/**
* Check if an Access Area exists.
*
* @param string $cap Access Area Capability name
* @return boolean
*/
function wpaa_access_area_exists($cap)
{
if (!wpaa_is_access_area($cap)) {
return false;
}
return UndisclosedUserlabel::capability_exists($cap);
}
static function ajax_add_access_area()
{
if (wp_verify_nonce(@$_POST['_wp_ajax_nonce'], 'userlabel-new') && current_user_can('promote_users')) {
$cap_title = trim($_POST['cap_title']);
if (!$_POST['blog_id'] && !is_super_admin() || $_POST['blog_id'] && $_POST['blog_id'] != get_current_blog_id()) {
?>
<span class="disclosure-label-item error"><?php
_e('Insufficient privileges.', 'wp-access-areas');
?>
</span><?php
// throw_error: insufficient privileges
} else {
if (empty($cap_title)) {
?>
<span class="disclosure-label-item error"><?php
_e('Empty name.', 'wp-access-areas');
?>
</span><?php
// throw_error: empty name
} else {
$create_id = UndisclosedUserlabel::create_userlabel(array('cap_title' => $_POST['cap_title'], 'blog_id' => $_POST['blog_id']));
if ($create_id) {
$label = UndisclosedUserlabel::get_userlabel($create_id);
self::_select_label_formitem($label, true);
} else {
switch (UndisclosedUserlabel::what_went_wrong()) {
case 4:
// Error: area exists
?>
<span class="disclosure-label-item error"><?php
_e('Access Area exists.', 'wp-access-areas');
?>
</span><?php
// throw_error: insufficient privileges
break;
}
}
}
}
} else {
?>
<span class="disclosure-label-item error"><?php
_e('Insufficient privileges.', 'wp-access-areas');
?>
</span><?php
// throw_error: insufficient privileges
}
die;
}
static function edit_userlabels_screen($userlabel_id = 0)
{
global $wpdb;
if ($userlabel_id) {
$userlabel = UndisclosedUserlabel::get_userlabel($userlabel_id);
} else {
$userlabel = (object) array('cap_title' => '', 'blog_id' => get_current_blog_id());
}
$cap_title = $userlabel->cap_title;
if (!$cap_title && isset($_REQUEST['cap_title'])) {
$cap_title = $_REQUEST['cap_title'];
}
?>
<div class="wrap"><?php
?>
<div id="icon-undisclosed-userlabel" class="icon32"><br></div><?php
?>
<h2><?php
if ($userlabel_id) {
_e('Edit Access Area', 'wp-access-areas');
} else {
_e('Create Access Area', 'wp-access-areas');
}
?>
</h2>
<?php
self::_put_message();
?>
<?php
?>
<form id="create-user-label" method="post" action="<?php
echo $_SERVER['REQUEST_URI'];
?>
">
<!-- Now we can render the completed list table -->
<?php
if ($userlabel_id) {
?>
<input type="hidden" name="id" value="<?php
echo $userlabel_id;
?>
" />
<?php
}
?>
<?php
wp_nonce_field('userlabel-' . ($userlabel_id ? 'edit' : 'new'));
?>
<table class="form-table">
<tbody>
<tr>
<th scope="row"><label for="title"><?php
_e('Access Area', 'wp-access-areas');
?>
</label></th>
<td><input class="regular-text" maxlength="64" type="text" name="cap_title" value="<?php
echo $cap_title;
?>
" id="cap_title" placeholder="<?php
_e('New Access Area', 'wp-access-areas');
?>
" autocomplete="off" /></td>
</tr>
</tbody>
</table>
<button type="submit" class="button button-primary button-large"><?php
if ($userlabel_id) {
_e('Save changes', 'wp-access-areas');
} else {
_e('Create Access Area', 'wp-access-areas');
}
?>
</button>
</form><?php
?>
</div><?php
}
static function select_default_caps()
{
$option_values = get_option('wpaa_default_caps');
$post_types = get_post_types(array('show_ui' => true));
global $wp_roles;
$roles = $wp_roles->get_names();
$user_role_caps = wpaa_get_user_role_caps();
$rolenames = array();
$edit_rolenames = array();
foreach ($roles as $role => $rolename) {
$rolenames[$role] = $rolename;
}
$groups = UndisclosedUserlabel::get_label_array();
?>
<table class="wp-list-table widefat set-default-caps"><?php
?>
<thead><?php
?>
<tr><?php
?>
<th class="manage-column"><?php
_e('Post Type', 'wp-access-areas');
?>
</th><?php
?>
<th class="manage-column"><?php
_e('Reading');
?>
</th><?php
?>
<th class="manage-column"><?php
_e('Edit');
?>
</th><?php
?>
<th class="manage-column"><?php
_e('Post Comment');
?>
</th><?php
?>
</tr><?php
?>
</thead><?php
?>
<tfoot><?php
?>
<tr><?php
?>
<th class="manage-column"><?php
_e('Post Type', 'wp-access-areas');
?>
</th><?php
?>
<th class="manage-column"><?php
_e('Reading');
?>
</th><?php
?>
<th class="manage-column"><?php
_e('Edit');
?>
</th><?php
?>
<th class="manage-column"><?php
_e('Post Comment');
?>
</th><?php
?>
</tr><?php
?>
</tfoot><?php
?>
<tbody><?php
$alternate = false;
foreach ($post_types as $post_type) {
$post_type_object = get_post_type_object($post_type);
$editing_cap = $post_type_object->cap->edit_posts;
$alternate = !$alternate;
$edit_rolenames = array();
foreach ($roles as $role => $rolename) {
if (get_role($role)->has_cap($editing_cap)) {
$edit_rolenames[$role] = $rolename;
}
}
?>
<tr class="post-select <?php
if ($alternate) {
echo "alternate";
}
?>
"><?php
?>
<th><?php
echo $post_type_object->labels->name;
?>
</th><?php
?>
<td><?php
$action = 'post_view_cap';
$cap = isset($option_values[$post_type][$action]) ? $option_values[$post_type][$action] : 'exist';
if ($post_type != 'attachment' && ($post_type_object->public || $post_type_object->show_ui)) {
UndisclosedEditPost::access_area_dropdown($roles, $groups, wpaa_sanitize_access_cap($cap), "wpaa_default_caps[{$post_type}][{$action}]");
}
?>
</td><?php
?>
<td><?php
$action = 'post_edit_cap';
$cap = isset($option_values[$post_type][$action]) ? $option_values[$post_type][$action] : 'exist';
UndisclosedEditPost::access_area_dropdown($edit_rolenames, $groups, wpaa_sanitize_access_cap($cap), "wpaa_default_caps[{$post_type}][{$action}]");
?>
</td><?php
?>
<td><?php
$action = 'post_comment_cap';
$cap = isset($option_values[$post_type][$action]) ? $option_values[$post_type][$action] : 'exist';
if (post_type_supports($post_type, 'comments')) {
UndisclosedEditPost::access_area_dropdown($roles, $groups, wpaa_sanitize_access_cap($cap), "wpaa_default_caps[{$post_type}][{$action}]");
}
?>
</td><?php
?>
</tr><?php
}
?>
</tbody><?php
?>
</table><?php
}
private static function _clear_cache()
{
self::$_query_cache = array();
}
static function manage_disclosure_column($column, $post_ID)
{
global $wp_roles;
// var_dump($column,current_filter());
switch ($column) {
case 'view_cap':
$names = array_merge(array('exist' => __('Everybody', 'wp-access-areas'), 'read' => __('Blog users', 'wp-access-areas')), UndisclosedUserlabel::get_label_array(), $wp_roles->get_names());
$names[''] = $names['exist'];
$val = get_post($post_ID)->post_view_cap;
_e($names[$val]);
break;
case 'comment_cap':
$names = array_merge(array('exist' => __('Everybody', 'wp-access-areas'), 'read' => __('Blog users', 'wp-access-areas')), UndisclosedUserlabel::get_label_array(), $wp_roles->get_names());
$names[''] = $names['exist'];
$val = get_post($post_ID)->post_comment_cap;
_e($names[$val]);
break;
case 'edit_cap':
$names = array_merge(array('exist' => __('Everybody', 'wp-access-areas'), 'read' => __('Blog users', 'wp-access-areas')), UndisclosedUserlabel::get_label_array(), $wp_roles->get_names());
$names[''] = $names['exist'];
$val = get_post($post_ID)->post_edit_cap;
_e($names[$val]);
break;
}
}
function process_bulk_action()
{
//Detect when a bulk action is being triggered...
$action = $this->current_action();
$nonce = isset($_REQUEST['_wpnonce']) ? $_REQUEST['_wpnonce'] : false;
if (!$nonce) {
return;
}
if (-1 !== $action && wp_verify_nonce($nonce, 'bulk-' . $this->_args['plural'])) {
switch ($action) {
case 'delete':
foreach ($_REQUEST[$this->_args['plural']] as $ul_id) {
if ($ul = UndisclosedUserlabel::get_userlabel(intval($ul_id))) {
UndisclosedUserlabel::delete_userlabel(intval($ul_id));
}
}
return wp_redirect(add_query_arg(array('page' => 'user_labels', 'message' => 3, 'deleted' => count($_REQUEST[$this->_args['plural']])), $_SERVER['SCRIPT_NAME']));
default:
}
}
}
private static function _get_where($where, $table_name = 'p')
{
global $wpdb;
// disable filtering: on queries for single posts/pages and for single blog administrators
if (is_singular() && preg_match("/{$wpdb->posts}.(post_name|ID)\\s?=/", $where) || !is_multisite() && current_user_can('administrator')) {
return $where;
}
if ($table_name && substr($table_name, -1) !== '.') {
$table_name .= '.';
}
$caps = array('exist');
if (is_user_logged_in()) {
// get current user's groups
$roles = new WP_Roles();
// reading
if (current_user_can('read')) {
$caps[] = 'read';
}
// user's roles
$user_roles = wpaa_user_contained_roles();
foreach ($user_roles as $role) {
$caps[] = $role;
}
// user's custom caps
foreach (UndisclosedUserlabel::get_label_array() as $cap => $capname) {
if (wpaa_user_can_accessarea($cap)) {
$caps[] = $cap;
}
}
}
$add_where = " {$table_name}post_view_cap IN ('" . implode("','", $caps) . "')";
// if ( is_single() ) // why did I do this....?
// $add_where .= " OR (wpaa_postmeta.meta_value IS NOT NULL)";
$add_where = " AND ( {$add_where} ) ";
return $where . $add_where;
}
