<?php /** * User-related functions and filters. * * @package Members * @subpackage Includes * @author Justin Tadlock <*****@*****.**> * @copyright Copyright (c) 2009 - 2016, Justin Tadlock * @link http://themehybrid.com/plugins/members * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html */ // Filter `user_has_cap` if denied caps should take precedence. if (members_explicitly_deny_caps()) { add_filter('user_has_cap', 'members_user_has_cap_filter', 10, 4); } /** * Filter on `user_has_cap` to explicitly deny caps if there are conflicting caps when a * user has multiple roles. WordPress doesn't consistently handle two or more roles that * have the same capability but a conflict between being granted or denied. Core WP * merges the role caps so that the last role the user has will take precedence. This * has the potential for granting permission for things that a user shouldn't have * permission to do. * * @since 1.0.0 * @access public * @param array $allcaps * @param array $caps * @param array $args * @param object $user * @return array
/** * Explicit denied caps field callback. * * @since 1.0.0 * @access public * @return void */ public function field_explicit_denied_caps() { ?> <label> <input type="checkbox" name="members_settings[explicit_denied_caps]" value="true" <?php checked(members_explicitly_deny_caps()); ?> /> <?php esc_html_e('Denied capabilities should always overrule granted capabilities.', 'members'); ?> </label> <?php }