features
3 years ago
roles
3 years ago
admin-load.php
3 years ago
admin.php
3 years ago
backup-handler.php
3 years ago
backup.php
3 years ago
cap-helper.php
4 years ago
dashboard.php
3 years ago
filters-admin.php
4 years ago
filters-woocommerce.php
4 years ago
filters-wp_rest_workarounds.php
4 years ago
filters.php
4 years ago
functions-admin.php
3 years ago
functions.php
3 years ago
handler.php
4 years ago
inflect-cme.php
4 years ago
manager.php
3 years ago
network.php
4 years ago
pp-handler.php
4 years ago
pp-ui.php
3 years ago
publishpress-roles.php
4 years ago
settings-handler.php
3 years ago
settings-ui.php
3 years ago
settings.php
3 years ago
test-user-ui.php
3 years ago
test-user.php
3 years ago
functions-admin.php
463 lines
| 1 | <?php |
| 2 | |
| 3 | /* |
| 4 | * PublishPress Capabilities [Free] |
| 5 | * |
| 6 | * Functions available to wp-admin requests, which are not contained within a class |
| 7 | * |
| 8 | */ |
| 9 | |
| 10 | function cme_fakefunc() { |
| 11 | } |
| 12 | |
| 13 | function pp_capabilities_get_post_id() |
| 14 | { |
| 15 | global $post; |
| 16 | |
| 17 | if (defined('REST_REQUEST') && REST_REQUEST) { |
| 18 | if ($_post_id = apply_filters('presspermit_rest_post_id', 0)) { |
| 19 | return $_post_id; |
| 20 | } |
| 21 | } |
| 22 | |
| 23 | if (!empty($post) && is_object($post)) { |
| 24 | if ('auto-draft' == $post->post_status) { |
| 25 | return 0; |
| 26 | } else { |
| 27 | return $post->ID; |
| 28 | } |
| 29 | |
| 30 | } elseif (isset($_REQUEST['post'])) { |
| 31 | return (int)$_REQUEST['post']; |
| 32 | |
| 33 | } elseif (isset($_REQUEST['post_ID'])) { |
| 34 | return (int)$_REQUEST['post_ID']; |
| 35 | |
| 36 | } elseif (isset($_REQUEST['post_id'])) { |
| 37 | return (int)$_REQUEST['post_id']; |
| 38 | |
| 39 | } elseif (defined('WOOCOMMERCE_VERSION') && !empty($_REQUEST['product_id'])) { |
| 40 | return (int)$_REQUEST['product_id']; |
| 41 | } |
| 42 | } |
| 43 | |
| 44 | /** |
| 45 | * Based on Edit Flow's \Block_Editor_Compatible::should_apply_compat method. |
| 46 | * |
| 47 | * @return bool |
| 48 | */ |
| 49 | function _pp_capabilities_is_block_editor_active($post_type = '', $args = []) |
| 50 | { |
| 51 | global $current_user, $wp_version; |
| 52 | |
| 53 | $defaults = ['suppress_filter' => false, 'force_refresh' => false]; |
| 54 | $args = array_merge($defaults, $args); |
| 55 | $suppress_filter = $args['suppress_filter']; |
| 56 | |
| 57 | // Check if Revisionary lower than v1.3 is installed. It disables Gutenberg. |
| 58 | if (defined('REVISIONARY_VERSION') && version_compare(REVISIONARY_VERSION, '1.3-beta', '<')) { |
| 59 | return false; |
| 60 | } |
| 61 | |
| 62 | static $buffer; |
| 63 | if (!isset($buffer)) { |
| 64 | $buffer = []; |
| 65 | } |
| 66 | |
| 67 | if (!$post_type = pp_capabilities_get_post_type()) { |
| 68 | return true; |
| 69 | } |
| 70 | |
| 71 | if ($post_type_obj = get_post_type_object($post_type)) { |
| 72 | if (!$post_type_obj->show_in_rest) { |
| 73 | return false; |
| 74 | } |
| 75 | } |
| 76 | |
| 77 | if (isset($buffer[$post_type]) && empty($args['force_refresh']) && !$suppress_filter) { |
| 78 | return $buffer[$post_type]; |
| 79 | } |
| 80 | |
| 81 | if (class_exists('Classic_Editor')) { |
| 82 | if (isset($_REQUEST['classic-editor__forget']) && (isset($_REQUEST['classic']) || isset($_REQUEST['classic-editor']))) { |
| 83 | return false; |
| 84 | } elseif (isset($_REQUEST['classic-editor__forget']) && !isset($_REQUEST['classic']) && !isset($_REQUEST['classic-editor'])) { |
| 85 | return true; |
| 86 | } elseif (get_option('classic-editor-allow-users') === 'allow') { |
| 87 | if ($post_id = pp_capabilities_get_post_id()) { |
| 88 | $which = get_post_meta( $post_id, 'classic-editor-remember', true ); |
| 89 | |
| 90 | if ('block-editor' == $which) { |
| 91 | return true; |
| 92 | } elseif ('classic-editor' == $which) { |
| 93 | return false; |
| 94 | } |
| 95 | } else { |
| 96 | $use_block = ('block' == get_user_meta($current_user->ID, 'wp_classic-editor-settings')); |
| 97 | |
| 98 | if (version_compare($wp_version, '5.9-beta', '>=')) { |
| 99 | remove_action('use_block_editor_for_post_type', '_disable_block_editor_for_navigation_post_type', 10, 2); |
| 100 | remove_filter('use_block_editor_for_post_type', '_disable_block_editor_for_navigation_post_type', 10, 2); |
| 101 | } |
| 102 | |
| 103 | $use_block = $use_block && apply_filters('use_block_editor_for_post_type', $use_block, $post_type, PHP_INT_MAX); |
| 104 | |
| 105 | if (defined('PP_CAPABILITIES_RESTORE_NAV_TYPE_BLOCK_EDITOR_DISABLE') && version_compare($wp_version, '5.9-beta', '>=')) { |
| 106 | add_filter('use_block_editor_for_post_type', '_disable_block_editor_for_navigation_post_type', 10, 2 ); |
| 107 | } |
| 108 | |
| 109 | return $use_block; |
| 110 | } |
| 111 | } |
| 112 | } |
| 113 | |
| 114 | $pluginsState = array( |
| 115 | 'classic-editor' => class_exists( 'Classic_Editor' ), |
| 116 | 'gutenberg' => function_exists( 'the_gutenberg_project' ), |
| 117 | 'gutenberg-ramp' => class_exists('Gutenberg_Ramp'), |
| 118 | ); |
| 119 | |
| 120 | $conditions = []; |
| 121 | |
| 122 | if ($suppress_filter) remove_filter('use_block_editor_for_post_type', $suppress_filter, 10, 2); |
| 123 | |
| 124 | /** |
| 125 | * 5.0: |
| 126 | * |
| 127 | * Classic editor either disabled or enabled (either via an option or with GET argument). |
| 128 | * It's a hairy conditional :( |
| 129 | */ |
| 130 | |
| 131 | if (version_compare($wp_version, '5.9-beta', '>=')) { |
| 132 | remove_action('use_block_editor_for_post_type', '_disable_block_editor_for_navigation_post_type', 10, 2); |
| 133 | remove_filter('use_block_editor_for_post_type', '_disable_block_editor_for_navigation_post_type', 10, 2); |
| 134 | } |
| 135 | |
| 136 | // phpcs:ignore WordPress.VIP.SuperGlobalInputUsage.AccessDetected, WordPress.Security.NonceVerification.NoNonceVerification |
| 137 | $conditions[] = (version_compare($wp_version, '5.0', '>=') || $pluginsState['gutenberg']) |
| 138 | && ! $pluginsState['classic-editor'] |
| 139 | && ! $pluginsState['gutenberg-ramp'] |
| 140 | && apply_filters('use_block_editor_for_post_type', true, $post_type, PHP_INT_MAX); |
| 141 | |
| 142 | $conditions[] = version_compare($wp_version, '5.0', '>=') |
| 143 | && $pluginsState['classic-editor'] |
| 144 | && (get_option('classic-editor-replace') === 'block' |
| 145 | && ! isset($_GET['classic-editor__forget'])); |
| 146 | |
| 147 | $conditions[] = version_compare($wp_version, '5.0', '>=') |
| 148 | && $pluginsState['classic-editor'] |
| 149 | && (get_option('classic-editor-replace') === 'classic' |
| 150 | && isset($_GET['classic-editor__forget'])); |
| 151 | |
| 152 | $conditions[] = $pluginsState['gutenberg-ramp'] |
| 153 | && apply_filters('use_block_editor_for_post', true, get_post(pp_capabilities_get_post_id()), PHP_INT_MAX); |
| 154 | |
| 155 | if (defined('PP_CAPABILITIES_RESTORE_NAV_TYPE_BLOCK_EDITOR_DISABLE') && version_compare($wp_version, '5.9-beta', '>=')) { |
| 156 | add_filter('use_block_editor_for_post_type', '_disable_block_editor_for_navigation_post_type', 10, 2 ); |
| 157 | } |
| 158 | |
| 159 | // Returns true if at least one condition is true. |
| 160 | $result = count( |
| 161 | array_filter($conditions, |
| 162 | function ($c) { |
| 163 | return (bool)$c; |
| 164 | } |
| 165 | ) |
| 166 | ) > 0; |
| 167 | |
| 168 | if (!$suppress_filter) { |
| 169 | $buffer[$post_type] = $result; |
| 170 | } |
| 171 | |
| 172 | // Returns true if at least one condition is true. |
| 173 | return $result; |
| 174 | } |
| 175 | |
| 176 | /** |
| 177 | * Remove all non-alphanumeric and space characters from a string. |
| 178 | * |
| 179 | * @param string $string . |
| 180 | * |
| 181 | * @return string |
| 182 | * |
| 183 | * @since 2.1.1 |
| 184 | */ |
| 185 | function ppc_remove_non_alphanumeric_space_characters($string) |
| 186 | { |
| 187 | return preg_replace("/(\W)+/", "", $string); |
| 188 | } |
| 189 | |
| 190 | /** |
| 191 | * Get all capabilities backup section. |
| 192 | * |
| 193 | * @return array $backup_sections |
| 194 | */ |
| 195 | function pp_capabilities_backup_sections() |
| 196 | { |
| 197 | $cms_id = 'capsman'; |
| 198 | $backup_sections = []; |
| 199 | |
| 200 | //Editor Features |
| 201 | $backup_sections[$cms_id . '_editor_features_backup']['label'] = esc_html__('Editor Features', 'capsman-enhanced'); |
| 202 | $classic_editor = pp_capabilities_is_classic_editor_available(); |
| 203 | $def_post_types = array_unique(apply_filters('pp_capabilities_feature_post_types', ['post', 'page'])); |
| 204 | foreach ($def_post_types as $post_type) { |
| 205 | if ($classic_editor) { |
| 206 | $backup_sections[$cms_id . '_editor_features_backup']['options'][] = "capsman_feature_restrict_classic_{$post_type}"; |
| 207 | } |
| 208 | $backup_sections[$cms_id . '_editor_features_backup']['options'][] = "capsman_feature_restrict_{$post_type}"; |
| 209 | } |
| 210 | |
| 211 | //Admin Features |
| 212 | $backup_sections[$cms_id . '_admin_features_backup']['label'] = esc_html__('Admin Features', 'capsman-enhanced'); |
| 213 | $backup_sections[$cms_id . '_admin_features_backup']['options'][] = "capsman_disabled_admin_features"; |
| 214 | |
| 215 | //Profile Features |
| 216 | $backup_sections[$cms_id . '_profile_features_backup']['label'] = esc_html__('Profile Features', 'capsman-enhanced'); |
| 217 | $backup_sections[$cms_id . '_profile_features_backup']['options'][] = "capsman_disabled_profile_features"; |
| 218 | $backup_sections[$cms_id . '_profile_features_backup']['options'][] = "capsman_profile_features_elements"; |
| 219 | |
| 220 | //Nav Menu |
| 221 | $backup_sections['capsman_nav_menu_backup']['label'] = esc_html__('Nav Menu', 'capsman-enhanced'); |
| 222 | $backup_sections['capsman_nav_menu_backup']['options'][] = "capsman_nav_item_menus"; |
| 223 | |
| 224 | //settings |
| 225 | $backup_sections['capsman_settings_backup']['label'] = esc_html__('Settings', 'capsman-enhanced'); |
| 226 | $backup_sections['capsman_settings_backup']['options'] = pp_capabilities_settings_options(); |
| 227 | |
| 228 | return apply_filters('pp_capabilities_backup_sections', $backup_sections); |
| 229 | } |
| 230 | |
| 231 | /** |
| 232 | * Register and add inline styles. |
| 233 | * |
| 234 | * @param string $custom_css |
| 235 | * @param string $handle |
| 236 | * |
| 237 | * @return string |
| 238 | * |
| 239 | * @since 2.3.5 |
| 240 | */ |
| 241 | function ppc_add_inline_style($custom_css, $handle = 'ppc-dummy-css-handle') |
| 242 | { |
| 243 | wp_register_style(esc_attr($handle), false); |
| 244 | wp_enqueue_style(esc_attr($handle)); |
| 245 | wp_add_inline_style(esc_attr($handle), $custom_css); |
| 246 | } |
| 247 | |
| 248 | /** |
| 249 | * Register and add inline script. |
| 250 | * |
| 251 | * @param string $custom_script |
| 252 | * @param string $handle |
| 253 | * |
| 254 | * @return string |
| 255 | * |
| 256 | * @since 2.4.0 |
| 257 | */ |
| 258 | function ppc_add_inline_script($custom_script, $handle = 'ppc-dummy-script-handle') |
| 259 | { |
| 260 | wp_register_script(esc_attr($handle), false, ['jquery']); |
| 261 | wp_enqueue_script(esc_attr($handle), false, ['jquery']); |
| 262 | wp_add_inline_script(esc_attr($handle), $custom_script); |
| 263 | } |
| 264 | |
| 265 | function pp_capabilities_settings_options() { |
| 266 | $settings_options = [ |
| 267 | 'cme_editor_features_private_post_type', |
| 268 | 'cme_capabilities_show_private_taxonomies', |
| 269 | 'cme_capabilities_add_user_multi_roles', |
| 270 | 'cme_capabilities_edit_user_multi_roles', |
| 271 | 'cme_editor_features_classic_editor_tab', |
| 272 | 'cme_test_user_admin_bar', |
| 273 | 'cme_test_user_footer_notice', |
| 274 | 'cme_test_user_excluded_roles', |
| 275 | 'cme_profile_features_auto_redirect', |
| 276 | ]; |
| 277 | |
| 278 | return apply_filters('pp_capabilities_settings_options', $settings_options); |
| 279 | } |
| 280 | |
| 281 | function cme_publishpress_capabilities_capabilities($capabilities) { |
| 282 | |
| 283 | $capabilities = (array)$capabilities; |
| 284 | |
| 285 | $capabilities = array_merge( |
| 286 | $capabilities, |
| 287 | [ |
| 288 | 'manage_capabilities_dashboard', |
| 289 | 'manage_capabilities_roles', |
| 290 | 'manage_capabilities', |
| 291 | 'manage_capabilities_editor_features', |
| 292 | 'manage_capabilities_admin_features', |
| 293 | 'manage_capabilities_admin_menus', |
| 294 | 'manage_capabilities_profile_features', |
| 295 | 'manage_capabilities_nav_menus', |
| 296 | 'manage_capabilities_user_testing', |
| 297 | 'manage_capabilities_backup', |
| 298 | 'manage_capabilities_settings' |
| 299 | ] |
| 300 | ); |
| 301 | |
| 302 | $capabilities = array_unique($capabilities); |
| 303 | |
| 304 | return $capabilities; |
| 305 | } |
| 306 | |
| 307 | /** |
| 308 | * Dashboard items |
| 309 | * |
| 310 | * @param mixed $current |
| 311 | * @param bool $role_edit whether current action is role edit |
| 312 | * @param bool $role_copy whether current action is role copy |
| 313 | * |
| 314 | * @return array |
| 315 | */ |
| 316 | function pp_capabilities_dashboard_options() { |
| 317 | |
| 318 | $features = []; |
| 319 | |
| 320 | $features['roles'] = [ |
| 321 | 'label' => esc_html__('Roles', 'capsman-enhanced'), |
| 322 | 'description' => esc_html__('Create, edit, and delete user roles.', 'capsman-enhanced'), |
| 323 | ]; |
| 324 | |
| 325 | $features['capabilities'] = [ |
| 326 | 'label' => esc_html__('Capabilities', 'capsman-enhanced'), |
| 327 | 'description' => esc_html__('Add or remove capabilities from any user role.', 'capsman-enhanced'), |
| 328 | ]; |
| 329 | |
| 330 | $features['editor-features'] = [ |
| 331 | 'label' => esc_html__('Editor Features', 'capsman-enhanced'), |
| 332 | 'description' => esc_html__('Remove elements from the post editing screen.', 'capsman-enhanced'), |
| 333 | ]; |
| 334 | |
| 335 | $features['admin-features'] = [ |
| 336 | 'label' => esc_html__('Admin Features', 'capsman-enhanced'), |
| 337 | 'description' => esc_html__('Remove elements from the admin area and toolbar.', 'capsman-enhanced'), |
| 338 | ]; |
| 339 | |
| 340 | $features['profile-features'] = [ |
| 341 | 'label' => esc_html__('Profile Features', 'capsman-enhanced'), |
| 342 | 'description' => esc_html__('Remove elements from the Profile screen.', 'capsman-enhanced'), |
| 343 | ]; |
| 344 | |
| 345 | $features['nav-menus'] = [ |
| 346 | 'label' => esc_html__('Nav Menus', 'capsman-enhanced'), |
| 347 | 'description' => esc_html__('Block access to frontend menu links.', 'capsman-enhanced'), |
| 348 | ]; |
| 349 | |
| 350 | $features['user-testing'] = [ |
| 351 | 'label' => esc_html__('User Testing', 'capsman-enhanced'), |
| 352 | 'description' => esc_html__('Test your site by instantly logging in as another user. Available accounts include any which the current user can edit.', 'capsman-enhanced'), |
| 353 | ]; |
| 354 | |
| 355 | $features = apply_filters('pp_capabilities_dashboard_features', $features); |
| 356 | |
| 357 | return $features; |
| 358 | } |
| 359 | |
| 360 | |
| 361 | |
| 362 | /** |
| 363 | * Return list of capabilities sub menus |
| 364 | * |
| 365 | * @param boolean $cme_fakefunc |
| 366 | * @return void |
| 367 | */ |
| 368 | function pp_capabilities_sub_menu_lists($cme_fakefunc = false) { |
| 369 | global $capsman; |
| 370 | |
| 371 | $super_user = (is_multisite() && is_super_admin()); |
| 372 | |
| 373 | $sub_menu_pages = []; |
| 374 | $sub_menu_pages['dashboard'] = [ |
| 375 | 'title' => __('Dashboard', 'capsman-enhanced'), |
| 376 | 'capabilities' => $super_user ? 'read' : 'manage_capabilities_dashboard', |
| 377 | 'page' => 'pp-capabilities-dashboard', |
| 378 | 'callback' => $cme_fakefunc ? 'cme_fakefunc' : [$capsman, 'dashboardPage'], |
| 379 | 'dashboard_control' => false, |
| 380 | ]; |
| 381 | $sub_menu_pages['roles'] = [ |
| 382 | 'title' => __('Roles', 'capsman-enhanced'), |
| 383 | 'capabilities' => $super_user ? 'read' : 'manage_capabilities_roles', |
| 384 | 'page' => 'pp-capabilities-roles', |
| 385 | 'callback' => $cme_fakefunc ? 'cme_fakefunc' : [$capsman, 'ManageRoles'], |
| 386 | 'dashboard_control' => true, |
| 387 | ]; |
| 388 | $sub_menu_pages['capabilities'] = [ |
| 389 | 'title' => __('Capabilities', 'capsman-enhanced'), |
| 390 | 'capabilities' => $super_user ? 'read' : 'manage_capabilities', |
| 391 | 'page' => 'pp-capabilities', |
| 392 | 'callback' => $cme_fakefunc ? 'cme_fakefunc' : [$capsman, 'generalManager'], |
| 393 | 'dashboard_control' => true, |
| 394 | ]; |
| 395 | $sub_menu_pages['editor-features'] = [ |
| 396 | 'title' => __('Editor Features', 'capsman-enhanced'), |
| 397 | 'capabilities' => $super_user ? 'read' : 'manage_capabilities_editor_features', |
| 398 | 'page' => 'pp-capabilities-editor-features', |
| 399 | 'callback' => $cme_fakefunc ? 'cme_fakefunc' : [$capsman, 'ManageEditorFeatures'], |
| 400 | 'dashboard_control' => true, |
| 401 | ]; |
| 402 | $sub_menu_pages['admin-features'] = [ |
| 403 | 'title' => __('Admin Features', 'capsman-enhanced'), |
| 404 | 'capabilities' => $super_user ? 'read' : 'manage_capabilities_admin_features', |
| 405 | 'page' => 'pp-capabilities-admin-features', |
| 406 | 'callback' => $cme_fakefunc ? 'cme_fakefunc' : [$capsman, 'ManageAdminFeatures'], |
| 407 | 'dashboard_control' => true, |
| 408 | ]; |
| 409 | $sub_menu_pages['profile-features'] = [ |
| 410 | 'title' => __('Profile Features', 'capsman-enhanced'), |
| 411 | 'capabilities' => $super_user ? 'read' : 'manage_capabilities_profile_features', |
| 412 | 'page' => 'pp-capabilities-profile-features', |
| 413 | 'callback' => $cme_fakefunc ? 'cme_fakefunc' : [$capsman, 'ManageProfileFeatures'], |
| 414 | 'dashboard_control' => true, |
| 415 | ]; |
| 416 | if ($cme_fakefunc) { |
| 417 | $sub_menu_pages['admin-menus'] = [ |
| 418 | 'title' => __('Admin Menus', 'capsman-enhanced'), |
| 419 | 'capabilities' => $super_user ? 'read' : 'manage_capabilities_admin_menus', |
| 420 | 'page' => 'pp-capabilities-admin-menus', |
| 421 | 'callback' => 'cme_fakefunc', |
| 422 | 'dashboard_control' => true, |
| 423 | ]; |
| 424 | } |
| 425 | $sub_menu_pages['nav-menus'] = [ |
| 426 | 'title' => __('Nav Menus', 'capsman-enhanced'), |
| 427 | 'capabilities' => $super_user ? 'read' : 'manage_capabilities_nav_menus', |
| 428 | 'page' => 'pp-capabilities-nav-menus', |
| 429 | 'callback' => $cme_fakefunc ? 'cme_fakefunc' : [$capsman, 'ManageNavMenus'], |
| 430 | 'dashboard_control' => true, |
| 431 | ]; |
| 432 | $sub_menu_pages['backup'] = [ |
| 433 | 'title' => __('Backup', 'capsman-enhanced'), |
| 434 | 'capabilities' => $super_user ? 'read' : 'manage_capabilities_backup', |
| 435 | 'page' => 'pp-capabilities-backup', |
| 436 | 'callback' => $cme_fakefunc ? 'cme_fakefunc' : [$capsman, 'backupTool'], |
| 437 | 'dashboard_control' => false, |
| 438 | ]; |
| 439 | $sub_menu_pages['settings'] = [ |
| 440 | 'title' => __('Settings', 'capsman-enhanced'), |
| 441 | 'capabilities' => $super_user ? 'read' : 'manage_capabilities_settings', |
| 442 | 'page' => 'pp-capabilities-settings', |
| 443 | 'callback' => $cme_fakefunc ? 'cme_fakefunc' : [$capsman, 'settingsPage'], |
| 444 | 'dashboard_control' => false, |
| 445 | ]; |
| 446 | |
| 447 | $sub_menu_pages = apply_filters('pp_capabilities_sub_menu_lists', $sub_menu_pages, $cme_fakefunc); |
| 448 | |
| 449 | return $sub_menu_pages; |
| 450 | } |
| 451 | |
| 452 | function pp_capabilities_user_can_caps() { |
| 453 | $ppc_user_caps = []; |
| 454 | |
| 455 | $menu_caps = apply_filters('cme_publishpress_capabilities_capabilities', []); |
| 456 | foreach ($menu_caps as $menu_cap) { |
| 457 | if (current_user_can($menu_cap)) { |
| 458 | $ppc_user_caps[] = $menu_cap; |
| 459 | } |
| 460 | } |
| 461 | |
| 462 | return $ppc_user_caps; |
| 463 | } |