/**
* Handle add capability form submission.
* @return int new capability's id or false if unsuccessful
*/
function groups_admin_capabilities_add_submit()
{
global $wpdb;
if (!current_user_can(GROUPS_ADMINISTER_GROUPS)) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
if (!wp_verify_nonce($_POST[GROUPS_ADMIN_GROUPS_NONCE], 'capabilities-add')) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
$capability = isset($_POST['capability-field']) ? $_POST['capability-field'] : null;
$description = isset($_POST['description-field']) ? $_POST['description-field'] : '';
return Groups_Capability::create(compact("capability", "description"));
}
/**
* Handle remove form submission.
*/
function groups_admin_capabilities_remove_submit()
{
global $wpdb;
$result = false;
if (!current_user_can(GROUPS_ADMINISTER_GROUPS)) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
if (!wp_verify_nonce($_POST[GROUPS_ADMIN_GROUPS_NONCE], 'capabilities-remove')) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
$capability_id = isset($_POST['capability-id-field']) ? $_POST['capability-id-field'] : null;
$capability = Groups_Capability::read($capability_id);
if ($capability) {
if ($capability->capability !== Groups_Post_Access::READ_POST_CAPABILITY) {
$result = Groups_Capability::delete($capability_id);
}
}
return $result;
}
/**
* Handle edit form submission.
*/
function groups_admin_capabilities_edit_submit()
{
$result = false;
if (!current_user_can(GROUPS_ADMINISTER_GROUPS)) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
if (!wp_verify_nonce($_POST[GROUPS_ADMIN_GROUPS_NONCE], 'capabilities-edit')) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
$capability_id = isset($_POST['capability-id-field']) ? $_POST['capability-id-field'] : null;
$capability = Groups_Capability::read($capability_id);
if ($capability) {
$capability_id = $capability->capability_id;
if ($capability->capability !== Groups_Post_Access::READ_POST_CAPABILITY) {
$capability_field = isset($_POST['capability-field']) ? $_POST['capability-field'] : null;
} else {
$capability_field = Groups_Post_Access::READ_POST_CAPABILITY;
}
if (!empty($capability_field)) {
$update = true;
if ($other_capability = Groups_Capability::read_by_capability($capability_field)) {
if ($other_capability->capability_id != $capability_id) {
Groups_Admin::add_message(sprintf(__('The <em>%s</em> capability already exists and cannot be assigned to this one.', GROUPS_PLUGIN_DOMAIN), stripslashes(wp_filter_nohtml_kses($other_capability->capability))), 'error');
$update = false;
}
}
if ($update) {
$description = isset($_POST['description-field']) ? $_POST['description-field'] : '';
$capability_id = Groups_Capability::update(array('capability_id' => $capability_id, 'capability' => $capability_field, 'description' => $description));
if ($capability_id) {
$result = $capability_id;
} else {
Groups_Admin::add_message(sprintf(__('The <em>%s</em> capability could not be updated.', GROUPS_PLUGIN_DOMAIN), stripslashes(wp_filter_nohtml_kses($capability))), 'error');
}
}
} else {
Groups_Admin::add_message(__('The <em>Capability</em> must not be empty.', GROUPS_PLUGIN_DOMAIN), 'error');
}
}
return $result;
}
/**
* Handle edit form submission.
*/
function groups_admin_capabilities_edit_submit()
{
if (!current_user_can(GROUPS_ADMINISTER_GROUPS)) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
if (!wp_verify_nonce($_POST[GROUPS_ADMIN_GROUPS_NONCE], 'capabilities-edit')) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
$capability_id = isset($_POST['capability-id-field']) ? $_POST['capability-id-field'] : null;
$capability = Groups_Capability::read($capability_id);
if ($capability) {
$capability_id = $capability->capability_id;
if ($capability->capability !== Groups_Post_Access::READ_POST_CAPABILITY) {
$capability = isset($_POST['capability-field']) ? $_POST['capability-field'] : null;
} else {
$capability = Groups_Post_Access::READ_POST_CAPABILITY;
}
$description = isset($_POST['description-field']) ? $_POST['description-field'] : '';
return Groups_Capability::update(compact("capability_id", "capability", "description"));
} else {
return false;
}
}
/**
* Handle add capability form submission.
* @return int new capability's id or false if unsuccessful
*/
function groups_admin_capabilities_add_submit()
{
global $wpdb;
if (!current_user_can(GROUPS_ADMINISTER_GROUPS)) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
if (!wp_verify_nonce($_POST[GROUPS_ADMIN_GROUPS_NONCE], 'capabilities-add')) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
$capability = isset($_POST['capability-field']) ? $_POST['capability-field'] : null;
$description = isset($_POST['description-field']) ? $_POST['description-field'] : '';
$capability_id = Groups_Capability::create(compact("capability", "description"));
if (!$capability_id) {
if (empty($capability)) {
Groups_Admin::add_message(__('The <em>Capability</em> must not be empty.', GROUPS_PLUGIN_DOMAIN), 'error');
} else {
if (Groups_Capability::read_by_capability($capability)) {
Groups_Admin::add_message(sprintf(__('The <em>%s</em> capability already exists.', GROUPS_PLUGIN_DOMAIN), stripslashes(wp_filter_nohtml_kses($capability))), 'error');
}
}
}
return $capability_id;
}
/**
* Adds an access capability requirement.
*
* $map must contain 'post_id' (*)
*
* For now this only should be used to add the READ_POST_CAPABILITY which
* it does automatically. Nothing else is checked for granting access.
*
* (*) Revisions : As of Groups 1.3.13 and at WordPress 3.6.1, as
* add_post_meta stores postmeta for the revision's parent, we retrieve
* the parent's post ID if it applies and check against that to see if
* that capability is already present. This is to avoid duplicating
* the already existing postmeta entry (which ocurred in previous
* versions).
*
* @param array $map
* @return true if the capability could be added to the post, otherwis false
*/
public static function create($map)
{
extract($map);
$result = false;
if (!isset($capability)) {
$capability = self::READ_POST_CAPABILITY;
}
if (!empty($post_id) && !empty($capability)) {
if (Groups_Capability::read_by_capability($capability)) {
if ($revision_parent_id = wp_is_post_revision($post_id)) {
$post_id = $revision_parent_id;
}
if (!in_array($capability, get_post_meta($post_id, self::POSTMETA_PREFIX . self::READ_POST_CAPABILITY))) {
$result = add_post_meta($post_id, self::POSTMETA_PREFIX . self::READ_POST_CAPABILITY, $capability);
}
}
}
return $result;
}
/**
* Update user-capability relation.
*
* This changes nothing so as of now it's pointless to even call this.
*
* @param array $map
* @return true if successful, false otherwise
*/
public static function update($map)
{
$result = false;
// if ( !empty( $user_id ) && !empty( $capability_id) ) {
if (!empty($capability_id)) {
// make sure user and capability exist
if (false !== Groups_Utility::id($user_id) && get_user_by("id", $user_id) && Groups_Capability::read($capability_id)) {
$result = true;
do_action("groups_updated_user_capability", $user_id, $capability_id);
}
}
return $result;
}
/**
* Update group-capability relation.
*
* This changes nothing so as of now it's pointless to even call this.
*
* @param array $map
* @return true if successful, false otherwise
*/
public static function update($map)
{
$result = false;
if (!empty($group_id) && !empty($capability_id)) {
// make sure group and capability exist
if (Groups_Group::read($group_id) && Groups_Capability::read($capability_id)) {
$result = true;
do_action("groups_updated_group_capability", $group_id, $capability_id);
}
}
return $result;
}
/**
* Options admin screen.
*/
function groups_admin_options()
{
global $wpdb, $wp_roles;
if (!current_user_can(GROUPS_ADMINISTER_OPTIONS)) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
$is_sitewide_plugin = false;
if (is_multisite()) {
$active_sitewide_plugins = get_site_option('active_sitewide_plugins', array());
$active_sitewide_plugins = array_keys($active_sitewide_plugins);
$is_sitewide_plugin = in_array('groups/groups.php', $active_sitewide_plugins);
}
echo '<div class="groups-options">';
echo '<div>' . '<h2>' . __('Groups options', GROUPS_PLUGIN_DOMAIN) . '</h2>' . '</div>';
$caps = array(GROUPS_ACCESS_GROUPS => __('Access Groups', GROUPS_PLUGIN_DOMAIN), GROUPS_ADMINISTER_GROUPS => __('Administer Groups', GROUPS_PLUGIN_DOMAIN), GROUPS_ADMINISTER_OPTIONS => __('Administer Groups plugin options', GROUPS_PLUGIN_DOMAIN));
//
// handle options form submission
//
if (isset($_POST['submit'])) {
if (wp_verify_nonce($_POST[GROUPS_ADMIN_OPTIONS_NONCE], 'admin')) {
// admin override
if (empty($_POST[GROUPS_ADMINISTRATOR_ACCESS_OVERRIDE])) {
$admin_override = false;
} else {
$admin_override = true;
}
// Don't move this to the plugin options, access will be faster
add_option(GROUPS_ADMINISTRATOR_ACCESS_OVERRIDE, $admin_override);
// WP 3.3.1 : update alone wouldn't create the option when value is false
update_option(GROUPS_ADMINISTRATOR_ACCESS_OVERRIDE, $admin_override);
$post_types_option = Groups_Options::get_option(Groups_Post_Access::POST_TYPES, array());
$post_types = get_post_types(array('public' => true));
foreach ($post_types as $post_type) {
$post_types_option[$post_type]['add_meta_box'] = in_array($post_type, $_POST['add_meta_boxes']);
}
Groups_Options::update_option(Groups_Post_Access::POST_TYPES, $post_types_option);
$valid_read_caps = array(Groups_Post_Access::READ_POST_CAPABILITY);
if (!empty($_POST[GROUPS_READ_POST_CAPABILITIES])) {
$read_caps = $_POST[GROUPS_READ_POST_CAPABILITIES];
foreach ($read_caps as $read_cap) {
if (!in_array($read_cap, $valid_read_caps) && ($valid_cap = Groups_Capability::read($read_cap))) {
$valid_read_caps[] = $valid_cap->capability;
}
}
}
Groups_Options::update_option(Groups_Post_Access::READ_POST_CAPABILITIES, $valid_read_caps);
// tree view
if (!empty($_POST[GROUPS_SHOW_TREE_VIEW])) {
Groups_Options::update_option(GROUPS_SHOW_TREE_VIEW, true);
} else {
Groups_Options::update_option(GROUPS_SHOW_TREE_VIEW, false);
}
// show in user profiles
Groups_Options::update_option(GROUPS_SHOW_IN_USER_PROFILE, !empty($_POST[GROUPS_SHOW_IN_USER_PROFILE]));
// roles & capabilities
$rolenames = $wp_roles->get_names();
foreach ($rolenames as $rolekey => $rolename) {
$role = $wp_roles->get_role($rolekey);
foreach ($caps as $capkey => $capname) {
$role_cap_id = $rolekey . '-' . $capkey;
if (!empty($_POST[$role_cap_id])) {
$role->add_cap($capkey);
} else {
$role->remove_cap($capkey);
}
}
}
Groups_Controller::assure_capabilities();
if (!$is_sitewide_plugin) {
// delete data
if (!empty($_POST['delete-data'])) {
Groups_Options::update_option('groups_delete_data', true);
} else {
Groups_Options::update_option('groups_delete_data', false);
}
}
}
}
$admin_override = get_option(GROUPS_ADMINISTRATOR_ACCESS_OVERRIDE, GROUPS_ADMINISTRATOR_ACCESS_OVERRIDE_DEFAULT);
$show_tree_view = Groups_Options::get_option(GROUPS_SHOW_TREE_VIEW, GROUPS_SHOW_TREE_VIEW_DEFAULT);
$show_in_user_profile = Groups_Options::get_option(GROUPS_SHOW_IN_USER_PROFILE, GROUPS_SHOW_IN_USER_PROFILE_DEFAULT);
$rolenames = $wp_roles->get_names();
$caps_table = '<table class="groups-permissions">';
$caps_table .= '<thead>';
$caps_table .= '<tr>';
$caps_table .= '<td class="role">';
$caps_table .= __('Role', GROUPS_PLUGIN_DOMAIN);
$caps_table .= '</td>';
foreach ($caps as $cap) {
$caps_table .= '<td class="cap">';
$caps_table .= $cap;
$caps_table .= '</td>';
}
$caps_table .= '</tr>';
$caps_table .= '</thead>';
$caps_table .= '<tbody>';
foreach ($rolenames as $rolekey => $rolename) {
$role = $wp_roles->get_role($rolekey);
$caps_table .= '<tr>';
$caps_table .= '<td>';
$caps_table .= translate_user_role($rolename);
$caps_table .= '</td>';
foreach ($caps as $capkey => $capname) {
if ($role->has_cap($capkey)) {
$checked = ' checked="checked" ';
} else {
$checked = '';
}
$caps_table .= '<td class="checkbox">';
$role_cap_id = $rolekey . '-' . $capkey;
$caps_table .= '<input type="checkbox" name="' . $role_cap_id . '" id="' . $role_cap_id . '" ' . $checked . '/>';
$caps_table .= '</td>';
}
$caps_table .= '</tr>';
}
$caps_table .= '</tbody>';
$caps_table .= '</table>';
$delete_data = Groups_Options::get_option('groups_delete_data', false);
//
// print the options form
//
echo '<form action="" name="options" method="post">' . '<p>' . '<input class="button" type="submit" name="submit" value="' . __('Save', GROUPS_PLUGIN_DOMAIN) . '"/>' . '</p>' . '<div>' . '<h3>' . __('Administrator Access Override', GROUPS_PLUGIN_DOMAIN) . '</h3>' . '<p>' . '<label>' . '<input name="' . GROUPS_ADMINISTRATOR_ACCESS_OVERRIDE . '" type="checkbox" ' . ($admin_override ? 'checked="checked"' : '') . '/>' . __('Administrators override all access permissions derived from Groups capabilities.', GROUPS_PLUGIN_DOMAIN) . '</label>' . '</p>';
echo '<h3>' . __('Access restricions', GROUPS_PLUGIN_DOMAIN) . '</h3>';
echo '<h4>' . __('Post types', GROUPS_PLUGIN_DOMAIN) . '</h4>';
echo '<p class="description">' . __('Show access restrictions for these post types.', GROUPS_PLUGIN_DOMAIN) . '</p>';
$post_types_option = Groups_Options::get_option(Groups_Post_Access::POST_TYPES, array());
$post_types = get_post_types(array('public' => true));
echo '<ul>';
foreach ($post_types as $post_type) {
$post_type_object = get_post_type_object($post_type);
echo '<li>';
echo '<label>';
$label = $post_type;
$labels = isset($post_type_object->labels) ? $post_type_object->labels : null;
if ($labels !== null && isset($labels->singular_name)) {
$label = __($labels->singular_name);
}
$checked = !isset($post_types_option[$post_type]['add_meta_box']) || $post_types_option[$post_type]['add_meta_box'] ? ' checked="checked" ' : '';
echo '<input name="add_meta_boxes[]" type="checkbox" value="' . esc_attr($post_type) . '" ' . $checked . '/>';
echo $label;
echo '</label>';
echo '</li>';
}
echo '<ul>';
echo '<p class="description">' . __('This determines for which post types access restriction settings are offered.', GROUPS_PLUGIN_DOMAIN) . '<br/>' . __('Disabling this setting for a post type does not remove existing access restrictions on individual posts of that type.', GROUPS_PLUGIN_DOMAIN) . '<br/>' . '</p>';
echo '<h4>' . __('Capabilities', GROUPS_PLUGIN_DOMAIN) . '</h4>';
echo '<p class="description">' . __('Include these capabilities to enforce read access on posts. The selected capabilities will be offered to restrict access to posts.', GROUPS_PLUGIN_DOMAIN) . '</p>';
$capability_table = _groups_get_tablename("capability");
$capabilities = $wpdb->get_results("SELECT * FROM {$capability_table} ORDER BY capability");
$applicable_read_caps = Groups_Options::get_option(Groups_Post_Access::READ_POST_CAPABILITIES, array(Groups_Post_Access::READ_POST_CAPABILITY));
foreach ($capabilities as $capability) {
$checked = in_array($capability->capability, $applicable_read_caps) ? ' checked="checked" ' : '';
if ($capability->capability == Groups_Post_Access::READ_POST_CAPABILITY) {
$checked .= ' readonly="readonly" disabled="disabled" ';
}
echo '<label>';
echo '<input name="' . GROUPS_READ_POST_CAPABILITIES . '[]" ' . $checked . ' type="checkbox" value="' . esc_attr($capability->capability_id) . '" />';
echo wp_filter_nohtml_kses($capability->capability);
echo '</label>';
echo ' ';
echo '<span class="description">' . wp_filter_nohtml_kses($capability->description) . '</span>';
echo '<br/>';
}
echo '<h3>' . __('User profiles', GROUPS_PLUGIN_DOMAIN) . '</h3>' . '<p>' . '<label>' . '<input name="' . GROUPS_SHOW_IN_USER_PROFILE . '" type="checkbox" ' . ($show_in_user_profile ? 'checked="checked"' : '') . '/>' . __('Show groups in user profiles.', GROUPS_PLUGIN_DOMAIN) . '</label>' . '</p>';
echo '<h3>' . __('Tree view', GROUPS_PLUGIN_DOMAIN) . '</h3>' . '<p>' . '<label>' . '<input name="' . GROUPS_SHOW_TREE_VIEW . '" type="checkbox" ' . ($show_tree_view ? 'checked="checked"' : '') . '/>' . __('Show the Groups tree view.', GROUPS_PLUGIN_DOMAIN) . '</label>' . '</p>';
echo '<h3>' . __('Permissions', GROUPS_PLUGIN_DOMAIN) . '</h3>' . '<p>' . __('These permissions apply to Groups management. They do not apply to access permissions derived from Groups capabilities.', GROUPS_PLUGIN_DOMAIN) . '</p>' . $caps_table . '<p class="description">' . __('A minimum set of permissions will be preserved.', GROUPS_PLUGIN_DOMAIN) . '<br/>' . __('If you lock yourself out, please ask an administrator to help.', GROUPS_PLUGIN_DOMAIN) . '</p>';
if (!$is_sitewide_plugin) {
echo '<h3>' . __('Deactivation and data persistence', GROUPS_PLUGIN_DOMAIN) . '</h3>' . '<p>' . '<label>' . '<input name="delete-data" type="checkbox" ' . ($delete_data ? 'checked="checked"' : '') . '/>' . __('Delete all Groups plugin data on deactivation', GROUPS_PLUGIN_DOMAIN) . '</label>' . '</p>' . '<p class="description warning">' . __('CAUTION: If this option is active while the plugin is deactivated, ALL plugin settings and data will be DELETED. If you are going to use this option, now would be a good time to make a backup. By enabling this option you agree to be solely responsible for any loss of data or any other consequences thereof.', GROUPS_PLUGIN_DOMAIN) . '</p>';
}
echo '<p>' . wp_nonce_field('admin', GROUPS_ADMIN_OPTIONS_NONCE, true, false) . '<input class="button" type="submit" name="submit" value="' . __('Save', GROUPS_PLUGIN_DOMAIN) . '"/>' . '</p>' . '</div>' . '</form>';
echo '</div>';
// .groups-options
Groups_Help::footer();
}
/**
* Remove capability and its relations.
*
* @param int $capability_id
* @return capability_id if successful, false otherwise
*/
public static function delete($capability_id)
{
global $wpdb;
$result = false;
// avoid nonsense requests
if ($capability = Groups_Capability::read($capability_id)) {
$capability_table = _groups_get_tablename('capability');
// get rid of it
if ($rows = $wpdb->query($wpdb->prepare("DELETE FROM {$capability_table} WHERE capability_id = %d", Groups_Utility::id($capability_id)))) {
$result = $capability_id;
if (!empty($capability->capability)) {
wp_cache_delete(self::READ_BY_CAPABILITY . '_' . $capability->capability, self::CACHE_GROUP);
do_action('groups_deleted_capability_capability', $capability->capability);
}
do_action("groups_deleted_capability", $result);
}
}
return $result;
}
/**
* Save capabilities for attachment post type (Media).
* When multiple attachments are saved, this is called once for each.
* @param array $post post data
* @param array $attachment attachment field data
* @return array
*/
public static function attachment_fields_to_save($post, $attachment)
{
$post_types_option = Groups_Options::get_option(Groups_Post_Access::POST_TYPES, array());
if (!isset($post_types_option['attachment']['add_meta_box']) || $post_types_option['attachment']['add_meta_box']) {
if (current_user_can('edit_attachment')) {
Groups_Post_Access::delete($post['ID'], null);
if (!empty($attachment[self::CAPABILITY])) {
foreach ($attachment[self::CAPABILITY] as $capability_id) {
if ($capability = Groups_Capability::read($capability_id)) {
Groups_Post_Access::create(array('post_id' => $post['ID'], 'capability' => $capability->capability));
}
}
}
}
}
return $post;
}
function groups_tests()
{
assert_options(ASSERT_ACTIVE, true);
assert_options(ASSERT_WARNING, true);
assert_options(ASSERT_BAIL, false);
//
// PART 1 : create test data
//
// *** groups ***
// create valid test groups
//
// Fruits [dance] {foo}
// / \
// Sweet {dol} Sour [sing]
// | |
// Banana {baz} Lemon {bar}
//
// All groups can dance.
// Only Sour and Lemon can sing.
$fruits_group_id = Groups_Group::create(array('name' => 'Fruits'));
assert('$fruits_group_id !== false');
$sweet_group_id = Groups_Group::create(array('name' => 'Sweet', 'parent_id' => $fruits_group_id));
assert('$sweet_group_id !== false');
$sour_group_id = Groups_Group::create(array('name' => 'Sour', 'parent_id' => $fruits_group_id));
assert('$sour_group_id !== false');
$lemon_group_id = Groups_Group::create(array('name' => 'Lemon', 'parent_id' => $sour_group_id));
assert('$lemon_group_id !== false');
$banana_group_id = Groups_Group::create(array('name' => 'Banana', 'parent_id' => $sweet_group_id));
assert('$banana_group_id !== false');
// fail to create group with missing name
$bogus_group_id = Groups_Group::create(array());
assert('$bogus_group_id === false; /* empty name */');
// fail to create group with wrong parent_id
$bogus_group_id = Groups_Group::create(array('name' => 'bogus', 'parent_id' => -1));
assert('$bogus_group_id === false; /* wrong parent_id */');
// *** capabilities ***
$sing_capability_id = Groups_Capability::create(array('capability' => 'sing'));
assert('$sing_capability_id !== false');
$dance_capability_id = Groups_Capability::create(array('capability' => 'dance'));
assert('$dance_capability_id !== false');
$clap_capability_id = Groups_Capability::create(array('capability' => 'clap'));
assert('$clap_capability_id !== false');
// read capability by id
assert('Groups_Capability::read( $sing_capability_id )');
// read capability by unique label
assert('Groups_Capability::read_by_capability( "dance" )');
// *** users ***
// create test users
$fooname = 'foo' . rand(0, 100);
$foo_user_id = wp_create_user($fooname, 'foo', $fooname . '@example.com');
assert('$foo_user_id instanceof WP_Error === false');
$barname = 'bar' . rand(0, 100);
$bar_user_id = wp_create_user($barname, 'bar', $barname . '@example.com');
assert('$bar_user_id instanceof WP_Error === false');
// this user is used to test the automatic resolution of its relationship
// with the banana group when the group is deleted
// it's also used to test automatic resolution of its "clap" capability
// after that capability has been deleted
$bazname = 'baz' . rand(0, 100);
$baz_user_id = wp_create_user($bazname, 'baz', $bazname . '@example.com');
assert('$baz_user_id instanceof WP_Error === false');
// this user is deleted, the group relation must be deleted automatically
$dolname = 'dol' . rand(0, 100);
$dol_user_id = wp_create_user($dolname, 'dol', $dolname . ' @example.com');
assert('$dol_user_id instanceof WP_Error === false');
// this user is a simple editor, used to test WordPress capabilities
$editorname = 'rotide' . rand(0, 100);
$editor_user_id = wp_create_user($editorname, 'rotide', $editorname . '@example.com');
assert('$editor_user_id instanceof WP_Error === false');
if (!$editor_user_id instanceof WP_Error) {
$editor_user = new WP_User($editor_user_id);
$editor_user->set_role('editor');
} else {
$editor_user_id = false;
}
// *** users & groups ***
// add valid users to groups
// echo "foo user id: $foo_user_id group: $fruits_group_id<br/>";
assert('Groups_User_Group::create(array( "user_id" => $foo_user_id, "group_id" => $fruits_group_id ) )');
assert('Groups_User_Group::create(array( "user_id" => $bar_user_id, "group_id" => $lemon_group_id ) )');
assert('Groups_User_Group::create(array( "user_id" => $baz_user_id, "group_id" => $banana_group_id ) )');
assert('Groups_User_Group::create(array( "user_id" => $dol_user_id, "group_id" => $sweet_group_id ) )');
// add invalid user to group
assert('Groups_User_Group::create(array( "user_id" => -1, "group_id" => $sweet_group_id ) ) === false');
// add valid user to invalid group
assert('Groups_User_Group::create(array( "user_id" => $dol_user_id, "group_id" => -1 ) ) === false');
// define capabilities for groups
assert('Groups_Group_Capability::create( array( "group_id" => $fruits_group_id, "capability_id" => $dance_capability_id ) )');
assert('Groups_Group_Capability::create( array( "group_id" => $sour_group_id, "capability_id" => $sing_capability_id ) )');
// define capabilities for users
assert('Groups_User_Capability::create( array( "user_id" => $foo_user_id, "capability_id" => $clap_capability_id ) )');
assert('Groups_User_Capability::create( array( "user_id" => $baz_user_id, "capability_id" => $clap_capability_id ) )');
// check groups that can dance (all)
// just reading will not check the hierarchy of course ...
assert('Groups_Group_Capability::read( $fruits_group_id, $dance_capability_id )');
assert('Groups_Group_Capability::read( $sweet_group_id, $dance_capability_id ) === false');
assert('Groups_Group_Capability::read( $banana_group_id, $dance_capability_id ) === false');
assert('Groups_Group_Capability::read( $sour_group_id, $dance_capability_id ) === false');
assert('Groups_Group_Capability::read( $lemon_group_id, $dance_capability_id ) === false');
// same for check on groups that can sing
assert('Groups_Group_Capability::read( $fruits_group_id, $sing_capability_id ) === false');
assert('Groups_Group_Capability::read( $sweet_group_id, $sing_capability_id ) === false');
assert('Groups_Group_Capability::read( $banana_group_id, $sing_capability_id ) === false');
assert('Groups_Group_Capability::read( $sour_group_id, $sing_capability_id )');
assert('Groups_Group_Capability::read( $lemon_group_id, $sing_capability_id ) === false');
// hierarchical groups
$fruits_group = new Groups_Group($fruits_group_id);
$sweet_group = new Groups_Group($sweet_group_id);
$banana_group = new Groups_Group($banana_group_id);
$sour_group = new Groups_Group($sour_group_id);
$lemon_group = new Groups_Group($lemon_group_id);
// retrieve users
assert('count( $fruits_group->users ) > 0');
// all should be able to "dance" : check by capability label ...
assert('$fruits_group->can( "dance" )');
assert('$sweet_group->can( "dance" )');
assert('$banana_group->can( "dance" )');
assert('$sour_group->can( "dance" )');
assert('$lemon_group->can( "dance" )');
// ... or id
assert('$fruits_group->can( $dance_capability_id )');
assert('$sweet_group->can( $dance_capability_id )');
assert('$banana_group->can( $dance_capability_id )');
assert('$sour_group->can( $dance_capability_id )');
assert('$lemon_group->can( $dance_capability_id )');
// only sour and lemon can sing:
assert('!$fruits_group->can( "sing" )');
assert('!$sweet_group->can( "sing" )');
assert('!$banana_group->can( "sing" )');
assert('$sour_group->can( "sing" )');
assert('$lemon_group->can( "sing" )');
// ... or id
assert('!$fruits_group->can( $sing_capability_id )');
assert('!$sweet_group->can( $sing_capability_id )');
assert('!$banana_group->can( $sing_capability_id )');
assert('$sour_group->can( $sing_capability_id )');
assert('$lemon_group->can( $sing_capability_id )');
// no group can clap
assert('!$fruits_group->can( $clap_capability_id )');
assert('!$sweet_group->can( $clap_capability_id )');
assert('!$banana_group->can( $clap_capability_id )');
assert('!$sour_group->can( $clap_capability_id )');
assert('!$lemon_group->can( $clap_capability_id )');
// user capabilities
$foo = new Groups_User($foo_user_id);
$dol = new Groups_User($dol_user_id);
$baz = new Groups_User($baz_user_id);
$bar = new Groups_User($bar_user_id);
assert('$foo->can( "dance" )');
assert('$dol->can( "dance" )');
assert('$baz->can( "dance" )');
assert('$bar->can( "dance" )');
assert('$foo->can( $dance_capability_id )');
assert('$dol->can( $dance_capability_id )');
assert('$baz->can( $dance_capability_id )');
assert('$bar->can( $dance_capability_id )');
assert('!$foo->can( "sing" )');
assert('!$dol->can( "sing" )');
assert('!$baz->can( "sing" )');
assert('$bar->can( "sing" )');
assert('!$foo->can( $sing_capability_id )');
assert('!$dol->can( $sing_capability_id )');
assert('!$baz->can( $sing_capability_id )');
assert('$bar->can( $sing_capability_id )');
// only foo & baz can clap
assert('$foo->can( "clap" )');
assert('!$dol->can( "clap" )');
assert('$baz->can( "clap" )');
assert('!$bar->can( "clap" )');
assert('$foo->can( $clap_capability_id )');
assert('!$dol->can( $clap_capability_id )');
assert('$baz->can( $clap_capability_id )');
assert('!$bar->can( $clap_capability_id )');
// user can not what is not defined
assert('!$foo->can( null )');
assert('!$dol->can( null )');
assert('!$baz->can( null )');
assert('!$bar->can( null )');
assert('!$foo->can( "bogus" )');
assert('!$dol->can( "bogus" )');
assert('!$baz->can( "bogus" )');
assert('!$bar->can( "bogus" )');
// groups can not what is not defined
assert('!$fruits_group->can( null )');
assert('!$sweet_group->can( null )');
assert('!$banana_group->can( null )');
assert('!$sour_group->can( null )');
assert('!$lemon_group->can( null )');
assert('!$fruits_group->can( "bogus" )');
assert('!$sweet_group->can( "bogus" )');
assert('!$banana_group->can( "bogus" )');
assert('!$sour_group->can( "bogus" )');
assert('!$lemon_group->can( "bogus" )');
// test WordPress capabilities
$administrator = new Groups_User(1);
assert('$administrator->can( "activate_plugins" )');
if ($editor_user_id) {
$editor = new Groups_User($editor_user_id);
assert('$editor->can( "edit_posts" )');
assert('!$editor->can( "activate_plugins" )');
}
if (is_multisite()) {
// $randext = rand( 0, 100 );
// $wpmu_test_user_id = wp_create_user( 'wpmu_test_user' . $randext, 'wpmu_test_user' );
// assert( '$wpmu_test_user_id instanceof WP_Error === false');
// @todo create a blog => must create new tables
// wpmu_create_blog( "groups_wpmu_" . $randext, "groups_wpmu_" . $randext, "Groups WPMU Test", $wpmu_test_user_id );
// @todo add user to new blog
// @todo switch to new blog
// @todo check that new user is in "Registered" group
// @todo switch to current blog
}
//
// PART 2 : delete test data
//
if (is_multisite()) {
// @todo delete new blog
}
// remove capabilities from groups
assert('Groups_Group_Capability::delete( $fruits_group_id, $dance_capability_id )');
// remove users from groups
assert('Groups_User_Group::delete($foo_user_id, $fruits_group_id)');
assert('Groups_User_Group::delete($bar_user_id, $lemon_group_id)');
// baz must be deleted from user_group when banana group is deleted
// invalid remove user from group
assert('Groups_User_Group::delete($foo_user_id, $banana_group_id) === false');
// delete test users
include_once ABSPATH . '/wp-admin/includes/user.php';
if ($foo_user_id && !$foo_user_id instanceof WP_Error) {
assert('wp_delete_user( $foo_user_id ) === true');
}
if ($bar_user_id && !$bar_user_id instanceof WP_Error) {
assert('wp_delete_user( $bar_user_id ) === true');
}
if ($dol_user_id && !$dol_user_id instanceof WP_Error) {
assert('wp_delete_user( $dol_user_id ) === true');
if ($sweet_group_id) {
// see above, this user must have been removed from the group upon its deletion
assert('Groups_User_Group::read( $dol_user_id, $sweet_group_id ) === false');
}
}
if ($editor_user_id && !$editor_user_id instanceof WP_Error) {
assert('wp_delete_user( $editor_user_id ) === true');
}
// fail to delete inexisting capabilities
assert('Groups_Capability::delete( -1 ) === false');
// delete valid test capabilities
if ($sing_capability_id) {
assert('Groups_Capability::delete( $sing_capability_id ) !== false');
}
if ($dance_capability_id) {
assert('Groups_Capability::delete( $dance_capability_id ) !== false');
}
if ($clap_capability_id) {
assert('Groups_Capability::delete( $clap_capability_id ) !== false');
}
// baz shouldn't be able to clap if there's no clapping capability anymore
if ($baz_user_id && !$baz_user_id instanceof WP_Error) {
assert('!$baz->can( "clap" )');
}
// fail to delete inexisting group
assert('Groups_Group::delete( -1 ) === false');
// delete invalid test group if creation was successful
if ($bogus_group_id) {
assert('Groups_Group::delete( $bogus_group_id )');
}
// delete valid test groups
if ($fruits_group_id) {
assert('Groups_Group::delete( $fruits_group_id )');
}
if ($sweet_group_id) {
assert('Groups_Group::delete( $sweet_group_id )');
}
if ($sour_group_id) {
assert('Groups_Group::delete( $sour_group_id )');
}
if ($lemon_group_id) {
assert('Groups_Group::delete( $lemon_group_id )');
}
if ($banana_group_id) {
assert('Groups_Group::delete( $banana_group_id )');
assert('Groups_User_Group::delete($baz_user_id, $banana_group_id ) === false');
}
// this user must not be deleted before as it is used to test that its
// relationship with the banana group is resolved when the group is deleted
if ($baz_user_id && !$baz_user_id instanceof WP_Error) {
assert('wp_delete_user( $baz_user_id ) === true');
}
}
/**
* Refreshes Groups capabilities based on WordPress capabilities.
* @return int number of capabilities added
*/
public static function refresh_capabilities()
{
global $wp_roles;
$capabilities = array();
$count = 0;
if (!isset($wp_roles)) {
// just trigger initialization
get_role('administrator');
}
$roles = $wp_roles->roles;
if (is_array($roles)) {
foreach ($roles as $rolename => $atts) {
if (isset($atts['capabilities']) && is_array($atts['capabilities'])) {
foreach ($atts['capabilities'] as $capability => $value) {
if (!in_array($capability, $capabilities)) {
$capabilities[] = $capability;
}
}
}
}
}
foreach ($capabilities as $capability) {
if (!Groups_Capability::read_by_capability($capability)) {
Groups_Capability::create(array('capability' => $capability));
$count++;
}
}
return $count;
}
/**
* Query modifier to take the selected access restriction capability into
* account.
*
* @param WP_Query $query query object passed by reference
*/
public static function parse_query(&$query)
{
global $pagenow;
if (is_admin()) {
if ($pagenow == 'edit.php') {
// check that we're on the right screen
$post_type = isset($_GET['post_type']) ? $_GET['post_type'] : 'post';
$post_types_option = Groups_Options::get_option(Groups_Post_Access::POST_TYPES, array());
if (!isset($post_types_option[$post_type]['add_meta_box']) || $post_types_option[$post_type]['add_meta_box']) {
if (!empty($_GET[Groups_Post_Access::POSTMETA_PREFIX . Groups_Post_Access::READ_POST_CAPABILITY]) && is_array($_GET[Groups_Post_Access::POSTMETA_PREFIX . Groups_Post_Access::READ_POST_CAPABILITY])) {
$include_unrestricted = false;
if (in_array(self::NOT_RESTRICTED, $_GET[Groups_Post_Access::POSTMETA_PREFIX . Groups_Post_Access::READ_POST_CAPABILITY])) {
$include_unrestricted = true;
}
$capabilities = array();
foreach ($_GET[Groups_Post_Access::POSTMETA_PREFIX . Groups_Post_Access::READ_POST_CAPABILITY] as $capability) {
if (Groups_Capability::read_by_capability($capability)) {
$capabilities[] = $capability;
}
}
if (!empty($capabilities)) {
if ($include_unrestricted) {
// meta_query does not handle a conjunction
// on the same meta field correctly
// (at least not up to WordPress 3.7.1)
// $query->query_vars['meta_query'] = array (
// 'relation' => 'OR',
// array (
// 'key' => Groups_Post_Access::POSTMETA_PREFIX . Groups_Post_Access::READ_POST_CAPABILITY,
// 'value' => $capabilities,
// 'compare' => 'IN'
// ),
// array (
// 'key' => Groups_Post_Access::POSTMETA_PREFIX . Groups_Post_Access::READ_POST_CAPABILITY,
// 'compare' => 'NOT EXISTS'
// )
// );
// we'll limit it to show just unrestricted entries
// until the above is solved
$query->query_vars['meta_query'] = array(array('key' => Groups_Post_Access::POSTMETA_PREFIX . Groups_Post_Access::READ_POST_CAPABILITY, 'compare' => 'NOT EXISTS'));
} else {
$query->query_vars['meta_query'] = array(array('key' => Groups_Post_Access::POSTMETA_PREFIX . Groups_Post_Access::READ_POST_CAPABILITY, 'value' => $capabilities, 'compare' => 'IN'));
}
} else {
if ($include_unrestricted) {
$query->query_vars['meta_query'] = array(array('key' => Groups_Post_Access::POSTMETA_PREFIX . Groups_Post_Access::READ_POST_CAPABILITY, 'compare' => 'NOT EXISTS'));
}
}
}
}
}
}
}
/**
* Handle remove form submission.
* @return array of deleted capabilities' ids
*/
function groups_admin_capabilities_bulk_remove_submit()
{
global $wpdb;
$result = array();
if (!current_user_can(GROUPS_ADMINISTER_GROUPS)) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
if (!wp_verify_nonce($_POST[GROUPS_ADMIN_GROUPS_ACTION_NONCE], 'admin')) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
$capability_ids = isset($_POST['capability_ids']) ? $_POST['capability_ids'] : null;
if ($capability_ids) {
foreach ($capability_ids as $capability_id) {
$capability = Groups_Capability::read($capability_id);
if ($capability) {
if ($capability->capability !== Groups_Post_Access::READ_POST_CAPABILITY) {
if (Groups_Capability::delete($capability_id)) {
$result[] = $capability->capability_id;
}
}
}
}
}
return $result;
}
/**
* @return array of valid read capabilities for the current or given user
*/
public static function get_valid_read_caps_for_user($user_id = null)
{
$result = array();
$user = new Groups_User($user_id === null ? get_current_user_id() : $user_id);
$valid_read_caps = Groups_Options::get_option(Groups_Post_Access::READ_POST_CAPABILITIES, array(Groups_Post_Access::READ_POST_CAPABILITY));
foreach ($valid_read_caps as $valid_read_cap) {
if ($capability = Groups_Capability::read_by_capability($valid_read_cap)) {
if ($user->can($capability->capability)) {
$result[] = $valid_read_cap;
}
}
}
return $result;
}
/**
* Remove capability and its relations.
*
* @param int $capability_id
* @return capability_id if successful, false otherwise
*/
public static function delete($capability_id)
{
global $wpdb;
$result = false;
// avoid nonsense requests
if ($capability = Groups_Capability::read($capability_id)) {
$capability_table = _groups_get_tablename('capability');
// get rid of it
if ($rows = $wpdb->query($wpdb->prepare("DELETE FROM {$capability_table} WHERE capability_id = %d", Groups_Utility::id($capability_id)))) {
$result = $capability_id;
do_action("groups_deleted_capability", $result);
}
}
return $result;
}
/**
* Manage capabilities: table of capabilities and add, edit, remove actions.
*/
function groups_admin_capabilities()
{
global $wpdb;
$output = '';
$today = date('Y-m-d', time());
if (!current_user_can(GROUPS_ADMINISTER_GROUPS)) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
//
// handle actions
//
if (isset($_POST['action'])) {
// handle action submit - do it
switch ($_POST['action']) {
case 'add':
if (!($capability_id = groups_admin_capabilities_add_submit())) {
return groups_admin_capabilities_add();
} else {
$capability = Groups_Capability::read($capability_id);
Groups_Admin::add_message(sprintf(__('The <em>%s</em> capability has been created.', GROUPS_PLUGIN_DOMAIN), stripslashes(wp_filter_nohtml_kses($capability->capability))));
}
break;
case 'edit':
if (!($capability_id = groups_admin_capabilities_edit_submit())) {
return groups_admin_capabilities_edit($_POST['capability-id-field']);
} else {
$capability = Groups_Capability::read($capability_id);
Groups_Admin::add_message(sprintf(__('The <em>%s</em> capability has been updated.', GROUPS_PLUGIN_DOMAIN), stripslashes(wp_filter_nohtml_kses($capability->capability))));
}
break;
case 'remove':
if ($capability_id = groups_admin_capabilities_remove_submit()) {
Groups_Admin::add_message(__('The capability has been deleted.', GROUPS_PLUGIN_DOMAIN));
}
break;
// bulk actions on groups: capabilities
// bulk actions on groups: capabilities
case 'groups-action':
if (wp_verify_nonce($_POST[GROUPS_ADMIN_GROUPS_ACTION_NONCE], 'admin')) {
$capability_ids = isset($_POST['capability_ids']) ? $_POST['capability_ids'] : null;
$bulk = isset($_POST['bulk']) ? $_POST['bulk'] : null;
if (is_array($capability_ids) && $bulk !== null) {
foreach ($capability_ids as $capability_id) {
$bulk_action = isset($_POST['bulk-action']) ? $_POST['bulk-action'] : null;
switch ($bulk_action) {
case 'remove':
if (isset($_POST['confirm'])) {
groups_admin_capabilities_bulk_remove_submit();
} else {
return groups_admin_capabilities_bulk_remove();
}
break;
}
break;
}
}
}
break;
}
} else {
if (isset($_GET['action'])) {
// handle action request - show form
switch ($_GET['action']) {
case 'add':
return groups_admin_capabilities_add();
break;
case 'edit':
if (isset($_GET['capability_id'])) {
return groups_admin_capabilities_edit($_GET['capability_id']);
}
break;
case 'remove':
if (isset($_GET['capability_id'])) {
return groups_admin_capabilities_remove($_GET['capability_id']);
}
break;
case 'refresh':
if (check_admin_referer('refresh')) {
$n = Groups_WordPress::refresh_capabilities();
if ($n > 0) {
$output .= '<div class="info">' . sprintf(_n('One capability has been added.', '%d capabilities have been added.', $n, GROUPS_PLUGIN_DOMAIN), $n) . '</div>';
} else {
$output .= '<div class="info">' . __('No new capabilities have been found.', GROUPS_PLUGIN_DOMAIN) . '</div>';
}
} else {
wp_die(__('A Duck!', GROUPS_PLUGIN_DOMAIN));
}
break;
}
}
}
//
// capabilities table
//
if (isset($_POST['clear_filters']) || isset($_POST['capability_id']) || isset($_POST['capability'])) {
if (!wp_verify_nonce($_POST[GROUPS_ADMIN_CAPABILITIES_FILTER_NONCE], 'admin')) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
}
// filters
$capability_id = Groups_Options::get_user_option('capabilities_capability_id', null);
$capability = Groups_Options::get_user_option('capabilities_capability', null);
if (isset($_POST['clear_filters'])) {
Groups_Options::delete_user_option('capabilities_capability_id');
Groups_Options::delete_user_option('capabilities_capability');
$capability_id = null;
$capability = null;
} else {
if (isset($_POST['submitted'])) {
// filter by name
if (!empty($_POST['capability'])) {
$capability = $_POST['capability'];
Groups_Options::update_user_option('capabilities_capability', $capability);
}
// filter by capability id
if (!empty($_POST['capability_id'])) {
$capability_id = intval($_POST['capability_id']);
Groups_Options::update_user_option('capabilities_capability_id', $capability_id);
} else {
if (isset($_POST['capability_id'])) {
// empty && isset => '' => all
$capability_id = null;
Groups_Options::delete_user_option('capabilities_capability_id');
}
}
}
}
if (isset($_POST['row_count'])) {
if (!wp_verify_nonce($_POST[GROUPS_ADMIN_CAPABILITIES_NONCE_1], 'admin')) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
}
if (isset($_POST['paged'])) {
if (!wp_verify_nonce($_POST[GROUPS_ADMIN_CAPABILITIES_NONCE_2], 'admin')) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
}
$current_url = (is_ssl() ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
$current_url = remove_query_arg('paged', $current_url);
$current_url = remove_query_arg('action', $current_url);
$current_url = remove_query_arg('capability_id', $current_url);
$capability_table = _groups_get_tablename('capability');
$output .= '<div class="manage-capabilities">' . '<div>' . '<h1>' . __('Capabilities', GROUPS_PLUGIN_DOMAIN) . '</h1>' . '</div>';
$output .= Groups_Admin::render_messages();
$output .= '<div class="manage">' . "<a title='" . __('Click to add a new capability', GROUPS_PLUGIN_DOMAIN) . "' class='add button' href='" . esc_url($current_url) . "&action=add'><img class='icon' alt='" . __('Add', GROUPS_PLUGIN_DOMAIN) . "' src='" . GROUPS_PLUGIN_URL . "images/add.png'/><span class='label'>" . __('New Capability', GROUPS_PLUGIN_DOMAIN) . "</span></a>" . "<a title='" . __('Click to refresh capabilities', GROUPS_PLUGIN_DOMAIN) . "' class='refresh button' href='" . esc_url(wp_nonce_url($current_url, 'refresh')) . "&action=refresh'><img class='icon' alt='" . __('Refresh', GROUPS_PLUGIN_DOMAIN) . "' src='" . GROUPS_PLUGIN_URL . "images/refresh.png'/><span class='label'></span></a>" . '</div>';
$row_count = isset($_POST['row_count']) ? intval($_POST['row_count']) : 0;
if ($row_count <= 0) {
$row_count = Groups_Options::get_user_option('capabilities_per_page', GROUPS_CAPABILITIES_PER_PAGE);
} else {
Groups_Options::update_user_option('capabilities_per_page', $row_count);
}
$offset = isset($_GET['offset']) ? intval($_GET['offset']) : 0;
if ($offset < 0) {
$offset = 0;
}
$paged = isset($_REQUEST['paged']) ? intval($_REQUEST['paged']) : 0;
if ($paged < 0) {
$paged = 0;
}
$orderby = isset($_GET['orderby']) ? $_GET['orderby'] : null;
switch ($orderby) {
case 'capability_id':
case 'capability':
break;
default:
$orderby = 'name';
}
$order = isset($_GET['order']) ? $_GET['order'] : null;
switch ($order) {
case 'asc':
case 'ASC':
$switch_order = 'DESC';
break;
case 'desc':
case 'DESC':
$switch_order = 'ASC';
break;
default:
$order = 'ASC';
$switch_order = 'DESC';
}
$filters = array(" 1=%d ");
$filter_params = array(1);
if ($capability_id) {
$filters[] = " {$capability_table}.capability_id = %d ";
$filter_params[] = $capability_id;
}
if ($capability) {
$filters[] = " {$capability_table}.capability LIKE '%%%s%%' ";
$filter_params[] = $capability;
}
if (!empty($filters)) {
$filters = " WHERE " . implode(" AND ", $filters);
} else {
$filters = '';
}
$count_query = $wpdb->prepare("SELECT COUNT(*) FROM {$capability_table} {$filters}", $filter_params);
$count = $wpdb->get_var($count_query);
if ($count > $row_count) {
$paginate = true;
} else {
$paginate = false;
}
$pages = ceil($count / $row_count);
if ($paged > $pages) {
$paged = $pages;
}
if ($paged != 0) {
$offset = ($paged - 1) * $row_count;
}
$query = $wpdb->prepare("SELECT * FROM {$capability_table}\n\t\t{$filters}\n\t\tORDER BY {$orderby} {$order}\n\t\tLIMIT {$row_count} OFFSET {$offset}", $filter_params);
$results = $wpdb->get_results($query, OBJECT);
$column_display_names = array('capability_id' => __('Id', GROUPS_PLUGIN_DOMAIN), 'capability' => __('Capability', GROUPS_PLUGIN_DOMAIN), 'description' => __('Description', GROUPS_PLUGIN_DOMAIN), 'edit' => __('Edit', GROUPS_PLUGIN_DOMAIN), 'remove' => __('Remove', GROUPS_PLUGIN_DOMAIN));
$output .= '<div class="capabilities-overview">';
$output .= '<div class="filters">' . '<label class="description" for="setfilters">' . __('Filters', GROUPS_PLUGIN_DOMAIN) . '</label>' . '<form id="setfilters" action="" method="post">' . '<p>' . '<label class="capability-id-filter" for="capability_id">' . __('Capability Id', GROUPS_PLUGIN_DOMAIN) . '</label>' . '<input class="capability-id-filter" name="capability_id" type="text" value="' . esc_attr($capability_id) . '"/>' . '<label class="capability-filter" for="capability">' . __('Capability', GROUPS_PLUGIN_DOMAIN) . '</label>' . '<input class="capability-filter" name="capability" type="text" value="' . $capability . '"/>' . '</p>' . '<p>' . wp_nonce_field('admin', GROUPS_ADMIN_CAPABILITIES_FILTER_NONCE, true, false) . '<input class="button" type="submit" value="' . __('Apply', GROUPS_PLUGIN_DOMAIN) . '"/>' . '<input class="button" type="submit" name="clear_filters" value="' . __('Clear', GROUPS_PLUGIN_DOMAIN) . '"/>' . '<input type="hidden" value="submitted" name="submitted"/>' . '</p>' . '</form>' . '</div>';
if ($paginate) {
require_once GROUPS_CORE_LIB . '/class-groups-pagination.php';
$pagination = new Groups_Pagination($count, null, $row_count);
$output .= '<form id="posts-filter" method="post" action="">';
$output .= '<div>';
$output .= wp_nonce_field('admin', GROUPS_ADMIN_CAPABILITIES_NONCE_2, true, false);
$output .= '</div>';
$output .= '<div class="tablenav top">';
$output .= $pagination->pagination('top');
$output .= '</div>';
$output .= '</form>';
}
$output .= '<div class="page-options right">';
$output .= '<form id="setrowcount" action="" method="post">';
$output .= '<div>';
$output .= '<label for="row_count">' . __('Results per page', GROUPS_PLUGIN_DOMAIN) . '</label>';
$output .= '<input name="row_count" type="text" size="2" value="' . esc_attr($row_count) . '" />';
$output .= wp_nonce_field('admin', GROUPS_ADMIN_CAPABILITIES_NONCE_1, true, false);
$output .= '<input class="button" type="submit" value="' . __('Apply', GROUPS_PLUGIN_DOMAIN) . '"/>';
$output .= '</div>';
$output .= '</form>';
$output .= '</div>';
$output .= '<form id="groups-action" method="post" action="">';
$output .= '<div class="tablenav top">';
$output .= '<div class="capabilities-bulk-container">';
$output .= '<div class="alignleft actions">';
$output .= '<select name="bulk-action">';
$output .= '<option selected="selected" value="-1">' . __("Bulk Actions", GROUPS_PLUGIN_DOMAIN) . '</option>';
$output .= '<option value="remove">' . __("Remove", GROUPS_PLUGIN_DOMAIN) . '</option>';
$output .= '</select>';
$output .= '<input class="button" type="submit" name="bulk" value="' . __("Apply", GROUPS_PLUGIN_DOMAIN) . '"/>';
$output .= '</div>';
$output .= '</div>';
$output .= '</div>';
$output .= wp_nonce_field('admin', GROUPS_ADMIN_GROUPS_ACTION_NONCE, true, false);
$output .= '<input type="hidden" name="action" value="groups-action"/>';
$output .= '<table id="" class="wp-list-table widefat fixed" cellspacing="0">';
$output .= '<thead>';
$output .= '<tr>';
$output .= '<th id="cb" class="manage-column column-cb check-column" scope="col"><input type="checkbox"></th>';
foreach ($column_display_names as $key => $column_display_name) {
$options = array('orderby' => $key, 'order' => $switch_order);
$class = $key;
if (!in_array($key, array('capabilities', 'edit', 'remove'))) {
if (strcmp($key, $orderby) == 0) {
$lorder = strtolower($order);
$class = "{$key} manage-column sorted {$lorder}";
} else {
$class = "{$key} manage-column sortable";
}
$column_display_name = '<a href="' . esc_url(add_query_arg($options, $current_url)) . '"><span>' . $column_display_name . '</span><span class="sorting-indicator"></span></a>';
}
$output .= "<th scope='col' class='{$class}'>{$column_display_name}</th>";
}
$output .= '</tr>
</thead>
<tbody>
';
if (count($results) > 0) {
for ($i = 0; $i < count($results); $i++) {
$result = $results[$i];
$output .= '<tr class="' . ($i % 2 == 0 ? 'even' : 'odd') . '">';
$output .= '<th class="check-column">';
$output .= '<input type="checkbox" value="' . esc_attr($result->capability_id) . '" name="capability_ids[]"/>';
$output .= '</th>';
$output .= "<td class='capability-id'>";
$output .= $result->capability_id;
$output .= "</td>";
$output .= "<td class='capability'>" . stripslashes(wp_filter_nohtml_kses($result->capability)) . "</td>";
$output .= "<td class='description'>" . stripslashes(wp_filter_nohtml_kses($result->description)) . "</td>";
$output .= "<td class='edit'>";
$output .= "<a href='" . esc_url(add_query_arg('paged', $paged, $current_url)) . "&action=edit&capability_id=" . $result->capability_id . "' alt='" . __('Edit', GROUPS_PLUGIN_DOMAIN) . "'><img src='" . GROUPS_PLUGIN_URL . "images/edit.png'/></a>";
$output .= "</td>";
$output .= "<td class='remove'>";
if ($result->capability !== Groups_Post_Access::READ_POST_CAPABILITY) {
$output .= "<a href='" . esc_url($current_url) . "&action=remove&capability_id=" . $result->capability_id . "' alt='" . __('Remove', GROUPS_PLUGIN_DOMAIN) . "'><img src='" . GROUPS_PLUGIN_URL . "images/remove.png'/></a>";
}
$output .= "</td>";
$output .= '</tr>';
}
} else {
$output .= '<tr><td colspan="6">' . __('There are no results.', GROUPS_PLUGIN_DOMAIN) . '</td></tr>';
}
$output .= '</tbody>';
$output .= '</table>';
$output .= Groups_UIE::render_add_titles('.capabilities-overview table td');
$output .= '</form>';
// #groups-action
if ($paginate) {
require_once GROUPS_CORE_LIB . '/class-groups-pagination.php';
$pagination = new Groups_Pagination($count, null, $row_count);
$output .= '<div class="tablenav bottom">';
$output .= $pagination->pagination('bottom');
$output .= '</div>';
}
$output .= '</div>';
// .capabilities-overview
$output .= '</div>';
// .manage-capabilities
echo $output;
Groups_Help::footer();
}
/**
* Renders custom column content.
*
* @param string $column_name
* @param int $post_id
* @return string custom column content
*/
public static function custom_column($column_name, $post_id)
{
$output = '';
switch ($column_name) {
case self::CAPABILITIES:
$read_caps = get_post_meta($post_id, Groups_Post_Access::POSTMETA_PREFIX . Groups_Post_Access::READ_POST_CAPABILITY);
$valid_read_caps = Groups_Options::get_option(Groups_Post_Access::READ_POST_CAPABILITIES, array(Groups_Post_Access::READ_POST_CAPABILITY));
if (count($valid_read_caps) > 0) {
sort($valid_read_caps);
$output = '<ul>';
foreach ($valid_read_caps as $valid_read_cap) {
if ($capability = Groups_Capability::read_by_capability($valid_read_cap)) {
if (in_array($valid_read_cap, $read_caps)) {
$output .= '<li>';
$output .= wp_strip_all_tags($capability->capability);
$output .= '</li>';
}
}
}
$output .= '</ul>';
} else {
$output .= '';
}
break;
}
echo $output;
}
