user.php — Elementor Website Builder – more than just a page builder 3.5.0-beta4

elementor / includes / user.php

elementor / includes Last commit date

admin-templates 4 years ago base 4 years ago controls 4 years ago editor-templates 4 years ago elements 4 years ago interfaces 6 years ago libraries 5 years ago managers 4 years ago settings 4 years ago template-library 4 years ago widgets 4 years ago api.php 4 years ago autoloader.php 4 years ago beta-testers.php 6 years ago compatibility.php 4 years ago conditions.php 6 years ago db.php 5 years ago embed.php 4 years ago fonts.php 4 years ago frontend.php 4 years ago heartbeat.php 7 years ago maintenance-mode.php 4 years ago maintenance.php 4 years ago plugin.php 4 years ago preview.php 4 years ago rollback.php 4 years ago shapes.php 6 years ago stylesheet.php 4 years ago tracker.php 4 years ago user.php 4 years ago utils.php 4 years ago

user.php

295 lines

1	<?php
2	namespace Elementor;
3
4	use Elementor\Core\Common\Modules\Ajax\Module as Ajax;
5
6	if ( ! defined( 'ABSPATH' ) ) {
7	exit; // Exit if accessed directly.
8	}
9
10	/**
11	* Elementor user.
12	*
13	* Elementor user handler class is responsible for checking if the user can edit
14	* with Elementor and displaying different admin notices.
15	*
16	* @since 1.0.0
17	*/
18	class User {
19
20	/**
21	* The admin notices key.
22	*/
23	const ADMIN_NOTICES_KEY = 'elementor_admin_notices';
24
25	const INTRODUCTION_KEY = 'elementor_introduction';
26
27	const BETA_TESTER_META_KEY = 'elementor_beta_tester';
28
29	/**
30	* API URL.
31	*
32	* Holds the URL of the Beta Tester Opt-in API.
33	*
34	* @since 1.0.0
35	* @access private
36	*
37	* @var string API URL.
38	*/
39	const BETA_TESTER_API_URL = 'https://my.elementor.com/api/v1/beta_tester/';
40
41	/**
42	* Init.
43	*
44	* Initialize Elementor user.
45	*
46	* @since 1.0.0
47	* @access public
48	* @static
49	*/
50	public static function init() {
51	add_action( 'wp_ajax_elementor_set_admin_notice_viewed', [ __CLASS__, 'ajax_set_admin_notice_viewed' ] );
52	add_action( 'admin_post_elementor_set_admin_notice_viewed', [ __CLASS__, 'ajax_set_admin_notice_viewed' ] );
53
54	add_action( 'elementor/ajax/register_actions', [ __CLASS__, 'register_ajax_actions' ] );
55	}
56
57	/**
58	* @since 2.1.0
59	* @access public
60	* @static
61	*/
62	public static function register_ajax_actions( Ajax $ajax ) {
63	$ajax->register_ajax_action( 'introduction_viewed', [ __CLASS__, 'set_introduction_viewed' ] );
64	$ajax->register_ajax_action( 'beta_tester_signup', [ __CLASS__, 'register_as_beta_tester' ] );
65	}
66
67	/**
68	* Is current user can edit.
69	*
70	* Whether the current user can edit the post.
71	*
72	* @since 1.0.0
73	* @access public
74	* @static
75	*
76	* @param int $post_id Optional. The post ID. Default is `0`.
77	*
78	* @return bool Whether the current user can edit the post.
79	*/
80	public static function is_current_user_can_edit( $post_id = 0 ) {
81	$post = get_post( $post_id );
82
83	if ( ! $post ) {
84	return false;
85	}
86
87	if ( 'trash' === get_post_status( $post_id ) ) {
88	return false;
89	}
90
91	if ( ! self::is_current_user_can_edit_post_type( $post->post_type ) ) {
92	return false;
93	}
94
95	$post_type_object = get_post_type_object( $post->post_type );
96
97	if ( ! isset( $post_type_object->cap->edit_post ) ) {
98	return false;
99	}
100
101	$edit_cap = $post_type_object->cap->edit_post;
102	if ( ! current_user_can( $edit_cap, $post_id ) ) {
103	return false;
104	}
105
106	if ( intval( get_option( 'page_for_posts' ) ) === $post_id ) {
107	return false;
108	}
109
110	return true;
111	}
112
113	/**
114	* Is current user can access elementor.
115	*
116	* Whether the current user role is not excluded by Elementor Settings.
117	*
118	* @since 2.1.7
119	* @access public
120	* @static
121	*
122	* @return bool True if can access, False otherwise.
123	*/
124	public static function is_current_user_in_editing_black_list() {
125	$user = wp_get_current_user();
126	$exclude_roles = get_option( 'elementor_exclude_user_roles', [] );
127
128	$compare_roles = array_intersect( $user->roles, $exclude_roles );
129	if ( ! empty( $compare_roles ) ) {
130	return false;
131	}
132
133	return true;
134	}
135
136	/**
137	* Is current user can edit post type.
138	*
139	* Whether the current user can edit the given post type.
140	*
141	* @since 1.9.0
142	* @access public
143	* @static
144	*
145	* @param string $post_type the post type slug to check.
146	*
147	* @return bool True if can edit, False otherwise.
148	*/
149	public static function is_current_user_can_edit_post_type( $post_type ) {
150	if ( ! self::is_current_user_in_editing_black_list() ) {
151	return false;
152	}
153
154	if ( ! Utils::is_post_type_support( $post_type ) ) {
155	return false;
156	}
157
158	$post_type_object = get_post_type_object( $post_type );
159
160	if ( ! current_user_can( $post_type_object->cap->edit_posts ) ) {
161	return false;
162	}
163
164	return true;
165	}
166
167	/**
168	* Get user notices.
169	*
170	* Retrieve the list of notices for the current user.
171	*
172	* @since 2.0.0
173	* @access private
174	* @static
175	*
176	* @return array A list of user notices.
177	*/
178	private static function get_user_notices() {
179	return get_user_meta( get_current_user_id(), self::ADMIN_NOTICES_KEY, true );
180	}
181
182	/**
183	* Is user notice viewed.
184	*
185	* Whether the notice was viewed by the user.
186	*
187	* @since 1.0.0
188	* @access public
189	* @static
190	*
191	* @param int $notice_id The notice ID.
192	*
193	* @return bool Whether the notice was viewed by the user.
194	*/
195	public static function is_user_notice_viewed( $notice_id ) {
196	$notices = self::get_user_notices();
197
198	if ( empty( $notices ) \|\| empty( $notices[ $notice_id ] ) ) {
199	return false;
200	}
201
202	return true;
203	}
204
205	/**
206	* Set admin notice as viewed.
207	*
208	* Flag the user admin notice as viewed using an authenticated ajax request.
209	*
210	* Fired by `wp_ajax_elementor_set_admin_notice_viewed` action.
211	*
212	* @since 1.0.0
213	* @access public
214	* @static
215	*/
216	public static function ajax_set_admin_notice_viewed() {
217	if ( empty( $_REQUEST['notice_id'] ) ) {
218	wp_die();
219	}
220
221	$notices = self::get_user_notices();
222	if ( empty( $notices ) ) {
223	$notices = [];
224	}
225
226	$notices[ $_REQUEST['notice_id'] ] = 'true';
227	update_user_meta( get_current_user_id(), self::ADMIN_NOTICES_KEY, $notices );
228
229	if ( ! wp_doing_ajax() ) {
230	wp_safe_redirect( admin_url() );
231	die;
232	}
233
234	wp_die();
235	}
236
237	/**
238	* @since 2.1.0
239	* @access public
240	* @static
241	*/
242	public static function set_introduction_viewed( array $data ) {
243	$user_introduction_meta = self::get_introduction_meta();
244
245	$user_introduction_meta[ $data['introductionKey'] ] = true;
246
247	update_user_meta( get_current_user_id(), self::INTRODUCTION_KEY, $user_introduction_meta );
248	}
249
250	public static function register_as_beta_tester( array $data ) {
251	update_user_meta( get_current_user_id(), self::BETA_TESTER_META_KEY, true );
252	$response = wp_safe_remote_post(
253	self::BETA_TESTER_API_URL,
254	[
255	'timeout' => 25,
256	'body' => [
257	'api_version' => ELEMENTOR_VERSION,
258	'site_lang' => get_bloginfo( 'language' ),
259	'beta_tester_email' => $data['betaTesterEmail'],
260	],
261	]
262	);
263
264	$response_code = (int) wp_remote_retrieve_response_code( $response );
265
266	if ( 200 === $response_code ) {
267	self::set_introduction_viewed( [
268	'introductionKey' => Beta_Testers::BETA_TESTER_SIGNUP,
269	] );
270	}
271	}
272
273	/**
274	* @param string $key
275	*
276	* @return array\|mixed\|string
277	* @since 2.1.0
278	* @access public
279	* @static
280	*/
281	public static function get_introduction_meta( $key = '' ) {
282	$user_introduction_meta = get_user_meta( get_current_user_id(), self::INTRODUCTION_KEY, true );
283
284	if ( ! $user_introduction_meta ) {
285	$user_introduction_meta = [];
286	}
287
288	if ( $key ) {
289	return empty( $user_introduction_meta[ $key ] ) ? '' : $user_introduction_meta[ $key ];
290	}
291
292	return $user_introduction_meta;
293	}
294	}
295