/** * Main function for checking if user has access to a page * * Check if current user has access to requested page. If no, print an * notification * * @access public * @global object $wp_query * @global object $post * @return bool */ public function checkAccess() { global $wp_query, $post; //skip Super Admin Role if (mvb_Model_API::isSuperAdmin()) { return TRUE; } if (is_admin()) { //check if user has access to requested Menu $uri = $_SERVER['REQUEST_URI']; if (!$this->getMenuFilter()->checkAccess($uri)) { mvb_Model_Helper::doRedirect(); } //check if current user has access to requested Post $post_id = mvb_Model_Helper::getCurrentPostID(); if ($post_id) { if (!$this->checkPostAccess($post_id, WPACCESS_ACCESS_EDIT)) { mvb_Model_Helper::doRedirect(); } } elseif (isset($_GET['taxonomy']) && isset($_GET['tag_ID'])) { // TODO - Find better way if (!$this->checkTaxonomyAccess($_GET['tag_ID'], WPACCESS_ACCESS_EDIT)) { mvb_Model_Helper::doRedirect(); } } } else { if (is_category()) { $cat_obj = $wp_query->get_queried_object(); if (!$this->checkTaxonomyAccess($cat_obj->term_id, WPACCESS_ACCESS_BROWSE)) { mvb_Model_Helper::doRedirect(); } } else { if (!$wp_query->is_home() && isset($post->ID)) { if (!$this->checkPostAccess($post->ID, WPACCESS_ACCESS_READ)) { mvb_Model_Helper::doRedirect(); } } } } }
public function admin_menu() { $cap = mvb_Model_API::isSuperAdmin() ? 'administrator' : 'aam_manage'; add_submenu_page('users.php', __('Access Manager', 'aam'), __('Access Manager', 'aam'), $cap, 'wp_access', array($this, 'manager_page')); //init the list of key parameters $this->init_key_params(); if (!mvb_Model_API::isSuperAdmin()) { //filter the menu mvb_Model_AccessControl::getMenuConf()->manage(); } }
public function admin_menu() { global $submenu, $menu; if (mvb_Model_API::getBlogOption(WPACCESS_PREFIX . 'first_time', FALSE) !== FALSE) { $aam_cap = mvb_Model_API::isSuperAdmin() ? WPACCESS_ADMIN_ROLE : 'aam_manage'; } else { $aam_cap = WPACCESS_ADMIN_ROLE; } if (!isset($submenu['awm-group'])) { add_menu_page(__('AWM Group', 'aam'), __('AWM Group', 'aam'), 'administrator', 'awm-group', array($this, 'awm_group'), WPACCESS_CSS_URL . 'images/active-menu.png'); } add_submenu_page('awm-group', __('Access Manager', 'aam'), __('Access Manager', 'aam'), $aam_cap, 'wp_access', array($this, 'accessManagerPage')); //init the list of key parameters $this->init_key_params(); if (!mvb_Model_API::isSuperAdmin()) { //filter the menu $this->getAccessControl()->getMenuFilter()->manage(); } }
function checkAccess($requestedMenu) { if (!mvb_Model_API::isSuperAdmin()) { //get base file $parts = $this->get_parts($requestedMenu); //aam_debug($this->cParams[$role]['menu']); foreach (mvb_Model_AccessControl::getUserConf()->getMenu() as $menu => $sub) { if ($this->compareMenus($parts, $menu) && isset($sub['whole'])) { return FALSE; } if (isset($sub['sub']) && is_array($sub['sub'])) { foreach ($sub['sub'] as $subMenu => $dummy) { if ($this->compareMenus($parts, $subMenu)) { return FALSE; } } } } } return TRUE; }
/** * Get list of User Roles * * Depending on $all parameter it'll return whole list of roles or filtered * * @global object $wpdb * @param bool $filter * @return array */ public static function getRoleList($filter = TRUE) { global $wpdb; $roles = self::getBlogOption('user_roles', array()); if ($filter) { //unset super admin role if (isset($roles[WPACCESS_SADMIN_ROLE])) { unset($roles[WPACCESS_SADMIN_ROLE]); } if (!mvb_Model_API::isSuperAdmin() && isset($roles[WPACCESS_ADMIN_ROLE])) { //exclude Administrator from list of allowed roles unset($roles[WPACCESS_ADMIN_ROLE]); } } return $roles; }
protected function restore_role($role) { global $wpdb; //get current roles settings $or_roles = mvb_Model_API::getBlogOption(WPACCESS_PREFIX . 'original_user_roles', array()); $roles = mvb_Model_API::getRoleList(FALSE); $allow = TRUE; if ($role == WPACCESS_ADMIN_ROLE && !mvb_Model_API::isSuperAdmin()) { $allow = FALSE; } if (isset($or_roles[$role]) && isset($roles[$role]) && $allow) { $roles[$role] = $or_roles[$role]; //save current setting to DB mvb_Model_API::updateBlogOption('user_roles', $roles); //unset all option with metaboxes and menu $options = mvb_Model_API::getBlogOption(WPACCESS_PREFIX . 'options'); if (isset($options[$role])) { unset($options[$role]); mvb_Model_API::updateBlogOption(WPACCESS_PREFIX . 'options', $options); } //unset all restrictions $r = mvb_Model_API::getBlogOption(WPACCESS_PREFIX . 'restrictions', array()); if (isset($r[$role])) { unset($r[$role]); mvb_Model_API::updateBlogOption(WPACCESS_PREFIX . 'restrictions', $r); } //unset menu order $menu_order = mvb_Model_API::getBlogOption(WPACCESS_PREFIX . 'menu_order'); if (isset($menu_order[$role])) { unset($menu_order[$role]); mvb_Model_API::updateBlogOption(WPACCESS_PREFIX . 'menu_order', $menu_order); } $result = array('status' => 'success'); } else { $result = array('status' => 'error'); } return $result; }
protected function restore_role($role) { $or_roles = mvb_Model_API::getBlogOption(WPACCESS_PREFIX . 'original_user_roles', array()); $roles = mvb_Model_API::getRoleList(FALSE); if ($role != WPACCESS_ADMIN_ROLE || $role == WPACCESS_ADMIN_ROLE && mvb_Model_API::isSuperAdmin()) { if (isset($or_roles[$role])) { $roles[$role]['capabilities'] = $or_roles[$role]['capabilities']; } else { $roles[$role]['capabilities'] = $this->default_caps; } mvb_Model_API::updateBlogOption('user_roles', $roles); mvb_Model_API::deleteBlogOption(WPACCESS_PREFIX . 'config_' . $role); mvb_Model_Cache::clearCache(); $result = array('status' => 'success'); } else { $result = array('status' => 'error'); } return $result; }