PluginProbe ʕ •ᴥ•ʔ
Advanced Access Manager – Access Governance for WordPress / 4.0
Advanced Access Manager – Access Governance for WordPress v4.0
6.8.4 6.8.5 6.9.0 6.9.1 6.9.10 6.9.11 6.9.12 6.9.13 6.9.14 6.9.15 6.9.16 6.9.17 6.9.18 6.9.19 6.9.2 6.9.20 6.9.21 6.9.22 6.9.23 6.9.24 6.9.25 6.9.26 6.9.27 6.9.28 6.9.29 6.9.3 6.9.30 6.9.31 6.9.32 6.9.33 6.9.34 6.9.35 6.9.36 6.9.37 6.9.38 6.9.39 6.9.4 6.9.41 6.9.42 6.9.43 6.9.44 6.9.45 6.9.46 6.9.47 6.9.48 6.9.49 6.9.5 6.9.51 6.9.6 6.9.7 6.9.8 6.9.9 7.0.0 7.0.0-alpha.6 7.0.0-alpha.7 7.0.0-beta.1 7.0.0-rc1 7.0.0-rc2 7.0.0-rc3 7.0.1 7.0.10 7.0.11 7.0.2 7.0.3 7.0.4 7.0.5 7.0.6 7.0.7 7.0.8 7.0.9 7.1.0 7.1.1 trunk 3.0 4.0 4.0.1 4.1 4.2 4.3 4.4 4.4.1 4.5 4.6 4.6.1 4.6.2 4.7 4.7.1 4.7.2 4.7.5 4.7.6 4.8 4.8.1 4.9 4.9.1 4.9.2 4.9.3 4.9.4 4.9.5 4.9.5.1 4.9.5.2 5.0 5.0.1 5.0.2 5.0.3 5.0.4 5.0.5 5.0.6 5.0.7 5.0.8 5.1 5.1.1 5.10 5.11 5.2 5.2.1 5.2.5 5.2.6 5.2.7 5.3 5.3.1 5.3.2 5.3.3 5.3.4 5.3.5 5.4 5.4.1 5.4.2 5.4.3 5.4.3.1 5.4.3.2 5.5 5.5.1 5.5.2 5.6 5.6.1 5.6.1.1 5.7 5.7.1 5.7.2 5.7.3 5.8 5.8.1 5.8.2 5.8.3 5.9 5.9.1 5.9.1.1 5.9.2 5.9.2.1 5.9.3 5.9.4 5.9.5 5.9.6 5.9.6.1 5.9.6.2 5.9.6.3 5.9.7 5.9.7.1 5.9.7.2 5.9.7.3 5.9.8 5.9.8.1 5.9.9 5.9.9.1 6.0.0 6.0.1 6.0.2 6.0.3 6.0.4 6.0.5 6.1.0 6.1.1 6.2.0 6.2.1 6.2.2 6.3.0 6.3.1 6.3.2 6.3.3 6.4.0 6.4.1 6.4.2 6.4.3 6.5.0 6.5.1 6.5.2 6.5.3 6.5.4 6.6.0 6.6.1 6.6.2 6.6.3 6.6.4 6.7.0 6.7.1 6.7.2 6.7.3 6.7.4 6.7.5 6.7.6 6.7.7 6.7.8 6.7.9 6.8.0 6.8.1 6.8.2 6.8.3
advanced-access-manager / Application / Backend / Manager.php
advanced-access-manager / Application / Backend Last commit date
Feature 9 years ago View 9 years ago phtml 9 years ago Feature.php 9 years ago Filter.php 9 years ago Manager.php 9 years ago View.php 9 years ago
Manager.php
526 lines
1 <?php
2
3 /**
4 * ======================================================================
5 * LICENSE: This file is subject to the terms and conditions defined in *
6 * file 'license.txt', which is part of this source code package. *
7 * ======================================================================
8 */
9
10 /**
11 * Backend manager
12 *
13 * @package AAM
14 * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15 */
16 class AAM_Backend_Manager {
17
18 /**
19 * Single instance of itself
20 *
21 * @var AAM_Backend_Manager
22 *
23 * @access private
24 */
25 private static $_instance = null;
26
27 /**
28 * Initialize the object
29 *
30 * @return void
31 *
32 * @access protected
33 */
34 protected function __construct() {
35 //check if user is allowed to see backend
36 $this->checkUserAccess();
37
38 //check if user switch is required
39 $this->checkUserSwitch();
40
41 //print required JS & CSS
42 add_action('admin_print_scripts', array($this, 'printJavascript'));
43 add_action('admin_print_styles', array($this, 'printStylesheet'));
44
45 //manager Admin Menu
46 if (is_multisite() && is_network_admin()) {
47 //register AAM in the network admin panel
48 add_action('network_admin_menu', array($this, 'adminMenu'), 999);
49 } else {
50 add_action('admin_menu', array($this, 'adminMenu'), 999);
51 add_action('all_admin_notices', array($this, 'notification'));
52 }
53
54 //manager AAM Ajax Requests
55 add_action('wp_ajax_aam', array($this, 'ajax'));
56 //manager AAM Features Content rendering
57 add_action('admin_action_aamc', array($this, 'renderContent'));
58 //manager user search and authentication control
59 add_filter('user_search_columns', array($this, 'searchColumns'));
60 //manage access action to the user list
61 add_filter('user_row_actions', array($this, 'userActions'), 10, 2);
62
63 //register custom access control metabox
64 add_action('add_meta_boxes', array($this, 'metabox'));
65
66 //manager WordPress metaboxes
67 add_action("in_admin_header", array($this, 'initMetaboxes'), 999);
68
69 //user profile update action
70 add_action('profile_update', 'AAM_Core_Cache::clear');
71
72 //term & post CRUD hooks
73 if (AAM_Core_Config::get('cache-auto-clear', true)) {
74 add_action('delete_term', 'AAM_Core_Cache::clear');
75 add_action('edited_term', 'AAM_Core_Cache::clear');
76 add_action('save_post', 'AAM_Core_Cache::clear');
77 }
78
79 //extend post inline actions
80 add_filter('page_row_actions', array($this, 'postRowActions'), 10, 2);
81 add_filter('post_row_actions', array($this, 'postRowActions'), 10, 2);
82
83 //extend term inline actions
84 add_filter('tag_row_actions', array($this, 'tagRowActions'), 10, 2);
85
86 //check extension version
87 $this->checkExtensionList();
88
89 //register backend hooks and filters
90 if (AAM_Core_Config::get('backend-access-control', true)) {
91 AAM_Backend_Filter::register();
92 }
93
94 //register CodePinch affiliate
95 AAM_Backend_View_CodePinch::bootstrap();
96 }
97
98 /**
99 *
100 */
101 protected function checkUserAccess() {
102 $all = AAM_Core_API::getAllCapabilities();
103
104 if (isset($all['access_dashboard']) && get_current_user_id()) {
105 if (empty(AAM::getUser()->allcaps['access_dashboard'])) {
106 AAM_Core_API::reject('backend');
107 }
108 }
109 }
110
111 /**
112 *
113 */
114 protected function checkUserSwitch() {
115 if (AAM_Core_Request::get('action') == 'aam-switch-back') {
116 $current = get_current_user_id();
117 $uid = AAM_Core_API::getOption('aam-user-switch-' . $current);
118 $redirect = admin_url('admin.php?page=aam&user=' . $current);
119
120 check_admin_referer('aam-switch-' . $uid);
121
122 wp_clear_auth_cookie();
123 wp_set_auth_cookie( $uid, true );
124 wp_set_current_user( $uid );
125
126 AAM_Core_API::deleteOption('aam-user-switch-' . $current);
127
128 wp_redirect($redirect);
129 exit;
130 }
131 }
132
133 /**
134 *
135 */
136 protected function checkExtensionList() {
137 $list = AAM_Extension_Repository::getInstance()->getList();
138
139 foreach($list as $item) {
140 if ($item['status'] == AAM_Extension_Repository::STATUS_UPDATE) {
141 AAM_Core_Console::add(
142 sprintf(
143 __('Extension %s has new update available for download.'),
144 $item['title']
145 )
146 );
147 }elseif ($item['status'] == AAM_Extension_Repository::STATUS_INACTIVE) {
148 AAM_Core_Console::add(
149 sprintf(
150 __('License violation for %s extension. Enter valid license on the Extensions tab or contact us immediately.'),
151 $item['title']
152 )
153 );
154 }
155 }
156 }
157
158 /**
159 *
160 */
161 public function notification() {
162 $uid = AAM_Core_API::getOption('aam-user-switch-' . get_current_user_id());
163
164 if ($uid) {
165 //get user's name
166 $user = new WP_User($uid);
167 $name = $user->display_name ? $user->display_name : $user->user_nicename;
168
169 //generate switch back URL
170 $url = wp_nonce_url(
171 'index.php?action=aam-switch-back', 'aam-switch-' . $uid
172 );
173
174 $style = 'padding: 10px; font-weight: 700; letter-spacing:0.5px;';
175
176 echo '<div class="updated notice">';
177 echo '<p style="' . $style . '">';
178 echo sprintf('Switch back to <a href="%s">%s</a>.', $url, $name);
179 echo '</p></div>';
180 }
181 }
182
183 /**
184 *
185 */
186 public function metabox() {
187 $cap = AAM_Core_Config::get(
188 AAM_Backend_Feature_Post::getAccessOption(), 'administrator'
189 );
190
191 if (AAM::getUser()->hasCapability($cap)) {
192 add_meta_box(
193 'aam-acceess-control',
194 __('Access Manager', AAM_KEY),
195 array($this, 'renderMetabox'),
196 null,
197 'side',
198 'high'
199 );
200 }
201 }
202
203 /**
204 *
205 * @global type $post
206 */
207 public function renderMetabox() {
208 echo AAM_Backend_View::getInstance()->renderMetabox();
209 }
210
211 /**
212 * Hanlde Metabox initialization process
213 *
214 * @return void
215 *
216 * @access public
217 */
218 public function initMetaboxes() {
219 global $post;
220
221 if (AAM_Core_Request::get('init') == 'metabox') {
222 //make sure that nobody is playing with screen options
223 if ($post instanceof WP_Post) {
224 $screen = $post->post_type;
225 } elseif ($screen_object = get_current_screen()) {
226 $screen = $screen_object->id;
227 } else {
228 $screen = '';
229 }
230
231 $model = new AAM_Backend_Feature_Metabox;
232 $model->initialize($screen);
233 }
234 }
235
236 /**
237 * Add extra column to search in for User search
238 *
239 * @param array $columns
240 *
241 * @return array
242 *
243 * @access public
244 */
245 public function searchColumns($columns) {
246 $columns[] = 'display_name';
247
248 return $columns;
249 }
250
251 /**
252 *
253 * @param type $actions
254 * @param type $post
255 * @return string
256 */
257 public function postRowActions($actions, $post) {
258 $cap = AAM_Core_Config::get('page.capability', 'administrator');
259
260 if (AAM::getUser()->hasCapability($cap)) {
261 $url = admin_url('admin.php?page=aam&oid=' . $post->ID . '&otype=post#post');
262
263 $actions['aam'] = '<a href="' . $url . '" target="_blank">';
264 $actions['aam'] .= __('Access', AAM_KEY) . '</a>';
265 }
266
267 return $actions;
268 }
269
270 /**
271 *
272 * @param type $actions
273 * @param type $term
274 * @return string
275 */
276 public function tagRowActions($actions, $term) {
277 $cap = AAM_Core_Config::get('page.capability', 'administrator');
278
279 if (AAM::getUser()->hasCapability($cap)) {
280 $oid = $term->term_id . '|' . $term->taxonomy;
281 $url = admin_url('admin.php?page=aam&oid=' . $oid . '&otype=term#post');
282
283 $actions['aam'] = '<a href="' . $url . '" target="_blank">';
284 $actions['aam'] .= __('Access', AAM_KEY) . '</a>';
285 }
286
287 return $actions;
288 }
289
290 /**
291 * Add "Manage Access" action
292 *
293 * Add additional action to the user list table.
294 *
295 * @param array $actions
296 * @param WP_User $user
297 *
298 * @return array
299 *
300 * @access public
301 */
302 public function userActions($actions, $user) {
303 $cap = AAM_Core_Config::get('page.capability', 'administrator');
304
305 if (current_user_can($cap, $user->ID)) {
306 $url = admin_url('admin.php?page=aam&user=' . $user->ID);
307
308 $actions['aam'] = '<a href="' . $url . '" target="_blank">';
309 $actions['aam'] .= __('Access', AAM_KEY) . '</a>';
310 }
311
312 return $actions;
313 }
314
315 /**
316 * Print javascript libraries
317 *
318 * @return void
319 *
320 * @access public
321 */
322 public function printJavascript() {
323 if (AAM::isAAM()) {
324 wp_enqueue_script('aam-vendor', AAM_MEDIA . '/js/vendor.js');
325 wp_enqueue_script('aam-main', AAM_MEDIA . '/js/aam.js');
326
327 //add plugin localization
328 $this->printLocalization('aam-main');
329 }
330 }
331
332 /**
333 * Print plugin localization
334 *
335 * @param string $localKey
336 *
337 * @return void
338 *
339 * @access protected
340 */
341 protected function printLocalization($localKey) {
342 $subject = $this->getCurrentSubject();
343
344 wp_localize_script($localKey, 'aamLocal', array(
345 'nonce' => wp_create_nonce('aam_ajax'),
346 'ajaxurl' => admin_url('admin-ajax.php'),
347 'url' => array(
348 'site' => admin_url('index.php'),
349 'jsbase' => AAM_MEDIA . '/js',
350 'editUser' => admin_url('user-edit.php'),
351 'addUser' => admin_url('user-new.php')
352 ),
353 'level' => AAM_Core_API::maxLevel(wp_get_current_user()->allcaps),
354 'subject' => array(
355 'type' => $subject->type,
356 'id' => $subject->id,
357 'name' => $subject->name,
358 'level' => $subject->level,
359 'blog' => get_current_blog_id()
360 ),
361 'translation' => require (dirname(__FILE__) . '/View/Localization.php')
362 ));
363 }
364
365 /**
366 * Get current subject
367 *
368 * @return stdClass
369 *
370 * @access protected
371 */
372 protected function getCurrentSubject() {
373 $userId = AAM_Core_Request::get('user');
374 if ($userId) {
375 $u = get_user_by('id', $userId);
376 $subject = array(
377 'type' => 'user',
378 'id' => $userId,
379 'name' => ($u->display_name ? $u->display_name : $u->user_nicename),
380 'level' => AAM_Core_API::maxLevel($u->allcaps)
381 );
382 } else {
383 $roles = array_keys(get_editable_roles());
384 $id = array_shift($roles);
385 $role = AAM_Core_API::getRoles()->get_role($id);
386
387 $subject = array(
388 'type' => 'role',
389 'id' => $id,
390 'name' => $role->name,
391 'level' => AAM_Core_API::maxLevel($role->capabilities)
392 );
393 }
394
395 return (object) $subject;
396 }
397
398 /**
399 * Print necessary styles
400 *
401 * @return void
402 *
403 * @access public
404 */
405 public function printStylesheet() {
406 if (AAM::isAAM()) {
407 wp_enqueue_style('aam-bt', AAM_MEDIA . '/css/bootstrap.min.css');
408 wp_enqueue_style('aam-db', AAM_MEDIA . '/css/datatables.min.css');
409 wp_enqueue_style('aam-main', AAM_MEDIA . '/css/aam.css');
410 }
411 }
412
413 /**
414 * Register Admin Menu
415 *
416 * @return void
417 *
418 * @access public
419 */
420 public function adminMenu() {
421 if (AAM_Core_Console::hasIssues()) {
422 $counter = '&nbsp;<span class="update-plugins">'
423 . '<span class="plugin-count">' . AAM_Core_Console::count()
424 . '</span></span>';
425 } else {
426 $counter = '';
427 }
428
429 //register the menu
430 add_menu_page(
431 'AAM',
432 'AAM' . $counter,
433 AAM_Core_Config::get('page.capability', 'administrator'),
434 'aam',
435 array($this, 'renderPage'),
436 AAM_MEDIA . '/active-menu.svg'
437 );
438 }
439
440 /**
441 * Render Main Content page
442 *
443 * @return void
444 *
445 * @access public
446 */
447 public function renderPage() {
448 echo AAM_Backend_View::getInstance()->renderPage();
449 }
450
451 /**
452 * Render list of AAM Features
453 *
454 * Must be separate from Ajax call because WordPress ajax does not load
455 * a lot of UI stuff like admin menu
456 *
457 * @return void
458 *
459 * @access public
460 */
461 public function renderContent() {
462 check_ajax_referer('aam_ajax');
463
464 $cap = AAM_Core_Config::get('page.capability', 'administrator');
465
466 if (AAM::getUser()->hasCapability($cap)) {
467 echo AAM_Backend_View::getInstance()->renderContent();
468 } else {
469 echo __('Access Denied', AAM_KEY);
470 }
471
472 exit();
473 }
474
475 /**
476 * Handle Ajax calls to AAM
477 *
478 * @return void
479 *
480 * @access public
481 */
482 public function ajax() {
483 check_ajax_referer('aam_ajax');
484
485 //clean buffer to make sure that nothing messing around with system
486 while (@ob_end_clean()){}
487
488 //process ajax request
489 $cap = AAM_Core_Config::get('page.capability', 'administrator');
490
491 if (AAM::getUser()->hasCapability($cap)) {
492 echo AAM_Backend_View::getInstance()->processAjax();
493 } else {
494 echo __('Access Denied', AAM_KEY);
495 }
496
497 exit();
498 }
499
500 /**
501 * Bootstrap the manager
502 *
503 * @return void
504 *
505 * @access public
506 */
507 public static function bootstrap() {
508 if (is_null(self::$_instance)) {
509 self::$_instance = new self;
510 }
511 }
512
513 /**
514 * Get instance of itself
515 *
516 * @return AAM_Backend_View
517 *
518 * @access public
519 */
520 public static function getInstance() {
521 self::bootstrap();
522
523 return self::$_instance;
524 }
525
526 }