/**
  * Get Data from Database
  * 
  * @param string $option
  * @return array
  * @todo Delete in next releases
  */
 protected function getOldData($option)
 {
     $id = $this->getID();
     $data = mvb_Model_API::getBlogOption($option);
     $data = isset($data[$id]) ? $data[$id] : array();
     return $data;
 }
Example #2
0
 public static function renderRoleSelector($tmpl)
 {
     $tmpl = mvb_Model_Template::retrieveSub('ROLE_LIST', $tmpl);
     $list = '';
     foreach (mvb_Model_API::getRoleList() as $role => $data) {
         $selected = self::$parent->getCurrentRole() == $role ? 'selected' : '';
         $markers = array('###value###' => $role, '###title###' => stripcslashes($data['name']) . ' ', '###selected###' => $selected);
         $list .= mvb_Model_Template::updateMarkers($markers, $tmpl);
     }
     return $list;
 }
Example #3
0
 public static function saveConfig($config)
 {
     $file = WPACCESS_BASE_DIR . 'config.ini';
     if (is_writable($file) || chmod($file, 0755)) {
         file_put_contents($file, $config);
     }
     //also save to db as backup
     $default_blog = mvb_Model_API::getBlog(1);
     mvb_Model_API::updateBlogOption(WPACCESS_PREFIX . 'config_press', $config, $default_blog);
     //clear cache
     self::$config = NULL;
 }
Example #4
0
 /**
  *
  * @global array $submenu
  * @param string $tmpl
  * @param mvb_Model_Manager $parent
  * @return string
  */
 public static function render($tmpl, $parent)
 {
     self::$user_summary = count_users();
     $list_tmpl = mvb_Model_Template::retrieveSub('DELETE_ROLE_LIST', $tmpl);
     $item_tmpl = mvb_Model_Template::retrieveSub('DELETE_ROLE_ITEM', $list_tmpl);
     $list = '';
     foreach (mvb_Model_API::getRoleList() as $role => $data) {
         $list .= self::renderRoleRow($role, $data, $item_tmpl);
     }
     $list = mvb_Model_Template::replaceSub('DELETE_ROLE_ITEM', $list, $list_tmpl);
     return mvb_Model_Template::replaceSub('DELETE_ROLE_LIST', $list, $tmpl);
 }
Example #5
0
 /**
  *
  * @global array $submenu
  * @param string $tmpl
  * @param mvb_Model_Manager $parent
  * @return string
  */
 public static function render($tmpl, $parent)
 {
     global $wp_post_types;
     self::$parent = $parent;
     //get cache. Compatible with version previouse versions
     $cache = mvb_Model_API::getBlogOption(WPACCESS_PREFIX . 'cache', NULL);
     if (!is_array($cache)) {
         //yeap this is new version
         $cache = mvb_Model_API::getBlogOption(WPACCESS_PREFIX . 'options', array());
         $cache = isset($cache['settings']) ? $cache['settings'] : array();
         mvb_Model_API::updateBlogOption(WPACCESS_PREFIX . 'cache', $cache);
     }
     $row_tmpl = mvb_Model_Template::retrieveSub('METABOX_LIST_ITEM', $tmpl);
     $list = '';
     if (isset($cache['metaboxes']) && is_array($cache['metaboxes'])) {
         $list_tmpl = mvb_Model_Template::retrieveSub('POST_METABOXES_LIST', $row_tmpl);
         $item_tmpl = mvb_Model_Template::retrieveSub('POST_METABOXES_ITEM', $list_tmpl);
         $widget_tmpl = mvb_Model_Template::retrieveSub('WIDGET_ITEM', $list_tmpl);
         foreach ($cache['metaboxes'] as $type => $metaboxes) {
             $render = TRUE;
             switch ($type) {
                 case 'widgets':
                     $temp = self::renderWidget($widget_tmpl, $metaboxes);
                     $label = mvb_Model_Label::get('LABEL_79');
                     break;
                 case 'dashboard':
                     $temp = self::renderMetabox($item_tmpl, $metaboxes, $type);
                     $label = mvb_Model_Label::get('LABEL_116');
                     break;
                 default:
                     if (isset($wp_post_types[$type])) {
                         $temp = self::renderMetabox($item_tmpl, $metaboxes, $type);
                         $label = $wp_post_types[$type]->labels->name;
                     } else {
                         $render = FALSE;
                     }
                     break;
             }
             if ($render) {
                 $temp = mvb_Model_Template::replaceSub('POST_METABOXES_LIST', $temp, $row_tmpl);
                 $list .= mvb_Model_Template::updateMarkers(array('###post_type_label###' => $label), $temp);
             }
         }
         $content = mvb_Model_Template::replaceSub('METABOX_LIST_ITEM', $list, $tmpl);
         $content = mvb_Model_Template::replaceSub('METABOX_LIST_EMPTY', '', $content);
     } else {
         $empty_tmpl = mvb_Model_Template::retrieveSub('METABOX_LIST_EMPTY', $tmpl);
         $content = mvb_Model_Template::replaceSub('METABOX_LIST_ITEM', '', $tmpl);
         $content = mvb_Model_Template::replaceSub('METABOX_LIST_EMPTY', $empty_tmpl, $content);
     }
     return $content;
 }
Example #6
0
 /**
  * {@inheritdoc }
  */
 protected function getConfig()
 {
     $config = mvb_Model_API::getBlogOption(WPACCESS_PREFIX . 'config_' . $this->getID());
     if ($config) {
         $this->setMenu($config->menu);
         $this->setMenuOrder($config->menu_order);
         $this->setMetaboxes($config->metaboxes);
         $this->setRestrictions($config->restrictions);
     }
     $roles = mvb_Model_API::getRoleList(FALSE);
     //TODO - Potensially hole
     if (isset($roles[$this->getID()]['capabilities'])) {
         $this->setCapabilities($roles[$this->getID()]['capabilities']);
     }
 }
Example #7
0
function aam_set_current_user()
{
    global $current_user;
    //overwrite user capabilities
    //TODO - Not optimized
    $config = mvb_Model_API::getUserAccessConfig($current_user->ID);
    if ($config instanceof mvb_Model_UserConfig) {
        $current_user->allcaps = $config->getCapabilities();
        if ($config->getUser() instanceof WP_User) {
            foreach ($config->getUser()->getRoles() as $role) {
                $current_user->allcaps[$role] = 1;
            }
        }
    }
}
Example #8
0
 /**
  *
  * @global array $submenu
  * @param string $tmpl
  * @param mvb_Model_Manager $parent
  * @return string
  */
 public static function render($tmpl, $parent)
 {
     $all_caps = mvb_Model_API::getAllCapabilities();
     $list = '';
     if (is_array($all_caps) && count($all_caps)) {
         ksort($all_caps);
         $list_tmpl = mvb_Model_Template::retrieveSub('CAPABILITY_LIST', $tmpl);
         $row_tmpl = mvb_Model_Template::retrieveSub('CAPABILITY_ROW', $list_tmpl);
         $item_tmpl = mvb_Model_Template::retrieveSub('CAPABILITY_ITEM', $row_tmpl);
         $conf = mvb_Model_ConfigPress::getOption('aam.delete_capabilities');
         $allow_delete = $conf == 'true' ? TRUE : FALSE;
         $grouped_list = array('Post & Page' => array(), 'Comment' => array(), 'Backend Interface' => array(), 'System' => array(), 'Miscelaneous' => array());
         foreach ($all_caps as $cap => $dumy) {
             if (in_array($cap, self::$groups['system'])) {
                 $grouped_list['System'][] = $cap;
             } elseif (in_array($cap, self::$groups['post'])) {
                 $grouped_list['Post & Page'][] = $cap;
             } elseif (in_array($cap, self::$groups['comment'])) {
                 $grouped_list['Comment'][] = $cap;
             } elseif (in_array($cap, self::$groups['backend'])) {
                 $grouped_list['Backend Interface'][] = $cap;
             } else {
                 $grouped_list['Miscelaneous'][] = $cap;
             }
         }
         foreach ($grouped_list as $group => $caps) {
             $item_list = '';
             if (count($caps)) {
                 foreach ($caps as $cap) {
                     $item_list .= self::renderRow($cap, $item_tmpl, $parent, $allow_delete);
                 }
                 $list .= mvb_Model_Template::updateMarkers(array('###group_title###' => __($group, 'aam')), mvb_Model_Template::replaceSub('CAPABILITY_ITEM', $item_list, $row_tmpl));
             }
         }
         $content = mvb_Model_Template::replaceSub('CAPABILITY_ROW', $list, $list_tmpl);
         $content = mvb_Model_Template::replaceSub('CAPABILITY_LIST', $content, $tmpl);
         $content = mvb_Model_Template::replaceSub('CAPABILITY_LIST_EMPTY', '', $content);
     } else {
         $empty = mvb_Model_Template::retrieveSub('CAPABILITY_LIST_EMPTY', $tmpl);
         $content = mvb_Model_Template::replaceSub('CAPABILITY_LIST', '', $tmpl);
         $content = mvb_Model_Template::replaceSub('CAPABILITY_LIST_EMPTY', $empty, $content);
     }
     return $content;
 }
Example #9
0
 public function renderInfo()
 {
     $id = mvb_Model_Helper::getParam('id', 'POST');
     $type = mvb_Model_Helper::getParam('type', 'POST');
     if (mvb_Model_Helper::getParam('restore', 'POST')) {
         $user = mvb_Model_Helper::getParam('user', 'POST');
         $role = mvb_Model_Helper::getParam('role', 'POST');
         if ($user) {
             $config = mvb_Model_API::getUserAccessConfig($user);
         } else {
             $config = mvb_Model_API::getRoleAccessConfig($role);
         }
         $config->deleteRestriction($type, $id);
         $config->saveConfig();
     }
     $tmpl = mvb_Model_Template::retrieveSub('POST_INFORMATION', $this->template);
     $result = mvb_Model_Manager_Restriction::renderInfo($id, $type, $this, $tmpl);
     return $result;
 }
Example #10
0
 /**
  * Main function for checking if user has access to a page
  *
  * Check if current user has access to requested page. If no, print an
  * notification
  *
  * @access public
  * @global object $wp_query
  * @global object $post
  * @return bool
  */
 public function checkAccess()
 {
     global $wp_query, $post;
     //skip Super Admin Role
     if (mvb_Model_API::isSuperAdmin()) {
         return TRUE;
     }
     if (is_admin()) {
         //check if user has access to requested Menu
         $uri = $_SERVER['REQUEST_URI'];
         if (!$this->getMenuFilter()->checkAccess($uri)) {
             mvb_Model_Helper::doRedirect();
         }
         //check if current user has access to requested Post
         $post_id = mvb_Model_Helper::getCurrentPostID();
         if ($post_id) {
             if (!$this->checkPostAccess($post_id, WPACCESS_ACCESS_EDIT)) {
                 mvb_Model_Helper::doRedirect();
             }
         } elseif (isset($_GET['taxonomy']) && isset($_GET['tag_ID'])) {
             // TODO - Find better way
             if (!$this->checkTaxonomyAccess($_GET['tag_ID'], WPACCESS_ACCESS_EDIT)) {
                 mvb_Model_Helper::doRedirect();
             }
         }
     } else {
         if (is_category()) {
             $cat_obj = $wp_query->get_queried_object();
             if (!$this->checkTaxonomyAccess($cat_obj->term_id, WPACCESS_ACCESS_BROWSE)) {
                 mvb_Model_Helper::doRedirect();
             }
         } else {
             if (!$wp_query->is_home() && isset($post->ID)) {
                 if (!$this->checkPostAccess($post->ID, WPACCESS_ACCESS_READ)) {
                     mvb_Model_Helper::doRedirect();
                 }
             }
         }
     }
 }
Example #11
0
 /**
  * Clear Cache
  */
 public static function clearCache()
 {
     if (self::canBeCached()) {
         $cache = self::getCacheObject();
         $cache->clean(Zend_Cache::CLEANING_MODE_ALL);
     }
     //TODO - there is some mess with cache. Should be fixed
     mvb_Model_API::clearCache();
 }
 protected function deprive_role($skip_id, $role, $replace_role)
 {
     global $wpdb;
     //TODO Should be better way to grab the list of users
     $blog = mvb_Model_API::getCurrentBlog();
     $query = "SELECT user_id FROM {$wpdb->usermeta} WHERE ";
     $query .= 'meta_key = "' . $blog->getPrefix() . 'capabilities"';
     $list = $wpdb->get_results($query);
     if (is_array($list) && count($list)) {
         foreach ($list as $row) {
             if ($row->user_id == $skip_id) {
                 continue;
             }
             $m = new mvb_Model_User($row->user_id);
             if ($m->has_cap($role)) {
                 $m->remove_role($role);
                 $m->add_role($replace_role);
             }
         }
     }
 }
Example #13
0
 /**
  * Get Current User
  *
  * @return mvb_Model_User
  */
 public static function getCurrentUser()
 {
     if (!self::$current_user) {
         self::$current_user = new mvb_Model_User(get_current_user_id());
     }
     return self::$current_user;
 }
 protected function initAccessConfig()
 {
     $a_conf = stripslashes(mvb_Model_API::getBlogOption(WPACCESS_PREFIX . 'access_config'));
     require_once 'Zend/Config.php';
     require_once 'Zend/Config/Ini_Str.php';
     if (trim($a_conf)) {
         $a_conf = new Zend_Config_Ini_Str($a_conf);
     }
     $this->access_config = new mvb_Model_ConfigPress($a_conf);
 }
 private function init_key_params()
 {
     global $menu, $submenu;
     $roles = mvb_Model_API::getCurrentUser()->getRoles();
     $keys = array('post_type' => 1, 'page' => 1);
     //add core params
     if (in_array(WPACCESS_ADMIN_ROLE, $roles)) {
         //do this only for admin role
         if (is_array($menu)) {
             //main menu
             foreach ($menu as $item) {
                 $keys = array_merge($keys, $this->get_parts($item[2]));
             }
         }
         if (is_array($submenu)) {
             foreach ($submenu as $m => $s_items) {
                 if (is_array($s_items)) {
                     foreach ($s_items as $item) {
                         $keys = array_merge($keys, $this->get_parts($item[2]));
                     }
                 }
             }
         }
         mvb_Model_API::updateBlogOption(WPACCESS_PREFIX . 'key_params', $keys);
     }
 }
Example #16
0
 public static function getUserList($role)
 {
     $args = array('number' => '', 'blog_id' => mvb_Model_API::getCurrentBlog()->getID(), 'role' => $role, 'fields' => 'all', 'orderby' => 'user_nicename', 'order' => 'ASC');
     // Query the user IDs for this page
     $wp_user_search = new WP_User_Query($args);
     $result = $wp_user_search->get_results();
     if (!is_array($result)) {
         $result = array();
     }
     return $result;
 }
Example #17
0
 /**
  * Get Data from Database
  *
  * @param string $option
  * @return array
  * @todo Delete in next releases
  */
 protected static function getRoleOldData($role, $option)
 {
     $data = mvb_Model_API::getBlogOption($option);
     $data = isset($data[$role]) ? $data[$role] : array();
     return $data;
 }
Example #18
0
 function do_save()
 {
     if (isset($_POST['submited'])) {
         $params = isset($_POST['wpaccess']) ? $_POST['wpaccess'] : array();
         $error_message = NULL;
         if (mvb_Model_API::isNetworkPanel() && mvb_Model_ConfigPress::getOption('aam.multisite.apply_all') == 'true') {
             $limit = apply_filters(WPACCESS_PREFIX . 'msar_restrict_limit', WPACCESS_APPLY_LIMIT);
             foreach (mvb_Model_Helper::getSiteList() as $i => $site) {
                 if ($site->blog_id == $_GET['site']) {
                     continue;
                 } elseif ($i + 1 >= WPACCESS_APPLY_LIMIT && $limit != -1) {
                     $error_message = mvb_Model_Label::get('LABEL_148');
                     break;
                 }
                 mvb_Model_API::setCurrentBlog($site->blog_id);
                 $this->initConfig();
                 $this->config->setMenu(isset($params['menu']) ? $params['menu'] : array());
                 $this->config->setMetaboxes(isset($params['metabox']) ? $params['metabox'] : array());
                 $this->config->setCapabilities(isset($params['advance']) ? $params['advance'] : array());
                 $this->config->saveConfig();
             }
         }
         //overwrite current blog
         //TODO - maybe there is better way
         if (isset($_GET['site'])) {
             mvb_Model_API::setCurrentBlog($_GET['site']);
         }
         $this->config->setMenu(isset($params['menu']) ? $params['menu'] : array());
         $this->config->setMetaboxes(isset($params['metabox']) ? $params['metabox'] : array());
         $this->config->setCapabilities(isset($params['advance']) ? $params['advance'] : array());
         $this->config->saveConfig();
         mvb_Model_ConfigPress::saveConfig(stripslashes($params['config_press']));
     } else {
         $error_message = FALSE;
     }
     return $error_message;
 }
 /**
  *
  * @global type $submenu
  * @param type $template
  * @return type 
  */
 public function renderMainMenuOptions($template)
 {
     global $submenu;
     $s_menu = $this->getRoleMenu();
     /*
      * First Tab - Main Menu
      */
     $listTemplate = $this->templObj->retrieveSub('MAIN_MENU_LIST', $template);
     $itemTemplate = $this->templObj->retrieveSub('MAIN_MENU_ITEM', $listTemplate);
     $sublistTemplate = $this->templObj->retrieveSub('MAIN_MENU_SUBLIST', $itemTemplate);
     $subitemTemplate = $this->templObj->retrieveSub('MAIN_MENU_SUBITEM', $sublistTemplate);
     $list = '';
     if (is_array($s_menu)) {
         foreach ($s_menu as $menuItem) {
             if (!$menuItem[0]) {
                 //seperator
                 continue;
             }
             //render submenu
             $subList = '';
             if (isset($submenu[$menuItem[2]]) && is_array($submenu[$menuItem[2]])) {
                 foreach ($submenu[$menuItem[2]] as $submenuItem) {
                     $checked = $this->checkChecked('submenu', array($menuItem[2], $submenuItem[2]));
                     $markers = array('###submenu_name###' => $this->removeHTML($submenuItem[0]), '###value###' => $submenuItem[2], '###checked###' => $checked);
                     $subList .= $this->templObj->updateMarkers($markers, $subitemTemplate);
                 }
                 $subList = $this->templObj->replaceSub('MAIN_MENU_SUBITEM', $subList, $sublistTemplate);
             }
             $tTempl = $this->templObj->replaceSub('MAIN_MENU_SUBLIST', $subList, $itemTemplate);
             $markers = array('###name###' => $this->removeHTML($menuItem[0]), '###id###' => $menuItem[5], '###menu###' => $menuItem[2], '###whole_checked###' => $this->checkChecked('menu', array($menuItem[2])));
             $list .= $this->templObj->updateMarkers($markers, $tTempl);
         }
     }
     $listTemplate = $this->templObj->replaceSub('MAIN_MENU_ITEM', $list, $listTemplate);
     $template = $this->templObj->replaceSub('MAIN_MENU_LIST', $listTemplate, $template);
     /*
      * Second Tab - Metaboxes
      */
     $listTemplate = $this->renderMetaboxList($template);
     $template = $this->templObj->replaceSub('METABOX_LIST', $listTemplate, $template);
     /*
      * Third Tab - Advance Settings
      */
     $capList = mvb_Model_API::getCurrentUser()->getAllCaps();
     //TODO ?
     ksort($capList);
     $listTemplate = $this->templObj->retrieveSub('CAPABILITY_LIST', $template);
     $itemTemplate = $this->templObj->retrieveSub('CAPABILITY_ITEM', $listTemplate);
     $list = '';
     if (is_array($capList) && count($capList)) {
         foreach ($capList as $cap => $dump) {
             $desc = str_replace("\n", '<br/>', mvb_Model_Label::get($cap));
             $markers = array('###title###' => $cap, '###description###' => $desc, '###checked###' => $this->checkChecked('capability', array($cap)), '###cap_name###' => mvb_Model_Helper::getCapabilityHumanTitle($cap));
             $titem = $this->templObj->updateMarkers($markers, $itemTemplate);
             if (!in_array($cap, $this->custom_caps)) {
                 $titem = $this->templObj->replaceSub('CAPABILITY_DELETE', '', $titem);
             } else {
                 $titem = $this->templObj->replaceSub('CAPABILITY_DELETE', $this->templObj->retrieveSub('CAPABILITY_DELETE', $titem), $titem);
             }
             $list .= $titem;
         }
         $template = $this->templObj->replaceSub('CAPABILITY_LIST_EMPTY', '', $template);
     } else {
         $empty = $this->templObj->retrieveSub('CAPABILITY_LIST_EMPTY', $template);
         $template = $this->templObj->replaceSub('CAPABILITY_LIST_EMPTY', $empty, $template);
     }
     $listTemplate = $this->templObj->replaceSub('CAPABILITY_ITEM', $list, $listTemplate);
     $template = $this->templObj->replaceSub('CAPABILITY_LIST', $listTemplate, $template);
     //Posts & Pages
     $template = $this->templObj->replaceSub('POST_INFORMATION', '', $template);
     $template = $this->templObj->updateMarkers(array('###access_config###' => stripslashes(mvb_Model_API::getBlogOption(WPACCESS_PREFIX . 'access_config', ''))), $template);
     return $template;
 }
 function checkAccess($requestedMenu)
 {
     if (!mvb_Model_API::isSuperAdmin()) {
         //get base file
         $parts = $this->get_parts($requestedMenu);
         //aam_debug($this->cParams[$role]['menu']);
         foreach (mvb_Model_AccessControl::getUserConf()->getMenu() as $menu => $sub) {
             if ($this->compareMenus($parts, $menu) && isset($sub['whole'])) {
                 return FALSE;
             }
             if (isset($sub['sub']) && is_array($sub['sub'])) {
                 foreach ($sub['sub'] as $subMenu => $dummy) {
                     if ($this->compareMenus($parts, $subMenu)) {
                         return FALSE;
                     }
                 }
             }
         }
     }
     return TRUE;
 }