PluginProbe ʕ •ᴥ•ʔ
PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus / 2.19.0
PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus v2.19.0
2.45.0 2.44.0 trunk 1.10 1.10.1 1.4.1 1.4.10 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8 1.4.9 1.5 1.5.1 1.5.10 1.5.11 1.5.2 1.5.3 1.5.4 1.5.5 1.5.7 1.5.8 1.5.9 1.6 1.6.1 1.7 1.7.1 1.7.2 1.7.3 1.7.4 1.7.5 1.8.1 1.9 1.9.10 1.9.12 1.9.2 1.9.3 1.9.4 1.9.5 1.9.6 1.9.9 2.0 2.0.2 2.0.3 2.1 2.1.1 2.10.0 2.10.1 2.10.2 2.10.3 2.11.1 2.12.1 2.12.2 2.13.0 2.14.0 2.15.0 2.16.0 2.17.0 2.18.0 2.18.2 2.19.0 2.19.1 2.19.2 2.2 2.2.1 2.20.0 2.21.0 2.22.0 2.23.0 2.3 2.3.1 2.3.2 2.3.3 2.3.4 2.3.5 2.3.6 2.30.0 2.31.0 2.32.0 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.40.0 2.41.0 2.42.0 2.43.0 2.5.0 2.5.1 2.5.2 2.6.0 2.6.1 2.7.0 2.7.1 2.8.0 2.8.1 2.9.0 2.9.1
capability-manager-enhanced / includes / admin.php
capability-manager-enhanced / includes Last commit date
admin-notices 1 year ago features 1 year ago plugin-capabilities 1 year ago redirects 1 year ago roles 1 year ago admin-load.php 1 year ago admin.php 1 year ago backup-handler.php 1 year ago backup.php 1 year ago cap-helper.php 1 year ago dashboard.php 1 year ago extractor-capabilities.php 1 year ago filters-admin.php 1 year ago filters-woocommerce.php 1 year ago filters-wp_rest_workarounds.php 1 year ago filters.php 1 year ago functions-admin.php 1 year ago functions.php 1 year ago handler.php 1 year ago inflect-cme.php 1 year ago manager.php 1 year ago network.php 1 year ago plugin-capabilities.php 1 year ago pp-handler.php 1 year ago pp-ui.php 1 year ago publishpress-roles.php 1 year ago settings-handler.php 1 year ago settings-ui.php 1 year ago settings.php 1 year ago test-user-ui.php 1 year ago test-user.php 1 year ago
admin.php
1860 lines
1 <?php
2 /**
3 * PublishPress Capabilities [Free]
4 *
5 * UI output for Capabilities screen.
6 *
7 * Provides admin pages to create and manage roles and capabilities.
8 *
9 * @author Jordi Canals, Kevin Behrens
10 * @copyright Copyright (C) 2009, 2010 Jordi Canals, (C) 2020 PublishPress
11 * @license GNU General Public License version 2
12 * @link https://publishpress.com
13 *
14 * Copyright 2009, 2010 Jordi Canals <devel@jcanals.cat>
15 * Modifications Copyright 2020, PublishPress <help@publishpress.com>
16 *
17 * This program is free software; you can redistribute it and/or
18 * modify it under the terms of the GNU General Public License
19 * version 2 as published by the Free Software Foundation.
20 *
21 * This program is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 * GNU General Public License for more details.
25 *
26 * You should have received a copy of the GNU General Public License
27 * along with this program. If not, see <http://www.gnu.org/licenses/>.
28 **/
29
30 global $capsman, $cme_cap_helper, $current_user, $sidebar_metabox_state;
31
32 do_action('publishpress-caps_manager-load');
33
34 $sidebar_metabox_state = get_user_meta($current_user->ID, 'ppc_sidebar_metabox_state', true);
35 if ($sidebar_metabox_state == '' || !is_array($sidebar_metabox_state)) {
36 $sidebar_metabox_state = [];
37 $sidebar_metabox_state['how_to_user_capabilities'] = 'opened';
38 }
39
40 if (!isset($sidebar_metabox_state['multi_site'])) {
41 $sidebar_metabox_state['multi_site'] = 'opened';
42 }
43 $roles = $this->roles;
44 $default = $this->current;
45
46 if ( $block_read_removal = _cme_is_read_removal_blocked( $this->current ) ) {
47 if ( $current = get_role($default) ) {
48 if ( empty( $current->capabilities['read'] ) ) {
49 ak_admin_error( sprintf( __( 'Warning: This role cannot access the dashboard without the read capability. %1$sClick here to fix this now%2$s.', 'capability-manager-enhanced' ), '<a href="javascript:void(0)" class="cme-fix-read-cap">', '</a>' ) );
50 }
51 }
52 }
53
54 // include extractor plugin capabilites
55 require_once (dirname(CME_FILE) . '/includes/extractor-capabilities.php');
56
57 require_once (dirname(CME_FILE) . '/includes/roles/roles-functions.php');
58
59 require_once( dirname(__FILE__).'/pp-ui.php' );
60 $pp_ui = new Capsman_PP_UI();
61
62 if( defined('PRESSPERMIT_ACTIVE') ) {
63 $pp_metagroup_caps = $pp_ui->get_metagroup_caps( $default );
64 } else {
65 $pp_metagroup_caps = array();
66 }
67
68 if (defined('PUBLISHPRESS_REVISIONS_VERSION') && function_exists('rvy_get_option')) {
69 $pp_revisions_copy = rvy_get_option("copy_posts_capability");
70 $pp_revisions_revise = rvy_get_option("revise_posts_capability");
71 } else {
72 $pp_revisions_copy = false;
73 $pp_revisions_revise = false;
74 }
75
76 $cme_negate_all_tooltip_msg = '<span class="tool-tip-text">
77 <p>'. esc_html__('negate all (storing as disabled capabilities)', 'capability-manager-enhanced') .'</p>
78 <i></i>
79 </span>';
80 $cme_negate_none_tooltip_msg = '<span class="tool-tip-text">
81 <p>'. esc_html__('negate none (add/remove all capabilities normally)', 'capability-manager-enhanced') .'</p>
82 <i></i>
83 </span>';
84 ?>
85 <div class="wrap publishpress-caps-manage pressshack-admin-wrapper">
86 <div id="icon-capsman-admin" class="icon32"></div>
87
88 <h1><?php esc_html_e('Role Capabilities', 'capability-manager-enhanced') ?></h1>
89
90 <?php
91 pp_capabilities_roles()->notify->display();
92 ?>
93
94 <script type="text/javascript">
95 /* <![CDATA[ */
96 jQuery(document).ready( function($) {
97 $('#publishpress_caps_form').attr('action', 'admin.php?page=pp-capabilities&role=' + $('select[name="role"]').val());
98
99 $('select[name="role"]').change(function(){
100 window.location = '<?php echo esc_url_raw(admin_url('admin.php?page=pp-capabilities&role=')); ?>' + $(this).val() + '';
101 });
102 });
103 /* ]]> */
104 </script>
105
106 <form id="publishpress_caps_form" method="post" action="admin.php?page=<?php echo esc_attr($this->ID);?>">
107 <?php wp_nonce_field('capsman-general-manager'); ?>
108
109 <?php
110 if (empty($_REQUEST['pp_caps_tab']) && !empty($_REQUEST['added'])) {
111 $pp_tab = 'additional';
112 } else {
113 $pp_tab = (!empty($_REQUEST['pp_caps_tab'])) ? sanitize_key($_REQUEST['pp_caps_tab']) : 'edit';
114 }
115 ?>
116
117 <input type="hidden" name="pp_caps_tab" value="<?php echo esc_attr($pp_tab);?>" />
118
119 <fieldset>
120 <table id="akmin" class="clear"><tr><td>
121 <div class="pp-columns-wrapper pp-enable-sidebar">
122 <div class="pp-column-left">
123 <div style="margin-bottom: 20px;">
124 <div class="pp-capabilities-submit-top" style="float:right">
125 <?php
126 $caption = (in_array(sanitize_key(get_locale()), ['en_EN', 'en_US'])) ? 'Save Capabilities' : __('Save Changes');
127 ?>
128 <input type="submit" name="SaveRole" value="<?php echo esc_attr($caption);?>" class="button-primary" />
129 </div>
130
131 <select name="role">
132 <?php
133 foreach ( $roles as $role_name => $name ) {
134 $role_name = sanitize_key($role_name);
135
136 if (pp_capabilities_is_editable_role($role_name)) {
137 $name = translate_user_role($name);
138 echo '<option value="' . esc_attr($role_name) .'"'; selected($default, $role_name); echo '> ' . esc_html($name) . ' &nbsp;</option>';
139 }
140 }
141 ?>
142 </select>
143 </div>
144 <?php
145 $img_url = $capsman->mod_url . '/images/';
146 ?>
147
148 <?php
149 if ( defined( 'PRESSPERMIT_ACTIVE' ) ) {
150 $pp_ui->show_capability_hints( $default );
151 }
152
153 if ( defined( 'MULTISITE' ) && MULTISITE ) {
154 global $wp_roles;
155 global $wpdb;
156
157 if ( ! empty($_REQUEST['cme_net_sync_role'] ) ) {
158 $main_site_id = (function_exists('get_main_site_id')) ? get_main_site_id() : 1;
159 switch_to_blog($main_site_id);
160 wp_cache_delete( $wpdb->prefix . 'user_roles', 'options' );
161 }
162
163 ( method_exists( $wp_roles, 'for_site' ) ) ? $wp_roles->for_site() : $wp_roles->reinit();
164 }
165 $capsman->reinstate_db_roles();
166
167 $current = get_role($default);
168
169 $rcaps = $current->capabilities;
170
171 $is_administrator = current_user_can( 'administrator' ) || (is_multisite() && is_super_admin());
172
173 $custom_types = get_post_types( array( '_builtin' => false ), 'names' );
174 $custom_tax = get_taxonomies( array( '_builtin' => false ), 'names' );
175
176 $defined = [];
177 $defined['type'] = apply_filters('cme_filterable_post_types', get_post_types(['public' => true, 'show_ui' => true], 'object', 'or'));
178
179 if (in_array(get_locale(), ['en_EN', 'en_US'])) {
180 $defined['type']['wp_navigation']->label = __('Nav Menus (Block)', 'capability-manager-enhanced');
181 } else {
182 $defined['type']['wp_navigation']->label .= ' (' . __('Block', 'capability-manager-enhanced') . ')';
183 }
184
185 $defined['taxonomy'] = apply_filters('cme_filterable_taxonomies', get_taxonomies(['public' => true, 'show_ui' => true], 'object', 'or'));
186 $defined['taxonomy']['nav_menu'] = get_taxonomy('nav_menu');
187
188 if (in_array(get_locale(), ['en_EN', 'en_US'])) {
189 $defined['taxonomy']['nav_menu']->label = __('Nav Menus (Legacy)', 'capability-manager-enhanced');
190 } else {
191 $defined['taxonomy']['nav_menu']->label .= ' (' . __('Legacy', 'capability-manager-enhanced') . ')';
192 }
193
194 // bbPress' dynamic role def requires additional code to enforce stored caps
195 $unfiltered['type'] = apply_filters('presspermit_unfiltered_post_types', ['forum','topic','reply','wp_block']);
196 $unfiltered['type'] = (defined('PP_CAPABILITIES_NO_LEGACY_FILTERS')) ? $unfiltered['type'] : apply_filters('pp_unfiltered_post_types', $unfiltered['type']);
197
198 $unfiltered['taxonomy'] = apply_filters('presspermit_unfiltered_post_types', ['post_status', 'topic-tag']); // avoid confusion with Edit Flow administrative taxonomy
199 $unfiltered['taxonomy'] = (defined('PP_CAPABILITIES_NO_LEGACY_FILTERS')) ? $unfiltered['taxonomy'] : apply_filters('pp_unfiltered_taxonomies', $unfiltered['taxonomy']);
200
201 $enabled_taxonomies = cme_get_assisted_taxonomies();
202
203 $cap_properties['edit']['type'] = array( 'edit_posts' );
204
205 foreach( $defined['type'] as $type_obj ) {
206 if ( 'attachment' != $type_obj->name ) {
207 if ( isset( $type_obj->cap->create_posts ) && ( $type_obj->cap->create_posts != $type_obj->cap->edit_posts ) ) {
208 $cap_properties['edit']['type'][]= 'create_posts';
209 break;
210 }
211 }
212 }
213
214 $cap_properties['edit']['type'][]= 'edit_others_posts';
215 $cap_properties['edit']['type'] = array_merge( $cap_properties['edit']['type'], array( 'publish_posts', 'edit_published_posts', 'edit_private_posts' ) );
216
217 $cap_properties['delete']['type'] = array( 'delete_posts', 'delete_others_posts' );
218 $cap_properties['delete']['type'] = array_merge( $cap_properties['delete']['type'], array( 'delete_published_posts', 'delete_private_posts' ) );
219
220 if (defined('PRESSPERMIT_VERSION') && defined('PRESSPERMIT_COLLAB_VERSION')) {
221 $cap_properties['list']['type'] = ['list_posts', 'list_others_posts', 'list_published_posts', 'list_private_posts'];
222 }
223
224 if ($pp_revisions_copy) {
225 $cap_properties['copy']['type'] = ['copy_posts', 'copy_others_posts', 'copy_published_posts', 'copy_private_posts'];
226 }
227
228 if ($pp_revisions_revise) {
229 $cap_properties['revise']['type'] = ['revise_posts', 'revise_others_posts', 'revise_published_posts', 'revise_private_posts'];
230 }
231
232 $cap_properties['read']['type'] = array( 'read_private_posts' );
233
234 $cap_properties['taxonomies']['taxonomy'] = array( 'manage_terms', 'edit_terms', 'assign_terms', 'delete_terms' );
235
236 $stati = get_post_stati( array( 'internal' => false ) );
237
238 $cap_type_names = array(
239 '' => __( '&nbsp;', 'capability-manager-enhanced' ),
240 'read' => __( 'Private', 'capability-manager-enhanced' ),
241 'edit' => __( 'Editing', 'capability-manager-enhanced' ),
242 'delete' => __( 'Deletion', 'capability-manager-enhanced' ),
243 'taxonomies' => __( 'Taxonomies', 'capability-manager-enhanced' ),
244 );
245
246 if (defined('PRESSPERMIT_VERSION') && defined('PRESSPERMIT_COLLAB_VERSION')) {
247 $cap_type_names['list'] = __('Listing', 'capability-manager-enhanced');
248 }
249
250 if ($pp_revisions_copy) {
251 $cap_type_names['copy'] = __('Copy', 'capability-manager-enhanced');
252 }
253
254 if ($pp_revisions_revise) {
255 $cap_type_names['revise'] = __('Revise', 'capability-manager-enhanced');
256 }
257
258 $cap_tips = array(
259 'read_private' => esc_attr__( 'Can read posts which are currently published with private visibility.', 'capability-manager-enhanced' ),
260 'edit' => esc_attr__( 'Has basic editing capability (but may need other capabilities based on post status and ownership).', 'capability-manager-enhanced' ),
261 'edit_others' => esc_attr__( 'Can edit posts which were created by other users.', 'capability-manager-enhanced' ),
262 'edit_published' => esc_attr__( 'Can edit posts which are currently published.', 'capability-manager-enhanced' ),
263 'edit_private' => esc_attr__( 'Can edit posts which are currently published with private visibility.', 'capability-manager-enhanced' ),
264 'publish' => esc_attr__( 'Can make a post publicly visible.', 'capability-manager-enhanced' ),
265 'delete' => esc_attr__( 'Has basic deletion capability (but may need other capabilities based on post status and ownership).', 'capability-manager-enhanced' ),
266 'delete_others' => esc_attr__( 'Can delete posts which were created by other users.', 'capability-manager-enhanced' ),
267 'delete_published' => esc_attr__( 'Can delete posts which are currently published.', 'capability-manager-enhanced' ),
268 'delete_private' => esc_attr__( 'Can delete posts which are currently published with private visibility.', 'capability-manager-enhanced' ),
269 );
270
271 $default_caps = array( 'read_private_posts', 'edit_posts', 'edit_others_posts', 'edit_published_posts', 'edit_private_posts', 'publish_posts', 'delete_posts', 'delete_others_posts', 'delete_published_posts', 'delete_private_posts',
272 'read_private_pages', 'edit_pages', 'edit_others_pages', 'edit_published_pages', 'edit_private_pages', 'publish_pages', 'delete_pages', 'delete_others_pages', 'delete_published_pages', 'delete_private_pages',
273 'manage_categories'
274 );
275
276 if (defined('PRESSPERMIT_PRO_FILE') && defined('PRESSPERMIT_COLLAB_VERSION')) {
277 $default_caps = array_merge($default_caps, ['list_posts', 'list_others_posts', 'list_published_posts', 'list_private_posts', 'list_pages', 'list_others_pages', 'list_published_pages', 'list_private_pages']);
278 }
279
280 if ($pp_revisions_copy) {
281 $default_caps = array_merge($default_caps, ['copy_posts', 'copy_others_posts', 'copy_pages', 'copy_others_pages']);
282 }
283
284 if ($pp_revisions_revise) {
285 $default_caps = array_merge($default_caps, ['revise_posts', 'revise_others_posts', 'revise_pages', 'revise_others_pages']);
286 }
287
288 $type_caps = array();
289 $type_metacaps = array();
290
291 // Role Scoper and PP1 adjust attachment access based only on user's capabilities for the parent post
292 if ( defined('OLD_PRESSPERMIT_ACTIVE') ) {
293 unset( $defined['type']['attachment'] );
294 }
295 ?>
296
297 <script type="text/javascript">
298 /* <![CDATA[ */
299 jQuery(document).ready( function($) {
300 if ($('.ppc-capabilities-tabs li.ppc-capabilities-tab-active').hasClass('ppc-full-width')) {
301 $('.capabilities-sidebar').hide();
302 $('#ppc-capabilities-wrapper .ppc-capabilities-content').css('grid-template-columns', '1fr');
303 }
304
305 // Tabs and Content display
306 $('.ppc-capabilities-tabs > ul > li').click( function() {
307 var $pp_tab = $(this).attr('data-content');
308 var data_slug = $(this).attr('data-slug');
309
310 $("[name='pp_caps_tab']").val(data_slug);
311
312 // Show current Content
313 $('.ppc-capabilities-content > div').not('.capabilities-sidebar').hide();
314 $('#' + $pp_tab).show();
315
316 var post_ops = ['read', 'edit', 'delete', 'list'];
317 $('.capabilities-sidebar .ppc-post-types').toggle(post_ops.indexOf(data_slug,) != -1);
318
319 $('.capabilities-sidebar .ppc-taxonomies').toggle(data_slug == 'taxonomies');
320 $('.capabilities-sidebar .ppc-detailed-taxonomies').toggle(data_slug == 'taxonomies');
321
322 if ($(this).hasClass('ppc-full-width')) {
323 $('.capabilities-sidebar').hide();
324 $('#ppc-capabilities-wrapper .ppc-capabilities-content').css('grid-template-columns', '1fr');
325 } else {
326 $('.capabilities-sidebar').show();
327
328 if ($(window).width() > 1199) {
329 $('#ppc-capabilities-wrapper .ppc-capabilities-content').css('grid-template-columns', '1fr 200px 70px');
330 }
331 }
332
333 $('#' + $pp_tab + '-taxonomy').show();
334
335 // Active current Tab
336 $('.ppc-capabilities-tabs > ul > li').removeClass('ppc-capabilities-tab-active');
337 $(this).addClass('ppc-capabilities-tab-active');
338
339 // Scroll to content area (for responsive display)
340 if ($(window).width() <= 1199) {
341 $([document.documentElement, document.body]).animate({
342 scrollTop: $("#capabilities_content").offset().top - 20
343 }, 500);
344 }
345 });
346 });
347 /* ]]> */
348 </script>
349
350 <div id="ppc-capabilities-wrapper" class="postbox">
351 <div class="ppc-capabilities-tabs">
352 <ul>
353 <?php
354 $full_width_tabs = apply_filters('pp_capabilities_full_width_tabs', []);
355
356 if (empty($_REQUEST['pp_caps_tab']) && !empty($_REQUEST['added'])) {
357 $active_tab_slug = 'additional';
358 } else {
359 $active_tab_slug = (!empty($_REQUEST['pp_caps_tab'])) ? sanitize_key($_REQUEST['pp_caps_tab']) : 'edit';
360 }
361
362 $active_tab_id = "cme-cap-type-tables-{$active_tab_slug}";
363
364 $ppc_tab_active = 'ppc-capabilities-tab-active';
365
366 // caps: edit, delete, read
367 foreach( array_keys($cap_properties) as $cap_type ) {
368 $tab_id = "cme-cap-type-tables-$cap_type";
369 $classes = [];
370
371 if ($tab_id == $active_tab_id) {
372 $classes []= $ppc_tab_active;
373 }
374
375 if (!empty($full_width_tabs[$cap_type])) {
376 $classes []= 'ppc-full-width';
377 }
378
379 $class = implode(' ', $classes);
380
381 echo '<li data-slug="'. esc_attr($cap_type) . '"' . ' data-content="cme-cap-type-tables-' . esc_attr($cap_type) . '" class="' . esc_attr($class) . '">'
382 . esc_html($cap_type_names[$cap_type]) .
383 '</li>';
384 }
385
386 if ($extra_tabs = apply_filters('pp_capabilities_extra_post_capability_tabs', [])) {
387 foreach($extra_tabs as $tab_slug => $tab_caption) {
388 $tab_slug = esc_attr($tab_slug);
389
390 $tab_id = "cme-cap-type-tables-{$tab_slug}";
391
392 $classes = [];
393
394 if ($tab_id == $active_tab_id) {
395 $classes []= $ppc_tab_active;
396 }
397
398 if (!empty($full_width_tabs[$tab_slug])) {
399 $classes []= 'ppc-full-width';
400 }
401
402 $class = implode(' ', $classes);
403
404 echo '<li data-slug="' . esc_attr($tab_slug) . '"' . ' data-content="' . esc_attr($tab_id) . '" class="' . esc_attr($class) . '">'
405 . esc_html($tab_caption) .
406 '</li>';
407 }
408 }
409
410 //grouped capabilities
411 $grouped_caps = [];
412 $grouped_caps_lists = [];
413
414 //add media related caps
415 $grouped_caps['Media'] = [
416 'edit_files',
417 'upload_files',
418 'unfiltered_upload',
419 ];
420 $grouped_caps_lists = array_merge($grouped_caps_lists, $grouped_caps['Media']);
421
422 //add comments related caps
423 $grouped_caps['Comments'] = [
424 'moderate_comments'
425 ];
426 if (isset($rcaps['edit_comment'])) {
427 $type_metacaps['edit_comment'] = 1;
428 }
429 $grouped_caps_lists = array_merge($grouped_caps_lists, $grouped_caps['Comments']);
430
431 //add users related caps
432 $grouped_caps['Users'] = [
433 'create_users',
434 'delete_users',
435 'edit_users',
436 'list_users',
437 'promote_users',
438 'remove_users',
439 ];
440 $grouped_caps_lists = array_merge($grouped_caps_lists, $grouped_caps['Users']);
441
442 //add admin options related caps
443 $grouped_caps['Admin'] = [
444 'manage_options',
445 'edit_dashboard',
446 'export',
447 'import',
448 'read',
449 'update_core',
450 'unfiltered_html',
451 ];
452 $grouped_caps_lists = array_merge($grouped_caps_lists, $grouped_caps['Admin']);
453
454 //add themes related caps
455 $grouped_caps['Themes'] = [
456 'delete_themes',
457 'edit_themes',
458 'install_themes',
459 'switch_themes',
460 'update_themes',
461 'edit_theme_options',
462 'manage_links',
463 ];
464 $grouped_caps_lists = array_merge($grouped_caps_lists, $grouped_caps['Themes']);
465
466 //add plugin related caps
467 $grouped_caps['Plugins'] = [
468 'activate_plugins',
469 'delete_plugins',
470 'edit_plugins',
471 'install_plugins',
472 'update_plugins',
473 ];
474 $grouped_caps_lists = array_merge($grouped_caps_lists, $grouped_caps['Plugins']);
475
476 if (is_multisite()) {
477 //add multisite caps
478 $grouped_caps['Multisite'] = [
479 'create_sites',
480 'delete_sites',
481 'manage_network',
482 'manage_sites',
483 'manage_network_users',
484 'manage_network_plugins',
485 'manage_network_themes',
486 'manage_network_options',
487 'upgrade_network',
488 'setup_network',
489 ];
490 $grouped_caps_lists = array_merge($grouped_caps_lists, $grouped_caps['Multisite']);
491 }
492
493 $grouped_caps = apply_filters('cme_grouped_capabilities', $grouped_caps);
494
495 foreach($grouped_caps as $grouped_title => $__grouped_caps) {
496 $tab_slug = pp_capabilities_convert_to_slug(sanitize_title($grouped_title));
497 switch ($grouped_title) {
498 case 'Comments' :
499 $grouped_title = __('Comments');
500 break;
501
502 case 'Media' :
503 $grouped_title = __('Media');
504 break;
505
506 case 'Users' :
507 $grouped_title = __('Users');
508 break;
509
510 case 'Themes' :
511 $grouped_title = __('Themes');
512 break;
513
514 case 'Plugins' :
515 $grouped_title = __('Plugins');
516 break;
517
518 case 'Multisite' :
519 $grouped_title = esc_html__('Multisite', 'capability-manager-enhanced');
520 break;
521
522 case 'Admin' :
523 $grouped_title = esc_html__('Admin', 'capability-manager-enhanced');
524 break;
525
526 default:
527 $grouped_title = esc_html($grouped_title);
528 }
529
530 $tab_id = 'cme-cap-type-tables-' . $tab_slug;
531 $tab_active = ($tab_id == $active_tab_id) ? $ppc_tab_active : '';
532
533 echo '<li data-slug="' . esc_attr($tab_slug) . '" data-content="' . esc_attr($tab_id) . '" class="' . esc_attr($tab_active) . '">'
534 . esc_html(str_replace('_', ' ', $grouped_title)) .
535 '</li>';
536 }
537
538 // caps: plugins
539 $plugin_caps = apply_filters('cme_plugin_capabilities', []);
540
541 foreach($plugin_caps as $plugin_title => $__plugin_caps) {
542 $plugin_title = esc_html($plugin_title);
543
544 $tab_slug = pp_capabilities_convert_to_slug(sanitize_title($plugin_title));
545 $tab_id = 'cme-cap-type-tables-' . $tab_slug;
546 $tab_name = esc_html(str_replace('_', ' ', $plugin_title));
547 // support extractor staging label
548 $tab_name = str_replace('(CAPABILITYEXTRACTOR)', '<span class="capability-extractor-label">CE</span>', $tab_name);
549 $tab_active = ($tab_id == $active_tab_id) ? $ppc_tab_active : '';
550
551 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
552 echo '<li data-slug="' . esc_attr($tab_slug) . '" data-content="' . esc_attr($tab_id) . '" class="' . esc_attr($tab_active) . '">'
553 . $tab_name .
554 '</li>';
555 }
556
557 $tab_id = "cme-cap-type-tables-invalid";
558 $tab_active = ($tab_id == $active_tab_id) ? $ppc_tab_active : '';
559 $tab_caption = esc_html__( 'Invalid Capabilities', 'capability-manager-enhanced' );
560 echo '<li id="cme_tab_invalid_caps" data-slug="invalid" data-content="' . esc_attr($tab_id) . '" class="' . esc_attr($tab_active) . '" style="display:none;">' . esc_html($tab_caption) . '</li>';
561
562 $tab_id = "cme-cap-type-tables-additional";
563 $tab_active = ($tab_id == $active_tab_id) ? $ppc_tab_active : '';
564 $tab_caption = esc_html__( 'Additional', 'capability-manager-enhanced' );
565 echo '<li data-slug="additional" data-content="' . esc_attr($tab_id) . '" class="' . esc_attr($tab_active) . '">' . esc_html($tab_caption) . '</li>';
566 ?>
567 </ul>
568 </div>
569
570 <div id="capabilities_content" class="ppc-capabilities-content">
571 <?php
572 // caps: read, edit, deletion
573 foreach( array_keys($cap_properties) as $cap_type ) {
574
575 foreach( array_keys($defined) as $item_type ) {
576
577
578 if (!isset($cap_properties[$cap_type][$item_type])) {
579 continue;
580 }
581 if ( ! count( $cap_properties[$cap_type][$item_type] ) )
582 continue;
583
584 $tab_id = "cme-cap-type-tables-" . pp_capabilities_convert_to_slug($cap_type);
585 $div_display = ($tab_id == $active_tab_id) ? 'block' : 'none';
586
587 $any_caps = false;
588
589 if ($item_type == 'taxonomy') {
590 $tab_id .= '-taxonomy';
591
592 ob_start();
593 }
594
595 echo "<div id='" . esc_attr($tab_id) . "' style='display:" . esc_attr($div_display) . ";'>";
596
597 $caption_pattern = ('taxonomy' == $item_type) ? esc_html__('Term %s Capabilities', 'capability-manager-enhanced') : esc_html__('Post %s Capabilities', 'capability-manager-enhanced');
598
599 echo '<h3>' . sprintf($caption_pattern, esc_html($cap_type_names[$cap_type])) . '</h3>';
600
601 echo '<div class="ppc-filter-wrapper">';
602 echo '<select class="ppc-filter-select">';
603 $filter_caption = ('taxonomy' == $item_type) ? __('Filter by taxonomy', 'capability-manager-enhanced') : __('Filter by post type', 'capability-manager-enhanced');
604 echo '<option value="">' . esc_html($filter_caption) . '</option>';
605 echo '</select>';
606 echo ' <button class="button secondary-button ppc-filter-select-reset" type="button">' . esc_html__('Clear') . '</button>';
607 echo '</div>';
608
609 echo "<table class='widefat striped cme-typecaps cme-typecaps-basic cme-typecaps-" . esc_attr($cap_type) . "'>";
610
611 echo '<thead><tr><th class="pp-header-checkall">';
612 echo '<input type="checkbox" name="pp_toggle_all" class="excluded-input" autocomplete="off"> &nbsp;';
613 echo '</th>';
614
615 // label cap properties
616 foreach( $cap_properties[$cap_type][$item_type] as $prop ) {
617 $prop = str_replace( '_posts', '', $prop );
618 $prop = str_replace( '_pages', '', $prop );
619 $prop = str_replace( '_terms', '', $prop );
620
621 if (in_array($prop, ['copy_published', 'copy_private', 'revise_published', 'revise_private'])) {
622 echo "<th></th>";
623 continue;
624 }
625
626 $th_class = ( 'taxonomy' == $item_type ) ? 'term-cap' : 'post-cap';
627
628 $tip_text = '';
629 if ( isset( $cap_tips[$prop] ) ) {
630 $th_class .= ' ppc-tool-tip';
631 $tip_text = '<div class="tool-tip-text">
632 <p>'. $cap_tips[$prop] .'</p>
633 <i></i>
634 </div>';
635 }
636
637 echo "<th style='text-align:center;' class='" . esc_attr($th_class) . "'>" . $tip_text;
638
639 if ( ( 'delete' != $prop ) || ( 'taxonomy' != $item_type ) || cme_get_detailed_taxonomies() ) {
640 echo str_replace('_', '<br />', esc_html(ucwords($prop)));
641 }
642
643 echo '</th>';
644 }
645
646 echo '</tr></thead>';
647 $attachement_cap_position = 0;
648 foreach( $defined[$item_type] as $key => $type_obj ) {
649 if ( in_array( $key, $unfiltered[$item_type] ) )
650 continue;
651
652 if (in_array($cap_type, ['copy', 'revise'])) {
653 global $revisionary;
654
655 if (!empty($revisionary) && !empty($revisionary->enabled_post_types) && empty($revisionary->enabled_post_types[$key])) {
656 continue;
657 }
658 }
659
660 $row = "<tr class='cme_type_" . esc_attr($key) . "'>";
661
662 if ( $cap_type ) {
663
664 if (empty($force_distinct_ui) && empty($cap_properties[$cap_type][$item_type])) {
665 continue;
666 }
667
668 if (defined('PRESSPERMIT_VERSION') || defined('PRESSPERMIT_PRO_VERSION')) {
669 //add list capabilities
670 if (isset($type_obj->cap->edit_posts) && !isset($type_obj->cap->list_posts)) {
671 $type_obj->cap->list_posts = str_replace('edit_', 'list_', $type_obj->cap->edit_posts);
672 }
673 if (isset($type_obj->cap->edit_others_posts) && !isset($type_obj->cap->list_others_posts)) {
674 $type_obj->cap->list_others_posts = str_replace('edit_', 'list_', $type_obj->cap->edit_others_posts);
675 }
676 if (isset($type_obj->cap->edit_published_posts) && !isset($type_obj->cap->list_published_posts)) {
677 $type_obj->cap->list_published_posts = str_replace('edit_', 'list_', $type_obj->cap->edit_published_posts);
678 }
679 if (isset($type_obj->cap->edit_private_posts) && !isset($type_obj->cap->list_private_posts)) {
680 $type_obj->cap->list_private_posts = str_replace('edit_', 'list_', $type_obj->cap->edit_private_posts);
681 }
682 }
683
684 if ($pp_revisions_copy) {
685 //add copy capabilities
686 if (isset($type_obj->cap->edit_posts) && !isset($type_obj->cap->copy_posts)) {
687 $type_obj->cap->copy_posts = str_replace('edit_', 'copy_', $type_obj->cap->edit_posts);
688 }
689 if (isset($type_obj->cap->edit_others_posts) && !isset($type_obj->cap->copy_others_posts)) {
690 $type_obj->cap->copy_others_posts = str_replace('edit_', 'copy_', $type_obj->cap->edit_others_posts);
691 }
692 }
693
694 if ($pp_revisions_revise) {
695 //add revise capabilities
696 if (isset($type_obj->cap->edit_posts) && !isset($type_obj->cap->revise_posts)) {
697 $type_obj->cap->revise_posts = str_replace('edit_', 'revise_', $type_obj->cap->edit_posts);
698 }
699 if (isset($type_obj->cap->edit_others_posts) && !isset($type_obj->cap->revise_others_posts)) {
700 $type_obj->cap->revise_others_posts = str_replace('edit_', 'revise_', $type_obj->cap->edit_others_posts);
701 }
702 }
703
704 if ('wp_navigation' == $type_obj->name) {
705 $type_label = __('Nav Menus (Block)', 'capability-manager-enhanced');
706 } elseif ('nav_menu' == $type_obj->name) {
707 $type_label = __('Nav Menus (Legacy)', 'capability-manager-enhanced');
708 } else {
709 $type_label = (defined('CME_LEGACY_MENU_NAME_LABEL') && !empty($type_obj->labels->menu_name)) ? $type_obj->labels->menu_name : $type_obj->labels->name;
710 }
711
712 if (!empty($type_obj->name)) {
713 if ('taxonomy' == $item_type) {
714 $type_tooltip = sprintf(__( 'The slug for this taxonomy is %s', 'capability-manager-enhanced' ), '<strong>' . esc_html($type_obj->name) . '</strong>' );
715 } else {
716 $type_tooltip = sprintf(__( 'The slug for this post type is %s', 'capability-manager-enhanced' ), '<strong>' . esc_html($type_obj->name) . '</strong>' );
717 }
718 $type_tooltip_class = 'ppc-tool-tip disabled';
719 $type_tooltip_msg = '<span class="tool-tip-text">
720 <p>'. $type_tooltip .'</p>
721 <i></i>
722 </span>';
723 } else {
724 $type_tooltip_class = '';
725 $type_tooltip_msg = '';
726 }
727
728 $row .= "<td>";
729 $row .= '<input type="checkbox" class="pp-row-action-rotate excluded-input"> &nbsp;';
730 $row .= "<span class='{$type_tooltip_class}'><a class='cap_type' href='#toggle_type_caps'>" . esc_html($type_label) . '</a> '. $type_tooltip_msg .'</span>';
731 $row .= '<a style="display: none;" href="#" class="neg-type-caps">&nbsp;x&nbsp;</a>';
732 $row .= '</td>';
733
734 $display_row = ! empty($force_distinct_ui);
735 $col_count = 0;
736
737 foreach( $cap_properties[$cap_type][$item_type] as $prop ) {
738 $td_classes = array();
739 $checkbox = '';
740 $cap_title = '';
741 $disabled_cap = false;
742
743 if ($type_obj->name === 'attachment') {
744 $attachement_cap_position++;
745 }
746
747 if ( ! empty($type_obj->cap->$prop) && ( in_array( $type_obj->name, array( 'post', 'page' ) )
748 || ! in_array( $type_obj->cap->$prop, $default_caps )
749 || ( ( 'manage_categories' == $type_obj->cap->$prop ) && ( 'manage_terms' == $prop ) && ( 'category' == $type_obj->name ) ) ) ) {
750
751 // if edit_published or edit_private cap is same as edit_posts cap, don't display a checkbox for it
752 if ( ( ! in_array( $prop, array( 'edit_published_posts', 'edit_private_posts', 'create_posts' ) ) || ( $type_obj->cap->$prop != $type_obj->cap->edit_posts ) )
753 && ( ! in_array( $prop, array( 'delete_published_posts', 'delete_private_posts' ) ) || ( $type_obj->cap->$prop != $type_obj->cap->delete_posts ) )
754 && ( ! in_array( $prop, array( 'edit_terms', 'delete_terms' ) ) || ( $type_obj->cap->$prop != $type_obj->cap->manage_terms ) )
755
756 && ( ! in_array( $prop, array( 'manage_terms', 'edit_terms', 'delete_terms', 'assign_terms' ) )
757 || empty($cme_cap_helper->all_taxonomy_caps[$type_obj->cap->$prop])
758 || ( $cme_cap_helper->all_taxonomy_caps[ $type_obj->cap->$prop ] <= 1 )
759 || $type_obj->cap->$prop == str_replace( '_terms', "_{$type_obj->name}s", $prop )
760 || $type_obj->cap->$prop == str_replace( '_terms', "_" . _cme_get_plural($type_obj->name, $type_obj), $prop )
761 )
762
763 && ( in_array( $prop, array( 'manage_terms', 'edit_terms', 'delete_terms', 'assign_terms' ) )
764 || empty($cme_cap_helper->all_type_caps[$type_obj->cap->$prop])
765 || ( $cme_cap_helper->all_type_caps[ $type_obj->cap->$prop ] <= 1 )
766 || $type_obj->cap->$prop == 'upload_files' && 'create_posts' == $prop && 'attachment' == $type_obj->name
767 || $type_obj->cap->$prop == str_replace( '_posts', "_{$type_obj->name}s", $prop )
768 || $type_obj->cap->$prop == str_replace( '_pages', "_{$type_obj->name}s", $prop )
769 || $type_obj->cap->$prop == str_replace( '_posts', "_" . _cme_get_plural($type_obj->name, $type_obj), $prop )
770 || $type_obj->cap->$prop == str_replace( '_pages', "_" . _cme_get_plural($type_obj->name, $type_obj), $prop )
771 )
772 && (!in_array($type_obj->cap->$prop, $grouped_caps_lists)) //capability not enforced in $grouped_caps_lists
773 && (('manage_post_tags' != $type_obj->cap->$prop) || (defined('PRESSPERMIT_ACTIVE') && in_array( $type_obj->name, cme_get_assisted_taxonomies())))
774 ) {
775 // only present these term caps up top if we are ensuring that they get enforced separately from manage_terms
776 if ( in_array( $prop, array( 'edit_terms', 'delete_terms', 'assign_terms' ) ) && ( ! in_array( $type_obj->name, cme_get_detailed_taxonomies() ) || defined( 'OLD_PRESSPERMIT_ACTIVE' ) ) ) {
777 continue;
778 }
779
780 $cap_name = sanitize_text_field($type_obj->cap->$prop);
781
782 if ( 'taxonomy' == $item_type )
783 $td_classes []= "term-cap";
784 else
785 $td_classes []= "post-cap";
786
787 if ( $is_administrator || current_user_can($cap_name) ) {
788 $chk_classes = [];
789
790 $cap_title = '';
791 if (! empty($pp_metagroup_caps[$cap_name]) ) {
792 $tool_tip = sprintf(__( '%s: assigned by Permission Group', 'capability-manager-enhanced' ), '<strong>' . $cap_name . '</strong>' );
793 $chk_classes []= 'cm-has-via-pp';
794 } else {
795 $tool_tip = sprintf(__( 'This capability is %s', 'capability-manager-enhanced' ), '<strong>' . $cap_name . '</strong>' );
796 }
797
798 $chk_class = ( $chk_classes ) ? ' class="' . implode(' ', $chk_classes) . '"' : '';
799
800 $checkbox = '<div class="ppc-tool-tip disabled"><input type="checkbox"' . $chk_class . ' name="caps[' . esc_attr($cap_name) . ']" autocomplete="off" value="1" ' . checked(1, ! empty($rcaps[$cap_name]), false ) . ' />
801 <div class="tool-tip-text">
802 <p>'. $tool_tip .'</p>
803 <i></i>
804 </div>
805 </div>';
806
807 $type_caps [$cap_name] = true;
808 $display_row = true;
809 $any_caps = true;
810 $disabled_cap = false;
811 }
812 } else {
813
814 // only present these term caps up top if we are ensuring that they get enforced separately from manage_terms
815 if ( in_array( $prop, array( 'edit_terms', 'delete_terms', 'assign_terms' ) ) && ( ! in_array( $type_obj->name, cme_get_detailed_taxonomies() ) || defined( 'OLD_PRESSPERMIT_ACTIVE' ) ) ) {
816 continue;
817 }
818
819 if ($type_obj->cap->$prop === 'manage_post_tags') {
820 $type_obj->cap->$prop = 'manage_categories';
821 }
822
823 $disabled_cap = true;
824 $display_row = true;
825 $cap_name = sanitize_text_field($type_obj->cap->$prop);
826 $cap_title = '';
827
828 if (($cap_name === 'manage_categories') && !defined('PRESSPERMIT_ACTIVE')) {
829 $tool_tip = sprintf(__( 'This capability is controlled by %s', 'capability-manager-enhanced' ), '<strong>manage_categories</strong>' );
830
831 } else {
832 $tool_tip = sprintf(__('This capability is controlled by %s Use the sidebar settings to allow this to be controlled independently.', 'capability-manager-enhanced'), '<strong>' . $cap_name . '</strong>.<br /><br />');
833 }
834
835 $checkbox = '<div class="ppc-tool-tip disabled"><input disabled class="disabled" type="checkbox" ' . checked(1, ! empty($rcaps[$cap_name]), false ) . ' />
836 <div class="tool-tip-text">
837 <p>'. $tool_tip .'</p>
838 <i></i>
839 </div>
840 </div>';
841 }
842
843 if ( isset($rcaps[$cap_name]) && empty($rcaps[$cap_name]) ) {
844 $td_classes []= "cap-neg";
845 }
846 } else {
847 if ($type_obj->name === 'attachment') {
848 if ($attachement_cap_position === 1 || $attachement_cap_position === 3) {
849 $tool_tip =__('Use the sidebar settings to allow this to be controlled independently.', 'capability-manager-enhanced');
850 } else {
851 $tool_tip =__('This capability is not available for this post type.', 'capability-manager-enhanced');
852 }
853
854 } else {
855 $tool_tip =__('This capability is not available for this post type.', 'capability-manager-enhanced');
856 }
857 $checkbox = '<div class="ppc-tool-tip disabled">&nbsp; &nbsp; &nbsp; &nbsp;
858 <div class="tool-tip-text">
859 <p>'. $tool_tip .'</p>
860 <i></i>
861 </div>
862 </div>';
863 $td_classes []= "cap-unreg";
864 }
865
866 $td_classes[] = 'capability-checkbox-rotate';
867 $td_classes[] = $cap_name;
868
869 $td_class = ( $td_classes ) ? implode(' ', $td_classes) : '';
870
871 $row .= '<td class="' . esc_attr($td_class) . '" title="' . esc_attr($cap_title) . '"' . "><span class='ppc-tool-tip disabled cap-x'>X</span>$checkbox";
872
873 if ( !$disabled_cap && false !== strpos( $td_class, 'cap-neg' ) )
874 $row .= '<input type="hidden" class="cme-negation-input" name="caps[' . esc_attr($cap_name) . ']" value="" />';
875
876 $row .= "</td>";
877
878 $col_count++;
879 }
880
881 if ('taxonomy' == $item_type) {
882 for ($i = $col_count; $i < 4; $i++) {
883 $row .= "<td></td>";
884 }
885 }
886
887 if (!empty($type_obj->map_meta_cap) && !defined('PP_CAPABILITIES_NO_INVALID_SECTION')) {
888 if ('type' == $item_type) {
889 if (!in_array($type_obj->cap->read_post, $grouped_caps_lists)
890 && !in_array($type_obj->cap->edit_post, $grouped_caps_lists)
891 && !in_array($type_obj->cap->delete_post, $grouped_caps_lists)
892 ) {
893 $type_metacaps[$type_obj->cap->read_post] = true;
894 $type_metacaps[$type_obj->cap->edit_post] = isset($type_obj->cap->edit_posts) && ($type_obj->cap->edit_post != $type_obj->cap->edit_posts);
895 $type_metacaps[$type_obj->cap->delete_post] = isset($type_obj->cap->delete_posts) && ($type_obj->cap->delete_post != $type_obj->cap->delete_posts);
896 }
897 } elseif ('taxonomy' == $item_type && !empty($type_obj->cap->edit_term) && !empty($type_obj->cap->delete_term)) {
898 if (!in_array($type_obj->cap->edit_term, $grouped_caps_lists)
899 && !in_array($type_obj->cap->delete_term, $grouped_caps_lists)
900 ) {
901 $type_metacaps[$type_obj->cap->edit_term] = true;
902 $type_metacaps[$type_obj->cap->delete_term] = true;
903 }
904 }
905 }
906 }
907
908 if ( $display_row ) {
909 $row .= '</tr>';
910
911 // Escaped piecemeal upstream; cannot be late-escaped until upstream UI output logic is reworked
912 echo $row;
913 }
914 }
915
916 echo '</table>';
917
918 if ($cap_type === 'list' && defined('PRESSPERMIT_VERSION') && defined('PRESSPERMIT_COLLAB_VERSION')) {
919 echo '<p class="pp-subtext"> '. esc_html__('Admin listing access is normally provided by the "Edit" capabilities. These "List" capabilities only apply if the corresponding "Edit" capability is missing. Also, these "List" capabilities can grant access, but not deny access.', 'capability-manager-enhanced') .' </p>';
920 }
921
922 do_action('publishpress-caps_manager_postcaps_table', $cap_type, $item_type, compact('current', 'rcaps', 'pp_metagroup_caps', 'is_administrator', 'default_caps', 'custom_types', 'defined', 'unfiltered', 'pp_metagroup_caps', 'active_tab_id'));
923
924 echo '</div>';
925
926 if ($item_type == 'taxonomy') {
927 if ($any_caps) {
928 ob_flush();
929 } else {
930 ob_clean();
931 }
932 }
933
934 } // end foreach item type
935 }
936
937 if (empty($caps_manager_postcaps_section)) {
938 $caps_manager_postcaps_section = '';
939 }
940
941 do_action('publishpress-caps_manager_postcaps_section', compact('current', 'rcaps', 'pp_metagroup_caps', 'is_administrator', 'default_caps', 'custom_types', 'defined', 'unfiltered', 'pp_metagroup_caps','caps_manager_postcaps_section', 'active_tab_id'));
942
943 $type_caps = apply_filters('publishpress_caps_manager_typecaps', $type_caps);
944
945 // clicking on post type name toggles corresponding checkbox selections
946
947 // caps: grouped
948 $grouped_caps = apply_filters('cme_grouped_capabilities', $grouped_caps);
949
950 foreach($grouped_caps as $grouped_title => $__grouped_caps) {
951
952 $tab_id = 'cme-cap-type-tables-' . esc_attr(pp_capabilities_convert_to_slug($grouped_title));
953
954 switch ($grouped_title) {
955 case 'Comments' :
956 $grouped_title = __('Comments');
957 break;
958
959 case 'Media' :
960 $grouped_title = __('Media');
961 break;
962
963 case 'Users' :
964 $grouped_title = __('Users');
965 break;
966
967 case 'Themes' :
968 $grouped_title = __('Themes');
969 break;
970
971 case 'Plugins' :
972 $grouped_title = __('Plugins');
973 break;
974
975 case 'Multisite' :
976 $grouped_title = esc_html__('Multisite', 'capability-manager-enhanced');
977 break;
978
979 case 'Admin' :
980 $grouped_title = esc_html__('Admin', 'capability-manager-enhanced');
981 break;
982
983 default:
984 $grouped_title = esc_html($grouped_title);
985 }
986
987 $_grouped_caps = array_fill_keys($__grouped_caps, true);
988
989 $div_display = ($tab_id == $active_tab_id) ? 'block' : 'none';
990
991 echo '<div id="' . esc_attr($tab_id) . '" style="display:' . esc_attr($div_display) . '">';
992
993 echo '<h3 class="cme-cap-section">' . esc_html(str_replace('_', ' ', $grouped_title)) . '</h3>';
994
995 echo '<div class="ppc-filter-wrapper">';
996 echo '<input type="text" class="regular-text ppc-filter-text" placeholder="' . esc_attr__('Filter by capability', 'capability-manager-enhanced') . '">';
997 echo ' <button class="button secondary-button ppc-filter-text-reset" type="button">' . esc_html__('Clear') . '</button>';
998 echo '</div>';
999 echo '<div class="ppc-filter-no-results" style="display:none;">' . esc_html__( 'No results found. Please try again with a different word.', 'capability-manager-enhanced' ) . '</div>';
1000
1001 echo '<table class="widefat fixed striped form-table cme-checklist single-checkbox-table">';
1002
1003 $centinel_ = true;
1004 $checks_per_row = get_option( 'cme_form-rows', 1 );
1005 $i = 0; $first_row = true;
1006
1007 ?>
1008 <tr class="cme-bulk-select">
1009 <td colspan="<?php echo (int) $checks_per_row;?>">
1010 <input type="checkbox" class="cme-check-all" title="<?php esc_attr_e('check / uncheck all', 'capability-manager-enhanced');?>"> <span><?php _e('Capability Name', 'capability-manager-enhanced');?></span>
1011 <span style="float:right">
1012 &nbsp;&nbsp;<span class="ppc-tool-tip disabled"><a class="cme-neg-all" href="#" >X</a> <?php echo $cme_negate_all_tooltip_msg; ?> </span> <span class="ppc-tool-tip disabled"><a class="cme-switch-all" href="#" >X</a> <?php echo $cme_negate_none_tooltip_msg; ?> </span>
1013 </span>
1014 </td>
1015 </tr>
1016 <?php
1017 foreach( array_keys($_grouped_caps) as $cap_name ) {
1018 $cap_name = sanitize_text_field($cap_name);
1019
1020 if ( isset( $type_caps[$cap_name] ) || isset($type_metacaps[$cap_name]) ) {
1021 continue;
1022 }
1023
1024 if ( ! $is_administrator && ! current_user_can($cap_name) )
1025 continue;
1026
1027 // Output first <tr>
1028 if ( $centinel_ == true ) {
1029 echo '<tr class="' . esc_attr($cap_name) . '">';
1030 $centinel_ = false;
1031 }
1032
1033 if ( $i == $checks_per_row ) {
1034 echo '</tr><tr class="' . esc_attr($cap_name) . '">';
1035 $i = 0;
1036 }
1037
1038 if ( ! isset( $rcaps[$cap_name] ) )
1039 $class = 'cap-no';
1040 else
1041 $class = ( $rcaps[$cap_name] ) ? 'cap-yes' : 'cap-neg';
1042
1043 if ( ! empty($pp_metagroup_caps[$cap_name]) ) {
1044 $class .= ' cap-metagroup';
1045 $title_text = sprintf( __( '%s: assigned by Permission Group', 'capability-manager-enhanced' ), $cap_name );
1046 } else {
1047 $title_text = $cap_name;
1048 }
1049
1050 $disabled = '';
1051 $checked = !empty($rcaps[$cap_name]) ? 'checked' : '';
1052 $cap_title = $title_text;
1053 ?>
1054 <td class="<?php echo esc_attr($class); ?>"><span class="ppc-tool-tip disabled cap-x">X</span><span class="ppc-tool-tip disabled"><label><input type="checkbox" name="caps[<?php echo esc_attr($cap_name); ?>]" class="pp-single-action-rotate" autocomplete="off" value="1" <?php echo esc_attr($checked) . esc_attr($disabled);?> />
1055 <span>
1056 <?php
1057 echo esc_html(str_replace( '_', ' ', $cap_name));
1058 ?>
1059 </span></label></span><a href="#" class="neg-cap" style="visibility: hidden;">&nbsp;x&nbsp;</a>
1060 <?php if ( false !== strpos( $class, 'cap-neg' ) ) :?>
1061 <input type="hidden" class="cme-negation-input" name="caps[<?php echo esc_attr($cap_name); ?>]" value="" />
1062 <?php endif; ?>
1063 </td>
1064
1065 <?php
1066 ++$i;
1067 }
1068
1069 if ( $i == $checks_per_row ) {
1070 echo '</tr>';
1071 $i = 0;
1072 } elseif ( ! $first_row ) {
1073 // Now close a wellformed table
1074 for ( $i; $i < $checks_per_row; $i++ ){
1075 echo '<td>&nbsp;</td>';
1076 }
1077 echo '</tr>';
1078 }
1079 ?>
1080
1081 <tr class="cme-bulk-select">
1082 <td colspan="<?php echo (int) $checks_per_row;?>">
1083 <input type="checkbox" class="cme-check-all" autocomplete="off" title="<?php esc_attr_e('check / uncheck all', 'capability-manager-enhanced');?>"> <span><?php _e('Capability Name', 'capability-manager-enhanced');?></span>
1084 <span style="float:right">
1085 &nbsp;&nbsp;<span class="ppc-tool-tip disabled"><a class="cme-neg-all" href="#" >X</a> <?php echo $cme_negate_all_tooltip_msg; ?> </span> <span class="ppc-tool-tip disabled"><a class="cme-switch-all" href="#" >X</a> <?php echo $cme_negate_none_tooltip_msg; ?> </span>
1086 </span>
1087 </td>
1088 </tr>
1089
1090 </table>
1091 </div>
1092 <?php
1093 }
1094
1095 // caps: other
1096
1097 $tab_id = "cme-cap-type-tables-other";
1098 $div_display = ($tab_id == $active_tab_id) ? 'block' : 'none';
1099 ?>
1100 <div id="<?php echo esc_attr($tab_id);?>" style="display:<?php echo esc_attr($div_display);?>">
1101 <?php
1102
1103 echo '<h3>' . esc_html__( 'WordPress Core Capabilities', 'capability-manager-enhanced' ) . '</h3>';
1104
1105 echo '<div class="ppc-filter-wrapper">';
1106 echo '<input type="text" class="regular-text ppc-filter-text" placeholder="' . esc_attr__('Filter by capability', 'capability-manager-enhanced') . '">';
1107 echo ' <button class="button secondary-button ppc-filter-text-reset" type="button">' . esc_html__('Clear') . '</button>';
1108 echo '</div>';
1109 echo '<div class="ppc-filter-no-results" style="display:none;">' . esc_html__( 'No results found. Please try again with a different word.', 'capability-manager-enhanced' ) . '</div>';
1110
1111 echo '<table class="widefat fixed striped form-table cme-checklist">';
1112
1113 $centinel_ = true;
1114 $checks_per_row = get_option( 'cme_form-rows', 1 );
1115 $i = 0; $first_row = true;
1116
1117 ?>
1118 <tr class="cme-bulk-select">
1119 <td colspan="<?php echo (int) $checks_per_row;?>">
1120 <input type="checkbox" class="cme-check-all" autocomplete="off" title="<?php esc_attr_e('check / uncheck all', 'capability-manager-enhanced');?>"> <span><?php _e('Capability Name', 'capability-manager-enhanced');?></span>
1121 <span style="float:right">
1122 &nbsp;&nbsp;<span class="ppc-tool-tip disabled"><a class="cme-neg-all" href="#" >X</a> <?php echo $cme_negate_all_tooltip_msg; ?> </span> <span class="ppc-tool-tip disabled"><a class="cme-switch-all" href="#" >X</a> <?php echo $cme_negate_none_tooltip_msg; ?> </span>
1123 </span>
1124 </td>
1125 </tr>
1126
1127 <tr class="cme-bulk-select">
1128 <td colspan="<?php echo (int) $checks_per_row;?>">
1129 <input type="checkbox" class="cme-check-all" autocomplete="off" title="<?php esc_attr_e('check / uncheck all', 'capability-manager-enhanced');?>"> <span><?php _e('Capability Name', 'capability-manager-enhanced');?></span>
1130 <span style="float:right">
1131 &nbsp;&nbsp;<span class="ppc-tool-tip disabled"><a class="cme-neg-all" href="#" >X</a> <?php echo $cme_negate_all_tooltip_msg; ?> </span> <span class="ppc-tool-tip disabled"><a class="cme-switch-all" href="#" >X</a> <?php echo $cme_negate_none_tooltip_msg; ?> </span>
1132 </span>
1133 </td>
1134 </tr>
1135
1136 </table>
1137 </div>
1138
1139 <?php
1140 $all_capabilities = apply_filters( 'capsman_get_capabilities', array_keys( $this->capabilities ), $this->ID );
1141 $all_capabilities = apply_filters( 'members_get_capabilities', $all_capabilities );
1142
1143 // caps: plugins
1144 $plugin_caps = apply_filters('cme_plugin_capabilities', $plugin_caps);
1145
1146 foreach($plugin_caps as $plugin_title => $__plugin_caps) {
1147 $plugin_title = esc_html($plugin_title);
1148
1149 $_plugin_caps = array_fill_keys($__plugin_caps, true);
1150
1151 $tab_id = 'cme-cap-type-tables-' . esc_attr(pp_capabilities_convert_to_slug($plugin_title));
1152 $tab_name = esc_html(str_replace('_', ' ', $plugin_title));
1153 // support extractor staging label
1154 $tab_name = str_replace('(CAPABILITYEXTRACTOR)', '<span class="capability-extractor-label">CE</span>', $tab_name);
1155 $div_display = ($tab_id == $active_tab_id) ? 'block' : 'none';
1156
1157 echo '<div id="' . esc_attr($tab_id) . '" style="display:' . esc_attr($div_display) . '">';
1158
1159 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
1160 echo '<h3 class="cme-cap-section">' . sprintf(esc_html__( 'Plugin Capabilities &ndash; %s', 'capability-manager-enhanced' ), $tab_name) . '</h3>';
1161
1162 echo '<div class="ppc-filter-wrapper">';
1163 echo '<input type="text" class="regular-text ppc-filter-text" placeholder="' . esc_attr__('Filter by capability', 'capability-manager-enhanced') . '">';
1164 echo ' <button class="button secondary-button ppc-filter-text-reset" type="button">' . esc_html__('Clear') . '</button>';
1165 echo '</div>';
1166 echo '<div class="ppc-filter-no-results" style="display:none;">' . esc_html__( 'No results found. Please try again with a different word.', 'capability-manager-enhanced' ) . '</div>';
1167
1168 echo '<table class="widefat fixed striped form-table cme-checklist single-checkbox-table">';
1169
1170 $centinel_ = true;
1171 $checks_per_row = get_option( 'cme_form-rows', 1 );
1172 $i = 0; $first_row = true;
1173
1174 ?>
1175 <tr class="cme-bulk-select">
1176 <td colspan="<?php echo (int) $checks_per_row;?>">
1177 <input type="checkbox" class="cme-check-all" title="<?php esc_attr_e('check / uncheck all', 'capability-manager-enhanced');?>"> <span><?php _e('Capability Name', 'capability-manager-enhanced');?></span>
1178 <span style="float:right">
1179 &nbsp;&nbsp;<span class="ppc-tool-tip disabled"><a class="cme-neg-all" href="#" >X</a> <?php echo $cme_negate_all_tooltip_msg; ?> </span> <span class="ppc-tool-tip disabled"><a class="cme-switch-all" href="#" >X</a> <?php echo $cme_negate_none_tooltip_msg; ?> </span>
1180 </span>
1181 </td>
1182 </tr>
1183 <?php
1184 foreach( array_keys($_plugin_caps) as $cap_name ) {
1185 $cap_name = sanitize_text_field($cap_name);
1186
1187 if ( isset( $type_caps[$cap_name] ) || in_array($cap_name, $grouped_caps_lists) || isset($type_metacaps[$cap_name]) ) {
1188 continue;
1189 }
1190
1191 if ( ! $is_administrator && ! current_user_can($cap_name) )
1192 continue;
1193
1194 // Output first <tr>
1195 if ( $centinel_ == true ) {
1196 echo '<tr class="' . esc_attr($cap_name) . '">';
1197 $centinel_ = false;
1198 }
1199
1200 if ( $i == $checks_per_row ) {
1201 echo '</tr><tr class="' . esc_attr($cap_name) . '">';
1202 $i = 0;
1203 }
1204
1205 if ( ! isset( $rcaps[$cap_name] ) )
1206 $class = 'cap-no';
1207 else
1208 $class = ( $rcaps[$cap_name] ) ? 'cap-yes' : 'cap-neg';
1209
1210 if ( ! empty($pp_metagroup_caps[$cap_name]) ) {
1211 $class .= ' cap-metagroup';
1212 $title_text = sprintf( __( '%s: assigned by Permission Group', 'capability-manager-enhanced' ), $cap_name );
1213 } else {
1214 $title_text = $cap_name;
1215 }
1216
1217 if ($cap_name === 'manage_capabilities_user_testing') {
1218 $warning_message = '&nbsp; <span class="ppc-tool-tip"><span class="dashicons dashicons-info-outline"></span><span class="tool-tip-text"><p>'. sprintf(esc_html__('The User Testing feature also requires the %1$s edit_users %2$s capability.', 'capability-manager-enhanced'), '<strong>', '</strong>') .'</p><i></i></span></span>';
1219 } else {
1220 $warning_message = '';
1221 }
1222
1223 $disabled = '';
1224 $checked = !empty($rcaps[$cap_name]) ? 'checked' : '';
1225
1226 $cap_title = $title_text;
1227 ?>
1228 <td class="<?php echo esc_attr($class); ?>"><span class="ppc-tool-tip disabled cap-x">X</span><span class="ppc-tool-tip disabled"><label><input type="checkbox" name="caps[<?php echo esc_attr($cap_name); ?>]" class="pp-single-action-rotate" autocomplete="off" value="1" <?php echo esc_attr($checked) . esc_attr($disabled);?> />
1229 <span>
1230 <?php
1231 echo esc_html(str_replace( '_', ' ', $cap_name));
1232 ?>
1233 </span></label></span><?php echo $warning_message; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?><a href="#" class="neg-cap" style="visibility: hidden;">&nbsp;x&nbsp;</a>
1234 <?php if ( false !== strpos( $class, 'cap-neg' ) ) :?>
1235 <input type="hidden" class="cme-negation-input" name="caps[<?php echo esc_attr($cap_name); ?>]" value="" />
1236 <?php endif; ?>
1237 </td>
1238
1239 <?php
1240 ++$i;
1241 }
1242
1243 if ( $i == $checks_per_row ) {
1244 echo '</tr>';
1245 $i = 0;
1246 } elseif ( ! $first_row ) {
1247 // Now close a wellformed table
1248 for ( $i; $i < $checks_per_row; $i++ ){
1249 echo '<td>&nbsp;</td>';
1250 }
1251 echo '</tr>';
1252 }
1253 ?>
1254
1255 <tr class="cme-bulk-select">
1256 <td colspan="<?php echo (int) $checks_per_row;?>">
1257 <input type="checkbox" class="cme-check-all" autocomplete="off" title="<?php esc_attr_e('check / uncheck all', 'capability-manager-enhanced');?>"> <span><?php _e('Capability Name', 'capability-manager-enhanced');?></span>
1258 <span style="float:right">
1259 &nbsp;&nbsp;<span class="ppc-tool-tip disabled"><a class="cme-neg-all" href="#" >X</a> <?php echo $cme_negate_all_tooltip_msg; ?> </span> <span class="ppc-tool-tip disabled"><a class="cme-switch-all" href="#" >X</a> <?php echo $cme_negate_none_tooltip_msg; ?> </span>
1260 </span>
1261 </td>
1262 </tr>
1263
1264 </table>
1265 </div>
1266 <?php
1267 }
1268
1269 // caps: invalid
1270 if (array_intersect(array_keys(array_filter($type_metacaps)), $all_capabilities) && array_intersect_key($type_metacaps, array_filter($rcaps))) {
1271 $tab_id = "cme-cap-type-tables-invalid";
1272 $div_display = ($tab_id == $active_tab_id) ? 'block' : 'none';
1273
1274 echo '<div id="' . esc_attr($tab_id) . '" style="display:' . esc_attr($div_display) . '">';
1275 echo '<h3 class="cme-cap-section">' . esc_html__( 'Invalid Capabilities', 'capability-manager-enhanced' ) . '</h3>';
1276 ?>
1277
1278 <div>
1279 <span class="cme-subtext">
1280 <?php esc_html_e('The following entries have no effect. Please assign desired capabilities on the Editing / Deletion / Private tabs.', 'capability-manager-enhanced');?>
1281 </span>
1282 </div>
1283
1284 <table class="widefat fixed striped form-table cme-checklist single-checkbox-table">
1285 <tr>
1286 <?php
1287 $i = 0; $first_row = true;
1288 $invalid_caps_capabilities = [];
1289 foreach( $all_capabilities as $cap_name ) {
1290 if ( ! isset($this->capabilities[$cap_name]) )
1291 $this->capabilities[$cap_name] = str_replace( '_', ' ', $cap_name );
1292 }
1293
1294 uasort( $this->capabilities, 'strnatcasecmp' ); // sort by array values, but maintain keys );
1295
1296 foreach ( $this->capabilities as $cap_name => $cap ) :
1297 $cap_name = sanitize_text_field($cap_name);
1298
1299 if (!isset($type_metacaps[$cap_name]) || empty($rcaps[$cap_name])) {
1300 continue;
1301 }
1302
1303 if ( ! $is_administrator && empty( $current_user->allcaps[$cap_name] ) ) {
1304 continue;
1305 }
1306
1307 if ( $i == $checks_per_row ) {
1308 echo '</tr><tr>';
1309 $i = 0; $first_row = false;
1310 }
1311
1312 if ( ! isset( $rcaps[$cap_name] ) )
1313 $class = 'cap-no';
1314 else
1315 $class = ( $rcaps[$cap_name] ) ? 'cap-yes' : 'cap-neg';
1316
1317 $title_text = $cap_name;
1318
1319 $disabled = '';
1320 $checked = !empty($rcaps[$cap_name]) ? 'checked' : '';
1321 $invalid_caps_capabilities[] = $cap_name;
1322 ?>
1323 <td class="<?php echo esc_attr($class); ?>"><span class="ppc-tool-tip disabled cap-x">X</span><label title="<?php echo esc_attr($title_text);?>"><input type="checkbox" name="caps[<?php echo esc_attr($cap_name); ?>]" class="pp-single-action-rotate" autocomplete="off" value="1" <?php echo esc_attr($checked) . esc_attr($disabled);?> />
1324 <span>
1325 <?php
1326 echo esc_html(str_replace( '_', ' ', $cap ));
1327 ?>
1328 </span></label><a href="#" class="neg-cap" style="visibility: hidden;">&nbsp;x&nbsp;</a>
1329 <?php if ( false !== strpos( $class, 'cap-neg' ) ) :?>
1330 <input type="hidden" class="cme-negation-input" name="caps[<?php echo esc_attr($cap_name); ?>]" value="" />
1331 <?php endif; ?>
1332 </td>
1333 <?php
1334 $i++;
1335 endforeach;
1336
1337 if ( ! empty($lock_manage_caps_capability) ) {
1338 echo '<input type="hidden" name="caps[manage_capabilities]" value="1" />';
1339 }
1340
1341 if ( $i == $checks_per_row ) {
1342 echo '</tr><tr>';
1343 $i = 0;
1344 } else {
1345 if ( ! $first_row ) {
1346 // Now close a wellformed table
1347 for ( $i; $i < $checks_per_row; $i++ ){
1348 echo '<td>&nbsp;</td>';
1349 }
1350 echo '</tr>';
1351 }
1352 }
1353 ?>
1354
1355 <?php if (!empty($invalid_caps_capabilities)) : ?>
1356 <script type="text/javascript">
1357 /* <![CDATA[ */
1358 jQuery(document).ready( function($) {
1359 $('#cme_tab_invalid_caps').show();
1360 });
1361 /* ]]> */
1362 </script>
1363 <?php endif; ?>
1364
1365 </table>
1366 </div>
1367 <?php
1368 } // endif any invalid caps
1369
1370 $tab_id = "cme-cap-type-tables-additional";
1371 $div_display = ($tab_id == $active_tab_id) ? 'block' : 'none';
1372 ?>
1373 <div id="<?php echo esc_attr($tab_id);?>" style="display:<?php echo esc_attr($div_display);?>">
1374 <?php
1375 // caps: additional
1376 echo '<h3 class="cme-cap-section">' . esc_html__( 'Additional Capabilities', 'capability-manager-enhanced' ) . '</h3>';
1377
1378 echo '<div class="ppc-filter-wrapper">';
1379 echo '<input type="text" class="regular-text ppc-filter-text" placeholder="' . esc_attr__('Filter by capability', 'capability-manager-enhanced') . '">';
1380 echo ' <button class="button secondary-button ppc-filter-text-reset" type="button">' . __('Clear') . '</button>';
1381 echo '</div>';
1382 echo '<div class="ppc-filter-no-results" style="display:none;">' . esc_html__( 'No results found. Please try again with a different word.', 'capability-manager-enhanced' ) . '</div>';
1383 ?>
1384 <table class="widefat fixed striped form-table cme-checklist single-checkbox-table">
1385
1386 <tr class="cme-bulk-select">
1387 <td colspan="<?php echo (int) $checks_per_row;?>">
1388 <input type="checkbox" class="cme-check-all" title="<?php esc_attr_e('check / uncheck all', 'capability-manager-enhanced');?>"> <span><?php _e('Capability Name', 'capability-manager-enhanced');?></span>
1389 <span style="float:right">
1390 &nbsp;&nbsp;<span class="ppc-tool-tip disabled"><a class="cme-neg-all" href="#" >X</a> <?php echo $cme_negate_all_tooltip_msg; ?> </span> <span class="ppc-tool-tip disabled"><a class="cme-switch-all" href="#" >X</a> <?php echo $cme_negate_none_tooltip_msg; ?> </span>
1391 </span>
1392 </td>
1393 </tr>
1394
1395 <?php
1396 $centinel_ = true;
1397 $i = 0; $first_row = true;
1398
1399 foreach( $all_capabilities as $cap_name ) {
1400 if ( ! isset($this->capabilities[$cap_name]) )
1401 $this->capabilities[$cap_name] = str_replace( '_', ' ', $cap_name );
1402 }
1403
1404 uasort( $this->capabilities, 'strnatcasecmp' ); // sort by array values, but maintain keys );
1405
1406 $additional_caps = apply_filters('publishpress_caps_manage_additional_caps', $this->capabilities);
1407 $caps_empty = true;
1408 foreach ($additional_caps as $cap_name => $cap) :
1409 $cap_name = sanitize_text_field($cap_name);
1410
1411 if ((isset($type_caps[$cap_name]) && !isset($type_metacaps[$cap_name]))
1412 || in_array($cap_name, $grouped_caps_lists)
1413 || (isset($type_metacaps[$cap_name]) && !empty($rcaps[$cap_name])) ) {
1414 continue;
1415 }
1416
1417 if (!isset($type_metacaps[$cap_name]) || !empty($rcaps[$cap_name])) {
1418 foreach(array_keys($plugin_caps) as $plugin_title) {
1419 if ( in_array( $cap_name, $plugin_caps[$plugin_title]) ) {
1420 continue 2;
1421 }
1422 }
1423 }
1424
1425 if ( ! $is_administrator && empty( $current_user->allcaps[$cap_name] ) ) {
1426 continue;
1427 }
1428
1429 // Levels are not shown.
1430 if ( preg_match( '/^level_(10|[0-9])$/i', $cap_name ) ) {
1431 continue;
1432 }
1433
1434 // Output first <tr>
1435 if ( $centinel_ == true ) {
1436 echo '<tr class="' . esc_attr($cap_name) . '">';
1437 $centinel_ = false;
1438 }
1439
1440 if ( $i == $checks_per_row ) {
1441 echo '</tr><tr class="' . esc_attr($cap_name) . '">';
1442 $i = 0; $first_row = false;
1443 }
1444
1445 if ( ! isset( $rcaps[$cap_name] ) )
1446 $class = 'cap-no';
1447 else
1448 $class = ( $rcaps[$cap_name] ) ? 'cap-yes' : 'cap-neg';
1449
1450 if ( ! empty($pp_metagroup_caps[$cap_name]) ) {
1451 $class .= ' cap-metagroup';
1452 $title_text = sprintf( esc_html__( '%s: assigned by Permission Group', 'capability-manager-enhanced' ), '<strong>' . $cap_name . '</strong>' );
1453 } else {
1454 $title_text = '';
1455 }
1456
1457 $disabled = '';
1458 $checked = !empty($rcaps[$cap_name]) ? 'checked' : '';
1459
1460 if ( 'manage_capabilities' == $cap_name ) {
1461 if (!current_user_can('administrator') && (!is_multisite() || !is_super_admin())) {
1462 continue;
1463 } elseif ( 'administrator' == $default ) {
1464 $class .= ' cap-locked';
1465 $lock_manage_caps_capability = true;
1466 $disabled = ' disabled ';
1467 }
1468 }
1469
1470 $caps_empty = false;
1471 ?>
1472 <td class="<?php echo esc_attr($class); ?>"><span class="ppc-tool-tip disabled cap-x">X</span><span class="ppc-tool-tip disabled"><label><input type="checkbox" name="caps[<?php echo esc_attr($cap_name); ?>]" class="pp-single-action-rotate" autocomplete="off" value="1" <?php echo esc_attr($checked) . ' ' . esc_attr($disabled);?> />
1473 <span>
1474 <?php
1475 echo esc_html(str_replace( '_', ' ', $cap ));
1476 ?>
1477 </span></label><?php if ($title_text) :?><span class="tool-tip-text" style="text-align: center;">
1478 <p><?php echo $title_text; ?></p>
1479 <i></i>
1480 </span><?php endif;?></span><a href="#" class="neg-cap" style="visibility: hidden;">&nbsp;x&nbsp;</a>
1481 <?php if ( false !== strpos( $class, 'cap-neg' ) ) :?>
1482 <input type="hidden" class="cme-negation-input" name="caps[<?php echo esc_attr($cap_name); ?>]" value="" />
1483 <?php endif; ?>
1484 </td>
1485 <?php
1486 $i++;
1487 endforeach;
1488
1489 if ( ! empty($lock_manage_caps_capability) ) {
1490 echo '<input type="hidden" name="caps[manage_capabilities]" value="1" />';
1491 }
1492
1493 if ( $i == $checks_per_row ) {
1494 echo '</tr><tr>';
1495 $i = 0;
1496 } else {
1497 if ( ! $first_row ) {
1498 // Now close a wellformed table
1499 for ( $i; $i < $checks_per_row; $i++ ){
1500 echo '<td>&nbsp;</td>';
1501 }
1502 echo '</tr>';
1503 }
1504 }
1505 ?>
1506 <?php if ($caps_empty) : ?>
1507 <tr>
1508 <td colspan="<?php echo (int) $checks_per_row;?>">
1509 <div>
1510 <?php esc_html_e( 'You have no additional capabilities.', 'capability-manager-enhanced' ); ?>
1511 </div>
1512 </td>
1513 </tr>
1514 <?php endif; ?>
1515 <tr class="cme-bulk-select">
1516 <td colspan="<?php echo (int) $checks_per_row;?>">
1517 <input type="checkbox" class="cme-check-all" autocomplete="off" title="<?php esc_attr_e('check / uncheck all', 'capability-manager-enhanced');?>"> <span><?php _e('Capability Name', 'capability-manager-enhanced');?></span>
1518 <span style="float:right">
1519 &nbsp;&nbsp;<span class="ppc-tool-tip disabled"><a class="cme-neg-all" href="#" >X</a> <?php echo $cme_negate_all_tooltip_msg; ?> </span> <span class="ppc-tool-tip disabled"><a class="cme-switch-all" href="#" >X</a> <?php echo $cme_negate_none_tooltip_msg; ?> </span>
1520 </span>
1521 </td>
1522 </tr>
1523
1524 </table>
1525 </div>
1526
1527 <div class="capabilities-sidebar pp-column-right">
1528 <?php
1529 do_action('publishpress-caps_sidebar_top');
1530
1531 $banners = new PublishPress\WordPressBanners\BannersMain;
1532
1533 $banner_messages = [];
1534 $banner_messages[] = esc_html__('Capabilities allows you change the permissions for any user role.', 'capability-manager-enhanced');
1535 $banner_messages[] = sprintf(esc_html__('%1$s = Capability granted %2$s', 'capability-manager-enhanced'), '<table class="pp-capabilities-cb-key"><tr><td class="pp-cap-icon pp-cap-icon-checked"><input type="checkbox" title="'. esc_attr__('usage key', 'capability-manager-enhanced') .'" checked disabled></td><td>', '</td></tr>');
1536 $banner_messages[] = sprintf(esc_html__('%1$s = Capability not granted %2$s', 'capability-manager-enhanced'), '<tr><td class="pp-cap-icon"><input type="checkbox" title="'. esc_attr__('usage key', 'capability-manager-enhanced') .'" disabled></td><td class="pp-cap-not-checked-definition">', '</td></tr>');
1537 $banner_messages[] = sprintf(esc_html__('%1$s = Capability denied, even if granted by another role %2$s', 'capability-manager-enhanced'), '<tr><td class="pp-cap-icon pp-cap-x"><span class="cap-x pp-cap-key" title="'. esc_attr__('usage key', 'capability-manager-enhanced') .'">X</span></td><td class="cap-x-definition">', '</td></tr></table>');
1538 if (defined('PRESSPERMIT_ACTIVE') && function_exists('presspermit')) {
1539 if ($group = presspermit()->groups()->getMetagroup('wp_role', $this->current)) {
1540 $additional_message = sprintf(
1541 // back compat with existing language string
1542 str_replace(
1543 ['&lt;strong&gt;', '&lt;/strong&gt;'],
1544 ['<strong>', '</strong>'],
1545 esc_html__('You can also configure this role as a %sPermission Group%s.', 'capability-manager-enhanced')
1546 ),
1547 '<a href="' . esc_url_raw(admin_url("admin.php?page=presspermit-edit-permissions&action=edit&agent_id={$group->ID}")) . '">',
1548 '</a>'
1549 );
1550 $banner_messages[] = '<p class="cme-subtext">' . $additional_message . '</p>';
1551 }
1552 }
1553
1554 ?>
1555 <div class="ppc-sidebar-panel-metabox meta-box-sortables">
1556 <?php $meta_box_state = (isset($sidebar_metabox_state['how_to_user_capabilities'])) ? $sidebar_metabox_state['how_to_user_capabilities'] : 'closed'; ?>
1557 <div class="postbox ppc-sidebar-panel <?php echo esc_attr($meta_box_state); ?>">
1558 <input
1559 name="ppc_metabox_state[how_to_user_capabilities]"
1560 type="hidden"
1561 class="metabox-state"
1562 value="<?php echo esc_attr($meta_box_state); ?>"
1563 />
1564 <div class="postbox-header">
1565 <h2 class="hndle ui-sortable-handle"><?php esc_html_e('How to use Capabilities', 'capability-manager-enhanced'); ?></h2>
1566 <div class="handle-actions">
1567 <button type="button" class="handlediv">
1568 <span class="toggle-indicator"></span>
1569 </button>
1570 </div>
1571 </div>
1572 <div class="inside">
1573 <?php
1574 $banners->pp_display_banner(
1575 '',
1576 '',
1577 $banner_messages,
1578 'https://publishpress.com/knowledge-base/capabilities-screen/',
1579 __('View Documentation', 'capability-manager-enhanced'),
1580 '',
1581 'button ppc-checkboxes-documentation-link'
1582 );
1583 ?>
1584 </div>
1585 </div>
1586 </div>
1587
1588 <?php
1589 $pp_ui->pp_types_ui( $defined['type'] );
1590 $pp_ui->pp_taxonomies_ui( $defined['taxonomy'] );
1591 ?>
1592
1593 <div class="ppc-sidebar-panel-metabox meta-box-sortables ppc-safe">
1594 <?php $meta_box_state = (isset($sidebar_metabox_state['capabilities_safe_to_use'])) ? $sidebar_metabox_state['capabilities_safe_to_use'] : 'closed'; ?>
1595 <div class="postbox ppc-sidebar-panel <?php echo esc_attr($meta_box_state); ?>">
1596 <input
1597 name="ppc_metabox_state[capabilities_safe_to_use]"
1598 type="hidden"
1599 class="metabox-state"
1600 value="<?php echo esc_attr($meta_box_state); ?>"
1601 />
1602 <div class="postbox-header">
1603 <h2 class="hndle ui-sortable-handle"><?php esc_html_e( 'Capabilities is Safe to Use', 'capability-manager-enhanced' ); ?></h2>
1604 <div class="handle-actions">
1605 <button type="button" class="handlediv">
1606 <span class="toggle-indicator"></span>
1607 </button>
1608 </div>
1609 </div>
1610 <div class="inside">
1611 <?php
1612 $banners->pp_display_banner(
1613 '',
1614 '',
1615 array(
1616 __( 'WordPress stores role capabilities in your database, where they remain even if the plugin is deactivated.', 'capability-manager-enhanced' ),
1617 __( 'Whenever you use PublishPress Capabilities to save changes, it also creates a backup which you can use to restore a previous configuration.', 'capability-manager-enhanced' )
1618 ),
1619 admin_url( 'admin.php?page=pp-capabilities-backup' ),
1620 __( 'Go to the Backup feature', 'capability-manager-enhanced' ),
1621 '',
1622 'button'
1623 );
1624 ?>
1625 </div>
1626 </div>
1627 </div>
1628
1629 <div class="ppc-sidebar-panel-metabox meta-box-sortables ppc-add-cap">
1630 <?php $meta_box_state = (isset($sidebar_metabox_state['add_capability'])) ? $sidebar_metabox_state['add_capability'] : 'closed'; ?>
1631 <div class="postbox ppc-sidebar-panel <?php echo esc_attr($meta_box_state); ?>">
1632 <input
1633 name="ppc_metabox_state[add_capability]"
1634 type="hidden"
1635 class="metabox-state"
1636 value="<?php echo esc_attr($meta_box_state); ?>"
1637 />
1638 <div class="postbox-header">
1639 <h2 class="hndle ui-sortable-handle"><?php esc_html_e('Add a New Capability', 'capability-manager-enhanced'); ?></h2>
1640 <div class="handle-actions">
1641 <button type="button" class="handlediv">
1642 <span class="toggle-indicator"></span>
1643 </button>
1644 </div>
1645 </div>
1646 <div class="inside" style="text-align:center;">
1647 <p>
1648 <input type="text" name="capability-name" class="regular-text" placeholder="<?php echo 'capability_name';?>" /><br />
1649 <input type="submit" name="AddCap" value="<?php esc_attr_e('Add to role', 'capability-manager-enhanced') ?>" class="button" />
1650 </p>
1651 <br />
1652 <div class="cme-subtext"><?php _e('New capabilities are controlled on the Additonal tab.', 'capability-manager-enhanced');?></div>
1653 </div>
1654 </div>
1655 </div>
1656
1657 <?php if (is_multisite() && is_super_admin() && is_main_site()) : ?>
1658 <div class="ppc-sidebar-panel-metabox meta-box-sortables ppc-multi-site">
1659 <?php $meta_box_state = (isset($sidebar_metabox_state['multi_site'])) ? $sidebar_metabox_state['multi_site'] : 'closed'; ?>
1660 <div class="postbox ppc-sidebar-panel <?php echo esc_attr($meta_box_state); ?>">
1661 <input
1662 name="ppc_metabox_state[multi_site]"
1663 type="hidden"
1664 class="metabox-state"
1665 value="<?php echo esc_attr($meta_box_state); ?>"
1666 />
1667 <div class="postbox-header">
1668 <h2 class="hndle ui-sortable-handle"><?php esc_html_e('Multisite', 'capability-manager-enhanced'); ?></h2>
1669 <div class="handle-actions">
1670 <button type="button" class="handlediv">
1671 <span class="toggle-indicator"></span>
1672 </button>
1673 </div>
1674 </div>
1675 <div class="inside">
1676 <?php cme_network_role_ui( $default ); ?>
1677 </div>
1678 </div>
1679 </div>
1680 <?php endif; ?>
1681
1682 <?php
1683 do_action('publishpress-caps_sidebar_bottom');
1684 ?>
1685
1686 </div><!-- right sidebar within tab panel -->
1687 </div>
1688 </div>
1689
1690
1691 <script type="text/javascript">
1692 /* <![CDATA[ */
1693 jQuery(document).ready( function($) {
1694 $('a[href="#pp-more"]').click( function() {
1695 $('#pp_features').show();
1696 return false;
1697 });
1698 $('a[href="#pp-hide"]').click( function() {
1699 $('#pp_features').hide();
1700 return false;
1701 });
1702 });
1703 /* ]]> */
1704 </script>
1705
1706 <?php /* play.png icon by Pavel: http://kde-look.org/usermanager/search.php?username=InFeRnODeMoN */ ?>
1707
1708 <div id="pp_features" style="display:none"><div class="pp-logo"><a href="https://publishpress.com/presspermit/"><img src="<?php echo esc_url_raw($img_url);?>pp-logo.png" alt="<?php esc_attr_e('PublishPress Permissions', 'capability-manager-enhanced');?>" /></a></div><div class="features-wrap"><ul class="pp-features">
1709 <li>
1710 <?php esc_html_e( "Automatically define type-specific capabilities for your custom post types and taxonomies", 'capability-manager-enhanced' );?>
1711 <a href="https://presspermit.com/tutorial/regulate-post-type-access" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1712
1713 <li>
1714 <?php esc_html_e( "Assign standard WP roles supplementally for a specific post type", 'capability-manager-enhanced' );?>
1715 <a href="https://presspermit.com/tutorial/regulate-post-type-access" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1716
1717 <li>
1718 <?php esc_html_e( "Assign custom WP roles supplementally for a specific post type <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1719 </li>
1720
1721 <li>
1722 <?php esc_html_e( "Customize reading permissions per-category or per-post", 'capability-manager-enhanced' );?>
1723 <a href="https://presspermit.com/tutorial/category-exceptions" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1724
1725 <li>
1726 <?php esc_html_e( "Customize editing permissions per-category or per-post <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1727 <a href="https://presspermit.com/tutorial/page-editing-exceptions" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1728
1729 <li>
1730 <?php esc_html_e( "Custom Post Visibility statuses, fully implemented throughout wp-admin <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1731 <a href="https://presspermit.com/tutorial/custom-post-visibility" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1732
1733 <li>
1734 <?php esc_html_e( "Custom Moderation statuses for access-controlled, multi-step publishing workflow <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1735 <a href="https://presspermit.com/tutorial/multi-step-moderation" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1736
1737 <li>
1738 <?php esc_html_e( "Regulate permissions for Edit Flow post statuses <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1739 <a href="https://presspermit.com/tutorial/edit-flow-integration" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1740
1741 <li>
1742 <?php esc_html_e( "Customize the moderated editing of published content with Revisionary or Post Forking <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1743 <a href="https://presspermit.com/tutorial/published-content-revision" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1744
1745 <li>
1746 <?php esc_html_e( "Grant Spectator, Participant or Moderator access to specific bbPress forums <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1747 </li>
1748
1749 <li>
1750 <?php esc_html_e( "Grant supplemental content permissions to a BuddyPress group <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1751 <a href="https://presspermit.com/tutorial/buddypress-content-permissions" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1752
1753 <li>
1754 <?php esc_html_e( "WPML integration to mirror permissions to translations <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1755 </li>
1756
1757 <li>
1758 <?php esc_html_e( "Member support forum", 'capability-manager-enhanced' );?>
1759 </li>
1760
1761 </ul></div>
1762
1763 <?php
1764 echo '<div>';
1765 printf( esc_html__('%1$sgrab%2$s %3$s', 'capability-manager-enhanced'), '<strong>', '</strong>', '<span class="plugins update-message"><a href="' . esc_url_raw(cme_plugin_info_url('press-permit-core')) . '" class="thickbox" title="' . sprintf( esc_attr__('%s (free install)', 'capability-manager-enhanced'), 'Permissions Pro' ) . '">Permissions Pro</a></span>' );
1766 echo '&nbsp;&nbsp;&bull;&nbsp;&nbsp;';
1767 printf( esc_html__('%1$sbuy%2$s %3$s', 'capability-manager-enhanced'), '<strong>', '</strong>', '<a href="https://publishpress.com/presspermit/" target="_blank" title="' . sprintf( esc_attr__('%s info/purchase', 'capability-manager-enhanced'), 'Permissions Pro' ) . '">Permissions&nbsp;Pro</a>' );
1768 echo '&nbsp;&nbsp;&bull;&nbsp;&nbsp;';
1769 echo '<a href="#pp-hide">hide</a>';
1770 echo '</div></div>';
1771
1772 ///
1773 ?>
1774 <script type="text/javascript">
1775 /* <![CDATA[ */
1776 jQuery(document).ready( function($) {
1777 $('a[href="#toggle_type_caps"]').click( function() {
1778 var chks = $(this).closest('tr').find('input');
1779 var set_checked = ! $(chks).first().is(':checked');
1780
1781 $(chks).each(function(i,e) {
1782 $('input[name="' + $(this).attr('name') + '"]').prop('checked', set_checked);
1783 });
1784
1785 return false;
1786 });
1787
1788 $('input[name^="caps["]').click(function() {
1789 $('input[name="' + $(this).attr('name') + '"]').prop('checked', $(this).prop('checked'));
1790 });
1791 });
1792 /* ]]> */
1793 </script>
1794
1795 <div style="display:none; float:right;">
1796 <?php
1797 $level = ak_caps2level($rcaps);
1798 ?>
1799 <span title="<?php esc_attr_e('Role level is mostly deprecated. However, it still determines eligibility for Post Author assignment and limits the application of user editing capabilities.', 'capability-manager-enhanced');?>">
1800
1801 <?php (in_array(get_locale(), ['en_EN', 'en_US'])) ? printf('Role Level:') : esc_html_e('Level:', 'capability-manager-enhanced');?> <select name="level">
1802 <?php for ( $l = $this->max_level; $l >= 0; $l-- ) {?>
1803 <option value="<?php echo (int) $l; ?>" style="text-align:right;"<?php selected($level, $l); ?>>&nbsp;<?php echo (int) $l; ?>&nbsp;</option>
1804 <?php }
1805 ?>
1806 </select>
1807 </span>
1808
1809 </div>
1810
1811 <p class="submit" style="padding-top:0;">
1812 <input type="hidden" name="action" value="update" />
1813 <input type="hidden" name="current" value="<?php echo esc_attr($default); ?>" />
1814
1815 <?php
1816 $save_caption = (in_array(sanitize_key(get_locale()), ['en_EN', 'en_US'])) ? 'Save Capabilities' : esc_html__('Save Changes');
1817 ?>
1818 <input type="submit" name="SaveRole" value="<?php echo esc_attr($save_caption);?>" class="button-primary" style="float: right;" /> &nbsp;
1819 </p>
1820
1821 </div><!-- .pp-column-left -->
1822 </div><!-- .pp-columns-wrapper -->
1823 </td></tr></table> <!-- .akmin -->
1824 </fieldset>
1825 </form>
1826
1827 <?php if (!defined('PUBLISHPRESS_CAPS_PRO_VERSION') || get_option('cme_display_branding')) {
1828 cme_publishpressFooter();
1829 }
1830 ?>
1831 </div>
1832
1833 <?php
1834 function cme_network_role_ui( $default ) {
1835 if (!is_multisite() || !is_super_admin() || !is_main_site()) {
1836 return false;
1837 }
1838 ?>
1839 <?php
1840 if ( ! $autocreate_roles = get_site_option( 'cme_autocreate_roles' ) )
1841 $autocreate_roles = array();
1842 ?>
1843 <div style="margin-bottom: 5px">
1844 <label for="cme_autocreate_role" title="<?php esc_attr_e('Create this role definition in new (future) sites', 'capability-manager-enhanced');?>"><input type="checkbox" name="cme_autocreate_role" id="cme_autocreate_role" autocomplete="off" value="1" <?php echo checked(in_array($default, $autocreate_roles));?>> <?php esc_html_e('Include in new sites.', 'capability-manager-enhanced'); ?> </label>
1845 </div>
1846 <div>
1847 <label for="cme_net_sync_role" title="<?php echo esc_attr__('Copy / update this role definition to all sites now', 'capability-manager-enhanced');?>"><input type="checkbox" name="cme_net_sync_role" id="cme_net_sync_role" autocomplete="off" value="1"> <?php esc_html_e('Sync role to all sites.', 'capability-manager-enhanced'); ?> </label>
1848 </div>
1849 <div>
1850 <label for="cme_net_sync_options" title="<?php echo esc_attr__('Copy option settings to all sites now', 'capability-manager-enhanced');?>"><input type="checkbox" name="cme_net_sync_options" id="cme_net_sync_options" autocomplete="off" value="1"> <?php esc_html_e('Sync options to all sites.', 'capability-manager-enhanced'); ?> </label>
1851 </div>
1852 <?php
1853 return true;
1854 }
1855
1856 function cme_plugin_info_url( $plugin_slug ) {
1857 $_url = "plugin-install.php?tab=plugin-information&plugin=$plugin_slug&TB_iframe=true&width=640&height=678";
1858 return ( is_multisite() ) ? network_admin_url($_url) : admin_url($_url);
1859 }
1860