/** * Whether current user has capability or role. * * @param string $cap Capability or role name. * @param array $args Arguments such as Post IDs. (will be passed to PW current_user_can() if applicable) * @return bool */ function wpaa_user_can($cap, $args = array()) { global $wp_roles; // exist always true. read always true for logged in users. if ('exist' == $cap || 'read' == $cap && is_user_logged_in()) { return true; } // true for role if ($wp_roles->is_role($cap)) { $can = wpaa_user_can_role($cap); } else { if (wpaa_is_access_area($cap)) { $can = wpaa_user_can_accessarea($cap, $args); } else { $can = current_user_can($cap, $args); } } return $can; }
static function access_area_dropdown($roles, $groups, $selected_cap, $fieldname, $first_item_value = null, $first_item_label = '') { if (!$selected_cap) { $selected_cap = 'exist'; } ?> <select id="<?php echo sanitize_title($fieldname); ?> -select" name="<?php echo $fieldname; ?> "><?php if (!is_null($first_item_value) && !is_null($first_item_label)) { ?> <option value="<?php $first_item_value; ?> "><?php echo $first_item_label; ?> </option><?php } ?> <option value="exist" <?php selected($selected_cap, 'exist'); ?> ><?php _e('WordPress default', 'wp-access-areas'); ?> </option><?php if (strpos($fieldname, 'post_edit_cap') === false) { ?> <option value="read" <?php selected($selected_cap, 'read'); ?> ><?php _e('Logged in Users', 'wp-access-areas'); ?> </option><?php } ?> <optgroup label="<?php _e('WordPress roles', 'wp-access-areas'); ?> "> <?php foreach ($roles as $role => $rolename) { if (!wpaa_user_can_role($role)) { continue; } ?> <option value="<?php echo $role; ?> " <?php selected($selected_cap, $role); ?> ><?php _ex($rolename, 'User role'); ?> </option> <?php } ?> </optgroup> <?php if (count($groups)) { ?> <optgroup label="<?php _e('Users with Access to', 'wp-access-areas'); ?> "> <?php foreach ($groups as $group => $groupname) { if (!wpaa_user_can_accessarea($group)) { continue; } ?> <option value="<?php echo $group; ?> " <?php selected($selected_cap, $group); ?> ><?php _e($groupname, 'wp-access-areas'); ?> </option> <?php } /* foreach( $groups ) */ ?> </optgroup> <?php } /* if count( $groups ) */ ?> </select> <?php }
private static function _get_where($where, $table_name = 'p') { global $wpdb; // disable filtering: on queries for single posts/pages and for single blog administrators if (is_singular() && preg_match("/{$wpdb->posts}.(post_name|ID)\\s?=/", $where) || !is_multisite() && current_user_can('administrator')) { return $where; } if ($table_name && substr($table_name, -1) !== '.') { $table_name .= '.'; } $caps = array('exist'); if (is_user_logged_in()) { // get current user's groups $roles = new WP_Roles(); // reading if (current_user_can('read')) { $caps[] = 'read'; } // user's roles $user_roles = wpaa_user_contained_roles(); foreach ($user_roles as $role) { $caps[] = $role; } // user's custom caps foreach (UndisclosedUserlabel::get_label_array() as $cap => $capname) { if (wpaa_user_can_accessarea($cap)) { $caps[] = $cap; } } } $add_where = " {$table_name}post_view_cap IN ('" . implode("','", $caps) . "')"; // if ( is_single() ) // why did I do this....? // $add_where .= " OR (wpaa_postmeta.meta_value IS NOT NULL)"; $add_where = " AND ( {$add_where} ) "; return $where . $add_where; }