PluginProbe ʕ •ᴥ•ʔ
Elementor Website Builder – more than just a page builder / 3.26.0-beta2
Elementor Website Builder – more than just a page builder v3.26.0-beta2
4.1.1 4.1.0 4.1.0-beta3 4.1.0-dev3 4.0.9 4.1.0-beta2 4.1.0-dev2 4.0.8 4.1.0-beta1 4.1.0-dev1 4.0.7 4.0.6 4.0.5 4.0.4 4.0.3 3.22.0-dev1 4.0.0-beta3 3.22.0-dev2 4.0.0-beta4 3.22.0-dev3 4.0.0-beta5 3.22.0-dev4 4.0.0-dev1 3.22.0-dev5 4.0.0-dev2 3.22.0-dev6 4.0.0-dev3 3.22.1 4.0.0-dev4 3.22.2 4.0.0-dev5 3.22.3 4.0.1 3.23.0 4.0.2 3.23.0-beta1 3.23.0-beta2 3.23.0-beta3 3.23.0-beta4 3.23.0-beta5 3.23.0-beta6 3.23.0-dev1 3.23.0-dev2 3.23.0-dev3 3.23.0-dev4 3.23.0-dev5 3.23.0-dev6 3.23.1 3.23.2 3.23.3 3.23.4 3.24.0 3.24.0-beta1 3.24.0-beta2 3.24.0-beta3 3.24.0-dev1 3.24.0-dev2 3.24.0-dev3 3.24.1 3.24.2 3.24.3 3.24.4 3.24.5 3.24.6 3.24.7 3.24.8 3.25.0 3.25.0-beta1 3.25.0-beta2 3.25.0-beta3 3.25.0-dev1 3.25.0-dev2 3.25.0-dev3 3.25.1 3.25.10 3.25.11 3.25.2 3.25.3 3.25.4 3.25.5 3.25.6 3.25.7 3.25.8 3.25.9 3.26.0 3.26.0-beta1 3.26.0-beta2 3.26.0-beta3 3.26.0-beta4 3.26.0-beta5 3.26.0-dev1 3.26.0-dev2 3.26.0-dev3 3.26.0-dev4 3.26.0-dev5 3.26.1 3.26.2 3.26.3 3.26.4 3.26.5 3.27.0 3.27.0-beta1 3.27.0-beta2 3.27.0-dev1 3.27.0-dev2 3.27.1 3.27.2 3.27.3 3.27.4 3.27.5 3.27.6 3.27.7 3.28.0 3.28.0-beta1 3.28.0-beta2 3.28.0-beta3 3.28.0-dev1 3.28.0-dev2 3.28.0-dev3 3.28.1 3.28.2 3.28.3 3.28.4 3.29.0 3.29.0-beta1 trunk 3.29.0-beta2 3.0.0 3.29.0-beta3 3.0.1 3.29.0-beta4 3.0.10 3.29.0-dev1 3.0.11 3.29.0-dev2 3.0.12 3.29.0-dev3 3.0.13 3.29.0-dev4 3.0.14 3.29.1 3.0.15 3.29.2 3.0.16 3.3.0 3.0.2 3.3.1 3.0.3 3.30.0 3.0.4 3.30.0-beta1 3.0.5 3.30.0-beta2 3.0.6 3.30.0-beta3 3.0.7 3.30.0-dev1 3.0.8 3.30.0-dev2 3.0.8.1 3.30.0-dev3 3.0.9 3.30.1 3.1.0 3.30.2 3.1.0-beta1 3.30.3 3.1.0-beta2 3.30.4 3.1.0-beta3 3.31.0 3.1.0-beta4 3.31.0-beta1 3.1.0-dev1 3.31.0-beta2 3.1.0-dev2 3.31.0-dev1 3.1.0-dev3 3.31.0-dev2 3.1.1 3.31.1 3.1.2 3.31.2 3.1.3 3.31.3 3.1.4 3.31.4 3.10.0 3.31.5 3.10.0-dev1 3.32.0 3.10.1 3.32.0-beta1 3.10.2 3.32.0-beta2 3.11.0 3.32.0-beta3 3.11.0-beta1 3.32.0-dev1 3.11.0-beta2 3.32.0-dev2 3.11.0-beta3 3.32.0-dev3 3.11.0-dev1 3.32.1 3.11.0-dev2 3.32.2 3.11.0-dev3 3.32.3 3.11.1 3.32.4 3.11.2 3.32.5 3.11.3 3.33.0 3.11.4 3.33.0-beta1 3.11.5 3.33.0-beta2 3.12.0 3.33.0-beta3 3.12.1 3.33.0-beta4 3.12.2 3.33.0-dev1 3.13.0 3.33.0-dev2 3.13.0-beta1 3.33.0-dev3 3.13.0-beta2 3.33.0-dev4 3.13.0-beta3 3.33.1 3.13.0-dev3 3.33.2 3.13.0-dev4 3.33.3 3.13.1 3.33.4 3.13.2 3.33.5 3.13.3 3.33.6 3.13.4 3.34.0 3.14.0 3.34.0-beta1 3.14.0-beta1 3.34.0-beta2 3.14.0-beta2 3.34.0-beta3 3.14.0-beta3 3.34.0-dev1 3.14.0-beta4 3.34.0-dev2 3.14.0-beta5 3.34.1 3.14.1 3.34.2 3.15.0 3.34.3 3.15.1 3.34.4 3.15.2 3.35.0 3.15.3 3.35.0-beta1 3.16.0 3.35.0-beta2 3.16.0-beta3 3.35.0-beta3 3.16.0-beta4 3.35.0-beta4 3.16.0-dev1 3.35.0-dev1 3.16.0-dev2 3.35.0-dev2 3.16.1 3.35.0-dev3 3.16.2 3.35.0-dev4 3.16.3 3.35.1 3.16.4 3.35.2 3.16.5 3.35.3 3.16.6 3.35.4 3.17.0 3.35.5 3.17.0-dev2 3.35.6 3.17.0-dev3 3.35.7 3.17.0-dev4 3.35.8 3.17.1 3.35.9 3.17.2 3.4.0 3.17.3 3.4.0-dev7 3.18.0 3.4.0-dev8 3.18.0-beta1 3.4.0-dev9 3.18.0-beta2 3.4.1 3.18.0-beta3 3.4.2 3.18.0-beta4 3.4.3 3.18.0-dev1 3.4.4 3.18.1 3.4.5 3.18.2 3.4.6 3.18.3 3.4.7 3.19.0 3.4.8 3.19.0-beta1 3.5.0 3.19.0-beta2 3.5.0-beta1 3.19.0-beta3 3.5.0-beta2 3.19.0-beta4 3.5.0-beta3 3.19.0-beta5 3.5.0-beta4 3.19.0-beta6 3.5.0-beta5 3.19.0-dev1 3.5.0-beta7 3.19.0-dev2 3.5.0-beta8 3.19.0-dev3 3.5.0-dev8 3.19.0-dev4 3.5.0-dev9 3.19.0-dev5 3.5.1 3.19.0-dev6 3.5.2 3.19.1 3.5.3 3.19.2 3.5.4 3.19.3 3.5.5 3.19.4 3.5.6 3.2.0 3.6.0 3.2.1 3.6.0-beta1 3.2.2 3.6.0-beta2 3.2.3 3.6.0-beta3 3.2.4 3.6.0-beta4 3.2.5 3.6.0-beta5 3.20.0 3.6.0-dev1 3.20.0-beta1 3.6.0-dev10 3.20.0-beta2 3.6.1 3.20.0-beta3 3.6.2 3.20.0-beta4 3.6.3 3.20.0-dev1 3.6.4 3.20.0-dev2 3.6.5 3.20.0-dev3 3.6.6 3.20.0-dev4 3.6.7 3.20.1 3.6.8 3.20.2 3.7.0 3.20.3 3.7.0-beta1 3.20.4 3.7.0-beta2 3.21.0 3.7.0-beta3 3.21.0-beta1 3.7.0-beta4 3.21.0-beta2 3.7.0-dev1 3.21.0-beta3 3.7.1 3.21.0-dev1 3.7.2 3.21.0-dev2 3.7.3 3.21.0-dev3 3.7.4 3.21.1 3.7.5 3.21.2 3.7.6 3.21.3 3.7.7 3.21.4 3.7.8 3.21.5 3.8.0 3.21.6 3.8.0-beta1 3.21.7 3.8.0-beta2 3.21.8 3.8.0-beta3 3.22.0 3.8.1 3.22.0-beta1 3.9.0 3.22.0-beta2 3.9.1 3.22.0-beta3 3.9.2 3.22.0-beta4 4.0.0 3.22.0-beta5 4.0.0-beta1 3.22.0-beta6 4.0.0-beta2
elementor / includes / user.php
elementor / includes Last commit date
admin-templates 1 year ago base 1 year ago container 1 year ago controls 1 year ago editor-templates 1 year ago elements 1 year ago interfaces 1 year ago libraries 1 year ago managers 1 year ago settings 1 year ago template-library 1 year ago widgets 1 year ago api.php 1 year ago autoloader.php 1 year ago beta-testers.php 3 years ago compatibility.php 1 year ago conditions.php 3 years ago db.php 2 years ago editor-assets-api.php 1 year ago embed.php 1 year ago fonts.php 1 year ago frontend.php 1 year ago heartbeat.php 3 years ago maintenance-mode.php 2 years ago maintenance.php 3 years ago plugin.php 1 year ago preview.php 1 year ago rollback.php 3 years ago shapes.php 1 year ago stylesheet.php 1 year ago tracker.php 1 year ago user.php 2 years ago utils.php 1 year ago
user.php
415 lines
1 <?php
2 namespace Elementor;
3
4 use Elementor\Core\Common\Modules\Ajax\Module as Ajax;
5
6 if ( ! defined( 'ABSPATH' ) ) {
7 exit; // Exit if accessed directly.
8 }
9
10 /**
11 * Elementor user.
12 *
13 * Elementor user handler class is responsible for checking if the user can edit
14 * with Elementor and displaying different admin notices.
15 *
16 * @since 1.0.0
17 */
18 class User {
19
20 /**
21 * Holds the admin notices key.
22 *
23 * @var string Admin notices key.
24 */
25 const ADMIN_NOTICES_KEY = 'elementor_admin_notices';
26
27 /**
28 * Holds the editor introduction screen key.
29 *
30 * @var string Introduction key.
31 */
32 const INTRODUCTION_KEY = 'elementor_introduction';
33
34 /**
35 * Holds the beta tester key.
36 *
37 * @var string Beta tester key.
38 */
39 const BETA_TESTER_META_KEY = 'elementor_beta_tester';
40
41 /**
42 * Holds the URL of the Beta Tester Opt-in API.
43 *
44 * @since 1.0.0
45 *
46 * @var string API URL.
47 */
48 const BETA_TESTER_API_URL = 'https://my.elementor.com/api/v1/beta_tester/';
49
50 /**
51 * Holds the dismissed editor notices key.
52 *
53 * @since 3.19.0
54 *
55 * @var string Editor notices key.
56 */
57 const DISMISSED_EDITOR_NOTICES_KEY = 'elementor_dismissed_editor_notices';
58
59 /**
60 * Init.
61 *
62 * Initialize Elementor user.
63 *
64 * @since 1.0.0
65 * @access public
66 * @static
67 */
68 public static function init() {
69 add_action( 'wp_ajax_elementor_set_admin_notice_viewed', [ __CLASS__, 'ajax_set_admin_notice_viewed' ] );
70 add_action( 'admin_post_elementor_set_admin_notice_viewed', [ __CLASS__, 'ajax_set_admin_notice_viewed' ] );
71
72 add_action( 'elementor/ajax/register_actions', [ __CLASS__, 'register_ajax_actions' ] );
73 }
74
75 /**
76 * @since 2.1.0
77 * @access public
78 * @static
79 */
80 public static function register_ajax_actions( Ajax $ajax ) {
81 $ajax->register_ajax_action( 'introduction_viewed', [ __CLASS__, 'set_introduction_viewed' ] );
82 $ajax->register_ajax_action( 'beta_tester_signup', [ __CLASS__, 'register_as_beta_tester' ] );
83 $ajax->register_ajax_action( 'dismissed_editor_notices', [ __CLASS__, 'set_dismissed_editor_notices' ] );
84 }
85
86 /**
87 * Is current user can edit.
88 *
89 * Whether the current user can edit the post.
90 *
91 * @since 1.0.0
92 * @access public
93 * @static
94 *
95 * @param int $post_id Optional. The post ID. Default is `0`.
96 *
97 * @return bool Whether the current user can edit the post.
98 */
99 public static function is_current_user_can_edit( $post_id = 0 ) {
100 $post = get_post( $post_id );
101
102 if ( ! $post ) {
103 return false;
104 }
105
106 if ( 'trash' === get_post_status( $post->ID ) ) {
107 return false;
108 }
109
110 if ( ! self::is_current_user_can_edit_post_type( $post->post_type ) ) {
111 return false;
112 }
113
114 $post_type_object = get_post_type_object( $post->post_type );
115
116 if ( ! isset( $post_type_object->cap->edit_post ) ) {
117 return false;
118 }
119
120 $edit_cap = $post_type_object->cap->edit_post;
121 if ( ! current_user_can( $edit_cap, $post->ID ) ) {
122 return false;
123 }
124
125 if ( intval( get_option( 'page_for_posts' ) ) === $post->ID ) {
126 return false;
127 }
128
129 return true;
130 }
131
132 /**
133 * Is current user can access elementor.
134 *
135 * Whether the current user role is not excluded by Elementor Settings.
136 *
137 * @since 2.1.7
138 * @access public
139 * @static
140 *
141 * @return bool True if can access, False otherwise.
142 */
143 public static function is_current_user_in_editing_black_list() {
144 $user = wp_get_current_user();
145 $exclude_roles = get_option( 'elementor_exclude_user_roles', [] );
146
147 $compare_roles = array_intersect( $user->roles, $exclude_roles );
148 if ( ! empty( $compare_roles ) ) {
149 return false;
150 }
151
152 return true;
153 }
154
155 /**
156 * Is current user can edit post type.
157 *
158 * Whether the current user can edit the given post type.
159 *
160 * @since 1.9.0
161 * @access public
162 * @static
163 *
164 * @param string $post_type the post type slug to check.
165 *
166 * @return bool True if can edit, False otherwise.
167 */
168 public static function is_current_user_can_edit_post_type( $post_type ) {
169 if ( ! self::is_current_user_in_editing_black_list() ) {
170 return false;
171 }
172
173 if ( ! Utils::is_post_type_support( $post_type ) ) {
174 return false;
175 }
176
177 $post_type_object = get_post_type_object( $post_type );
178
179 if ( ! current_user_can( $post_type_object->cap->edit_posts ) ) {
180 return false;
181 }
182
183 return true;
184 }
185
186 /**
187 * Get user notices.
188 *
189 * Retrieve the list of notices for the current user.
190 *
191 * @since 2.0.0
192 * @access public
193 * @static
194 *
195 * @return array A list of user notices.
196 */
197 public static function get_user_notices() {
198 $notices = get_user_meta( get_current_user_id(), self::ADMIN_NOTICES_KEY, true );
199 return is_array( $notices ) ? $notices : [];
200 }
201
202 /**
203 * Is admin notice viewed.
204 *
205 * Whether the admin notice was viewed by the current user.
206 *
207 * @since 1.0.0
208 * @access public
209 * @static
210 *
211 * @param int $notice_id The notice ID.
212 *
213 * @return bool Whether the admin notice was viewed by the user.
214 */
215 public static function is_user_notice_viewed( $notice_id ) {
216 $notices = self::get_user_notices();
217
218 if ( empty( $notices[ $notice_id ] ) ) {
219 return false;
220 }
221
222 // BC: Handles old structure ( `[ 'notice_id' => 'true' ]` ).
223 if ( 'true' === $notices[ $notice_id ] ) {
224 return true;
225 }
226
227 return $notices[ $notice_id ]['is_viewed'] ?? false;
228 }
229
230 /**
231 * Checks whether the current user is allowed to upload JSON files.
232 *
233 * Note: The 'json-upload' capability is managed by the Role Manager as a part of its blacklist restrictions.
234 * In this context, we are negating the user's permission check to use it as a whitelist, allowing uploads.
235 *
236 * @return bool Whether the current user can upload JSON files.
237 */
238 public static function is_current_user_can_upload_json() {
239 return current_user_can( 'manage_options' ) || ! Plugin::instance()->role_manager->user_can( 'json-upload' );
240 }
241
242 public static function is_current_user_can_use_custom_html() {
243 return current_user_can( 'manage_options' ) || ! Plugin::instance()->role_manager->user_can( 'custom-html' );
244 }
245
246 /**
247 * Set admin notice as viewed.
248 *
249 * Flag the admin notice as viewed by the current user, using an authenticated ajax request.
250 *
251 * Fired by `wp_ajax_elementor_set_admin_notice_viewed` action.
252 *
253 * @since 1.0.0
254 * @access public
255 * @static
256 */
257 public static function ajax_set_admin_notice_viewed() {
258 // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification
259 $notice_id = Utils::get_super_global_value( $_REQUEST, 'notice_id' );
260
261 if ( ! $notice_id ) {
262 wp_die();
263 }
264
265 self::set_user_notice( $notice_id );
266
267 if ( ! wp_doing_ajax() ) {
268 wp_safe_redirect( admin_url() );
269 die;
270 }
271
272 wp_die();
273 }
274
275 /**
276 * @param $notice_id
277 * @param $is_viewed
278 * @param $meta
279 *
280 * @return void
281 */
282 public static function set_user_notice( $notice_id, $is_viewed = true, $meta = null ) {
283 $notices = self::get_user_notices();
284
285 if ( ! is_array( $meta ) ) {
286 $meta = $notices[ $notice_id ]['meta'] ?? [];
287 }
288
289 $notices[ $notice_id ] = [
290 'is_viewed' => $is_viewed,
291 'meta' => $meta,
292 ];
293
294 update_user_meta( get_current_user_id(), self::ADMIN_NOTICES_KEY, $notices );
295 }
296
297 /**
298 * @since 2.1.0
299 * @access public
300 * @static
301 */
302 public static function set_introduction_viewed( array $data ) {
303 $user_introduction_meta = self::get_introduction_meta();
304
305 $user_introduction_meta[ $data['introductionKey'] ] = true;
306
307 update_user_meta( get_current_user_id(), self::INTRODUCTION_KEY, $user_introduction_meta );
308 }
309
310 /**
311 * @throws \Exception
312 */
313 public static function register_as_beta_tester( array $data ) {
314 if ( ! current_user_can( 'install_plugins' ) ) {
315 throw new \Exception( __( 'You do not have permission to install plugins.', 'elementor' ) );
316 }
317
318 update_user_meta( get_current_user_id(), self::BETA_TESTER_META_KEY, true );
319 $response = wp_safe_remote_post(
320 self::BETA_TESTER_API_URL,
321 [
322 'timeout' => 25,
323 'body' => [
324 'api_version' => ELEMENTOR_VERSION,
325 'site_lang' => get_bloginfo( 'language' ),
326 'beta_tester_email' => $data['betaTesterEmail'],
327 ],
328 ]
329 );
330
331 $response_code = (int) wp_remote_retrieve_response_code( $response );
332
333 if ( 200 === $response_code ) {
334 self::set_introduction_viewed( [
335 'introductionKey' => Beta_Testers::BETA_TESTER_SIGNUP,
336 ] );
337 }
338 }
339
340 /**
341 * @param string $key
342 *
343 * @return array|mixed|string
344 * @since 2.1.0
345 * @access public
346 * @static
347 */
348 public static function get_introduction_meta( $key = '' ) {
349 $user_introduction_meta = get_user_meta( get_current_user_id(), self::INTRODUCTION_KEY, true );
350
351 if ( ! $user_introduction_meta ) {
352 $user_introduction_meta = [];
353 }
354
355 if ( $key ) {
356 return empty( $user_introduction_meta[ $key ] ) ? '' : $user_introduction_meta[ $key ];
357 }
358
359 return $user_introduction_meta;
360 }
361
362 /**
363 * Get a user option with default value as fallback.
364 *
365 * @param string $option - Option key.
366 * @param int $user_id - User ID
367 * @param mixed $default - Default fallback value.
368 *
369 * @return mixed
370 */
371 public static function get_user_option_with_default( $option, $user_id, $default ) {
372 $value = get_user_option( $option, $user_id );
373
374 return ( false === $value ) ? $default : $value;
375 }
376
377 /**
378 * Get dismissed editor notices.
379 *
380 * Retrieve the list of dismissed editor notices for the current user.
381 *
382 * @since 3.19.0
383 * @access public
384 * @static
385 *
386 * @return array A list of dismissed editor notices.
387 */
388 public static function get_dismissed_editor_notices() {
389 $notices = get_user_meta( get_current_user_id(), self::DISMISSED_EDITOR_NOTICES_KEY, true );
390
391 return is_array( $notices ) ? $notices : [];
392 }
393
394 /**
395 * Set dismissed editor notices for the current user.
396 *
397 * @since 3.19.0
398 * @access public
399 * @static
400 *
401 * @param array $data Editor notices.
402 *
403 * @return void
404 */
405 public static function set_dismissed_editor_notices( array $data ) {
406 $editor_notices = self::get_dismissed_editor_notices();
407
408 if ( ! in_array( $data['dismissId'], $editor_notices, true ) ) {
409 $editor_notices[] = $data['dismissId'];
410
411 update_user_meta( get_current_user_id(), self::DISMISSED_EDITOR_NOTICES_KEY, $editor_notices );
412 }
413 }
414 }
415