PluginProbe ʕ •ᴥ•ʔ
PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus / 1.5
PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus v1.5
2.45.0 2.44.0 trunk 1.10 1.10.1 1.4.1 1.4.10 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8 1.4.9 1.5 1.5.1 1.5.10 1.5.11 1.5.2 1.5.3 1.5.4 1.5.5 1.5.7 1.5.8 1.5.9 1.6 1.6.1 1.7 1.7.1 1.7.2 1.7.3 1.7.4 1.7.5 1.8.1 1.9 1.9.10 1.9.12 1.9.2 1.9.3 1.9.4 1.9.5 1.9.6 1.9.9 2.0 2.0.2 2.0.3 2.1 2.1.1 2.10.0 2.10.1 2.10.2 2.10.3 2.11.1 2.12.1 2.12.2 2.13.0 2.14.0 2.15.0 2.16.0 2.17.0 2.18.0 2.18.2 2.19.0 2.19.1 2.19.2 2.2 2.2.1 2.20.0 2.21.0 2.22.0 2.23.0 2.3 2.3.1 2.3.2 2.3.3 2.3.4 2.3.5 2.3.6 2.30.0 2.31.0 2.32.0 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.40.0 2.41.0 2.42.0 2.43.0 2.5.0 2.5.1 2.5.2 2.6.0 2.6.1 2.7.0 2.7.1 2.8.0 2.8.1 2.9.0 2.9.1
capability-manager-enhanced / includes / handler.php
capability-manager-enhanced / includes Last commit date
admin.php 12 years ago backup-handler.php 12 years ago backup.php 12 years ago handler.php 12 years ago manager.php 12 years ago modify.php 12 years ago network.php 12 years ago pp-handler.php 12 years ago pp-ui.php 12 years ago
handler.php
351 lines
1 <?php
2 class CapsmanHandler
3 {
4 var $cm;
5
6 function __construct( $manager_obj ) {
7 $this->cm = $manager_obj;
8 }
9
10 function processAdminGeneral( $post ) {
11 global $wp_roles;
12
13 // Create a new role.
14 if ( ! empty($post['CreateRole']) ) {
15 if ( $newrole = $this->createRole($post['create-name']) ) {
16 ak_admin_notify(__('New role created.', $this->cm->ID));
17 $this->cm->current = $newrole;
18 } else {
19 if ( empty($post['create-name']) && ( ! defined('WPLANG') || ! WPLANG ) )
20 ak_admin_error( 'Error: No role name specified.', $this->cm->ID );
21 else
22 ak_admin_error(__('Error: Failed creating the new role.', $this->cm->ID));
23 }
24
25 // Copy current role to a new one.
26 } elseif ( ! empty($post['CopyRole']) ) {
27 $current = get_role($post['current']);
28 if ( $newrole = $this->createRole($post['copy-name'], $current->capabilities) ) {
29 ak_admin_notify(__('New role created.', $this->cm->ID));
30 $this->cm->current = $newrole;
31 } else {
32 if ( empty($post['copy-name']) && ( ! defined('WPLANG') || ! WPLANG ) )
33 ak_admin_error( 'Error: No role name specified.', $this->cm->ID );
34 else
35 ak_admin_error(__('Error: Failed creating the new role.', $this->cm->ID));
36 }
37
38 // Save role changes. Already saved at start with self::saveRoleCapabilities().
39 } elseif ( ! empty($post['SaveRole']) ) {
40 if ( MULTISITE ) {
41 global $wp_roles;
42 if ( method_exists( $wp_roles, 'reinit' ) )
43 $wp_roles->reinit();
44 }
45
46 $this->saveRoleCapabilities($post['current'], $post['caps'], $post['level']);
47
48 if ( defined( 'PP_ACTIVE' ) ) { // log customized role caps for subsequent restoration
49 // for bbPress < 2.2, need to log customization of roles following bbPress activation
50 $plugins = ( function_exists( 'bbp_get_version' ) && version_compare( bbp_get_version(), '2.2', '<' ) ) ? array( 'bbpress.php' ) : array(); // back compat
51
52 if ( ! $customized_roles = get_option( 'pp_customized_roles' ) )
53 $customized_roles = array();
54
55 $customized_roles[$post['role']] = (object) array( 'caps' => array_map( 'boolval', $post['caps'] ), 'plugins' => $plugins );
56 update_option( 'pp_customized_roles', $customized_roles );
57
58 global $wpdb;
59 $wpdb->query( "UPDATE $wpdb->options SET autoload = 'no' WHERE option_name = 'pp_customized_roles'" );
60 }
61 // Create New Capability and adds it to current role.
62 } elseif ( ! empty($post['AddCap']) ) {
63 if ( MULTISITE ) {
64 global $wp_roles;
65 if ( method_exists( $wp_roles, 'reinit' ) )
66 $wp_roles->reinit();
67 }
68
69 $role = get_role($post['current']);
70 $role->name = $post['current']; // bbPress workaround
71
72 if ( $newname = $this->createNewName($post['capability-name']) ) {
73 $role->add_cap($newname['name']);
74 $this->cm->message = __('New capability added to role.');
75
76 // for bbPress < 2.2, need to log customization of roles following bbPress activation
77 $plugins = ( function_exists( 'bbp_get_version' ) && version_compare( bbp_get_version(), '2.2', '<' ) ) ? array( 'bbpress.php' ) : array(); // back compat
78
79 if ( ! $customized_roles = get_option( 'pp_customized_roles' ) )
80 $customized_roles = array();
81
82 $customized_roles[$post['role']] = (object) array( 'caps' => array_merge( $role->capabilities, array( $newname['name'] => 1 ) ), 'plugins' => $plugins );
83 update_option( 'pp_customized_roles', $customized_roles );
84
85 global $wpdb;
86 $wpdb->query( "UPDATE $wpdb->options SET autoload = 'no' WHERE option_name = 'pp_customized_roles'" );
87 } else {
88 $this->cm->message = __('Incorrect capability name.');
89 }
90
91 } elseif ( ! empty($post['update_filtered_types']) ) {
92 if ( cme_update_pp_usage() ) {
93 ak_admin_notify(__('Capability settings saved.', $this->cm->ID));
94 } else {
95 ak_admin_error(__('Error saving capability settings.', $this->cm->ID));
96 }
97 } else {
98 // TODO: Implement exceptions. This must be a fatal error.
99 ak_admin_error(__('Bad form received.', $this->cm->ID));
100 }
101
102 if ( ! empty($newrole) && defined('PP_ACTIVE') ) {
103 if ( ( ! empty($post['CreateRole']) && ! empty( $_REQUEST['new_role_pp_only'] ) ) || ( ! empty($post['CopyRole']) && ! empty( $_REQUEST['copy_role_pp_only'] ) ) ) {
104 $pp_only = (array) pp_get_option( 'supplemental_role_defs' );
105 $pp_only[]= $newrole;
106 pp_update_option( 'supplemental_role_defs', $pp_only );
107 _cme_pp_default_pattern_role( $newrole );
108 pp_refresh_options();
109 }
110 }
111 }
112
113
114 /**
115 * Creates a new role/capability name from user input name.
116 * Name rules are:
117 * - 2-40 charachers lenght.
118 * - Only letters, digits, spaces and underscores.
119 * - Must to start with a letter.
120 *
121 * @param string $name Name from user input.
122 * @return array|false An array with the name and display_name, or false if not valid $name.
123 */
124 private function createNewName( $name ) {
125 // Allow max 40 characters, letters, digits and spaces
126 $name = trim(substr($name, 0, 40));
127 $pattern = '/^[a-zA-Z][a-zA-Z0-9 _]+$/';
128
129 if ( preg_match($pattern, $name) ) {
130 $roles = ak_get_roles();
131
132 $name = strtolower($name);
133 $name = str_replace(' ', '_', $name);
134 if ( in_array($name, $roles) || array_key_exists($name, $this->cm->capabilities) ) {
135 return false; // Already a role or capability with this name.
136 }
137
138 $display = explode('_', $name);
139 $display = array_map('ucfirst', $display);
140 $display = implode(' ', $display);
141
142 return compact('name', 'display');
143 } else {
144 return false;
145 }
146 }
147
148 /**
149 * Creates a new role.
150 *
151 * @param string $name Role name to create.
152 * @param array $caps Role capabilities.
153 * @return string|false Returns the name of the new role created or false if failed.
154 */
155 private function createRole( $name, $caps = array() ) {
156 if ( ! is_array($caps) )
157 $caps = array();
158
159 $role = $this->createNewName($name);
160 if ( ! is_array($role) ) {
161 return false;
162 }
163
164 $new_role = add_role($role['name'], $role['display'], $caps);
165 if ( is_object($new_role) ) {
166 return $role['name'];
167 } else {
168 return false;
169 }
170 }
171
172 /**
173 * Saves capability changes to roles.
174 *
175 * @param string $role_name Role name to change its capabilities
176 * @param array $caps New capabilities for the role.
177 * @return void
178 */
179 private function saveRoleCapabilities( $role_name, $caps, $level ) {
180 $this->cm->generateNames();
181 $role = get_role($role_name);
182
183 // workaround to ensure db storage of customizations to bbp dynamic roles
184 $role->name = $role_name;
185
186 $stored_role_caps = ( ! empty($role->capabilities) && is_array($role->capabilities) ) ? array_intersect( $role->capabilities, array(true, 1) ) : array();
187
188 $old_caps = array_intersect_key( $stored_role_caps, $this->cm->capabilities);
189 $new_caps = ( is_array($caps) ) ? array_map('boolval', $caps) : array();
190 $new_caps = array_merge($new_caps, ak_level2caps($level));
191
192 // Find caps to add and remove
193 $add_caps = array_diff_key($new_caps, $old_caps);
194 $del_caps = array_diff_key($old_caps, $new_caps);
195
196 $changed_caps = array();
197 foreach( array_intersect_key( $new_caps, $old_caps ) as $cap_name => $cap_val ) {
198 if ( $new_caps[$cap_name] != $old_caps[$cap_name] )
199 $changed_caps[$cap_name] = $cap_val;
200 }
201
202 $add_caps = array_merge( $add_caps, $changed_caps );
203
204 if ( ! $is_administrator = current_user_can('administrator') ) {
205 unset($add_caps['manage_capabilities']);
206 unset($del_caps['manage_capabilities']);
207 }
208
209 if ( 'administrator' == $role_name && isset($del_caps['manage_capabilities']) ) {
210 unset($del_caps['manage_capabilities']);
211 ak_admin_error(__('You cannot remove Manage Capabilities from Administrators', $this->cm->ID));
212 }
213 // Add new capabilities to role
214 foreach ( $add_caps as $cap => $grant ) {
215 if ( $is_administrator || current_user_can($cap) )
216 $role->add_cap( $cap, $grant );
217 }
218
219 // Remove capabilities from role
220 foreach ( $del_caps as $cap => $grant) {
221 if ( $is_administrator || current_user_can($cap) )
222 $role->remove_cap($cap);
223 }
224
225 if ( is_multisite() && is_super_admin() && ( 1 == get_current_blog_id() ) ) {
226 if ( ! $autocreate_roles = get_site_option( 'cme_autocreate_roles' ) )
227 $autocreate_roles = array();
228
229 $this_role_autocreate = ! empty($_REQUEST['cme_autocreate_role']);
230
231 if ( $this_role_autocreate && ! in_array( $role_name, $autocreate_roles ) ) {
232 $autocreate_roles []= $role_name;
233 update_site_option( 'cme_autocreate_roles', $autocreate_roles );
234 }
235
236 if ( ! $this_role_autocreate && in_array( $role_name, $autocreate_roles ) ) {
237 $autocreate_roles = array_diff( $autocreate_roles, array( $role_name ) );
238 update_site_option( 'cme_autocreate_roles', $autocreate_roles );
239 }
240
241 if ( ! empty($_REQUEST['cme_net_sync_role']) ) {
242 // loop through all sites on network, creating or updating role def
243
244 global $wpdb, $wp_roles, $blog_id;
245 $blog_ids = $wpdb->get_col( "SELECT blog_id FROM $wpdb->blogs ORDER BY blog_id" );
246 $orig_blog_id = $blog_id;
247
248 $role_caption = $wp_roles->role_names[$role_name];
249
250 $new_caps = ( is_array($caps) ) ? array_map('boolval', $caps) : array();
251 $new_caps = array_merge($new_caps, ak_level2caps($level) );
252
253 $admin_role = $wp_roles->get_role('administrator');
254 $main_admin_caps = array_merge( $admin_role->capabilities, ak_level2caps(10) );
255
256 foreach ( $blog_ids as $id ) {
257 if ( 1 == $id )
258 continue;
259
260 switch_to_blog( $id );
261 $wp_roles->reinit();
262
263 if ( $blog_role = $wp_roles->get_role( $role_name ) ) {
264 $stored_role_caps = ( ! empty($blog_role->capabilities) && is_array($blog_role->capabilities) ) ? array_intersect( $blog_role->capabilities, array(true, 1) ) : array();
265
266 $old_caps = array_intersect_key( $stored_role_caps, $this->cm->capabilities);
267
268 // Find caps to add and remove
269 $add_caps = array_diff_key($new_caps, $old_caps);
270 $del_caps = array_intersect_key( array_diff_key($old_caps, $new_caps), $main_admin_caps ); // don't mess with caps that are totally unused on main site
271
272 // Add new capabilities to role
273 foreach ( $add_caps as $cap => $grant ) {
274 $blog_role->add_cap( $cap, $grant );
275 }
276
277 // Remove capabilities from role
278 foreach ( $del_caps as $cap => $grant) {
279 $blog_role->remove_cap($cap);
280 }
281
282 } else {
283 $wp_roles->add_role( $role_name, $role_caption, $new_caps );
284 }
285
286 restore_current_blog();
287 }
288
289 $wp_roles->reinit();
290 }
291 } // endif multisite installation with super admin editing a main site role
292 }
293
294
295
296 /**
297 * Deletes a role.
298 * The role comes from the $_GET['role'] var and the nonce has already been checked.
299 * Default WordPress role cannot be deleted and if trying to do it, throws an error.
300 * Users with the deleted role, are moved to the WordPress default role.
301 *
302 * @return void
303 */
304 function adminDeleteRole ()
305 {
306 global $wpdb;
307
308 check_admin_referer('delete-role_' . $_GET['role']);
309
310 $this->cm->current = $_GET['role'];
311 $default = get_option('default_role');
312 if ( $default == $this->cm->current ) {
313 ak_admin_error(sprintf(__('Cannot delete default role. You <a href="%s">have to change it first</a>.', $this->cm->ID), 'options-general.php'));
314 return;
315 }
316
317 $query = "SELECT ID FROM {$wpdb->usermeta} INNER JOIN {$wpdb->users} "
318 . "ON {$wpdb->usermeta}.user_id = {$wpdb->users}.ID "
319 . "WHERE meta_key='{$wpdb->prefix}capabilities' AND meta_value LIKE '%{$this->cm->current}%';";
320
321 $users = $wpdb->get_results($query);
322 $count = count($users);
323
324 foreach ( $users as $u ) {
325 $user = new WP_User($u->ID);
326 if ( $user->has_cap($this->cm->current) ) { // Check again the user has the deleting role
327 $user->set_role($default);
328 }
329 }
330
331 remove_role($this->cm->current);
332 unset($this->cm->roles[$this->cm->current]);
333
334 if ( $customized_roles = get_option( 'pp_customized_roles' ) ) {
335 if ( isset( $customized_roles[$this->cm->current] ) ) {
336 unset( $customized_roles[$this->cm->current] );
337 update_option( 'pp_customized_roles', $customized_roles );
338 }
339 }
340
341 ak_admin_notify(sprintf(__('Role has been deleted. %1$d users moved to default role %2$s.', $this->cm->ID), $count, $this->cm->roles[$default]));
342 $this->cm->current = $default;
343 }
344 }
345
346 if ( ! function_exists('boolval') ) {
347 function boolval( $val ) {
348 return (bool) $val;
349 }
350 }
351 ?>