{
global $wp_roles;
$capabilities = array();
$count = 0;
if (!isset($wp_roles)) {
// just trigger initialization
get_role('administrator');
}
$roles = $wp_roles->roles;
if (is_array($roles)) {
foreach ($roles as $rolename => $atts) {
if (isset($atts['capabilities']) && is_array($atts['capabilities'])) {
foreach ($atts['capabilities'] as $capability => $value) {
if (!in_array($capability, $capabilities)) {
$capabilities[] = $capability;
}
}
}
}
}
foreach ($capabilities as $capability) {
if (!Groups_Capability::read_by_capability($capability)) {
Groups_Capability::create(array('capability' => $capability));
$count++;
}
}
return $count;
}
}
Groups_WordPress::init();
/**
* Plugin activation work.
*/
private static function setup()
{
global $wpdb, $wp_roles;
// create WP capabilities
Groups_Controller::set_default_capabilities();
$charset_collate = '';
if (!empty($wpdb->charset)) {
$charset_collate = "DEFAULT CHARACTER SET {$wpdb->charset}";
}
if (!empty($wpdb->collate)) {
$charset_collate .= " COLLATE {$wpdb->collate}";
}
// create tables
$group_table = _groups_get_tablename('group');
if ($wpdb->get_var("SHOW TABLES LIKE '{$group_table}'") != $group_table) {
$queries[] = "CREATE TABLE {$group_table} (\n\t\t\t\tgroup_id BIGINT(20) UNSIGNED NOT NULL auto_increment,\n\t\t\t\tparent_id BIGINT(20) DEFAULT NULL,\n\t\t\t\tcreator_id BIGINT(20) DEFAULT NULL,\n\t\t\t\tdatetime DATETIME DEFAULT NULL,\n\t\t\t\tname VARCHAR(100) NOT NULL,\n\t\t\t\tdescription LONGTEXT DEFAULT NULL,\n\t\t\t\tPRIMARY KEY (group_id),\n\t\t\t\tUNIQUE INDEX group_n (name)\n\t\t\t) {$charset_collate};";
}
$capability_table = _groups_get_tablename('capability');
if ($wpdb->get_var("SHOW TABLES LIKE '{$capability_table}'") != $capability_table) {
$queries[] = "CREATE TABLE {$capability_table} (\n\t\t\t\tcapability_id BIGINT(20) UNSIGNED NOT NULL auto_increment,\n\t\t\t\tcapability VARCHAR(255) NOT NULL,\n\t\t\t\tclass VARCHAR(255) DEFAULT NULL,\n\t\t\t\tobject VARCHAR(255) DEFAULT NULL,\n\t\t\t\tname VARCHAR(100) DEFAULT NULL,\n\t\t\t\tdescription LONGTEXT DEFAULT NULL,\n\t\t\t\tPRIMARY KEY (capability_id),\n\t\t\t\tUNIQUE INDEX capability (capability(100)),\n\t\t\t\tINDEX capability_kco (capability(20),class(20),object(20))\n\t\t\t) {$charset_collate};";
}
$user_group_table = _groups_get_tablename('user_group');
if ($wpdb->get_var("SHOW TABLES LIKE '{$user_group_table}'") != $user_group_table) {
$queries[] = "CREATE TABLE {$user_group_table} (\n\t\t\t\tuser_id bigint(20) unsigned NOT NULL,\n\t\t\t\tgroup_id bigint(20) unsigned NOT NULL,\n\t\t\t\tPRIMARY KEY (user_id, group_id),\n\t\t\t\tINDEX user_group_gu (group_id,user_id)\n\t\t\t) {$charset_collate};";
}
$user_capability_table = _groups_get_tablename('user_capability');
if ($wpdb->get_var("SHOW TABLES LIKE '{$user_capability_table}'") != $user_capability_table) {
$queries[] = "CREATE TABLE {$user_capability_table} (\n\t\t\t\tuser_id\t bigint(20) unsigned NOT NULL,\n\t\t\t\tcapability_id bigint(20) unsigned NOT NULL,\n\t\t\t\tPRIMARY KEY (user_id, capability_id),\n\t\t\t\tINDEX user_capability_cu (capability_id,user_id)\n\t\t\t) {$charset_collate};";
}
$group_capability_table = _groups_get_tablename('group_capability');
if ($wpdb->get_var("SHOW TABLES LIKE '{$group_capability_table}'") != $group_capability_table) {
$queries[] = "CREATE TABLE {$group_capability_table} (\n\t\t\t\tgroup_id bigint(20) unsigned NOT NULL,\n\t\t\t\tcapability_id bigint(20) unsigned NOT NULL,\n\t\t\t\tPRIMARY KEY (group_id, capability_id),\n\t\t\t\tINDEX group_capability_cg (capability_id,group_id)\n\t\t\t) {$charset_collate};";
}
if (!empty($queries)) {
require_once ABSPATH . 'wp-admin/includes/upgrade.php';
dbDelta($queries);
}
// needs to be called to create its capabilities
Groups_Post_Access::activate();
// same thing to created groups for registered users
Groups_Registered::activate();
// add WordPress capabilities
Groups_WordPress::activate();
// ... end of plugin activation work.
}
/**
* Manage capabilities: table of capabilities and add, edit, remove actions.
*/
function groups_admin_capabilities()
{
global $wpdb;
$output = '';
$today = date('Y-m-d', time());
if (!current_user_can(GROUPS_ADMINISTER_GROUPS)) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
//
// handle actions
//
if (isset($_POST['action'])) {
// handle action submit - do it
switch ($_POST['action']) {
case 'add':
if (!($capability_id = groups_admin_capabilities_add_submit())) {
return groups_admin_capabilities_add();
} else {
$capability = Groups_Capability::read($capability_id);
Groups_Admin::add_message(sprintf(__('The <em>%s</em> capability has been created.', GROUPS_PLUGIN_DOMAIN), stripslashes(wp_filter_nohtml_kses($capability->capability))));
}
break;
case 'edit':
if (!($capability_id = groups_admin_capabilities_edit_submit())) {
return groups_admin_capabilities_edit($_POST['capability-id-field']);
} else {
$capability = Groups_Capability::read($capability_id);
Groups_Admin::add_message(sprintf(__('The <em>%s</em> capability has been updated.', GROUPS_PLUGIN_DOMAIN), stripslashes(wp_filter_nohtml_kses($capability->capability))));
}
break;
case 'remove':
if ($capability_id = groups_admin_capabilities_remove_submit()) {
Groups_Admin::add_message(__('The capability has been deleted.', GROUPS_PLUGIN_DOMAIN));
}
break;
// bulk actions on groups: capabilities
// bulk actions on groups: capabilities
case 'groups-action':
if (wp_verify_nonce($_POST[GROUPS_ADMIN_GROUPS_ACTION_NONCE], 'admin')) {
$capability_ids = isset($_POST['capability_ids']) ? $_POST['capability_ids'] : null;
$bulk = isset($_POST['bulk']) ? $_POST['bulk'] : null;
if (is_array($capability_ids) && $bulk !== null) {
foreach ($capability_ids as $capability_id) {
$bulk_action = isset($_POST['bulk-action']) ? $_POST['bulk-action'] : null;
switch ($bulk_action) {
case 'remove':
if (isset($_POST['confirm'])) {
groups_admin_capabilities_bulk_remove_submit();
} else {
return groups_admin_capabilities_bulk_remove();
}
break;
}
break;
}
}
}
break;
}
} else {
if (isset($_GET['action'])) {
// handle action request - show form
switch ($_GET['action']) {
case 'add':
return groups_admin_capabilities_add();
break;
case 'edit':
if (isset($_GET['capability_id'])) {
return groups_admin_capabilities_edit($_GET['capability_id']);
}
break;
case 'remove':
if (isset($_GET['capability_id'])) {
return groups_admin_capabilities_remove($_GET['capability_id']);
}
break;
case 'refresh':
if (check_admin_referer('refresh')) {
$n = Groups_WordPress::refresh_capabilities();
if ($n > 0) {
$output .= '<div class="info">' . sprintf(_n('One capability has been added.', '%d capabilities have been added.', $n, GROUPS_PLUGIN_DOMAIN), $n) . '</div>';
} else {
$output .= '<div class="info">' . __('No new capabilities have been found.', GROUPS_PLUGIN_DOMAIN) . '</div>';
}
} else {
wp_die(__('A Duck!', GROUPS_PLUGIN_DOMAIN));
}
break;
}
}
}
//
// capabilities table
//
if (isset($_POST['clear_filters']) || isset($_POST['capability_id']) || isset($_POST['capability'])) {
if (!wp_verify_nonce($_POST[GROUPS_ADMIN_CAPABILITIES_FILTER_NONCE], 'admin')) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
}
// filters
$capability_id = Groups_Options::get_user_option('capabilities_capability_id', null);
$capability = Groups_Options::get_user_option('capabilities_capability', null);
if (isset($_POST['clear_filters'])) {
Groups_Options::delete_user_option('capabilities_capability_id');
Groups_Options::delete_user_option('capabilities_capability');
$capability_id = null;
$capability = null;
} else {
if (isset($_POST['submitted'])) {
// filter by name
if (!empty($_POST['capability'])) {
$capability = $_POST['capability'];
Groups_Options::update_user_option('capabilities_capability', $capability);
}
// filter by capability id
if (!empty($_POST['capability_id'])) {
$capability_id = intval($_POST['capability_id']);
Groups_Options::update_user_option('capabilities_capability_id', $capability_id);
} else {
if (isset($_POST['capability_id'])) {
// empty && isset => '' => all
$capability_id = null;
Groups_Options::delete_user_option('capabilities_capability_id');
}
}
}
}
if (isset($_POST['row_count'])) {
if (!wp_verify_nonce($_POST[GROUPS_ADMIN_CAPABILITIES_NONCE_1], 'admin')) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
}
if (isset($_POST['paged'])) {
if (!wp_verify_nonce($_POST[GROUPS_ADMIN_CAPABILITIES_NONCE_2], 'admin')) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
}
$current_url = (is_ssl() ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
$current_url = remove_query_arg('paged', $current_url);
$current_url = remove_query_arg('action', $current_url);
$current_url = remove_query_arg('capability_id', $current_url);
$capability_table = _groups_get_tablename('capability');
$output .= '<div class="manage-capabilities">' . '<div>' . '<h1>' . __('Capabilities', GROUPS_PLUGIN_DOMAIN) . '</h1>' . '</div>';
$output .= Groups_Admin::render_messages();
$output .= '<div class="manage">' . "<a title='" . __('Click to add a new capability', GROUPS_PLUGIN_DOMAIN) . "' class='add button' href='" . esc_url($current_url) . "&action=add'><img class='icon' alt='" . __('Add', GROUPS_PLUGIN_DOMAIN) . "' src='" . GROUPS_PLUGIN_URL . "images/add.png'/><span class='label'>" . __('New Capability', GROUPS_PLUGIN_DOMAIN) . "</span></a>" . "<a title='" . __('Click to refresh capabilities', GROUPS_PLUGIN_DOMAIN) . "' class='refresh button' href='" . esc_url(wp_nonce_url($current_url, 'refresh')) . "&action=refresh'><img class='icon' alt='" . __('Refresh', GROUPS_PLUGIN_DOMAIN) . "' src='" . GROUPS_PLUGIN_URL . "images/refresh.png'/><span class='label'></span></a>" . '</div>';
$row_count = isset($_POST['row_count']) ? intval($_POST['row_count']) : 0;
if ($row_count <= 0) {
$row_count = Groups_Options::get_user_option('capabilities_per_page', GROUPS_CAPABILITIES_PER_PAGE);
} else {
Groups_Options::update_user_option('capabilities_per_page', $row_count);
}
$offset = isset($_GET['offset']) ? intval($_GET['offset']) : 0;
if ($offset < 0) {
$offset = 0;
}
$paged = isset($_REQUEST['paged']) ? intval($_REQUEST['paged']) : 0;
if ($paged < 0) {
$paged = 0;
}
$orderby = isset($_GET['orderby']) ? $_GET['orderby'] : null;
switch ($orderby) {
case 'capability_id':
case 'capability':
break;
default:
$orderby = 'name';
}
$order = isset($_GET['order']) ? $_GET['order'] : null;
switch ($order) {
case 'asc':
case 'ASC':
$switch_order = 'DESC';
break;
case 'desc':
case 'DESC':
$switch_order = 'ASC';
break;
default:
$order = 'ASC';
$switch_order = 'DESC';
}
$filters = array(" 1=%d ");
$filter_params = array(1);
if ($capability_id) {
$filters[] = " {$capability_table}.capability_id = %d ";
$filter_params[] = $capability_id;
}
if ($capability) {
$filters[] = " {$capability_table}.capability LIKE '%%%s%%' ";
$filter_params[] = $capability;
}
if (!empty($filters)) {
$filters = " WHERE " . implode(" AND ", $filters);
} else {
$filters = '';
}
$count_query = $wpdb->prepare("SELECT COUNT(*) FROM {$capability_table} {$filters}", $filter_params);
$count = $wpdb->get_var($count_query);
if ($count > $row_count) {
$paginate = true;
} else {
$paginate = false;
}
$pages = ceil($count / $row_count);
if ($paged > $pages) {
$paged = $pages;
}
if ($paged != 0) {
$offset = ($paged - 1) * $row_count;
}
$query = $wpdb->prepare("SELECT * FROM {$capability_table}\n\t\t{$filters}\n\t\tORDER BY {$orderby} {$order}\n\t\tLIMIT {$row_count} OFFSET {$offset}", $filter_params);
$results = $wpdb->get_results($query, OBJECT);
$column_display_names = array('capability_id' => __('Id', GROUPS_PLUGIN_DOMAIN), 'capability' => __('Capability', GROUPS_PLUGIN_DOMAIN), 'description' => __('Description', GROUPS_PLUGIN_DOMAIN), 'edit' => __('Edit', GROUPS_PLUGIN_DOMAIN), 'remove' => __('Remove', GROUPS_PLUGIN_DOMAIN));
$output .= '<div class="capabilities-overview">';
$output .= '<div class="filters">' . '<label class="description" for="setfilters">' . __('Filters', GROUPS_PLUGIN_DOMAIN) . '</label>' . '<form id="setfilters" action="" method="post">' . '<p>' . '<label class="capability-id-filter" for="capability_id">' . __('Capability Id', GROUPS_PLUGIN_DOMAIN) . '</label>' . '<input class="capability-id-filter" name="capability_id" type="text" value="' . esc_attr($capability_id) . '"/>' . '<label class="capability-filter" for="capability">' . __('Capability', GROUPS_PLUGIN_DOMAIN) . '</label>' . '<input class="capability-filter" name="capability" type="text" value="' . $capability . '"/>' . '</p>' . '<p>' . wp_nonce_field('admin', GROUPS_ADMIN_CAPABILITIES_FILTER_NONCE, true, false) . '<input class="button" type="submit" value="' . __('Apply', GROUPS_PLUGIN_DOMAIN) . '"/>' . '<input class="button" type="submit" name="clear_filters" value="' . __('Clear', GROUPS_PLUGIN_DOMAIN) . '"/>' . '<input type="hidden" value="submitted" name="submitted"/>' . '</p>' . '</form>' . '</div>';
if ($paginate) {
require_once GROUPS_CORE_LIB . '/class-groups-pagination.php';
$pagination = new Groups_Pagination($count, null, $row_count);
$output .= '<form id="posts-filter" method="post" action="">';
$output .= '<div>';
$output .= wp_nonce_field('admin', GROUPS_ADMIN_CAPABILITIES_NONCE_2, true, false);
$output .= '</div>';
$output .= '<div class="tablenav top">';
$output .= $pagination->pagination('top');
$output .= '</div>';
$output .= '</form>';
}
$output .= '<div class="page-options right">';
$output .= '<form id="setrowcount" action="" method="post">';
$output .= '<div>';
$output .= '<label for="row_count">' . __('Results per page', GROUPS_PLUGIN_DOMAIN) . '</label>';
$output .= '<input name="row_count" type="text" size="2" value="' . esc_attr($row_count) . '" />';
$output .= wp_nonce_field('admin', GROUPS_ADMIN_CAPABILITIES_NONCE_1, true, false);
$output .= '<input class="button" type="submit" value="' . __('Apply', GROUPS_PLUGIN_DOMAIN) . '"/>';
$output .= '</div>';
$output .= '</form>';
$output .= '</div>';
$output .= '<form id="groups-action" method="post" action="">';
$output .= '<div class="tablenav top">';
$output .= '<div class="capabilities-bulk-container">';
$output .= '<div class="alignleft actions">';
$output .= '<select name="bulk-action">';
$output .= '<option selected="selected" value="-1">' . __("Bulk Actions", GROUPS_PLUGIN_DOMAIN) . '</option>';
$output .= '<option value="remove">' . __("Remove", GROUPS_PLUGIN_DOMAIN) . '</option>';
$output .= '</select>';
$output .= '<input class="button" type="submit" name="bulk" value="' . __("Apply", GROUPS_PLUGIN_DOMAIN) . '"/>';
$output .= '</div>';
$output .= '</div>';
$output .= '</div>';
$output .= wp_nonce_field('admin', GROUPS_ADMIN_GROUPS_ACTION_NONCE, true, false);
$output .= '<input type="hidden" name="action" value="groups-action"/>';
$output .= '<table id="" class="wp-list-table widefat fixed" cellspacing="0">';
$output .= '<thead>';
$output .= '<tr>';
$output .= '<th id="cb" class="manage-column column-cb check-column" scope="col"><input type="checkbox"></th>';
foreach ($column_display_names as $key => $column_display_name) {
$options = array('orderby' => $key, 'order' => $switch_order);
$class = $key;
if (!in_array($key, array('capabilities', 'edit', 'remove'))) {
if (strcmp($key, $orderby) == 0) {
$lorder = strtolower($order);
$class = "{$key} manage-column sorted {$lorder}";
} else {
$class = "{$key} manage-column sortable";
}
$column_display_name = '<a href="' . esc_url(add_query_arg($options, $current_url)) . '"><span>' . $column_display_name . '</span><span class="sorting-indicator"></span></a>';
}
$output .= "<th scope='col' class='{$class}'>{$column_display_name}</th>";
}
$output .= '</tr>
</thead>
<tbody>
';
if (count($results) > 0) {
for ($i = 0; $i < count($results); $i++) {
$result = $results[$i];
$output .= '<tr class="' . ($i % 2 == 0 ? 'even' : 'odd') . '">';
$output .= '<th class="check-column">';
$output .= '<input type="checkbox" value="' . esc_attr($result->capability_id) . '" name="capability_ids[]"/>';
$output .= '</th>';
$output .= "<td class='capability-id'>";
$output .= $result->capability_id;
$output .= "</td>";
$output .= "<td class='capability'>" . stripslashes(wp_filter_nohtml_kses($result->capability)) . "</td>";
$output .= "<td class='description'>" . stripslashes(wp_filter_nohtml_kses($result->description)) . "</td>";
$output .= "<td class='edit'>";
$output .= "<a href='" . esc_url(add_query_arg('paged', $paged, $current_url)) . "&action=edit&capability_id=" . $result->capability_id . "' alt='" . __('Edit', GROUPS_PLUGIN_DOMAIN) . "'><img src='" . GROUPS_PLUGIN_URL . "images/edit.png'/></a>";
$output .= "</td>";
$output .= "<td class='remove'>";
if ($result->capability !== Groups_Post_Access::READ_POST_CAPABILITY) {
$output .= "<a href='" . esc_url($current_url) . "&action=remove&capability_id=" . $result->capability_id . "' alt='" . __('Remove', GROUPS_PLUGIN_DOMAIN) . "'><img src='" . GROUPS_PLUGIN_URL . "images/remove.png'/></a>";
}
$output .= "</td>";
$output .= '</tr>';
}
} else {
$output .= '<tr><td colspan="6">' . __('There are no results.', GROUPS_PLUGIN_DOMAIN) . '</td></tr>';
}
$output .= '</tbody>';
$output .= '</table>';
$output .= Groups_UIE::render_add_titles('.capabilities-overview table td');
$output .= '</form>';
// #groups-action
if ($paginate) {
require_once GROUPS_CORE_LIB . '/class-groups-pagination.php';
$pagination = new Groups_Pagination($count, null, $row_count);
$output .= '<div class="tablenav bottom">';
$output .= $pagination->pagination('bottom');
$output .= '</div>';
}
$output .= '</div>';
// .capabilities-overview
$output .= '</div>';
// .manage-capabilities
echo $output;
Groups_Help::footer();
}
