/** * Runs on the `load-{$page}` hook. This is the handler for form submissions. * * @since 1.0.0 * @access public * @return void */ public function load() { // If the current user can't edit roles, don't proceed. if (!current_user_can('edit_roles')) { wp_die(esc_html__('Whoah, partner!', 'members')); } // Get the current role object to edit. $this->role = get_role(members_sanitize_role($_GET['role'])); // If we don't have a real role, die. if (is_null($this->role)) { wp_die(esc_html__('The requested role to edit does not exist.', 'members')); } $this->members_role = members_get_role($this->role->name); // Get all the capabilities. $this->capabilities = members_get_capabilities(); // Add all caps from the cap groups. foreach (members_get_cap_groups() as $group) { $this->capabilities = array_merge($this->capabilities, $group->caps); } // Make sure we have a unique array of caps. $this->capabilities = array_unique($this->capabilities); // Is the role editable? $this->is_editable = members_is_role_editable($this->role->name); // Check if the form has been submitted. if ($this->is_editable && isset($_POST['members_edit_role_nonce'])) { // Verify the nonce. check_admin_referer('edit_role', 'members_edit_role_nonce'); // Get the granted and denied caps. $grant_caps = !empty($_POST['grant-caps']) ? array_unique($_POST['grant-caps']) : array(); $deny_caps = !empty($_POST['deny-caps']) ? array_unique($_POST['deny-caps']) : array(); // Get the new (custom) granted and denied caps. $grant_new_caps = !empty($_POST['grant-new-caps']) ? array_unique($_POST['grant-new-caps']) : array(); $deny_new_caps = !empty($_POST['deny-new-caps']) ? array_unique($_POST['deny-new-caps']) : array(); // Get the all and custom cap group objects. $all_group = members_get_cap_group('all'); $custom_group = members_get_cap_group('custom'); // New caps to push to cap groups on update. $push_caps = array(); // Set the $role_updated variable to true. $this->role_updated = true; // Loop through all available capabilities. foreach ($this->capabilities as $cap) { // Get the posted capability. $grant_this_cap = in_array($cap, $grant_caps); $deny_this_cap = in_array($cap, $deny_caps); // Does the role have the cap? $is_granted_cap = $this->role->has_cap($cap); $is_denied_cap = isset($this->role->capabilities[$cap]) && false === $this->role->capabilities[$cap]; if ($grant_this_cap && !$is_granted_cap) { $this->role->add_cap($cap); } else { if ($deny_this_cap && !$is_denied_cap) { $this->role->add_cap($cap, false); } else { if (!$grant_this_cap && $is_granted_cap) { $this->role->remove_cap($cap); } else { if (!$deny_this_cap && $is_denied_cap) { $this->role->remove_cap($cap); } } } } } // End loop through existing capabilities. // Loop through the custom granted caps. foreach ($grant_new_caps as $grant_new_cap) { $_cap = members_sanitize_cap($grant_new_cap); // If not an existing cap, add it. if (!in_array($_cap, $this->capabilities)) { $this->role->add_cap($_cap); $push_caps[] = $_cap; } } // Loop through the custom denied caps. foreach ($deny_new_caps as $deny_new_cap) { $_cap = members_sanitize_cap($deny_new_cap); // If not a granted cap and not an existing cap, add it. if (!in_array($_cap, $this->capabilities) && !in_array($_cap, $grant_new_caps)) { $this->role->add_cap($_cap, false); $push_caps[] = $_cap; } } // If there are new caps, add them to the all and custom groups. if ($push_caps) { if ($all_group) { $all_group->caps[] = $_cap; sort($all_group->caps); } if ($custom_group) { $custom_group->caps[] = $_cap; sort($custom_group->caps); } } // Add the updated role to the role factory. members_role_factory()->add_role($this->role->name); // Reset the Members role object. $this->members_role = members_get_role($this->role->name); // Action hook for when a role is updated. do_action('members_role_updated', $this->role->name); } // End check for form submission. // If successful update. if ($this->role_updated) { add_settings_error('members_edit_role', 'role_updated', sprintf(esc_html__('%s role updated.', 'members'), members_get_role_name($this->role->name)), 'updated'); } // If the role is not editable. if (!$this->is_editable) { add_settings_error('members_edit_role', 'role_uneditable', sprintf(esc_html__('The %s role is not editable. This means that it is most likely added via another plugin for a special use or that you do not have permission to edit it.', 'members'), members_get_role_name($this->role->name))); } // If a new role was added (redirect from new role screen). if (isset($_GET['message']) && 'role_added' === $_GET['message']) { add_settings_error('members_edit_role', 'role_added', sprintf(esc_html__('The %s role has been created.', 'members'), members_get_role_name($this->role->name)), 'updated'); } // Load page hook. do_action('members_load_role_edit'); // Hook for adding in meta boxes. do_action('add_meta_boxes_' . get_current_screen()->id, $this->role->name); do_action('add_meta_boxes', get_current_screen()->id, $this->role->name); // Add layout screen option. add_screen_option('layout_columns', array('max' => 2, 'default' => 2)); }
/** * Conditional tag to check whether a role can be edited. * * @since 1.0.0 * @access public * @param string $role * @return bool */ function members_is_role_editable($role) { return members_role_factory()->get_role($role)->is_editable; }
/** * Function for safely deleting a role and transferring the deleted role's users to the default * role. Note that this function can be extremely intensive. Whenever a role is deleted, it's * best for the site admin to assign the user's of the role to a different role beforehand. * * @since 0.2.0 * @access public * @param string $role * @return void */ function members_delete_role($role) { // Get the default role. $default_role = get_option('default_role'); // Don't delete the default role. Site admins should change the default before attempting to delete the role. if ($role == $default_role) { return; } // Get all users with the role to be deleted. $users = get_users(array('role' => $role)); // Check if there are any users with the role we're deleting. if (is_array($users)) { // If users are found, loop through them. foreach ($users as $user) { // If the user has the role and no other roles, set their role to the default. if ($user->has_cap($role) && 1 >= count($user->roles)) { $user->set_role($default_role); } else { if ($user->has_cap($role)) { $user->remove_role($role); } } } } // Remove the role. remove_role($role); // Remove the role from the role factory. members_role_factory()->remove_role($role); }