PluginProbe ʕ •ᴥ•ʔ
GiveWP – Donation Plugin and Fundraising Platform / 2.2.1
GiveWP – Donation Plugin and Fundraising Platform v2.2.1
4.16.2 4.16.1 4.16.0 4.15.5 4.15.4 4.15.3 4.15.2 4.15.1 4.15.0 2.3.0 2.3.1 2.3.2 2.30.0 2.31.0 2.31.1 2.32.0 2.33.0 2.33.1 2.33.2 2.33.3 2.33.4 2.33.5 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.5.0 2.5.1 2.5.10 2.5.11 2.5.12 2.5.13 2.5.2 2.5.3 2.5.4 2.5.5 2.5.6 2.5.7 2.5.8 2.5.9 2.6.0 2.6.1 2.6.2 2.6.3 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.8.0 2.8.1 2.9.0 2.9.1 2.9.2 2.9.3 2.9.4 2.9.5 2.9.6 2.9.7 3.0.0 3.0.1 3.0.2 3.0.3 3.0.4 3.1.0 3.1.1 3.1.2 3.10.0 3.11.0 3.12.0 3.12.1 3.12.2 3.12.3 3.13.0 3.14.0 3.14.1 3.14.2 3.15.0 3.15.1 3.16.0 3.16.1 3.16.2 3.16.3 3.16.4 3.16.5 3.17.0 3.17.1 3.17.2 3.18.0 3.19.0 3.19.1 3.19.2 3.19.3 3.19.4 3.2.0 3.2.1 3.2.2 3.20.0 3.21.0 3.21.1 3.22.0 3.22.1 3.22.2 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.5.1 3.6.0 3.6.1 3.6.2 3.7.0 3.8.0 3.9.0 4.0.0 4.1.0 4.1.1 4.10.0 4.10.1 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.14.5 4.14.6 4.2.0 4.2.1 4.3.0 4.3.1 4.3.2 4.4.0 4.5.0 4.6.1 4.7.0 4.7.1 4.8.0 4.8.1 4.9.0 trunk 1.9.0 2.0.0 2.0.1 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.10.0 2.10.1 2.10.2 2.10.3 2.10.4 2.11.0 2.11.1 2.11.2 2.11.3 2.12.0 2.12.1 2.12.2 2.12.3 2.13.0 2.13.1 2.13.2 2.13.3 2.13.4 2.14.0 2.15.0 2.16.0 2.16.1 2.17.0 2.17.1 2.17.3 2.18.0 2.18.1 2.19.1 2.19.2 2.19.3 2.19.4 2.19.5 2.19.6 2.19.7 2.19.8 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.2.5 2.2.6 2.20.0 2.20.1 2.20.2 2.21.0 2.21.1 2.21.2 2.21.3 2.21.4 2.22.0 2.22.1 2.22.2 2.22.3 2.23.0 2.23.1 2.23.2 2.24.0 2.24.1 2.24.2 2.25.0 2.25.1 2.25.2 2.25.3 2.26.0 2.27.0 2.27.1 2.27.2 2.27.3 2.28.0 2.29.0 2.29.1 2.29.2
give / includes / class-give-roles.php
give / includes Last commit date
admin 7 years ago api 7 years ago deprecated 7 years ago donors 7 years ago emails 7 years ago forms 7 years ago gateways 7 years ago libraries 7 years ago payments 7 years ago actions.php 7 years ago ajax-functions.php 7 years ago class-give-async-process.php 8 years ago class-give-background-updater.php 7 years ago class-give-cache.php 7 years ago class-give-cli-commands.php 8 years ago class-give-comment.php 7 years ago class-give-cron.php 8 years ago class-give-db-donor-meta.php 8 years ago class-give-db-donors.php 7 years ago class-give-db-form-meta.php 8 years ago class-give-db-logs-meta.php 8 years ago class-give-db-logs.php 7 years ago class-give-db-meta.php 7 years ago class-give-db-payment-meta.php 7 years ago class-give-db-sequential-ordering.php 7 years ago class-give-db-sessions.php 7 years ago class-give-db.php 8 years ago class-give-donate-form.php 8 years ago class-give-donor-wall-widget.php 7 years ago class-give-donor.php 7 years ago class-give-email-access.php 8 years ago class-give-html-elements.php 7 years ago class-give-license-handler.php 7 years ago class-give-logging.php 8 years ago class-give-readme-parser.php 8 years ago class-give-roles.php 8 years ago class-give-scripts.php 7 years ago class-give-session.php 7 years ago class-give-stats.php 8 years ago class-give-template-loader.php 8 years ago class-give-tooltips.php 8 years ago class-give-translation.php 8 years ago class-notices.php 7 years ago country-functions.php 8 years ago currency-functions.php 7 years ago error-tracking.php 8 years ago filters.php 7 years ago formatting.php 7 years ago import-functions.php 7 years ago install.php 7 years ago login-register.php 8 years ago misc-functions.php 7 years ago plugin-compatibility.php 8 years ago post-types.php 8 years ago price-functions.php 7 years ago process-donation.php 7 years ago shortcodes.php 7 years ago template-functions.php 8 years ago user-functions.php 7 years ago
class-give-roles.php
359 lines
1 <?php
2 /**
3 * Roles and Capabilities
4 *
5 * @package Give
6 * @subpackage Classes/Give_Roles
7 * @copyright Copyright (c) 2016, WordImpress
8 * @license https://opensource.org/licenses/gpl-license GNU Public License
9 * @since 1.0
10 */
11
12 // Exit if accessed directly.
13 if ( ! defined( 'ABSPATH' ) ) {
14 exit;
15 }
16
17 /**
18 * Give_Roles Class
19 *
20 * This class handles the role creation and assignment of capabilities for those roles.
21 *
22 * These roles let us have Give Accountants, Give Workers, etc, each of whom can do
23 * certain things within the plugin.
24 *
25 * @since 1.0
26 */
27 class Give_Roles {
28
29 /**
30 * Class Constructor
31 *
32 * Set up the Give Roles Class.
33 *
34 * @since 1.0
35 * @access public
36 */
37 public function __construct() {
38 add_filter( 'give_map_meta_cap', array( $this, 'meta_caps' ), 10, 4 );
39 add_filter( 'woocommerce_disable_admin_bar', array( $this, 'manage_admin_dashboard' ), 10, 1 );
40 add_filter( 'woocommerce_prevent_admin_access', array( $this, 'manage_admin_dashboard' ), 10 );
41 }
42
43 /**
44 * Add Roles
45 *
46 * Add new shop roles with default WordPress capabilities.
47 *
48 * @since 1.0
49 * @access public
50 *
51 * @return void
52 */
53 public function add_roles() {
54 add_role( 'give_manager', __( 'Give Manager', 'give' ), array(
55 'read' => true,
56 'edit_posts' => true,
57 'delete_posts' => true,
58 'unfiltered_html' => true,
59 'upload_files' => true,
60 'export' => false,
61 'import' => false,
62 'delete_others_pages' => false,
63 'delete_others_posts' => false,
64 'delete_pages' => true,
65 'delete_private_pages' => true,
66 'delete_private_posts' => true,
67 'delete_published_pages' => true,
68 'delete_published_posts' => true,
69 'edit_others_pages' => false,
70 'edit_others_posts' => false,
71 'edit_pages' => true,
72 'edit_private_pages' => true,
73 'edit_private_posts' => true,
74 'edit_published_pages' => true,
75 'edit_published_posts' => true,
76 'manage_categories' => false,
77 'manage_links' => true,
78 'moderate_comments' => true,
79 'publish_pages' => true,
80 'publish_posts' => true,
81 'read_private_pages' => true,
82 'read_private_posts' => true,
83 ) );
84
85 add_role( 'give_accountant', __( 'Give Accountant', 'give' ), array(
86 'read' => true,
87 'edit_posts' => false,
88 'delete_posts' => false,
89 ) );
90
91 add_role( 'give_worker', __( 'Give Worker', 'give' ), array(
92 'read' => true,
93 'edit_posts' => true,
94 'edit_pages' => true,
95 'upload_files' => true,
96 'delete_posts' => false,
97 ) );
98
99 add_role( 'give_donor', __( 'Give Donor', 'give' ), array(
100 'read' => true,
101 ) );
102
103 }
104
105 /**
106 * Add Capabilities
107 *
108 * Add new shop-specific capabilities.
109 *
110 * @since 1.0
111 * @access public
112 *
113 * @global WP_Roles $wp_roles
114 *
115 * @return void
116 */
117 public function add_caps() {
118 global $wp_roles;
119
120 if ( class_exists( 'WP_Roles' ) ) {
121 if ( ! isset( $wp_roles ) ) {
122 $wp_roles = new WP_Roles();
123 }
124 }
125
126 if ( is_object( $wp_roles ) ) {
127 $wp_roles->add_cap( 'give_manager', 'view_give_reports' );
128 $wp_roles->add_cap( 'give_manager', 'view_give_sensitive_data' );
129 $wp_roles->add_cap( 'give_manager', 'export_give_reports' );
130 $wp_roles->add_cap( 'give_manager', 'manage_give_settings' );
131 $wp_roles->add_cap( 'give_manager', 'view_give_payments' );
132
133 $wp_roles->add_cap( 'administrator', 'view_give_reports' );
134 $wp_roles->add_cap( 'administrator', 'view_give_sensitive_data' );
135 $wp_roles->add_cap( 'administrator', 'export_give_reports' );
136 $wp_roles->add_cap( 'administrator', 'manage_give_settings' );
137 $wp_roles->add_cap( 'administrator', 'view_give_payments' );
138
139 // Add the main post type capabilities.
140 $capabilities = $this->get_core_caps();
141 foreach ( $capabilities as $cap_group ) {
142 foreach ( $cap_group as $cap ) {
143 $wp_roles->add_cap( 'administrator', $cap );
144 $wp_roles->add_cap( 'give_manager', $cap );
145 }
146 }
147
148 // Add Capabilities to Give Workers User Role.
149 $wp_roles->add_cap( 'give_worker', 'edit_give_payments' );
150 $wp_roles->add_cap( 'give_worker', 'delete_give_forms' );
151 $wp_roles->add_cap( 'give_worker', 'delete_others_give_forms' );
152 $wp_roles->add_cap( 'give_worker', 'delete_private_give_forms' );
153 $wp_roles->add_cap( 'give_worker', 'delete_published_give_forms' );
154 $wp_roles->add_cap( 'give_worker', 'edit_give_forms' );
155 $wp_roles->add_cap( 'give_worker', 'edit_others_give_forms' );
156 $wp_roles->add_cap( 'give_worker', 'edit_private_give_forms' );
157 $wp_roles->add_cap( 'give_worker', 'edit_published_give_forms' );
158 $wp_roles->add_cap( 'give_worker', 'publish_give_forms' );
159 $wp_roles->add_cap( 'give_worker', 'read_private_give_forms' );
160
161 // Add Capabilities to Give Accountant User Role.
162 $wp_roles->add_cap( 'give_accountant', 'edit_give_forms' );
163 $wp_roles->add_cap( 'give_accountant', 'read_private_give_forms' );
164 $wp_roles->add_cap( 'give_accountant', 'view_give_reports' );
165 $wp_roles->add_cap( 'give_accountant', 'export_give_reports' );
166 $wp_roles->add_cap( 'give_accountant', 'edit_give_payments' );
167 $wp_roles->add_cap( 'give_accountant', 'view_give_payments' );
168
169 }
170 }
171
172 /**
173 * Get Core Capabilities
174 *
175 * Retrieve core post type capabilities.
176 *
177 * @since 1.0
178 * @access public
179 *
180 * @return array $capabilities Core post type capabilities.
181 */
182 public function get_core_caps() {
183 $capabilities = array();
184
185 $capability_types = array( 'give_form', 'give_payment' );
186
187 foreach ( $capability_types as $capability_type ) {
188 $capabilities[ $capability_type ] = array(
189 // Post type.
190 "edit_{$capability_type}",
191 "read_{$capability_type}",
192 "delete_{$capability_type}",
193 "edit_{$capability_type}s",
194 "edit_others_{$capability_type}s",
195 "publish_{$capability_type}s",
196 "read_private_{$capability_type}s",
197 "delete_{$capability_type}s",
198 "delete_private_{$capability_type}s",
199 "delete_published_{$capability_type}s",
200 "delete_others_{$capability_type}s",
201 "edit_private_{$capability_type}s",
202 "edit_published_{$capability_type}s",
203
204 // Terms / taxonomies.
205 "manage_{$capability_type}_terms",
206 "edit_{$capability_type}_terms",
207 "delete_{$capability_type}_terms",
208 "assign_{$capability_type}_terms",
209
210 // Custom capabilities.
211 "view_{$capability_type}_stats",
212 "import_{$capability_type}s",
213 );
214 }
215
216 return $capabilities;
217 }
218
219 /**
220 * Meta Capabilities
221 *
222 * Map meta capabilities to primitive capabilities.
223 *
224 * @since 1.0
225 * @access public
226 *
227 * @param array $caps Returns the user's actual capabilities.
228 * @param string $cap Capability name.
229 * @param int $user_id The user ID.
230 * @param array $args Adds the context to the cap. Typically the object ID.
231 *
232 * @return array $caps Meta capabilities.
233 */
234 public function meta_caps( $caps, $cap, $user_id, $args ) {
235
236 switch ( $cap ) {
237
238 case 'view_give_form_stats' :
239
240 if ( empty( $args[0] ) ) {
241 break;
242 }
243
244 $form = get_post( $args[0] );
245 if ( empty( $form ) ) {
246 break;
247 }
248
249 if ( user_can( $user_id, 'view_give_reports' ) || $user_id == $form->post_author ) {
250 $caps = array();
251 }
252
253 break;
254 }
255
256 return $caps;
257
258 }
259
260 /**
261 * Remove Capabilities
262 *
263 * Remove core post type capabilities (called on uninstall).
264 *
265 * @since 1.0
266 * @access public
267 *
268 * @global WP_Roles $wp_roles
269 *
270 * @return void
271 */
272 public function remove_caps() {
273
274 global $wp_roles;
275
276 if ( class_exists( 'WP_Roles' ) ) {
277 if ( ! isset( $wp_roles ) ) {
278 $wp_roles = new WP_Roles();
279 }
280 }
281
282 if ( is_object( $wp_roles ) ) {
283 // Give Manager Capabilities.
284 $wp_roles->remove_cap( 'give_manager', 'view_give_reports' );
285 $wp_roles->remove_cap( 'give_manager', 'view_give_sensitive_data' );
286 $wp_roles->remove_cap( 'give_manager', 'export_give_reports' );
287 $wp_roles->remove_cap( 'give_manager', 'manage_give_settings' );
288
289 // Site Administrator Capabilities.
290 $wp_roles->remove_cap( 'administrator', 'view_give_reports' );
291 $wp_roles->remove_cap( 'administrator', 'view_give_sensitive_data' );
292 $wp_roles->remove_cap( 'administrator', 'export_give_reports' );
293 $wp_roles->remove_cap( 'administrator', 'manage_give_settings' );
294 $wp_roles->remove_cap( 'administrator', 'view_give_payments' );
295
296 // Remove the Main Post Type Capabilities.
297 $capabilities = $this->get_core_caps();
298
299 foreach ( $capabilities as $cap_group ) {
300 foreach ( $cap_group as $cap ) {
301 $wp_roles->remove_cap( 'give_manager', $cap );
302 $wp_roles->remove_cap( 'administrator', $cap );
303
304 }
305 }
306
307 // Remove capabilities from the Give Worker role.
308 $wp_roles->remove_cap( 'give_worker', 'edit_give_payments' );
309 $wp_roles->remove_cap( 'give_worker', 'delete_give_forms' );
310 $wp_roles->remove_cap( 'give_worker', 'delete_others_give_forms' );
311 $wp_roles->remove_cap( 'give_worker', 'delete_private_give_forms' );
312 $wp_roles->remove_cap( 'give_worker', 'delete_published_give_forms' );
313 $wp_roles->remove_cap( 'give_worker', 'edit_give_forms' );
314 $wp_roles->remove_cap( 'give_worker', 'edit_others_give_forms' );
315 $wp_roles->remove_cap( 'give_worker', 'edit_private_give_forms' );
316 $wp_roles->remove_cap( 'give_worker', 'edit_published_give_forms' );
317 $wp_roles->remove_cap( 'give_worker', 'publish_give_forms' );
318 $wp_roles->remove_cap( 'give_worker', 'read_private_give_forms' );
319
320 // Remove Capabilities from Give Accountant User Role.
321 $wp_roles->remove_cap( 'give_accountant', 'edit_give_forms' );
322 $wp_roles->remove_cap( 'give_accountant', 'read_private_give_forms' );
323 $wp_roles->remove_cap( 'give_accountant', 'view_give_reports' );
324 $wp_roles->remove_cap( 'give_accountant', 'export_give_reports' );
325 $wp_roles->remove_cap( 'give_accountant', 'edit_give_payments' );
326 $wp_roles->remove_cap( 'give_accountant', 'view_give_payments' );
327
328 }
329 }
330
331 /**
332 * Allow admin dashboard to User with Give Accountant Role.
333 *
334 * Note: WooCommerce doesn't allow the user to access the WP dashboard who holds "Give Accountant" role.
335 *
336 * @since 1.8.14
337 * @updated 1.8.18 - Fixed Give conflicting by not returning $show_admin_bar https://github.com/WordImpress/Give/issues/2539
338 *
339 * @param bool
340 *
341 * @return bool
342 */
343 public function manage_admin_dashboard($show_admin_bar) {
344
345 // Get the current logged user.
346 $current_user = wp_get_current_user();
347
348 // If user with "Give Accountant" user role is logged-in .
349 if ( 0 !== $current_user->ID && in_array( 'give_accountant', (array) $current_user->roles, true ) ) {
350
351 // Return false, means no prevention.
352 return false;
353 }
354
355 return $show_admin_bar;
356
357 }
358 }
359