public static function exception_scripts()
{
if (!current_user_can('pp_assign_roles') && !pp_bulk_roles_enabled()) {
return array();
}
$vars = array('addExceptions' => __('Add Exceptions', 'pp'), 'clearException' => __('clear', 'pp'), 'pleaseReview' => __('Review selection(s) below, then click Save.', 'pp'), 'alreadyException' => __('Exception already selected!', 'pp'), 'noAction' => __('No Action selected!', 'pp'), 'submissionMsg' => __('Exception submission in progress...', 'pp'), 'reloadRequired' => __('Reload form for further changes to this exception', 'pp'), 'noMode' => __('No Assignment Mode selected!', 'pp'), 'ajaxurl' => admin_url(''));
$vars['agentType'] = isset($_REQUEST['agent_type']) ? pp_sanitize_key($_REQUEST['agent_type']) : 'pp_group';
$vars['agentID'] = isset($_REQUEST['agent_id']) ? (int) $_REQUEST['agent_id'] : 0;
//$vars['agentID'] = ( isset($_REQUEST['group_id']) ) ? $_REQUEST['group_id'] : 0;
// Simulate Nav Menu setup
require_once dirname(__FILE__) . '/includes/item-menu_pp.php';
/*
if ( ! pp_wp_ver( '3.3' ) ) {
global $wp_styles;
$wp_styles->add( 'nav-menu', "/wp-admin/css/nav-menu.css" );
wp_admin_css( 'nav-menu' );
}
*/
$vars['noItems'] = __('No items selected!', 'pp');
$suffix = defined('SCRIPT_DEBUG') && SCRIPT_DEBUG ? '.dev' : '';
//wp_enqueue_script( 'nav-menu' );
wp_enqueue_script('pp-item-menu', PP_URLPATH . "/admin/js/pp-item-menu{$suffix}.js", array('jquery', 'jquery-form'), PPC_VERSION);
wp_localize_script('pp-item-menu', 'ppItems', array('ajaxurl' => admin_url(''), 'noResultsFound' => __('No results found.', 'pp')));
wp_enqueue_script('pp_exception_edit', PP_URLPATH . "/admin/js/pp_exception_edit{$suffix}.js", array('jquery', 'jquery-form'), PPC_VERSION);
wp_localize_script('pp_exception_edit', 'ppRestrict', $vars);
wp_enqueue_script('common');
wp_enqueue_script('postbox');
return $vars;
}
public static function activate_key()
{
if (PP_MULTISITE && !is_super_admin() && (pp_is_network_activated(PPC_BASENAME) || pp_is_mu_plugin(PPC_FILE))) {
return;
}
require_once dirname(__FILE__) . '/plugin_pp.php';
$request_vars = array('key' => pp_sanitize_key($_GET['key']), 'site' => site_url(''));
$response = PP_Plugin_Status::callhome('activate-key', $request_vars);
$result = json_decode($response);
if ($result[0] == "1") {
pp_update_option('support_key', $result);
}
echo $response;
exit;
}
function __construct()
{
global $_wp_column_headers;
$screen = get_current_screen();
// clear out empty entry from initial admin_header.php execution
if (isset($_wp_column_headers[$screen->id])) {
unset($_wp_column_headers[$screen->id]);
}
parent::__construct(array('singular' => 'group', 'plural' => 'groups'));
if (empty($_REQUEST['agent_type'])) {
if (!($this->agent_type = apply_filters('pp_query_group_type', ''))) {
$this->agent_type = 'pp_group';
}
} else {
$this->agent_type = pp_sanitize_key($_REQUEST['agent_type']);
}
}
public static function add_user_groups($user_id, $omit_group_ids = array())
{
$group_types = pp_get_group_types(array('editable' => true));
//foreach( apply_filters( 'pp_membership_editable_group_types', array( 'pp_group' ) ) as $agent_type ) {
foreach (pp_get_group_types(array('editable' => true)) as $agent_type) {
if ('pp_group' == $agent_type && in_array('pp_net_group', $group_types)) {
continue;
}
if (empty($_POST[$agent_type])) {
continue;
}
//if ( ! pp_has_group_cap( 'pp_manage_members', 0, $agent_type ) )
// continue;
global $pp_current_user;
$status = isset($_POST['pp_membership_status']) ? pp_sanitize_key($_POST['pp_membership_status']) : 'active';
if ($user_id == $pp_current_user->ID) {
$stored_groups = (array) $pp_current_user->groups[$agent_type];
} else {
$user = pp_get_user($user_id, '', array('skip_role_merge' => 1));
$stored_groups = isset($user->groups[$agent_type]) ? (array) $user->groups[$agent_type] : array();
}
// by retrieving filtered groups here, user will only modify membership for groups they can administer
$is_administrator = pp_is_user_administrator();
$posted_groups = isset($_POST[$agent_type]) ? $_POST[$agent_type] : array();
if ($omit_group_ids) {
$posted_groups = array_diff($posted_groups, $omit_group_ids);
}
foreach ($posted_groups as $group_id) {
if (isset($stored_groups[$group_id])) {
continue;
}
if (pp_has_group_cap('pp_manage_members', $group_id, $agent_type)) {
$args = compact('agent_type', 'status');
$args = apply_filters('pp_add_group_args', $args, $group_id);
pp_add_group_user((int) $group_id, $user_id, $args);
}
}
}
}
function pp_register_extension($slug, $label, $basename, $version, $min_pp_version = '0', $min_wp_version = '0')
{
global $pp_extensions, $pp_min_ext_version;
$slug = pp_sanitize_key($slug);
if (!isset($pp_extensions) || !is_array($pp_extensions)) {
$pp_extensions = array();
}
// avoid lockout in case of editing plugin via wp-admin
if (constant('PP_DEBUG') && is_admin() && ppc_editing_plugin()) {
return false;
}
$register = true;
$error = false;
if (!pp_wp_ver($min_wp_version)) {
require_once dirname(__FILE__) . '/lib/error_pp.php';
$error = PP_Error::old_wp($label, $min_wp_version);
$register = false;
} elseif (version_compare(PPC_VERSION, $min_pp_version, '<')) {
require_once dirname(__FILE__) . '/lib/error_pp.php';
$error = PP_Error::old_pp($label, $min_pp_version);
$register = false;
} elseif (!empty($pp_min_ext_version[$slug]) && version_compare($version, $pp_min_ext_version[$slug], '<')) {
if (is_admin()) {
require_once dirname(__FILE__) . '/lib/error_pp.php';
$error = PP_Error::old_extension($label, $pp_min_ext_version[$slug]);
// but still register extension so it can be updated!
} else {
$error = true;
$register = false;
}
}
if ($register) {
$version = pp_sanitize_word($version);
$pp_extensions[$slug] = (object) compact('slug', 'version', 'label', 'basename');
}
return !$error;
}
function act_prep_metaboxes()
{
global $tag_ID;
if (empty($tag_ID)) {
return;
}
static $been_here;
if (isset($been_here)) {
return;
}
$been_here = true;
global $typenow;
// pp_find_post_type();
$post_type = !empty($_REQUEST['pp_universal']) ? '' : $typenow;
$taxonomy = isset($_REQUEST['taxonomy']) ? pp_sanitize_key($_REQUEST['taxonomy']) : '';
//$is_administrator = pp_is_user_administrator();
//$can_admin_object = $is_administrator || $pp_admin->user_can_admin_object('post', $object_id, $object_type);
if (current_user_can('pp_assign_roles')) {
$this->init_item_exceptions_ui();
$tt_id = pp_termid_to_ttid($tag_ID, $taxonomy);
$args = array('for_item_type' => $post_type, 'hierarchical' => is_taxonomy_hierarchical($post_type));
// via_src, for_src, via_type, item_id, args
$this->item_exceptions_ui->data->load_exceptions('term', 'post', $taxonomy, $tt_id, $args);
do_action('pp_prep_metaboxes', 'term', $taxonomy, $tt_id);
}
}
function menu_handler()
{
$pp_page = pp_sanitize_key($_GET['page']);
if (in_array($pp_page, array('pp-settings', 'pp-groups', 'pp-users', 'pp-edit-permit', 'pp-edit-permissions', 'pp-group-new', 'pp-about', 'pp-attachments_utility'))) {
include_once PPC_ABSPATH . "/admin/{$pp_page}.php";
if ('pp-settings' == $pp_page) {
pp_options();
}
}
do_action('pp_menu_handler', $pp_page);
}
<?php
if (!defined('ABSPATH')) {
exit;
}
// Exit if accessed directly
if (!pp_bulk_roles_enabled()) {
exit;
}
global $wpdb;
$html = '';
$agent_type = !empty($_GET['agent_type']) ? pp_sanitize_key($_GET['agent_type']) : '';
$agent_id = !empty($_GET['agent_id']) ? (int) $_GET['agent_id'] : 0;
// safeguard prevents accidental modification of roles for other groups / users
if ($agent_type && $agent_id) {
$agent_clause = "agent_type = '{$agent_type}' AND agent_id = '{$agent_id}' AND";
} else {
$agent_clause = '';
}
$action = $_GET['pp_ajax_submission'];
switch ($action) {
case 'roles_remove':
if (empty($_GET['pp_ass_ids'])) {
exit;
}
if (!current_user_can('pp_assign_roles') || !pp_bulk_roles_enabled()) {
exit;
}
$deleted_ass_ids = array();
$input_vals = explode('|', pp_sanitize_csv($_GET['pp_ass_ids']));
foreach ($input_vals as $id_csv) {
if (!empty($pp_admin->errors) && is_wp_error($pp_admin->errors)) {
?>
<div class="error"><p><?php
echo implode("</p>\n<p>", $pp_admin->errors->get_error_messages());
?>
</p></div>
<?php
}
?>
<div class="wrap" id="group-profile-page">
<?php
pp_icon();
?>
<h2><?php
$agent_type = isset($_REQUEST['agent_type']) && pp_group_type_editable($_REQUEST['agent_type']) ? pp_sanitize_key($_REQUEST['agent_type']) : 'pp_group';
if ('pp_group' == $agent_type || !($group_type_obj = pp_get_group_type_object($agent_type))) {
_e('Create New Permission Group', 'pp');
} else {
printf(__('Create New %s', 'pp'), $group_type_obj->labels->singular_name);
}
?>
</h2>
<form action="" method="post" id="creategroup" name="creategroup" class="pp-admin">
<input name="action" type="hidden" value="creategroup" />
<input name="agent_type" type="hidden" value="<?php
echo $agent_type;
?>
" />
<?php
function _ppc_count_assigned_exceptions($agent_type, $args = array())
{
global $wpdb;
$defaults = array('query_agent_ids' => false, 'join_groups' => true);
extract(array_merge($defaults, $args), EXTR_SKIP);
$item_types = array_merge(pp_get_enabled_post_types(), pp_get_enabled_taxonomies(), pp_get_group_types(array('editable' => true)));
$type_clause = "AND e.for_item_type IN ('','" . implode("','", $item_types) . "')";
$type_clause .= " AND e.via_item_type IN ('','" . implode("','", $item_types) . "')";
$ops_clause = "AND operation IN ('" . implode("','", pp_get_operations()) . "')";
$count = array();
$agent_type = pp_sanitize_key($agent_type);
if ('user' == $agent_type && $join_groups) {
$results = array();
foreach (pp_get_group_types(array(), 'object') as $group_type => $gtype_obj) {
global $wpdb;
if (!empty($gtype_obj->schema['members'])) {
extract($gtype_obj->schema['members']);
// members_table, col_group, col_user
} else {
$members_table = $wpdb->pp_group_members;
$col_member_group = 'group_id';
$col_member_user = '******';
}
$agent_clause = $query_agent_ids ? "AND gm.{$col_member_user} IN ('" . implode("','", (array) $query_agent_ids) . "')" : '';
if ('groups_only' === $join_groups || 'pp_group' != $group_type) {
$agent_type_clause = "( e.agent_type = '{$group_type}' AND gm.{$col_member_group} = e.agent_id )";
} else {
$agent_type_clause = "( e.agent_type = 'user' AND gm.user_id = e.agent_id ) OR ( e.agent_type = 'pp_group' AND gm.group_id = e.agent_id )";
}
$_results = $wpdb->get_results("SELECT gm.{$col_member_user} as qry_agent_id, e.exception_id, e.for_item_source, e.for_item_type, e.via_item_type, e.operation, COUNT(DISTINCT i.exception_id, i.item_id) AS exc_count FROM {$wpdb->ppc_exception_items} AS i INNER JOIN {$wpdb->ppc_exceptions} AS e ON i.exception_id = e.exception_id INNER JOIN {$members_table} AS gm ON ( {$agent_type_clause} ) WHERE i.inherited_from = '0' {$ops_clause} {$type_clause} {$agent_clause} GROUP BY qry_agent_id, e.for_item_source, e.for_item_type, e.operation");
$results = array_merge($results, $_results);
}
} else {
$agent_clause = $query_agent_ids ? "AND e.agent_id IN ('" . implode("','", (array) $query_agent_ids) . "')" : '';
$results = $wpdb->get_results("SELECT e.agent_id AS qry_agent_id, e.exception_id, e.for_item_source, e.for_item_type, e.operation, e.via_item_type, COUNT(DISTINCT i.exception_id, i.item_id) AS exc_count FROM {$wpdb->ppc_exception_items} AS i INNER JOIN {$wpdb->ppc_exceptions} AS e ON i.exception_id = e.exception_id WHERE i.inherited_from = '0' AND e.agent_type = '{$agent_type}' {$ops_clause} {$type_clause} {$agent_clause} GROUP BY qry_agent_id, e.for_item_source, e.for_item_type, e.operation");
}
foreach ($results as $row) {
if (!$row->for_item_type) {
$type_label = '';
} else {
if (!($type_obj = pp_get_type_object($row->for_item_source, $row->for_item_type))) {
continue;
}
$type_label = $type_obj->labels->singular_name;
}
if ($op_obj = pp_get_op_object($row->operation, $row->for_item_type)) {
if ('assign' == $row->operation) {
if ($tx_obj = get_taxonomy($row->via_item_type)) {
$lbl = str_replace('Term', $tx_obj->labels->singular_name, $op_obj->label);
} else {
$lbl = $op_obj->label;
}
//$lbl = sprintf( __('%2$s: %1$s', 'pp'), $op_lbl, $type_label );
} elseif (isset($op_obj->abbrev)) {
$lbl = $op_obj->abbrev;
} else {
$lbl = sprintf(__('%1$s %2$s', 'pp'), $op_obj->label, $type_label);
}
} else {
$lbl = $type_label;
}
if (!isset($count[$row->qry_agent_id]['exceptions'][$lbl])) {
$count[$row->qry_agent_id]['exceptions'][$lbl] = 0;
}
$count[$row->qry_agent_id]['exceptions'][$lbl] += $row->exc_count;
if (!isset($count[$row->qry_agent_id]['exc_count'])) {
$count[$row->qry_agent_id]['exc_count'] = 0;
}
$count[$row->qry_agent_id]['exc_count'] += $row->exc_count;
}
return $count;
}
function log_term_data()
{
global $wp_object_cache, $wpdb, $pp, $typenow;
$taxonomy = pp_sanitize_key($_REQUEST['taxonomy']);
if (!empty($wp_object_cache->cache[$taxonomy])) {
if (isset($wp_object_cache->cache[$taxonomy])) {
// Note: As of WP 3.5, array is keyed "blog_id:term_id" on Multisite installs
$listed_term_ids = array();
foreach ($wp_object_cache->cache[$taxonomy] as $term) {
$listed_tt_ids[] = $term->term_taxonomy_id;
}
}
if (empty($_REQUEST['paged'])) {
$listed_tt_ids[] = 0;
}
} else {
return;
}
if (!empty($_REQUEST['pp_universal'])) {
$typenow = '';
} elseif (empty($typenow)) {
$typenow = isset($_REQUEST['post_type']) ? pp_sanitize_key($_REQUEST['post_type']) : '';
}
$this->exceptions = array();
if (!empty($listed_tt_ids)) {
$agent_type_csv = implode("','", array_merge(array('user'), pp_get_group_types()));
$id_csv = implode("','", $listed_tt_ids);
$post_type = !empty($_REQUEST['pp_universal']) ? '' : $typenow;
$for_type_csv = $typenow ? "'{$post_type}'" : "'', '{$taxonomy}'";
$results = $wpdb->get_results("SELECT DISTINCT i.item_id, e.operation FROM {$wpdb->ppc_exceptions} AS e INNER JOIN {$wpdb->ppc_exception_items} AS i ON e.exception_id = i.exception_id WHERE e.for_item_type IN ({$for_type_csv}) AND e.via_item_source = 'term' AND e.via_item_type = '{$taxonomy}' AND e.agent_type IN ('{$agent_type_csv}') AND i.item_id IN ('{$id_csv}')");
foreach ($results as $row) {
if (!isset($this->exceptions[$row->item_id])) {
$this->exceptions[$row->item_id] = array();
}
$this->exceptions[$row->item_id][] = $row->operation;
}
}
}
define('PP_MAX_DATE_STRING', '2035-01-01 00:00:00');
$dir = dirname(__FILE__);
require_once "{$dir}/lib/agapetry_lib.php";
require_once "{$dir}/api_pp.php";
require_once "{$dir}/defaults_pp.php";
require_once "{$dir}/defaults_ppx.php";
require_once "{$dir}/db-config_pp.php";
if (PP_MULTISITE) {
$func = "require('" . dirname(__FILE__) . "/db-config_pp.php');";
add_action('switch_blog', create_function('', $func));
}
add_action('set_current_user', '_pp_act_set_current_user', 99);
add_action('init', '_pp_act_on_init', 50);
global $pp_plugin_page, $pp_default_options, $pp_netwide_options, $pp_role_defs;
// ensure plugin_page is available immediately
$pp_plugin_page = is_admin() && isset($_GET['page']) ? pp_sanitize_key($_GET['page']) : '';
pp_refresh_options();
// retrieve stored options
$pp_default_options = pp_default_options();
if (PP_MULTISITE) {
$pp_netwide_options = apply_filters('pp_netwide_options', array('support_key', 'beta_updates'));
}
pp_register_group_type('pp_group', is_admin() ? array('labels' => (object) array('name' => __('Groups', 'pp'), 'singular_name' => __('Group', 'pp'))) : array());
if (defined('SSEO_VERSION')) {
require_once dirname(__FILE__) . '/eyes-only-helper_pp.php';
}
if (is_admin()) {
require_once $dir . '/admin/admin-load_pp.php';
} else {
add_action('pp_pre_init', '_pp_enable_attachment_metacap_workaround');
}
/**
* Prepare the query variables
*
* @access private
*/
function prepare_query()
{
global $wpdb;
$qv =& $this->query_vars;
$groups_table = apply_filters('pp_use_groups_table', $wpdb->pp_groups, $this->agent_type);
if (is_array($qv['fields'])) {
$qv['fields'] = array_unique($qv['fields']);
$this->query_fields = array();
foreach ($qv['fields'] as $field) {
$this->query_fields[] = $groups_table . '.' . esc_sql($field);
}
$this->query_fields = implode(',', $this->query_fields);
} elseif ('all' == $qv['fields']) {
$this->query_fields = "{$groups_table}.*";
} else {
$this->query_fields = "{$groups_table}.ID";
}
$this->query_from = "FROM {$groups_table}";
$this->query_where = "WHERE 1=1";
$group_variant = isset($_REQUEST['group_variant']) ? pp_sanitize_key($_REQUEST['group_variant']) : '';
$group_variant = apply_filters('pp_query_group_variant', $group_variant);
$require_meta_types = array();
if ('wp_role' == $group_variant) {
$require_meta_types[] = 'wp_role';
}
if ($require_meta_types) {
$this->query_where .= " AND {$groups_table}.metagroup_type IN ('" . implode("','", $require_meta_types) . "')";
}
$skip_meta_types = array();
if ($group_variant && 'wp_role' != $group_variant) {
$skip_meta_types[] = 'wp_role';
} else {
$pp_only_roles = (array) pp_get_option('supplemental_role_defs');
if (defined('CAPSMAN_ENH_VERSION') && version_compare(CAPSMAN_ENH_VERSION, '1.4.10', '<')) {
// version 1.4.9 and earlier stored redundant elements
$_pp_only_roles = (array) $pp_only_roles;
$pp_only_roles = array_unique($pp_only_roles);
if (count($pp_only_roles) != count($_pp_only_roles)) {
pp_update_option('supplemental_role_defs', $pp_only_roles);
}
}
if (pp_get_option('anonymous_unfiltered')) {
$pp_only_roles = array_merge($pp_only_roles, array('wp_anon', 'wp_all'));
}
$pp_only_roles = implode("','", $pp_only_roles);
$this->query_where .= " AND ( ( {$groups_table}.metagroup_type != 'wp_role' ) OR ( {$groups_table}.metagroup_id NOT IN ( '{$pp_only_roles}' ) ) )";
}
if ($skip_meta_types) {
$this->query_where .= " AND {$groups_table}.metagroup_type NOT IN ('" . implode("','", $skip_meta_types) . "')";
}
global $wp_roles;
$admin_roles = array();
if (isset($wp_roles->role_objects)) {
foreach (array_keys($wp_roles->role_objects) as $wp_role_name) {
if (!empty($wp_roles->role_objects[$wp_role_name]->capabilities['pp_administer_content']) || !empty($wp_roles->role_objects[$wp_role_name]->capabilities['pp_unfiltered'])) {
$admin_roles[$wp_role_name] = true;
}
}
}
if ($admin_roles) {
$this->query_where .= " AND {$groups_table}.metagroup_id NOT IN ('" . implode("','", array_keys($admin_roles)) . "')";
}
$skip_meta_ids = array();
if (!defined('RVY_VERSION') || defined('SCOPER_DEFAULT_MONITOR_GROUPS') || defined('PP_DEFAULT_MONITOR_GROUPS')) {
$skip_meta_ids = array_merge($skip_meta_ids, array('rv_pending_rev_notice_ed_nr_', 'rv_scheduled_rev_notice_ed_nr_'));
}
if ($skip_meta_ids) {
$this->query_where .= " AND {$groups_table}.metagroup_id NOT IN ('" . implode("','", $skip_meta_ids) . "')";
}
//$this->query_where .= "AND $groups_table.metagroup_id != 'wp_anon'";
// sorting
if ('ID' == $qv['orderby'] || 'id' == $qv['orderby']) {
$orderby = 'ID';
} else {
$orderby = 'group_name';
}
$qv['order'] = strtoupper($qv['order']);
if ('ASC' == $qv['order']) {
$order = 'ASC';
} else {
$order = 'DESC';
}
$this->query_orderby = "ORDER BY {$orderby} {$order}";
// limit
if ($qv['number']) {
if ($qv['offset']) {
$this->query_limit = $wpdb->prepare("LIMIT %d, %d", $qv['offset'], $qv['number']);
} else {
$this->query_limit = $wpdb->prepare("LIMIT %d", $qv['number']);
}
}
$search = trim($qv['search']);
if ($search) {
$leading_wild = ltrim($search, '*') != $search;
$trailing_wild = rtrim($search, '*') != $search;
if ($leading_wild && $trailing_wild) {
$wild = 'both';
} elseif ($leading_wild) {
$wild = 'leading';
} elseif ($trailing_wild) {
$wild = 'trailing';
} else {
$wild = false;
}
if ($wild) {
$search = trim($search, '*');
}
if (is_numeric($search)) {
$search_columns = array('ID');
} else {
$search_columns = array('group_name');
}
$this->query_where .= $this->get_search_sql($search, $search_columns, $wild);
}
// if user cannot edit all groups, filter displayed groups based on group-specific role assignments
if (!pp_is_user_administrator()) {
$reqd_caps = apply_filters('pp_edit_groups_reqd_caps', 'pp_manage_members', 'edit-group');
if (!current_user_can($reqd_caps)) {
global $wpdb, $pp_current_user;
$exc_agent_type = in_array($this->agent_type, array('pp_group', 'pp_net_group')) ? 'pp_group' : $this->agent_type;
$group_ids = isset($pp_current_user->except['manage_' . $exc_agent_type][$exc_agent_type]['']['additional'][$exc_agent_type]['']) ? $pp_current_user->except['manage_' . $exc_agent_type][$exc_agent_type]['']['additional'][$exc_agent_type][''] : array();
$this->query_where .= " AND {$groups_table}.ID IN ('" . implode("','", $group_ids) . "')";
}
}
$blog_id = absint($qv['blog_id']);
if (!empty($qv['include'])) {
$ids = implode(',', wp_parse_id_list($qv['include']));
$this->query_where .= " AND {$groups_table}.ID IN ({$ids})";
} elseif (!empty($qv['exclude'])) {
$ids = implode(',', wp_parse_id_list($qv['exclude']));
$this->query_where .= " AND {$groups_table}.ID NOT IN ({$ids})";
}
do_action_ref_array('pp_pre_group_query', array(&$this));
}
if ('pp_group' == $agent_type || !($group_type_obj = pp_get_group_type_object($agent_type))) {
$groups_caption = defined('PP_GROUPS_CAPTION') ? PP_GROUPS_CAPTION : __('Permission Groups', 'pp');
} else {
$groups_caption = $group_type_obj->labels->name;
}
echo esc_html($groups_caption);
/*
if ( current_user_can( 'pp_edit_groups' ) ) {
if ( PP_MULTISITE && pp_get_option('ms_netwide_groups') )
$url = 'users.php';
else
$url = 'admin.php';
}
*/
$url = 'admin.php';
$group_variant = isset($_REQUEST['group_variant']) ? pp_sanitize_key($_REQUEST['group_variant']) : 'pp_group';
if (pp_group_type_editable($group_variant) && current_user_can('pp_create_groups')) {
?>
<a href="<?php
echo add_query_arg(array('agent_type' => $agent_type, 'page' => 'pp-group-new'), $url);
?>
" class="add-new-h2"><?php
echo esc_html(__ppw('Add New'));
?>
</a>
<?php
}
echo '</h2>';
if (pp_get_option('display_hints')) {
echo '<div class="pp-hint">';
if (defined('PP_GROUPS_HINT')) {
public static function insert_exceptions($mod_type, $operation, $via_item_source, $via_item_type, $for_item_source, $for_item_type, $item_id, $agent_type, $agents, $args)
{
$defaults = array('assign_for' => 'item', 'remove_assignments' => false, 'for_item_status' => '', 'mod_type' => '', 'inherited_from' => array(), 'is_auto_insertion' => false);
// auto_insertion arg set for propagation from parent objects
$args = array_merge($defaults, (array) $args);
extract($args, EXTR_SKIP);
if (!$agents) {
return;
}
global $wpdb, $current_user;
$updated_items = array();
// for use with do_action hook
$updated_items[] = $item_id;
$assigner_id = $current_user->ID;
$operation = pp_sanitize_key($operation);
$via_item_source = pp_sanitize_key($via_item_source);
$for_item_source = pp_sanitize_key($for_item_source);
$for_item_type = pp_sanitize_key($for_item_type);
$item_id = (int) $item_id;
$agent_type = pp_sanitize_key($agent_type);
$mod_type = pp_sanitize_key($mod_type);
$via_item_type = pp_sanitize_key($via_item_type);
$for_item_status = pp_sanitize_csv($for_item_status);
$assign_for = pp_sanitize_key($assign_for);
if ('children' == $assign_for) {
if ('term' == $via_item_source) {
$descendant_ids = array();
if ($_term = $wpdb->get_row("SELECT term_id, taxonomy FROM {$wpdb->term_taxonomy} WHERE term_taxonomy_id = '{$item_id}' LIMIT 1")) {
if ($_term_ids = pp_get_descendant_ids('term', $_term->term_id)) {
$descendant_ids = pp_termid_to_ttid($_term_ids, $_term->taxonomy);
}
}
} else {
$descendant_ids = pp_get_descendant_ids($via_item_source, $item_id, array('include_attachments' => false));
// don't propagate page exceptions to attachments
}
if ($descendant_ids) {
// TODO: reinstate this?
/*
global $pp_admin;
if ( ! $is_auto_insertion ) {
// don't allow a page parent change to modify role assignments for a descendant object which the current user can't administer
$remove_ids = array();
foreach ( $descendant_ids as $id ) {
if ( 'term' == $scope ) {
if ( ! $pp_admin->user_can_admin_terms($item_source, $id) ) // TODO: add $args with 'taxonomy'
$remove_ids []= $id;
} else {
if ( ! $pp_admin->user_can_admin_object( $item_source, $id ) )
$remove_ids []= $id;
}
}
$descendant_ids = array_diff( $descendant_ids, $remove_ids );
}
*/
$descendant_id_csv = implode("','", $descendant_ids);
}
}
// Before inserting an exception, delete any overlooked old exceptions for the same src/type/status.
$match_cols = compact('mod_type', 'for_item_source', 'for_item_status', 'operation', 'agent_type', 'via_item_source', 'via_item_type');
$_clauses = array();
foreach ($match_cols as $col => $val) {
$_clauses[] = "{$col} = '{$val}'";
}
$qry_exc_select_base = "SELECT * FROM {$wpdb->ppc_exceptions} WHERE " . implode(' AND ', $_clauses);
$qry_exc_select_type_base = "SELECT for_item_type, exception_id FROM {$wpdb->ppc_exceptions} WHERE " . implode(' AND ', $_clauses);
$insert_exc_data = $match_cols;
$insert_exc_data['assigner_id'] = $assigner_id;
$qry_item_select_base = "SELECT eitem_id FROM {$wpdb->ppc_exception_items} WHERE assign_for = '{$assign_for}' AND item_id = '{$item_id}'";
$qry_item_delete_base = "SELECT eitem_id FROM {$wpdb->ppc_exception_items} WHERE 1=1";
foreach (array_keys($agents) as $agent_id) {
$agent_id = (int) $agent_id;
// first, retrieve or create the pp_exceptions record for this user/group and src,type,status
if (!($exc = $wpdb->get_row("{$qry_exc_select_base} AND for_item_type = '{$for_item_type}' AND agent_id = '{$agent_id}'"))) {
$insert_exc_data['agent_id'] = $agent_id;
$insert_exc_data['for_item_type'] = $for_item_type;
$wpdb->insert($wpdb->ppc_exceptions, $insert_exc_data);
$exception_id = $wpdb->insert_id;
} else {
$exception_id = $exc->exception_id;
}
$this_inherited_from = isset($inherited_from[$agent_id]) ? $inherited_from[$agent_id] : 0;
// delete any existing items for this exception_id
if ($eitem_ids = $wpdb->get_col($qry_item_select_base . " AND exception_id = '{$exception_id}'")) {
self::remove_exception_items_by_id($eitem_ids);
}
// insert exception items
$item_data = compact('item_id', 'assign_for', 'exception_id', 'assigner_id');
$item_data['inherited_from'] = $this_inherited_from;
$wpdb->insert($wpdb->ppc_exception_items, $item_data);
do_action('pp_inserted_exception_item', array_merge((array) $exc, $item_data));
$assignment_id = $wpdb->insert_id;
// insert exception for all descendant items
if ('children' == $assign_for && $descendant_ids) {
if (!$this_inherited_from) {
$this_inherited_from = (int) $assignment_id;
//$role_arr['inherited_from'] = $this_inherited_from;
}
$exceptions_by_type = array();
$_results = $wpdb->get_results("{$qry_exc_select_type_base} AND for_item_type = '{$for_item_type}' AND agent_id = '{$agent_id}'");
foreach ($_results as $row) {
$exceptions_by_type[$row->for_item_type] = $row->exception_id;
}
if ('term' == $via_item_source && taxonomy_exists($for_item_type)) {
// need to allow for descendants of a different post type than parent
$descendant_types = $wpdb->get_results("SELECT term_taxonomy_id, taxonomy AS for_item_type FROM {$wpdb->term_taxonomy} WHERE term_taxonomy_id IN ('" . implode("','", $descendant_ids) . "')", OBJECT_K);
} elseif ('post' == $via_item_source) {
$descendant_types = $wpdb->get_results("SELECT ID, post_type AS for_item_type FROM {$wpdb->posts} WHERE ID IN ('" . implode("','", $descendant_ids) . "')", OBJECT_K);
} else {
$descendant_types = array();
}
foreach ($descendant_ids as $id) {
if ($for_item_type) {
// allow for descendants with post type different from parent
if (!isset($descendant_types[$id])) {
$child_for_item_type = $for_item_type;
// if child type could not be determined, assume parent type
} elseif ('revision' == $descendant_types[$id]->for_item_type) {
continue;
} else {
$child_for_item_type = $descendant_types[$id]->for_item_type;
}
} else {
$child_for_item_type = '';
}
if (!isset($exceptions_by_type[$child_for_item_type])) {
$insert_exc_data['agent_id'] = $agent_id;
$insert_exc_data['for_item_type'] = $child_for_item_type;
$wpdb->insert($wpdb->ppc_exceptions, $insert_exc_data);
$exceptions_by_type[$child_for_item_type] = $wpdb->insert_id;
}
$child_exception_id = $exceptions_by_type[$child_for_item_type];
// Don't overwrite an explicitly assigned exception with a propagated exception
if (!defined('PP_FORCE_EXCEPTION_OVERWRITE') || !PP_FORCE_EXCEPTION_OVERWRITE) {
$have_direct_assignments = $wpdb->get_col("SELECT item_id FROM {$wpdb->ppc_exception_items} WHERE exception_id = '{$child_exception_id}' AND inherited_from = '0' AND item_id IN ('{$descendant_id_csv}')");
if (in_array($id, $have_direct_assignments)) {
continue;
}
}
if ($eitem_ids = $wpdb->get_col($qry_item_delete_base . " AND exception_id = '{$child_exception_id}' AND item_id = '{$id}'")) {
self::remove_exception_items_by_id($eitem_ids);
}
// note: Propagated roles will be converted to direct-assigned roles if the parent object/term is deleted.
//$role_arr['item_id'] = $id;
$item_data = array('item_id' => $id, 'assign_for' => 'item', 'exception_id' => $child_exception_id, 'inherited_from' => $this_inherited_from, 'assigner_id' => $assigner_id);
$wpdb->insert($wpdb->ppc_exception_items, $item_data);
do_action('pp_inserted_exception_item', array_merge((array) $exc, $item_data));
//if ( $role_hooks ) {
// $assignment_id = $wpdb->insert_id;
// $role_arr['assign_for'] = 'item';
//}
$item_data['assign_for'] = 'children';
$wpdb->insert($wpdb->ppc_exception_items, $item_data);
do_action('pp_inserted_exception_item', array_merge((array) $exc, $item_data));
//if ( $role_hooks ) {
// $assignment_id = $wpdb->insert_id;
// $role_arr['assign_for'] = 'children';
//}
$updated_items[] = $id;
}
}
}
// end foreach agent_id
return $updated_items;
}
<?php
if (empty($_GET['pp_for_type'])) {
exit;
}
if (!pp_bulk_roles_enabled()) {
exit;
}
$agent_type = pp_sanitize_key($_GET['pp_agent_type']);
$agent_id = (int) $_GET['pp_agent_id'];
$for_type = pp_sanitize_csv($_GET['pp_for_type']);
$operation = isset($_GET['pp_operation']) ? pp_sanitize_key($_GET['pp_operation']) : '';
$via_type = isset($_GET['pp_via_type']) ? pp_sanitize_key($_GET['pp_via_type']) : '';
$mod_type = isset($_GET['pp_mod_type']) ? pp_sanitize_key($_GET['pp_mod_type']) : '';
$item_id = isset($_GET['pp_item_id']) ? (int) $_GET['pp_item_id'] : 0;
if ('(all)' == $for_type) {
$for_src_name = 'post';
$via_src_name = 'term';
$for_type = '';
} else {
//$for_src_name = ( ! $for_type || post_type_exists( $for_type ) ) ? 'post' : 'term';
if (!$for_type || post_type_exists($for_type)) {
$for_src_name = 'post';
} elseif (taxonomy_exists($for_type)) {
$for_src_name = 'term';
} else {
$for_src_name = $for_type;
}
//$via_src_name = post_type_exists( $via_type ) ? 'post' : 'term';
if (post_type_exists($via_type)) {
$via_src_name = 'post';
function _pp_default_admin_options($options)
{
$options['support_data'] = array_fill_keys(array('pp_options', 'wp_roles_types', 'theme', 'active_plugins', 'pp_permissions', 'pp_group_members', 'error_log', 'post_data', 'term_data'), true);
return $options;
}
// make sure empty terms are included in quick search results in "Add Supplemental Roles" term selection metaboxes
if (pp_is_ajax('menu-quick-search')) {
function _term_select_include_empty($args, $taxonomies)
{
$args['hide_empty'] = 0;
return $args;
}
add_filter('get_terms_args', '_term_select_include_empty', 50, 2);
} elseif (pp_is_ajax('pp-menu-quick-search')) {
require_once dirname(__FILE__) . '/includes/item-menu_pp.php';
add_action('wp_ajax_' . pp_sanitize_key($_REQUEST['action']), '_pp_ajax_menu_quick_search', 1);
}
function pp_is_ajax($action)
{
return defined('DOING_AJAX') && DOING_AJAX && !empty($_REQUEST['action']) && in_array($_REQUEST['action'], (array) $action);
}
function pp_admin_init()
{
global $cap_interceptor_admin;
require_once dirname(__FILE__) . '/cap-interceptor-admin_pp.php';
$cap_interceptor_admin = new PP_CapInterceptorAdmin();
if (!empty($_POST) || !empty($_REQUEST['action']) || !empty($_REQUEST['action2']) || !empty($_REQUEST['pp_action'])) {
require_once dirname(__FILE__) . '/admin-handlers_pp.php';
}
// TODO: standardize ajax implementation
//if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) {
<?php
if (!defined('ABSPATH')) {
exit;
}
// Exit if accessed directly
if (empty($_GET['pp_src_name']) || empty($_GET['pp_object_type'])) {
exit;
}
if (!pp_bulk_roles_enabled()) {
exit;
}
$for_item_source = pp_sanitize_key($_GET['pp_src_name']);
$for_item_type = pp_sanitize_key($_GET['pp_object_type']);
$role_name = isset($_GET['pp_role_name']) ? pp_sanitize_csv($_GET['pp_role_name']) : '';
if ($force_vars = apply_filters('pp_ajax_role_ui_vars', array(), compact('for_item_source', 'for_item_type', 'role_name'))) {
extract($force_vars);
}
$html = '';
switch ($_GET['pp_ajax_ui']) {
case 'get_role_options':
if (!is_user_logged_in()) {
echo '<option>' . __('(login timed out)', 'pp') . '</option>';
exit;
}
global $pp_admin, $wp_roles, $pp_role_defs;
//$is_tx_management = ( 'term' == $for_item_source );
if ($roles = _pp_get_type_roles($for_item_source, $for_item_type)) {
foreach ($roles as $_role_name => $role_title) {
if (pp_user_can_admin_role($_role_name, $for_item_type)) {
$selected = $_role_name == $role_name ? "selected='selected'" : '';
/**
* Displays a metabox for a taxonomy menu item.
*
* @param string $object Not used.
* @param string $taxonomy The taxonomy object.
*/
function pp_nav_menu_item_taxonomy_meta_box($object, $taxonomy)
{
global $nav_menu_selected_id;
$taxonomy_name = $taxonomy['args']->name;
// paginate browsing for large numbers of objects
$per_page = 50;
$pagenum = isset($_REQUEST[$taxonomy_name . '-tab']) && isset($_REQUEST['paged']) ? absint($_REQUEST['paged']) : 1;
$offset = 0 < $pagenum ? $per_page * ($pagenum - 1) : 0;
$args = array('child_of' => 0, 'exclude' => '', 'hide_empty' => false, 'hierarchical' => 1, 'include' => '', 'number' => $per_page, 'offset' => $offset, 'order' => 'ASC', 'orderby' => 'name', 'pad_counts' => false);
$terms = get_terms($taxonomy_name, $args);
// kevinB: add "(none)" item for include exceptions
$none_obj = (object) array('term_taxonomy_id' => 0, 'parent' => 0, 'term_id' => 0, 'name' => __('(none)', 'pp'), 'object_id' => 0, 'title' => __('(none)', 'pp'), 'menu_item_parent' => 0, 'db_id' => 0);
$none_obj->_add_to_top = true;
$none_obj->label = __('(none)', 'pp');
array_unshift($terms, $none_obj);
if (!$terms || is_wp_error($terms)) {
echo '<p>' . __('No items.') . '</p>';
return;
}
$num_pages = ceil(wp_count_terms($taxonomy_name, array_merge($args, array('number' => '', 'offset' => ''))) / $per_page);
$page_links = paginate_links(array('base' => add_query_arg(array($taxonomy_name . '-tab' => 'all', 'paged' => '%#%', 'item-type' => 'taxonomy', 'item-object' => $taxonomy_name)), 'format' => '', 'prev_text' => __('«'), 'next_text' => __('»'), 'total' => $num_pages, 'current' => $pagenum));
$db_fields = false;
if (is_taxonomy_hierarchical($taxonomy_name)) {
$db_fields = array('parent' => 'parent', 'id' => 'term_id');
}
$walker = new PP_Walker_Nav_Menu_Checklist($db_fields);
$current_tab = 'most-used';
if (isset($_REQUEST[$taxonomy_name . '-tab']) && in_array($_REQUEST[$taxonomy_name . '-tab'], array('all', 'most-used', 'search'))) {
$current_tab = pp_sanitize_key($_REQUEST[$taxonomy_name . '-tab']);
}
if (!empty($_REQUEST['quick-search-taxonomy-' . $taxonomy_name])) {
$current_tab = 'search';
}
$removed_args = array('action', 'customlink-tab', 'edit-menu-item', 'menu-item', 'page-tab', '_wpnonce');
?>
<div id="taxonomy-<?php
echo $taxonomy_name;
?>
" class="taxonomydiv">
<ul id="taxonomy-<?php
echo $taxonomy_name;
?>
-tabs" class="taxonomy-tabs add-menu-item-tabs">
<li <?php
echo 'most-used' == $current_tab ? ' class="tabs"' : '';
?>
><a class="nav-tab-link" href="<?php
if ($nav_menu_selected_id) {
echo esc_url(add_query_arg($taxonomy_name . '-tab', 'most-used', remove_query_arg($removed_args)));
}
?>
#tabs-panel-<?php
echo $taxonomy_name;
?>
-pop"><?php
_e('Most Used');
?>
</a></li>
<li <?php
echo 'all' == $current_tab ? ' class="tabs"' : '';
?>
><a class="nav-tab-link" href="<?php
if ($nav_menu_selected_id) {
echo esc_url(add_query_arg($taxonomy_name . '-tab', 'all', remove_query_arg($removed_args)));
}
?>
#tabs-panel-<?php
echo $taxonomy_name;
?>
-all"><?php
_e('View All');
?>
</a></li>
<li <?php
echo 'search' == $current_tab ? ' class="tabs"' : '';
?>
><a class="nav-tab-link" href="<?php
if ($nav_menu_selected_id) {
echo esc_url(add_query_arg($taxonomy_name . '-tab', 'search', remove_query_arg($removed_args)));
}
?>
#tabs-panel-search-taxonomy-<?php
echo $taxonomy_name;
?>
"><?php
_e('Search');
?>
</a></li>
</ul>
<div id="tabs-panel-<?php
echo $taxonomy_name;
?>
-pop" class="tabs-panel <?php
echo 'most-used' == $current_tab ? 'tabs-panel-active' : 'tabs-panel-inactive';
?>
">
<ul id="<?php
echo $taxonomy_name;
?>
checklist-pop" class="categorychecklist form-no-clear" >
<?php
$popular_terms = get_terms($taxonomy_name, array('orderby' => 'count', 'order' => 'DESC', 'number' => 10, 'hierarchical' => false));
$args['walker'] = $walker;
echo walk_nav_menu_tree(array_map('wp_setup_nav_menu_item', $popular_terms), 0, (object) $args);
?>
</ul>
</div><!-- /.tabs-panel -->
<div id="tabs-panel-<?php
echo $taxonomy_name;
?>
-all" class="tabs-panel tabs-panel-view-all <?php
echo 'all' == $current_tab ? 'tabs-panel-active' : 'tabs-panel-inactive';
?>
">
<?php
if (!empty($page_links)) {
?>
<div class="add-menu-item-pagelinks">
<?php
echo $page_links;
?>
</div>
<?php
}
?>
<ul id="<?php
echo $taxonomy_name;
?>
checklist" class="list:<?php
echo $taxonomy_name;
?>
categorychecklist form-no-clear">
<?php
$args['walker'] = $walker;
echo walk_nav_menu_tree(array_map('wp_setup_nav_menu_item', $terms), 0, (object) $args);
?>
</ul>
<?php
if (!empty($page_links)) {
?>
<div class="add-menu-item-pagelinks">
<?php
echo $page_links;
?>
</div>
<?php
}
?>
</div><!-- /.tabs-panel -->
<div class="tabs-panel <?php
echo 'search' == $current_tab ? 'tabs-panel-active' : 'tabs-panel-inactive';
?>
" id="tabs-panel-search-taxonomy-<?php
echo $taxonomy_name;
?>
">
<?php
if (isset($_REQUEST['quick-search-taxonomy-' . $taxonomy_name])) {
$searched = esc_attr($_REQUEST['quick-search-taxonomy-' . $taxonomy_name]);
$search_results = get_terms($taxonomy_name, array('name__like' => $searched, 'fields' => 'all', 'orderby' => 'count', 'order' => 'DESC', 'hierarchical' => false));
} else {
$searched = '';
$search_results = array();
}
?>
<p class="quick-search-wrap">
<input type="search" class="pp-quick-search input-with-default-title" title="<?php
esc_attr_e('Search');
?>
" value="<?php
echo $searched;
?>
" name="quick-search-taxonomy-<?php
echo $taxonomy_name;
?>
" />
<img class="waiting" style="display:none" src="<?php
echo esc_url(admin_url('images/wpspin_light.gif'));
?>
" alt="" />
<?php
submit_button(__('Search'), 'quick-search-submit button-secondary hide-if-js', 'submit', false, array('id' => 'submit-quick-search-taxonomy-' . $taxonomy_name));
?>
</p>
<ul id="<?php
echo $taxonomy_name;
?>
-search-checklist" class="list:<?php
echo $taxonomy_name;
?>
categorychecklist form-no-clear">
<?php
if (!empty($search_results) && !is_wp_error($search_results)) {
?>
<?php
$args['walker'] = $walker;
echo walk_nav_menu_tree(array_map('wp_setup_nav_menu_item', $search_results), 0, (object) $args);
?>
<?php
} elseif (is_wp_error($search_results)) {
?>
<li><?php
echo $search_results->get_error_message();
?>
</li>
<?php
} elseif (!empty($searched)) {
?>
<li><?php
_e('No results found.');
?>
</li>
<?php
}
?>
</ul>
</div><!-- /.tabs-panel -->
<p class="button-controls">
<span class="list-controls">
<a href="<?php
echo esc_url(add_query_arg(array($taxonomy_name . '-tab' => 'all', 'selectall' => 1), remove_query_arg($removed_args)));
?>
#taxonomy-<?php
echo $taxonomy_name;
?>
" class="select-all"><?php
_e('Select All');
?>
</a>
</span>
<span class="add-to-menu">
<img class="waiting" style="display:none" src="<?php
echo esc_url(admin_url('images/wpspin_light.gif'));
?>
" alt="" />
<input type="submit"<?php
disabled($nav_menu_selected_id, 0);
?>
class="button-secondary submit-add-item-exception" value="<?php
esc_attr_e('Add Exceptions', 'pp');
?>
" name="add-taxonomy-menu-item" id="submit-taxonomy-<?php
echo $taxonomy_name;
?>
" />
</span>
</p>
</div><!-- /.taxonomydiv -->
<?php
}
exit;
}
if (!($arr_sfx = explode(':', pp_sanitize_csv($_GET['id_sfx'])))) {
return '';
}
$op = $arr_sfx[0];
$for_item_type = $arr_sfx[1];
$agent_type = $arr_sfx[2];
$item_id = $_GET['item_id'];
$for_item_source = taxonomy_exists($for_item_type) ? 'term' : 'post';
$agent_ids = explode(',', pp_sanitize_csv($_GET['agent_ids']));
echo "<!--ppSfx-->{$op}|{$for_item_type}|{$agent_type}<--ppSfx-->" . "<!--ppResponse-->";
require_once dirname(__FILE__) . '/item-exceptions-data_pp.php';
$exc_data = new PP_ItemExceptionsData();
$args = array('post_types' => (array) $for_item_type, 'agent_type' => $agent_type, 'operations' => $op, 'agent_id' => $agent_ids);
$exc_data->load_exceptions(pp_sanitize_key($_GET['via_item_source']), $for_item_source, pp_sanitize_key($_GET['via_item_type']), $item_id, $args);
require_once dirname(__FILE__) . '/item-exceptions-render-ui_pp.php';
$exc_render = new PP_ItemExceptionsRenderUI();
$echo = false;
$reqd_caps = false;
$hierarchical = 'term' == $_GET['via_item_source'] ? is_taxonomy_hierarchical($_GET['via_item_type']) : is_post_type_hierarchical($_GET['via_item_type']);
$hierarchical = apply_filters('pp_do_assign_for_children_ui', $hierarchical, $_GET['via_item_type'], $args);
$default_select = true;
$exc_render->set_options($agent_type);
foreach ($agent_ids as $agent_id) {
if (!$agent_id) {
continue;
}
$exc_render->draw_row($agent_type, $agent_id, array(), $exc_data->inclusions_active, $exc_data->agent_info[$agent_type][$agent_id], compact('echo', 'default_select', 'for_item_type', 'op', 'reqd_caps', 'hierarchical'));
}
echo "<--ppResponse-->";
_pp_edit_agent_exceptions($agent_id, $agent_type);
}
// cludged update of group members on role selection, due to inability to put them in the same form
if (pp_group_type_editable($agent_type) && pp_has_group_cap('pp_edit_groups', $agent_id, $agent_type)) {
_pp_trigger_group_edit($agent_id, $agent_type);
}
global $current_user;
update_user_option($current_user->ID, 'pp-permissions-tab', 'pp-add-exceptions');
$redirect = "{$url}?page=pp-edit-permissions&agent_id={$agent_id}&agent_type={$agent_type}&updated=1&pp_exc=1";
break;
case 'creategroup':
if (!current_user_can('pp_create_groups')) {
wp_die(__('You are not permitted to do that.', 'pp'));
}
check_admin_referer('pp-create-group', '_wpnonce_pp-create-group');
$agent_type = isset($_REQUEST['agent_type']) ? pp_sanitize_key($_REQUEST['agent_type']) : '';
if (!($agent_type = apply_filters('pp_query_group_type', $agent_type))) {
$agent_type = 'pp_group';
}
$retval = _pp_add_group($agent_type);
if (!is_wp_error($retval)) {
if (current_user_can('pp_assign_roles') && pp_bulk_roles_enabled()) {
_pp_edit_group_roles($retval, $agent_type);
}
$type_arg = 'pp_group' == $agent_type ? '' : "&agent_type={$agent_type}";
$redirect = "{$url}?page=pp-edit-permissions&action=edit&agent_id={$retval}{$type_arg}&created=1";
}
break;
}
// end switch
if (!empty($retval) && is_wp_error($retval)) {
<?php
/**
* Edit user administration panel.
*
* @package WordPress
* @subpackage Administration
*/
if (!defined('ABSPATH')) {
exit;
}
// Exit if accessed directly
require_once dirname(__FILE__) . '/permissions-ui_pp.php';
$agent_type = !empty($_REQUEST['agent_type']) ? pp_sanitize_key($_REQUEST['agent_type']) : 'pp_group';
if (empty($_REQUEST['agent_id'])) {
$agent_id = 0;
$agent = (object) array('metagroup_type' => '');
if ('user' != $agent_type) {
wp_die(__('No user/group specified.', 'pp'));
}
} else {
$agent_id = (int) $_REQUEST['agent_id'];
$agent = pp_get_agent($agent_id, $agent_type);
}
$metagroup_type = !empty($agent->metagroup_type) ? $agent->metagroup_type : '';
if ('user' == $agent_type) {
if (!current_user_can('pp_administer_content') || !current_user_can('list_users')) {
wp_die(__('You are not permitted to do that.', 'pp'));
}
if ($agent_id && empty($agent->ID)) {
wp_die(__('Invalid user ID.', 'pp'));
public static function get_roles($agent_type, $agent_id, $args = array())
{
global $wpdb;
$defaults = array('post_types' => true, 'taxonomies' => true, 'query_agent_ids' => false, 'force_refresh' => false);
$args = array_merge($defaults, $args);
extract($args, EXTR_SKIP);
$roles = array();
$agent_type = pp_sanitize_key($agent_type);
/* TODO: filter roles based on enabled types, taxonomies
if ( ! is_array($post_types) )
$post_types = pp_get_enabled_post_types( array(), 'object' );
if ( ! is_array($taxonomies) )
$taxonomies = pp_get_enabled_taxonomies( array(), 'object' );
*/
if ($query_agent_ids) {
static $agent_roles;
static $last_query_key;
if (!isset($agent_roles)) {
$agent_roles = array();
$last_query_agent_ids = false;
}
$query_key = serialize($query_agent_ids) . $agent_type;
} else {
$agent_roles = array();
$query_agent_ids = (array) $agent_id;
$query_key = false;
}
if (!isset($agent_roles[$agent_id]) || $last_query_key !== $query_key) {
foreach ($query_agent_ids as $_id) {
$agent_roles[$_id] = array();
}
$results = $wpdb->get_results("SELECT assignment_id, role_name, agent_id FROM {$wpdb->ppc_roles} WHERE agent_type = '{$agent_type}' AND agent_id IN ('" . implode("','", array_map('intval', $query_agent_ids)) . "') ORDER BY role_name");
$no_ext = !defined('PPCE_VERSION') && !defined('PPS_VERSION');
$no_custom_stati = !defined('PPS_VERSION');
foreach ($results as $row) {
// roles for these post statuses will not be applied if corresponding extensions are inactive, so do not indicate in users/groups listing or profile
if ($no_ext && strpos($row->role_name, ':post_status:') && !strpos($row->role_name, ':post_status:private')) {
continue;
} elseif ($no_custom_stati && strpos($row->role_name, ':post_status:') && !strpos($row->role_name, ':post_status:private') && !strpos($row->role_name, ':post_status:draft')) {
continue;
}
$agent_roles[$row->agent_id][$row->role_name] = $row->assignment_id;
}
$last_query_key = $query_key;
}
return isset($agent_roles[$agent_id]) ? $agent_roles[$agent_id] : array();
}
if (!defined('ABSPATH')) {
exit;
}
// Exit if accessed directly
require_once ABSPATH . '/wp-admin/includes/user.php';
require_once dirname(__FILE__) . '/admin-api_pp.php';
if (!isset($_GET['pp_agent_search'])) {
return;
}
$orig_search_str = $_GET['pp_agent_search'];
$search_str = sanitize_text_field($_GET['pp_agent_search']);
$agent_type = pp_sanitize_key($_GET['pp_agent_type']);
$agent_id = (int) $_GET['pp_agent_id'];
$topic = sanitize_text_field(str_replace('\\\\:', ',', $_GET['pp_topic']));
$omit_admins = (bool) $_GET['pp_omit_admins'];
$context = isset($_GET['pp_context']) ? pp_sanitize_key($_GET['pp_context']) : '';
if (strpos($topic, ',')) {
$arr_topic = explode(',', $topic);
if (isset($arr_topic[1])) {
if (taxonomy_exists($context)) {
$verified = true;
$ops = _pp_can_set_exceptions($arr_topic[0], $arr_topic[1], array('via_item_source' => 'term', 'via_item_type' => $context, 'for_item_source' => 'post')) ? array('read' => true) : array();
$operations = apply_filters('pp_item_edit_exception_ops', $ops, 'post', $context, $arr_topic[1]);
if (!in_array($arr_topic[0], $operations)) {
die(-1);
}
} elseif (post_type_exists($arr_topic[1])) {
$verified = true;
$ops = _pp_can_set_exceptions($arr_topic[0], $arr_topic[1], array('via_item_source' => 'post', 'for_item_source' => 'post')) ? array('read' => true) : array();
$operations = apply_filters('pp_item_edit_exception_ops', $ops, 'post', $arr_topic[1]);
if (!in_array($arr_topic[0], $operations)) {
public static function find_post_type($post_id = 0, $return_default = true)
{
if (defined('DOING_AJAX') && DOING_AJAX) {
// todo: separate function to eliminate redundancy with PP_QueryInterceptor::flt_posts_clauses()
$ajax_post_types = apply_filters('pp_ajax_post_types', array('ai1ec_doing_ajax' => 'ai1ec_event'));
foreach (array_keys($ajax_post_types) as $arg) {
if (!empty($_REQUEST[$arg]) || $arg == $_REQUEST['action']) {
return $ajax_post_types[$arg];
}
}
}
if ($post_id) {
// note: calling function already compared post_id to global $post
if ($_post = get_post($post_id)) {
$_type = $_post->post_type;
//if ( 'revision' == $_type )
// $_type = get_post_field( 'post_type', $_post->post_parent );
}
if (!empty($_type)) {
return $_type;
}
}
// no post id was passed in, or we couldn't retrieve it for some reason, so check $_REQUEST args
global $pagenow, $wp_query;
if (!empty($wp_query->queried_object)) {
if (isset($wp_query->queried_object->post_type)) {
$object_type = $wp_query->queried_object->post_type;
} elseif (isset($wp_query->queried_object->name)) {
if (post_type_exists($wp_query->queried_object->name)) {
// bbPress forums list
$object_type = $wp_query->queried_object->name;
}
}
} elseif (in_array($pagenow, array('post-new.php', 'edit.php'))) {
$object_type = !empty($_GET['post_type']) ? pp_sanitize_key($_GET['post_type']) : 'post';
} elseif (in_array($pagenow, array('edit-tags.php'))) {
$object_type = !empty($_REQUEST['taxonomy']) ? pp_sanitize_key($_REQUEST['taxonomy']) : 'category';
} elseif (in_array($pagenow, array('admin-ajax.php')) && !empty($_REQUEST['taxonomy'])) {
$object_type = pp_sanitize_key($_REQUEST['taxonomy']);
} elseif (!empty($_POST['post_ID'])) {
if ($_post = get_post($_POST['post_ID'])) {
$object_type = $_post->post_type;
}
} elseif (!empty($_GET['post'])) {
// post.php
if ($_post = get_post($_GET['post'])) {
$object_type = $_post->post_type;
}
} else {
global $pp_object_type;
if (!empty($pp_object_type)) {
$object_type = $pp_object_type;
}
}
if (empty($object_type)) {
if ($return_default) {
// default to post type
return 'post';
}
} elseif ('any' != $object_type) {
return $object_type;
}
}
