require_once dirname(__FILE__) . '/feed-interceptor_rs.php'; // must define get_currentuserinfo early } //log_mem_usage_rs( 'initial requires' ); if (!$bail) { require_once dirname(__FILE__) . '/defaults_rs.php'; //log_mem_usage_rs( 'defaults_rs' ); if (IS_MU_RS && agp_is_plugin_network_active(SCOPER_BASENAME)) { scoper_refresh_options_sitewide(); } //log_mem_usage_rs( 'refresh_options_sitewide' ); //scoper_refresh_default_options(); // if role options were just updated via http POST, use new values rather than loading old option values from DB // These option values are used in WP_Scoped_User constructor if (is_admin() && isset($_POST['enable_group_roles']) && 0 === strpos($GLOBALS['plugin_page_cr'], 'rs-')) { scoper_use_posted_init_options(); } else { scoper_get_init_options(); } if (IS_MU_RS && agp_is_plugin_network_active(SCOPER_BASENAME)) { // If groups are sitewide, default groups must also be defined/applied sitewide (and vice versa) global $scoper_sitewide_groups, $scoper_options_sitewide; if ($scoper_sitewide_groups = scoper_get_site_option('mu_sitewide_groups')) { $scoper_options_sitewide['default_groups'] = true; } elseif (isset($scoper_options_sitewide['default_groups'])) { unset($scoper_options_sitewide['default_groups']); } } // rs_blog_roles option has never been active in any RS release; leave commented here in case need arises //define ( 'RS_BLOG_ROLES', scoper_get_option('rs_blog_roles') ); //log_mem_usage_rs( 'user-plug_rs' );
function build_menu() { if (strpos($_SERVER['REQUEST_URI'], 'wp-admin/network/')) { return; } global $plugin_page_cr; if (!defined('USER_ROLES_RS') && isset($_POST['enable_group_roles'])) { scoper_use_posted_init_options(); } global $current_user; $is_option_administrator = is_option_administrator_rs(); $is_user_administrator = is_user_administrator_rs(); $is_content_administrator = is_content_administrator_rs(); /* // optional hack to prevent roles / restrictions menu for non-Administrators // // This is now handled as a Role Scoper Option. // In Roles > Options > Features > Content Maintenance, set "Roles and Restrictions can be set" to "Administrators only" // // To prevent Role Scoper from filtering the backend at all, go to Roles > Options > Realm > Access Types and deselect "editing and administering content" // // end optional hack */ $require_blogwide_editor = scoper_get_option('role_admin_blogwide_editor_only'); if (!$is_content_administrator && 'admin_content' == $require_blogwide_editor) { if (!$is_option_administrator) { return; } } if (!$is_user_administrator && 'admin' == $require_blogwide_editor) { if (!$is_option_administrator) { return; } } $can_admin_objects = array(); $can_admin_terms = array(); $use_post_types = scoper_get_option('use_post_types'); $use_taxonomies = scoper_get_option('use_taxonomies'); // which object types does this user have any administration over? foreach ($this->scoper->data_sources->get_all() as $src_name => $src) { if (!empty($src->no_object_roles) || !empty($src->taxonomy_only) || 'group' == $src_name) { continue; } $object_types = isset($src->object_types) ? $src->object_types : array($src_name => true); foreach (array_keys($object_types) as $object_type) { if ('post' == $src_name && empty($use_post_types[$object_type])) { continue; } if (is_administrator_rs($src, 'user') || $this->user_can_admin_object($src_name, $object_type, 0, true)) { if (scoper_get_otype_option('use_object_roles', "{$src_name}:{$object_type}")) { $can_admin_objects[$src_name][$object_type] = true; } } } } // which taxonomies does this user have any administration over? foreach ($this->scoper->taxonomies->get_all() as $taxonomy => $tx) { if (taxonomy_exists($taxonomy) && empty($use_taxonomies[$taxonomy]) && 'post' == $tx->object_source) { continue; } if (is_taxonomy_used_rs($taxonomy) && (is_administrator_rs($tx->source, 'user') || $this->user_can_admin_terms($taxonomy))) { $can_admin_terms[$taxonomy] = true; } } // Users Tab if (DEFINE_GROUPS_RS) { $can_manage_groups = DEFINE_GROUPS_RS && ($is_user_administrator || current_user_can('recommend_group_membership')); $cap_req = $can_manage_groups ? 'read' : 'manage_groups'; $groups_caption = defined('GROUPS_CAPTION_RS') ? GROUPS_CAPTION_RS : __('Role Groups', 'scoper'); if (!IS_MU_RS || !scoper_get_site_option('mu_sitewide_groups')) { add_submenu_page('users.php', $groups_caption, $groups_caption, $cap_req, 'rs-groups', array(&$this, 'menu_handler')); } elseif (IS_MU_RS && !awp_ver('3.1')) { add_submenu_page("ms-admin.php", $groups_caption, $groups_caption, $cap_req, 'rs-groups', array(&$this, 'menu_handler')); } // satisfy WordPress' demand that all admin links be properly defined in menu if ('rs-default_groups' == $plugin_page_cr) { add_submenu_page('users.php', __('User Groups', 'scoper'), __('Default Groups', 'scoper'), $cap_req, 'rs-default_groups', array(&$this, 'menu_handler')); } if ('rs-group_members' == $plugin_page_cr) { add_submenu_page('users.php', __('User Groups', 'scoper'), __('Group Members', 'scoper'), $cap_req, 'rs-group_members', array(&$this, 'menu_handler')); } } // the rest of this function pertains to Roles and Restrictions menus if (!$is_user_administrator && !$can_admin_terms && !$is_user_administrator && !$can_admin_objects) { return; } $general_roles = $is_user_administrator; // && scoper_get_option('rs_blog_roles'); // rs_blog_roles option has never been active in any RS release; leave commented here in case need arises // determine the official WP-registered URL for roles and restrictions menus $object_submenus_first = false; $use_users_menu = defined('OZH_MENU_VER') && !defined('SCOPER_FORCE_ROLES_MENU') || defined('SCOPER_FORCE_USERS_MENU'); $tweak_menu = false; if ($use_users_menu) { $roles_menu = 'users.php'; $restrictions_menu = 'users.php'; if ($is_option_administrator) { add_submenu_page($roles_menu, __('Role Options', 'scoper'), __('Role Options', 'scoper'), 'read', 'rs-options', array(&$this, 'menu_handler')); } } else { if (!empty($can_admin_terms['category'])) { $roles_menu = 'rs-category-roles_t'; $restrictions_menu = 'rs-category-restrictions_t'; } elseif (!empty($can_admin_objects['post']['post'])) { $roles_menu = 'rs-post-roles'; $restrictions_menu = 'rs-post-restrictions'; $object_submenus_first = true; } elseif (!empty($can_admin_objects['post']['page'])) { // TODO: handle custom types here? $roles_menu = 'rs-page-roles'; $restrictions_menu = 'rs-page-restrictions'; $object_submenus_first = true; } elseif ($can_admin_terms && $this->scoper->taxonomies->member_property(key($can_admin_terms), 'requires_term')) { $taxonomy = key($can_admin_terms); $roles_menu = "rs-{$taxonomy}-roles_t"; $restrictions_menu = "rs-{$taxonomy}-restrictions_t"; } elseif ($can_admin_objects) { $src_name = key($can_admin_objects); $object_type = key($can_admin_objects[$src_name]); if ($src_name != $object_type && 'post' != $src_name) { $roles_menu = "rs-{$object_type}-roles_{$src_name}"; $restrictions_menu = "rs-{$object_type}-restrictions_{$src_name}"; } else { $roles_menu = "rs-{$object_type}-roles"; $restrictions_menu = "rs-{$object_type}-restrictions"; } $object_submenus_first = true; } else { // shouldn't ever need this $roles_menu = 'rs-roles-post'; $restrictions_menu = 'rs-restrictions-post'; $object_submenus_first = true; } if ($general_roles) { $roles_menu = 'rs-general_roles'; } if ($is_option_administrator) { $roles_menu = 'rs-options'; } // option administrators always have RS Options as top level roles submenu if ($is_user_administrator) { if (empty($restrictions_menu)) { $restrictions_menu = 'rs-category-restrictions_t'; } // If RS Realms are customized, the can_admin_terms / can_admin_objects result can override this default, even for user administrators } // Register the menus with WP using URI and links determined above global $menu; // Manually set menu indexes for positioning below Users menu, // but not if Flutter (a.k.a. Fresh Page) plugin is active. It re-indexes menu items if (!defined('SCOPER_DISABLE_MENU_TWEAK')) { //if ( awp_ver('2.9') ) { // review each WP version for menu indexes until there's a clean way to force menu proximity to 'Users' if (isset($menu[70]) && $menu[70][2] == 'users.php') { // WP 2.9 and 3.0 $tweak_menu = true; $restrictions_menu_key = 71; $roles_menu_key = 72; } //} } $roles_cap = 'read'; // we apply other checks within this function to confirm the menu is valid for current user $restrictions_caption = __('Restrictions', 'scoper'); $roles_caption = __('Roles', 'scoper'); if ($tweak_menu) { add_menu_page($restrictions_caption, __('Restrictions', 'scoper'), 'read', $restrictions_menu, array(&$this, 'menu_handler'), SCOPER_URLPATH . '/admin/images/menu/restrictions.png', $restrictions_menu_key); add_menu_page($roles_caption, __('Roles', 'scoper'), $roles_cap, $roles_menu, array(&$this, 'menu_handler'), SCOPER_URLPATH . '/admin/images/menu/roles.png', $roles_menu_key); } else { add_menu_page($restrictions_caption, __('Restrictions', 'scoper'), 'read', $restrictions_menu, array(&$this, 'menu_handler'), SCOPER_URLPATH . '/admin/images/menu/restrictions.png'); add_menu_page($roles_caption, __('Roles', 'scoper'), $roles_cap, $roles_menu, array(&$this, 'menu_handler'), SCOPER_URLPATH . '/admin/images/menu/roles.png'); } } // endif putting roles and restrictions links in Users menu if ($general_roles) { $menu_label = $use_users_menu ? __('General Roles', 'scoper') : __('General', 'scoper'); add_submenu_page($roles_menu, __('General Roles', 'scoper'), $menu_label, 'read', 'rs-general_roles', array(&$this, 'menu_handler')); } $first_pass = true; $submenu_types = $object_submenus_first ? array('object', 'term') : array('term', 'object'); foreach ($submenu_types as $scope) { if ('term' == $scope) { // Term Roles and Restrictions (will only display objects user can edit) if ($can_admin_terms) { // Will only allow assignment to terms for which current user has admin cap // Term Roles page also prevents assignment or removal of roles current user doesn't have foreach ($this->scoper->taxonomies->get_all() as $taxonomy => $tx) { if (empty($can_admin_terms[$taxonomy])) { continue; } $show_roles_menu = true; $menu_label = $use_users_menu ? sprintf(__('%s Roles', 'scoper'), $tx->labels->singular_name) : $tx->labels->name; add_submenu_page($roles_menu, sprintf(__('%s Roles', 'scoper'), $tx->labels->singular_name), $menu_label, 'read', "rs-{$taxonomy}-roles_t", array(&$this, 'menu_handler')); if (!empty($tx->requires_term)) { $show_restrictions_menu = true; $menu_label = $use_users_menu ? sprintf(__('%s Restrictions', 'scoper'), $tx->labels->singular_name) : $tx->labels->name; add_submenu_page($restrictions_menu, sprintf(__('%s Restrictions', 'scoper'), $tx->labels->singular_name), $menu_label, 'read', "rs-{$taxonomy}-restrictions_t", array(&$this, 'menu_handler')); } } // end foreach taxonomy } // endif can admin terms } else { // Object Roles (will only display objects user can edit) if ($can_admin_objects) { foreach ($this->scoper->data_sources->get_all() as $src_name => $src) { if (!empty($src->no_object_roles) || !empty($src->taxonomy_only) || 'group' == $src_name) { continue; } $object_types = isset($src->object_types) ? $src->object_types : array($src_name => true); foreach (array_keys($object_types) as $object_type) { if (empty($can_admin_objects[$src_name][$object_type])) { continue; } if ($require_blogwide_editor) { if (!$this->scoper->user_can_edit_blogwide($src_name, $object_type, array('require_others_cap' => true))) { continue; } } $show_roles_menu = true; $show_restrictions_menu = true; if ($src_name != $object_type && 'post' != $src_name) { $roles_page = "rs-{$object_type}-roles_{$src_name}"; $restrictions_page = "rs-{$object_type}-restrictions_{$src_name}"; } else { $roles_page = "rs-{$object_type}-roles"; $restrictions_page = "rs-{$object_type}-restrictions"; } $src_otype = isset($src->object_types) ? "{$src_name}:{$object_type}" : $src_name; $item_label_singular = $this->interpret_src_otype($src_otype, 'singular_name'); $item_label = $this->interpret_src_otype($src_otype); $menu_label = $use_users_menu ? sprintf(__('%s Roles', 'scoper'), $item_label_singular) : $item_label; add_submenu_page($roles_menu, sprintf(__('%s Roles', 'scoper'), $item_label_singular), $menu_label, 'read', $roles_page, array(&$this, 'menu_handler')); $menu_label = $use_users_menu ? sprintf(__('%s Restrictions', 'scoper'), $item_label_singular) : $item_label; add_submenu_page($restrictions_menu, sprintf(__('%s Restrictions', 'scoper'), $item_label_singular), $menu_label, 'read', $restrictions_page, array(&$this, 'menu_handler')); } // end foreach obj type } // end foreach data source } // endif can admin objects } // endif drawing object scope submenus } // end foreach submenu scope if ($is_user_administrator) { add_submenu_page($roles_menu, __('About Role Scoper', 'scoper'), __('About', 'scoper'), 'read', 'rs-about', array(&$this, 'menu_handler')); } global $submenu; // Change Role Scoper Options submenu title from default "Roles" to "Options" if ($is_option_administrator) { if (isset($submenu[$roles_menu][0][2]) && $roles_menu == $submenu[$roles_menu][0][2]) { $submenu[$roles_menu][0][0] = __awp('Options'); } // satisfy WordPress' demand that all admin links be properly defined in menu if ('rs-attachments_utility' == $plugin_page_cr) { add_submenu_page($roles_menu, __('Attachment Utility', 'scoper'), __('Attachment Utility', 'scoper'), 'read', 'rs-attachments_utility', array(&$this, 'menu_handler')); } } elseif (empty($show_restrictions_menu) || empty($show_roles_menu)) { // Remove Roles or Restrictions menu if it has no submenu if ($tweak_menu) { // since we forced the menu keys, no need to loop through menu looking for them if (empty($show_restrictions_menu) && isset($menu[$restrictions_menu_key])) { unset($menu[$restrictions_menu_key]); } if (empty($show_roles_menu) && isset($menu[$roles_menu_key])) { unset($menu[$roles_menu_key]); } } else { global $menu; foreach (array_keys($menu) as $key) { if (isset($menu[$key][0])) { if (empty($show_roles_menu) && $roles_caption == $menu[$key][0]) { unset($menu[$key]); } elseif (empty($show_restrictions_menu) && $restrictions_caption == $menu[$key][0]) { unset($menu[$key]); } } } } } // WP MU site options if (!awp_ver('3.1') && $is_option_administrator && IS_MU_RS) { scoper_mu_site_menu(); } // satisfy WordPress' demand that all admin links be properly defined in menu if ('rs-object_role_edit' == $plugin_page_cr) { add_submenu_page($roles_menu, __('Object Role Edit', 'scoper'), __('Object Role Edit', 'scoper'), 'read', 'rs-object_role_edit', array(&$this, 'menu_handler')); } }