</thead>
<tbody>
<?php
foreach ($otype_roles as $object_type => $roles) {
foreach ($roles as $role_handle => $role) {
if (!empty($role->anon_only)) {
continue;
}
if (!empty($role->valid_scopes) && empty($role->valid_scopes['blog'])) {
continue;
}
$assignment_list = array();
foreach ($role_bases as $role_basis) {
if (is_array($blog_roles[$role_basis]) && isset($blog_roles[$role_basis][$role_handle])) {
$assignment_names = array_intersect_key($agent_names[$role_basis], $blog_roles[$role_basis][$role_handle]);
$assignment_list[$role_basis] = "<span class='{$role_basis}-csv'>" . $agent_list_prefix[$role_basis] . ScoperAdminBulkLib::role_assignment_list($blog_roles[$role_basis][$role_handle], $assignment_names, $role_basis) . '</span>';
}
}
$assignment_list = implode(' ', $assignment_list);
// retain previous selections in case of error ( user forgets to select groups/users )
$val = $role_codes[$role_handle];
$id = "{$role_handle}";
$checked = $err && isset($_POST['roles']) && in_array($val, $_POST['roles']) ? 'checked="checked"' : '';
$skip_if_val = REMOVE_ASSIGNMENT_RS;
// Does current user have this role blog-wide?
$is_admin_module = isset($otype_source[$object_type]) ? $otype_source[$object_type] : '';
if (is_administrator_rs($is_admin_module, 'user') || array_intersect_key(array($role_handle => 1), $current_rs_user->blog_roles[$date_key])) {
$checked = $err && isset($_POST['roles']) && in_array($val, $_POST['roles']) ? 'checked="checked"' : '';
$skip_if_val = REMOVE_ASSIGNMENT_RS;
$js_call = "agp_uncheck('" . implode(',', array_keys($roles)) . "',this.id,'assign_for','{$skip_if_val}');";
$checkbox = "<input type='checkbox' name='roles[]' id='{$id}' value='{$val}' {$checked} onclick=\"{$js_call}\" />";
function item_tree($scope, $mode, $src, $otype_or_tx, $all_items, $assigned_roles, $strict_items, $role_defs_by_otype, $role_codes, $args = array())
{
$defaults = array('admin_items' => '', 'editable_roles' => '', 'ul_class' => 'rs-termlist', 'ie_link_style' => '', 'object_names' => '', 'table_captions' => '', 'err' => '', 'object_status' => '', 'agent_caption_plural' => '', 'agent_list_prefix' => '', 'agent_names' => '', 'default_hide_empty' => false, 'role_bases' => array(ROLE_BASIS_USER, ROLE_BASIS_GROUPS), 'single_item' => false);
$args = array_merge($defaults, (array) $args);
extract($args);
global $scoper;
if (!is_object($src)) {
$src = $scoper->data_sources->get($src);
}
$col_id = $src->cols->id;
$col_name = $src->cols->name;
$col_parent = isset($src->cols->parent) ? $src->cols->parent : '';
$item_label = $otype_or_tx->labels->singular_name;
if (TERM_SCOPE_RS == $scope) {
$src_or_tx_name = $otype_or_tx->name;
$edit_url_base = !empty($otype_or_tx->edit_url) ? $otype_or_tx->edit_url : '';
} else {
$src_or_tx_name = $src->name;
$edit_url_base = !empty($src->edit_url) ? $src->edit_url : '';
}
if ($default_hide_empty) {
$hide_tr_sfx = '-hide';
$hide_li_sfx = '-hide';
} else {
$hide_tr_sfx = '';
$hide_li_sfx = '';
}
$nextlink = '';
$prevlink = '';
if (empty($admin_items)) {
$admin_items = array();
}
if (empty($agent_caption_plural)) {
$agent_caption_plural = __('Users or Groups', 'scoper');
}
if (empty($agent_list_prefix)) {
$agent_list_prefix = array();
$agent_list_prefix[ROLE_BASIS_USER] = '';
$agent_list_prefix[ROLE_BASIS_GROUPS] = __('Groups') . ': ';
}
static $prevtext, $nexttext, $is_administrator, $role_header, $agents_header;
if (empty($prevtext)) {
// buffer prev/next caption for display with each term
//$prevtext = _ x('prev', '|abbreviated link to previous item', 'scoper');
//$nexttext = _ x('next', '|abbreviated link to next item', 'scoper');
$prevtext = __('prev', 'scoper');
$nexttext = __('next', 'scoper');
$is_administrator = is_administrator_rs($src, 'user');
$role_header = __awp('Role');
switch ($mode) {
case ROLE_ASSIGNMENT_RS:
//$agents_header = sprintf( _ x('Current %s', 'users or groups', 'scoper'), $agent_caption_plural);
$agents_header = sprintf(__('Current %s', 'scoper'), $agent_caption_plural);
break;
case ROLE_RESTRICTION_RS:
$agents_header = __('Current Restrictions', 'scoper');
break;
default:
return;
}
}
// disregard roles that don't apply to this scope
foreach ($role_defs_by_otype as $object_type => $role_defs) {
foreach ($role_defs as $role_handle => $role) {
if (!isset($role->valid_scopes[$scope])) {
unset($role_defs_by_otype[$object_type][$role_handle]);
}
}
}
// for object scope, assign "private post reader" role, but label it as "post reader" to limit confusion
$role_display_name = array();
foreach ($role_defs_by_otype as $role_defs) {
foreach (array_keys($role_defs) as $role_handle) {
$role_display_name[$role_handle] = $scoper->role_defs->get_display_name($role_handle, $scope . '_ui');
}
}
// display a separate role assignment list for each individual term / object
$last_id = -1;
$last_name = '';
$last_parent_id = -1;
$parent_id = 0;
$parents = array();
$depth = 0;
$_top_link = "<a{$ie_link_style} href='#scoper_top'>" . __('top', 'scoper') . '</a>';
$tr_display = strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false ? 'block' : 'table-row';
$show_all_caption = __('show all', 'scoper');
echo "<ul class='{$ul_class}' style='padding-left:0.1em;'>";
if (empty($all_items)) {
$all_items = array();
}
if (!$single_item && is_user_administrator_rs() && 'nav_menu' != $src_or_tx_name) {
// TODO: action handler for new menu item storage
if (ROLE_ASSIGNMENT_RS == $mode) {
$root_caption = sprintf(__('DEFAULTS for new %s', 'scoper'), $otype_or_tx->labels->name);
} else {
$root_caption = sprintf(__('DEFAULTS for all %s', 'scoper'), $otype_or_tx->labels->name);
}
if (TERM_SCOPE_RS == $scope) {
$root_item = (object) array($col_id => 0, $col_name => $root_caption, $col_parent => 0);
array_unshift($all_items, $root_item);
} else {
$obj = (object) array($col_id => 0);
$all_items = array($root_caption => $obj) + $all_items;
$object_names[0] = $root_caption;
$status_objects = 'post' == $src->name ? get_post_stati(array(), 'object') : array();
}
}
$title_roles = __('edit roles', 'scoper');
$title_item = sprintf(__('edit %s', 'scoper'), agp_strtolower($item_label));
foreach ($all_items as $key => $item) {
$id = $item->{$col_id};
if (!empty($object_names[$id])) {
$name = esc_attr(str_replace(' ', ' ', $object_names[$id]));
} else {
$name = str_replace(' ', ' ', $item->{$col_name});
}
if ($col_parent && isset($item->{$col_parent})) {
$parent_id = $item->{$col_parent};
if ($parent_id != $last_parent_id) {
if ($parent_id == $last_id && $last_id) {
$parents[$last_name] = $last_id;
echo "<ul class='{$ul_class}'>";
$depth++;
} elseif ($depth) {
do {
//echo "term $name: depth $depth, current parents: " . print_r($parents);
array_pop($parents);
echo '</li></ul>';
$depth--;
} while ($parents && end($parents) != $parent_id && $depth);
}
$last_parent_id = $parent_id;
}
}
if ($is_administrator || isset($admin_items[$last_id])) {
if (!$last_id) {
// always close li for defaults
echo '</li>';
} elseif (-1 != $last_id && $parent_id != $last_id) {
echo '</li>';
}
}
if (OBJECT_SCOPE_RS == $scope) {
if (isset($object_status) && !empty($object_status[$id]) && 'publish' != $object_status[$id] && 'private' != $object_status[$id]) {
$status_text = isset($status_objects[$object_status[$id]]) ? "{$status_objects[$object_status[$id]]->label}, " : "{$object_status[$id]}, ";
} else {
$status_text = '';
}
$link_span_open = $status_text ? "<span class='rs-brown'>" : '';
$link_span_close = $status_text ? "</span>" : '';
// link from object name to our "Edit Object Role Assignment" interface
if ($id) {
$rs_edit_url = "admin.php?page=rs-object_role_edit&src_name={$src_or_tx_name}&object_type={$otype_or_tx->name}&object_id={$id}&object_name=" . urlencode($name);
$name_text = "{$link_span_open}<a title='{$title_roles}' href='{$rs_edit_url}'>{$name}</a>{$link_span_close}";
} else {
$name_text = $name;
}
// link from object ID to the object type's default editor, if defined
if ($id && $edit_url_base) {
$content_edit_url = sprintf($edit_url_base, $id);
$id_text = "<a title='{$title_item}' href='{$content_edit_url}' class='edit'>{$id}</a>";
} else {
$id_text = $id;
}
$id_text = $id ? " ({$status_text}" . sprintf(__('id %s', 'scoper'), $id_text) . ')' : '';
} elseif ($id && TERM_SCOPE_RS == $scope && $edit_url_base) {
$content_edit_url = sprintf($edit_url_base, $id);
$name_text = "<a class='rs-dlink_rev' href='{$content_edit_url}' title='{$title_item}'>{$name}</a>";
$id_text = '';
} else {
$name_text = $name;
$id_text = '';
}
//display scroll links for this term
if (TERM_SCOPE_RS == $scope) {
$prevlink = $last_id && !$single_item && $id ? "<a{$ie_link_style} href='#item-" . $last_id . "'>" . $prevtext . "</a>" : '';
}
if ($id && (!$is_administrator && !isset($admin_items[$id]))) {
continue;
}
$last_id = $id;
$last_name = $name;
$next_id = $id && isset($all_items[$key + 1]) ? $all_items[$key + 1]->{$col_id} : 0;
if (TERM_SCOPE_RS == $scope) {
if ($next_id) {
$nextlink = "<a{$ie_link_style} href='#item-" . $next_id . "'>" . $nexttext . "</a>";
} elseif ($id) {
$nextlink = "<span class='rs-termlist_linkspacer'>{$nexttext}</span>";
} else {
$nextlink = '';
}
}
if ($parents) {
//$color_class = ( TERM_SCOPE_RS == $scope ) ? 'rs-lgray' : 'rs-gray';
//$item_path = "<span class='$color_class'>" . implode(' / ', array_keys($parents)) . ' / ' . '</span>';
$item_path = implode(' / ', array_keys($parents)) . ' / ';
$margin = '';
$top_pad = '1.5em';
} else {
$item_path = '';
$margin = 'margin-top:2em;';
$top_pad = '0.2em';
}
$js_call = "agp_toggle_display('roles-{$id}','block','tgl-{$id}', '-', '+');" . "agp_toggle_display('jump-{$id}','block');";
$role_class = '';
if ($id) {
// never hide defaults block
if (ROLE_ASSIGNMENT_RS == $mode) {
$role_class = '';
if (!isset($assigned_roles[ROLE_BASIS_USER][$id]) && !isset($assigned_roles[ROLE_BASIS_GROUPS][$id])) {
$role_class = " no-rol-li{$hide_li_sfx}";
} elseif (!isset($assigned_roles[ROLE_BASIS_USER][$id])) {
$role_class = " no-user-li";
} elseif (!isset($assigned_roles[ROLE_BASIS_GROUPS][$id])) {
$role_class = " no-groups-li";
}
} elseif (ROLE_RESTRICTION_RS == $mode) {
$role_class = " no-rol-li{$hide_li_sfx}";
$setting_types = array('restrictions', 'unrestrictions');
foreach ($setting_types as $setting_type) {
if (isset($strict_items[$setting_type])) {
foreach (array_keys($strict_items[$setting_type]) as $role_handle) {
// key is role_handle
if (isset($strict_items[$setting_type][$role_handle][$id])) {
$role_class = '';
break;
}
}
}
}
}
}
$class = $role_class ? "class='" . trim($role_class) . "' " : '';
echo "\r\n\r\n<li {$class}style='padding:{$top_pad} 0.5em 0 0.3em;{$margin}'>";
if (!$single_item) {
$top_link = $id ? $_top_link : '';
echo "<a name='item-{$id}'></a>" . "<span id='jump-{$id}' class='rs-termjump alignright'>{$prevlink}{$nextlink}" . $top_link . '</span>' . "<strong><a class='rs-link_plain_rev term-tgl' id='tgl-{$id}' href='javascript:void(0);' onclick=\"{$js_call}\" title=\"{$otype_or_tx->labels->singular_name} {$id}: {$name}\">" . "-</a></strong> " . $item_path . '<strong>' . $name_text . '</strong>' . $id_text . ': ';
}
echo "</li><li id='roles-{$id}' class='role-li{$role_class}'>";
?>
<table class='rs-widefat rs-role-tbl'>
<thead>
<tr class="thead">
<th class="rs-tightcol"><?php
$js_call = "agp_display_child_nodes( 'tbl-{$id}', 'TR', '{$tr_display}' );";
echo "<a href='javascript:void(0);' title='{$show_all_caption}' onclick=\"{$js_call}\">+</a>";
?>
</th>
<th class="rs-tightcol"><?php
echo $role_header;
?>
</th>
<th><?php
echo $agents_header;
?>
</th>
</tr>
</thead>
<tbody id='<?php
echo "tbl-{$id}";
?>
'>
<?php
// display each role eligible for group/user assignment in this term/object
foreach ($role_defs_by_otype as $object_type => $role_defs) {
$vals = array();
$ids = array();
if (!$single_item) {
foreach (array_keys($role_defs) as $role_handle) {
// retain previous selections in case of error ( user forgets to select groups/users )
$vals[$role_handle] = "{$role_codes[$role_handle]}-{$id}";
// pre-generate all checkbox ids in this op_type, to pass to javascript
$ids[$role_handle] = 'rs-' . $vals[$role_handle];
}
}
foreach (array_keys($role_defs) as $role_handle) {
// Does current user have this role?
if (!$single_item && ($is_administrator || !is_array($editable_roles) || !empty($editable_roles[0][$role_handle]) || !empty($editable_roles[$id][$role_handle]))) {
$form_id = $id || ROLE_ASSIGNMENT_RS == $mode ? 'roles' : 'default_restrictions';
$checked = $err && isset($_POST[$form_id]) && in_array($vals[$role_handle], $_POST[$form_id]) ? 'checked="checked"' : '';
if (ROLE_ASSIGNMENT_RS == $mode) {
//$skip_if_id = 'assign_for'; // reduced html bulk by making 3rd & 4th args of agp_uncheck default to these values
//$skip_if_val = REMOVE_ASSIGNMENT_RS;
$js_call = "agp_uncheck('" . implode(',', $ids) . "',this.id);";
$onclick = "onclick=\"{$js_call}\"";
} else {
$onclick = '';
}
$checkbox = "<input type='checkbox' name='{$form_id}[]' id='{$ids[$role_handle]}' value='{$vals[$role_handle]}' {$checked} {$onclick} />";
$label = "<label for='{$ids[$role_handle]}'>" . str_replace(' ', ' ', $role_display_name[$role_handle]) . "</label>";
} else {
$checkbox = '';
$label = str_replace(' ', ' ', $role_display_name[$role_handle]);
}
$classes = array();
if ($default_strict = isset($strict_items['unrestrictions'][$role_handle]) && is_array($strict_items['unrestrictions'][$role_handle])) {
$setting = 'unrestrictions';
} else {
$setting = 'restrictions';
}
if (isset($strict_items[$setting][$role_handle][$id])) {
if ($single_item) {
$require_for = $strict_items[$setting][$role_handle][$id];
$open_brace = $close_brace = '';
} else {
$require_for = $strict_items[$setting][$role_handle][$id]['assign_for'];
$open_brace = $strict_items[$setting][$role_handle][$id]['inherited_from'] ? '{' : '';
$close_brace = $open_brace ? '}' : '';
}
} else {
$require_for = false;
$open_brace = $close_brace = '';
}
switch ($mode) {
case ROLE_ASSIGNMENT_RS:
$open_brace = $close_brace = '';
$assignment_list = array();
foreach ($role_bases as $role_basis) {
if (isset($assigned_roles[$role_basis][$id][$role_handle])) {
$checkbox_id = $single_item ? '' : $role_basis;
$assignment_names = array_intersect_key($agent_names[$role_basis], $assigned_roles[$role_basis][$id][$role_handle]);
$assignment_list[$role_basis] = "<span class='{$role_basis}-csv'><span class='rs-bold'>" . $agent_list_prefix[$role_basis] . '</span>' . ScoperAdminBulkLib::role_assignment_list($assigned_roles[$role_basis][$id][$role_handle], $assignment_names, $checkbox_id, $role_basis) . '</span>';
}
}
$setting_display = implode(' ', $assignment_list);
// don't hide rows for default roles
if ($id) {
if (!isset($assigned_roles[ROLE_BASIS_USER][$id][$role_handle]) && !isset($assigned_roles[ROLE_BASIS_GROUPS][$id][$role_handle])) {
$classes[] = "no-rol{$hide_tr_sfx}";
} elseif (!isset($assigned_roles[ROLE_BASIS_USER][$id][$role_handle])) {
$classes[] = "no-user";
} elseif (!isset($assigned_roles[ROLE_BASIS_GROUPS][$id][$role_handle])) {
$classes[] = "no-groups";
}
}
break;
case ROLE_RESTRICTION_RS:
if (!$id) {
$setting_display = $table_captions[$setting]['default'];
} elseif ($require_for) {
$setting_display = $table_captions[$setting][$require_for];
} else {
$setting_display = '(' . $table_captions[$setting][false] . ')';
// don't hide rows for default restrictions
if ($id) {
$classes[] = " no-rol{$hide_tr_sfx}";
}
}
}
// end switch $mode
switch ($require_for) {
case ASSIGN_FOR_BOTH_RS:
$open_brace = '<span class="rs-bold">' . $open_brace;
$close_brace .= '</span>';
break;
case ASSIGN_FOR_CHILDREN_RS:
$open_brace = '<span class="rs-gray">' . $open_brace;
$close_brace .= '</span>';
}
// end switch
if (empty($default_strict) && $require_for && $require_for != ASSIGN_FOR_CHILDREN_RS || !empty($default_strict) && !$require_for) {
$classes[] = 'rs-backylw';
}
$class = $classes ? " class='" . implode(' ', $classes) . "'" : '';
echo "\r\n" . "<tr{$class}>" . "<td>{$checkbox}</td>" . "<td>{$label}</td>" . "<td>{$open_brace}{$setting_display}{$close_brace}</td>" . "</tr>";
}
// end foreach role
}
// end foreach object_type
echo '</tbody></table>';
}
// end foreach term
while ($depth) {
echo '</li></ul>';
$depth--;
}
echo '</li>';
echo '</ul><br /><ul>';
// now display "select all" checkboxes for all terms in this taxonomy
if (empty($single_item)) {
if (defined('SCOPER_EXTRA_SUBMIT_BUTTON')) {
echo '<li class="alignright"><span class="submit" style="border:none;"><input type="submit" name="rs_submit" value="' . __('Update »', 'scoper') . '" /></span></li>';
}
?>
<li><table class='widefat' style='width:auto;'>
<thead>
<tr class="thead">
<th colspan="2"><?php
printf(__('select / unselect all:', 'scoper'), agp_strtolower($otype_or_tx->labels->name));
?>
</th>
<!--<th colspan="2" style="text-align: center"><?php
_e('Actions');
?>
</th>-->
</tr>
</thead>
<tbody id="bulk_roles-<?php
echo $otype_or_tx->name;
?>
">
<?php
//convert allterms stdobj to array for implosion
$all_items_arr = array();
foreach ($all_items as $item) {
$all_items_arr[] = $item->{$col_id};
}
$all_items_ser = implode('-', $all_items_arr);
//display "check for every term" shortcuts for each individual role
global $scoper;
$style = ' class="rs-backwhite"';
foreach ($role_defs_by_otype as $object_type => $roles) {
foreach (array_keys($roles) as $role_handle) {
$style = ' class="alternate"' == $style ? ' class="rs-backwhite"' : ' class="alternate"';
// $check_shorcut was displayed in first <td>
$id = "rs-Z-{$role_codes[$role_handle]}";
$caption = ' <span class="rs-subtext">' . sprintf(__('(all %s)', 'scoper'), agp_strtolower($otype_or_tx->labels->name)) . '</span>';
$js_call = "scoper_checkroles('{$id}', '{$all_items_ser}', '{$role_codes[$role_handle]}');";
echo "\n\t<tr {$style}>" . "<td><input type='checkbox' id='{$id}' onclick=\"{$js_call}\" /></td>" . "<td><label for='{$id}'>" . $scoper->role_defs->get_display_name($role_handle, $scope . '_ui') . "{$caption}</label></td>" . "</tr>";
}
// end foreach role
}
// end foreach roledef
echo '</tbody></table></li></ul><br />';
}
// endif not single item
}
function scoper_admin_section_restrictions($taxonomy)
{
global $scoper, $scoper_admin;
$tx = $scoper->taxonomies->get($taxonomy);
if (empty($tx) || empty($tx->requires_term)) {
wp_die(__('Invalid taxonomy', 'scoper'));
}
$is_administrator = is_administrator_rs($tx, 'user');
if (!$scoper_admin->user_can_admin_terms($taxonomy)) {
wp_die(__awp('Cheatin’ uh?'));
}
require_once dirname(__FILE__) . '/admin-bulk_rs.php';
$role_assigner = init_role_assigner();
$nonce_id = 'scoper-assign-roles';
$role_codes = ScoperAdminBulk::get_role_codes();
echo '<a name="scoper_top"></a>';
// retrieve all terms to track hierarchical relationship, even though some may not be adminable by current user
$val = ORDERBY_HIERARCHY_RS;
$args = array('order_by' => $val);
$all_terms = $scoper->get_terms($taxonomy, UNFILTERED_RS, COLS_ALL_RS, 0, $args);
// =========================== Submission Handling =========================
if (isset($_POST['rs_submit'])) {
$err = ScoperAdminBulk::role_submission(TERM_SCOPE_RS, ROLE_RESTRICTION_RS, '', $taxonomy, $role_codes, '', $nonce_id);
if (scoper_get_option('file_filtering')) {
scoper_flush_file_rules();
}
} else {
$err = 0;
}
// =========================== Prepare Data ===============================
$tx_src = $scoper->data_sources->get($tx->source);
if ($col_id = $tx_src->cols->id) {
// determine which terms current user can admin
if ($admin_terms = $scoper->get_terms($taxonomy, ADMIN_TERMS_FILTER_RS, COL_ID_RS)) {
$admin_terms = array_fill_keys($admin_terms, true);
}
} else {
$admin_terms = array();
}
// =========================== Display UI ===============================
?>
<div class="wrap agp-width97">
<?php
$tx_label = $tx->labels->singular_name;
$src_label = $scoper->data_sources->member_property($tx->object_source, 'labels', 'singular_name');
echo '<h2>' . sprintf(__('%s Restrictions', 'scoper'), $tx_label);
echo ' <span style="font-size: 0.6em; font-style: normal">(<a href="#scoper_notes">' . __('see notes', 'scoper') . '</a>)</span></h2>';
if (scoper_get_option('display_hints')) {
echo '<div class="rs-hint">';
if ('category' == $taxonomy && scoper_get_otype_option('use_object_roles', 'post', 'post')) {
printf(__('Reduce access by requiring some role(s) to be %1$s%2$s-assigned%3$s (or %4$s-assigned). Corresponding General Roles (whether assigned by WordPress or Role Scoper) are ignored.', 'scoper'), "<a href='admin.php?page=rs-{$taxonomy}-roles_t'>", $tx_label, '</a>', $src_label);
} else {
printf(__('Reduce access by requiring some role(s) to be %1$s%2$s-assigned%3$s. Corresponding General Role assignments are ignored.', 'scoper'), "<a href='admin.php?page=rs-{$taxonomy}-roles_t'>", $tx_label, '</a>');
}
echo '</div>';
}
if (!($role_defs_by_otype = $scoper->role_defs->get_for_taxonomy($tx->object_source, $taxonomy))) {
echo '<br />' . sprintf(__('Role definition error (taxonomy: %s).', 'scoper'), $taxonomy);
echo '</div>';
return;
}
if (empty($admin_terms)) {
echo '<br />' . sprintf(__('Either you do not have permission to administer any %s, or none exist.', 'scoper'), $tx->labels->name);
echo '</div>';
return;
}
?>
<form action="" method="post" name="role_scope" id="role_assign">
<?php
wp_nonce_field($nonce_id);
echo '<br /><div id="rs-term-scroll-links">';
echo ScoperAdminBulkLib::taxonomy_scroll_links($tx, $all_terms, $admin_terms);
echo '</div><hr />';
// ============ Assignment Mode Selection Display ================
// TODO: is Link Category label handled without workaround now?
$tx_label = agp_strtolower($tx->labels->name);
$tx_label_singular = agp_strtolower($tx->labels->singular_name);
$parent_col = $tx_src->cols->parent;
if (!$parent_col || !empty($tx->uses_standard_schema) && empty($tx->hierarchical)) {
$assignment_modes = array(ASSIGN_FOR_ENTITY_RS => sprintf(__('for selected %s', 'scoper'), $tx_label));
} else {
$assignment_modes = array(ASSIGN_FOR_ENTITY_RS => sprintf(__('for selected %s', 'scoper'), $tx_label), ASSIGN_FOR_CHILDREN_RS => sprintf(__('for sub-%s of selected', 'scoper'), $tx_label), ASSIGN_FOR_BOTH_RS => sprintf(__('for selected and sub-%s', 'scoper'), $tx_label));
}
$max_scopes = array('term' => __('Restrict selected roles', 'scoper'), 'blog' => __('Unrestrict selected roles', 'scoper'));
$args = array('max_scopes' => $max_scopes, 'scope' => TERM_SCOPE_RS);
ScoperAdminBulk::display_inputs(ROLE_RESTRICTION_RS, $assignment_modes, $args);
ScoperAdminBulk::item_tree_jslinks(ROLE_RESTRICTION_RS);
// IE (6 at least) won't obey link color directive in a.classname CSS
$ie_link_style = strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false ? ' style="color:white;"' : '';
$args = array('include_child_restrictions' => true, 'return_array' => true, 'role_type' => 'rs', 'force_refresh' => true);
$strict_terms = $scoper->get_restrictions(TERM_SCOPE_RS, $taxonomy, $args);
//strict_terms[taxonomy][role name][term_id] = array: terms which require Role Scoper assignment for specified role (user blog roles ignored, required caps may be supplied by scoper term role or object-specific assignment)
// (for other terms, Role Scoper role assignment is optional (term role assignments will supplement blog caps)
$editable_roles = array();
foreach ($all_terms as $term) {
$id = $term->{$col_id};
foreach ($role_defs_by_otype as $object_type => $role_defs) {
foreach (array_keys($role_defs) as $role_handle) {
if ($role_assigner->user_has_role_in_term($role_handle, $taxonomy, $id, '', array('src_name' => $tx->object_source, 'object_type' => $object_type))) {
$editable_roles[$id][$role_handle] = true;
}
}
}
}
$default_restrictions = $scoper->get_default_restrictions(TERM_SCOPE_RS);
$default_strict_roles = !empty($default_restrictions[$taxonomy]) ? array_flip(array_keys($default_restrictions[$taxonomy])) : array();
$table_captions = ScoperAdminUI::restriction_captions(TERM_SCOPE_RS, $tx, $tx_label_singular, $tx_label);
$args = array('admin_items' => $admin_terms, 'editable_roles' => $editable_roles, 'default_strict_roles' => $default_strict_roles, 'ul_class' => 'rs-termlist', 'ie_link_style' => $ie_link_style, 'err' => $err, 'table_captions' => $table_captions);
ScoperAdminBulk::item_tree(TERM_SCOPE_RS, ROLE_RESTRICTION_RS, $tx_src, $tx, $all_terms, '', $strict_terms, $role_defs_by_otype, $role_codes, $args);
echo '<a href="#scoper_top">' . __('top', 'scoper') . '</a>';
echo '<hr />';
echo '<h4 style="margin-bottom:0.1em"><a name="scoper_notes"></a>' . __("Notes", 'scoper') . ':</h4><ul class="rs-notes">';
$osrc = $scoper->data_sources->get($tx->object_source);
if (empty($osrc->no_object_roles)) {
echo '<li>';
printf(__('Any %1$s Restriction causes the specified role to be granted only via %1$s Role assignment, regardless of these %2$s settings.', 'scoper'), $osrc->labels->singular_name, $tx->labels->singular_name);
echo '</li></ul>';
}
?>
</form>
</div>
<?php
}
function display_touch_time($stamp, $date, $id_prefix = '', $class = 'curtime', $edit = 1, $for_post = 1, $tab_index = 0, $multi = 0, $suppress_hidden_inputs = true, $suppress_current_inputs = true, $use_js = false, $empty_month_option = true)
{
// todo: move to $args array, default suppress to false
if ($use_js) {
echo '<span id="' . $id_prefix . 'timestamp">';
printf($stamp, $date);
echo '</span>';
echo ' <a href="' . '#' . $id_prefix . 'edit_timestamp" id="' . $id_prefix . 'edit-timestamp" class="rs_role_edit-timestamp hide-if-no-js" tabindex="4">';
echo __awp('Edit');
echo '</a>';
$class = 'hide_if_js ';
} else {
$class = '';
}
echo '<div id="' . $id_prefix . 'timestampdiv" class="' . $class . 'clear" style="clear:both;">';
ScoperAdminBulkLib::touch_time($edit, $for_post, $tab_index, $multi, $id_prefix, $suppress_hidden_inputs, $suppress_current_inputs, $use_js, $empty_month_option);
echo '</div>';
}
function admin_head()
{
global $pagenow, $plugin_page_cr;
echo '<link rel="stylesheet" href="' . SCOPER_URLPATH . '/admin/role-scoper.css" type="text/css" />' . "\n";
if ('rs-about' == $plugin_page_cr) {
echo '<link rel="stylesheet" href="' . SCOPER_URLPATH . '/admin/about/about.css" type="text/css" />' . "\n";
}
if (in_array($pagenow, array('post.php', 'post-new.php'))) {
$src_name = 'post';
$object_type = cr_find_post_type();
} elseif (isset($_GET['src_name']) && isset($_GET['object_type'])) {
$src_name = sanitize_key($_GET['src_name']);
$object_type = sanitize_key($_GET['object_type']);
}
if (!empty($object_type)) {
// dynamically set checkbox titles for user/group object role selection
$src = $this->scoper->data_sources->get($src_name);
$otype_def = $this->scoper->data_sources->member_property($src_name, 'object_types', $object_type);
if (!empty($src) && !empty($src->cols->parent) && empty($otype_def->ignore_object_hierarchy)) {
if (!empty($otype_def->labels)) {
$obj_title = sprintf(__('assign role for this %s', 'scoper'), agp_strtolower($otype_def->labels->singular_name));
$child_title = sprintf(__('assign role for sub-%s', 'scoper'), agp_strtolower($otype_def->labels->name));
$js_params = "var role_for_object_title = '{$obj_title}';" . "var role_for_children_title = '{$child_title}';";
// TODO: replace some of this JS with equivalent JQuery
echo "\n" . '<script type="text/javascript">' . $js_params . '</script>';
echo "\n" . "<script type='text/javascript' src='" . SCOPER_URLPATH . "/admin/rs-objrole-cbox-maint.js'></script>";
}
}
}
add_filter('contextual_help_list', array(&$this, 'flt_contextual_help_list'), 10, 2);
if (0 === strpos($plugin_page_cr, 'rs-') && strpos($plugin_page_cr, 'roles')) {
// add Ajax goodies we need for role duration/content date limit editing Bulk Role Admin
if (!awp_ver('3.4')) {
wp_print_scripts(array('page'));
}
require_once dirname(__FILE__) . '/admin_lib-bulk_rs.php';
ScoperAdminBulkLib::date_limits_js();
}
// TODO: replace some of this JS with equivalent JQuery
echo "\n" . "<script type='text/javascript' src='" . SCOPER_URLPATH . "/admin/agapetry.js'></script>";
echo "\n" . "<script type='text/javascript' src='" . SCOPER_URLPATH . "/admin/role-scoper.js'></script>";
if (scoper_get_option('group_ajax') && (in_array($pagenow, array('user-edit.php', 'profile.php')) || 'rs-groups' == $plugin_page_cr)) {
global $scoper_user_search;
if ('rs-groups' == $plugin_page_cr) {
$agent_type = 'users';
$agent_id = isset($_GET['id']) ? $_GET['id'] : 0;
} else {
$agent_type = 'groups';
if ('profile.php' == $pagenow) {
global $current_user;
$agent_id = $current_user->ID;
} else {
$agent_id = (int) $_GET['user_id'];
}
}
require_once dirname(__FILE__) . '/user_search_ui_rs.php';
$scoper_user_search = new ScoperUserSearch($agent_type);
$scoper_user_search->output_js($agent_type, $agent_id);
}
}
function scoper_admin_section_roles($taxonomy)
{
global $scoper, $scoper_admin, $wpdb;
if (!($tx = $scoper->taxonomies->get($taxonomy))) {
wp_die(__('Invalid taxonomy', 'scoper'));
}
$is_administrator = is_administrator_rs($tx, 'user');
$role_bases = array();
if (USER_ROLES_RS && ($is_administrator || $scoper_admin->user_can_admin_terms($taxonomy))) {
$role_bases[] = ROLE_BASIS_USER;
}
if (GROUP_ROLES_RS && ($is_administrator || $scoper_admin->user_can_admin_terms($taxonomy) || current_user_can('manage_groups'))) {
$role_bases[] = ROLE_BASIS_GROUPS;
}
if (empty($role_bases)) {
wp_die(__awp('Cheatin’ uh?'));
}
require_once dirname(__FILE__) . '/admin-bulk_rs.php';
require_once dirname(__FILE__) . '/role_assignment_lib_rs.php';
$role_assigner = init_role_assigner();
$nonce_id = 'scoper-assign-roles';
$agents = ScoperAdminBulk::get_agents($role_bases);
$agent_names = ScoperAdminBulk::agent_names($agents);
$agent_list_prefix = ScoperAdminBulk::agent_list_prefixes();
$agent_caption_plural = ScoperAdminBulk::agent_captions_plural($role_bases);
$role_bases = array_keys($agents);
$role_codes = ScoperAdminBulk::get_role_codes();
echo '<a name="scoper_top"></a>';
// retrieve all terms to track hierarchical relationship, even though some may not be adminable by current user
$val = ORDERBY_HIERARCHY_RS;
$args = array('order_by' => $val);
$all_terms = $scoper->get_terms($taxonomy, UNFILTERED_RS, COLS_ALL_RS, 0, $args);
// =========================== Submission Handling =========================
if (isset($_POST['rs_submit'])) {
$err = ScoperAdminBulk::role_submission(TERM_SCOPE_RS, ROLE_ASSIGNMENT_RS, $role_bases, $taxonomy, $role_codes, $agent_caption_plural, $nonce_id);
} else {
$err = 0;
}
// =========================== Prepare Data ===============================
//$term_roles [role_basis] [src_name] [object_id] [role_handle] [agent_id] = array( 'assign_for' => ENUM , 'inherited_from' => assignment_id)
$term_roles = array();
foreach ($role_bases as $role_basis) {
$term_roles[$role_basis] = ScoperRoleAssignments::get_assigned_roles(TERM_SCOPE_RS, $role_basis, $taxonomy);
}
$tx_src = $scoper->data_sources->get($tx->source);
if ($col_id = $tx_src->cols->id) {
// determine which terms current user can admin
if ($admin_terms = $scoper->get_terms($taxonomy, ADMIN_TERMS_FILTER_RS, COL_ID_RS)) {
$admin_terms = array_fill_keys($admin_terms, true);
}
} else {
$admin_terms = array();
}
// =========================== Display UI ===============================
?>
<div class="wrap agp-width97" id="rs_admin_wrap">
<?php
$tx->labels->singular_name = $tx->labels->singular_name;
echo '<h2>' . sprintf(__('%s Roles', 'scoper'), $tx->labels->singular_name) . ' <span style="font-size: 0.6em; font-style: normal">(<a href="#scoper_notes">' . __('see notes', 'scoper') . '</a>)</span>' . '</h2>';
if (scoper_get_option('display_hints')) {
echo '<div class="rs-hint">';
if (!empty($tx->requires_term)) {
//printf(_ x('Grant capabilities within a specific %2$s, potentially more than a user\'s WP role would allow. To reduce access, define %1$s%2$s Restrictions%3$s.', 'arguments are link open, taxonomy name, link close', 'scoper'), "<a href='admin.php?page=rs-$taxonomy-restrictions_t'>", $tx->labels->singular_name, '</a>');
printf(__('Grant capabilities within a specific %2$s, potentially more than a user\'s WP role would allow. To reduce access, define %1$s%2$s Restrictions%3$s.', 'scoper'), "<a href='admin.php?page=rs-{$taxonomy}-restrictions_t'>", $tx->labels->singular_name, '</a>');
} else {
printf(__('Grant capabilities within a specific %s, potentially more than a user\'s WP role would allow.', 'scoper'), $tx->labels->singular_name);
}
echo '</div>';
}
if (!($role_defs_by_otype = $scoper->role_defs->get_for_taxonomy($tx->object_source, $taxonomy))) {
echo '<br />' . sprintf(__('Role definition error (taxonomy: %s).', 'scoper'), $taxonomy);
echo '</div>';
return;
}
if (empty($admin_terms)) {
echo '<br />' . sprintf(__('Either you do not have permission to administer any %s, or none exist.', 'scoper'), $tx->labels->singular_name);
echo '</div>';
return;
}
?>
<form action="" method="post" name="role_assign" id="role_assign">
<?php
wp_nonce_field($nonce_id);
echo '<br /><div id="rs-term-scroll-links">';
echo ScoperAdminBulkLib::taxonomy_scroll_links($tx, $all_terms, $admin_terms);
echo '</div><hr />';
// ============ Users / Groups and Assignment Mode Selection Display ================
$tx_label = agp_strtolower($tx->labels->name);
$parent_col = !empty($tx_src->cols->parent) ? $tx_src->cols->parent : '';
if (!$parent_col || !empty($tx->uses_standard_schema) && empty($tx->hierarchical)) {
$assignment_modes = array(ASSIGN_FOR_ENTITY_RS => __('Assign', 'scoper'), REMOVE_ASSIGNMENT_RS => __('Remove', 'scoper'));
} else {
$assignment_modes = array(ASSIGN_FOR_ENTITY_RS => sprintf(__('Assign for selected %s', 'scoper'), $tx_label), ASSIGN_FOR_CHILDREN_RS => sprintf(__('Assign for sub-%s of selected', 'scoper'), $tx_label), ASSIGN_FOR_BOTH_RS => sprintf(__('Assign for selected and sub-%s', 'scoper'), $tx_label), REMOVE_ASSIGNMENT_RS => __('Remove', 'scoper'));
}
$args = array('role_bases' => $role_bases, 'agents' => $agents, 'agent_caption_plural' => $agent_caption_plural, 'scope' => TERM_SCOPE_RS, 'src_or_tx_name' => $taxonomy);
ScoperAdminBulk::display_inputs(ROLE_ASSIGNMENT_RS, $assignment_modes, $args);
$args = array('role_bases' => $role_bases);
ScoperAdminBulk::item_tree_jslinks(ROLE_ASSIGNMENT_RS, $args);
echo '<div id="rs-section-roles">';
// IE (6 at least) won't obey link color directive in a.classname CSS
$ie_link_style = strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false ? ' style="color:white;" ' : '';
$args = array('include_child_restrictions' => true, 'return_array' => true, 'role_type' => 'rs', 'force_refresh' => true);
$strict_terms = $scoper->get_restrictions(TERM_SCOPE_RS, $taxonomy, $args);
$src_name = $tx->object_source;
$editable_roles = array();
foreach ($all_terms as $term) {
$id = $term->{$col_id};
foreach ($role_defs_by_otype as $object_type => $role_defs) {
foreach (array_keys($role_defs) as $role_handle) {
if ($role_assigner->user_has_role_in_term($role_handle, $taxonomy, $id, '', compact('src_name', 'object_type'))) {
$editable_roles[$id][$role_handle] = true;
}
}
}
}
$args = array('admin_items' => $admin_terms, 'editable_roles' => $editable_roles, 'role_bases' => $role_bases, 'agent_names' => $agent_names, 'agent_caption_plural' => $agent_caption_plural, 'agent_list_prefix' => $agent_list_prefix, 'ul_class' => 'rs-termlist', 'ie_link_style' => $ie_link_style, 'err' => $err);
ScoperAdminBulk::item_tree(TERM_SCOPE_RS, ROLE_ASSIGNMENT_RS, $tx_src, $tx, $all_terms, $term_roles, $strict_terms, $role_defs_by_otype, $role_codes, $args);
echo '<hr /><div style="background-color: white;"></div>';
echo '</div>';
//rs-section-roles
//================================ Notes Section ==================================
?>
</form>
<a name="scoper_notes"></a>
<?php
if ('nav_menu' != $taxonomy) {
// TODO: better logic for note construction when related custom type is not being RS-filtered
$args = array('display_links' => true, 'display_restriction_key' => true);
ScoperAdminUI::role_owners_key($tx, $args);
$osrc = $scoper->data_sources->get($tx->object_source);
echo '<br /><h4 style="margin-bottom:0.1em">' . __("Notes", 'scoper') . ':</h4><ul class="rs-notes">';
echo '<li>';
_e('A Role is a collection of capabilities.', 'scoper');
echo '</li>';
echo '<li>';
_e("Capabilities in a user's WordPress Role (and, optionally, RS-assigned General Roles) enable site-wide operations (read/edit/delete) on some object type (post/page/link), perhaps of a certain status (private/published/draft).", 'scoper');
echo '</li>';
echo '<li>';
if (empty($osrc->no_object_roles)) {
printf(__('Scoped Roles can grant users these same WordPress capabilities on a per-%1$s or per-%2$s basis. Useful in fencing off sections your site.', 'scoper'), $tx->labels->singular_name, $osrc->labels->singular_name);
} else {
printf(__('Scoped Roles can grant users these same WordPress capabilities on a per-%1$s basis. Useful in fencing off sections your site.', 'scoper'), $tx->labels->singular_name, $osrc->labels->singular_name);
}
echo '</li>';
echo '<li>';
printf(__('Users with a %1$s Role assignment may have capabilities beyond their General Role(s) for %2$s in the specified %1$s.', 'scoper'), $tx->labels->singular_name, $osrc->labels->name);
echo '</li>';
if (!empty($tx->requires_term)) {
echo '<li>';
printf(__('If a role is restricted for some %s, general (site-wide) assignments of that role are ignored.', 'scoper'), $tx->labels->singular_name);
echo '</li>';
echo '<li>';
printf(__('If a %1$s is in multiple %2$s, permission is granted if any %3$s has a qualifying role assignment or permits a qualifying General Role.', 'scoper'), $osrc->labels->singular_name, $tx->labels->name, $tx->labels->singular_name);
echo '</li>';
}
if (empty($osrc->no_object_roles)) {
echo '<li>';
printf(__('If a role is restricted for some requested %1$s, %2$s-assignment and General-assignment of that role are ignored.', 'scoper'), $osrc->labels->singular_name, $tx->labels->singular_name);
echo '</li>';
}
echo '<li>';
_e('Administrators are exempted from Role Restrictions.', 'scoper');
echo '</li></ul>';
}
//endif showing notes
echo '<a href="#scoper_top">' . __('top', 'scoper') . '</a>';
?>
</div>
<?php
}
