/** * Get Data from Database * * @param string $option * @return array * @todo Delete in next releases */ protected function getOldData($option) { $id = $this->getID(); $data = mvb_Model_API::getBlogOption($option); $data = isset($data[$id]) ? $data[$id] : array(); return $data; }
public static function renderRoleSelector($tmpl) { $tmpl = mvb_Model_Template::retrieveSub('ROLE_LIST', $tmpl); $list = ''; foreach (mvb_Model_API::getRoleList() as $role => $data) { $selected = self::$parent->getCurrentRole() == $role ? 'selected' : ''; $markers = array('###value###' => $role, '###title###' => stripcslashes($data['name']) . ' ', '###selected###' => $selected); $list .= mvb_Model_Template::updateMarkers($markers, $tmpl); } return $list; }
public static function saveConfig($config) { $file = WPACCESS_BASE_DIR . 'config.ini'; if (is_writable($file) || chmod($file, 0755)) { file_put_contents($file, $config); } //also save to db as backup $default_blog = mvb_Model_API::getBlog(1); mvb_Model_API::updateBlogOption(WPACCESS_PREFIX . 'config_press', $config, $default_blog); //clear cache self::$config = NULL; }
/** * * @global array $submenu * @param string $tmpl * @param mvb_Model_Manager $parent * @return string */ public static function render($tmpl, $parent) { self::$user_summary = count_users(); $list_tmpl = mvb_Model_Template::retrieveSub('DELETE_ROLE_LIST', $tmpl); $item_tmpl = mvb_Model_Template::retrieveSub('DELETE_ROLE_ITEM', $list_tmpl); $list = ''; foreach (mvb_Model_API::getRoleList() as $role => $data) { $list .= self::renderRoleRow($role, $data, $item_tmpl); } $list = mvb_Model_Template::replaceSub('DELETE_ROLE_ITEM', $list, $list_tmpl); return mvb_Model_Template::replaceSub('DELETE_ROLE_LIST', $list, $tmpl); }
/** * * @global array $submenu * @param string $tmpl * @param mvb_Model_Manager $parent * @return string */ public static function render($tmpl, $parent) { global $wp_post_types; self::$parent = $parent; //get cache. Compatible with version previouse versions $cache = mvb_Model_API::getBlogOption(WPACCESS_PREFIX . 'cache', NULL); if (!is_array($cache)) { //yeap this is new version $cache = mvb_Model_API::getBlogOption(WPACCESS_PREFIX . 'options', array()); $cache = isset($cache['settings']) ? $cache['settings'] : array(); mvb_Model_API::updateBlogOption(WPACCESS_PREFIX . 'cache', $cache); } $row_tmpl = mvb_Model_Template::retrieveSub('METABOX_LIST_ITEM', $tmpl); $list = ''; if (isset($cache['metaboxes']) && is_array($cache['metaboxes'])) { $list_tmpl = mvb_Model_Template::retrieveSub('POST_METABOXES_LIST', $row_tmpl); $item_tmpl = mvb_Model_Template::retrieveSub('POST_METABOXES_ITEM', $list_tmpl); $widget_tmpl = mvb_Model_Template::retrieveSub('WIDGET_ITEM', $list_tmpl); foreach ($cache['metaboxes'] as $type => $metaboxes) { $render = TRUE; switch ($type) { case 'widgets': $temp = self::renderWidget($widget_tmpl, $metaboxes); $label = mvb_Model_Label::get('LABEL_79'); break; case 'dashboard': $temp = self::renderMetabox($item_tmpl, $metaboxes, $type); $label = mvb_Model_Label::get('LABEL_116'); break; default: if (isset($wp_post_types[$type])) { $temp = self::renderMetabox($item_tmpl, $metaboxes, $type); $label = $wp_post_types[$type]->labels->name; } else { $render = FALSE; } break; } if ($render) { $temp = mvb_Model_Template::replaceSub('POST_METABOXES_LIST', $temp, $row_tmpl); $list .= mvb_Model_Template::updateMarkers(array('###post_type_label###' => $label), $temp); } } $content = mvb_Model_Template::replaceSub('METABOX_LIST_ITEM', $list, $tmpl); $content = mvb_Model_Template::replaceSub('METABOX_LIST_EMPTY', '', $content); } else { $empty_tmpl = mvb_Model_Template::retrieveSub('METABOX_LIST_EMPTY', $tmpl); $content = mvb_Model_Template::replaceSub('METABOX_LIST_ITEM', '', $tmpl); $content = mvb_Model_Template::replaceSub('METABOX_LIST_EMPTY', $empty_tmpl, $content); } return $content; }
/** * {@inheritdoc } */ protected function getConfig() { $config = mvb_Model_API::getBlogOption(WPACCESS_PREFIX . 'config_' . $this->getID()); if ($config) { $this->setMenu($config->menu); $this->setMenuOrder($config->menu_order); $this->setMetaboxes($config->metaboxes); $this->setRestrictions($config->restrictions); } $roles = mvb_Model_API::getRoleList(FALSE); //TODO - Potensially hole if (isset($roles[$this->getID()]['capabilities'])) { $this->setCapabilities($roles[$this->getID()]['capabilities']); } }
function aam_set_current_user() { global $current_user; //overwrite user capabilities //TODO - Not optimized $config = mvb_Model_API::getUserAccessConfig($current_user->ID); if ($config instanceof mvb_Model_UserConfig) { $current_user->allcaps = $config->getCapabilities(); if ($config->getUser() instanceof WP_User) { foreach ($config->getUser()->getRoles() as $role) { $current_user->allcaps[$role] = 1; } } } }
/** * * @global array $submenu * @param string $tmpl * @param mvb_Model_Manager $parent * @return string */ public static function render($tmpl, $parent) { $all_caps = mvb_Model_API::getAllCapabilities(); $list = ''; if (is_array($all_caps) && count($all_caps)) { ksort($all_caps); $list_tmpl = mvb_Model_Template::retrieveSub('CAPABILITY_LIST', $tmpl); $row_tmpl = mvb_Model_Template::retrieveSub('CAPABILITY_ROW', $list_tmpl); $item_tmpl = mvb_Model_Template::retrieveSub('CAPABILITY_ITEM', $row_tmpl); $conf = mvb_Model_ConfigPress::getOption('aam.delete_capabilities'); $allow_delete = $conf == 'true' ? TRUE : FALSE; $grouped_list = array('Post & Page' => array(), 'Comment' => array(), 'Backend Interface' => array(), 'System' => array(), 'Miscelaneous' => array()); foreach ($all_caps as $cap => $dumy) { if (in_array($cap, self::$groups['system'])) { $grouped_list['System'][] = $cap; } elseif (in_array($cap, self::$groups['post'])) { $grouped_list['Post & Page'][] = $cap; } elseif (in_array($cap, self::$groups['comment'])) { $grouped_list['Comment'][] = $cap; } elseif (in_array($cap, self::$groups['backend'])) { $grouped_list['Backend Interface'][] = $cap; } else { $grouped_list['Miscelaneous'][] = $cap; } } foreach ($grouped_list as $group => $caps) { $item_list = ''; if (count($caps)) { foreach ($caps as $cap) { $item_list .= self::renderRow($cap, $item_tmpl, $parent, $allow_delete); } $list .= mvb_Model_Template::updateMarkers(array('###group_title###' => __($group, 'aam')), mvb_Model_Template::replaceSub('CAPABILITY_ITEM', $item_list, $row_tmpl)); } } $content = mvb_Model_Template::replaceSub('CAPABILITY_ROW', $list, $list_tmpl); $content = mvb_Model_Template::replaceSub('CAPABILITY_LIST', $content, $tmpl); $content = mvb_Model_Template::replaceSub('CAPABILITY_LIST_EMPTY', '', $content); } else { $empty = mvb_Model_Template::retrieveSub('CAPABILITY_LIST_EMPTY', $tmpl); $content = mvb_Model_Template::replaceSub('CAPABILITY_LIST', '', $tmpl); $content = mvb_Model_Template::replaceSub('CAPABILITY_LIST_EMPTY', $empty, $content); } return $content; }
public function renderInfo() { $id = mvb_Model_Helper::getParam('id', 'POST'); $type = mvb_Model_Helper::getParam('type', 'POST'); if (mvb_Model_Helper::getParam('restore', 'POST')) { $user = mvb_Model_Helper::getParam('user', 'POST'); $role = mvb_Model_Helper::getParam('role', 'POST'); if ($user) { $config = mvb_Model_API::getUserAccessConfig($user); } else { $config = mvb_Model_API::getRoleAccessConfig($role); } $config->deleteRestriction($type, $id); $config->saveConfig(); } $tmpl = mvb_Model_Template::retrieveSub('POST_INFORMATION', $this->template); $result = mvb_Model_Manager_Restriction::renderInfo($id, $type, $this, $tmpl); return $result; }
/** * Main function for checking if user has access to a page * * Check if current user has access to requested page. If no, print an * notification * * @access public * @global object $wp_query * @global object $post * @return bool */ public function checkAccess() { global $wp_query, $post; //skip Super Admin Role if (mvb_Model_API::isSuperAdmin()) { return TRUE; } if (is_admin()) { //check if user has access to requested Menu $uri = $_SERVER['REQUEST_URI']; if (!$this->getMenuFilter()->checkAccess($uri)) { mvb_Model_Helper::doRedirect(); } //check if current user has access to requested Post $post_id = mvb_Model_Helper::getCurrentPostID(); if ($post_id) { if (!$this->checkPostAccess($post_id, WPACCESS_ACCESS_EDIT)) { mvb_Model_Helper::doRedirect(); } } elseif (isset($_GET['taxonomy']) && isset($_GET['tag_ID'])) { // TODO - Find better way if (!$this->checkTaxonomyAccess($_GET['tag_ID'], WPACCESS_ACCESS_EDIT)) { mvb_Model_Helper::doRedirect(); } } } else { if (is_category()) { $cat_obj = $wp_query->get_queried_object(); if (!$this->checkTaxonomyAccess($cat_obj->term_id, WPACCESS_ACCESS_BROWSE)) { mvb_Model_Helper::doRedirect(); } } else { if (!$wp_query->is_home() && isset($post->ID)) { if (!$this->checkPostAccess($post->ID, WPACCESS_ACCESS_READ)) { mvb_Model_Helper::doRedirect(); } } } } }
/** * Clear Cache */ public static function clearCache() { if (self::canBeCached()) { $cache = self::getCacheObject(); $cache->clean(Zend_Cache::CLEANING_MODE_ALL); } //TODO - there is some mess with cache. Should be fixed mvb_Model_API::clearCache(); }
protected function deprive_role($skip_id, $role, $replace_role) { global $wpdb; //TODO Should be better way to grab the list of users $blog = mvb_Model_API::getCurrentBlog(); $query = "SELECT user_id FROM {$wpdb->usermeta} WHERE "; $query .= 'meta_key = "' . $blog->getPrefix() . 'capabilities"'; $list = $wpdb->get_results($query); if (is_array($list) && count($list)) { foreach ($list as $row) { if ($row->user_id == $skip_id) { continue; } $m = new mvb_Model_User($row->user_id); if ($m->has_cap($role)) { $m->remove_role($role); $m->add_role($replace_role); } } } }
/** * Get Current User * * @return mvb_Model_User */ public static function getCurrentUser() { if (!self::$current_user) { self::$current_user = new mvb_Model_User(get_current_user_id()); } return self::$current_user; }
protected function initAccessConfig() { $a_conf = stripslashes(mvb_Model_API::getBlogOption(WPACCESS_PREFIX . 'access_config')); require_once 'Zend/Config.php'; require_once 'Zend/Config/Ini_Str.php'; if (trim($a_conf)) { $a_conf = new Zend_Config_Ini_Str($a_conf); } $this->access_config = new mvb_Model_ConfigPress($a_conf); }
private function init_key_params() { global $menu, $submenu; $roles = mvb_Model_API::getCurrentUser()->getRoles(); $keys = array('post_type' => 1, 'page' => 1); //add core params if (in_array(WPACCESS_ADMIN_ROLE, $roles)) { //do this only for admin role if (is_array($menu)) { //main menu foreach ($menu as $item) { $keys = array_merge($keys, $this->get_parts($item[2])); } } if (is_array($submenu)) { foreach ($submenu as $m => $s_items) { if (is_array($s_items)) { foreach ($s_items as $item) { $keys = array_merge($keys, $this->get_parts($item[2])); } } } } mvb_Model_API::updateBlogOption(WPACCESS_PREFIX . 'key_params', $keys); } }
public static function getUserList($role) { $args = array('number' => '', 'blog_id' => mvb_Model_API::getCurrentBlog()->getID(), 'role' => $role, 'fields' => 'all', 'orderby' => 'user_nicename', 'order' => 'ASC'); // Query the user IDs for this page $wp_user_search = new WP_User_Query($args); $result = $wp_user_search->get_results(); if (!is_array($result)) { $result = array(); } return $result; }
/** * Get Data from Database * * @param string $option * @return array * @todo Delete in next releases */ protected static function getRoleOldData($role, $option) { $data = mvb_Model_API::getBlogOption($option); $data = isset($data[$role]) ? $data[$role] : array(); return $data; }
function do_save() { if (isset($_POST['submited'])) { $params = isset($_POST['wpaccess']) ? $_POST['wpaccess'] : array(); $error_message = NULL; if (mvb_Model_API::isNetworkPanel() && mvb_Model_ConfigPress::getOption('aam.multisite.apply_all') == 'true') { $limit = apply_filters(WPACCESS_PREFIX . 'msar_restrict_limit', WPACCESS_APPLY_LIMIT); foreach (mvb_Model_Helper::getSiteList() as $i => $site) { if ($site->blog_id == $_GET['site']) { continue; } elseif ($i + 1 >= WPACCESS_APPLY_LIMIT && $limit != -1) { $error_message = mvb_Model_Label::get('LABEL_148'); break; } mvb_Model_API::setCurrentBlog($site->blog_id); $this->initConfig(); $this->config->setMenu(isset($params['menu']) ? $params['menu'] : array()); $this->config->setMetaboxes(isset($params['metabox']) ? $params['metabox'] : array()); $this->config->setCapabilities(isset($params['advance']) ? $params['advance'] : array()); $this->config->saveConfig(); } } //overwrite current blog //TODO - maybe there is better way if (isset($_GET['site'])) { mvb_Model_API::setCurrentBlog($_GET['site']); } $this->config->setMenu(isset($params['menu']) ? $params['menu'] : array()); $this->config->setMetaboxes(isset($params['metabox']) ? $params['metabox'] : array()); $this->config->setCapabilities(isset($params['advance']) ? $params['advance'] : array()); $this->config->saveConfig(); mvb_Model_ConfigPress::saveConfig(stripslashes($params['config_press'])); } else { $error_message = FALSE; } return $error_message; }
/** * * @global type $submenu * @param type $template * @return type */ public function renderMainMenuOptions($template) { global $submenu; $s_menu = $this->getRoleMenu(); /* * First Tab - Main Menu */ $listTemplate = $this->templObj->retrieveSub('MAIN_MENU_LIST', $template); $itemTemplate = $this->templObj->retrieveSub('MAIN_MENU_ITEM', $listTemplate); $sublistTemplate = $this->templObj->retrieveSub('MAIN_MENU_SUBLIST', $itemTemplate); $subitemTemplate = $this->templObj->retrieveSub('MAIN_MENU_SUBITEM', $sublistTemplate); $list = ''; if (is_array($s_menu)) { foreach ($s_menu as $menuItem) { if (!$menuItem[0]) { //seperator continue; } //render submenu $subList = ''; if (isset($submenu[$menuItem[2]]) && is_array($submenu[$menuItem[2]])) { foreach ($submenu[$menuItem[2]] as $submenuItem) { $checked = $this->checkChecked('submenu', array($menuItem[2], $submenuItem[2])); $markers = array('###submenu_name###' => $this->removeHTML($submenuItem[0]), '###value###' => $submenuItem[2], '###checked###' => $checked); $subList .= $this->templObj->updateMarkers($markers, $subitemTemplate); } $subList = $this->templObj->replaceSub('MAIN_MENU_SUBITEM', $subList, $sublistTemplate); } $tTempl = $this->templObj->replaceSub('MAIN_MENU_SUBLIST', $subList, $itemTemplate); $markers = array('###name###' => $this->removeHTML($menuItem[0]), '###id###' => $menuItem[5], '###menu###' => $menuItem[2], '###whole_checked###' => $this->checkChecked('menu', array($menuItem[2]))); $list .= $this->templObj->updateMarkers($markers, $tTempl); } } $listTemplate = $this->templObj->replaceSub('MAIN_MENU_ITEM', $list, $listTemplate); $template = $this->templObj->replaceSub('MAIN_MENU_LIST', $listTemplate, $template); /* * Second Tab - Metaboxes */ $listTemplate = $this->renderMetaboxList($template); $template = $this->templObj->replaceSub('METABOX_LIST', $listTemplate, $template); /* * Third Tab - Advance Settings */ $capList = mvb_Model_API::getCurrentUser()->getAllCaps(); //TODO ? ksort($capList); $listTemplate = $this->templObj->retrieveSub('CAPABILITY_LIST', $template); $itemTemplate = $this->templObj->retrieveSub('CAPABILITY_ITEM', $listTemplate); $list = ''; if (is_array($capList) && count($capList)) { foreach ($capList as $cap => $dump) { $desc = str_replace("\n", '<br/>', mvb_Model_Label::get($cap)); $markers = array('###title###' => $cap, '###description###' => $desc, '###checked###' => $this->checkChecked('capability', array($cap)), '###cap_name###' => mvb_Model_Helper::getCapabilityHumanTitle($cap)); $titem = $this->templObj->updateMarkers($markers, $itemTemplate); if (!in_array($cap, $this->custom_caps)) { $titem = $this->templObj->replaceSub('CAPABILITY_DELETE', '', $titem); } else { $titem = $this->templObj->replaceSub('CAPABILITY_DELETE', $this->templObj->retrieveSub('CAPABILITY_DELETE', $titem), $titem); } $list .= $titem; } $template = $this->templObj->replaceSub('CAPABILITY_LIST_EMPTY', '', $template); } else { $empty = $this->templObj->retrieveSub('CAPABILITY_LIST_EMPTY', $template); $template = $this->templObj->replaceSub('CAPABILITY_LIST_EMPTY', $empty, $template); } $listTemplate = $this->templObj->replaceSub('CAPABILITY_ITEM', $list, $listTemplate); $template = $this->templObj->replaceSub('CAPABILITY_LIST', $listTemplate, $template); //Posts & Pages $template = $this->templObj->replaceSub('POST_INFORMATION', '', $template); $template = $this->templObj->updateMarkers(array('###access_config###' => stripslashes(mvb_Model_API::getBlogOption(WPACCESS_PREFIX . 'access_config', ''))), $template); return $template; }
function checkAccess($requestedMenu) { if (!mvb_Model_API::isSuperAdmin()) { //get base file $parts = $this->get_parts($requestedMenu); //aam_debug($this->cParams[$role]['menu']); foreach (mvb_Model_AccessControl::getUserConf()->getMenu() as $menu => $sub) { if ($this->compareMenus($parts, $menu) && isset($sub['whole'])) { return FALSE; } if (isset($sub['sub']) && is_array($sub['sub'])) { foreach ($sub['sub'] as $subMenu => $dummy) { if ($this->compareMenus($parts, $subMenu)) { return FALSE; } } } } } return TRUE; }