function edit_user_profile_update() { global $user_id; $WP_Roles = new WP_Roles(); $WP_User = new WP_User($user_id); if (isset($_POST['user_enable_custom_cap']) && $_POST['user_enable_custom_cap'] == 1) { update_user_meta($user_id, 'user_enable_custom_cap', 1); $WP_User->remove_all_caps(); $all_caps = $this->get_all_caps_from_wp_roles($WP_Roles); if (is_array($_POST['ROLES']) && count($_POST['ROLES']) > 0) { foreach ($all_caps as $capability) { if (array_key_exists($capability, $_POST['ROLES'])) { $WP_User->add_cap($capability, true); } else { $WP_User->add_cap($capability, false); } } } } else { update_user_meta($user_id, 'user_enable_custom_cap', 0); $WP_User->remove_all_caps(); } }
/** * Remove a user from a blog. * * Use the 'remove_user_from_blog' action to fire an event when * users are removed from a blog. * * Accepts an optional $reassign parameter, if you want to * reassign the user's blog posts to another user upon removal. * * @since MU 1.0 * * @param int $user_id ID of the user you're removing. * @param int $blog_id ID of the blog you're removing the user from. * @param string $reassign Optional. A user to whom to reassign posts. * @return bool */ function remove_user_from_blog($user_id, $blog_id = '', $reassign = '') { global $wpdb; switch_to_blog($blog_id); $user_id = (int) $user_id; do_action('remove_user_from_blog', $user_id, $blog_id); // If being removed from the primary blog, set a new primary if the user is assigned // to multiple blogs. $primary_blog = get_user_meta($user_id, 'primary_blog', true); if ($primary_blog == $blog_id) { $new_id = ''; $new_domain = ''; $blogs = get_blogs_of_user($user_id); foreach ((array) $blogs as $blog) { if ($blog->userblog_id == $blog_id) { continue; } $new_id = $blog->userblog_id; $new_domain = $blog->domain; break; } update_user_meta($user_id, 'primary_blog', $new_id); update_user_meta($user_id, 'source_domain', $new_domain); } // wp_revoke_user($user_id); $user = new WP_User($user_id); if (empty($user->ID)) { restore_current_blog(); return new WP_Error('user_does_not_exist', __('That user does not exist.')); } $user->remove_all_caps(); $blogs = get_blogs_of_user($user_id); if (count($blogs) == 0) { update_user_meta($user_id, 'primary_blog', ''); update_user_meta($user_id, 'source_domain', ''); } if ($reassign != '') { $reassign = (int) $reassign; $wpdb->query($wpdb->prepare("UPDATE {$wpdb->posts} SET post_author = %d WHERE post_author = %d", $reassign, $user_id)); $wpdb->query($wpdb->prepare("UPDATE {$wpdb->links} SET link_owner = %d WHERE link_owner = %d", $reassign, $user_id)); } restore_current_blog(); return true; }
/** * Remove all capabilities from user. * * @since unknown * * @param int $id User ID. */ function wp_revoke_user($id) { $id = (int) $id; $user = new WP_User($id); $user->remove_all_caps(); }
function lti_parse_request_OLD($wp) { if (!is_basic_lti_request()) { $good_message_type = $_REQUEST[LTI_MESSAGE_TYPE] == LTI_MESSAGE_TYPE_VALUE; $good_lti_version = $_REQUEST[LTI_VERSION] == LTI_VERSION_VALUE; $resource_link_id = $_REQUEST[RESOURCE_LINK_ID]; if ($good_message_type && $good_lti_version && !isset($resource_link_id)) { $launch_presentation_return_url = $_REQUEST[LAUNCH_PRESENTATION_URL]; if (isset($launch_presentation_return_url)) { header('Location: ' . $launch_presentation_return_url); exit; } } return; } // See if we get a context, do not set session, do not redirect $secret = lti_get_secret_from_consumer_key(); $context = new bltiUocWrapper(false, false, null, $secret); if (!$context->valid) { //var_dump($_POST); echo "<hr>OAuthUtil::urldecode_rfc3986('%2B') " . OAuthUtil::urldecode_rfc3986('%2B') . "<br>"; echo "<hr>OAuthUtil::urldecode_rfc3986('%5C') " . OAuthUtil::urldecode_rfc3986('%5C') . "<br>"; wp_die("BASIC LTI Authentication Failed, not valid request (make sure that consumer is authorized and secret is correct) " . $context->message); return; } $error = is_lti_error_data($context); if ($error !== FALSE) { $launch_presentation_return_url = $_REQUEST[LAUNCH_PRESENTATION_URL]; if (isset($launch_presentation_return_url)) { $error = '<p>' . $error . '</p><p>Return to site <a href="' . $launch_presentation_return_url . '">' . $launch_presentation_return_url . '</a></p>'; } wp_die($error, ''); } $blogType = new blogTypeLoader($context); if ($blogType->error < 0) { wp_die("BASIC LTI loading Types Aula Failed " . $blogType->error_miss); return; } // Set up the user... $userkey = getUserkeyLTI($context); $userkey = apply_filters('pre_user_login', $userkey); $userkey = trim($userkey); if (empty($userkey)) { wp_die('<p>Empty username</p><p>Cannot create a user without username</p>'); } $uinfo = get_user_by('login', $userkey); if (isset($uinfo) && $uinfo != false) { // og LTI: set the user_login and user_nicename to the same value, // , because we want the wordpress-login cookie to have the username // otherwise caching won't work properly! $ret_id = wp_insert_user(array('ID' => $uinfo->ID, 'user_login' => $userkey, 'user_nicename' => $userkey, 'first_name' => $context->getUserFirstName(), 'last_name' => $context->getUserLastName(), 'user_email' => $context->getUserEmail(), 'user_url' => 'http://b', 'display_name' => $context->getUserName(), 'role' => get_option('default_role'))); //error_log("og old role is set"); if (is_object($ret_id) && isset($ret_id->errors)) { $msg = ''; foreach ($ret_id->errors as $key => $error) { $msg .= "<p><b>{$key}</b> "; foreach ($error as $erroMsg) { $msg .= "<p> {$erroMsg}</p>"; } $msg .= "</p>"; } wp_die($msg); } } else { // new user!!!! $ret_id = wp_insert_user(array('user_login' => $userkey, 'user_nicename' => $context->getUserName(), 'first_name' => $context->getUserFirstName(), 'last_name' => $context->getUserLastName(), 'user_email' => $context->getUserEmail(), 'user_url' => 'http://c', 'display_name' => $context->getUserName())); if (is_object($ret_id) && isset($ret_id->errors)) { $msg = ''; foreach ($ret_id->errors as $key => $error) { $msg .= "<p><b>{$key}</b> "; foreach ($error as $erroMsg) { $msg .= "<p> {$erroMsg}</p>"; } $msg .= "</p>"; } wp_die($msg); } $uinfo = get_user_by('login', $userkey); } //Eliminem del blog Principal (si no es admin) http://jira.uoc.edu/jira/browse/BLOGA-218 if (!$is_admin) { $user = new WP_User($uinfo->ID); $user->remove_all_caps(); } $_SERVER['REMOTE_USER'] = $userkey; $password = md5($uinfo->user_pass); // User is now authorized; force WordPress to use the generated password //login, set cookies, and set current user wp_authenticate($userkey, $password); wp_set_auth_cookie($user->ID, false); wp_set_current_user($user->ID, $userkey); $siteUrl = substr(get_option("siteurl"), 7); // - "http://" $siteUrlArray = explode("/", $siteUrl); $domain = $siteUrlArray[0]; unset($siteUrlArray[0]); //error_log("og LTI domain: ". $domain); $course = $blogType->getCoursePath($context, $siteUrlArray, $domain); if (isset($context->info[RESOURCE_LINK_ID]) && $context->info[RESOURCE_LINK_ID]) { $course .= '-' . $context->info[RESOURCE_LINK_ID]; } $course = sanitize_user($course, true); //Bug wordpress doesn't get stye sheet if has a dot $course = str_replace('.', '_', $course); $path_base = "/" . implode("/", $siteUrlArray) . "/" . $course; $path_base = str_replace('//', '/', $path_base); $path = $path_base . "/"; $path = str_replace('//', '/', $path); $blog_created = false; $overwrite_plugins_theme = isset($context->info[OVERWRITE_PLUGINS_THEME]) ? $context->info[OVERWRITE_PLUGINS_THEME] == 1 : false; $overwrite_roles = isset($context->info[OVERWRITE_ROLES]) ? $context->info[OVERWRITE_ROLES] == 1 : false; $blog_id = domain_exists($domain, $path); $blog_is_new = false; if (!isset($blog_id)) { $title = __("Blog ") . $blogType->getCourseName($context); $blog_is_new = true; $meta = $blogType->getMetaBlog($context); $old_site_language = get_site_option('WPLANG'); $blogType->setLanguage($context); $blog_id = wpmu_create_blog($domain, $path, $title, $user_id, $meta); update_site_option('WPLANG', $old_site_language); $blogType->checkErrorCreatingBlog($blog_id, $path); $blog_created = true; } // Connect the user to the blog if (isset($blog_id)) { switch_to_blog($blog_id); ob_start(); if ($overwrite_plugins_theme || $blog_created) { $blogType->loadPlugins(); $blogType->changeTheme(); } //Agafem el rol anterior $old_role = null; if (!$blog_created && !$overwrite_roles) { $old_role_array = get_usermeta($user->id, 'wp_' . $blog_id . '_capabilities'); if (count($old_role_array) > 0) { foreach ($old_role_array as $key => $value) { if ($value == true) { $old_role = $key; } } } } remove_user_from_blog($uinfo->ID, $blog_id); $obj = new stdClass(); $obj->blog_id = $blog_id; $obj->userkey = $userkey; $obj->path_base = $path_base; $obj->domain = $domain; $obj->context = $context; $obj->uinfoID = $uinfo->ID; $obj->blog_is_new = $blog_is_new; if ($overwrite_roles || $old_role == null) { $obj->role = $blogType->roleMapping($context->info[FIELD_ROLE_UOC_CAMPUS], $context->info); } else { $obj->role = $old_role; } $blogType->postActions($obj); add_user_to_blog($blog_id, $uinfo->ID, $obj->role); //Si posem el restore_current_blog ens va al principi // restore_current_blog(); ob_end_clean(); } $redirecturl = get_option("siteurl"); //error_log("og LTI redirect URL: ".$redirecturl); $redirecturl = str_replace("http://", "https://", $redirecturl); //error_log("og LTI new redirect URL: ".$redirecturl); wp_redirect($redirecturl); exit; }
function test_user_remove_all_caps() { // user starts as an author $id = $this->factory->user->create( array( 'role' => 'author' ) ); $user = new WP_User($id); $this->assertTrue($user->exists(), "Problem getting user $id"); // add some extra capabilities $user->add_cap('make_coffee'); $user->add_cap('drink_coffee'); // re-fetch $user = new WP_User($id); $this->assertTrue($user->exists(), "Problem getting user $id"); $this->assertTrue($user->has_cap('make_coffee')); $this->assertTrue($user->has_cap('drink_coffee')); // all caps are removed $user->remove_all_caps(); // re-fetch $user = new WP_User($id); $this->assertTrue($user->exists(), "Problem getting user $id"); // capabilities for the author role should be gone # $this->assertFalse($user->has_cap('edit_posts')); # $this->assertFalse($user->has_cap('edit_published_posts')); # $this->assertFalse($user->has_cap('upload_files')); # $this->assertFalse($user->has_cap('level_2')); // the extra capabilities should be gone $this->assertFalse($user->has_cap('make_coffee')); $this->assertFalse($user->has_cap('drink_coffee')); // user level should be empty $this->assertEmpty( $user->user_level ); }
/** * update user roles and capabilities * @param type $user * @return boolean */ public function solvease_roles_capabilities_update_user_role_cap($user_id) { // check if its a valid POST if (!isset($_POST['solvease_user_role_cap_nonce']) || !wp_verify_nonce($_POST['solvease_user_role_cap_nonce'], 'solvease_user_role_cap') || $_POST['user_id'] != $user_id) { return; } $user = new WP_User($user_id); // capabilities $capabilities = isset($_POST['cap']) ? array_keys($_POST['cap']) : array(); // all user roles $all_roles = $this->solvease_roles_capabilities_get_roles(); // primary roles $primary_role = $_POST['primary_role']; // secondary roles $secondary_roles = isset($_POST['secondary_roles']) ? array_keys($_POST['secondary_roles']) : array(); // blank user roles $user->roles = array(); // remove all user roles $user->remove_all_caps(); // add primary roles if ($primary_role != '' && isset($all_roles[$primary_role])) { $user->add_role($primary_role); } else { return FALSE; } // add secondary roles if (!empty($secondary_roles)) { foreach ($secondary_roles as $secondary_role) { if (isset($all_roles[$secondary_role]) && $primary_role != $secondary_role) { $user->add_role($secondary_role); } } } // add capabilities of user roles $user->update_user_level_from_caps(); // add capabilities if (!empty($capabilities)) { foreach ($capabilities as $capability) { $user->add_cap($capability); } } return $user; }
function test_user_remove_all_caps() { // user starts as an author $id = self::factory()->user->create(array('role' => 'author')); $user = new WP_User($id); $this->assertTrue($user->exists(), "Problem getting user {$id}"); // add some extra capabilities $user->add_cap('make_coffee'); $user->add_cap('drink_coffee'); // re-fetch $user = new WP_User($id); $this->assertTrue($user->exists(), "Problem getting user {$id}"); $this->assertTrue($user->has_cap('make_coffee')); $this->assertTrue($user->has_cap('drink_coffee')); // all caps are removed $user->remove_all_caps(); // re-fetch $user = new WP_User($id); $this->assertTrue($user->exists(), "Problem getting user {$id}"); // all capabilities for the user should be gone foreach ($this->getAllCapsAndRoles() as $cap => $roles) { $this->assertFalse($user->has_cap($cap), "User should not have the {$cap} capability"); } // the extra capabilities should be gone $this->assertFalse($user->has_cap('make_coffee')); $this->assertFalse($user->has_cap('drink_coffee')); // user level should be empty $this->assertEmpty($user->user_level); }
/** * Import a single user * * @param array $user * @return array */ protected function import_user($user) { $local_user = get_user_by('login', $user['data']['user_login']); $local_user_object = new WP_User($local_user->ID); $update = !empty($local_user) ? true : false; if (!function_exists('wp_insert_user')) { include_once ABSPATH . 'wp-includes/registration.php'; } // args used by wp_insert_user & wp_update_user // makes for an easy merge and a reminder of just what is handled at that time $insert_user_args = array('user_login' => null, 'user_nicename' => null, 'user_url' => null, 'user_email' => null, 'display_name' => null, 'nickname' => null, 'first_name' => null, 'last_name' => null, 'description' => null, 'rich_editing' => null, 'user_registered' => null, 'role' => null, 'use_ssl' => 0, 'admin_color' => null, 'comment_shortcuts' => null); foreach (_wp_get_user_contactmethods() as $contact_method => $contact_method_name) { $insert_user_args[$contact_method] = null; } cfd_tmp_dbg('importing_user.txt', $user, 'print'); foreach ($insert_user_args as $key => &$arg) { if ($key == 'role') { $arg = $user['roles'][0]; } else { if (!empty($user['data'][$key])) { $arg = $user['data'][$key]; } } } cfd_tmp_dbg('importing_user_args.txt', $insert_user_args, 'print'); if ($update) { $local_userdata = get_object_vars(get_userdata($local_user->ID)); $insert_user_args = array_merge($local_userdata, $insert_user_args); unset($insert_user_args['user_pass']); $user_id = wp_update_user($insert_user_args); } else { if (email_exists($user['data']['user_email'])) { $this->add_import_message('users', '__error__', sprintf(__('Email address "%s" already exists for another user', 'cf-deploy'), $user['data']['user_email'])); return false; } // set generic password for new user $insert_user_args['user_password'] = time(); $user_id = wp_insert_user($insert_user_args); } if (empty($user_id) || is_wp_error($user_id)) { $errstring = sprintf(__('Import failed for user "%s".', 'cf-deploy'), $user['data']['user_nicename']); if (is_wp_error($user_id)) { $errstring .= ' ' . __('Error:', 'cf-deploy') . ' ' . $user_id->get_error_message(); } $this->add_import_message('users', '__error__', $errstring); $ret = false; } else { // Set/Update Capabilities & Roles $u = new WP_User($user_id); // set roles, remove all existing and replace with what is being brought in foreach ($u->roles as $role) { $u->remove_role($role); } foreach ($user['roles'] as $role) { $u->add_role($role); } // set caps, remove all existing caps before setting them anew $u->remove_all_caps(); foreach ($user['caps'] as $cap => $value) { $u->add_cap($cap, (bool) $value); } $this->add_import_message('users', '__notice__', sprintf(__('User "%s" successfully imported.', 'cf-deploy'), $user['data']['user_login'])); $ret = true; } $item_change['users'][$user['data']['user_login']] = 'new'; if (!empty($local_user)) { $log_users = array($local_user_object); array_walk_recursive($log_users, array($this, 'object_to_array')); $item_change['users'][$user['data']['user_login']] = current($log_users); } $this->log_item_change($item_change); return $ret; }
/** * Update user roles and capabilities * * @global WP_Roles $wp_roles * @param WP_User $user * @return boolean */ private function update_user($user) { global $wp_roles; $values = array_values($user->roles); $primary_role = array_shift($values); // get 1st element from roles array as user primary role if (empty($primary_role) || !isset($this->roles[$primary_role])) { $primary_role = ''; } if (function_exists('bbp_filter_blog_editable_roles')) { // bbPress plugin is active $bbp_user_role = bbp_get_user_role($user->ID); } else { $bbp_user_role = ''; } // revoke all roles and capabilities from this user $user->roles = array(); $user->remove_all_caps(); // restore primary role if (!empty($primary_role)) { $user->add_role($primary_role); } // restore bbPress user role if she had one if (!empty($bbp_user_role)) { $user->add_role($bbp_user_role); } // add other roles to user foreach ($_POST as $key => $value) { $result = preg_match('/^wp_role_(.+)/', $key, $match); if ($result === 1) { $role = $match[1]; if (isset($wp_roles->roles[$role])) { $user->add_role($role); } } } // add individual capabilities to user if (count($this->capabilities_to_save) > 0) { foreach ($this->capabilities_to_save as $key => $value) { $user->add_cap($key); } } $user->update_user_level_from_caps(); return true; }