts & Pages', AAM_KEY);
296 } elseif (in_array($capability, $this->_groups['backend'])) {
297 $response = __('Backend', AAM_KEY);
298 } else {
299 $response = __('Miscellaneous', AAM_KEY);
300 }
301
302 return apply_filters(
303 'aam-capability-group-filter', $response, $capability
304 );
305 }
306
307 /**
308 * Register capability feature
309 *
310 * @return void
311 *
312 * @access public
313 */
314 public static function register() {
315 $cap = AAM_Core_Config::get(self::getAccessOption(), 'administrator');
316
317 AAM_Backend_Feature::registerFeature((object) array(
318 'uid' => 'capability',
319 'position' => 15,
320 'title' => __('Capabilities', AAM_KEY),
321 'capability' => $cap,
322 'subjects' => array('AAM_Core_Subject_Role', 'AAM_Core_Subject_User'),
323 'view' => __CLASS__
324 ));
325 }
326
327 }