PluginProbe ʕ •ᴥ•ʔ
GiveWP – Donation Plugin and Fundraising Platform / 3.19.4
GiveWP – Donation Plugin and Fundraising Platform v3.19.4
4.16.2 4.16.1 4.16.0 4.15.5 4.15.4 4.15.3 4.15.2 4.15.1 4.15.0 2.3.0 2.3.1 2.3.2 2.30.0 2.31.0 2.31.1 2.32.0 2.33.0 2.33.1 2.33.2 2.33.3 2.33.4 2.33.5 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.5.0 2.5.1 2.5.10 2.5.11 2.5.12 2.5.13 2.5.2 2.5.3 2.5.4 2.5.5 2.5.6 2.5.7 2.5.8 2.5.9 2.6.0 2.6.1 2.6.2 2.6.3 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.8.0 2.8.1 2.9.0 2.9.1 2.9.2 2.9.3 2.9.4 2.9.5 2.9.6 2.9.7 3.0.0 3.0.1 3.0.2 3.0.3 3.0.4 3.1.0 3.1.1 3.1.2 3.10.0 3.11.0 3.12.0 3.12.1 3.12.2 3.12.3 3.13.0 3.14.0 3.14.1 3.14.2 3.15.0 3.15.1 3.16.0 3.16.1 3.16.2 3.16.3 3.16.4 3.16.5 3.17.0 3.17.1 3.17.2 3.18.0 3.19.0 3.19.1 3.19.2 3.19.3 3.19.4 3.2.0 3.2.1 3.2.2 3.20.0 3.21.0 3.21.1 3.22.0 3.22.1 3.22.2 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.5.1 3.6.0 3.6.1 3.6.2 3.7.0 3.8.0 3.9.0 4.0.0 4.1.0 4.1.1 4.10.0 4.10.1 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.14.5 4.14.6 4.2.0 4.2.1 4.3.0 4.3.1 4.3.2 4.4.0 4.5.0 4.6.1 4.7.0 4.7.1 4.8.0 4.8.1 4.9.0 trunk 1.9.0 2.0.0 2.0.1 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.10.0 2.10.1 2.10.2 2.10.3 2.10.4 2.11.0 2.11.1 2.11.2 2.11.3 2.12.0 2.12.1 2.12.2 2.12.3 2.13.0 2.13.1 2.13.2 2.13.3 2.13.4 2.14.0 2.15.0 2.16.0 2.16.1 2.17.0 2.17.1 2.17.3 2.18.0 2.18.1 2.19.1 2.19.2 2.19.3 2.19.4 2.19.5 2.19.6 2.19.7 2.19.8 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.2.5 2.2.6 2.20.0 2.20.1 2.20.2 2.21.0 2.21.1 2.21.2 2.21.3 2.21.4 2.22.0 2.22.1 2.22.2 2.22.3 2.23.0 2.23.1 2.23.2 2.24.0 2.24.1 2.24.2 2.25.0 2.25.1 2.25.2 2.25.3 2.26.0 2.27.0 2.27.1 2.27.2 2.27.3 2.28.0 2.29.0 2.29.1 2.29.2
give / includes / class-give-roles.php
give / includes Last commit date
admin 1 year ago api 3 years ago database 2 years ago deprecated 3 years ago donors 1 year ago emails 3 years ago forms 1 year ago frontend 6 years ago gateways 1 year ago libraries 2 years ago payments 1 year ago actions.php 5 years ago ajax-functions.php 2 years ago class-give-async-process.php 1 year ago class-give-background-updater.php 2 years ago class-give-cache-setting.php 2 years ago class-give-cache.php 3 years ago class-give-cli-commands.php 3 years ago class-give-comment.php 6 years ago class-give-cron.php 6 years ago class-give-donate-form.php 1 year ago class-give-donor.php 2 years ago class-give-email-access.php 5 years ago class-give-license-handler.php 1 year ago class-give-logging.php 5 years ago class-give-readme-parser.php 4 years ago class-give-roles.php 6 years ago class-give-scripts.php 2 years ago class-give-session.php 5 years ago class-give-stats.php 6 years ago class-give-template-loader.php 6 years ago class-give-tooltips.php 6 years ago class-give-translation.php 4 years ago class-notices.php 2 years ago country-functions.php 1 year ago currencies-list.php 3 years ago currency-functions.php 3 years ago error-tracking.php 6 years ago filters.php 3 years ago formatting.php 1 year ago install.php 2 years ago login-register.php 2 years ago misc-functions.php 1 year ago plugin-compatibility.php 6 years ago post-types.php 1 year ago price-functions.php 6 years ago process-donation.php 1 year ago setting-functions.php 6 years ago shortcodes.php 1 year ago template-functions.php 4 years ago user-functions.php 3 years ago
class-give-roles.php
371 lines
1 <?php
2 /**
3 * Roles and Capabilities
4 *
5 * @package Give
6 * @subpackage Classes/Give_Roles
7 * @copyright Copyright (c) 2016, GiveWP
8 * @license https://opensource.org/licenses/gpl-license GNU Public License
9 * @since 1.0
10 */
11
12 // Exit if accessed directly.
13 if ( ! defined( 'ABSPATH' ) ) {
14 exit;
15 }
16
17 /**
18 * Give_Roles Class
19 *
20 * This class handles the role creation and assignment of capabilities for those roles.
21 *
22 * These roles let us have Give Accountants, Give Workers, etc, each of whom can do
23 * certain things within the plugin.
24 *
25 * @since 1.0
26 */
27 class Give_Roles {
28
29 /**
30 * Class Constructor
31 *
32 * Set up the Give Roles Class.
33 *
34 * @since 1.0
35 * @access public
36 */
37 public function __construct() {
38 add_filter( 'give_map_meta_cap', array( $this, 'meta_caps' ), 10, 4 );
39 add_filter( 'woocommerce_disable_admin_bar', array( $this, 'manage_admin_dashboard' ), 10, 1 );
40 add_filter( 'woocommerce_prevent_admin_access', array( $this, 'manage_admin_dashboard' ), 10 );
41 }
42
43 /**
44 * Add Roles
45 *
46 * Add new shop roles with default WordPress capabilities.
47 *
48 * @since 1.0
49 * @access public
50 *
51 * @return void
52 */
53 public function add_roles() {
54 add_role(
55 'give_manager',
56 __( 'GiveWP Manager', 'give' ),
57 array(
58 'read' => true,
59 'edit_posts' => true,
60 'delete_posts' => true,
61 'unfiltered_html' => true,
62 'upload_files' => true,
63 'export' => false,
64 'import' => false,
65 'delete_others_pages' => false,
66 'delete_others_posts' => false,
67 'delete_pages' => true,
68 'delete_private_pages' => true,
69 'delete_private_posts' => true,
70 'delete_published_pages' => true,
71 'delete_published_posts' => true,
72 'edit_others_pages' => false,
73 'edit_others_posts' => false,
74 'edit_pages' => true,
75 'edit_private_pages' => true,
76 'edit_private_posts' => true,
77 'edit_published_pages' => true,
78 'edit_published_posts' => true,
79 'manage_categories' => false,
80 'manage_links' => true,
81 'moderate_comments' => true,
82 'publish_pages' => true,
83 'publish_posts' => true,
84 'read_private_pages' => true,
85 'read_private_posts' => true,
86 )
87 );
88
89 add_role(
90 'give_accountant',
91 __( 'GiveWP Accountant', 'give' ),
92 array(
93 'read' => true,
94 'edit_posts' => false,
95 'delete_posts' => false,
96 )
97 );
98
99 add_role(
100 'give_worker',
101 __( 'GiveWP Worker', 'give' ),
102 array(
103 'read' => true,
104 'edit_posts' => true,
105 'edit_pages' => true,
106 'upload_files' => true,
107 'delete_posts' => false,
108 )
109 );
110
111 add_role(
112 'give_donor',
113 __( 'GiveWP Donor', 'give' ),
114 array(
115 'read' => true,
116 )
117 );
118
119 }
120
121 /**
122 * Add Capabilities
123 *
124 * Add new shop-specific capabilities.
125 *
126 * @since 1.0
127 * @access public
128 *
129 * @global WP_Roles $wp_roles
130 *
131 * @return void
132 */
133 public function add_caps() {
134 global $wp_roles;
135
136 if ( class_exists( 'WP_Roles' ) ) {
137 if ( ! isset( $wp_roles ) ) {
138 $wp_roles = new WP_Roles();
139 }
140 }
141
142 if ( is_object( $wp_roles ) ) {
143 $wp_roles->add_cap( 'give_manager', 'view_give_reports' );
144 $wp_roles->add_cap( 'give_manager', 'view_give_sensitive_data' );
145 $wp_roles->add_cap( 'give_manager', 'export_give_reports' );
146 $wp_roles->add_cap( 'give_manager', 'manage_give_settings' );
147 $wp_roles->add_cap( 'give_manager', 'view_give_payments' );
148
149 $wp_roles->add_cap( 'administrator', 'view_give_reports' );
150 $wp_roles->add_cap( 'administrator', 'view_give_sensitive_data' );
151 $wp_roles->add_cap( 'administrator', 'export_give_reports' );
152 $wp_roles->add_cap( 'administrator', 'manage_give_settings' );
153 $wp_roles->add_cap( 'administrator', 'view_give_payments' );
154
155 // Add the main post type capabilities.
156 $capabilities = $this->get_core_caps();
157 foreach ( $capabilities as $cap_group ) {
158 foreach ( $cap_group as $cap ) {
159 $wp_roles->add_cap( 'administrator', $cap );
160 $wp_roles->add_cap( 'give_manager', $cap );
161 }
162 }
163
164 // Add Capabilities to Give Workers User Role.
165 $wp_roles->add_cap( 'give_worker', 'edit_give_payments' );
166 $wp_roles->add_cap( 'give_worker', 'delete_give_forms' );
167 $wp_roles->add_cap( 'give_worker', 'delete_others_give_forms' );
168 $wp_roles->add_cap( 'give_worker', 'delete_private_give_forms' );
169 $wp_roles->add_cap( 'give_worker', 'delete_published_give_forms' );
170 $wp_roles->add_cap( 'give_worker', 'edit_give_forms' );
171 $wp_roles->add_cap( 'give_worker', 'edit_others_give_forms' );
172 $wp_roles->add_cap( 'give_worker', 'edit_private_give_forms' );
173 $wp_roles->add_cap( 'give_worker', 'edit_published_give_forms' );
174 $wp_roles->add_cap( 'give_worker', 'publish_give_forms' );
175 $wp_roles->add_cap( 'give_worker', 'read_private_give_forms' );
176
177 // Add Capabilities to Give Accountant User Role.
178 $wp_roles->add_cap( 'give_accountant', 'edit_give_forms' );
179 $wp_roles->add_cap( 'give_accountant', 'read_private_give_forms' );
180 $wp_roles->add_cap( 'give_accountant', 'view_give_reports' );
181 $wp_roles->add_cap( 'give_accountant', 'export_give_reports' );
182 $wp_roles->add_cap( 'give_accountant', 'edit_give_payments' );
183 $wp_roles->add_cap( 'give_accountant', 'view_give_payments' );
184
185 }
186 }
187
188 /**
189 * Get Core Capabilities
190 *
191 * Retrieve core post type capabilities.
192 *
193 * @since 1.0
194 * @access public
195 *
196 * @return array $capabilities Core post type capabilities.
197 */
198 public function get_core_caps() {
199 $capabilities = array();
200
201 $capability_types = array( 'give_form', 'give_payment' );
202
203 foreach ( $capability_types as $capability_type ) {
204 $capabilities[ $capability_type ] = array(
205 // Post type.
206 "edit_{$capability_type}s",
207 "edit_others_{$capability_type}s",
208 "publish_{$capability_type}s",
209 "read_private_{$capability_type}s",
210 "delete_{$capability_type}s",
211 "delete_private_{$capability_type}s",
212 "delete_published_{$capability_type}s",
213 "delete_others_{$capability_type}s",
214 "edit_private_{$capability_type}s",
215 "edit_published_{$capability_type}s",
216
217 // Terms / taxonomies.
218 "manage_{$capability_type}_terms",
219 "edit_{$capability_type}_terms",
220 "delete_{$capability_type}_terms",
221 "assign_{$capability_type}_terms",
222
223 // Custom capabilities.
224 "view_{$capability_type}_stats",
225 "import_{$capability_type}s",
226 );
227 }
228
229 return $capabilities;
230 }
231
232 /**
233 * Meta Capabilities
234 *
235 * Map meta capabilities to primitive capabilities.
236 *
237 * @since 1.0
238 * @access public
239 *
240 * @param array $caps Returns the user's actual capabilities.
241 * @param string $cap Capability name.
242 * @param int $user_id The user ID.
243 * @param array $args Adds the context to the cap. Typically the object ID.
244 *
245 * @return array $caps Meta capabilities.
246 */
247 public function meta_caps( $caps, $cap, $user_id, $args ) {
248
249 switch ( $cap ) {
250
251 case 'view_give_form_stats':
252 if ( empty( $args[0] ) ) {
253 break;
254 }
255
256 $form = get_post( $args[0] );
257 if ( empty( $form ) ) {
258 break;
259 }
260
261 if ( user_can( $user_id, 'view_give_reports' ) || $user_id == $form->post_author ) {
262 $caps = array();
263 }
264
265 break;
266 }
267
268 return $caps;
269
270 }
271
272 /**
273 * Remove Capabilities
274 *
275 * Remove core post type capabilities (called on uninstall).
276 *
277 * @since 1.0
278 * @access public
279 *
280 * @global WP_Roles $wp_roles
281 *
282 * @return void
283 */
284 public function remove_caps() {
285
286 global $wp_roles;
287
288 if ( class_exists( 'WP_Roles' ) ) {
289 if ( ! isset( $wp_roles ) ) {
290 $wp_roles = new WP_Roles();
291 }
292 }
293
294 if ( is_object( $wp_roles ) ) {
295 // Give Manager Capabilities.
296 $wp_roles->remove_cap( 'give_manager', 'view_give_reports' );
297 $wp_roles->remove_cap( 'give_manager', 'view_give_sensitive_data' );
298 $wp_roles->remove_cap( 'give_manager', 'export_give_reports' );
299 $wp_roles->remove_cap( 'give_manager', 'manage_give_settings' );
300
301 // Site Administrator Capabilities.
302 $wp_roles->remove_cap( 'administrator', 'view_give_reports' );
303 $wp_roles->remove_cap( 'administrator', 'view_give_sensitive_data' );
304 $wp_roles->remove_cap( 'administrator', 'export_give_reports' );
305 $wp_roles->remove_cap( 'administrator', 'manage_give_settings' );
306 $wp_roles->remove_cap( 'administrator', 'view_give_payments' );
307
308 // Remove the Main Post Type Capabilities.
309 $capabilities = $this->get_core_caps();
310
311 foreach ( $capabilities as $cap_group ) {
312 foreach ( $cap_group as $cap ) {
313 $wp_roles->remove_cap( 'give_manager', $cap );
314 $wp_roles->remove_cap( 'administrator', $cap );
315
316 }
317 }
318
319 // Remove capabilities from the Give Worker role.
320 $wp_roles->remove_cap( 'give_worker', 'edit_give_payments' );
321 $wp_roles->remove_cap( 'give_worker', 'delete_give_forms' );
322 $wp_roles->remove_cap( 'give_worker', 'delete_others_give_forms' );
323 $wp_roles->remove_cap( 'give_worker', 'delete_private_give_forms' );
324 $wp_roles->remove_cap( 'give_worker', 'delete_published_give_forms' );
325 $wp_roles->remove_cap( 'give_worker', 'edit_give_forms' );
326 $wp_roles->remove_cap( 'give_worker', 'edit_others_give_forms' );
327 $wp_roles->remove_cap( 'give_worker', 'edit_private_give_forms' );
328 $wp_roles->remove_cap( 'give_worker', 'edit_published_give_forms' );
329 $wp_roles->remove_cap( 'give_worker', 'publish_give_forms' );
330 $wp_roles->remove_cap( 'give_worker', 'read_private_give_forms' );
331
332 // Remove Capabilities from Give Accountant User Role.
333 $wp_roles->remove_cap( 'give_accountant', 'edit_give_forms' );
334 $wp_roles->remove_cap( 'give_accountant', 'read_private_give_forms' );
335 $wp_roles->remove_cap( 'give_accountant', 'view_give_reports' );
336 $wp_roles->remove_cap( 'give_accountant', 'export_give_reports' );
337 $wp_roles->remove_cap( 'give_accountant', 'edit_give_payments' );
338 $wp_roles->remove_cap( 'give_accountant', 'view_give_payments' );
339
340 }
341 }
342
343 /**
344 * Allow admin dashboard to User with Give Accountant Role.
345 *
346 * Note: WooCommerce doesn't allow the user to access the WP dashboard who holds "Give Accountant" role.
347 *
348 * @since 1.8.14
349 * @updated 1.8.18 - Fixed Give conflicting by not returning $show_admin_bar https://github.com/impress-org/give/issues/2539
350 *
351 * @param bool
352 *
353 * @return bool
354 */
355 public function manage_admin_dashboard( $show_admin_bar ) {
356
357 // Get the current logged user.
358 $current_user = wp_get_current_user();
359
360 // If user with "Give Accountant" user role is logged-in .
361 if ( 0 !== $current_user->ID && in_array( 'give_accountant', (array) $current_user->roles, true ) ) {
362
363 // Return false, means no prevention.
364 return false;
365 }
366
367 return $show_admin_bar;
368
369 }
370 }
371