/** * Add settings * * @access public * @since 1.0.0 * @param array $settings The existing EDD settings array * @return array The modified EDD settings array */ public function settings($settings) { $new_settings = array(array('id' => 'edd_content_restriction_settings', 'name' => '<strong>' . __('Content Restriction Settings', 'edd-cr') . '</strong>', 'desc' => __('Configure Content Restriction Settings', 'edd-cr'), 'type' => 'header'), array('id' => 'edd_content_restriction_hide_menu_items', 'name' => __('Hide Menu Items', 'edd-cr'), 'desc' => __('Should we hide menu items a user doesn\'t have access to?', 'edd-cr'), 'type' => 'checkbox'), array('id' => 'edd_cr_single_resriction_message', 'name' => __('Single Restriction Message', 'edd-cr'), 'desc' => __('When access is restricted by a single product, this message will show to the user when they do not have access. <code>{product_name}</code> will be replaced by the restriction requirements.', 'edd-cr'), 'type' => 'rich_editor', 'allow_blank' => false, 'size' => 5, 'std' => edd_cr_get_single_restriction_message()), array('id' => 'edd_cr_multi_resriction_message', 'name' => __('Multiple Restriction Message', 'edd-cr'), 'desc' => __('When access is restricted by multiple products, this message will show to the user when they do not have access. <code>{product_names}</code> will be replaced by a list of the restriction requirements.', 'edd-cr'), 'type' => 'rich_editor', 'allow_blank' => false, 'size' => 5, 'std' => edd_cr_get_multi_restriction_message()), array('id' => 'edd_cr_any_resriction_message', 'name' => __('Restriction for "Any Product"', 'edd-cr'), 'desc' => __('When access to content is restricted to anyone who has made a purchase, this is the message displayed to people without a purchase.', 'edd-cr'), 'type' => 'rich_editor', 'allow_blank' => false, 'size' => 5, 'std' => edd_cr_get_any_restriction_message())); $settings = array_merge($settings, $new_settings); return $settings; }
/** * Check to see if a user has access to a post/page * * @since 2.0 * @param int $user_id The ID of the user to check * @param array $restricted_to The array of downloads for a post/page * @param int $post_id The ID of the object we are viewing * @return array $return An array containing the status and optional message */ function edd_cr_user_can_access($user_id = false, $restricted_to, $post_id = false) { $has_access = false; $restricted_count = count($restricted_to); $products = array(); // If no user is given, use the current user if (!$user_id) { $user_id = get_current_user_id(); } // bbPress specific checks. Moderators can see everything if (class_exists('bbPress') && current_user_can('moderate')) { $has_access = true; } // Admins have full access if (current_user_can('manage_options')) { $has_access = true; } // The post author can always access if ($post_id && current_user_can('edit_post', $post_id)) { $has_access = true; } if ($restricted_to && !$has_access) { foreach ($restricted_to as $item => $data) { if (empty($data['download'])) { $has_access = true; } // The author of a download always has access if ((int) get_post_field('post_author', $data['download']) === (int) $user_id && is_user_logged_in()) { $has_access = true; break; } // If restricted to any customer and user has purchased something if ('any' === $data['download'] && edd_has_purchases($user_id) && is_user_logged_in()) { $has_access = true; break; } elseif ('any' === $data['download']) { $has_access = false; break; } // Check for variable prices if (!$has_access) { if (edd_has_variable_prices($data['download'])) { if (strtolower($data['price_id']) !== 'all' && !empty($data['price_id'])) { $products[] = '<a href="' . get_permalink($data['download']) . '">' . get_the_title($data['download']) . ' - ' . edd_get_price_option_name($data['download'], $data['price_id']) . '</a>'; if (edd_has_user_purchased($user_id, $data['download'], $data['price_id'])) { $has_access = true; } } else { $products[] = '<a href="' . get_permalink($data['download']) . '">' . get_the_title($data['download']) . '</a>'; if (edd_has_user_purchased($user_id, $data['download'])) { $has_access = true; } } } else { $products[] = '<a href="' . get_permalink($data['download']) . '">' . get_the_title($data['download']) . '</a>'; if (is_user_logged_in() && edd_has_user_purchased($user_id, $data['download'])) { $has_access = true; } } } } if ($has_access == false) { if ($restricted_count > 1) { $message = edd_cr_get_multi_restriction_message(); $product_list = ''; if (!empty($products)) { $product_list .= '<ul>'; foreach ($products as $id => $product) { $product_list .= '<li>' . $product . '</li>'; } $product_list .= '</ul>'; } $message = str_replace('{product_names}', $product_list, $message); } else { if ('any' === $data['download']) { $message = edd_cr_get_any_restriction_message(); } else { $message = edd_cr_get_single_restriction_message(); $message = str_replace('{product_name}', $products[0], $message); } } } if (isset($message)) { $return['message'] = $message; } else { $return['message'] = __('This content is restricted to buyers.', 'edd-cr'); } } else { // Just in case we're checking something unrestricted... $has_access = true; } // Allow plugins to modify the restriction requirements $has_access = apply_filters('edd_cr_user_can_access', $has_access, $user_id, $restricted_to); $return['status'] = $has_access; return $return; }