/**
* Check if specified user can be managed by current user
*
* @param WP_User $user
*
* @return boolean
*
* @access public
*/
public function canManage(WP_User $user = null)
{
//AAM does not support multi-roles. Get only one first role
$roles = $user->roles;
$role = get_role(array_shift($roles));
//get user's highest level
$level = aam_Core_API::getUserLevel();
if (empty($role->capabilities['level_' . $level]) || !$role->capabilities['level_' . $level] || aam_Core_API::isSuperAdmin()) {
$response = true;
} else {
$response = false;
}
return $response;
}
/**
* Check if view can be managed
*
* @return void
*
* @access public
* @throw Exception You are not allowed to manage current view
*/
public function isManagable()
{
if ($this->getSubject()->getUID() == aam_Control_Subject_Role::UID) {
$caps = $this->getSubject()->capabilities;
} elseif ($this->getSubject()->getUID == aam_Control_Subject_User::UID) {
//AAM does not support multi-roles. Get only one first role
$roles = $this->getSubject()->roles;
$caps = get_role(array_shift($roles))->capabilities;
} else {
$caps = apply_filters('aam_managable_capabilities', null, $this);
}
if ($caps && !aam_Core_API::isSuperAdmin()) {
//get user's highest level
$level = aam_Core_API::getUserLevel();
if (!empty($caps['level_' . $level]) && $caps['level_' . $level]) {
throw new Exception(__('You are not allowed to manager current view', 'aam'));
}
}
return true;
}
/**
* Filter list of editable roles
*
* Does not allow for current user manager roles that have same or higher Level
*
* @param array $roles
*
* @return array
*
* @access public
*/
public function editableRoles($roles)
{
$filtered = array();
$level = aam_Core_API::getUserLevel();
//check if super admin is specified
if (aam_Core_API::isSuperAdmin() === false) {
foreach ($roles as $role => $info) {
if (empty($info['capabilities']["level_{$level}"]) || !$info['capabilities']["level_{$level}"]) {
$filtered[$role] = $info;
}
}
} else {
$filtered = $roles;
}
return $filtered;
}
