function act_prep_metaboxes() { global $pagenow; if ('edit.php' == $pagenow) { return; } static $been_here; if (isset($been_here)) { return; } $been_here = true; global $typenow; // pp_find_post_type(); if (!in_array($typenow, pp_get_enabled_post_types()) || in_array($typenow, array('revision'))) { return; } //$can_admin_object = pp_is_user_administrator() || $pp_admin->user_can_admin_object('post', $object_id, $object_type); if (current_user_can('pp_assign_roles')) { $this->init_item_exceptions_ui(); $args = array('post_types' => (array) $typenow, 'hierarchical' => is_post_type_hierarchical($typenow)); // via_src, for_src, via_type, item_id, args $this->item_exceptions_ui->data->load_exceptions('post', 'post', $typenow, pp_get_post_id(), $args); } }
function _flt_user_has_post_cap($wp_sitecaps, $orig_reqd_caps, $args, $pp_args) { // ================= EARLY EXIT CHECKS (if the provided reqd_caps do not need filtering or need special case filtering ================== global $pp_current_user, $pagenow; if (isset($args[1]) && $args[1] != $pp_current_user->ID) { return $wp_sitecaps; } // =================================================== (end early exit checks) ====================================================== // ========================================== ARGUMENT TRANSLATION AND STATUS DETECTION ============================================= $post_id = isset($args[2]) ? $args[2] : pp_get_post_id(); $post_type = pp_find_post_type($post_id); // will be pulled from object $pp_reqd_caps = (array) $args[0]; // already cast to array //=== Allow PP extensions or other plugins to modify some variables // if ($_vars = apply_filters_ref_array('pp_has_post_cap_vars', array(null, $wp_sitecaps, $pp_reqd_caps, array('post_type' => $post_type, 'post_id' => $post_id, 'user_id' => $args[1], 'required_operation' => $pp_args['required_operation']), &$this))) { extract(array_intersect_key($_vars, array_fill_keys(array('post_type', 'post_id', 'pp_reqd_caps', 'return_caps', 'required_operation'), 'true'))); } if (!empty($return_caps)) { return array_merge($wp_sitecaps, $return_caps); } if (!$post_id || !in_array($post_type, pp_get_enabled_post_types())) { return $wp_sitecaps; } extract($pp_args, EXTR_SKIP); // Note: At this point, we have a nonzero post_id... do_action_ref_array('pp_has_post_cap_pre', array($pp_reqd_caps, 'post', $post_type, $post_id, &$this)); // cache clearing / refresh forcing can be applied here $memcache_disabled = $this->flags['memcache_disabled']; // skip the memcache under certain circumstances if (!$memcache_disabled) { if (!empty($_POST) && 'post.php' == $pagenow && pp_get_type_cap($post_type, 'edit_post') == reset($pp_reqd_caps) || !empty($_GET['doaction']) && in_array(reset($pp_reqd_caps), array('delete_post', pp_get_type_cap($post_type, 'delete_post')))) { $this->memcache = array(); $memcache_disabled = true; } } // ============ QUERY for required caps on object id (if other listed ids are known, query for them also). Cache results to static var. =============== $query_args = array('required_operation' => $required_operation, 'post_types' => $post_type, 'skip_teaser' => true); // generate a string key for this set of required caps, for use below in checking, caching the filtered results $cap_arg = 'edit_page' == $args[0] ? 'edit_post' : $args[0]; // minor perf boost on uploads.php, TODO: move to PPCE $capreqs_key = $memcache_disabled ? false : $cap_arg . $this->flags['cache_key_suffix'] . md5(serialize($query_args)); // Check whether this object id was already tested for the same reqd_caps in a previous execution of this function within the same http request if (!isset($this->memcache['tested_ids'][$post_type][$capreqs_key][$post_id]) || !empty($this->flags['force_memcache_refresh'])) { global $pp, $wpdb, $query_interceptor; // If this cap inquiry is for a single item but multiple items are being listed, we will query for the original metacap on all items (mapping it for each applicable status) and buffer the results // // (Perf enhancement when listing display will check caps for each item to determine whether to display an action link) // note: don't use wp_object_cache because it includes posts not present in currently displayed resultset listing page if (isset($pp->listed_ids[$post_type]) && (!is_admin() || 'index.php' != $pagenow)) { // there's too much happening on the dashboard to buffer listed IDs reliably. $listed_ids = array_keys($pp->listed_ids[$post_type]); } else { $listed_ids = array(); } // make sure our current post_id is in the query list $listed_ids[] = (int) $post_id; $listed_ids = array_unique($listed_ids); //if ( ! isset( $this->memcache['request'][$capreqs_key] ) || $this->flags['force_memcache_refresh'] ) { //$query_args['listed_ids'] = $listed_ids; if (count($listed_ids) == 1) { $query_args['limit_statuses'] = array(get_post_field('post_status', $post_id) => true); } $query_args['limit_ids'] = $listed_ids; $query_args['has_cap_check'] = $args[0]; $request = $query_interceptor->construct_posts_request(array('fields' => "{$wpdb->posts}.ID"), $query_args); // update static variable //if ( ! $memcache_disabled ) // $this->memcache['request'][$capreqs_key] = $request; //} else { // $request = $this->memcache['request'][$capreqs_key]; //} // run the query $request .= " AND {$wpdb->posts}.ID IN ('" . implode("', '", $listed_ids) . "')"; $qkey = md5($request); // a different has_cap inquiry may have generated the same query, so check cache before executing the query if (isset($this->memcache['okay_ids'][$qkey]) && !$memcache_disabled) { $okay_ids = $this->memcache['okay_ids'][$qkey]; } else { $okay_ids = $wpdb->get_col($request); if (!$memcache_disabled) { $this->memcache['okay_ids'][$qkey] = $okay_ids; } } // update tested_ids cache to log filtered results for this post id, and possibly also for other listed IDs if (!$memcache_disabled) { foreach ($listed_ids as $_id) { $this->memcache['tested_ids'][$post_type][$capreqs_key][$_id] = in_array($_id, $okay_ids); } } $this_id_okay = in_array($post_id, $okay_ids); } else { // results of this has_cap inquiry are already stored (from another call within current http request) $this_id_okay = $this->memcache['tested_ids'][$post_type][$capreqs_key][$post_id]; } do_action_ref_array('pp_has_post_cap_done', array($this_id_okay, $pp_reqd_caps, 'post', $post_type, $post_id, &$this)); // followup to cache processing can be applied here if ($this_id_okay) { //d_echo( "PASSED for {$orig_reqd_caps[0]}<br />" ); return array_merge($wp_sitecaps, array_fill_keys($orig_reqd_caps, true)); } else { // ================= TEMPORARY DEBUG CODE =================== //dump($args); //dump($orig_reqd_caps); //dump($pp_reqd_caps); //d_echo( "user_has_cap FAILED ($post_id) !!!!!!!" ); //d_echo( '<br />' ); // ============== (end temporary debug code ================== return array_diff_key($wp_sitecaps, array_fill_keys($orig_reqd_caps, true)); // return user's sitewide caps, minus the caps we were checking for } }