<tr>
<th>
<?php
_e('Role Capabilities', 'members');
?>
</th>
<td>
<p>
<?php
_e('<strong>Optional:</strong> Select the capabilities this role should have. These may be updated later.', 'members');
?>
</p>
<?php
$i = -1;
foreach (members_get_capabilities() as $cap) {
?>
<div class="members-role-checkbox <?php
if (++$i % 3 == 0) {
echo 'clear';
}
?>
">
<input type="checkbox" name="capabilities[<?php
echo esc_attr($cap);
?>
]" id="capabilities-<?php
echo esc_attr($cap);
?>
" <?php
}
// End loop through existing capabilities
/* If new caps were added and are in an array, we need to add them. */
if (!empty($_POST['new-cap']) && is_array($_POST['new-cap'])) {
/* Loop through each new capability from the edit roles form. */
foreach ($_POST['new-cap'] as $new_cap) {
/* Sanitize the new capability to remove any unwanted characters. */
$new_cap = sanitize_key($new_cap);
/* Run one more check to make sure the new capability exists. Add the cap to the role. */
if (!empty($new_cap) && !$role->has_cap($new_cap)) {
$role->add_cap($new_cap);
}
}
// End loop through new capabilities
/* If new caps are added, we need to reset the $capabilities array. */
$capabilities = members_get_capabilities();
}
// End check for new capabilities
}
// End check for form submission
?>
<div class="wrap">
<?php
screen_icon();
?>
<h2>
<?php
_e('Edit Role', 'members');
/**
* Checks posted data on load and performs actions if needed.
*
* @since 1.0.0
* @access public
* @return void
*/
public function load()
{
// Are we cloning a role?
$this->is_clone = isset($_GET['clone']) && members_role_exists($_GET['clone']);
if ($this->is_clone) {
// Override the default new role caps.
add_filter('members_new_role_default_caps', array($this, 'clone_default_caps'), 15);
// Set the clone role.
$this->clone_role = members_sanitize_role($_GET['clone']);
}
// Check if the current user can create roles and the form has been submitted.
if (current_user_can('create_roles') && (isset($_POST['role_name']) || isset($_POST['role']) || isset($_POST['grant-caps']) || isset($_POST['deny-caps']) || isset($_POST['grant-new-caps']) || isset($_POST['deny-new-caps']))) {
// Verify the nonce.
check_admin_referer('new_role', 'members_new_role_nonce');
// Set up some variables.
$this->capabilities = array();
$new_caps = array();
$is_duplicate = false;
// Check if any capabilities were selected.
if (isset($_POST['grant-caps']) || isset($_POST['deny-caps'])) {
$grant_caps = !empty($_POST['grant-caps']) ? array_unique($_POST['grant-caps']) : array();
$deny_caps = !empty($_POST['deny-caps']) ? array_unique($_POST['deny-caps']) : array();
foreach (members_get_capabilities() as $cap) {
if (in_array($cap, $grant_caps)) {
$new_caps[$cap] = true;
} else {
if (in_array($cap, $deny_caps)) {
$new_caps[$cap] = false;
}
}
}
}
$grant_new_caps = !empty($_POST['grant-new-caps']) ? array_unique($_POST['grant-new-caps']) : array();
$deny_new_caps = !empty($_POST['deny-new-caps']) ? array_unique($_POST['deny-new-caps']) : array();
$_m_caps = members_get_capabilities();
foreach ($grant_new_caps as $grant_new_cap) {
$_cap = members_sanitize_cap($grant_new_cap);
if (!in_array($_cap, $_m_caps)) {
$new_caps[$_cap] = true;
}
}
foreach ($deny_new_caps as $deny_new_cap) {
$_cap = members_sanitize_cap($deny_new_cap);
if (!in_array($_cap, $_m_caps)) {
$new_caps[$_cap] = false;
}
}
// Sanitize the new role name/label. We just want to strip any tags here.
if (!empty($_POST['role_name'])) {
$this->role_name = strip_tags($_POST['role_name']);
}
// Sanitize the new role, removing any unwanted characters.
if (!empty($_POST['role'])) {
$this->role = members_sanitize_role($_POST['role']);
} else {
if ($this->role_name) {
$this->role = members_sanitize_role($this->role_name);
}
}
// Is duplicate?
if (members_role_exists($this->role)) {
$is_duplicate = true;
}
// Add a new role with the data input.
if ($this->role && $this->role_name && !$is_duplicate) {
add_role($this->role, $this->role_name, $new_caps);
// If the current user can edit roles, redirect to edit role screen.
if (current_user_can('edit_roles')) {
wp_redirect(add_query_arg('message', 'role_added', members_get_edit_role_url($this->role)));
exit;
}
// Add role added message.
add_settings_error('members_role_new', 'role_added', sprintf(esc_html__('The %s role has been created.', 'members'), $this->role_name), 'updated');
}
// If there are new caps, let's assign them.
if (!empty($new_caps)) {
$this->capabilities = $new_caps;
}
// Add error if there's no role.
if (!$this->role) {
add_settings_error('members_role_new', 'no_role', esc_html__('You must enter a valid role.', 'members'));
}
// Add error if this is a duplicate role.
if ($is_duplicate) {
add_settings_error('members_role_new', 'duplicate_role', sprintf(esc_html__('The %s role already exists.', 'members'), $this->role));
}
// Add error if there's no role name.
if (!$this->role_name) {
add_settings_error('members_role_new', 'no_role_name', esc_html__('You must enter a valid role name.', 'members'));
}
}
// If we don't have caps yet, get the new role default caps.
if (empty($this->capabilities)) {
$this->capabilities = members_new_role_default_caps();
}
// Load page hook.
do_action('members_load_role_new');
// Hook for adding in meta boxes.
do_action('add_meta_boxes_' . get_current_screen()->id, '');
do_action('add_meta_boxes', get_current_screen()->id, '');
// Add layout screen option.
add_screen_option('layout_columns', array('max' => 2, 'default' => 2));
// Load scripts/styles.
add_action('admin_enqueue_scripts', array($this, 'enqueue'));
}
/**
* Runs on the `load-{$page}` hook. This is the handler for form submissions.
*
* @since 1.0.0
* @access public
* @return void
*/
public function load()
{
// If the current user can't edit roles, don't proceed.
if (!current_user_can('edit_roles')) {
wp_die(esc_html__('Whoah, partner!', 'members'));
}
// Get the current role object to edit.
$this->role = get_role(members_sanitize_role($_GET['role']));
// If we don't have a real role, die.
if (is_null($this->role)) {
wp_die(esc_html__('The requested role to edit does not exist.', 'members'));
}
$this->members_role = members_get_role($this->role->name);
// Get all the capabilities.
$this->capabilities = members_get_capabilities();
// Add all caps from the cap groups.
foreach (members_get_cap_groups() as $group) {
$this->capabilities = array_merge($this->capabilities, $group->caps);
}
// Make sure we have a unique array of caps.
$this->capabilities = array_unique($this->capabilities);
// Is the role editable?
$this->is_editable = members_is_role_editable($this->role->name);
// Check if the form has been submitted.
if ($this->is_editable && isset($_POST['members_edit_role_nonce'])) {
// Verify the nonce.
check_admin_referer('edit_role', 'members_edit_role_nonce');
// Get the granted and denied caps.
$grant_caps = !empty($_POST['grant-caps']) ? array_unique($_POST['grant-caps']) : array();
$deny_caps = !empty($_POST['deny-caps']) ? array_unique($_POST['deny-caps']) : array();
// Get the new (custom) granted and denied caps.
$grant_new_caps = !empty($_POST['grant-new-caps']) ? array_unique($_POST['grant-new-caps']) : array();
$deny_new_caps = !empty($_POST['deny-new-caps']) ? array_unique($_POST['deny-new-caps']) : array();
// Get the all and custom cap group objects.
$all_group = members_get_cap_group('all');
$custom_group = members_get_cap_group('custom');
// New caps to push to cap groups on update.
$push_caps = array();
// Set the $role_updated variable to true.
$this->role_updated = true;
// Loop through all available capabilities.
foreach ($this->capabilities as $cap) {
// Get the posted capability.
$grant_this_cap = in_array($cap, $grant_caps);
$deny_this_cap = in_array($cap, $deny_caps);
// Does the role have the cap?
$is_granted_cap = $this->role->has_cap($cap);
$is_denied_cap = isset($this->role->capabilities[$cap]) && false === $this->role->capabilities[$cap];
if ($grant_this_cap && !$is_granted_cap) {
$this->role->add_cap($cap);
} else {
if ($deny_this_cap && !$is_denied_cap) {
$this->role->add_cap($cap, false);
} else {
if (!$grant_this_cap && $is_granted_cap) {
$this->role->remove_cap($cap);
} else {
if (!$deny_this_cap && $is_denied_cap) {
$this->role->remove_cap($cap);
}
}
}
}
}
// End loop through existing capabilities.
// Loop through the custom granted caps.
foreach ($grant_new_caps as $grant_new_cap) {
$_cap = members_sanitize_cap($grant_new_cap);
// If not an existing cap, add it.
if (!in_array($_cap, $this->capabilities)) {
$this->role->add_cap($_cap);
$push_caps[] = $_cap;
}
}
// Loop through the custom denied caps.
foreach ($deny_new_caps as $deny_new_cap) {
$_cap = members_sanitize_cap($deny_new_cap);
// If not a granted cap and not an existing cap, add it.
if (!in_array($_cap, $this->capabilities) && !in_array($_cap, $grant_new_caps)) {
$this->role->add_cap($_cap, false);
$push_caps[] = $_cap;
}
}
// If there are new caps, add them to the all and custom groups.
if ($push_caps) {
if ($all_group) {
$all_group->caps[] = $_cap;
sort($all_group->caps);
}
if ($custom_group) {
$custom_group->caps[] = $_cap;
sort($custom_group->caps);
}
}
// Add the updated role to the role factory.
members_role_factory()->add_role($this->role->name);
// Reset the Members role object.
$this->members_role = members_get_role($this->role->name);
// Action hook for when a role is updated.
do_action('members_role_updated', $this->role->name);
}
// End check for form submission.
// If successful update.
if ($this->role_updated) {
add_settings_error('members_edit_role', 'role_updated', sprintf(esc_html__('%s role updated.', 'members'), members_get_role_name($this->role->name)), 'updated');
}
// If the role is not editable.
if (!$this->is_editable) {
add_settings_error('members_edit_role', 'role_uneditable', sprintf(esc_html__('The %s role is not editable. This means that it is most likely added via another plugin for a special use or that you do not have permission to edit it.', 'members'), members_get_role_name($this->role->name)));
}
// If a new role was added (redirect from new role screen).
if (isset($_GET['message']) && 'role_added' === $_GET['message']) {
add_settings_error('members_edit_role', 'role_added', sprintf(esc_html__('The %s role has been created.', 'members'), members_get_role_name($this->role->name)), 'updated');
}
// Load page hook.
do_action('members_load_role_edit');
// Hook for adding in meta boxes.
do_action('add_meta_boxes_' . get_current_screen()->id, $this->role->name);
do_action('add_meta_boxes', get_current_screen()->id, $this->role->name);
// Add layout screen option.
add_screen_option('layout_columns', array('max' => 2, 'default' => 2));
}
/**
* Conditional tag for checking whether a capability exists.
*
* @since 1.0.0
* @access public
* @param string $cap
* @return bool
*/
function members_cap_exists($cap)
{
return in_array($cap, members_get_capabilities());
}
/**
* Returns the caps for the custom capability group.
*
* @since 1.0.0
* @access public
* @return array
*/
function members_get_custom_group_caps()
{
return members_get_capabilities();
}
