function item_tree($scope, $mode, $src, $otype_or_tx, $all_items, $assigned_roles, $strict_items, $role_defs_by_otype, $role_codes, $args = array())
{
$defaults = array('admin_items' => '', 'editable_roles' => '', 'ul_class' => 'rs-termlist', 'ie_link_style' => '', 'object_names' => '', 'table_captions' => '', 'err' => '', 'object_status' => '', 'agent_caption_plural' => '', 'agent_list_prefix' => '', 'agent_names' => '', 'default_hide_empty' => false, 'role_bases' => array(ROLE_BASIS_USER, ROLE_BASIS_GROUPS), 'single_item' => false);
$args = array_merge($defaults, (array) $args);
extract($args);
global $scoper;
if (!is_object($src)) {
$src = $scoper->data_sources->get($src);
}
$col_id = $src->cols->id;
$col_name = $src->cols->name;
$col_parent = isset($src->cols->parent) ? $src->cols->parent : '';
$item_label = $otype_or_tx->labels->singular_name;
if (TERM_SCOPE_RS == $scope) {
$src_or_tx_name = $otype_or_tx->name;
$edit_url_base = !empty($otype_or_tx->edit_url) ? $otype_or_tx->edit_url : '';
} else {
$src_or_tx_name = $src->name;
$edit_url_base = !empty($src->edit_url) ? $src->edit_url : '';
}
if ($default_hide_empty) {
$hide_tr_sfx = '-hide';
$hide_li_sfx = '-hide';
} else {
$hide_tr_sfx = '';
$hide_li_sfx = '';
}
$nextlink = '';
$prevlink = '';
if (empty($admin_items)) {
$admin_items = array();
}
if (empty($agent_caption_plural)) {
$agent_caption_plural = __('Users or Groups', 'scoper');
}
if (empty($agent_list_prefix)) {
$agent_list_prefix = array();
$agent_list_prefix[ROLE_BASIS_USER] = '';
$agent_list_prefix[ROLE_BASIS_GROUPS] = __('Groups') . ': ';
}
static $prevtext, $nexttext, $is_administrator, $role_header, $agents_header;
if (empty($prevtext)) {
// buffer prev/next caption for display with each term
//$prevtext = _ x('prev', '|abbreviated link to previous item', 'scoper');
//$nexttext = _ x('next', '|abbreviated link to next item', 'scoper');
$prevtext = __('prev', 'scoper');
$nexttext = __('next', 'scoper');
$is_administrator = is_administrator_rs($src, 'user');
$role_header = __awp('Role');
switch ($mode) {
case ROLE_ASSIGNMENT_RS:
//$agents_header = sprintf( _ x('Current %s', 'users or groups', 'scoper'), $agent_caption_plural);
$agents_header = sprintf(__('Current %s', 'scoper'), $agent_caption_plural);
break;
case ROLE_RESTRICTION_RS:
$agents_header = __('Current Restrictions', 'scoper');
break;
default:
return;
}
}
// disregard roles that don't apply to this scope
foreach ($role_defs_by_otype as $object_type => $role_defs) {
foreach ($role_defs as $role_handle => $role) {
if (!isset($role->valid_scopes[$scope])) {
unset($role_defs_by_otype[$object_type][$role_handle]);
}
}
}
// for object scope, assign "private post reader" role, but label it as "post reader" to limit confusion
$role_display_name = array();
foreach ($role_defs_by_otype as $role_defs) {
foreach (array_keys($role_defs) as $role_handle) {
$role_display_name[$role_handle] = $scoper->role_defs->get_display_name($role_handle, $scope . '_ui');
}
}
// display a separate role assignment list for each individual term / object
$last_id = -1;
$last_name = '';
$last_parent_id = -1;
$parent_id = 0;
$parents = array();
$depth = 0;
$_top_link = "<a{$ie_link_style} href='#scoper_top'>" . __('top', 'scoper') . '</a>';
$tr_display = strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false ? 'block' : 'table-row';
$show_all_caption = __('show all', 'scoper');
echo "<ul class='{$ul_class}' style='padding-left:0.1em;'>";
if (empty($all_items)) {
$all_items = array();
}
if (!$single_item && is_user_administrator_rs() && 'nav_menu' != $src_or_tx_name) {
// TODO: action handler for new menu item storage
if (ROLE_ASSIGNMENT_RS == $mode) {
$root_caption = sprintf(__('DEFAULTS for new %s', 'scoper'), $otype_or_tx->labels->name);
} else {
$root_caption = sprintf(__('DEFAULTS for all %s', 'scoper'), $otype_or_tx->labels->name);
}
if (TERM_SCOPE_RS == $scope) {
$root_item = (object) array($col_id => 0, $col_name => $root_caption, $col_parent => 0);
array_unshift($all_items, $root_item);
} else {
$obj = (object) array($col_id => 0);
$all_items = array($root_caption => $obj) + $all_items;
$object_names[0] = $root_caption;
$status_objects = 'post' == $src->name ? get_post_stati(array(), 'object') : array();
}
}
$title_roles = __('edit roles', 'scoper');
$title_item = sprintf(__('edit %s', 'scoper'), agp_strtolower($item_label));
foreach ($all_items as $key => $item) {
$id = $item->{$col_id};
if (!empty($object_names[$id])) {
$name = esc_attr(str_replace(' ', ' ', $object_names[$id]));
} else {
$name = str_replace(' ', ' ', $item->{$col_name});
}
if ($col_parent && isset($item->{$col_parent})) {
$parent_id = $item->{$col_parent};
if ($parent_id != $last_parent_id) {
if ($parent_id == $last_id && $last_id) {
$parents[$last_name] = $last_id;
echo "<ul class='{$ul_class}'>";
$depth++;
} elseif ($depth) {
do {
//echo "term $name: depth $depth, current parents: " . print_r($parents);
array_pop($parents);
echo '</li></ul>';
$depth--;
} while ($parents && end($parents) != $parent_id && $depth);
}
$last_parent_id = $parent_id;
}
}
if ($is_administrator || isset($admin_items[$last_id])) {
if (!$last_id) {
// always close li for defaults
echo '</li>';
} elseif (-1 != $last_id && $parent_id != $last_id) {
echo '</li>';
}
}
if (OBJECT_SCOPE_RS == $scope) {
if (isset($object_status) && !empty($object_status[$id]) && 'publish' != $object_status[$id] && 'private' != $object_status[$id]) {
$status_text = isset($status_objects[$object_status[$id]]) ? "{$status_objects[$object_status[$id]]->label}, " : "{$object_status[$id]}, ";
} else {
$status_text = '';
}
$link_span_open = $status_text ? "<span class='rs-brown'>" : '';
$link_span_close = $status_text ? "</span>" : '';
// link from object name to our "Edit Object Role Assignment" interface
if ($id) {
$rs_edit_url = "admin.php?page=rs-object_role_edit&src_name={$src_or_tx_name}&object_type={$otype_or_tx->name}&object_id={$id}&object_name=" . urlencode($name);
$name_text = "{$link_span_open}<a title='{$title_roles}' href='{$rs_edit_url}'>{$name}</a>{$link_span_close}";
} else {
$name_text = $name;
}
// link from object ID to the object type's default editor, if defined
if ($id && $edit_url_base) {
$content_edit_url = sprintf($edit_url_base, $id);
$id_text = "<a title='{$title_item}' href='{$content_edit_url}' class='edit'>{$id}</a>";
} else {
$id_text = $id;
}
$id_text = $id ? " ({$status_text}" . sprintf(__('id %s', 'scoper'), $id_text) . ')' : '';
} elseif ($id && TERM_SCOPE_RS == $scope && $edit_url_base) {
$content_edit_url = sprintf($edit_url_base, $id);
$name_text = "<a class='rs-dlink_rev' href='{$content_edit_url}' title='{$title_item}'>{$name}</a>";
$id_text = '';
} else {
$name_text = $name;
$id_text = '';
}
//display scroll links for this term
if (TERM_SCOPE_RS == $scope) {
$prevlink = $last_id && !$single_item && $id ? "<a{$ie_link_style} href='#item-" . $last_id . "'>" . $prevtext . "</a>" : '';
}
if ($id && (!$is_administrator && !isset($admin_items[$id]))) {
continue;
}
$last_id = $id;
$last_name = $name;
$next_id = $id && isset($all_items[$key + 1]) ? $all_items[$key + 1]->{$col_id} : 0;
if (TERM_SCOPE_RS == $scope) {
if ($next_id) {
$nextlink = "<a{$ie_link_style} href='#item-" . $next_id . "'>" . $nexttext . "</a>";
} elseif ($id) {
$nextlink = "<span class='rs-termlist_linkspacer'>{$nexttext}</span>";
} else {
$nextlink = '';
}
}
if ($parents) {
//$color_class = ( TERM_SCOPE_RS == $scope ) ? 'rs-lgray' : 'rs-gray';
//$item_path = "<span class='$color_class'>" . implode(' / ', array_keys($parents)) . ' / ' . '</span>';
$item_path = implode(' / ', array_keys($parents)) . ' / ';
$margin = '';
$top_pad = '1.5em';
} else {
$item_path = '';
$margin = 'margin-top:2em;';
$top_pad = '0.2em';
}
$js_call = "agp_toggle_display('roles-{$id}','block','tgl-{$id}', '-', '+');" . "agp_toggle_display('jump-{$id}','block');";
$role_class = '';
if ($id) {
// never hide defaults block
if (ROLE_ASSIGNMENT_RS == $mode) {
$role_class = '';
if (!isset($assigned_roles[ROLE_BASIS_USER][$id]) && !isset($assigned_roles[ROLE_BASIS_GROUPS][$id])) {
$role_class = " no-rol-li{$hide_li_sfx}";
} elseif (!isset($assigned_roles[ROLE_BASIS_USER][$id])) {
$role_class = " no-user-li";
} elseif (!isset($assigned_roles[ROLE_BASIS_GROUPS][$id])) {
$role_class = " no-groups-li";
}
} elseif (ROLE_RESTRICTION_RS == $mode) {
$role_class = " no-rol-li{$hide_li_sfx}";
$setting_types = array('restrictions', 'unrestrictions');
foreach ($setting_types as $setting_type) {
if (isset($strict_items[$setting_type])) {
foreach (array_keys($strict_items[$setting_type]) as $role_handle) {
// key is role_handle
if (isset($strict_items[$setting_type][$role_handle][$id])) {
$role_class = '';
break;
}
}
}
}
}
}
$class = $role_class ? "class='" . trim($role_class) . "' " : '';
echo "\r\n\r\n<li {$class}style='padding:{$top_pad} 0.5em 0 0.3em;{$margin}'>";
if (!$single_item) {
$top_link = $id ? $_top_link : '';
echo "<a name='item-{$id}'></a>" . "<span id='jump-{$id}' class='rs-termjump alignright'>{$prevlink}{$nextlink}" . $top_link . '</span>' . "<strong><a class='rs-link_plain_rev term-tgl' id='tgl-{$id}' href='javascript:void(0);' onclick=\"{$js_call}\" title=\"{$otype_or_tx->labels->singular_name} {$id}: {$name}\">" . "-</a></strong> " . $item_path . '<strong>' . $name_text . '</strong>' . $id_text . ': ';
}
echo "</li><li id='roles-{$id}' class='role-li{$role_class}'>";
?>
<table class='rs-widefat rs-role-tbl'>
<thead>
<tr class="thead">
<th class="rs-tightcol"><?php
$js_call = "agp_display_child_nodes( 'tbl-{$id}', 'TR', '{$tr_display}' );";
echo "<a href='javascript:void(0);' title='{$show_all_caption}' onclick=\"{$js_call}\">+</a>";
?>
</th>
<th class="rs-tightcol"><?php
echo $role_header;
?>
</th>
<th><?php
echo $agents_header;
?>
</th>
</tr>
</thead>
<tbody id='<?php
echo "tbl-{$id}";
?>
'>
<?php
// display each role eligible for group/user assignment in this term/object
foreach ($role_defs_by_otype as $object_type => $role_defs) {
$vals = array();
$ids = array();
if (!$single_item) {
foreach (array_keys($role_defs) as $role_handle) {
// retain previous selections in case of error ( user forgets to select groups/users )
$vals[$role_handle] = "{$role_codes[$role_handle]}-{$id}";
// pre-generate all checkbox ids in this op_type, to pass to javascript
$ids[$role_handle] = 'rs-' . $vals[$role_handle];
}
}
foreach (array_keys($role_defs) as $role_handle) {
// Does current user have this role?
if (!$single_item && ($is_administrator || !is_array($editable_roles) || !empty($editable_roles[0][$role_handle]) || !empty($editable_roles[$id][$role_handle]))) {
$form_id = $id || ROLE_ASSIGNMENT_RS == $mode ? 'roles' : 'default_restrictions';
$checked = $err && isset($_POST[$form_id]) && in_array($vals[$role_handle], $_POST[$form_id]) ? 'checked="checked"' : '';
if (ROLE_ASSIGNMENT_RS == $mode) {
//$skip_if_id = 'assign_for'; // reduced html bulk by making 3rd & 4th args of agp_uncheck default to these values
//$skip_if_val = REMOVE_ASSIGNMENT_RS;
$js_call = "agp_uncheck('" . implode(',', $ids) . "',this.id);";
$onclick = "onclick=\"{$js_call}\"";
} else {
$onclick = '';
}
$checkbox = "<input type='checkbox' name='{$form_id}[]' id='{$ids[$role_handle]}' value='{$vals[$role_handle]}' {$checked} {$onclick} />";
$label = "<label for='{$ids[$role_handle]}'>" . str_replace(' ', ' ', $role_display_name[$role_handle]) . "</label>";
} else {
$checkbox = '';
$label = str_replace(' ', ' ', $role_display_name[$role_handle]);
}
$classes = array();
if ($default_strict = isset($strict_items['unrestrictions'][$role_handle]) && is_array($strict_items['unrestrictions'][$role_handle])) {
$setting = 'unrestrictions';
} else {
$setting = 'restrictions';
}
if (isset($strict_items[$setting][$role_handle][$id])) {
if ($single_item) {
$require_for = $strict_items[$setting][$role_handle][$id];
$open_brace = $close_brace = '';
} else {
$require_for = $strict_items[$setting][$role_handle][$id]['assign_for'];
$open_brace = $strict_items[$setting][$role_handle][$id]['inherited_from'] ? '{' : '';
$close_brace = $open_brace ? '}' : '';
}
} else {
$require_for = false;
$open_brace = $close_brace = '';
}
switch ($mode) {
case ROLE_ASSIGNMENT_RS:
$open_brace = $close_brace = '';
$assignment_list = array();
foreach ($role_bases as $role_basis) {
if (isset($assigned_roles[$role_basis][$id][$role_handle])) {
$checkbox_id = $single_item ? '' : $role_basis;
$assignment_names = array_intersect_key($agent_names[$role_basis], $assigned_roles[$role_basis][$id][$role_handle]);
$assignment_list[$role_basis] = "<span class='{$role_basis}-csv'><span class='rs-bold'>" . $agent_list_prefix[$role_basis] . '</span>' . ScoperAdminBulkLib::role_assignment_list($assigned_roles[$role_basis][$id][$role_handle], $assignment_names, $checkbox_id, $role_basis) . '</span>';
}
}
$setting_display = implode(' ', $assignment_list);
// don't hide rows for default roles
if ($id) {
if (!isset($assigned_roles[ROLE_BASIS_USER][$id][$role_handle]) && !isset($assigned_roles[ROLE_BASIS_GROUPS][$id][$role_handle])) {
$classes[] = "no-rol{$hide_tr_sfx}";
} elseif (!isset($assigned_roles[ROLE_BASIS_USER][$id][$role_handle])) {
$classes[] = "no-user";
} elseif (!isset($assigned_roles[ROLE_BASIS_GROUPS][$id][$role_handle])) {
$classes[] = "no-groups";
}
}
break;
case ROLE_RESTRICTION_RS:
if (!$id) {
$setting_display = $table_captions[$setting]['default'];
} elseif ($require_for) {
$setting_display = $table_captions[$setting][$require_for];
} else {
$setting_display = '(' . $table_captions[$setting][false] . ')';
// don't hide rows for default restrictions
if ($id) {
$classes[] = " no-rol{$hide_tr_sfx}";
}
}
}
// end switch $mode
switch ($require_for) {
case ASSIGN_FOR_BOTH_RS:
$open_brace = '<span class="rs-bold">' . $open_brace;
$close_brace .= '</span>';
break;
case ASSIGN_FOR_CHILDREN_RS:
$open_brace = '<span class="rs-gray">' . $open_brace;
$close_brace .= '</span>';
}
// end switch
if (empty($default_strict) && $require_for && $require_for != ASSIGN_FOR_CHILDREN_RS || !empty($default_strict) && !$require_for) {
$classes[] = 'rs-backylw';
}
$class = $classes ? " class='" . implode(' ', $classes) . "'" : '';
echo "\r\n" . "<tr{$class}>" . "<td>{$checkbox}</td>" . "<td>{$label}</td>" . "<td>{$open_brace}{$setting_display}{$close_brace}</td>" . "</tr>";
}
// end foreach role
}
// end foreach object_type
echo '</tbody></table>';
}
// end foreach term
while ($depth) {
echo '</li></ul>';
$depth--;
}
echo '</li>';
echo '</ul><br /><ul>';
// now display "select all" checkboxes for all terms in this taxonomy
if (empty($single_item)) {
if (defined('SCOPER_EXTRA_SUBMIT_BUTTON')) {
echo '<li class="alignright"><span class="submit" style="border:none;"><input type="submit" name="rs_submit" value="' . __('Update »', 'scoper') . '" /></span></li>';
}
?>
<li><table class='widefat' style='width:auto;'>
<thead>
<tr class="thead">
<th colspan="2"><?php
printf(__('select / unselect all:', 'scoper'), agp_strtolower($otype_or_tx->labels->name));
?>
</th>
<!--<th colspan="2" style="text-align: center"><?php
_e('Actions');
?>
</th>-->
</tr>
</thead>
<tbody id="bulk_roles-<?php
echo $otype_or_tx->name;
?>
">
<?php
//convert allterms stdobj to array for implosion
$all_items_arr = array();
foreach ($all_items as $item) {
$all_items_arr[] = $item->{$col_id};
}
$all_items_ser = implode('-', $all_items_arr);
//display "check for every term" shortcuts for each individual role
global $scoper;
$style = ' class="rs-backwhite"';
foreach ($role_defs_by_otype as $object_type => $roles) {
foreach (array_keys($roles) as $role_handle) {
$style = ' class="alternate"' == $style ? ' class="rs-backwhite"' : ' class="alternate"';
// $check_shorcut was displayed in first <td>
$id = "rs-Z-{$role_codes[$role_handle]}";
$caption = ' <span class="rs-subtext">' . sprintf(__('(all %s)', 'scoper'), agp_strtolower($otype_or_tx->labels->name)) . '</span>';
$js_call = "scoper_checkroles('{$id}', '{$all_items_ser}', '{$role_codes[$role_handle]}');";
echo "\n\t<tr {$style}>" . "<td><input type='checkbox' id='{$id}' onclick=\"{$js_call}\" /></td>" . "<td><label for='{$id}'>" . $scoper->role_defs->get_display_name($role_handle, $scope . '_ui') . "{$caption}</label></td>" . "</tr>";
}
// end foreach role
}
// end foreach roledef
echo '</tbody></table></li></ul><br />';
}
// endif not single item
}
function scoper_object_roles_list($viewing_user, $args = array())
{
$html = '';
if (!USER_ROLES_RS && !GROUP_ROLES_RS) {
wp_die(__awp('Cheatin’ uh?'));
}
$defaults = array('enforce_duration_limits' => true, 'is_user_profile' => false, 'echo' => true);
$args = array_merge($defaults, (array) $args);
extract($args);
global $scoper, $wpdb, $current_user;
if ($viewing_user) {
if (!is_object($viewing_user)) {
global $current_rs_user;
if ($viewing_user == $current_rs_user->ID) {
$viewing_user = $current_rs_user;
} else {
$viewing_user = new WP_Scoped_User($viewing_user);
}
}
}
$all_roles = array();
$role_display = array();
foreach ($scoper->role_defs->get_all_keys() as $role_handle) {
if ($viewing_user) {
$role_display[$role_handle] = $scoper->role_defs->get_display_name($role_handle, OBJECT_UI_RS);
} else {
$role_display[$role_handle] = $scoper->role_defs->get_abbrev($role_handle, OBJECT_UI_RS);
}
}
if (!$is_user_profile) {
$require_blogwide_editor = scoper_get_option('role_admin_blogwide_editor_only');
if ('admin' === $require_blogwide_editor && !is_user_administrator_rs()) {
return false;
}
if ('admin_content' === $require_blogwide_editor && !is_content_administrator_rs()) {
return false;
}
} else {
$require_blogwide_editor = false;
}
foreach ($scoper->data_sources->get_all() as $src_name => $src) {
$otype_count = 0;
if (!empty($src->taxonomy_only) || $src_name == 'group' && !$viewing_user) {
continue;
}
$strict_objects = $scoper->get_restrictions(OBJECT_SCOPE_RS, $src_name);
foreach ($src->object_types as $object_type => $otype) {
$otype_count++;
$disable_role_admin = false;
if ($require_blogwide_editor) {
if (!$scoper->user_can_edit_blogwide('post', $object_type, array('require_others_cap' => true))) {
$disable_role_admin = true;
}
}
if (!empty($src->cols->type) && !empty($otype->name)) {
$col_type = $src->cols->type;
$otype_clause = "AND {$src->table}.{$col_type} = '{$otype->name}'";
} elseif ($otype_count < 2) {
$otype_clause = '';
} else {
continue;
}
$col_id = $src->cols->id;
$col_name = $src->cols->name;
$ug_clause_for_user_being_viewed = $viewing_user ? $viewing_user->get_user_clause('uro') : '';
// TODO: replace join with uro subselect
$qry = "SELECT DISTINCT {$src->table}.{$col_name}, {$src->table}.{$col_id}, uro.role_name, uro.date_limited, uro.start_date_gmt, uro.end_date_gmt" . " FROM {$src->table} ";
$join = " INNER JOIN {$wpdb->user2role2object_rs} AS uro" . " ON uro.obj_or_term_id = {$src->table}.{$col_id}" . " AND uro.src_or_tx_name = '{$src_name}'" . " AND uro.scope = 'object' AND uro.role_type = 'rs'";
$duration_clause = $enforce_duration_limits ? scoper_get_duration_clause("{$src->table}.{$src->cols->date}") : '';
$status_clause = 'post' == $src_name ? "AND post_status != 'auto-draft'" : '';
// TODO: version update script to delete post roles on auto-drafts (stored via default roles)
$where = " WHERE 1=1 {$status_clause} {$otype_clause} {$duration_clause} {$ug_clause_for_user_being_viewed}";
$orderby = " ORDER BY {$src->table}.{$col_name} ASC, uro.role_name ASC";
$qry .= $join . $where . $orderby;
$results = scoper_get_results($qry);
if (!is_user_administrator_rs()) {
// no need to filter admins - just query the assignments
// only list role assignments which the logged-in user can administer
$args['required_operation'] = OP_EDIT_RS;
// Possible TODO: re-implement OP_ADMIN distinction with admin-specific capabilities
/*
if ( cr_get_reqd_caps( $src_name, OP_ADMIN_RS, $object_type ) {
$args['required_operation'] = OP_ADMIN_RS;
} else {
$reqd_caps = array();
foreach (array_keys($src->statuses) as $status_name) {
$admin_caps = $scoper->cap_defs->get_matching($src_name, $object_type, OP_ADMIN_RS, $status_name);
$delete_caps = $scoper->cap_defs->get_matching($src_name, $object_type, OP_DELETE_RS, $status_name);
$reqd_caps[$object_type][$status_name] = array_merge(array_keys($admin_caps), array_keys($delete_caps));
}
$args['force_reqd_caps'] = $reqd_caps;
}
*/
$qry = "SELECT {$src->table}.{$col_id} FROM {$src->table} WHERE 1=1";
$args['require_full_object_role'] = true;
$qry_flt = apply_filters('objects_request_rs', $qry, $src_name, $object_type, $args);
$cu_admin_results = scoper_get_col($qry_flt);
if (empty($viewing_user) || $current_user->ID != $viewing_user->ID) {
foreach ($results as $key => $row) {
if (!in_array($row->{$col_id}, $cu_admin_results)) {
unset($results[$key]);
}
}
} else {
// for current user's view of their own user profile, just de-link unadminable objects
$link_roles = array();
$link_objects = array();
if (!$disable_role_admin) {
foreach ($results as $key => $row) {
if (in_array($row->{$col_id}, $cu_admin_results)) {
$link_roles[$row->{$col_id}] = true;
}
}
$args['required_operation'] = OP_EDIT_RS;
$args['require_full_object_role'] = false;
if (isset($args['force_reqd_caps'])) {
unset($args['force_reqd_caps']);
}
$qry_flt = apply_filters('objects_request_rs', $qry, $src_name, $object_type, $args);
$cu_edit_results = scoper_get_col($qry_flt);
foreach ($results as $key => $row) {
if (in_array($row->{$col_id}, $cu_edit_results)) {
$link_objects[$row->{$col_id}] = true;
}
}
}
}
}
$object_roles = array();
$objnames = array();
if ($results) {
$got_object_roles = true;
foreach ($results as $row) {
if (!isset($objnames[$row->{$col_id}])) {
if ('post' == $src->name) {
$objnames[$row->{$col_id}] = apply_filters('the_title', $row->{$col_name}, $row->{$col_id});
} else {
$objnames[$row->{$col_id}] = $row->{$col_name};
}
}
$role_handle = 'rs_' . $row->role_name;
if ($row->date_limited) {
$duration_key = serialize(array('start_date_gmt' => $row->start_date_gmt, 'end_date_gmt' => $row->end_date_gmt));
} else {
$duration_key = '';
}
$object_roles[$duration_key][$row->{$col_id}][$role_handle] = true;
}
} else {
continue;
}
?>
<?php
$title_roles = __('edit roles', 'scoper');
foreach (array_keys($object_roles) as $duration_key) {
$date_caption = '';
$limit_class = '';
$limit_style = '';
$link_class = '';
if ($duration_key) {
$html .= "<h3 style='margin-bottom:0'>{$date_caption}</h3>";
$duration_limits = unserialize($duration_key);
$duration_limits['date_limited'] = true;
ScoperAdminUI::set_agent_formatting($duration_limits, $date_caption, $limit_class, $link_class, $limit_style);
$title = "title='{$date_caption}'";
$date_caption = '<span class="rs-gray"> ' . trim($date_caption) . '</span>';
} else {
$title = "title='{$title_roles}'";
}
if (!$disable_role_admin && (is_user_administrator_rs() || $cu_admin_results)) {
//if ( ( $src_name != $object_type ) && ( 'post' != $object_type ) ) { // menu links currently assume unique object type names
// $roles_page = "rs-roles-{$object_type}_{$src_name}";
//} else {
$roles_page = "rs-{$object_type}-roles";
//}
$url = "admin.php?page={$roles_page}";
$html .= "<h4><a name='{$object_type}' href='{$url}'><strong>" . sprintf(__('%1$s Roles%2$s:', 'scoper'), $otype->labels->singular_name, '</strong></a><span style="font-weight:normal">' . $date_caption) . "</span></h4>";
} else {
$html .= "<h4><strong>" . sprintf(__('%1$s Roles%2$s:', 'scoper'), $otype->labels->singular_name, $date_caption) . "</strong></h4>";
}
$html .= "<ul class='rs-termlist'><li>" . "<table class='widefat'>" . "<thead>" . "<tr class='thead'>" . "\t<th class='rs-tightcol'>" . __('ID') . "</th>" . "\t<th>" . __awp('Name') . "</th>" . "\t<th>" . __('Role Assignments', 'scoper') . "</th>" . "</tr>" . "</thead>";
$id_clause = isset($role_codes[$role_handle]) ? "id='roles-{$role_codes[$role_handle]}'" : '';
$html .= "<tbody {$id_clause}>";
$style = ' class="rs-backwhite"';
$title_item = sprintf(__('edit %s', 'scoper'), agp_strtolower($otype->labels->singular_name));
foreach ($object_roles[$duration_key] as $obj_id => $roles) {
$object_name = esc_attr($objnames[$obj_id]);
$html .= "\n\t<tr{$style}>";
$link_this_object = !isset($link_objects) || isset($link_objects[$obj_id]);
// link from object ID to the object type's default editor, if defined
if ($link_this_object && !empty($src->edit_url)) {
$src_edit_url = sprintf($src->edit_url, $obj_id);
$html .= "<td><a href='{$src_edit_url}' class='edit' title='{$title_item}'>{$obj_id}</a></td>";
} else {
$html .= "<td>{$obj_id}</td>";
}
$name = !empty($objnames[$obj_id]) ? $objnames[$obj_id] : __('(untitled)', 'scoper');
// link from object name to our "Edit Object Role Assignment" interface
$link_this_role = !isset($link_roles) || isset($link_roles[$obj_id]);
if ($link_this_role) {
if ('group' == $object_type) {
$rs_edit_url = sprintf($src->edit_url, $obj_id);
} else {
$rs_edit_url = "admin.php?page=rs-object_role_edit&src_name={$src_name}&object_type={$object_type}&object_id={$obj_id}&object_name={$object_name}";
}
$html .= "\n\t<td><a {$title}{$limit_style}class='{$link_class}{$limit_class}' href='{$rs_edit_url}'>{$name}</a></td>";
} else {
$html .= "\n\t<td>{$name}</td>";
}
$html .= "<td>";
$role_list = array();
foreach (array_keys($roles) as $role_handle) {
// roles which require object assignment are asterisked (bolding would contradict the notation of term roles list, where propogating roles are bolded)
if (isset($strict_objects['restrictions'][$role_handle][$obj_id]) || isset($strict_objects['unrestrictions'][$role_handle]) && is_array($strict_objects['unrestrictions'][$role_handle]) && !isset($strict_objects['unrestrictions'][$role_handle][$obj_id])) {
$role_list[] = "<span class='rs-backylw'>" . $role_display[$role_handle] . '</span>';
} else {
$role_list[] = $role_display[$role_handle];
}
}
$html .= implode(', ', $role_list);
$html .= '</td></tr>';
$style = ' class="alternate"' == $style ? ' class="rs-backwhite"' : ' class="alternate"';
}
// end foreach object_roles
$html .= '</tbody></table>';
$html .= '</li></ul><br />';
}
// end foreach role date range
}
// end foreach object_types
}
// end foreach data source
if ($echo) {
echo $html;
} else {
return $html;
}
}
function role_owners_key($tx_or_otype, $args = array())
{
$defaults = array('display_links' => true, 'display_restriction_key' => true, 'restriction_caption' => '', 'role_basis' => '', 'agent_caption' => '', 'single_item' => false);
$args = array_merge($defaults, (array) $args);
extract($args);
$item_label = agp_strtolower($tx_or_otype->labels->name);
$item_label_singular = agp_strtolower($tx_or_otype->labels->singular_name);
if ($role_basis) {
if (!$agent_caption && $role_basis) {
$agent_caption = ROLE_BASIS_GROUPS == $role_basis ? __('Group', 'scoper') : __('User', 'scoper');
}
$generic_name = ROLE_BASIS_GROUPS == $role_basis ? __('Groupname', 'scoper') : __('Username', 'scoper');
} else {
$generic_name = __awp('Name');
}
$agent_caption = agp_strtolower($agent_caption);
if ($single_item) {
echo '<div id="single_item_roles_key" style="display:none">';
echo '<div style="margin-bottom:0.1em;margin-top:0"><strong><a name="scoper_key"></a>' . __("Users / Groups Key", 'scoper') . ':</strong></div><ul class="rs-agents_key">';
} else {
echo '<h4 style="margin-bottom:0.1em"><a name="scoper_key"></a>' . __("Users / Groups Key", 'scoper') . ':</h4><ul class="rs-agents_key">';
}
$link_open = $display_links ? "<a class='rs-link_plain' href='javascript:void(0)'>" : '';
$link_close = $display_links ? '</a>' : '';
echo '<li>';
echo "{$link_open}{$generic_name}{$link_close}: ";
printf(__('%1$s has role assigned for the specified %2$s.', 'scoper'), $agent_caption, $item_label_singular);
echo '</li>';
echo '<li>';
echo "<span class='rs-bold'>{$link_open}{$generic_name}{$link_close}</span>: ";
printf(__('%1$s has role assigned for the specified %2$s and, by default, for all its sub-%3$s. (Propagated roles can also be explicitly removed).', 'scoper'), $agent_caption, $item_label_singular, $item_label);
echo '</li>';
echo '<li>';
echo "<span class='rs-bold rs-gray'>{$link_open}{$generic_name}{$link_close}</span>: ";
printf(__('%1$s does NOT have role assigned for the specified %2$s, but has it by default for sub-%3$s.', 'scoper'), $agent_caption, $item_label_singular, $item_label);
echo '</li>';
echo '<li>';
echo '<span class="rs-bold">{' . "{$link_open}{$generic_name}{$link_close}" . '}</span>: ';
printf(__('%1$s has this role via propagation from parent %2$s, and by default for sub-%3$s.', 'scoper'), $agent_caption, $item_label_singular, $item_label);
echo '</li>';
if ($display_restriction_key) {
echo '<li>';
echo "<span class='rs-bold rs-backylw' style='border:1px solid #00a;padding-left:0.5em;padding-right:0.5em'>" . __('Role Name', 'scoper') . "</span>: ";
echo "<span>" . sprintf(__('role is restricted for specified %s.', 'scoper'), $item_label_singular) . "</span>";
echo '</li>';
}
echo '</ul>';
if ($single_item) {
echo '</div><br />';
}
}
function scoper_admin_section_restrictions($taxonomy)
{
global $scoper, $scoper_admin;
$tx = $scoper->taxonomies->get($taxonomy);
if (empty($tx) || empty($tx->requires_term)) {
wp_die(__('Invalid taxonomy', 'scoper'));
}
$is_administrator = is_administrator_rs($tx, 'user');
if (!$scoper_admin->user_can_admin_terms($taxonomy)) {
wp_die(__awp('Cheatin’ uh?'));
}
require_once dirname(__FILE__) . '/admin-bulk_rs.php';
$role_assigner = init_role_assigner();
$nonce_id = 'scoper-assign-roles';
$role_codes = ScoperAdminBulk::get_role_codes();
echo '<a name="scoper_top"></a>';
// retrieve all terms to track hierarchical relationship, even though some may not be adminable by current user
$val = ORDERBY_HIERARCHY_RS;
$args = array('order_by' => $val);
$all_terms = $scoper->get_terms($taxonomy, UNFILTERED_RS, COLS_ALL_RS, 0, $args);
// =========================== Submission Handling =========================
if (isset($_POST['rs_submit'])) {
$err = ScoperAdminBulk::role_submission(TERM_SCOPE_RS, ROLE_RESTRICTION_RS, '', $taxonomy, $role_codes, '', $nonce_id);
if (scoper_get_option('file_filtering')) {
scoper_flush_file_rules();
}
} else {
$err = 0;
}
// =========================== Prepare Data ===============================
$tx_src = $scoper->data_sources->get($tx->source);
if ($col_id = $tx_src->cols->id) {
// determine which terms current user can admin
if ($admin_terms = $scoper->get_terms($taxonomy, ADMIN_TERMS_FILTER_RS, COL_ID_RS)) {
$admin_terms = array_fill_keys($admin_terms, true);
}
} else {
$admin_terms = array();
}
// =========================== Display UI ===============================
?>
<div class="wrap agp-width97">
<?php
$tx_label = $tx->labels->singular_name;
$src_label = $scoper->data_sources->member_property($tx->object_source, 'labels', 'singular_name');
echo '<h2>' . sprintf(__('%s Restrictions', 'scoper'), $tx_label);
echo ' <span style="font-size: 0.6em; font-style: normal">(<a href="#scoper_notes">' . __('see notes', 'scoper') . '</a>)</span></h2>';
if (scoper_get_option('display_hints')) {
echo '<div class="rs-hint">';
if ('category' == $taxonomy && scoper_get_otype_option('use_object_roles', 'post', 'post')) {
printf(__('Reduce access by requiring some role(s) to be %1$s%2$s-assigned%3$s (or %4$s-assigned). Corresponding General Roles (whether assigned by WordPress or Role Scoper) are ignored.', 'scoper'), "<a href='admin.php?page=rs-{$taxonomy}-roles_t'>", $tx_label, '</a>', $src_label);
} else {
printf(__('Reduce access by requiring some role(s) to be %1$s%2$s-assigned%3$s. Corresponding General Role assignments are ignored.', 'scoper'), "<a href='admin.php?page=rs-{$taxonomy}-roles_t'>", $tx_label, '</a>');
}
echo '</div>';
}
if (!($role_defs_by_otype = $scoper->role_defs->get_for_taxonomy($tx->object_source, $taxonomy))) {
echo '<br />' . sprintf(__('Role definition error (taxonomy: %s).', 'scoper'), $taxonomy);
echo '</div>';
return;
}
if (empty($admin_terms)) {
echo '<br />' . sprintf(__('Either you do not have permission to administer any %s, or none exist.', 'scoper'), $tx->labels->name);
echo '</div>';
return;
}
?>
<form action="" method="post" name="role_scope" id="role_assign">
<?php
wp_nonce_field($nonce_id);
echo '<br /><div id="rs-term-scroll-links">';
echo ScoperAdminBulkLib::taxonomy_scroll_links($tx, $all_terms, $admin_terms);
echo '</div><hr />';
// ============ Assignment Mode Selection Display ================
// TODO: is Link Category label handled without workaround now?
$tx_label = agp_strtolower($tx->labels->name);
$tx_label_singular = agp_strtolower($tx->labels->singular_name);
$parent_col = $tx_src->cols->parent;
if (!$parent_col || !empty($tx->uses_standard_schema) && empty($tx->hierarchical)) {
$assignment_modes = array(ASSIGN_FOR_ENTITY_RS => sprintf(__('for selected %s', 'scoper'), $tx_label));
} else {
$assignment_modes = array(ASSIGN_FOR_ENTITY_RS => sprintf(__('for selected %s', 'scoper'), $tx_label), ASSIGN_FOR_CHILDREN_RS => sprintf(__('for sub-%s of selected', 'scoper'), $tx_label), ASSIGN_FOR_BOTH_RS => sprintf(__('for selected and sub-%s', 'scoper'), $tx_label));
}
$max_scopes = array('term' => __('Restrict selected roles', 'scoper'), 'blog' => __('Unrestrict selected roles', 'scoper'));
$args = array('max_scopes' => $max_scopes, 'scope' => TERM_SCOPE_RS);
ScoperAdminBulk::display_inputs(ROLE_RESTRICTION_RS, $assignment_modes, $args);
ScoperAdminBulk::item_tree_jslinks(ROLE_RESTRICTION_RS);
// IE (6 at least) won't obey link color directive in a.classname CSS
$ie_link_style = strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false ? ' style="color:white;"' : '';
$args = array('include_child_restrictions' => true, 'return_array' => true, 'role_type' => 'rs', 'force_refresh' => true);
$strict_terms = $scoper->get_restrictions(TERM_SCOPE_RS, $taxonomy, $args);
//strict_terms[taxonomy][role name][term_id] = array: terms which require Role Scoper assignment for specified role (user blog roles ignored, required caps may be supplied by scoper term role or object-specific assignment)
// (for other terms, Role Scoper role assignment is optional (term role assignments will supplement blog caps)
$editable_roles = array();
foreach ($all_terms as $term) {
$id = $term->{$col_id};
foreach ($role_defs_by_otype as $object_type => $role_defs) {
foreach (array_keys($role_defs) as $role_handle) {
if ($role_assigner->user_has_role_in_term($role_handle, $taxonomy, $id, '', array('src_name' => $tx->object_source, 'object_type' => $object_type))) {
$editable_roles[$id][$role_handle] = true;
}
}
}
}
$default_restrictions = $scoper->get_default_restrictions(TERM_SCOPE_RS);
$default_strict_roles = !empty($default_restrictions[$taxonomy]) ? array_flip(array_keys($default_restrictions[$taxonomy])) : array();
$table_captions = ScoperAdminUI::restriction_captions(TERM_SCOPE_RS, $tx, $tx_label_singular, $tx_label);
$args = array('admin_items' => $admin_terms, 'editable_roles' => $editable_roles, 'default_strict_roles' => $default_strict_roles, 'ul_class' => 'rs-termlist', 'ie_link_style' => $ie_link_style, 'err' => $err, 'table_captions' => $table_captions);
ScoperAdminBulk::item_tree(TERM_SCOPE_RS, ROLE_RESTRICTION_RS, $tx_src, $tx, $all_terms, '', $strict_terms, $role_defs_by_otype, $role_codes, $args);
echo '<a href="#scoper_top">' . __('top', 'scoper') . '</a>';
echo '<hr />';
echo '<h4 style="margin-bottom:0.1em"><a name="scoper_notes"></a>' . __("Notes", 'scoper') . ':</h4><ul class="rs-notes">';
$osrc = $scoper->data_sources->get($tx->object_source);
if (empty($osrc->no_object_roles)) {
echo '<li>';
printf(__('Any %1$s Restriction causes the specified role to be granted only via %1$s Role assignment, regardless of these %2$s settings.', 'scoper'), $osrc->labels->singular_name, $tx->labels->singular_name);
echo '</li></ul>';
}
?>
</form>
</div>
<?php
}
function _agents_checklist_display($agents_subset, $role_basis, $all_agents, $id_prefix, $stored_assignments, $args, &$key, &$action_links)
{
$defaults = array('eligible_ids' => '', 'locked_ids' => '', 'suppress_extra_prefix' => false, 'check_for_incomplete_submission' => false, 'checkall_threshold' => 6, 'filter_threshold' => 10, 'default_hide_threshold' => 20, 'caption_length_limit' => 20, 'emsize_threshold' => 4, 'objtype_display_name' => '', 'objtype_display_name_plural' => '', 'propagation' => false, 'for_children_ids' => '', 'for_entity_ids' => '', 'via_other_scope_ids' => '', 'via_other_scope_prefix' => '/', 'via_other_scope_suffix' => '/', 'via_other_role_ids' => '', 'via_other_role_prefix' => '(', 'via_other_role_suffix' => ')', 'via_other_basis_ids' => '', 'via_other_basis_prefix' => "|", 'via_other_basis_suffix' => '|', 'inherited_prefix' => '{', 'inherited_suffix' => '}', 'suppress_last_agents' => false);
$args = array_merge($defaults, (array) $args);
extract($args);
$ie_checkbox_style = !empty($GLOBALS['is_IE']) ? "style='height:1em'" : '';
if (ELIGIBLE_ITEMS_RS == $agents_subset && scoper_get_option("{$role_basis}_role_assignment_csv")) {
return ScoperAgentsChecklist::eligible_agents_input_box($role_basis, $id_prefix, $propagation);
}
if (is_array($eligible_ids) && empty($eligible_ids)) {
$eligible_ids = array(-1);
} else {
if (!is_array($eligible_ids)) {
$eligible_ids = array();
} else {
$eligible_ids = array_flip($eligible_ids);
}
}
if (!is_array($stored_assignments)) {
$stored_assignments = array();
}
if (!is_array($locked_ids)) {
$locked_ids = array();
} else {
$locked_ids = array_flip($locked_ids);
}
if (!is_array($for_children_ids)) {
$for_children_ids = array();
} else {
$for_children_ids = array_flip($for_children_ids);
}
if (is_array($for_entity_ids) && !empty($for_entity_ids)) {
$for_entity_ids = array_flip($for_entity_ids);
}
if (!$via_other_scope_ids || !is_array($via_other_scope_ids)) {
$via_other_scope_ids = array();
} else {
$via_other_scope_ids = array_flip($via_other_scope_ids);
}
if (!is_array($via_other_role_ids)) {
$via_other_role_ids = array();
} else {
$via_other_role_ids = array_flip($via_other_role_ids);
}
if (!is_array($via_other_basis_ids)) {
$via_other_basis_ids = array();
} else {
$via_other_basis_ids = array_flip($via_other_basis_ids);
}
if (!$suppress_extra_prefix) {
$id_prefix .= "_{$role_basis}";
}
$any_inherited = $any_other_scope = $any_other_role = $any_other_basis = $any_date_limits = false;
$agent_count = array();
$agent_count[CURRENT_ITEMS_RS] = count($stored_assignments);
if (empty($eligible_ids)) {
$agent_count[ELIGIBLE_ITEMS_RS] = count($all_agents) - count($stored_assignments);
} elseif ($eligible_ids != array(-1)) {
foreach (array_keys($all_agents) as $_key) {
$all_agent_ids[$all_agents[$_key]->ID] = true;
}
$eligible_ids = array_intersect_key($eligible_ids, $all_agent_ids);
$agent_count[ELIGIBLE_ITEMS_RS] = count(array_diff_key($eligible_ids, $stored_assignments));
} else {
$agent_count[ELIGIBLE_ITEMS_RS] = 0;
}
$default_hide_filtered_list = $default_hide_threshold && $agent_count[$agents_subset] > $default_hide_threshold;
$checked = $agents_subset == CURRENT_ITEMS_RS ? $checked = "checked='checked'" : '';
// determine whether to show caption, show/hide checkbox and filter textbox
$any_display_filtering = $agent_count[CURRENT_ITEMS_RS] > $filter_threshold || $agent_count[ELIGIBLE_ITEMS_RS] > $filter_threshold;
if ($agent_count[$agents_subset] > $filter_threshold) {
if (ROLE_BASIS_GROUPS == $role_basis) {
$caption = CURRENT_ITEMS_RS == $agents_subset ? __('show current groups (%d)', 'scoper') : __('show eligible groups (%d)', 'scoper');
} else {
$caption = CURRENT_ITEMS_RS == $agents_subset ? __('show current users (%d)', 'scoper') : __('show eligible users (%d)', 'scoper');
}
$js_call = "agp_display_if('div_{$agents_subset}_{$id_prefix}', this.id);" . "agp_display_if('chk-links_{$agents_subset}_{$id_prefix}', this.id);";
$flt_checked = !$default_hide_filtered_list ? "checked='checked'" : '';
$ul_class = 'rs-agents-ul';
echo "<ul class='rs-list_horiz {$ul_class}'><li>";
// IE6 (at least) does not render label reliably without this
echo "<input type='checkbox' name='rs-jscheck[]' value='validate_me_{$agents_subset}_{$id_prefix}' id='chk_{$agents_subset}_{$id_prefix}' {$flt_checked} onclick=\"{$js_call}\" {$ie_checkbox_style} /> ";
echo "<strong><label for='chk_{$agents_subset}_{$id_prefix}'>";
printf($caption, $agent_count[$agents_subset]);
echo '</label></strong>';
echo '</li>';
$class = $default_hide_filtered_list ? '' : 'class="agp_js_show"';
echo "\r\n" . "<li style='clear:both;'> <label for='flt_{$agents_subset}_{$id_prefix}' id='lbl_flt_{$id_prefix}'>";
_e('filter:', 'scoper');
$js_call = "agp_filter_ul('list_{$agents_subset}_{$id_prefix}', this.value, 'chk_{$agents_subset}_{$id_prefix}', 'chk-links_{$agents_subset}_{$id_prefix}');";
echo " <input type='text' id='flt_{$agents_subset}_{$id_prefix}' size='10' onkeyup=\"{$js_call}\" />";
echo "</label></li>";
echo "<li {$class} style='display:none;' id='chk-links_{$agents_subset}_{$id_prefix}'>";
$js_call = "agp_check_by_name('{$id_prefix}[]', true, true, false, 'list_{$agents_subset}_{$id_prefix}', 1);";
echo "\r\n" . " " . "<a href='javascript:void(0)' onclick=\"{$js_call}\">";
_e('select', 'scoper');
echo '</a> ';
$js_call = "agp_check_by_name('{$id_prefix}[]', '', true, false, 'list_{$agents_subset}_{$id_prefix}', 1);";
echo "\r\n" . "<a href='javascript:void(0)' onclick=\"{$js_call}\">";
_e('unselect', 'scoper');
echo "</a>";
if ($propagation) {
$js_call = "agp_check_by_name('p_{$id_prefix}[]', true, true, false, 'list_{$agents_subset}_{$id_prefix}', 1);";
echo "\r\n" . " " . "<a href='javascript:void(0)' onclick=\"{$js_call}\">";
_e('propagate', 'scoper');
echo '</a> ';
$js_call = "agp_check_by_name('p_{$id_prefix}[]', '', true, false, 'list_{$agents_subset}_{$id_prefix}', 1);";
echo "\r\n" . "<a href='javascript:void(0)' onclick=\"{$js_call}\">";
_e('unpropagate', 'scoper');
echo "</a>";
}
echo '</li></ul>';
} else {
$ul_class = '';
if ($agent_count[$agents_subset]) {
echo "<ul class='rs-list_horiz rs-agents_filter {$ul_class}'><li>";
if (ROLE_BASIS_GROUPS == $role_basis) {
$caption = CURRENT_ITEMS_RS == $agents_subset ? __('current groups (%d):', 'scoper') : __('eligible groups (%d):', 'scoper');
} else {
$caption = CURRENT_ITEMS_RS == $agents_subset ? __('current users (%d):', 'scoper') : __('eligible users (%d):', 'scoper');
}
printf("<div class='rs-agents_caption'><strong>{$caption}</strong></div>", $agent_count[$agents_subset]);
echo '</li></ul>';
}
}
$title = '';
if ($propagation) {
if (!$otype_label_singular) {
$otype_label_singular = __('object', 'scoper');
}
if (!$otype_label) {
$otype_label = __('objects', 'scoper');
}
}
if ($any_display_filtering || $agent_count[$agents_subset] > $emsize_threshold) {
global $wp_locale;
$rtl = isset($wp_locale) && 'rtl' == $wp_locale->text_direction;
// -------- determine required list item width -----------
if ($caption_length_limit > 40) {
$caption_length_limit = 40;
}
if ($caption_length_limit < 10) {
$caption_length_limit = 10;
}
$longest_caption_length = 0;
foreach ($all_agents as $agent) {
$id = $agent->ID;
if (is_array($for_entity_ids)) {
$role_assigned = isset($for_entity_ids[$id]) || isset($for_children_ids[$id]);
} else {
$role_assigned = isset($stored_assignments[$id]);
}
switch ($agents_subset) {
case CURRENT_ITEMS_RS:
if (!$role_assigned) {
continue 2;
}
break;
default:
//ELIGIBLE_ITEMS_RS
if ($role_assigned) {
continue 2;
}
if ($eligible_ids && !isset($eligible_ids[$id])) {
continue 2;
}
}
$caption = ROLE_BASIS_GROUPS == $role_basis && $agent->meta_id ? ScoperAdminLib::get_metagroup_name($agent->meta_id) : $agent->display_name;
if ($role_assigned && !empty($stored_assignments[$id]['inherited_from'])) {
$caption = $inherited_prefix . $caption . $inherited_suffix;
} elseif (!$role_assigned && isset($via_other_basis_ids[$id])) {
$caption = $via_other_basis_prefix . $caption . $via_other_basis_suffix;
} elseif (isset($via_other_role_ids[$id])) {
$caption = $via_other_role_prefix . $caption . $via_other_role_suffix;
} elseif (isset($via_other_scope_ids[$id])) {
$caption = $via_other_scope_prefix . $caption . $via_other_scope_suffix;
}
if (strlen($caption) > $longest_caption_length) {
if (strlen($caption) >= $caption_length_limit) {
$longest_caption_length = $caption_length_limit + 2;
} else {
$longest_caption_length = strlen($caption);
}
}
}
if ($longest_caption_length < 10) {
$longest_caption_length = 10;
}
//if ( ! $ems_per_character = scoper_get_option('ems_per_character') )
if (defined('UI_EMS_PER_CHARACTER')) {
$ems_per_character = UI_EMS_PER_CHARACTER;
} else {
$ems_per_character = 0.85;
}
$list_width_ems = $ems_per_character * $longest_caption_length;
if ($propagation) {
$list_width_ems = $list_width_ems + 1.0;
}
$ems_integer = intval($list_width_ems);
$ems_half = $list_width_ems - $ems_integer >= 0.5 ? '_5' : '';
$ul_class = "rs-agents_list_{$ems_integer}{$ems_half}";
$hide_class = $default_hide_filtered_list && $agent_count[$agents_subset] > $filter_threshold ? 'class="agp_js_hide"' : '';
echo "\r\n" . "<div id='div_{$agents_subset}_{$id_prefix}' {$hide_class}>" . "<div class='rs-agents_emsized'>" . "<ul class='{$ul_class}' id='list_{$agents_subset}_{$id_prefix}'>";
} else {
$ul_class = "rs-agents_list_auto";
echo "\r\n<ul class='{$ul_class}' id='list_{$agents_subset}_{$id_prefix}'>";
}
//-------- end list item width determination --------------
$last_agents = array();
$last_agents_prop = array();
foreach ($all_agents as $agent) {
$id = $agent->ID;
$agent_display_name = ROLE_BASIS_GROUPS == $role_basis && $agent->meta_id ? ScoperAdminLib::get_metagroup_name($agent->meta_id) : $agent->display_name;
if (is_array($for_entity_ids)) {
$role_assigned = isset($for_entity_ids[$id]) || isset($for_children_ids[$id]);
} else {
$role_assigned = isset($stored_assignments[$id]);
}
switch ($agents_subset) {
case CURRENT_ITEMS_RS:
if (!$role_assigned) {
continue 2;
}
break;
default:
//ELIGIBLE_ITEMS_RS
if ($role_assigned) {
continue 2;
}
if ($eligible_ids && !isset($eligible_ids[$id])) {
continue 2;
}
}
// markup for role duration / content date limits
$title = '';
// we can't set the title because it's used by JS for onkey filtering
$limit_class = '';
$link_class = '';
$limit_style = '';
if (isset($stored_assignments[$id])) {
ScoperAdminUI::set_agent_formatting($stored_assignments[$id], $title, $limit_class, $link_class, $limit_style);
}
if ($title) {
$any_date_limits = true;
$label_title = " title='{$title}'";
} else {
$label_title = '';
}
$disabled = $locked_ids && isset($locked_ids[$id]) ? " disabled='disabled'" : '';
$li_title = "title=' " . agp_strtolower($agent_display_name) . " '";
if ($check_for_incomplete_submission && isset($_POST['scoper_error']) && isset($_POST[$id_prefix])) {
$this_checked = in_array($id, $_POST[$id_prefix]) ? ' checked="checked"' : '';
} else {
if ($role_assigned && (!is_array($for_entity_ids) || isset($for_entity_ids[$id]))) {
$this_checked = ' checked="checked"';
} else {
$this_checked = '';
}
}
if ($this_checked && !$suppress_last_agents) {
$last_agents[] = $id;
}
if (isset($via_other_role_ids[$id])) {
$label_class = " class='rs-via-r{$limit_class}'";
} elseif (!$role_assigned && isset($via_other_basis_ids[$id])) {
$label_class = " class='rs-via-b{$limit_class}'";
} elseif (isset($via_other_scope_ids[$id])) {
$label_class = " class='rs-via-s{$limit_class}'";
} elseif ($limit_class) {
$label_class = " class='" . trim($limit_class) . "'";
} else {
$label_class = '';
}
echo "\r\n<li {$li_title}>" . "<input type='checkbox' name='{$id_prefix}[]'{$disabled}{$this_checked} value='{$id}' id='{$id_prefix}{$id}' {$ie_checkbox_style} />";
if ($propagation) {
if ($check_for_incomplete_submission && isset($_POST['scoper_error']) && isset($_POST["p_{$id_prefix}"])) {
$this_checked_prop = in_array($id, $_POST["p_{$id_prefix}"]) ? ' checked="checked"' : '';
} else {
if (isset($for_children_ids[$id])) {
$this_checked_prop = " checked='checked'";
} else {
$this_checked_prop = '';
}
}
if ($this_checked_prop && !$suppress_last_agents) {
$last_agents_prop[] = $id;
}
echo "{" . "<input type='checkbox' name='p_{$id_prefix}[]'{$disabled}{$this_checked_prop} value='{$id}' id='p_{$id_prefix}{$id}' {$ie_checkbox_style} />" . "}";
}
echo "<label {$title} {$limit_style} for='{$id_prefix}{$id}'{$label_class}{$label_title}>";
$caption = $agent_display_name;
if (strlen($caption) > $caption_length_limit) {
if (!empty($rtl)) {
$caption = '...' . substr($caption, strlen($caption) - $caption_length_limit);
} else {
$caption = substr($caption, 0, $caption_length_limit) . '...';
}
}
if ($role_assigned && !empty($stored_assignments[$id]['inherited_from'])) {
$caption = $inherited_prefix . $caption . $inherited_suffix;
$any_inherited = true;
} elseif (isset($via_other_role_ids[$id])) {
$caption = $via_other_role_prefix . $caption . $via_other_role_suffix;
$any_other_role = true;
} elseif (!$role_assigned && isset($via_other_basis_ids[$id])) {
$caption = $via_other_basis_prefix . $caption . $via_other_basis_suffix;
$any_other_basis = true;
} elseif (isset($via_other_scope_ids[$id])) {
$caption = $via_other_scope_prefix . $caption . $via_other_scope_suffix;
$any_other_scope = true;
}
$caption = ' ' . $caption;
echo $caption;
// str_replace(' ', ' ', $caption);
echo '</label></li>';
}
//foreach agent
echo "\r\n<li></li></ul>";
// prevent invalid markup if no other li's
if (CURRENT_ITEMS_RS == $agents_subset) {
$last_agents = implode("~", $last_agents);
$last_agents_prop = implode("~", $last_agents_prop);
echo "<input type=\"hidden\" id=\"last_{$id_prefix}\" name=\"last_{$id_prefix}\" value=\"{$last_agents}\" />";
echo "<input type=\"hidden\" id=\"last_p_{$id_prefix}\" name=\"last_p_{$id_prefix}\" value=\"{$last_agents_prop}\" />";
}
if ($any_display_filtering || $agent_count[$agents_subset] > $emsize_threshold) {
echo '</div></div>';
}
// display key
if ($any_inherited && $inherited_prefix) {
$key['inherited'] = "{$inherited_prefix} {$inherited_suffix}" . '<span class="rs-keytext">' . sprintf(__('inherited from parent %s', 'scoper'), agp_strtolower($otype_label_singular)) . '</span>';
}
if ($any_other_role && $via_other_role_prefix) {
$key['other_role'] = "<span class='rs-via-r'>{$via_other_role_prefix} {$via_other_role_suffix}" . '<span class="rs-keytext">' . str_replace(' ', ' ', __('has via other role', 'scoper')) . '</span></span>';
}
if ($any_other_basis && $via_other_basis_prefix) {
$key['other_basis'] = "<span class='rs-via-b'>{$via_other_basis_prefix} {$via_other_basis_suffix}" . '<span class="rs-keytext">' . str_replace(' ', ' ', __('has via group', 'scoper')) . '</span></span>';
}
if ($any_other_scope && $via_other_scope_prefix) {
$key['other_scope'] = "<span class='rs-via-s'>{$via_other_scope_prefix} {$via_other_scope_suffix}" . '<span class="rs-keytext">' . str_replace(' ', ' ', __('has via other scope', 'scoper')) . '</span></span>';
}
if ($propagation) {
$key['propagation'] = "{<input type='checkbox' disabled='disabled' name='rs-prop_key_{$agents_subset}_{$id_prefix}' id='rs-prop_key_{$agents_subset}_{$id_prefix}' style='vertical-align:middle' />}" . '<span class="rs-keytext">' . sprintf(__('propagate to sub-%s', 'scoper'), agp_strtolower($otype_label)) . '</span>';
}
if ($any_date_limits && !empty($object_id)) {
if (empty($GLOBALS['post']) || 'auto-draft' != $GLOBALS['post']->post_status) {
//don't display link for auto-drafts
$action_links['limits'] = sprintf(__('%1$sEdit date limits%2$s', 'scoper'), "<a href='admin.php?page=rs-{$object_type}-roles#item-{$object_id}'>", '</a>');
}
}
}
function admin_head()
{
global $pagenow, $plugin_page_cr;
echo '<link rel="stylesheet" href="' . SCOPER_URLPATH . '/admin/role-scoper.css" type="text/css" />' . "\n";
if ('rs-about' == $plugin_page_cr) {
echo '<link rel="stylesheet" href="' . SCOPER_URLPATH . '/admin/about/about.css" type="text/css" />' . "\n";
}
if (in_array($pagenow, array('post.php', 'post-new.php'))) {
$src_name = 'post';
$object_type = cr_find_post_type();
} elseif (isset($_GET['src_name']) && isset($_GET['object_type'])) {
$src_name = sanitize_key($_GET['src_name']);
$object_type = sanitize_key($_GET['object_type']);
}
if (!empty($object_type)) {
// dynamically set checkbox titles for user/group object role selection
$src = $this->scoper->data_sources->get($src_name);
$otype_def = $this->scoper->data_sources->member_property($src_name, 'object_types', $object_type);
if (!empty($src) && !empty($src->cols->parent) && empty($otype_def->ignore_object_hierarchy)) {
if (!empty($otype_def->labels)) {
$obj_title = sprintf(__('assign role for this %s', 'scoper'), agp_strtolower($otype_def->labels->singular_name));
$child_title = sprintf(__('assign role for sub-%s', 'scoper'), agp_strtolower($otype_def->labels->name));
$js_params = "var role_for_object_title = '{$obj_title}';" . "var role_for_children_title = '{$child_title}';";
// TODO: replace some of this JS with equivalent JQuery
echo "\n" . '<script type="text/javascript">' . $js_params . '</script>';
echo "\n" . "<script type='text/javascript' src='" . SCOPER_URLPATH . "/admin/rs-objrole-cbox-maint.js'></script>";
}
}
}
add_filter('contextual_help_list', array(&$this, 'flt_contextual_help_list'), 10, 2);
if (0 === strpos($plugin_page_cr, 'rs-') && strpos($plugin_page_cr, 'roles')) {
// add Ajax goodies we need for role duration/content date limit editing Bulk Role Admin
if (!awp_ver('3.4')) {
wp_print_scripts(array('page'));
}
require_once dirname(__FILE__) . '/admin_lib-bulk_rs.php';
ScoperAdminBulkLib::date_limits_js();
}
// TODO: replace some of this JS with equivalent JQuery
echo "\n" . "<script type='text/javascript' src='" . SCOPER_URLPATH . "/admin/agapetry.js'></script>";
echo "\n" . "<script type='text/javascript' src='" . SCOPER_URLPATH . "/admin/role-scoper.js'></script>";
if (scoper_get_option('group_ajax') && (in_array($pagenow, array('user-edit.php', 'profile.php')) || 'rs-groups' == $plugin_page_cr)) {
global $scoper_user_search;
if ('rs-groups' == $plugin_page_cr) {
$agent_type = 'users';
$agent_id = isset($_GET['id']) ? $_GET['id'] : 0;
} else {
$agent_type = 'groups';
if ('profile.php' == $pagenow) {
global $current_user;
$agent_id = $current_user->ID;
} else {
$agent_id = (int) $_GET['user_id'];
}
}
require_once dirname(__FILE__) . '/user_search_ui_rs.php';
$scoper_user_search = new ScoperUserSearch($agent_type);
$scoper_user_search->output_js($agent_type, $agent_id);
}
}
function scoper_admin_section_roles($taxonomy)
{
global $scoper, $scoper_admin, $wpdb;
if (!($tx = $scoper->taxonomies->get($taxonomy))) {
wp_die(__('Invalid taxonomy', 'scoper'));
}
$is_administrator = is_administrator_rs($tx, 'user');
$role_bases = array();
if (USER_ROLES_RS && ($is_administrator || $scoper_admin->user_can_admin_terms($taxonomy))) {
$role_bases[] = ROLE_BASIS_USER;
}
if (GROUP_ROLES_RS && ($is_administrator || $scoper_admin->user_can_admin_terms($taxonomy) || current_user_can('manage_groups'))) {
$role_bases[] = ROLE_BASIS_GROUPS;
}
if (empty($role_bases)) {
wp_die(__awp('Cheatin’ uh?'));
}
require_once dirname(__FILE__) . '/admin-bulk_rs.php';
require_once dirname(__FILE__) . '/role_assignment_lib_rs.php';
$role_assigner = init_role_assigner();
$nonce_id = 'scoper-assign-roles';
$agents = ScoperAdminBulk::get_agents($role_bases);
$agent_names = ScoperAdminBulk::agent_names($agents);
$agent_list_prefix = ScoperAdminBulk::agent_list_prefixes();
$agent_caption_plural = ScoperAdminBulk::agent_captions_plural($role_bases);
$role_bases = array_keys($agents);
$role_codes = ScoperAdminBulk::get_role_codes();
echo '<a name="scoper_top"></a>';
// retrieve all terms to track hierarchical relationship, even though some may not be adminable by current user
$val = ORDERBY_HIERARCHY_RS;
$args = array('order_by' => $val);
$all_terms = $scoper->get_terms($taxonomy, UNFILTERED_RS, COLS_ALL_RS, 0, $args);
// =========================== Submission Handling =========================
if (isset($_POST['rs_submit'])) {
$err = ScoperAdminBulk::role_submission(TERM_SCOPE_RS, ROLE_ASSIGNMENT_RS, $role_bases, $taxonomy, $role_codes, $agent_caption_plural, $nonce_id);
} else {
$err = 0;
}
// =========================== Prepare Data ===============================
//$term_roles [role_basis] [src_name] [object_id] [role_handle] [agent_id] = array( 'assign_for' => ENUM , 'inherited_from' => assignment_id)
$term_roles = array();
foreach ($role_bases as $role_basis) {
$term_roles[$role_basis] = ScoperRoleAssignments::get_assigned_roles(TERM_SCOPE_RS, $role_basis, $taxonomy);
}
$tx_src = $scoper->data_sources->get($tx->source);
if ($col_id = $tx_src->cols->id) {
// determine which terms current user can admin
if ($admin_terms = $scoper->get_terms($taxonomy, ADMIN_TERMS_FILTER_RS, COL_ID_RS)) {
$admin_terms = array_fill_keys($admin_terms, true);
}
} else {
$admin_terms = array();
}
// =========================== Display UI ===============================
?>
<div class="wrap agp-width97" id="rs_admin_wrap">
<?php
$tx->labels->singular_name = $tx->labels->singular_name;
echo '<h2>' . sprintf(__('%s Roles', 'scoper'), $tx->labels->singular_name) . ' <span style="font-size: 0.6em; font-style: normal">(<a href="#scoper_notes">' . __('see notes', 'scoper') . '</a>)</span>' . '</h2>';
if (scoper_get_option('display_hints')) {
echo '<div class="rs-hint">';
if (!empty($tx->requires_term)) {
//printf(_ x('Grant capabilities within a specific %2$s, potentially more than a user\'s WP role would allow. To reduce access, define %1$s%2$s Restrictions%3$s.', 'arguments are link open, taxonomy name, link close', 'scoper'), "<a href='admin.php?page=rs-$taxonomy-restrictions_t'>", $tx->labels->singular_name, '</a>');
printf(__('Grant capabilities within a specific %2$s, potentially more than a user\'s WP role would allow. To reduce access, define %1$s%2$s Restrictions%3$s.', 'scoper'), "<a href='admin.php?page=rs-{$taxonomy}-restrictions_t'>", $tx->labels->singular_name, '</a>');
} else {
printf(__('Grant capabilities within a specific %s, potentially more than a user\'s WP role would allow.', 'scoper'), $tx->labels->singular_name);
}
echo '</div>';
}
if (!($role_defs_by_otype = $scoper->role_defs->get_for_taxonomy($tx->object_source, $taxonomy))) {
echo '<br />' . sprintf(__('Role definition error (taxonomy: %s).', 'scoper'), $taxonomy);
echo '</div>';
return;
}
if (empty($admin_terms)) {
echo '<br />' . sprintf(__('Either you do not have permission to administer any %s, or none exist.', 'scoper'), $tx->labels->singular_name);
echo '</div>';
return;
}
?>
<form action="" method="post" name="role_assign" id="role_assign">
<?php
wp_nonce_field($nonce_id);
echo '<br /><div id="rs-term-scroll-links">';
echo ScoperAdminBulkLib::taxonomy_scroll_links($tx, $all_terms, $admin_terms);
echo '</div><hr />';
// ============ Users / Groups and Assignment Mode Selection Display ================
$tx_label = agp_strtolower($tx->labels->name);
$parent_col = !empty($tx_src->cols->parent) ? $tx_src->cols->parent : '';
if (!$parent_col || !empty($tx->uses_standard_schema) && empty($tx->hierarchical)) {
$assignment_modes = array(ASSIGN_FOR_ENTITY_RS => __('Assign', 'scoper'), REMOVE_ASSIGNMENT_RS => __('Remove', 'scoper'));
} else {
$assignment_modes = array(ASSIGN_FOR_ENTITY_RS => sprintf(__('Assign for selected %s', 'scoper'), $tx_label), ASSIGN_FOR_CHILDREN_RS => sprintf(__('Assign for sub-%s of selected', 'scoper'), $tx_label), ASSIGN_FOR_BOTH_RS => sprintf(__('Assign for selected and sub-%s', 'scoper'), $tx_label), REMOVE_ASSIGNMENT_RS => __('Remove', 'scoper'));
}
$args = array('role_bases' => $role_bases, 'agents' => $agents, 'agent_caption_plural' => $agent_caption_plural, 'scope' => TERM_SCOPE_RS, 'src_or_tx_name' => $taxonomy);
ScoperAdminBulk::display_inputs(ROLE_ASSIGNMENT_RS, $assignment_modes, $args);
$args = array('role_bases' => $role_bases);
ScoperAdminBulk::item_tree_jslinks(ROLE_ASSIGNMENT_RS, $args);
echo '<div id="rs-section-roles">';
// IE (6 at least) won't obey link color directive in a.classname CSS
$ie_link_style = strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false ? ' style="color:white;" ' : '';
$args = array('include_child_restrictions' => true, 'return_array' => true, 'role_type' => 'rs', 'force_refresh' => true);
$strict_terms = $scoper->get_restrictions(TERM_SCOPE_RS, $taxonomy, $args);
$src_name = $tx->object_source;
$editable_roles = array();
foreach ($all_terms as $term) {
$id = $term->{$col_id};
foreach ($role_defs_by_otype as $object_type => $role_defs) {
foreach (array_keys($role_defs) as $role_handle) {
if ($role_assigner->user_has_role_in_term($role_handle, $taxonomy, $id, '', compact('src_name', 'object_type'))) {
$editable_roles[$id][$role_handle] = true;
}
}
}
}
$args = array('admin_items' => $admin_terms, 'editable_roles' => $editable_roles, 'role_bases' => $role_bases, 'agent_names' => $agent_names, 'agent_caption_plural' => $agent_caption_plural, 'agent_list_prefix' => $agent_list_prefix, 'ul_class' => 'rs-termlist', 'ie_link_style' => $ie_link_style, 'err' => $err);
ScoperAdminBulk::item_tree(TERM_SCOPE_RS, ROLE_ASSIGNMENT_RS, $tx_src, $tx, $all_terms, $term_roles, $strict_terms, $role_defs_by_otype, $role_codes, $args);
echo '<hr /><div style="background-color: white;"></div>';
echo '</div>';
//rs-section-roles
//================================ Notes Section ==================================
?>
</form>
<a name="scoper_notes"></a>
<?php
if ('nav_menu' != $taxonomy) {
// TODO: better logic for note construction when related custom type is not being RS-filtered
$args = array('display_links' => true, 'display_restriction_key' => true);
ScoperAdminUI::role_owners_key($tx, $args);
$osrc = $scoper->data_sources->get($tx->object_source);
echo '<br /><h4 style="margin-bottom:0.1em">' . __("Notes", 'scoper') . ':</h4><ul class="rs-notes">';
echo '<li>';
_e('A Role is a collection of capabilities.', 'scoper');
echo '</li>';
echo '<li>';
_e("Capabilities in a user's WordPress Role (and, optionally, RS-assigned General Roles) enable site-wide operations (read/edit/delete) on some object type (post/page/link), perhaps of a certain status (private/published/draft).", 'scoper');
echo '</li>';
echo '<li>';
if (empty($osrc->no_object_roles)) {
printf(__('Scoped Roles can grant users these same WordPress capabilities on a per-%1$s or per-%2$s basis. Useful in fencing off sections your site.', 'scoper'), $tx->labels->singular_name, $osrc->labels->singular_name);
} else {
printf(__('Scoped Roles can grant users these same WordPress capabilities on a per-%1$s basis. Useful in fencing off sections your site.', 'scoper'), $tx->labels->singular_name, $osrc->labels->singular_name);
}
echo '</li>';
echo '<li>';
printf(__('Users with a %1$s Role assignment may have capabilities beyond their General Role(s) for %2$s in the specified %1$s.', 'scoper'), $tx->labels->singular_name, $osrc->labels->name);
echo '</li>';
if (!empty($tx->requires_term)) {
echo '<li>';
printf(__('If a role is restricted for some %s, general (site-wide) assignments of that role are ignored.', 'scoper'), $tx->labels->singular_name);
echo '</li>';
echo '<li>';
printf(__('If a %1$s is in multiple %2$s, permission is granted if any %3$s has a qualifying role assignment or permits a qualifying General Role.', 'scoper'), $osrc->labels->singular_name, $tx->labels->name, $tx->labels->singular_name);
echo '</li>';
}
if (empty($osrc->no_object_roles)) {
echo '<li>';
printf(__('If a role is restricted for some requested %1$s, %2$s-assignment and General-assignment of that role are ignored.', 'scoper'), $osrc->labels->singular_name, $tx->labels->singular_name);
echo '</li>';
}
echo '<li>';
_e('Administrators are exempted from Role Restrictions.', 'scoper');
echo '</li></ul>';
}
//endif showing notes
echo '<a href="#scoper_top">' . __('top', 'scoper') . '</a>';
?>
</div>
<?php
}
