PluginProbe ʕ •ᴥ•ʔ
PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus / 2.22.0
PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus v2.22.0
2.45.0 2.44.0 trunk 1.10 1.10.1 1.4.1 1.4.10 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8 1.4.9 1.5 1.5.1 1.5.10 1.5.11 1.5.2 1.5.3 1.5.4 1.5.5 1.5.7 1.5.8 1.5.9 1.6 1.6.1 1.7 1.7.1 1.7.2 1.7.3 1.7.4 1.7.5 1.8.1 1.9 1.9.10 1.9.12 1.9.2 1.9.3 1.9.4 1.9.5 1.9.6 1.9.9 2.0 2.0.2 2.0.3 2.1 2.1.1 2.10.0 2.10.1 2.10.2 2.10.3 2.11.1 2.12.1 2.12.2 2.13.0 2.14.0 2.15.0 2.16.0 2.17.0 2.18.0 2.18.2 2.19.0 2.19.1 2.19.2 2.2 2.2.1 2.20.0 2.21.0 2.22.0 2.23.0 2.3 2.3.1 2.3.2 2.3.3 2.3.4 2.3.5 2.3.6 2.30.0 2.31.0 2.32.0 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.40.0 2.41.0 2.42.0 2.43.0 2.5.0 2.5.1 2.5.2 2.6.0 2.6.1 2.7.0 2.7.1 2.8.0 2.8.1 2.9.0 2.9.1
capability-manager-enhanced / includes / admin.php
capability-manager-enhanced / includes Last commit date
admin-notices 6 months ago features 6 months ago plugin-capabilities 6 months ago redirects 6 months ago roles 6 months ago admin-load.php 6 months ago admin.php 6 months ago backup-handler.php 6 months ago backup.php 6 months ago cap-helper.php 6 months ago dashboard.php 6 months ago extractor-capabilities.php 6 months ago filters-admin.php 6 months ago filters-woocommerce.php 6 months ago filters-wp_rest_workarounds.php 6 months ago filters.php 6 months ago functions-admin.php 6 months ago functions.php 6 months ago handler.php 6 months ago inflect-cme.php 6 months ago manager.php 6 months ago network.php 6 months ago plugin-capabilities.php 6 months ago pp-handler.php 6 months ago pp-ui.php 6 months ago publishpress-roles.php 6 months ago settings-handler.php 6 months ago settings-ui.php 6 months ago settings.php 6 months ago test-user-ui.php 6 months ago test-user.php 6 months ago
admin.php
1900 lines
1 <?php
2 /**
3 * PublishPress Capabilities [Free]
4 *
5 * UI output for Capabilities screen.
6 *
7 * Provides admin pages to create and manage roles and capabilities.
8 *
9 * @author Jordi Canals, Kevin Behrens
10 * @copyright Copyright (C) 2009, 2010 Jordi Canals, (C) 2020 PublishPress
11 * @license GNU General Public License version 2
12 * @link https://publishpress.com
13 *
14 * Copyright 2009, 2010 Jordi Canals <devel@jcanals.cat>
15 * Modifications Copyright 2020, PublishPress <help@publishpress.com>
16 *
17 * This program is free software; you can redistribute it and/or
18 * modify it under the terms of the GNU General Public License
19 * version 2 as published by the Free Software Foundation.
20 *
21 * This program is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 * GNU General Public License for more details.
25 *
26 * You should have received a copy of the GNU General Public License
27 * along with this program. If not, see <http://www.gnu.org/licenses/>.
28 **/
29
30 global $capsman, $cme_cap_helper, $current_user, $sidebar_metabox_state;
31
32 do_action('publishpress-caps_manager-load');
33
34 $sidebar_metabox_state = get_user_meta($current_user->ID, 'ppc_sidebar_metabox_state', true);
35 if ($sidebar_metabox_state == '' || !is_array($sidebar_metabox_state)) {
36 $sidebar_metabox_state = [];
37 $sidebar_metabox_state['how_to_user_capabilities'] = 'opened';
38 }
39
40 if (!isset($sidebar_metabox_state['multi_site'])) {
41 $sidebar_metabox_state['multi_site'] = 'opened';
42 }
43 $roles = $this->roles;
44 $default = $this->current;
45
46 if ( $block_read_removal = _cme_is_read_removal_blocked( $this->current ) ) {
47 if ( $current = get_role($default) ) {
48 if ( empty( $current->capabilities['read'] ) ) {
49 ak_admin_error( sprintf( __( 'Warning: This role cannot access the dashboard without the read capability. %1$sClick here to fix this now%2$s.', 'capability-manager-enhanced' ), '<a href="javascript:void(0)" class="cme-fix-read-cap">', '</a>' ) );
50 }
51 }
52 }
53
54 // include extractor plugin capabilites
55 require_once (dirname(CME_FILE) . '/includes/extractor-capabilities.php');
56
57 require_once (dirname(CME_FILE) . '/includes/roles/roles-functions.php');
58
59 require_once( dirname(__FILE__).'/pp-ui.php' );
60 $pp_ui = new Capsman_PP_UI();
61
62 if( defined('PRESSPERMIT_ACTIVE') ) {
63 $pp_metagroup_caps = $pp_ui->get_metagroup_caps( $default );
64 } else {
65 $pp_metagroup_caps = array();
66 }
67
68 if (defined('PUBLISHPRESS_REVISIONS_VERSION') && function_exists('rvy_get_option')) {
69 $pp_revisions_copy = rvy_get_option("copy_posts_capability");
70 $pp_revisions_revise = rvy_get_option("revise_posts_capability");
71
72 if (version_compare(PUBLISHPRESS_REVISIONS_VERSION, '3.7.15-beta3', '>=')) {
73 $pp_revisions_approve = true;
74 } else {
75 $pp_revisions_approve = false;
76 }
77 } else {
78 $pp_revisions_copy = false;
79 $pp_revisions_revise = false;
80 $pp_revisions_approve = false;
81 }
82
83 $cme_negate_all_tooltip_msg = '<span class="tool-tip-text">
84 <p>'. esc_html__('Negate All', 'capability-manager-enhanced') .'</p>
85 <i></i>
86 </span>';
87 $cme_negate_none_tooltip_msg = '<span class="tool-tip-text">
88 <p>'. esc_html__('Negate None', 'capability-manager-enhanced') .'</p>
89 <i></i>
90 </span>';
91 ?>
92 <div class="wrap publishpress-caps-manage pressshack-admin-wrapper">
93 <div id="icon-capsman-admin" class="icon32"></div>
94
95 <h1><?php esc_html_e('Role Capabilities', 'capability-manager-enhanced') ?></h1>
96
97 <?php
98 pp_capabilities_roles()->notify->display();
99 ?>
100
101 <script type="text/javascript">
102 /* <![CDATA[ */
103 jQuery(document).ready( function($) {
104 $('#publishpress_caps_form').attr('action', 'admin.php?page=pp-capabilities&role=' + $('select[name="role"]').val());
105
106 $('select[name="role"]').change(function(){
107 window.location = '<?php echo esc_url_raw(admin_url('admin.php?page=pp-capabilities&role=')); ?>' + $(this).val() + '';
108 });
109 });
110 /* ]]> */
111 </script>
112
113 <form id="publishpress_caps_form" method="post" action="admin.php?page=<?php echo esc_attr($this->ID);?>">
114 <?php wp_nonce_field('capsman-general-manager'); ?>
115
116 <?php
117 if (empty($_REQUEST['pp_caps_tab']) && !empty($_REQUEST['added'])) {
118 $pp_tab = 'additional';
119 } else {
120 $pp_tab = (!empty($_REQUEST['pp_caps_tab'])) ? sanitize_key($_REQUEST['pp_caps_tab']) : 'edit';
121 }
122 ?>
123
124 <input type="hidden" name="pp_caps_tab" value="<?php echo esc_attr($pp_tab);?>" />
125
126 <fieldset>
127 <table id="akmin" class="clear"><tr><td>
128 <div class="pp-columns-wrapper pp-enable-sidebar">
129 <div class="pp-column-left">
130 <div style="margin-bottom: 20px;">
131 <div class="pp-capabilities-submit-top" style="float:right">
132 <?php
133 $caption = (in_array(sanitize_key(get_locale()), ['en_EN', 'en_US'])) ? 'Save Capabilities' : __('Save Changes');
134 ?>
135 <input type="submit" name="SaveRole" value="<?php echo esc_attr($caption);?>" class="button-primary" />
136 </div>
137
138 <select name="role">
139 <?php
140 foreach ( $roles as $role_name => $name ) {
141 $role_name = sanitize_key($role_name);
142
143 if (pp_capabilities_is_editable_role($role_name)) {
144 $name = translate_user_role($name);
145 echo '<option value="' . esc_attr($role_name) .'"'; selected($default, $role_name); echo '> ' . esc_html($name) . ' &nbsp;</option>';
146 }
147 }
148 ?>
149 </select>
150 </div>
151 <?php
152 $img_url = $capsman->mod_url . '/images/';
153 ?>
154
155 <?php
156 if ( defined( 'PRESSPERMIT_ACTIVE' ) ) {
157 $pp_ui->show_capability_hints( $default );
158 }
159
160 if ( defined( 'MULTISITE' ) && MULTISITE ) {
161 global $wp_roles;
162 global $wpdb;
163
164 if ( ! empty($_REQUEST['cme_net_sync_role'] ) ) {
165 $main_site_id = (function_exists('get_main_site_id')) ? get_main_site_id() : 1;
166 switch_to_blog($main_site_id);
167 wp_cache_delete( $wpdb->prefix . 'user_roles', 'options' );
168 }
169
170 ( method_exists( $wp_roles, 'for_site' ) ) ? $wp_roles->for_site() : $wp_roles->reinit();
171 }
172 $capsman->reinstate_db_roles();
173
174 $current = get_role($default);
175
176 $rcaps = $current->capabilities;
177
178 $is_administrator = current_user_can( 'administrator' ) || (is_multisite() && is_super_admin());
179
180 $custom_types = get_post_types( array( '_builtin' => false ), 'names' );
181 $custom_tax = get_taxonomies( array( '_builtin' => false ), 'names' );
182
183 $defined = [];
184 $defined['type'] = apply_filters('cme_filterable_post_types', get_post_types(['public' => true, 'show_ui' => true], 'object', 'or'));
185
186 if (in_array(get_locale(), ['en_EN', 'en_US'])) {
187 $defined['type']['wp_navigation']->label = __('Nav Menus (Block)', 'capability-manager-enhanced');
188 } else {
189 $defined['type']['wp_navigation']->label .= ' (' . __('Block', 'capability-manager-enhanced') . ')';
190 }
191
192 $defined['taxonomy'] = apply_filters('cme_filterable_taxonomies', get_taxonomies(['public' => true, 'show_ui' => true], 'object', 'or'));
193 $defined['taxonomy']['nav_menu'] = get_taxonomy('nav_menu');
194
195 if (in_array(get_locale(), ['en_EN', 'en_US'])) {
196 $defined['taxonomy']['nav_menu']->label = __('Nav Menus (Legacy)', 'capability-manager-enhanced');
197 } else {
198 $defined['taxonomy']['nav_menu']->label .= ' (' . __('Legacy', 'capability-manager-enhanced') . ')';
199 }
200
201 // bbPress' dynamic role def requires additional code to enforce stored caps
202 $unfiltered['type'] = apply_filters('presspermit_unfiltered_post_types', ['forum','topic','reply','wp_block']);
203 $unfiltered['type'] = (defined('PP_CAPABILITIES_NO_LEGACY_FILTERS')) ? $unfiltered['type'] : apply_filters('pp_unfiltered_post_types', $unfiltered['type']);
204
205 $unfiltered['taxonomy'] = apply_filters('presspermit_unfiltered_post_types', ['post_status', 'topic-tag']); // avoid confusion with Edit Flow administrative taxonomy
206 $unfiltered['taxonomy'] = (defined('PP_CAPABILITIES_NO_LEGACY_FILTERS')) ? $unfiltered['taxonomy'] : apply_filters('pp_unfiltered_taxonomies', $unfiltered['taxonomy']);
207
208 $enabled_taxonomies = cme_get_assisted_taxonomies();
209
210 $cap_properties['edit']['type'] = array( 'edit_posts' );
211
212 foreach( $defined['type'] as $type_obj ) {
213 if ( 'attachment' != $type_obj->name ) {
214 if ( isset( $type_obj->cap->create_posts ) && ( $type_obj->cap->create_posts != $type_obj->cap->edit_posts ) ) {
215 $cap_properties['edit']['type'][]= 'create_posts';
216 break;
217 }
218 }
219 }
220
221 $cap_properties['edit']['type'][]= 'edit_others_posts';
222 $cap_properties['edit']['type'] = array_merge( $cap_properties['edit']['type'], array( 'publish_posts', 'edit_published_posts', 'edit_private_posts' ) );
223
224 $cap_properties['delete']['type'] = array( 'delete_posts', 'delete_others_posts' );
225 $cap_properties['delete']['type'] = array_merge( $cap_properties['delete']['type'], array( 'delete_published_posts', 'delete_private_posts' ) );
226
227 if (defined('PRESSPERMIT_VERSION') && defined('PRESSPERMIT_COLLAB_VERSION')) {
228 $cap_properties['list']['type'] = ['list_posts', 'list_others_posts', 'list_published_posts', 'list_private_posts'];
229 }
230
231 if ($pp_revisions_copy) {
232 $cap_properties['copy']['type'] = ['copy_posts', 'copy_others_posts', 'copy_published_posts', 'copy_private_posts'];
233 }
234
235 if ($pp_revisions_revise) {
236 $cap_properties['revise']['type'] = ['revise_posts', 'revise_others_posts', 'revise_published_posts', 'revise_private_posts'];
237 }
238
239 if ($pp_revisions_approve) {
240 $cap_properties['approve']['type'] = ['approve_posts', 'approve_others_posts'];
241 }
242
243 $cap_properties['read']['type'] = array( 'read_private_posts' );
244
245 $cap_properties['taxonomies']['taxonomy'] = array( 'manage_terms', 'edit_terms', 'assign_terms', 'delete_terms' );
246
247 $stati = get_post_stati( array( 'internal' => false ) );
248
249 $cap_type_names = array(
250 '' => __( '&nbsp;', 'capability-manager-enhanced' ),
251 'read' => __( 'Visibility', 'capability-manager-enhanced' ),
252 'edit' => __( 'Editing', 'capability-manager-enhanced' ),
253 'delete' => __( 'Deletion', 'capability-manager-enhanced' ),
254 'taxonomies' => __( 'Taxonomies', 'capability-manager-enhanced' ),
255 );
256
257 if (defined('PRESSPERMIT_VERSION') && defined('PRESSPERMIT_COLLAB_VERSION')) {
258 $cap_type_names['list'] = __('Listing', 'capability-manager-enhanced');
259 }
260
261 if ($pp_revisions_copy) {
262 $cap_type_names['copy'] = __('Create Revision', 'capability-manager-enhanced');
263 }
264
265 if ($pp_revisions_revise) {
266 $cap_type_names['revise'] = __('Submit Revision', 'capability-manager-enhanced');
267 }
268
269 if ($pp_revisions_approve) {
270 $cap_type_names['approve'] = __('Approve Revision', 'capability-manager-enhanced');
271 }
272
273 $cap_tips = array(
274 'read_private' => esc_attr__( 'Can read posts which are currently published with private visibility.', 'capability-manager-enhanced' ),
275 'edit' => esc_attr__( 'Has basic editing capability (but may need other capabilities based on post status and ownership).', 'capability-manager-enhanced' ),
276 'edit_others' => esc_attr__( 'Can edit posts which were created by other users.', 'capability-manager-enhanced' ),
277 'edit_published' => esc_attr__( 'Can edit posts which are currently published.', 'capability-manager-enhanced' ),
278 'edit_private' => esc_attr__( 'Can edit posts which are currently published with private visibility.', 'capability-manager-enhanced' ),
279 'publish' => esc_attr__( 'Can make a post publicly visible.', 'capability-manager-enhanced' ),
280 'delete' => esc_attr__( 'Has basic deletion capability (but may need other capabilities based on post status and ownership).', 'capability-manager-enhanced' ),
281 'delete_others' => esc_attr__( 'Can delete posts which were created by other users.', 'capability-manager-enhanced' ),
282 'delete_published' => esc_attr__( 'Can delete posts which are currently published.', 'capability-manager-enhanced' ),
283 'delete_private' => esc_attr__( 'Can delete posts which are currently published with private visibility.', 'capability-manager-enhanced' ),
284 );
285
286 $default_caps = array( 'read_private_posts', 'edit_posts', 'edit_others_posts', 'edit_published_posts', 'edit_private_posts', 'publish_posts', 'delete_posts', 'delete_others_posts', 'delete_published_posts', 'delete_private_posts',
287 'read_private_pages', 'edit_pages', 'edit_others_pages', 'edit_published_pages', 'edit_private_pages', 'publish_pages', 'delete_pages', 'delete_others_pages', 'delete_published_pages', 'delete_private_pages',
288 'manage_categories'
289 );
290
291 if (defined('PRESSPERMIT_PRO_FILE') && defined('PRESSPERMIT_COLLAB_VERSION')) {
292 $default_caps = array_merge($default_caps, ['list_posts', 'list_others_posts', 'list_published_posts', 'list_private_posts', 'list_pages', 'list_others_pages', 'list_published_pages', 'list_private_pages']);
293 }
294
295 if ($pp_revisions_copy) {
296 $default_caps = array_merge($default_caps, ['copy_posts', 'copy_others_posts', 'copy_pages', 'copy_others_pages']);
297 }
298
299 if ($pp_revisions_revise) {
300 $default_caps = array_merge($default_caps, ['revise_posts', 'revise_others_posts', 'revise_pages', 'revise_others_pages']);
301 }
302
303 $type_caps = array();
304 $type_metacaps = array();
305
306 // Role Scoper and PP1 adjust attachment access based only on user's capabilities for the parent post
307 if ( defined('OLD_PRESSPERMIT_ACTIVE') ) {
308 unset( $defined['type']['attachment'] );
309 }
310 ?>
311
312 <script type="text/javascript">
313 /* <![CDATA[ */
314 jQuery(document).ready( function($) {
315 if ($('.ppc-capabilities-tabs li.ppc-capabilities-tab-active').hasClass('ppc-full-width')) {
316 $('.capabilities-sidebar').hide();
317 $('#ppc-capabilities-wrapper .ppc-capabilities-content').css('grid-template-columns', '1fr');
318 }
319
320 // Tabs and Content display
321 $('.ppc-capabilities-tabs > ul > li').click( function() {
322 var $pp_tab = $(this).attr('data-content');
323 var data_slug = $(this).attr('data-slug');
324
325 $("[name='pp_caps_tab']").val(data_slug);
326
327 // Show current Content
328 $('.ppc-capabilities-content > div').not('.capabilities-sidebar').hide();
329 $('#' + $pp_tab).show();
330
331 var post_ops = ['read', 'edit', 'delete', 'list'];
332 $('.capabilities-sidebar .ppc-post-types').toggle(post_ops.indexOf(data_slug,) != -1);
333
334 $('.capabilities-sidebar .ppc-taxonomies').toggle(data_slug == 'taxonomies');
335 $('.capabilities-sidebar .ppc-detailed-taxonomies').toggle(data_slug == 'taxonomies');
336
337 if ($(this).hasClass('ppc-full-width')) {
338 $('.capabilities-sidebar').hide();
339 $('#ppc-capabilities-wrapper .ppc-capabilities-content').css('grid-template-columns', '1fr');
340 } else {
341 $('.capabilities-sidebar').show();
342
343 if ($(window).width() > 1199) {
344 $('#ppc-capabilities-wrapper .ppc-capabilities-content').css('grid-template-columns', '1fr 200px 70px');
345 }
346 }
347
348 $('#' + $pp_tab + '-taxonomy').show();
349
350 // Active current Tab
351 $('.ppc-capabilities-tabs > ul > li').removeClass('ppc-capabilities-tab-active');
352 $(this).addClass('ppc-capabilities-tab-active');
353
354 // Scroll to content area (for responsive display)
355 if ($(window).width() <= 1199) {
356 $([document.documentElement, document.body]).animate({
357 scrollTop: $("#capabilities_content").offset().top - 20
358 }, 500);
359 }
360 });
361 });
362 /* ]]> */
363 </script>
364
365 <div id="ppc-capabilities-wrapper" class="postbox">
366 <div class="ppc-capabilities-tabs">
367 <ul>
368 <?php
369 $full_width_tabs = apply_filters('pp_capabilities_full_width_tabs', []);
370
371 if (empty($_REQUEST['pp_caps_tab']) && !empty($_REQUEST['added'])) {
372 $active_tab_slug = 'additional';
373 } else {
374 $active_tab_slug = (!empty($_REQUEST['pp_caps_tab'])) ? sanitize_key($_REQUEST['pp_caps_tab']) : 'edit';
375 }
376
377 $active_tab_id = "cme-cap-type-tables-{$active_tab_slug}";
378
379 $ppc_tab_active = 'ppc-capabilities-tab-active';
380
381 // caps: edit, delete, read
382 foreach( array_keys($cap_properties) as $cap_type ) {
383 $tab_id = "cme-cap-type-tables-$cap_type";
384 $classes = [];
385
386 if ($tab_id == $active_tab_id) {
387 $classes []= $ppc_tab_active;
388 }
389
390 if (!empty($full_width_tabs[$cap_type])) {
391 $classes []= 'ppc-full-width';
392 }
393
394 $class = implode(' ', $classes);
395
396 echo '<li data-slug="'. esc_attr($cap_type) . '"' . ' data-content="cme-cap-type-tables-' . esc_attr($cap_type) . '" class="' . esc_attr($class) . '">'
397 . esc_html($cap_type_names[$cap_type]) .
398 '</li>';
399 }
400
401 if ($extra_tabs = apply_filters('pp_capabilities_extra_post_capability_tabs', [])) {
402 foreach($extra_tabs as $tab_slug => $tab_caption) {
403 $tab_slug = esc_attr($tab_slug);
404
405 $tab_id = "cme-cap-type-tables-{$tab_slug}";
406
407 $classes = [];
408
409 if ($tab_id == $active_tab_id) {
410 $classes []= $ppc_tab_active;
411 }
412
413 if (!empty($full_width_tabs[$tab_slug])) {
414 $classes []= 'ppc-full-width';
415 }
416
417 $class = implode(' ', $classes);
418
419 echo '<li data-slug="' . esc_attr($tab_slug) . '"' . ' data-content="' . esc_attr($tab_id) . '" class="' . esc_attr($class) . '">'
420 . esc_html($tab_caption) .
421 '</li>';
422 }
423 }
424
425 //grouped capabilities
426 $grouped_caps = [];
427 $grouped_caps_lists = [];
428
429 //add media related caps
430 $grouped_caps['Media'] = [
431 'edit_files',
432 'upload_files',
433 'unfiltered_upload',
434 ];
435 $grouped_caps_lists = array_merge($grouped_caps_lists, $grouped_caps['Media']);
436
437 //add comments related caps
438 $grouped_caps['Comments'] = [
439 'moderate_comments'
440 ];
441 if (isset($rcaps['edit_comment'])) {
442 $type_metacaps['edit_comment'] = 1;
443 }
444 $grouped_caps_lists = array_merge($grouped_caps_lists, $grouped_caps['Comments']);
445
446 //add users related caps
447 $grouped_caps['Users'] = [
448 'create_users',
449 'delete_users',
450 'edit_users',
451 'list_users',
452 'promote_users',
453 'remove_users',
454 ];
455 $grouped_caps_lists = array_merge($grouped_caps_lists, $grouped_caps['Users']);
456
457 //add admin options related caps
458 $grouped_caps['Admin'] = [
459 'manage_options',
460 'edit_dashboard',
461 'export',
462 'import',
463 'read',
464 'update_core',
465 'unfiltered_html',
466 ];
467 $grouped_caps_lists = array_merge($grouped_caps_lists, $grouped_caps['Admin']);
468
469 //add themes related caps
470 $grouped_caps['Themes'] = [
471 'delete_themes',
472 'edit_themes',
473 'install_themes',
474 'switch_themes',
475 'update_themes',
476 'edit_theme_options',
477 'manage_links',
478 ];
479 $grouped_caps_lists = array_merge($grouped_caps_lists, $grouped_caps['Themes']);
480
481 //add plugin related caps
482 $grouped_caps['Plugins'] = [
483 'activate_plugins',
484 'delete_plugins',
485 'edit_plugins',
486 'install_plugins',
487 'update_plugins',
488 ];
489 $grouped_caps_lists = array_merge($grouped_caps_lists, $grouped_caps['Plugins']);
490
491 if (is_multisite()) {
492 //add multisite caps
493 $grouped_caps['Multisite'] = [
494 'create_sites',
495 'delete_sites',
496 'manage_network',
497 'manage_sites',
498 'manage_network_users',
499 'manage_network_plugins',
500 'manage_network_themes',
501 'manage_network_options',
502 'upgrade_network',
503 'setup_network',
504 ];
505 $grouped_caps_lists = array_merge($grouped_caps_lists, $grouped_caps['Multisite']);
506 }
507
508 $grouped_caps = apply_filters('cme_grouped_capabilities', $grouped_caps);
509
510 foreach($grouped_caps as $grouped_title => $__grouped_caps) {
511 $tab_slug = pp_capabilities_convert_to_slug(sanitize_title($grouped_title));
512 switch ($grouped_title) {
513 case 'Comments' :
514 $grouped_title = __('Comments');
515 break;
516
517 case 'Media' :
518 $grouped_title = __('Media');
519 break;
520
521 case 'Users' :
522 $grouped_title = __('Users');
523 break;
524
525 case 'Themes' :
526 $grouped_title = __('Themes');
527 break;
528
529 case 'Plugins' :
530 $grouped_title = __('Plugins');
531 break;
532
533 case 'Multisite' :
534 $grouped_title = esc_html__('Multisite', 'capability-manager-enhanced');
535 break;
536
537 case 'Admin' :
538 $grouped_title = esc_html__('Admin', 'capability-manager-enhanced');
539 break;
540
541 default:
542 $grouped_title = esc_html($grouped_title);
543 }
544
545 $tab_id = 'cme-cap-type-tables-' . $tab_slug;
546 $tab_active = ($tab_id == $active_tab_id) ? $ppc_tab_active : '';
547
548 echo '<li data-slug="' . esc_attr($tab_slug) . '" data-content="' . esc_attr($tab_id) . '" class="' . esc_attr($tab_active) . '">'
549 . esc_html(str_replace('_', ' ', $grouped_title)) .
550 '</li>';
551 }
552
553 // caps: plugins
554 $plugin_caps = apply_filters('cme_plugin_capabilities', []);
555
556 foreach($plugin_caps as $plugin_title => $__plugin_caps) {
557 $plugin_title = esc_html($plugin_title);
558
559 $tab_slug = pp_capabilities_convert_to_slug(sanitize_title($plugin_title));
560 $tab_id = 'cme-cap-type-tables-' . $tab_slug;
561 $tab_name = esc_html(str_replace('_', ' ', $plugin_title));
562 // support extractor staging label
563 $tab_name = str_replace('(CAPABILITYEXTRACTOR)', '<span class="capability-extractor-label">CE</span>', $tab_name);
564 $tab_active = ($tab_id == $active_tab_id) ? $ppc_tab_active : '';
565
566 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
567 echo '<li data-slug="' . esc_attr($tab_slug) . '" data-content="' . esc_attr($tab_id) . '" class="' . esc_attr($tab_active) . '">'
568 . $tab_name .
569 '</li>';
570 }
571
572 $tab_id = "cme-cap-type-tables-invalid";
573 $tab_active = ($tab_id == $active_tab_id) ? $ppc_tab_active : '';
574 $tab_caption = esc_html__( 'Invalid Capabilities', 'capability-manager-enhanced' );
575 echo '<li id="cme_tab_invalid_caps" data-slug="invalid" data-content="' . esc_attr($tab_id) . '" class="' . esc_attr($tab_active) . '" style="display:none;">' . esc_html($tab_caption) . '</li>';
576
577 $tab_id = "cme-cap-type-tables-additional";
578 $tab_active = ($tab_id == $active_tab_id) ? $ppc_tab_active : '';
579 $tab_caption = esc_html__( 'Additional', 'capability-manager-enhanced' );
580 echo '<li data-slug="additional" data-content="' . esc_attr($tab_id) . '" class="' . esc_attr($tab_active) . '">' . esc_html($tab_caption) . '</li>';
581 ?>
582 </ul>
583 </div>
584
585 <div id="capabilities_content" class="ppc-capabilities-content">
586 <?php
587 // caps: read, edit, deletion
588 foreach( array_keys($cap_properties) as $cap_type ) {
589
590 foreach( array_keys($defined) as $item_type ) {
591
592
593 if (!isset($cap_properties[$cap_type][$item_type])) {
594 continue;
595 }
596 if ( ! count( $cap_properties[$cap_type][$item_type] ) )
597 continue;
598
599 $tab_id = "cme-cap-type-tables-" . pp_capabilities_convert_to_slug($cap_type);
600 $div_display = ($tab_id == $active_tab_id) ? 'block' : 'none';
601
602 $any_caps = false;
603
604 if ($item_type == 'taxonomy') {
605 $tab_id .= '-taxonomy';
606
607 ob_start();
608 }
609
610 echo "<div id='" . esc_attr($tab_id) . "' style='display:" . esc_attr($div_display) . ";'>";
611
612 if ('taxonomy' == $item_type) {
613 $caption_pattern = esc_html__('Term %s Capabilities', 'capability-manager-enhanced');
614 } else {
615 $caption_pattern = (in_array($cap_type, ['copy', 'revise']))
616 ? esc_html__('%s Capabilities', 'capability-manager-enhanced')
617 : esc_html__('Post %s Capabilities', 'capability-manager-enhanced');
618 }
619
620 $cap_type_name = ('taxonomies' == $cap_type) ? esc_html__('Taxonomy', 'capability-manager-enhanced') : $cap_type_names[$cap_type];
621
622 echo '<h3>' . sprintf($caption_pattern, esc_html($cap_type_name)) . '</h3>';
623
624 echo '<div class="ppc-filter-wrapper">';
625 echo '<select class="ppc-filter-select">';
626 $filter_caption = ('taxonomy' == $item_type) ? __('Filter by taxonomy', 'capability-manager-enhanced') : __('Filter by post type', 'capability-manager-enhanced');
627 echo '<option value="">' . esc_html($filter_caption) . '</option>';
628 echo '</select>';
629 echo ' <button class="button secondary-button ppc-filter-select-reset" type="button">' . esc_html__('Clear') . '</button>';
630 echo '</div>';
631
632 echo "<table class='widefat striped cme-typecaps cme-typecaps-basic cme-typecaps-" . esc_attr($cap_type) . "'>";
633
634 echo '<thead><tr><th class="pp-header-checkall">';
635 echo '<input type="checkbox" name="pp_toggle_all" class="excluded-input" autocomplete="off"> &nbsp;';
636 echo '</th>';
637
638 // label cap properties
639 foreach( $cap_properties[$cap_type][$item_type] as $prop ) {
640 $prop = str_replace( '_posts', '', $prop );
641 $prop = str_replace( '_pages', '', $prop );
642 $prop = str_replace( '_terms', '', $prop );
643
644 if (in_array($prop, ['copy_published', 'copy_private', 'revise_published', 'revise_private'])) {
645 echo "<th></th>";
646 continue;
647 }
648
649 $th_class = ( 'taxonomy' == $item_type ) ? 'term-cap' : 'post-cap';
650
651 $tip_text = '';
652 if ( isset( $cap_tips[$prop] ) ) {
653 $th_class .= ' ppc-tool-tip';
654 $tip_text = '<div class="tool-tip-text">
655 <p>'. $cap_tips[$prop] .'</p>
656 <i></i>
657 </div>';
658 }
659
660 echo "<th style='text-align:center;' class='" . esc_attr($th_class) . "'>" . $tip_text;
661
662 if ( ( 'delete' != $prop ) || ( 'taxonomy' != $item_type ) || cme_get_detailed_taxonomies() ) {
663 echo str_replace('_', '<br />', esc_html(ucwords($prop)));
664 }
665
666 echo '</th>';
667 }
668
669 echo '</tr></thead>';
670 $attachement_cap_position = 0;
671 foreach( $defined[$item_type] as $key => $type_obj ) {
672 if ( in_array( $key, $unfiltered[$item_type] ) )
673 continue;
674
675 if (in_array($cap_type, ['copy', 'revise'])) {
676 global $revisionary;
677
678 if (!empty($revisionary) && !empty($revisionary->enabled_post_types) && empty($revisionary->enabled_post_types[$key])) {
679 continue;
680 }
681 }
682
683 $row = "<tr class='cme_type_" . esc_attr($key) . "'>";
684
685 if ( $cap_type ) {
686
687 if (empty($force_distinct_ui) && empty($cap_properties[$cap_type][$item_type])) {
688 continue;
689 }
690
691 if (defined('PRESSPERMIT_VERSION') || defined('PRESSPERMIT_PRO_VERSION')) {
692 //add list capabilities
693 if (isset($type_obj->cap->edit_posts) && !isset($type_obj->cap->list_posts)) {
694 $type_obj->cap->list_posts = str_replace('edit_', 'list_', $type_obj->cap->edit_posts);
695 }
696 if (isset($type_obj->cap->edit_others_posts) && !isset($type_obj->cap->list_others_posts)) {
697 $type_obj->cap->list_others_posts = str_replace('edit_', 'list_', $type_obj->cap->edit_others_posts);
698 }
699 if (isset($type_obj->cap->edit_published_posts) && !isset($type_obj->cap->list_published_posts)) {
700 $type_obj->cap->list_published_posts = str_replace('edit_', 'list_', $type_obj->cap->edit_published_posts);
701 }
702 if (isset($type_obj->cap->edit_private_posts) && !isset($type_obj->cap->list_private_posts)) {
703 $type_obj->cap->list_private_posts = str_replace('edit_', 'list_', $type_obj->cap->edit_private_posts);
704 }
705 }
706
707 if ($pp_revisions_copy) {
708 //add copy capabilities
709 if (isset($type_obj->cap->edit_posts) && !isset($type_obj->cap->copy_posts)) {
710 $type_obj->cap->copy_posts = str_replace('edit_', 'copy_', $type_obj->cap->edit_posts);
711 }
712 if (isset($type_obj->cap->edit_others_posts) && !isset($type_obj->cap->copy_others_posts)) {
713 $type_obj->cap->copy_others_posts = str_replace('edit_', 'copy_', $type_obj->cap->edit_others_posts);
714 }
715 }
716
717 if ($pp_revisions_revise) {
718 //add revise capabilities
719 if (isset($type_obj->cap->edit_posts) && !isset($type_obj->cap->revise_posts)) {
720 $type_obj->cap->revise_posts = str_replace('edit_', 'revise_', $type_obj->cap->edit_posts);
721 }
722 if (isset($type_obj->cap->edit_others_posts) && !isset($type_obj->cap->revise_others_posts)) {
723 $type_obj->cap->revise_others_posts = str_replace('edit_', 'revise_', $type_obj->cap->edit_others_posts);
724 }
725 }
726
727 if ($pp_revisions_approve) {
728 //add approve capabilities
729 if (isset($type_obj->cap->edit_posts) && !isset($type_obj->cap->approve_posts)) {
730 $type_obj->cap->approve_posts = str_replace('edit_', 'approve_', $type_obj->cap->edit_posts);
731 }
732 if (isset($type_obj->cap->edit_others_posts) && !isset($type_obj->cap->approve_others_posts)) {
733 $type_obj->cap->approve_others_posts = str_replace('edit_', 'approve_', $type_obj->cap->edit_others_posts);
734 }
735 }
736
737 if ('wp_navigation' == $type_obj->name) {
738 $type_label = __('Nav Menus (Block)', 'capability-manager-enhanced');
739 } elseif ('nav_menu' == $type_obj->name) {
740 $type_label = __('Nav Menus (Legacy)', 'capability-manager-enhanced');
741 } else {
742 $type_label = (defined('CME_LEGACY_MENU_NAME_LABEL') && !empty($type_obj->labels->menu_name)) ? $type_obj->labels->menu_name : $type_obj->labels->name;
743 }
744
745 if (!empty($type_obj->name)) {
746 if ('taxonomy' == $item_type) {
747 $type_tooltip = sprintf(__( 'The slug for this taxonomy is %s', 'capability-manager-enhanced' ), '<strong>' . esc_html($type_obj->name) . '</strong>' );
748 } else {
749 $type_tooltip = sprintf(__( 'The slug for this post type is %s', 'capability-manager-enhanced' ), '<strong>' . esc_html($type_obj->name) . '</strong>' );
750 }
751 $type_tooltip_class = 'ppc-tool-tip disabled';
752 $type_tooltip_msg = '<span class="tool-tip-text">
753 <p>'. $type_tooltip .'</p>
754 <i></i>
755 </span>';
756 } else {
757 $type_tooltip_class = '';
758 $type_tooltip_msg = '';
759 }
760
761 $row .= "<td>";
762 $row .= '<input type="checkbox" class="pp-row-action-rotate excluded-input"> &nbsp;';
763 $row .= "<span class='{$type_tooltip_class}'><a class='cap_type' href='#toggle_type_caps'>" . esc_html($type_label) . '</a> '. $type_tooltip_msg .'</span>';
764 $row .= '<a style="display: none;" href="#" class="neg-type-caps">&nbsp;x&nbsp;</a>';
765 $row .= '</td>';
766
767 $display_row = ! empty($force_distinct_ui);
768 $col_count = 0;
769
770 foreach( $cap_properties[$cap_type][$item_type] as $prop ) {
771 $td_classes = array();
772 $checkbox = '';
773 $cap_title = '';
774 $disabled_cap = false;
775
776 if ($type_obj->name === 'attachment') {
777 $attachement_cap_position++;
778 }
779
780 if ( ! empty($type_obj->cap->$prop) && ( in_array( $type_obj->name, array( 'post', 'page' ) )
781 || ! in_array( $type_obj->cap->$prop, $default_caps )
782 || ( ( 'manage_categories' == $type_obj->cap->$prop ) && ( 'manage_terms' == $prop ) && ( 'category' == $type_obj->name ) ) ) ) {
783
784 // if edit_published or edit_private cap is same as edit_posts cap, don't display a checkbox for it
785 if ( ( ! in_array( $prop, array( 'edit_published_posts', 'edit_private_posts', 'create_posts' ) ) || ( $type_obj->cap->$prop != $type_obj->cap->edit_posts ) )
786 && ( ! in_array( $prop, array( 'delete_published_posts', 'delete_private_posts' ) ) || ( $type_obj->cap->$prop != $type_obj->cap->delete_posts ) )
787 && ( ! in_array( $prop, array( 'edit_terms', 'delete_terms' ) ) || ( $type_obj->cap->$prop != $type_obj->cap->manage_terms ) )
788
789 && ( ! in_array( $prop, array( 'manage_terms', 'edit_terms', 'delete_terms', 'assign_terms' ) )
790 || empty($cme_cap_helper->all_taxonomy_caps[$type_obj->cap->$prop])
791 || ( $cme_cap_helper->all_taxonomy_caps[ $type_obj->cap->$prop ] <= 1 )
792 || $type_obj->cap->$prop == str_replace( '_terms', "_{$type_obj->name}s", $prop )
793 || $type_obj->cap->$prop == str_replace( '_terms', "_" . _cme_get_plural($type_obj->name, $type_obj), $prop )
794 )
795
796 && ( in_array( $prop, array( 'manage_terms', 'edit_terms', 'delete_terms', 'assign_terms' ) )
797 || empty($cme_cap_helper->all_type_caps[$type_obj->cap->$prop])
798 || ( $cme_cap_helper->all_type_caps[ $type_obj->cap->$prop ] <= 1 )
799 || $type_obj->cap->$prop == 'upload_files' && 'create_posts' == $prop && 'attachment' == $type_obj->name
800 || $type_obj->cap->$prop == str_replace( '_posts', "_{$type_obj->name}s", $prop )
801 || $type_obj->cap->$prop == str_replace( '_pages', "_{$type_obj->name}s", $prop )
802 || $type_obj->cap->$prop == str_replace( '_posts', "_" . _cme_get_plural($type_obj->name, $type_obj), $prop )
803 || $type_obj->cap->$prop == str_replace( '_pages', "_" . _cme_get_plural($type_obj->name, $type_obj), $prop )
804 )
805 && (!in_array($type_obj->cap->$prop, $grouped_caps_lists)) //capability not enforced in $grouped_caps_lists
806 && (('manage_post_tags' != $type_obj->cap->$prop) || ('post_tag' == $type_obj->name))
807 ) {
808 // only present these term caps up top if we are ensuring that they get enforced separately from manage_terms
809 if ( in_array( $prop, array( 'edit_terms', 'delete_terms', 'assign_terms' ) ) && ( ! in_array( $type_obj->name, cme_get_detailed_taxonomies() ) || defined( 'OLD_PRESSPERMIT_ACTIVE' ) ) ) {
810 continue;
811 }
812
813 $cap_name = sanitize_text_field($type_obj->cap->$prop);
814
815 if ( 'taxonomy' == $item_type )
816 $td_classes []= "term-cap";
817 else
818 $td_classes []= "post-cap";
819
820 if ( $is_administrator || current_user_can($cap_name) ) {
821 $chk_classes = [];
822
823 $cap_title = '';
824 if (! empty($pp_metagroup_caps[$cap_name]) ) {
825 $tool_tip = sprintf(__( '%s: assigned by Permission Group', 'capability-manager-enhanced' ), '<strong>' . $cap_name . '</strong>' );
826 $chk_classes []= 'cm-has-via-pp';
827 } else {
828 $tool_tip = sprintf(__( 'This capability is %s', 'capability-manager-enhanced' ), '<strong>' . $cap_name . '</strong>' );
829 }
830
831 $chk_class = ( $chk_classes ) ? ' class="' . implode(' ', $chk_classes) . '"' : '';
832
833 $checkbox = '<div class="ppc-tool-tip disabled"><input type="checkbox"' . $chk_class . ' name="caps[' . esc_attr($cap_name) . ']" autocomplete="off" value="1" ' . checked(1, ! empty($rcaps[$cap_name]), false ) . ' />
834 <div class="tool-tip-text">
835 <p>'. $tool_tip .'</p>
836 <i></i>
837 </div>
838 </div>';
839
840 $type_caps [$cap_name] = true;
841 $display_row = true;
842 $any_caps = true;
843 $disabled_cap = false;
844 }
845 } else {
846
847 // only present these term caps up top if we are ensuring that they get enforced separately from manage_terms
848 if ( in_array( $prop, array( 'edit_terms', 'delete_terms', 'assign_terms' ) ) && ( ! in_array( $type_obj->name, cme_get_detailed_taxonomies() ) || defined( 'OLD_PRESSPERMIT_ACTIVE' ) ) ) {
849 continue;
850 }
851
852 $disabled_cap = true;
853 $display_row = true;
854 $cap_name = sanitize_text_field($type_obj->cap->$prop);
855 $cap_title = '';
856
857 if (($cap_name === 'manage_categories') && !defined('PRESSPERMIT_ACTIVE')) {
858 $tool_tip = sprintf(__( 'This capability is controlled by %s', 'capability-manager-enhanced' ), '<strong>manage_categories</strong>' );
859
860 } else {
861 $tool_tip = sprintf(__('This capability is controlled by %s Use the sidebar settings to allow this to be controlled independently.', 'capability-manager-enhanced'), '<strong>' . $cap_name . '</strong>.<br /><br />');
862 }
863
864 $checkbox = '<div class="ppc-tool-tip disabled"><input disabled class="disabled" type="checkbox" ' . checked(1, ! empty($rcaps[$cap_name]), false ) . ' />
865 <div class="tool-tip-text">
866 <p>'. $tool_tip .'</p>
867 <i></i>
868 </div>
869 </div>';
870 }
871
872 if ( isset($rcaps[$cap_name]) && empty($rcaps[$cap_name]) ) {
873 $td_classes []= "cap-neg";
874 }
875 } else {
876 if ($type_obj->name === 'attachment') {
877 if ($attachement_cap_position === 1 || $attachement_cap_position === 3) {
878 $tool_tip =__('Use the sidebar settings to allow this to be controlled independently.', 'capability-manager-enhanced');
879 } else {
880 $tool_tip =__('This capability is not available for this post type.', 'capability-manager-enhanced');
881 }
882
883 } else {
884 $tool_tip =__('This capability is not available for this post type.', 'capability-manager-enhanced');
885 }
886 $checkbox = '<div class="ppc-tool-tip disabled">&nbsp; &nbsp; &nbsp; &nbsp;
887 <div class="tool-tip-text">
888 <p>'. $tool_tip .'</p>
889 <i></i>
890 </div>
891 </div>';
892 $td_classes []= "cap-unreg";
893 }
894
895 $td_classes[] = 'capability-checkbox-rotate';
896 $td_classes[] = $cap_name;
897
898 $td_class = ( $td_classes ) ? implode(' ', $td_classes) : '';
899
900 $row .= '<td class="' . esc_attr($td_class) . '" title="' . esc_attr($cap_title) . '"' . "><span class='ppc-tool-tip disabled cap-x'>X</span>$checkbox";
901
902 if ( !$disabled_cap && false !== strpos( $td_class, 'cap-neg' ) )
903 $row .= '<input type="hidden" class="cme-negation-input" name="caps[' . esc_attr($cap_name) . ']" value="" />';
904
905 $row .= "</td>";
906
907 $col_count++;
908 }
909
910 if ('taxonomy' == $item_type) {
911 for ($i = $col_count; $i < 4; $i++) {
912 $row .= "<td></td>";
913 }
914 }
915
916 if (!empty($type_obj->map_meta_cap) && !defined('PP_CAPABILITIES_NO_INVALID_SECTION')) {
917 if ('type' == $item_type) {
918 if (!in_array($type_obj->cap->read_post, $grouped_caps_lists)
919 && !in_array($type_obj->cap->edit_post, $grouped_caps_lists)
920 && !in_array($type_obj->cap->delete_post, $grouped_caps_lists)
921 ) {
922 $type_metacaps[$type_obj->cap->read_post] = true;
923 $type_metacaps[$type_obj->cap->edit_post] = isset($type_obj->cap->edit_posts) && ($type_obj->cap->edit_post != $type_obj->cap->edit_posts);
924 $type_metacaps[$type_obj->cap->delete_post] = isset($type_obj->cap->delete_posts) && ($type_obj->cap->delete_post != $type_obj->cap->delete_posts);
925 }
926 } elseif ('taxonomy' == $item_type && !empty($type_obj->cap->edit_term) && !empty($type_obj->cap->delete_term)) {
927 if (!in_array($type_obj->cap->edit_term, $grouped_caps_lists)
928 && !in_array($type_obj->cap->delete_term, $grouped_caps_lists)
929 ) {
930 $type_metacaps[$type_obj->cap->edit_term] = true;
931 $type_metacaps[$type_obj->cap->delete_term] = true;
932 }
933 }
934 }
935 }
936
937 if ( $display_row ) {
938 $row .= '</tr>';
939
940 // Escaped piecemeal upstream; cannot be late-escaped until upstream UI output logic is reworked
941 echo $row;
942 }
943 }
944
945 echo '</table>';
946
947 if ($cap_type === 'list' && defined('PRESSPERMIT_VERSION') && defined('PRESSPERMIT_COLLAB_VERSION')) {
948 echo '<p class="pp-subtext"> '. esc_html__('Admin listing access is normally provided by the "Edit" capabilities. These "List" capabilities only apply if the corresponding "Edit" capability is missing. Also, these "List" capabilities can grant access, but not deny access.', 'capability-manager-enhanced') .' </p>';
949 }
950
951 do_action('publishpress-caps_manager_postcaps_table', $cap_type, $item_type, compact('current', 'rcaps', 'pp_metagroup_caps', 'is_administrator', 'default_caps', 'custom_types', 'defined', 'unfiltered', 'pp_metagroup_caps', 'active_tab_id'));
952
953 echo '</div>';
954
955 if ($item_type == 'taxonomy') {
956 if ($any_caps) {
957 ob_flush();
958 } else {
959 ob_clean();
960 }
961 }
962
963 } // end foreach item type
964 }
965
966 if (empty($caps_manager_postcaps_section)) {
967 $caps_manager_postcaps_section = '';
968 }
969
970 do_action('publishpress-caps_manager_postcaps_section', compact('current', 'rcaps', 'pp_metagroup_caps', 'is_administrator', 'default_caps', 'custom_types', 'defined', 'unfiltered', 'pp_metagroup_caps','caps_manager_postcaps_section', 'active_tab_id'));
971
972 $type_caps = apply_filters('publishpress_caps_manager_typecaps', $type_caps);
973
974 // clicking on post type name toggles corresponding checkbox selections
975
976 // caps: grouped
977 $grouped_caps = apply_filters('cme_grouped_capabilities', $grouped_caps);
978
979 foreach($grouped_caps as $grouped_title => $__grouped_caps) {
980
981 $tab_id = 'cme-cap-type-tables-' . esc_attr(pp_capabilities_convert_to_slug($grouped_title));
982
983 switch ($grouped_title) {
984 case 'Comments' :
985 $grouped_title = __('Comments');
986 break;
987
988 case 'Media' :
989 $grouped_title = __('Media');
990 break;
991
992 case 'Users' :
993 $grouped_title = __('Users');
994 break;
995
996 case 'Themes' :
997 $grouped_title = __('Themes');
998 break;
999
1000 case 'Plugins' :
1001 $grouped_title = __('Plugins');
1002 break;
1003
1004 case 'Multisite' :
1005 $grouped_title = esc_html__('Multisite', 'capability-manager-enhanced');
1006 break;
1007
1008 case 'Admin' :
1009 $grouped_title = esc_html__('Admin', 'capability-manager-enhanced');
1010 break;
1011
1012 default:
1013 $grouped_title = esc_html($grouped_title);
1014 }
1015
1016 $_grouped_caps = array_fill_keys($__grouped_caps, true);
1017
1018 $div_display = ($tab_id == $active_tab_id) ? 'block' : 'none';
1019
1020 echo '<div id="' . esc_attr($tab_id) . '" style="display:' . esc_attr($div_display) . '">';
1021
1022 echo '<h3 class="cme-cap-section">' . esc_html(str_replace('_', ' ', $grouped_title)) . '</h3>';
1023
1024 echo '<div class="ppc-filter-wrapper">';
1025 echo '<input type="text" class="regular-text ppc-filter-text" placeholder="' . esc_attr__('Filter by capability', 'capability-manager-enhanced') . '">';
1026 echo ' <button class="button secondary-button ppc-filter-text-reset" type="button">' . esc_html__('Clear') . '</button>';
1027 echo '</div>';
1028 echo '<div class="ppc-filter-no-results" style="display:none;">' . esc_html__( 'No results found. Please try again with a different word.', 'capability-manager-enhanced' ) . '</div>';
1029
1030 echo '<table class="widefat fixed striped form-table cme-checklist single-checkbox-table">';
1031
1032 $centinel_ = true;
1033 $checks_per_row = get_option( 'cme_form-rows', 1 );
1034 $i = 0; $first_row = true;
1035
1036 ?>
1037 <tr class="cme-bulk-select">
1038 <td colspan="<?php echo (int) $checks_per_row;?>">
1039 <input type="checkbox" class="cme-check-all" title="<?php esc_attr_e('check / uncheck all', 'capability-manager-enhanced');?>"> <span><?php _e('Capability Name', 'capability-manager-enhanced');?></span>
1040 <span style="float:right">
1041 &nbsp;&nbsp;<span class="ppc-tool-tip disabled"><a class="cme-neg-all" href="#" >X</a> <?php echo $cme_negate_all_tooltip_msg; ?> </span> <span class="ppc-tool-tip disabled"><a class="cme-switch-all" href="#" >X</a> <?php echo $cme_negate_none_tooltip_msg; ?> </span>
1042 </span>
1043 </td>
1044 </tr>
1045 <?php
1046 foreach( array_keys($_grouped_caps) as $cap_name ) {
1047 $cap_name = sanitize_text_field($cap_name);
1048
1049 if ( isset( $type_caps[$cap_name] ) || isset($type_metacaps[$cap_name]) ) {
1050 continue;
1051 }
1052
1053 if ( ! $is_administrator && ! current_user_can($cap_name) )
1054 continue;
1055
1056 // Output first <tr>
1057 if ( $centinel_ == true ) {
1058 echo '<tr class="' . esc_attr($cap_name) . '">';
1059 $centinel_ = false;
1060 }
1061
1062 if ( $i == $checks_per_row ) {
1063 echo '</tr><tr class="' . esc_attr($cap_name) . '">';
1064 $i = 0;
1065 }
1066
1067 if ( ! isset( $rcaps[$cap_name] ) )
1068 $class = 'cap-no';
1069 else
1070 $class = ( $rcaps[$cap_name] ) ? 'cap-yes' : 'cap-neg';
1071
1072 if ( ! empty($pp_metagroup_caps[$cap_name]) ) {
1073 $class .= ' cap-metagroup';
1074 $title_text = sprintf( __( '%s: assigned by Permission Group', 'capability-manager-enhanced' ), $cap_name );
1075 } else {
1076 $title_text = $cap_name;
1077 }
1078
1079 $disabled = '';
1080 $checked = !empty($rcaps[$cap_name]) ? 'checked' : '';
1081 $cap_title = $title_text;
1082 ?>
1083 <td class="<?php echo esc_attr($class); ?>"><span class="ppc-tool-tip disabled cap-x">X</span><span class="ppc-tool-tip disabled"><label><input type="checkbox" name="caps[<?php echo esc_attr($cap_name); ?>]" class="pp-single-action-rotate" autocomplete="off" value="1" <?php echo esc_attr($checked) . esc_attr($disabled);?> />
1084 <span>
1085 <?php
1086 echo esc_html(str_replace( '_', ' ', $cap_name));
1087 ?>
1088 </span></label></span><a href="#" class="neg-cap" style="visibility: hidden;">&nbsp;x&nbsp;</a>
1089 <?php if ( false !== strpos( $class, 'cap-neg' ) ) :?>
1090 <input type="hidden" class="cme-negation-input" name="caps[<?php echo esc_attr($cap_name); ?>]" value="" />
1091 <?php endif; ?>
1092 </td>
1093
1094 <?php
1095 ++$i;
1096 }
1097
1098 if ( $i == $checks_per_row ) {
1099 echo '</tr>';
1100 $i = 0;
1101 } elseif ( ! $first_row ) {
1102 // Now close a wellformed table
1103 for ( $i; $i < $checks_per_row; $i++ ){
1104 echo '<td>&nbsp;</td>';
1105 }
1106 echo '</tr>';
1107 }
1108 ?>
1109
1110 <tr class="cme-bulk-select">
1111 <td colspan="<?php echo (int) $checks_per_row;?>">
1112 <input type="checkbox" class="cme-check-all" autocomplete="off" title="<?php esc_attr_e('check / uncheck all', 'capability-manager-enhanced');?>"> <span><?php _e('Capability Name', 'capability-manager-enhanced');?></span>
1113 <span style="float:right">
1114 &nbsp;&nbsp;<span class="ppc-tool-tip disabled"><a class="cme-neg-all" href="#" >X</a> <?php echo $cme_negate_all_tooltip_msg; ?> </span> <span class="ppc-tool-tip disabled"><a class="cme-switch-all" href="#" >X</a> <?php echo $cme_negate_none_tooltip_msg; ?> </span>
1115 </span>
1116 </td>
1117 </tr>
1118
1119 </table>
1120 </div>
1121 <?php
1122 }
1123
1124 // caps: other
1125
1126 $tab_id = "cme-cap-type-tables-other";
1127 $div_display = ($tab_id == $active_tab_id) ? 'block' : 'none';
1128 ?>
1129 <div id="<?php echo esc_attr($tab_id);?>" style="display:<?php echo esc_attr($div_display);?>">
1130 <?php
1131
1132 echo '<h3>' . esc_html__( 'WordPress Core Capabilities', 'capability-manager-enhanced' ) . '</h3>';
1133
1134 echo '<div class="ppc-filter-wrapper">';
1135 echo '<input type="text" class="regular-text ppc-filter-text" placeholder="' . esc_attr__('Filter by capability', 'capability-manager-enhanced') . '">';
1136 echo ' <button class="button secondary-button ppc-filter-text-reset" type="button">' . esc_html__('Clear') . '</button>';
1137 echo '</div>';
1138 echo '<div class="ppc-filter-no-results" style="display:none;">' . esc_html__( 'No results found. Please try again with a different word.', 'capability-manager-enhanced' ) . '</div>';
1139
1140 echo '<table class="widefat fixed striped form-table cme-checklist">';
1141
1142 $centinel_ = true;
1143 $checks_per_row = get_option( 'cme_form-rows', 1 );
1144 $i = 0; $first_row = true;
1145
1146 ?>
1147 <tr class="cme-bulk-select">
1148 <td colspan="<?php echo (int) $checks_per_row;?>">
1149 <input type="checkbox" class="cme-check-all" autocomplete="off" title="<?php esc_attr_e('check / uncheck all', 'capability-manager-enhanced');?>"> <span><?php _e('Capability Name', 'capability-manager-enhanced');?></span>
1150 <span style="float:right">
1151 &nbsp;&nbsp;<span class="ppc-tool-tip disabled"><a class="cme-neg-all" href="#" >X</a> <?php echo $cme_negate_all_tooltip_msg; ?> </span> <span class="ppc-tool-tip disabled"><a class="cme-switch-all" href="#" >X</a> <?php echo $cme_negate_none_tooltip_msg; ?> </span>
1152 </span>
1153 </td>
1154 </tr>
1155
1156 <tr class="cme-bulk-select">
1157 <td colspan="<?php echo (int) $checks_per_row;?>">
1158 <input type="checkbox" class="cme-check-all" autocomplete="off" title="<?php esc_attr_e('check / uncheck all', 'capability-manager-enhanced');?>"> <span><?php _e('Capability Name', 'capability-manager-enhanced');?></span>
1159 <span style="float:right">
1160 &nbsp;&nbsp;<span class="ppc-tool-tip disabled"><a class="cme-neg-all" href="#" >X</a> <?php echo $cme_negate_all_tooltip_msg; ?> </span> <span class="ppc-tool-tip disabled"><a class="cme-switch-all" href="#" >X</a> <?php echo $cme_negate_none_tooltip_msg; ?> </span>
1161 </span>
1162 </td>
1163 </tr>
1164
1165 </table>
1166 </div>
1167
1168 <?php
1169 $all_capabilities = apply_filters( 'capsman_get_capabilities', array_keys( $this->capabilities ), $this->ID );
1170 $all_capabilities = apply_filters( 'members_get_capabilities', $all_capabilities );
1171
1172 // caps: plugins
1173 $plugin_caps = apply_filters('cme_plugin_capabilities', $plugin_caps);
1174
1175 $plugin_cap_descriptions = apply_filters('cme_capability_descriptions', []);
1176
1177 foreach($plugin_caps as $plugin_title => $__plugin_caps) {
1178 $plugin_title = esc_html($plugin_title);
1179
1180 $_plugin_caps = array_fill_keys($__plugin_caps, true);
1181
1182 $tab_id = 'cme-cap-type-tables-' . esc_attr(pp_capabilities_convert_to_slug($plugin_title));
1183 $tab_name = esc_html(str_replace('_', ' ', $plugin_title));
1184 // support extractor staging label
1185 $tab_name = str_replace('(CAPABILITYEXTRACTOR)', '<span class="capability-extractor-label">CE</span>', $tab_name);
1186 $div_display = ($tab_id == $active_tab_id) ? 'block' : 'none';
1187
1188 echo '<div id="' . esc_attr($tab_id) . '" style="display:' . esc_attr($div_display) . '" class="cme-plugin-cap-table">';
1189
1190 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
1191 echo '<h3 class="cme-cap-section">' . sprintf(esc_html__( 'Plugin Capabilities &ndash; %s', 'capability-manager-enhanced' ), $tab_name) . '</h3>';
1192
1193 echo '<div class="ppc-filter-wrapper">';
1194 echo '<input type="text" class="regular-text ppc-filter-text" placeholder="' . esc_attr__('Filter by capability', 'capability-manager-enhanced') . '">';
1195 echo ' <button class="button secondary-button ppc-filter-text-reset" type="button">' . esc_html__('Clear') . '</button>';
1196 echo '</div>';
1197 echo '<div class="ppc-filter-no-results" style="display:none;">' . esc_html__( 'No results found. Please try again with a different word.', 'capability-manager-enhanced' ) . '</div>';
1198
1199 echo '<table class="widefat fixed striped form-table cme-checklist single-checkbox-table">';
1200
1201 $centinel_ = true;
1202 $checks_per_row = get_option( 'cme_form-rows', 1 );
1203 $i = 0; $first_row = true;
1204
1205 ?>
1206 <tr class="cme-bulk-select">
1207 <td colspan="<?php echo (int) $checks_per_row + 1;?>" style="width: 100%">
1208 <input type="checkbox" class="cme-check-all" title="<?php esc_attr_e('check / uncheck all', 'capability-manager-enhanced');?>"> <span><?php _e('Capability Name', 'capability-manager-enhanced');?></span>
1209 <span style="float:right">
1210 &nbsp;&nbsp;<span class="ppc-tool-tip disabled"><a class="cme-neg-all" href="#" >X</a> <?php echo $cme_negate_all_tooltip_msg; ?> </span> <span class="ppc-tool-tip disabled"><a class="cme-switch-all" href="#" >X</a> <?php echo $cme_negate_none_tooltip_msg; ?> </span>
1211 </span>
1212 </td>
1213 </tr>
1214 <?php
1215 foreach( array_keys($_plugin_caps) as $cap_name ) {
1216 $cap_name = sanitize_text_field($cap_name);
1217
1218 if ( isset( $type_caps[$cap_name] ) || in_array($cap_name, $grouped_caps_lists) || isset($type_metacaps[$cap_name]) ) {
1219 continue;
1220 }
1221
1222 if ( ! $is_administrator && ! current_user_can($cap_name) )
1223 continue;
1224
1225 // Output first <tr>
1226 if ( $centinel_ == true ) {
1227 echo '<tr class="' . esc_attr($cap_name) . '">';
1228 $centinel_ = false;
1229 }
1230
1231 if ( $i == $checks_per_row ) {
1232 echo '</tr><tr class="' . esc_attr($cap_name) . '">';
1233 $i = 0;
1234 }
1235
1236 if ( ! isset( $rcaps[$cap_name] ) )
1237 $class = 'cap-no';
1238 else
1239 $class = ( $rcaps[$cap_name] ) ? 'cap-yes' : 'cap-neg';
1240
1241 if ( ! empty($pp_metagroup_caps[$cap_name]) ) {
1242 $class .= ' cap-metagroup';
1243 $title_text = sprintf( __( '%s: assigned by Permission Group', 'capability-manager-enhanced' ), $cap_name );
1244 } else {
1245 $title_text = $cap_name;
1246 }
1247
1248 if ($cap_name === 'manage_capabilities_user_testing') {
1249 $warning_message = '&nbsp; <span class="ppc-tool-tip"><span class="dashicons dashicons-info-outline"></span><span class="tool-tip-text"><p>'. sprintf(esc_html__('The User Testing feature also requires the %1$s edit_users %2$s capability.', 'capability-manager-enhanced'), '<strong>', '</strong>') .'</p><i></i></span></span>';
1250 } else {
1251 $warning_message = '';
1252 }
1253
1254 $disabled = '';
1255 $checked = !empty($rcaps[$cap_name]) ? 'checked' : '';
1256
1257 $cap_title = $title_text;
1258 ?>
1259 <td class="<?php echo esc_attr($class); ?>"><span class="ppc-tool-tip disabled cap-x">X</span><span class="ppc-tool-tip disabled"><label><input type="checkbox" name="caps[<?php echo esc_attr($cap_name); ?>]" class="pp-single-action-rotate" autocomplete="off" value="1" <?php echo esc_attr($checked) . esc_attr($disabled);?> />
1260 <span>
1261 <?php
1262 echo esc_html(str_replace( '_', ' ', $cap_name));
1263 ?>
1264 </span></label></span><?php echo $warning_message; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?><a href="#" class="neg-cap" style="visibility: hidden;">&nbsp;x&nbsp;</a>
1265 <?php if ( false !== strpos( $class, 'cap-neg' ) ) :?>
1266 <input type="hidden" class="cme-negation-input" name="caps[<?php echo esc_attr($cap_name); ?>]" value="" />
1267 <?php endif; ?>
1268 </td>
1269
1270 <td class="pp-cap-description">
1271 <?php if (!empty($plugin_cap_descriptions[$cap_name])) {
1272 echo $plugin_cap_descriptions[$cap_name];
1273 }
1274 ?>
1275 </td>
1276
1277 <?php
1278 ++$i;
1279 }
1280
1281 if ( $i == $checks_per_row ) {
1282 echo '</tr>';
1283 $i = 0;
1284 } elseif ( ! $first_row ) {
1285 // Now close a wellformed table
1286 for ( $i; $i < $checks_per_row; $i++ ){
1287 echo '<td>&nbsp;</td>';
1288 }
1289 echo '</tr>';
1290 }
1291 ?>
1292
1293 <tr class="cme-bulk-select">
1294 <td colspan="<?php echo (int) $checks_per_row + 1;?>">
1295 <input type="checkbox" class="cme-check-all" autocomplete="off" title="<?php esc_attr_e('check / uncheck all', 'capability-manager-enhanced');?>"> <span><?php _e('Capability Name', 'capability-manager-enhanced');?></span>
1296 <span style="float:right">
1297 &nbsp;&nbsp;<span class="ppc-tool-tip disabled"><a class="cme-neg-all" href="#" >X</a> <?php echo $cme_negate_all_tooltip_msg; ?> </span> <span class="ppc-tool-tip disabled"><a class="cme-switch-all" href="#" >X</a> <?php echo $cme_negate_none_tooltip_msg; ?> </span>
1298 </span>
1299 </td>
1300 </tr>
1301
1302 </table>
1303 </div>
1304 <?php
1305 }
1306
1307 // caps: invalid
1308 if (array_intersect(array_keys(array_filter($type_metacaps)), $all_capabilities) && array_intersect_key($type_metacaps, array_filter($rcaps))) {
1309 $tab_id = "cme-cap-type-tables-invalid";
1310 $div_display = ($tab_id == $active_tab_id) ? 'block' : 'none';
1311
1312 echo '<div id="' . esc_attr($tab_id) . '" style="display:' . esc_attr($div_display) . '">';
1313 echo '<h3 class="cme-cap-section">' . esc_html__( 'Invalid Capabilities', 'capability-manager-enhanced' ) . '</h3>';
1314 ?>
1315
1316 <div>
1317 <span class="cme-subtext">
1318 <?php esc_html_e('The following entries have no effect. Please assign desired capabilities on the Editing / Deletion / Private tabs.', 'capability-manager-enhanced');?>
1319 </span>
1320 </div>
1321
1322 <table class="widefat fixed striped form-table cme-checklist single-checkbox-table">
1323 <tr>
1324 <?php
1325 $i = 0; $first_row = true;
1326 $invalid_caps_capabilities = [];
1327 foreach( $all_capabilities as $cap_name ) {
1328 if ( ! isset($this->capabilities[$cap_name]) )
1329 $this->capabilities[$cap_name] = str_replace( '_', ' ', $cap_name );
1330 }
1331
1332 uasort( $this->capabilities, 'strnatcasecmp' ); // sort by array values, but maintain keys );
1333
1334 foreach ( $this->capabilities as $cap_name => $cap ) :
1335 $cap_name = sanitize_text_field($cap_name);
1336
1337 if (!isset($type_metacaps[$cap_name]) || empty($rcaps[$cap_name])) {
1338 continue;
1339 }
1340
1341 if ( ! $is_administrator && empty( $current_user->allcaps[$cap_name] ) ) {
1342 continue;
1343 }
1344
1345 if ( $i == $checks_per_row ) {
1346 echo '</tr><tr>';
1347 $i = 0; $first_row = false;
1348 }
1349
1350 if ( ! isset( $rcaps[$cap_name] ) )
1351 $class = 'cap-no';
1352 else
1353 $class = ( $rcaps[$cap_name] ) ? 'cap-yes' : 'cap-neg';
1354
1355 $title_text = $cap_name;
1356
1357 $disabled = '';
1358 $checked = !empty($rcaps[$cap_name]) ? 'checked' : '';
1359 $invalid_caps_capabilities[] = $cap_name;
1360 ?>
1361 <td class="<?php echo esc_attr($class); ?>"><span class="ppc-tool-tip disabled cap-x">X</span><label title="<?php echo esc_attr($title_text);?>"><input type="checkbox" name="caps[<?php echo esc_attr($cap_name); ?>]" class="pp-single-action-rotate" autocomplete="off" value="1" <?php echo esc_attr($checked) . esc_attr($disabled);?> />
1362 <span>
1363 <?php
1364 echo esc_html(str_replace( '_', ' ', $cap ));
1365 ?>
1366 </span></label><a href="#" class="neg-cap" style="visibility: hidden;">&nbsp;x&nbsp;</a>
1367 <?php if ( false !== strpos( $class, 'cap-neg' ) ) :?>
1368 <input type="hidden" class="cme-negation-input" name="caps[<?php echo esc_attr($cap_name); ?>]" value="" />
1369 <?php endif; ?>
1370 </td>
1371 <td>
1372 </td>
1373 <?php
1374 $i++;
1375 endforeach;
1376
1377 if ( ! empty($lock_manage_caps_capability) ) {
1378 echo '<input type="hidden" name="caps[manage_capabilities]" value="1" />';
1379 }
1380
1381 if ( $i == $checks_per_row ) {
1382 echo '</tr><tr>';
1383 $i = 0;
1384 } else {
1385 if ( ! $first_row ) {
1386 // Now close a wellformed table
1387 for ( $i; $i < $checks_per_row; $i++ ){
1388 echo '<td>&nbsp;</td>';
1389 }
1390 echo '</tr>';
1391 }
1392 }
1393 ?>
1394
1395 <?php if (!empty($invalid_caps_capabilities)) : ?>
1396 <script type="text/javascript">
1397 /* <![CDATA[ */
1398 jQuery(document).ready( function($) {
1399 $('#cme_tab_invalid_caps').show();
1400 });
1401 /* ]]> */
1402 </script>
1403 <?php endif; ?>
1404
1405 </table>
1406 </div>
1407 <?php
1408 } // endif any invalid caps
1409
1410 $tab_id = "cme-cap-type-tables-additional";
1411 $div_display = ($tab_id == $active_tab_id) ? 'block' : 'none';
1412 ?>
1413 <div id="<?php echo esc_attr($tab_id);?>" style="display:<?php echo esc_attr($div_display);?>">
1414 <?php
1415 // caps: additional
1416 echo '<h3 class="cme-cap-section">' . esc_html__( 'Additional Capabilities', 'capability-manager-enhanced' ) . '</h3>';
1417
1418 echo '<div class="ppc-filter-wrapper">';
1419 echo '<input type="text" class="regular-text ppc-filter-text" placeholder="' . esc_attr__('Filter by capability', 'capability-manager-enhanced') . '">';
1420 echo ' <button class="button secondary-button ppc-filter-text-reset" type="button">' . __('Clear') . '</button>';
1421 echo '</div>';
1422 echo '<div class="ppc-filter-no-results" style="display:none;">' . esc_html__( 'No results found. Please try again with a different word.', 'capability-manager-enhanced' ) . '</div>';
1423 ?>
1424 <table class="widefat fixed striped form-table cme-checklist single-checkbox-table">
1425
1426 <tr class="cme-bulk-select">
1427 <td colspan="<?php echo (int) $checks_per_row;?>">
1428 <input type="checkbox" class="cme-check-all" title="<?php esc_attr_e('check / uncheck all', 'capability-manager-enhanced');?>"> <span><?php _e('Capability Name', 'capability-manager-enhanced');?></span>
1429 <span style="float:right">
1430 &nbsp;&nbsp;<span class="ppc-tool-tip disabled"><a class="cme-neg-all" href="#" >X</a> <?php echo $cme_negate_all_tooltip_msg; ?> </span> <span class="ppc-tool-tip disabled"><a class="cme-switch-all" href="#" >X</a> <?php echo $cme_negate_none_tooltip_msg; ?> </span>
1431 </span>
1432 </td>
1433 </tr>
1434
1435 <?php
1436 $centinel_ = true;
1437 $i = 0; $first_row = true;
1438
1439 foreach( $all_capabilities as $cap_name ) {
1440 if ( ! isset($this->capabilities[$cap_name]) )
1441 $this->capabilities[$cap_name] = str_replace( '_', ' ', $cap_name );
1442 }
1443
1444 uasort( $this->capabilities, 'strnatcasecmp' ); // sort by array values, but maintain keys );
1445
1446 $additional_caps = apply_filters('publishpress_caps_manage_additional_caps', $this->capabilities);
1447 $caps_empty = true;
1448 foreach ($additional_caps as $cap_name => $cap) :
1449 $cap_name = sanitize_text_field($cap_name);
1450
1451 if ((isset($type_caps[$cap_name]) && !isset($type_metacaps[$cap_name]))
1452 || in_array($cap_name, $grouped_caps_lists)
1453 || (isset($type_metacaps[$cap_name]) && !empty($rcaps[$cap_name])) ) {
1454 continue;
1455 }
1456
1457 if (!isset($type_metacaps[$cap_name]) || !empty($rcaps[$cap_name])) {
1458 foreach(array_keys($plugin_caps) as $plugin_title) {
1459 if ( in_array( $cap_name, $plugin_caps[$plugin_title]) ) {
1460 continue 2;
1461 }
1462 }
1463 }
1464
1465 if ( ! $is_administrator && empty( $current_user->allcaps[$cap_name] ) ) {
1466 continue;
1467 }
1468
1469 // Levels are not shown.
1470 if ( preg_match( '/^level_(10|[0-9])$/i', $cap_name ) ) {
1471 continue;
1472 }
1473
1474 // Output first <tr>
1475 if ( $centinel_ == true ) {
1476 echo '<tr class="' . esc_attr($cap_name) . '">';
1477 $centinel_ = false;
1478 }
1479
1480 if ( $i == $checks_per_row ) {
1481 echo '</tr><tr class="' . esc_attr($cap_name) . '">';
1482 $i = 0; $first_row = false;
1483 }
1484
1485 if ( ! isset( $rcaps[$cap_name] ) )
1486 $class = 'cap-no';
1487 else
1488 $class = ( $rcaps[$cap_name] ) ? 'cap-yes' : 'cap-neg';
1489
1490 if ( ! empty($pp_metagroup_caps[$cap_name]) ) {
1491 $class .= ' cap-metagroup';
1492 $title_text = sprintf( esc_html__( '%s: assigned by Permission Group', 'capability-manager-enhanced' ), '<strong>' . $cap_name . '</strong>' );
1493 } else {
1494 $title_text = '';
1495 }
1496
1497 $disabled = '';
1498 $checked = !empty($rcaps[$cap_name]) ? 'checked' : '';
1499
1500 if ( 'manage_capabilities' == $cap_name ) {
1501 if (!current_user_can('administrator') && (!is_multisite() || !is_super_admin())) {
1502 continue;
1503 } elseif ( 'administrator' == $default ) {
1504 $class .= ' cap-locked';
1505 $lock_manage_caps_capability = true;
1506 $disabled = ' disabled ';
1507 }
1508 }
1509
1510 $caps_empty = false;
1511 ?>
1512 <td class="<?php echo esc_attr($class); ?>"><span class="ppc-tool-tip disabled cap-x">X</span><span class="ppc-tool-tip disabled"><label><input type="checkbox" name="caps[<?php echo esc_attr($cap_name); ?>]" class="pp-single-action-rotate" autocomplete="off" value="1" <?php echo esc_attr($checked) . ' ' . esc_attr($disabled);?> />
1513 <span>
1514 <?php
1515 echo esc_html(str_replace( '_', ' ', $cap ));
1516 ?>
1517 </span></label><?php if ($title_text) :?><span class="tool-tip-text" style="text-align: center;">
1518 <p><?php echo $title_text; ?></p>
1519 <i></i>
1520 </span><?php endif;?></span><a href="#" class="neg-cap" style="visibility: hidden;">&nbsp;x&nbsp;</a>
1521 <?php if ( false !== strpos( $class, 'cap-neg' ) ) :?>
1522 <input type="hidden" class="cme-negation-input" name="caps[<?php echo esc_attr($cap_name); ?>]" value="" />
1523 <?php endif; ?>
1524 </td>
1525 <?php
1526 $i++;
1527 endforeach;
1528
1529 if ( ! empty($lock_manage_caps_capability) ) {
1530 echo '<input type="hidden" name="caps[manage_capabilities]" value="1" />';
1531 }
1532
1533 if ( $i == $checks_per_row ) {
1534 echo '</tr><tr>';
1535 $i = 0;
1536 } else {
1537 if ( ! $first_row ) {
1538 // Now close a wellformed table
1539 for ( $i; $i < $checks_per_row; $i++ ){
1540 echo '<td>&nbsp;</td>';
1541 }
1542 echo '</tr>';
1543 }
1544 }
1545 ?>
1546 <?php if ($caps_empty) : ?>
1547 <tr>
1548 <td colspan="<?php echo (int) $checks_per_row;?>">
1549 <div>
1550 <?php esc_html_e( 'You have no additional capabilities.', 'capability-manager-enhanced' ); ?>
1551 </div>
1552 </td>
1553 </tr>
1554 <?php endif; ?>
1555 <tr class="cme-bulk-select">
1556 <td colspan="<?php echo (int) $checks_per_row;?>">
1557 <input type="checkbox" class="cme-check-all" autocomplete="off" title="<?php esc_attr_e('check / uncheck all', 'capability-manager-enhanced');?>"> <span><?php _e('Capability Name', 'capability-manager-enhanced');?></span>
1558 <span style="float:right">
1559 &nbsp;&nbsp;<span class="ppc-tool-tip disabled"><a class="cme-neg-all" href="#" >X</a> <?php echo $cme_negate_all_tooltip_msg; ?> </span> <span class="ppc-tool-tip disabled"><a class="cme-switch-all" href="#" >X</a> <?php echo $cme_negate_none_tooltip_msg; ?> </span>
1560 </span>
1561 </td>
1562 </tr>
1563
1564 </table>
1565 </div>
1566
1567 <div class="capabilities-sidebar pp-column-right">
1568 <?php
1569 do_action('publishpress-caps_sidebar_top');
1570
1571 $banners = new PublishPress\WordPressBanners\BannersMain;
1572
1573 $banner_messages = [];
1574 $banner_messages[] = esc_html__('Capabilities allows you change the permissions for any user role.', 'capability-manager-enhanced');
1575 $banner_messages[] = sprintf(esc_html__('%1$s = Capability granted %2$s', 'capability-manager-enhanced'), '<table class="pp-capabilities-cb-key"><tr><td class="pp-cap-icon pp-cap-icon-checked"><input type="checkbox" title="'. esc_attr__('usage key', 'capability-manager-enhanced') .'" checked disabled></td><td>', '</td></tr>');
1576 $banner_messages[] = sprintf(esc_html__('%1$s = Capability not granted %2$s', 'capability-manager-enhanced'), '<tr><td class="pp-cap-icon"><input type="checkbox" title="'. esc_attr__('usage key', 'capability-manager-enhanced') .'" disabled></td><td class="pp-cap-not-checked-definition">', '</td></tr>');
1577 $banner_messages[] = sprintf(esc_html__('%1$s = Capability denied, even if granted by another role %2$s', 'capability-manager-enhanced'), '<tr><td class="pp-cap-icon pp-cap-x"><span class="cap-x pp-cap-key" title="'. esc_attr__('usage key', 'capability-manager-enhanced') .'">X</span></td><td class="cap-x-definition">', '</td></tr></table>');
1578 if (defined('PRESSPERMIT_ACTIVE') && function_exists('presspermit')) {
1579 if ($group = presspermit()->groups()->getMetagroup('wp_role', $this->current)) {
1580 $additional_message = sprintf(
1581 // back compat with existing language string
1582 str_replace(
1583 ['&lt;strong&gt;', '&lt;/strong&gt;'],
1584 ['<strong>', '</strong>'],
1585 esc_html__('You can also configure this role as a %sPermission Group%s.', 'capability-manager-enhanced')
1586 ),
1587 '<a href="' . esc_url_raw(admin_url("admin.php?page=presspermit-edit-permissions&action=edit&agent_id={$group->ID}")) . '">',
1588 '</a>'
1589 );
1590 $banner_messages[] = '<p class="cme-subtext">' . $additional_message . '</p>';
1591 }
1592 }
1593
1594 ?>
1595 <div class="ppc-sidebar-panel-metabox meta-box-sortables">
1596 <?php $meta_box_state = (isset($sidebar_metabox_state['how_to_user_capabilities'])) ? $sidebar_metabox_state['how_to_user_capabilities'] : 'closed'; ?>
1597 <div class="postbox ppc-sidebar-panel <?php echo esc_attr($meta_box_state); ?>">
1598 <input
1599 name="ppc_metabox_state[how_to_user_capabilities]"
1600 type="hidden"
1601 class="metabox-state"
1602 value="<?php echo esc_attr($meta_box_state); ?>"
1603 />
1604 <div class="postbox-header">
1605 <h2 class="hndle ui-sortable-handle"><?php esc_html_e('How to use Capabilities', 'capability-manager-enhanced'); ?></h2>
1606 <div class="handle-actions">
1607 <button type="button" class="handlediv">
1608 <span class="toggle-indicator"></span>
1609 </button>
1610 </div>
1611 </div>
1612 <div class="inside">
1613 <?php
1614 $banners->pp_display_banner(
1615 '',
1616 '',
1617 $banner_messages,
1618 'https://publishpress.com/knowledge-base/capabilities-screen/',
1619 __('View Documentation', 'capability-manager-enhanced'),
1620 '',
1621 'button ppc-checkboxes-documentation-link'
1622 );
1623 ?>
1624 </div>
1625 </div>
1626 </div>
1627
1628 <?php
1629 $pp_ui->pp_types_ui( $defined['type'] );
1630 $pp_ui->pp_taxonomies_ui( $defined['taxonomy'] );
1631 ?>
1632
1633 <div class="ppc-sidebar-panel-metabox meta-box-sortables ppc-safe">
1634 <?php $meta_box_state = (isset($sidebar_metabox_state['capabilities_safe_to_use'])) ? $sidebar_metabox_state['capabilities_safe_to_use'] : 'closed'; ?>
1635 <div class="postbox ppc-sidebar-panel <?php echo esc_attr($meta_box_state); ?>">
1636 <input
1637 name="ppc_metabox_state[capabilities_safe_to_use]"
1638 type="hidden"
1639 class="metabox-state"
1640 value="<?php echo esc_attr($meta_box_state); ?>"
1641 />
1642 <div class="postbox-header">
1643 <h2 class="hndle ui-sortable-handle"><?php esc_html_e( 'Capabilities is Safe to Use', 'capability-manager-enhanced' ); ?></h2>
1644 <div class="handle-actions">
1645 <button type="button" class="handlediv">
1646 <span class="toggle-indicator"></span>
1647 </button>
1648 </div>
1649 </div>
1650 <div class="inside">
1651 <?php
1652 $banners->pp_display_banner(
1653 '',
1654 '',
1655 array(
1656 __( 'WordPress stores role capabilities in your database, where they remain even if the plugin is deactivated.', 'capability-manager-enhanced' ),
1657 __( 'Whenever you use PublishPress Capabilities to save changes, it also creates a backup which you can use to restore a previous configuration.', 'capability-manager-enhanced' )
1658 ),
1659 admin_url( 'admin.php?page=pp-capabilities-backup' ),
1660 __( 'Go to the Backup feature', 'capability-manager-enhanced' ),
1661 '',
1662 'button'
1663 );
1664 ?>
1665 </div>
1666 </div>
1667 </div>
1668
1669 <div class="ppc-sidebar-panel-metabox meta-box-sortables ppc-add-cap">
1670 <?php $meta_box_state = (isset($sidebar_metabox_state['add_capability'])) ? $sidebar_metabox_state['add_capability'] : 'closed'; ?>
1671 <div class="postbox ppc-sidebar-panel <?php echo esc_attr($meta_box_state); ?>">
1672 <input
1673 name="ppc_metabox_state[add_capability]"
1674 type="hidden"
1675 class="metabox-state"
1676 value="<?php echo esc_attr($meta_box_state); ?>"
1677 />
1678 <div class="postbox-header">
1679 <h2 class="hndle ui-sortable-handle"><?php esc_html_e('Add a New Capability', 'capability-manager-enhanced'); ?></h2>
1680 <div class="handle-actions">
1681 <button type="button" class="handlediv">
1682 <span class="toggle-indicator"></span>
1683 </button>
1684 </div>
1685 </div>
1686 <div class="inside" style="text-align:center;">
1687 <p>
1688 <input type="text" name="capability-name" class="regular-text" placeholder="<?php echo 'capability_name';?>" /><br />
1689 <input type="submit" name="AddCap" value="<?php esc_attr_e('Add to role', 'capability-manager-enhanced') ?>" class="button" />
1690 </p>
1691 <br />
1692 <div class="cme-subtext"><?php _e('New capabilities are controlled on the Additonal tab.', 'capability-manager-enhanced');?></div>
1693 </div>
1694 </div>
1695 </div>
1696
1697 <?php if (is_multisite() && is_super_admin() && is_main_site()) : ?>
1698 <div class="ppc-sidebar-panel-metabox meta-box-sortables ppc-multi-site">
1699 <?php $meta_box_state = (isset($sidebar_metabox_state['multi_site'])) ? $sidebar_metabox_state['multi_site'] : 'closed'; ?>
1700 <div class="postbox ppc-sidebar-panel <?php echo esc_attr($meta_box_state); ?>">
1701 <input
1702 name="ppc_metabox_state[multi_site]"
1703 type="hidden"
1704 class="metabox-state"
1705 value="<?php echo esc_attr($meta_box_state); ?>"
1706 />
1707 <div class="postbox-header">
1708 <h2 class="hndle ui-sortable-handle"><?php esc_html_e('Multisite', 'capability-manager-enhanced'); ?></h2>
1709 <div class="handle-actions">
1710 <button type="button" class="handlediv">
1711 <span class="toggle-indicator"></span>
1712 </button>
1713 </div>
1714 </div>
1715 <div class="inside">
1716 <?php cme_network_role_ui( $default ); ?>
1717 </div>
1718 </div>
1719 </div>
1720 <?php endif; ?>
1721
1722 <?php
1723 do_action('publishpress-caps_sidebar_bottom');
1724 ?>
1725
1726 </div><!-- right sidebar within tab panel -->
1727 </div>
1728 </div>
1729
1730
1731 <script type="text/javascript">
1732 /* <![CDATA[ */
1733 jQuery(document).ready( function($) {
1734 $('a[href="#pp-more"]').click( function() {
1735 $('#pp_features').show();
1736 return false;
1737 });
1738 $('a[href="#pp-hide"]').click( function() {
1739 $('#pp_features').hide();
1740 return false;
1741 });
1742 });
1743 /* ]]> */
1744 </script>
1745
1746 <?php /* play.png icon by Pavel: http://kde-look.org/usermanager/search.php?username=InFeRnODeMoN */ ?>
1747
1748 <div id="pp_features" style="display:none"><div class="pp-logo"><a href="https://publishpress.com/presspermit/"><img src="<?php echo esc_url_raw($img_url);?>pp-logo.png" alt="<?php esc_attr_e('PublishPress Permissions', 'capability-manager-enhanced');?>" /></a></div><div class="features-wrap"><ul class="pp-features">
1749 <li>
1750 <?php esc_html_e( "Automatically define type-specific capabilities for your custom post types and taxonomies", 'capability-manager-enhanced' );?>
1751 <a href="https://presspermit.com/tutorial/regulate-post-type-access" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1752
1753 <li>
1754 <?php esc_html_e( "Assign standard WP roles supplementally for a specific post type", 'capability-manager-enhanced' );?>
1755 <a href="https://presspermit.com/tutorial/regulate-post-type-access" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1756
1757 <li>
1758 <?php esc_html_e( "Assign custom WP roles supplementally for a specific post type <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1759 </li>
1760
1761 <li>
1762 <?php esc_html_e( "Customize reading permissions per-category or per-post", 'capability-manager-enhanced' );?>
1763 <a href="https://presspermit.com/tutorial/category-exceptions" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1764
1765 <li>
1766 <?php esc_html_e( "Customize editing permissions per-category or per-post <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1767 <a href="https://presspermit.com/tutorial/page-editing-exceptions" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1768
1769 <li>
1770 <?php esc_html_e( "Custom Post Visibility statuses, fully implemented throughout wp-admin <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1771 <a href="https://presspermit.com/tutorial/custom-post-visibility" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1772
1773 <li>
1774 <?php esc_html_e( "Custom Moderation statuses for access-controlled, multi-step publishing workflow <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1775 <a href="https://presspermit.com/tutorial/multi-step-moderation" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1776
1777 <li>
1778 <?php esc_html_e( "Regulate permissions for Edit Flow post statuses <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1779 <a href="https://presspermit.com/tutorial/edit-flow-integration" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1780
1781 <li>
1782 <?php esc_html_e( "Customize the moderated editing of published content with Revisionary or Post Forking <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1783 <a href="https://presspermit.com/tutorial/published-content-revision" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1784
1785 <li>
1786 <?php esc_html_e( "Grant Spectator, Participant or Moderator access to specific bbPress forums <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1787 </li>
1788
1789 <li>
1790 <?php esc_html_e( "Grant supplemental content permissions to a BuddyPress group <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1791 <a href="https://presspermit.com/tutorial/buddypress-content-permissions" target="_blank"><img class="cme-play" alt="*" src="<?php echo esc_url_raw($img_url);?>play.png" /></a></li>
1792
1793 <li>
1794 <?php esc_html_e( "WPML integration to mirror permissions to translations <em>(Pro)</em>", 'capability-manager-enhanced' );?>
1795 </li>
1796
1797 <li>
1798 <?php esc_html_e( "Member support forum", 'capability-manager-enhanced' );?>
1799 </li>
1800
1801 </ul></div>
1802
1803 <?php
1804 echo '<div>';
1805 printf( esc_html__('%1$sgrab%2$s %3$s', 'capability-manager-enhanced'), '<strong>', '</strong>', '<span class="plugins update-message"><a href="' . esc_url_raw(cme_plugin_info_url('press-permit-core')) . '" class="thickbox" title="' . sprintf( esc_attr__('%s (free install)', 'capability-manager-enhanced'), 'Permissions Pro' ) . '">Permissions Pro</a></span>' );
1806 echo '&nbsp;&nbsp;&bull;&nbsp;&nbsp;';
1807 printf( esc_html__('%1$sbuy%2$s %3$s', 'capability-manager-enhanced'), '<strong>', '</strong>', '<a href="https://publishpress.com/presspermit/" target="_blank" title="' . sprintf( esc_attr__('%s info/purchase', 'capability-manager-enhanced'), 'Permissions Pro' ) . '">Permissions&nbsp;Pro</a>' );
1808 echo '&nbsp;&nbsp;&bull;&nbsp;&nbsp;';
1809 echo '<a href="#pp-hide">hide</a>';
1810 echo '</div></div>';
1811
1812 ///
1813 ?>
1814 <script type="text/javascript">
1815 /* <![CDATA[ */
1816 jQuery(document).ready( function($) {
1817 $('a[href="#toggle_type_caps"]').click( function() {
1818 var chks = $(this).closest('tr').find('input');
1819 var set_checked = ! $(chks).first().is(':checked');
1820
1821 $(chks).each(function(i,e) {
1822 $('input[name="' + $(this).attr('name') + '"]').prop('checked', set_checked);
1823 });
1824
1825 return false;
1826 });
1827
1828 $('input[name^="caps["]').click(function() {
1829 $('input[name="' + $(this).attr('name') + '"]').prop('checked', $(this).prop('checked'));
1830 });
1831 });
1832 /* ]]> */
1833 </script>
1834
1835 <div style="display:none; float:right;">
1836 <?php
1837 $level = ak_caps2level($rcaps);
1838 ?>
1839 <span title="<?php esc_attr_e('Role level is mostly deprecated. However, it still determines eligibility for Post Author assignment and limits the application of user editing capabilities.', 'capability-manager-enhanced');?>">
1840
1841 <?php (in_array(get_locale(), ['en_EN', 'en_US'])) ? printf('Role Level:') : esc_html_e('Level:', 'capability-manager-enhanced');?> <select name="level">
1842 <?php for ( $l = $this->max_level; $l >= 0; $l-- ) {?>
1843 <option value="<?php echo (int) $l; ?>" style="text-align:right;"<?php selected($level, $l); ?>>&nbsp;<?php echo (int) $l; ?>&nbsp;</option>
1844 <?php }
1845 ?>
1846 </select>
1847 </span>
1848
1849 </div>
1850
1851 <p class="submit" style="padding-top:0;">
1852 <input type="hidden" name="action" value="update" />
1853 <input type="hidden" name="current" value="<?php echo esc_attr($default); ?>" />
1854
1855 <?php
1856 $save_caption = (in_array(sanitize_key(get_locale()), ['en_EN', 'en_US'])) ? 'Save Capabilities' : esc_html__('Save Changes');
1857 ?>
1858 <input type="submit" name="SaveRole" value="<?php echo esc_attr($save_caption);?>" class="button-primary" style="float: right;" /> &nbsp;
1859 </p>
1860
1861 </div><!-- .pp-column-left -->
1862 </div><!-- .pp-columns-wrapper -->
1863 </td></tr></table> <!-- .akmin -->
1864 </fieldset>
1865 </form>
1866
1867 <?php if (!defined('PUBLISHPRESS_CAPS_PRO_VERSION') || get_option('cme_display_branding')) {
1868 cme_publishpressFooter();
1869 }
1870 ?>
1871 </div>
1872
1873 <?php
1874 function cme_network_role_ui( $default ) {
1875 if (!is_multisite() || !is_super_admin() || !is_main_site()) {
1876 return false;
1877 }
1878 ?>
1879 <?php
1880 if ( ! $autocreate_roles = get_site_option( 'cme_autocreate_roles' ) )
1881 $autocreate_roles = array();
1882 ?>
1883 <div style="margin-bottom: 5px">
1884 <label for="cme_autocreate_role" title="<?php esc_attr_e('Create this role definition in new (future) sites', 'capability-manager-enhanced');?>"><input type="checkbox" name="cme_autocreate_role" id="cme_autocreate_role" autocomplete="off" value="1" <?php echo checked(in_array($default, $autocreate_roles));?>> <?php esc_html_e('Include in new sites.', 'capability-manager-enhanced'); ?> </label>
1885 </div>
1886 <div>
1887 <label for="cme_net_sync_role" title="<?php echo esc_attr__('Copy / update this role definition to all sites now', 'capability-manager-enhanced');?>"><input type="checkbox" name="cme_net_sync_role" id="cme_net_sync_role" autocomplete="off" value="1"> <?php esc_html_e('Sync role to all sites.', 'capability-manager-enhanced'); ?> </label>
1888 </div>
1889 <div>
1890 <label for="cme_net_sync_options" title="<?php echo esc_attr__('Copy option settings to all sites now', 'capability-manager-enhanced');?>"><input type="checkbox" name="cme_net_sync_options" id="cme_net_sync_options" autocomplete="off" value="1"> <?php esc_html_e('Sync options to all sites.', 'capability-manager-enhanced'); ?> </label>
1891 </div>
1892 <?php
1893 return true;
1894 }
1895
1896 function cme_plugin_info_url( $plugin_slug ) {
1897 $_url = "plugin-install.php?tab=plugin-information&plugin=$plugin_slug&TB_iframe=true&width=640&height=678";
1898 return ( is_multisite() ) ? network_admin_url($_url) : admin_url($_url);
1899 }
1900