PluginProbe ʕ •ᴥ•ʔ
PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus / 2.4.1
PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus v2.4.1
2.45.0 2.44.0 trunk 1.10 1.10.1 1.4.1 1.4.10 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8 1.4.9 1.5 1.5.1 1.5.10 1.5.11 1.5.2 1.5.3 1.5.4 1.5.5 1.5.7 1.5.8 1.5.9 1.6 1.6.1 1.7 1.7.1 1.7.2 1.7.3 1.7.4 1.7.5 1.8.1 1.9 1.9.10 1.9.12 1.9.2 1.9.3 1.9.4 1.9.5 1.9.6 1.9.9 2.0 2.0.2 2.0.3 2.1 2.1.1 2.10.0 2.10.1 2.10.2 2.10.3 2.11.1 2.12.1 2.12.2 2.13.0 2.14.0 2.15.0 2.16.0 2.17.0 2.18.0 2.18.2 2.19.0 2.19.1 2.19.2 2.2 2.2.1 2.20.0 2.21.0 2.22.0 2.23.0 2.3 2.3.1 2.3.2 2.3.3 2.3.4 2.3.5 2.3.6 2.30.0 2.31.0 2.32.0 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.40.0 2.41.0 2.42.0 2.43.0 2.5.0 2.5.1 2.5.2 2.6.0 2.6.1 2.7.0 2.7.1 2.8.0 2.8.1 2.9.0 2.9.1
capability-manager-enhanced / includes / admin-load.php
capability-manager-enhanced / includes Last commit date
features 4 years ago roles 4 years ago admin-load.php 4 years ago admin.php 4 years ago backup-handler.php 4 years ago backup.php 4 years ago cap-helper.php 4 years ago filters-admin.php 4 years ago filters-woocommerce.php 4 years ago filters-wp_rest_workarounds.php 4 years ago filters.php 4 years ago functions-admin.php 4 years ago functions.php 4 years ago handler.php 4 years ago inflect-cme.php 4 years ago manager.php 4 years ago network.php 4 years ago pp-handler.php 4 years ago pp-ui.php 4 years ago publishpress-roles.php 4 years ago settings-handler.php 4 years ago settings.php 4 years ago
admin-load.php
354 lines
1 <?php
2
3 /*
4 * PublishPress Capabilities [Free]
5 *
6 * Admin execution controller: menu registration and other filters and actions that need to be loaded for every wp-admin URL
7 *
8 * This module should not include full functions related to our own plugin screens.
9 * Instead, use these filter and action handlers to load other classes when needed.
10 *
11 */
12 class PP_Capabilities_Admin_UI {
13 function __construct() {
14 global $pagenow;
15
16 /**
17 * The class responsible for handling notifications
18 */
19 require_once (dirname(CME_FILE) . '/classes/pp-capabilities-notices.php');
20
21 add_action('init', [$this, 'featureRestrictionsGutenberg'], PHP_INT_MAX - 1);
22
23 if (is_admin()) {
24 add_action('admin_init', [$this, 'featureRestrictionsClassic'], PHP_INT_MAX - 1);
25 }
26
27 add_action('admin_enqueue_scripts', [$this, 'adminScripts'], 100);
28 add_action('admin_print_scripts', [$this, 'adminPrintScripts']);
29
30 add_action('profile_update', [$this, 'action_profile_update'], 10, 2);
31
32 if (is_multisite()) {
33 add_action('add_user_to_blog', [$this, 'action_profile_update'], 9);
34 } else {
35 add_action('user_register', [$this, 'action_profile_update'], 9);
36 }
37
38 if (is_admin() && (isset($_REQUEST['page']) && (in_array($_REQUEST['page'], ['pp-capabilities', 'pp-capabilities-backup', 'pp-capabilities-roles', 'pp-capabilities-admin-menus', 'pp-capabilities-editor-features', 'pp-capabilities-nav-menus', 'pp-capabilities-settings', 'pp-capabilities-admin-features']))
39
40 || (!empty($_REQUEST['action']) && in_array($_REQUEST['action'], ['pp-roles-add-role', 'pp-roles-delete-role', 'pp-roles-hide-role', 'pp-roles-unhide-role']))
41 || ( ! empty($_SERVER['SCRIPT_NAME']) && strpos(sanitize_text_field($_SERVER['SCRIPT_NAME']), 'p-admin/plugins.php' ) && ! empty($_REQUEST['action'] ) )
42 || ( isset($_GET['action']) && ('reset-defaults' == $_GET['action']) && isset($_REQUEST['_wpnonce']) && wp_verify_nonce($_REQUEST['_wpnonce'], 'capsman-reset-defaults') )
43 || in_array( $pagenow, array( 'users.php', 'user-edit.php', 'profile.php', 'user-new.php' ) )
44 ) ) {
45 global $capsman;
46
47 // Run the plugin
48 require_once ( dirname(CME_FILE) . '/framework/lib/formating.php' );
49 require_once ( dirname(CME_FILE) . '/framework/lib/users.php' );
50
51 require_once ( dirname(CME_FILE) . '/includes/manager.php' );
52 $capsman = new CapabilityManager();
53 } else {
54 add_action( 'admin_menu', [$this, 'cmeSubmenus'], 20 );
55 }
56
57 add_action('init', function() { // late execution avoids clash with autoloaders in other plugins
58 global $pagenow;
59
60 if ((($pagenow == 'admin.php') && isset($_GET['page']) && in_array($_GET['page'], ['pp-capabilities', 'pp-capabilities-roles', 'pp-capabilities-backup'])) // @todo: CSS for button alignment in Editor Features, Admin Features
61 || (defined('DOING_AJAX') && DOING_AJAX && !empty($_REQUEST['action']) && (false !== strpos(sanitize_key($_REQUEST['action']), 'capability-manager-enhanced')))
62 ) {
63 if (!class_exists('\PublishPress\WordPressReviews\ReviewsController')) {
64 include_once PUBLISHPRESS_CAPS_ABSPATH . '/vendor/publishpress/wordpress-reviews/ReviewsController.php';
65 }
66
67 if (class_exists('\PublishPress\WordPressReviews\ReviewsController')) {
68 $reviews = new \PublishPress\WordPressReviews\ReviewsController(
69 'capability-manager-enhanced',
70 'PublishPress Capabilities',
71 plugin_dir_url(CME_FILE) . 'common/img/capabilities-wp-logo.png'
72 );
73
74 add_filter('publishpress_wp_reviews_display_banner_capability-manager-enhanced', [$this, 'shouldDisplayBanner']);
75
76 $reviews->init();
77 }
78 }
79 });
80
81
82 add_filter('pp_capabilities_feature_post_types', [$this, 'fltEditorFeaturesPostTypes'], 5);
83 }
84
85 public function fltEditorFeaturesPostTypes($def_post_types) {
86 if((int)get_option('cme_editor_features_private_post_type') > 0 || defined('PP_CAPABILITIES_PRIVATE_TYPES')){
87 $private_cpt = get_post_types(['public' => true, 'show_ui' => true], 'names', 'or');
88 $public_cpt = get_post_types(['public' => true, 'show_ui' => true], 'names', 'or');
89 $def_post_types = array_unique(array_merge($def_post_types, $private_cpt, $public_cpt));
90 }else{
91 $def_post_types = array_merge($def_post_types, get_post_types(['public' => true], 'names'));
92 }
93
94 unset($def_post_types['attachment']);
95
96 if ((count($def_post_types) > 14) && !defined('PP_CAPABILITIES_UNLIMITED_FEATURE_TYPES')) {
97 $custom_types = array_diff($def_post_types, ['post', 'page']);
98 $def_post_types = array_merge(['post', 'page'], array_slice($custom_types, 0, 12));
99 }
100
101 return $def_post_types;
102 }
103
104 public function shouldDisplayBanner() {
105 global $pagenow;
106
107 return ($pagenow == 'admin.php') && isset($_GET['page']) && in_array($_GET['page'], ['pp-capabilities', 'pp-capabilities-roles', 'pp-capabilities-backup']);
108 }
109
110 private function applyFeatureRestrictions($editor = 'gutenberg') {
111 global $pagenow;
112
113 if (is_multisite() && is_super_admin() && !defined('PP_CAPABILITIES_RESTRICT_SUPER_ADMIN')) {
114 return;
115 }
116
117 // Return if not a post editor request
118 if (!in_array($pagenow, ['post.php', 'post-new.php'])) {
119 return;
120 }
121
122 static $def_post_types; // avoid redundant filter application
123
124 if (!isset($def_post_types)) {
125 $def_post_types = array_unique(apply_filters('pp_capabilities_feature_post_types', ['post', 'page']));
126 }
127
128 $post_type = pp_capabilities_get_post_type();
129
130 // Return if not a supported post type
131 if (in_array($post_type, apply_filters('pp_capabilities_unsupported_post_types', ['attachment']))) {
132 return;
133 }
134
135 switch ($editor) {
136 case 'gutenberg':
137 if (_pp_capabilities_is_block_editor_active()) {
138 require_once ( dirname(CME_FILE) . '/includes/features/restrict-editor-features.php' );
139 PP_Capabilities_Post_Features::applyRestrictions($post_type);
140 }
141
142 break;
143
144 case 'classic':
145 if (!_pp_capabilities_is_block_editor_active()) {
146 require_once ( dirname(CME_FILE) . '/includes/features/restrict-editor-features.php' );
147 PP_Capabilities_Post_Features::adminInitClassic($post_type);
148 }
149 }
150 }
151
152 function featureRestrictionsGutenberg() {
153 $this->applyFeatureRestrictions();
154 }
155
156 function featureRestrictionsClassic() {
157 $this->applyFeatureRestrictions('classic');
158 }
159
160 function adminScripts() {
161 global $publishpress;
162
163 if (function_exists('get_current_screen') && (!defined('PUBLISHPRESS_VERSION') || empty($publishpress) || empty($publishpress->modules) || empty($publishpress->modules->roles))) {
164 $screen = get_current_screen();
165
166 if ('user-edit' === $screen->base || ('user' === $screen->base && 'add' === $screen->action && defined('PP_CAPABILITIES_ADD_USER_MULTI_ROLES'))) {
167 // Check if we are on the user's profile page
168 wp_enqueue_script(
169 'pp-capabilities-chosen-js',
170 plugin_dir_url(CME_FILE) . 'common/libs/chosen-v1.8.7/chosen.jquery.js',
171 ['jquery'],
172 CAPSMAN_VERSION
173 );
174
175 wp_enqueue_script(
176 'pp-capabilities-roles-profile-js',
177 plugin_dir_url(CME_FILE) . 'common/js/profile.js',
178 ['jquery', 'pp-capabilities-chosen-js'],
179 CAPSMAN_VERSION
180 );
181
182 wp_enqueue_style(
183 'pp-capabilities-chosen-css',
184 plugin_dir_url(CME_FILE) . 'common/libs/chosen-v1.8.7/chosen.css',
185 false,
186 CAPSMAN_VERSION
187 );
188 wp_enqueue_style(
189 'pp-capabilities-roles-profile-css',
190 plugin_dir_url(CME_FILE) . 'common/css/profile.css',
191 ['pp-capabilities-chosen-css'],
192 CAPSMAN_VERSION
193 );
194
195 $roles = !empty($_GET['user_id']) ? $this->getUsersRoles((int) $_GET['user_id']) : [];
196
197 if (empty($roles)) {
198 $roles = (array) get_option('default_role');
199 }
200
201 wp_localize_script(
202 'pp-capabilities-roles-profile-js',
203 'ppCapabilitiesProfileData',
204 [
205 'selected_roles' => $roles
206 ]
207 );
208 }
209 }
210 }
211
212 function adminPrintScripts() {
213
214
215 /**
216 * Update capabilities top level slug from roles to capabilities
217 */
218 $menu_inline_script = "
219 jQuery(document).ready( function($) {
220 if (jQuery('li#toplevel_page_pp-capabilities-roles a.toplevel_page_pp-capabilities-roles').length > 0) {
221 var toplevel_page = jQuery('li#toplevel_page_pp-capabilities-roles a.toplevel_page_pp-capabilities-roles');
222 var toplevel_page_link = toplevel_page.attr('href');
223 if (toplevel_page_link) {
224 toplevel_page.attr('href', toplevel_page_link.replace('pp-capabilities-roles', 'pp-capabilities'));
225 }
226 }
227 });";
228 ppc_add_inline_script($menu_inline_script);
229
230 // Counteract overzealous menu icon styling in PublishPress <= 3.2.0 :)
231 if (defined('PUBLISHPRESS_VERSION') && version_compare(constant('PUBLISHPRESS_VERSION'), '3.2.0', '<=') && defined('PP_CAPABILITIES_FIX_ADMIN_ICON')):?>
232 <style type="text/css">
233 #toplevel_page_pp-capabilities-roles .dashicons-before::before, #toplevel_page_pp-capabilities-roles .wp-has-current-submenu .dashicons-before::before {
234 background-image: inherit !important;
235 content: "\f112" !important;
236 }
237 </style>
238 <?php endif;
239 }
240
241 /**
242 * Returns a list of roles with name and display name to populate a select field.
243 *
244 * @param int $userId
245 *
246 * @return array
247 */
248 protected function getUsersRoles($userId)
249 {
250 if (empty($userId)) {
251 return [];
252 }
253
254 $user = get_user_by('id', $userId);
255
256 if (empty($user)) {
257 return [];
258 }
259
260 return $user->roles;
261 }
262
263 public function action_profile_update($userId, $oldUserData = [])
264 {
265 // Check if we need to update the user's roles, allowing to set multiple roles.
266 if (!empty($_REQUEST['_wpnonce']) && wp_verify_nonce(sanitize_key($_REQUEST['_wpnonce']), 'update-user_' . $userId) && isset($_POST['pp_roles']) && current_user_can('promote_users')) {
267 // Remove the user's roles
268 $user = get_user_by('ID', $userId);
269
270 $newRoles = array_map('sanitize_key', $_POST['pp_roles']);
271 $currentRoles = $user->roles;
272
273 if (empty($newRoles) || !is_array($newRoles)) {
274 return;
275 }
276
277 // Remove unselected roles
278 foreach ($currentRoles as $role) {
279 // Check if it is a bbPress rule. If so, don't remove it.
280 $isBBPressRole = preg_match('/^bbp_/', $role);
281
282 if (!in_array($role, $newRoles) && !$isBBPressRole) {
283 $user->remove_role($role);
284 }
285 }
286
287 // Add new roles
288 foreach ($newRoles as $role) {
289 if (!in_array($role, $currentRoles)) {
290 $user->add_role($role);
291 }
292 }
293 }
294 }
295
296
297 // perf enhancement: display submenu links without loading framework and plugin code
298 function cmeSubmenus() {
299 // First we check if user is administrator and can 'manage_capabilities'.
300 if (current_user_can('administrator') && ! current_user_can('manage_capabilities')) {
301 if ($admin = get_role('administrator')) {
302 $admin->add_cap('manage_capabilities');
303 }
304 }
305
306 $cap_name = (is_multisite() && is_super_admin()) ? 'read' : 'manage_capabilities';
307
308 $permissions_title = __('Capabilities', 'capsman-enhanced');
309
310 $menu_order = 72;
311
312 if (defined('PUBLISHPRESS_PERMISSIONS_MENU_GROUPING')) {
313 foreach ((array)get_option('active_plugins') as $plugin_file) {
314 if ( false !== strpos($plugin_file, 'publishpress.php') ) {
315 $menu_order = 27;
316 }
317 }
318 }
319
320 add_menu_page(
321 $permissions_title,
322 $permissions_title,
323 $cap_name,
324 'pp-capabilities-roles',
325 'cme_fakefunc',
326 'dashicons-admin-network',
327 $menu_order
328 );
329
330 add_submenu_page('pp-capabilities-roles', __('Roles', 'capsman-enhanced'), __('Roles', 'capsman-enhanced'), $cap_name, 'pp-capabilities-roles', 'cme_fakefunc');
331 add_submenu_page('pp-capabilities-roles', $permissions_title, $permissions_title, $cap_name, 'pp-capabilities', 'cme_fakefunc');
332 add_submenu_page('pp-capabilities-roles', __('Editor Features', 'capsman-enhanced'), __('Editor Features', 'capsman-enhanced'), $cap_name, 'pp-capabilities-editor-features', 'cme_fakefunc');
333 add_submenu_page('pp-capabilities-roles', __('Admin Features', 'capsman-enhanced'), __('Admin Features', 'capsman-enhanced'), $cap_name, 'pp-capabilities-admin-features', 'cme_fakefunc');
334 add_submenu_page('pp-capabilities-roles', __('Admin Menus', 'capsman-enhanced'), __('Admin Menus', 'capsman-enhanced'), $cap_name, 'pp-capabilities-admin-menus', 'cme_fakefunc');
335 add_submenu_page('pp-capabilities-roles', __('Nav Menus', 'capsman-enhanced'), __('Nav Menus', 'capsman-enhanced'), $cap_name, 'pp-capabilities-nav-menus', 'cme_fakefunc');
336 add_submenu_page('pp-capabilities-roles', __('Backup', 'capsman-enhanced'), __('Backup', 'capsman-enhanced'), $cap_name, 'pp-capabilities-backup', 'cme_fakefunc');
337
338 if (defined('PUBLISHPRESS_CAPS_PRO_VERSION')) {
339 add_submenu_page('pp-capabilities-roles', __('Settings', 'capsman-enhanced'), __('Settings', 'capsman-enhanced'), $cap_name, 'pp-capabilities-settings', 'cme_fakefunc');
340 }
341
342 if (!defined('PUBLISHPRESS_CAPS_PRO_VERSION')) {
343 add_submenu_page(
344 'pp-capabilities-roles',
345 __('Upgrade to Pro', 'capsman-enhanced'),
346 __('Upgrade to Pro', 'capsman-enhanced'),
347 'manage_capabilities',
348 'capsman-enhanced',
349 'cme_fakefunc'
350 );
351 }
352 }
353 }
354