PluginProbe ʕ •ᴥ•ʔ
PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus / 1.5.1
PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus v1.5.1
2.45.0 2.44.0 trunk 1.10 1.10.1 1.4.1 1.4.10 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8 1.4.9 1.5 1.5.1 1.5.10 1.5.11 1.5.2 1.5.3 1.5.4 1.5.5 1.5.7 1.5.8 1.5.9 1.6 1.6.1 1.7 1.7.1 1.7.2 1.7.3 1.7.4 1.7.5 1.8.1 1.9 1.9.10 1.9.12 1.9.2 1.9.3 1.9.4 1.9.5 1.9.6 1.9.9 2.0 2.0.2 2.0.3 2.1 2.1.1 2.10.0 2.10.1 2.10.2 2.10.3 2.11.1 2.12.1 2.12.2 2.13.0 2.14.0 2.15.0 2.16.0 2.17.0 2.18.0 2.18.2 2.19.0 2.19.1 2.19.2 2.2 2.2.1 2.20.0 2.21.0 2.22.0 2.23.0 2.3 2.3.1 2.3.2 2.3.3 2.3.4 2.3.5 2.3.6 2.30.0 2.31.0 2.32.0 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.40.0 2.41.0 2.42.0 2.43.0 2.5.0 2.5.1 2.5.2 2.6.0 2.6.1 2.7.0 2.7.1 2.8.0 2.8.1 2.9.0 2.9.1
capability-manager-enhanced / includes / modify.php
capability-manager-enhanced / includes Last commit date
admin.php 11 years ago backup-handler.php 11 years ago backup.php 11 years ago handler.php 11 years ago manager.php 11 years ago modify.php 11 years ago network.php 11 years ago pp-handler.php 11 years ago pp-ui.php 11 years ago
modify.php
265 lines
1 <?php
2
3 class CapsmanHandler
4 {
5 var $cm;
6
7 function __construct( $manager_obj, $post ) {
8 global $wp_roles;
9
10 // Create a new role.
11 if ( ! empty($post['CreateRole']) ) {
12 if ( $newrole = $this->createRole($post['create-name']) ) {
13 ak_admin_notify(__('New role created.', $this->ID));
14 $this->current = $newrole;
15 } else {
16 if ( empty($post['create-name']) && ( ! defined('WPLANG') || ! WPLANG ) )
17 ak_admin_error( 'Error: No role name specified.', $this->ID );
18 else
19 ak_admin_error(__('Error: Failed creating the new role.', $this->ID));
20 }
21
22 // Copy current role to a new one.
23 } elseif ( ! empty($post['CopyRole']) ) {
24 $current = get_role($post['current']);
25 if ( $newrole = $this->createRole($post['copy-name'], $current->capabilities) ) {
26 ak_admin_notify(__('New role created.', $this->ID));
27 $this->current = $newrole;
28 } else {
29 if ( empty($post['copy-name']) && ( ! defined('WPLANG') || ! WPLANG ) )
30 ak_admin_error( 'Error: No role name specified.', $this->ID );
31 else
32 ak_admin_error(__('Error: Failed creating the new role.', $this->ID));
33 }
34
35 // Save role changes. Already saved at start with self::saveRoleCapabilities().
36 } elseif ( ! empty($post['SaveRole']) ) {
37 if ( MULTISITE ) {
38 global $wp_roles;
39 if ( method_exists( $wp_roles, 'reinit' ) )
40 $wp_roles->reinit();
41 }
42
43 $this->saveRoleCapabilities($post['current'], $post['caps'], $post['level']);
44
45 if ( defined( 'PP_ACTIVE' ) ) { // log customized role caps for subsequent restoration
46 // for bbPress < 2.2, need to log customization of roles following bbPress activation
47 $plugins = ( function_exists( 'bbp_get_version' ) && version_compare( bbp_get_version(), '2.2', '<' ) ) ? array( 'bbpress.php' ) : array(); // back compat
48
49 if ( ! $customized_roles = get_option( 'pp_customized_roles' ) )
50 $customized_roles = array();
51
52 $customized_roles[$post['role']] = (object) array( 'caps' => $post['caps'], 'plugins' => $plugins );
53 update_option( 'pp_customized_roles', $customized_roles );
54
55 global $wpdb;
56 $wpdb->query( "UPDATE $wpdb->options SET autoload = 'no' WHERE option_name = 'pp_customized_roles'" );
57 }
58 // Create New Capability and adds it to current role.
59 } elseif ( ! empty($post['AddCap']) ) {
60 if ( MULTISITE ) {
61 global $wp_roles;
62 if ( method_exists( $wp_roles, 'reinit' ) )
63 $wp_roles->reinit();
64 }
65
66 $role = get_role($post['current']);
67 $role->name = $post['current']; // bbPress workaround
68
69 if ( $newname = $this->createNewName($post['capability-name']) ) {
70 $role->add_cap($newname['name']);
71 $this->message = __('New capability added to role.');
72
73 // for bbPress < 2.2, need to log customization of roles following bbPress activation
74 $plugins = ( function_exists( 'bbp_get_version' ) && version_compare( bbp_get_version(), '2.2', '<' ) ) ? array( 'bbpress.php' ) : array(); // back compat
75
76 if ( ! $customized_roles = get_option( 'pp_customized_roles' ) )
77 $customized_roles = array();
78
79 $customized_roles[$post['role']] = (object) array( 'caps' => array_merge( $role->capabilities, array( $newname['name'] => 1 ) ), 'plugins' => $plugins );
80 update_option( 'pp_customized_roles', $customized_roles );
81
82 global $wpdb;
83 $wpdb->query( "UPDATE $wpdb->options SET autoload = 'no' WHERE option_name = 'pp_customized_roles'" );
84 } else {
85 $this->message = __('Incorrect capability name.');
86 }
87
88 } elseif ( ! empty($post['update_filtered_types']) ) {
89 if ( cme_update_pp_usage() ) {
90 ak_admin_notify(__('Capability settings saved.', $this->ID));
91 } else {
92 ak_admin_error(__('Error saving capability settings.', $this->ID));
93 }
94 } else {
95 // TODO: Implement exceptions. This must be a fatal error.
96 ak_admin_error(__('Bad form received.', $this->ID));
97 }
98
99 if ( ! empty($newrole) && defined('PP_ACTIVE') ) {
100 if ( ( ! empty($post['CreateRole']) && ! empty( $_REQUEST['new_role_pp_only'] ) ) || ( ! empty($post['CopyRole']) && ! empty( $_REQUEST['copy_role_pp_only'] ) ) ) {
101 $pp_only = (array) pp_get_option( 'supplemental_role_defs' );
102 $pp_only[]= $newrole;
103 pp_update_option( 'supplemental_role_defs', $pp_only );
104 _cme_pp_default_pattern_role( $newrole );
105 pp_refresh_options();
106 }
107 }
108 }
109
110
111 /**
112 * Creates a new role/capability name from user input name.
113 * Name rules are:
114 * - 2-40 charachers lenght.
115 * - Only letters, digits, spaces and underscores.
116 * - Must to start with a letter.
117 *
118 * @param string $name Name from user input.
119 * @return array|false An array with the name and display_name, or false if not valid $name.
120 */
121 private function createNewName( $name ) {
122 // Allow max 40 characters, letters, digits and spaces
123 $name = trim(substr($name, 0, 40));
124 $pattern = '/^[a-zA-Z][a-zA-Z0-9 _]+$/';
125
126 if ( preg_match($pattern, $name) ) {
127 $roles = ak_get_roles();
128
129 $name = strtolower($name);
130 $name = str_replace(' ', '_', $name);
131 if ( in_array($name, $roles) || array_key_exists($name, $this->capabilities) ) {
132 return false; // Already a role or capability with this name.
133 }
134
135 $display = explode('_', $name);
136 $display = array_map('ucfirst', $display);
137 $display = implode(' ', $display);
138
139 return compact('name', 'display');
140 } else {
141 return false;
142 }
143 }
144
145 /**
146 * Creates a new role.
147 *
148 * @param string $name Role name to create.
149 * @param array $caps Role capabilities.
150 * @return string|false Returns the name of the new role created or false if failed.
151 */
152 private function createRole( $name, $caps = array() ) {
153 if ( ! is_array($caps) )
154 $caps = array();
155
156 $role = $this->createNewName($name);
157 if ( ! is_array($role) ) {
158 return false;
159 }
160
161 $new_role = add_role($role['name'], $role['display'], $caps);
162 if ( is_object($new_role) ) {
163 return $role['name'];
164 } else {
165 return false;
166 }
167 }
168
169 /**
170 * Saves capability changes to roles.
171 *
172 * @param string $role_name Role name to change its capabilities
173 * @param array $caps New capabilities for the role.
174 * @return void
175 */
176 private function saveRoleCapabilities( $role_name, $caps, $level ) {
177 $this->generateNames();
178 $role = get_role($role_name);
179
180 // workaround to ensure db storage of customizations to bbp dynamic roles
181 $role->name = $role_name;
182
183 $stored_role_caps = ( ! empty($role->capabilities) && is_array($role->capabilities) ) ? array_intersect( $role->capabilities, array(true, 1) ) : array();
184
185 $old_caps = array_intersect_key( $stored_role_caps, $this->capabilities);
186 $new_caps = ( is_array($caps) ) ? array_map('intval', $caps) : array();
187 $new_caps = array_merge($new_caps, ak_level2caps($level));
188
189 // Find caps to add and remove
190 $add_caps = array_diff_key($new_caps, $old_caps);
191 $del_caps = array_diff_key($old_caps, $new_caps);
192
193 if ( ! $is_administrator = current_user_can('administrator') ) {
194 unset($add_caps['manage_capabilities']);
195 unset($del_caps['manage_capabilities']);
196 }
197
198 if ( 'administrator' == $role_name && isset($del_caps['manage_capabilities']) ) {
199 unset($del_caps['manage_capabilities']);
200 ak_admin_error(__('You cannot remove Manage Capabilities from Administrators', $this->ID));
201 }
202 // Add new capabilities to role
203 foreach ( $add_caps as $cap => $grant ) {
204 if ( $is_administrator || current_user_can($cap) )
205 $role->add_cap($cap);
206 }
207
208 // Remove capabilities from role
209 foreach ( $del_caps as $cap => $grant) {
210 if ( $is_administrator || current_user_can($cap) )
211 $role->remove_cap($cap);
212 }
213 }
214
215
216
217 /**
218 * Deletes a role.
219 * The role comes from the $_GET['role'] var and the nonce has already been checked.
220 * Default WordPress role cannot be deleted and if trying to do it, throws an error.
221 * Users with the deleted role, are moved to the WordPress default role.
222 *
223 * @return void
224 */
225 private function adminDeleteRole ()
226 {
227 global $wpdb;
228
229 $this->current = $_GET['role'];
230 $default = get_option('default_role');
231 if ( $default == $this->current ) {
232 ak_admin_error(sprintf(__('Cannot delete default role. You <a href="%s">have to change it first</a>.', $this->ID), 'options-general.php'));
233 return;
234 }
235
236 $query = "SELECT ID FROM {$wpdb->usermeta} INNER JOIN {$wpdb->users} "
237 . "ON {$wpdb->usermeta}.user_id = {$wpdb->users}.ID "
238 . "WHERE meta_key='{$wpdb->prefix}capabilities' AND meta_value LIKE '%{$this->current}%';";
239
240 $users = $wpdb->get_results($query);
241 $count = count($users);
242
243 foreach ( $users as $u ) {
244 $user = new WP_User($u->ID);
245 if ( $user->has_cap($this->current) ) { // Check again the user has the deleting role
246 $user->set_role($default);
247 }
248 }
249
250 remove_role($this->current);
251 unset($this->roles[$this->current]);
252
253 if ( $customized_roles = get_option( 'pp_customized_roles' ) ) {
254 if ( isset( $customized_roles[$this->current] ) ) {
255 unset( $customized_roles[$this->current] );
256 update_option( 'pp_customized_roles', $customized_roles );
257 }
258 }
259
260 ak_admin_notify(sprintf(__('Role has been deleted. %1$d users moved to default role %2$s.', $this->ID), $count, $this->roles[$default]));
261 $this->current = $default;
262 }
263 }
264
265 ?>