class-settings-addons.php
4 months ago
class-settings-base.php
5 months ago
class-settings-builder.php
5 months ago
class-settings-capabilities.php
5 months ago
class-settings-folders.php
4 months ago
class-settings-galleries.php
5 months ago
class-settings-general.php
5 months ago
class-settings-licenses.php
4 months ago
class-settings-lightboxes.php
4 months ago
class-settings-remote-library.php
5 months ago
class-settings-capabilities.php
210 lines
| 1 | <?php |
| 2 | /** |
| 3 | * Responsive Lightbox Capabilities Settings |
| 4 | * |
| 5 | * Manages the Capabilities settings tab using the Settings API. |
| 6 | * |
| 7 | * @package responsive-lightbox |
| 8 | */ |
| 9 | |
| 10 | // exit if accessed directly |
| 11 | if ( ! defined( 'ABSPATH' ) ) |
| 12 | exit; |
| 13 | |
| 14 | /** |
| 15 | * Responsive Lightbox Capabilities Settings class. |
| 16 | * |
| 17 | * @class Responsive_Lightbox_Settings_Capabilities |
| 18 | */ |
| 19 | class Responsive_Lightbox_Settings_Capabilities extends Responsive_Lightbox_Settings_Base { |
| 20 | |
| 21 | /** |
| 22 | * Tab key identifier. |
| 23 | */ |
| 24 | const TAB_KEY = 'capabilities'; |
| 25 | |
| 26 | /** |
| 27 | * Get priority for settings data filter. |
| 28 | * |
| 29 | * @return int |
| 30 | */ |
| 31 | protected function get_settings_data_priority() { |
| 32 | return 100; // load after legacy settings |
| 33 | } |
| 34 | |
| 35 | /** |
| 36 | * Validate settings for this tab. |
| 37 | * |
| 38 | * Override to use capabilities-specific validation. |
| 39 | * |
| 40 | * @param array $input Input data from form submission. |
| 41 | * @return array Validated data. |
| 42 | */ |
| 43 | public function validate( $input ) { |
| 44 | // use capabilities-specific validation |
| 45 | return $this->validate_capabilities( $input ); |
| 46 | } |
| 47 | |
| 48 | /** |
| 49 | * Provide settings data for this tab. |
| 50 | * |
| 51 | * @param array $data Settings data. |
| 52 | * @return array |
| 53 | */ |
| 54 | public function settings_data( $data ) { |
| 55 | // get main instance |
| 56 | $rl = Responsive_Lightbox(); |
| 57 | |
| 58 | $data[self::TAB_KEY] = [ |
| 59 | 'option_name' => 'responsive_lightbox_capabilities', |
| 60 | 'option_group' => 'responsive_lightbox_capabilities', |
| 61 | 'validate' => [ $this, 'validate' ], |
| 62 | 'sections' => [ |
| 63 | 'responsive_lightbox_capabilities_fields' => [ |
| 64 | 'title' => __( 'Capabilities Settings', 'responsive-lightbox' ), |
| 65 | 'description' => '', |
| 66 | 'fields' => [ |
| 67 | 'active' => [ |
| 68 | 'title' => __( 'Capabilities', 'responsive-lightbox' ), |
| 69 | 'type' => 'boolean', |
| 70 | 'label' => __( 'Enable advanced capability management.', 'responsive-lightbox' ), |
| 71 | 'description' => __( 'Check this to enable access to plugin features for selected user roles.', 'responsive-lightbox' ) |
| 72 | ] |
| 73 | ] |
| 74 | ], |
| 75 | 'responsive_lightbox_capabilities' => [ |
| 76 | 'title' => '', |
| 77 | 'callback' => [ $this, 'capabilities_table' ] |
| 78 | ] |
| 79 | ] |
| 80 | ]; |
| 81 | |
| 82 | return $data; |
| 83 | } |
| 84 | |
| 85 | /** |
| 86 | * Render capabilities table section. |
| 87 | * |
| 88 | * @global object $wp_roles |
| 89 | * |
| 90 | * @return void |
| 91 | */ |
| 92 | public function capabilities_table() { |
| 93 | global $wp_roles; |
| 94 | |
| 95 | // get available user roles |
| 96 | $editable_roles = get_editable_roles(); |
| 97 | |
| 98 | echo ' |
| 99 | <br class="clear" /> |
| 100 | <table class="widefat fixed posts"> |
| 101 | <thead> |
| 102 | <tr> |
| 103 | <th>' . esc_html__( 'Role', 'responsive-lightbox' ) . '</th>'; |
| 104 | |
| 105 | foreach ( $editable_roles as $role_name => $role_info ) { |
| 106 | echo '<th>' . esc_html( isset( $wp_roles->role_names[$role_name] ) ? translate_user_role( $wp_roles->role_names[$role_name] ) : $role_name ) . '</th>'; |
| 107 | } |
| 108 | |
| 109 | echo ' |
| 110 | </tr> |
| 111 | </thead> |
| 112 | <tbody id="the-list">'; |
| 113 | |
| 114 | $i = 0; |
| 115 | |
| 116 | foreach ( Responsive_Lightbox()->get_data( 'capabilities' ) as $cap_role => $cap_label ) { |
| 117 | echo ' |
| 118 | <tr' . ( ( $i++ % 2 === 0 ) ? ' class="alternate"' : '' ) . '> |
| 119 | <td>' . esc_html__( $cap_label, 'responsive-lightbox' ) . '</td>'; |
| 120 | |
| 121 | foreach ( $editable_roles as $role_name => $role_info ) { |
| 122 | // get user role |
| 123 | $role = $wp_roles->get_role( $role_name ); |
| 124 | |
| 125 | echo ' |
| 126 | <td> |
| 127 | <input type="checkbox" name="responsive_lightbox_capabilities[roles][' . esc_attr( $role->name ) . '][' . esc_attr( $cap_role ) . ']" value="true" ' . checked( true, ( $role->has_cap( $cap_role ) || $role_name === 'administrator' ), false ) . ' ' . disabled( $role_name, 'administrator', false ) . ' /> |
| 128 | </td>'; |
| 129 | } |
| 130 | |
| 131 | echo ' |
| 132 | </tr>'; |
| 133 | } |
| 134 | |
| 135 | echo ' |
| 136 | </tbody> |
| 137 | </table>'; |
| 138 | } |
| 139 | |
| 140 | /** |
| 141 | * Validate capabilities. |
| 142 | * |
| 143 | * Handles WordPress role/capability management for plugin access control. |
| 144 | * |
| 145 | * @global object $wp_roles |
| 146 | * |
| 147 | * @param array $input |
| 148 | * @return array |
| 149 | */ |
| 150 | private function validate_capabilities( $input ) { |
| 151 | // get main instance |
| 152 | $rl = Responsive_Lightbox(); |
| 153 | |
| 154 | // check capability |
| 155 | if ( ! current_user_can( apply_filters( 'rl_lightbox_settings_capability', $rl->options['capabilities']['active'] ? 'edit_lightbox_settings' : 'manage_options' ) ) ) |
| 156 | return $input; |
| 157 | |
| 158 | global $wp_roles; |
| 159 | |
| 160 | // sanitize the 'active' boolean field manually (simple field, no complex logic needed) |
| 161 | if ( isset( $input['active'] ) ) { |
| 162 | $input['active'] = (bool) $input['active']; |
| 163 | } else { |
| 164 | $input['active'] = false; |
| 165 | } |
| 166 | |
| 167 | // if capabilities are being enabled, grant them immediately before redirect |
| 168 | if ( ( isset( $_POST['save_rl_capabilities'] ) || isset( $_POST['save_responsive_lightbox_capabilities'] ) ) && ! empty( $input['active'] ) && empty( $rl->options['capabilities']['active'] ) ) { |
| 169 | // temporarily set the option so grant_capabilities works |
| 170 | $rl->options['capabilities']['active'] = true; |
| 171 | $rl->grant_capabilities(); |
| 172 | } |
| 173 | |
| 174 | // save capabilities? |
| 175 | if ( isset( $_POST['save_rl_capabilities'] ) || isset( $_POST['save_responsive_lightbox_capabilities'] ) ) { |
| 176 | foreach ( $wp_roles->roles as $role_name => $role_label ) { |
| 177 | // get user role |
| 178 | $role = $wp_roles->get_role( $role_name ); |
| 179 | |
| 180 | // manage new capabilities only for non-admins |
| 181 | if ( $role_name !== 'administrator' ) { |
| 182 | foreach ( $rl->get_data( 'capabilities' ) as $capability => $label ) { |
| 183 | if ( isset( $input['roles'][$role_name][$capability] ) && $input['roles'][$role_name][$capability] === 'true' ) |
| 184 | $role->add_cap( $capability ); |
| 185 | else |
| 186 | $role->remove_cap( $capability ); |
| 187 | } |
| 188 | } |
| 189 | } |
| 190 | // reset capabilities? |
| 191 | } elseif ( isset( $_POST['reset_rl_capabilities'] ) || isset( $_POST['reset_responsive_lightbox_capabilities'] ) ) { |
| 192 | foreach ( $wp_roles->roles as $role_name => $display_name ) { |
| 193 | // get user role |
| 194 | $role = $wp_roles->get_role( $role_name ); |
| 195 | |
| 196 | foreach ( $rl->get_data( 'capabilities' ) as $capability => $label ) { |
| 197 | if ( array_key_exists( $role_name, $rl->defaults['capabilities']['roles'] ) && in_array( $capability, $rl->defaults['capabilities']['roles'][$role_name], true ) ) |
| 198 | $role->add_cap( $capability ); |
| 199 | else |
| 200 | $role->remove_cap( $capability ); |
| 201 | } |
| 202 | } |
| 203 | |
| 204 | add_settings_error( 'reset_rl_capabilities', 'settings_restored', esc_html__( 'Settings restored to defaults.', 'responsive-lightbox' ), 'updated' ); |
| 205 | } |
| 206 | |
| 207 | return $input; |
| 208 | } |
| 209 | } |
| 210 |