/** * (non-PHPdoc) * @see I_Capable::can() */ public function can($capability) { global $wpdb; $result = false; if ($this->group !== null) { $group_table = _groups_get_tablename("group"); $capability_table = _groups_get_tablename("capability"); $group_capability_table = _groups_get_tablename("group_capability"); // determine capability id $capability_id = null; if (is_numeric($capability)) { $capability_id = Groups_Utility::id($capability); } else { if (is_string($capability)) { $capability_id = $wpdb->get_var($wpdb->prepare("SELECT capability_id FROM {$capability_table} WHERE capability = %s", $capability)); } } if ($capability_id !== null) { // check if the group itself can $result = Groups_Group_Capability::read($this->group->group_id, $capability_id) !== false; if (!$result) { // find all parent groups and include in the group's // upward hierarchy to see if any of these can $group_ids = array($this->group->group_id); $iterations = 0; $old_group_ids_count = 0; $all_groups = $wpdb->get_var("SELECT COUNT(*) FROM {$group_table}"); while ($iterations < $all_groups && count($group_ids) !== $old_group_ids_count) { $iterations++; $old_group_ids_count = count($group_ids); $id_list = implode(",", $group_ids); $parent_group_ids = $wpdb->get_results("SELECT parent_id FROM {$group_table} WHERE parent_id IS NOT NULL AND group_id IN ({$id_list})"); if ($parent_group_ids) { foreach ($parent_group_ids as $parent_group_id) { $parent_group_id = Groups_Utility::id($parent_group_id->parent_id); if (!in_array($parent_group_id, $group_ids)) { $group_ids[] = $parent_group_id; } } } } if (count($group_ids) > 0) { $id_list = implode(",", $group_ids); $rows = $wpdb->get_results($wpdb->prepare("SELECT capability_id FROM {$group_capability_table} WHERE capability_id = %d AND group_id IN ({$id_list})", Groups_Utility::id($capability_id))); if (count($rows) > 0) { $result = true; } } } } } $result = apply_filters_ref_array("groups_group_can", array($result, &$this, $capability)); return $result; }
/** * Save capability options. * * @param int $post_id * @param mixed $post post data (not used here) */ public static function save_post($post_id = null, $post = null) { if (defined("DOING_AUTOSAVE") && DOING_AUTOSAVE) { } else { $post_type = get_post_type($post_id); $post_type_object = get_post_type_object($post_type); if ($post_type_object && $post_type != 'attachment') { $post_types_option = Groups_Options::get_option(Groups_Post_Access::POST_TYPES, array()); if (!isset($post_types_option[$post_type]['add_meta_box']) || $post_types_option[$post_type]['add_meta_box']) { if (isset($_POST[self::NONCE]) && wp_verify_nonce($_POST[self::NONCE], self::SET_CAPABILITY)) { $post_type = isset($_POST["post_type"]) ? $_POST["post_type"] : null; if ($post_type !== null) { // See http://codex.wordpress.org/Function_Reference/current_user_can 20130119 WP 3.5 // "... Some capability checks (like 'edit_post' or 'delete_page') require this [the post ID] be provided." // If the post ID is not provided, it will throw: // PHP Notice: Undefined offset: 0 in /var/www/groups-forums/wp-includes/capabilities.php on line 1067 $edit_post_type = 'edit_' . $post_type; if ($post_type_object = get_post_type_object($post_type)) { if (!isset($post_type_object->capabilities)) { // get_post_type_capabilities() (WP 3.8) will throw a warning // when trying to merge the missing property otherwise. It's either a // bug or the function's documentation should make it clear that you // have to provide that. $post_type_object->capabilities = array(); } $caps_object = get_post_type_capabilities($post_type_object); if (isset($caps_object->edit_post)) { $edit_post_type = $caps_object->edit_post; } } if (current_user_can($edit_post_type, $post_id)) { // quick-create ? if (current_user_can(GROUPS_ADMINISTER_GROUPS)) { if (!empty($_POST['quick-group-capability'])) { $creator_id = get_current_user_id(); $datetime = date('Y-m-d H:i:s', time()); $name = ucfirst(strtolower(trim($_POST['quick-group-capability']))); if (strlen($name) > 0) { // create or obtain the group if ($group = Groups_Group::read_by_name($name)) { } else { if ($group_id = Groups_Group::create(compact('creator_id', 'datetime', 'name'))) { $group = Groups_Group::read($group_id); } } // create or obtain the capability $name = strtolower($name); if ($capability = Groups_Capability::read_by_capability($name)) { } else { if ($capability_id = Groups_Capability::create(array('capability' => $name))) { $capability = Groups_Capability::read($capability_id); } } if ($group && $capability) { // add the capability to the group if (!Groups_Group_Capability::read($group->group_id, $capability->capability_id)) { Groups_Group_Capability::create(array('group_id' => $group->group_id, 'capability_id' => $capability->capability_id)); } // enable the capability for access restriction $valid_read_caps = Groups_Options::get_option(Groups_Post_Access::READ_POST_CAPABILITIES, array(Groups_Post_Access::READ_POST_CAPABILITY)); if (!in_array($capability->capability, $valid_read_caps)) { $valid_read_caps[] = $capability->capability; } Groups_Options::update_option(Groups_Post_Access::READ_POST_CAPABILITIES, $valid_read_caps); // add the current user to the group Groups_User_Group::create(array('user_id' => get_current_user_id(), 'group_id' => $group->group_id)); // put the capability ID in $_POST[self::CAPABILITY] so it is treated below if (empty($_POST[self::CAPABILITY])) { $_POST[self::CAPABILITY] = array(); } if (!in_array($capability->capability_id, $_POST[self::CAPABILITY])) { $_POST[self::CAPABILITY][] = $capability->capability_id; } } } } } // set if (self::user_can_restrict()) { $valid_read_caps = self::get_valid_read_caps_for_user(); foreach ($valid_read_caps as $valid_read_cap) { if ($capability = Groups_Capability::read_by_capability($valid_read_cap)) { if (!empty($_POST[self::CAPABILITY]) && is_array($_POST[self::CAPABILITY]) && in_array($capability->capability_id, $_POST[self::CAPABILITY])) { Groups_Post_Access::create(array('post_id' => $post_id, 'capability' => $capability->capability)); } else { Groups_Post_Access::delete($post_id, $capability->capability); } } } } // show groups Groups_Options::update_user_option(self::SHOW_GROUPS, !empty($_POST[self::SHOW_GROUPS])); } } } } } } }