function get_metagroup_members($metagroup_name, $args = array()) { require_once SCOPER_ABSPATH . '/admin/admin_lib_rs.php'; if ($group = ScoperAdminLib::get_group_by_name('[' . $metagroup_name . ']')) { return ScoperAdminLib::get_group_members($group->ID, COL_ID_RS, true); } return array(); }
function printGroupMembers() { $results = ScoperAdminLib::get_all_groups(FILTERED_RS); $alt = false; if (isset($results) && count($results) > 0) { echo "\n<table class='rs-member_table' width=\"100%\" border=\"0\" cellspacing=\"3\" cellpadding=\"3\">"; echo "\n\t<tr class=\"thead\">"; echo "\n\t\t<th>Group Name</th>\n\t\t<th>Members</th>\n\t\t<th> </th>"; echo "\n\t</tr>"; foreach ($results as $result) { $alt = !$alt; $style = $alt ? 'class=\'alternate\'' : 'margin: 1em 0 1em 0;'; echo "<tr " . $style . "><td>" . $result->display_name . "</td><td>"; if ($members = ScoperAdminLib::get_group_members($result->ID)) { printf(_n('%d user', '%d users', count($members), 'scoper'), count($members)); echo '<br />'; foreach ($members as $member) { echo "- " . $member->display_name . "<br />"; } } else { if ($result->meta_id) { _e('(automatic)', 'scoper'); } else { _e('(no users)', 'scoper'); } } echo "</td><td " . $style . ">"; if (!$result->meta_id) { echo "<a class='edit' href='admin.php?page=rs-group_members&mode=edit&id={$result->ID}'>" . __awp('Edit') . "</a>"; } echo "</td></tr>"; } echo "\n</table>"; } else { echo "<p><strong>" . __('No groups available.', 'scoper') . "</strong></p>"; } }
?> </h3> <?php $group_id = !empty($group) ? $group->ID : 0; // force_all_users arg is a temporary measure to ensure that any user can be viewed / added to a sitewide MU group regardless of what blog backend it's edited through $sitewide_groups = IS_MU_RS && scoper_get_site_option('mu_sitewide_groups'); $_args = $sitewide_groups ? array('force_all_users' => true) : array(); $all_users = $scoper->users_who_can('', COLS_ID_NAME_RS, '', '', $_args); // need this for group managers checklist even if using Ajax UI for members if (scoper_get_option('group_ajax')) { require_once dirname(__FILE__) . '/user_search_ui_rs.php'; $arr_display_names = array(); $status_users = array(); $status_users['active'] = ScoperAdminLib::get_group_members($group_id, COLS_ID_NAME_RS, false, array('status' => 'active')); $status_users['recommended'] = ScoperAdminLib::get_group_members($group_id, COLS_ID_NAME_RS, false, array('status' => 'recommended')); $status_users['requested'] = ScoperAdminLib::get_group_members($group_id, COLS_ID_NAME_RS, false, array('status' => 'requested')); foreach ($status_users as $key => $users) { foreach ($users as $user) { $arr_display_names[$key][$user->ID] = $user->display_name; } } global $scoper_user_search; $scoper_user_search->output_html($arr_display_names, 'users'); } else { UserGroups_tp::group_members_checklist($group_id, 'member', $all_users); } ?> </div> <?php if ($can_manage_all_groups || current_user_can('manage_groups', $group->ID)) {
function scoper_limit_subscribe2_autosub($query) { global $wpdb; if ("SELECT DISTINCT user_id FROM {$wpdb->usermeta} WHERE {$wpdb->usermeta}.meta_key='s2_autosub' AND {$wpdb->usermeta}.meta_value='yes'" == $query) { global $scoper, $subscribe2_category_rs; //rs_errlog("subscribe2 cat creation: $subscribe2_category_rs"); $post_roles = $scoper->role_defs->qualify_roles('read', 'rs', 'post'); // WP roles containing the 'activate plugins' capability are always honored regardless of object or term restritions $admin_roles_wp = array(); global $wp_roles; if (isset($wp_roles->roles)) { $admin_cap_name = defined('SCOPER_CONTENT_ADMIN_CAP') ? constant('SCOPER_CONTENT_ADMIN_CAP') : 'activate_plugins'; foreach (array_keys($wp_roles->roles) as $wp_role_name) { if (!empty($wp_roles->roles[$wp_role_name]['capabilities'])) { if (array_intersect_key($wp_roles->roles[$wp_role_name]['capabilities'], array($admin_cap_name => 1))) { $admin_roles_wp = array_merge($admin_roles_wp, array($wp_role_name => 1)); } } } } if ($admin_roles_wp) { $admin_roles_wp = scoper_role_names_to_handles(array_keys($admin_roles_wp), 'wp', true); } //arg: return as array keys $args = array('id' => $subscribe2_category_rs); $restrictions = $scoper->get_restrictions(TERM_SCOPE_RS, 'category', $args); $restricted_roles = array(); if (!empty($restrictions['unrestrictions'])) { if ($restrictions['unrestrictions'] = array_intersect_key($restrictions['unrestrictions'], $post_roles)) { foreach ($restrictions['unrestrictions'] as $role_handle => $entries) { if (!isset($entries[$subscribe2_category_rs]) || 'children' == $entries[$subscribe2_category_rs]) { $restricted_roles[$role_handle] = true; } } } } if (!empty($restrictions['restrictions'])) { if ($restrictions['restrictions'] = array_intersect_key($restrictions['restrictions'], $post_roles)) { foreach ($restrictions['restrictions'] as $role_handle => $entries) { if (isset($entries[$subscribe2_category_rs]) && 'children' != $entries[$subscribe2_category_rs]) { $restricted_roles[$role_handle] = true; } } } } $unrestricted_roles = array_diff_key($post_roles, $restricted_roles); // for our purposes, a role is only restricted if all its contained qualifying roles are also restricted if ($restricted_roles) { foreach (array_keys($restricted_roles) as $role_handle) { if ($contained_roles = $scoper->role_defs->get_contained_roles($role_handle, false, 'rs')) { if ($contained_roles = array_intersect_key($contained_roles, $unrestricted_roles)) { unset($restricted_roles[$role_handle]); } } } $unrestricted_roles = array_diff_key($post_roles, $restricted_roles); } // account for WP blog roles $unrestricted_roles_wp = array(); $restricted_roles_wp = array(); if ($post_roles_wp = $scoper->role_defs->qualify_roles('read', 'wp', 'post')) { foreach (array_keys($post_roles_wp) as $wp_role) { if ($contains_rs_roles = $scoper->role_defs->get_contained_roles($wp_role, false, 'rs')) { if ($contains_rs_roles = array_intersect_key($contains_rs_roles, $unrestricted_roles)) { $unrestricted_roles_wp = array_merge($unrestricted_roles_wp, array($wp_role => true)); } } } $restricted_roles_wp = array_diff_key($post_roles_wp, $unrestricted_roles_wp); } $unrestricted_roles_wp = array_merge($unrestricted_roles_wp, $admin_roles_wp); $role_in_wp = implode("', '", scoper_role_handles_to_names(array_keys($unrestricted_roles_wp))); /* dump($post_roles); dump($restricted_roles); dump($restricted_roles_wp); dump($unrestricted_roles); dump($unrestricted_roles_wp); */ // account for blog roles, where allowed if ($unrestricted_roles) { $wp_role_clause = !empty($role_in_wp) ? "OR ( role_type = 'wp' AND scope = 'blog' AND role_name IN ('{$role_in_wp}') )" : ''; $role_in = implode("', '", scoper_role_handles_to_names(array_keys($unrestricted_roles))); $qry = "SELECT DISTINCT user_id FROM {$wpdb->user2role2object_rs}" . " WHERE user_id > 0 AND (" . " ( role_type = 'rs' AND scope = 'blog' AND role_name IN ('{$role_in}') ) {$wp_role_clause} )"; $users = scoper_get_col($qry); $qry = "SELECT DISTINCT group_id FROM {$wpdb->user2role2object_rs}" . " WHERE group_id > 0 AND (" . " ( role_type = 'rs' AND scope = 'blog' AND role_name IN ('{$role_in}') ) {$wp_role_clause} )"; if ($groups = scoper_get_col($qry)) { foreach ($groups as $group_id) { if ($group_members = ScoperAdminLib::get_group_members($group_id, $cols, true)) { $users = array_merge($users, $group_members); } } $users = array_unique($users); } } else { $users = array(); } // account for category roles $role_in = implode("', '", scoper_role_handles_to_names(array_keys($post_roles))); $qry = "SELECT DISTINCT user_id FROM {$wpdb->user2role2object_rs}" . " WHERE user_id > 0 AND role_type = 'rs' AND scope = 'term' AND role_name IN ('{$role_in}')" . " AND assign_for IN ('entity', 'both')" . " AND src_or_tx_name = 'category' AND obj_or_term_id = '{$subscribe2_category_rs}'"; $catrole_users = scoper_get_col($qry); $users = array_merge($users, $catrole_users); $qry = "SELECT DISTINCT group_id FROM {$wpdb->user2role2object_rs}" . " WHERE group_id > 0 AND role_type = 'rs' AND scope = 'term' AND role_name IN ('{$role_in}')" . " AND assign_for IN ('entity', 'both')" . " AND src_or_tx_name = 'category' AND obj_or_term_id = '{$subscribe2_category_rs}'"; if ($groups = scoper_get_col($qry)) { foreach ($groups as $group_id) { if ($group_members = ScoperAdminLib::get_group_members($group_id, $cols, true)) { $users = array_merge($users, $group_members); } } $users = array_unique($users); } if ($users) { $query .= " AND user_id IN ('" . implode("', '", $users) . "')"; } else { $query .= ' AND 1=2'; } remove_filter('query', 'scoper_limit_subscribe2_autosub', 99); } return $query; }
function group_members_checklist($group_id, $user_class = 'member', $all_users = '') { global $scoper; if (!$all_users) { $all_users = $scoper->users_who_can('', COLS_ID_NAME_RS); } if ($group_id) { $group = ScoperAdminLib::get_group($group_id); } if ('member' == $user_class) { $current_ids = $group_id ? array_flip(ScoperAdminLib::get_group_members($group_id, COL_ID_RS)) : array(); if (!empty($group) && in_array($group->meta_id, array('rv_pending_rev_notice_ed_nr_', 'rv_scheduled_rev_notice_ed_nr_'))) { $args = array('any_object' => true); $eligible_ids = array(); foreach (get_post_types(array('public' => true), 'object') as $_type => $_type_obj) { $args['object_type'] = $_type; $type_eligible_ids = $scoper->users_who_can(array($_type_obj->cap->edit_published_posts, $_type_obj->cap->edit_others_posts), COL_ID_RS, 'post', 0, $args); $eligible_ids = array_merge($eligible_ids, $type_eligible_ids); } $eligible_ids = array_unique($eligible_ids); } else { // force_all_users arg is a temporary measure to ensure that any user can be viewed / added to a sitewide MU group regardless of what blog backend it's edited through $_args = IS_MU_RS && scoper_get_option('mu_sitewide_groups', true) ? array('force_all_users' => true) : array(); $eligible_ids = $scoper->users_who_can('', COL_ID_RS, '', '', $_args); } $admin_ids = array(); } else { $group_role_defs = 'moderator' == $user_class ? array('rs_group_moderator') : array('rs_group_manager'); if ($group_id) { require_once dirname(__FILE__) . '/role_assignment_lib_rs.php'; $current_roles = ScoperRoleAssignments::organize_assigned_roles(OBJECT_SCOPE_RS, 'group', $group_id, $group_role_defs, ROLE_BASIS_USER); $current_roles = agp_array_flatten($current_roles, false); $current_ids = isset($current_roles['assigned']) ? $current_roles['assigned'] : array(); } else { $current_ids = array(); } $cap_name = defined('SCOPER_USER_ADMIN_CAP') ? constant('SCOPER_USER_ADMIN_CAP') : 'edit_users'; $admin_ids = $scoper->users_who_can($cap_name, COL_ID_RS); // optionally, limit available group managers according to role_admin_blogwide_editor_only option if ('manager' == $user_class) { $require_blogwide_editor = false; if (!empty($group)) { if (!strpos($group->meta_id, '_nr_')) { // don't limit manager selection for groups that don't have role assignments $require_blogwide_editor = scoper_get_option('role_admin_blogwide_editor_only'); } } if ('admin' == $require_blogwide_editor) { $eligible_ids = $admin_ids; } elseif ('admin_content' == $require_blogwide_editor) { $cap_name = defined('SCOPER_CONTENT_ADMIN_CAP') ? constant('SCOPER_CONTENT_ADMIN_CAP') : 'activate_plugins'; $eligible_ids = array_unique(array_merge($admin_ids, $scoper->users_who_can($cap_name, COL_ID_RS))); } elseif ($require_blogwide_editor) { $post_editors = $scoper->users_who_can('edit_others_posts', COL_ID_RS); $page_editors = $scoper->users_who_can('edit_others_pages', COL_ID_RS); $eligible_ids = array_unique(array_merge($post_editors, $page_editors, $admin_ids)); } else { $eligible_ids = ''; } } else { $eligible_ids = ''; } } // endif user class is not "member" $css_id = $user_class; $args = array('eligible_ids' => $eligible_ids, 'via_other_scope_ids' => $admin_ids, 'suppress_extra_prefix' => true); require_once dirname(__FILE__) . '/agents_checklist_rs.php'; ScoperAgentsChecklist::agents_checklist(ROLE_BASIS_USER, $all_users, $css_id, $current_ids, $args); }
/** * function UsersInterceptor_RS::users_who_can * * Get all users with required capabilities, applying scoped roles where pertinent. * * reqd_caps: array of capability names, or string value containing single capability name * cols: enumeration COLS_ALL_RS, COL_ID_RS, COLS_ID_NAME_RS or COLS_ID_DISPLAYNAME_RS. Determines return array dimensions. * object_src_name: object data source name as defined in $scoper->data_sources ( 'post' for posts OR pages ) * object_id: array(reqd_cap => object_id), or string value containing single object_id * * Any WP-defined or RS-defined cap may be included to filter users on blog-wide capabilities. * * In addition, object-specific calls filter users for RS-defined caps based on * Taxonomy/Object role assignment and role scoping requirements. * Any reqd_caps lacking a Role Scoper definition are still tested for blog-wide users roles. * * returns query results: 1D array of user_ids for $cols = COL_ID_RS, otherwise 2D array with all user columns */ function users_who_can($reqd_caps, $cols = COLS_ALL_RS, $object_src_name = '', $object_id = 0, $args = array()) { global $wpdb; $defaults = array('where' => '', 'orderby' => '', 'disable_memcache' => false, 'group_ids' => '', 'force_refresh' => false, 'force_all_users' => false); $args = array_merge($defaults, (array) $args); extract($args); if (!$orderby) { if (COLS_ALL_RS == $cols || COLS_ID_DISPLAYNAME_RS == $cols) { $orderby = " ORDER BY display_name"; } elseif (COLS_ID_NAME_RS == $cols) { $orderby = " ORDER BY user_login AS display_name"; } // calling code assumes display_name property for user or group object } if ('id' == $cols) { $cols = COL_ID_RS; } if (COL_ID_RS == $cols) { if ($force_all_users) { $qry = "SELECT ID FROM {$wpdb->users}"; } else { $qry = "SELECT DISTINCT uro.user_id AS ID FROM {$wpdb->user2role2object_rs} AS uro"; } } else { if (COLS_ID_DISPLAYNAME_RS == $cols) { $qcols = "{$wpdb->users}.ID, {$wpdb->users}.display_name"; } elseif (COLS_ID_NAME_RS == $cols) { $qcols = "{$wpdb->users}.ID, {$wpdb->users}.user_login AS display_name"; } elseif (COLS_ALL_RS == $cols) { $qcols = "{$wpdb->users}.*"; } else { $qcols = $cols; } $qry = "SELECT DISTINCT {$qcols} FROM {$wpdb->users}"; $where = ''; } if ($reqd_caps || !$force_all_users) { if (COL_ID_RS != $cols) { $qry .= " INNER JOIN {$wpdb->user2role2object_rs} AS uro ON uro.user_id = {$wpdb->users}.ID"; } if (!is_array($args)) { $args = array(); } if (isset($args['ignore_user_roles'])) { unset($args['ignore_user_roles']); } $do_groups = empty($args['ignore_group_roles']); $args['ignore_group_roles'] = 1; $args['enforce_duration_limits'] = scoper_get_option('role_duration_limits'); $args['enforce_content_date_limits'] = scoper_get_option('role_content_date_limits'); //log_mem_usage_rs( 'before flt_users_where' ); $where = $this->flt_users_where($where, $reqd_caps, $object_src_name, $object_id, $args); //log_mem_usage_rs( 'flt_users_where' ); } $id_clause = $force_all_users ? '' : 'AND uro.user_id > 0'; $qry = "{$qry} WHERE 1=1 {$id_clause} {$where} {$orderby}"; $qry_key = $qry . serialize($args); // if we've already run this query before, return the result if (empty($disable_memcache) && isset($this->user_cache[$qry_key])) { return $this->user_cache[$qry_key]; } if (COL_ID_RS == $cols) { $users = scoper_get_col($qry); } else { $users = scoper_get_results($qry); } //log_mem_usage_rs( 'users query' ); if (!empty($do_groups)) { if (!empty($args['preserve_or_clause']) && strpos($args['preserve_or_clause'], 'uro.')) { unset($args['preserve_or_clause']); } if (!empty($args['orderby'])) { unset($args['orderby']); } if (empty($group_ids)) { $group_ids = $this->groups_who_can($reqd_caps, COL_ID_RS, $object_src_name, $object_id, $args); } if (!empty($group_ids)) { if (!defined('DISABLE_PERSISTENT_CACHE')) { // if persistent cache is enabled, use cached members list for each group instead of querying for all groups foreach ($group_ids as $group_id) { if ($group_members = ScoperAdminLib::get_group_members($group_id, $cols, true)) { $users = array_merge($users, $group_members); } } } else { // avoid separate query for each group if persistent cache is not enabled if ($group_members = ScoperAdminLib::get_group_members($group_ids, $cols, true)) { $users = array_merge($users, $group_members); } } } if (COL_ID_RS == $cols) { $users = array_unique($users); } else { $users = agp_array_unique_md($users); } } $this->user_cache[$qry_key] = $users; //log_mem_usage_rs( 'end UsersInt::users_who_can' ); return $users; }
function display_ui_group_roles($group_id) { $users = ScoperAdminLib::get_group_members($group_id, COL_ID_RS); $args = array('disable_user_roles' => true, 'filter_usergroups' => array($group_id => true), 'disable_wp_roles' => true); $user_id = $users ? $users[0] : 0; $user = new WP_Scoped_User($user_id, '', $args); if (!$users) { $user->groups = array($group_id => true); } if ($group = ScoperAdminLib::get_group($group_id)) { if (!strpos($group->meta_id, '_nr_')) { global $wpdb; echo '<div class="rs-group-profile">'; if (IS_MU_RS && scoper_get_option('mu_sitewide_groups')) { global $blog_id; $blog_ids = scoper_get_col("SELECT blog_id FROM {$wpdb->blogs} ORDER BY blog_id"); $orig_blog_id = $blog_id; } else { $blog_ids = array('1'); } foreach ($blog_ids as $id) { if (count($blog_ids) > 1) { switch_to_blog($id); } if (!$wpdb->get_results("SHOW TABLES LIKE '{$wpdb->user2role2object_rs}'")) { continue; } ScoperProfileUI::display_ui_user_roles($user, true); //arg: groups only } echo '</div>'; if (count($blog_ids) > 1) { switch_to_blog($orig_blog_id); } } } }
function draw_object_roles_content($src_name, $object_type, $role_handle, $object_id = '', $skip_user_validation = false, $object = false) { //log_mem_usage_rs( 'start ItemRolesUI::draw_object_roles_content()' ); if (!$object_id) { $object_id = scoper_get_object_id($src_name, $object_type); } if (!empty($object) && 'auto-draft' == $object->post_status) { $object_id = 0; } if ($src_name != $this->loaded_src_name || $object_type != $this->loaded_object_type || $object_id != $this->loaded_object_id) { $this->load_roles($src_name, $object_type, $object_id); } if (!($otype_def = $this->scoper->data_sources->member_property($src_name, 'object_types', $object_type))) { return; } if (!$skip_user_validation && !$this->scoper_admin->user_can_admin_role($role_handle, $object_id, $src_name, $object_type)) { return; } // since we may be dumping a lot of hidden user <li> into the page, enumerate role names to shorten html $role_code = 'r' . array_search($role_handle, $this->role_handles); $role_def = $this->scoper->role_defs->get($role_handle); if (!isset($role_def->valid_scopes[OBJECT_SCOPE_RS])) { return; } if (empty($this->drew_objroles_marker)) { echo "<input type='hidden' name='rs_object_roles' value='true' />"; $this->drew_objroles_marker = true; } // ========== OBJECT RESTRICTION CHECKBOX(ES) ============ // checkbox to control object role scoping (dictates whether taxonomy and blog role assignments also be honored for operations on this object ) $checked = empty($this->object_strict_roles[$role_handle]) ? '' : 'checked="checked"'; $val = $checked ? '1' : '0'; echo "<input type='hidden' name='last_objscope_{$role_code}' value='{$val}' id='last_objscope_{$role_code}' />"; echo "\r\n<p style='margin-bottom:0.8em;'>" . "<span class='alignright'><a href='#wphead'>" . __('top', 'scoper') . '</a></span>' . "<label for='objscope_{$role_code}'>" . "<input type='checkbox' class='rs-check' name='objscope_{$role_code}' value='1' id='objscope_{$role_code}' {$checked} /> " . sprintf(__('Restrict for %1$s (<strong>only</strong> selected users/groups are %2$s)', 'scoper'), $otype_def->labels->singular_name, $this->scoper->role_defs->get_abbrev($role_handle, OBJECT_UI_RS)) . '</label></p>'; if ($this->do_propagation_cboxes) { $checked = empty($this->child_strict_roles[$role_handle]) ? '' : 'checked="checked"'; $val = $checked ? '1' : '0'; echo "<input type='hidden' name='last_objscope_children_{$role_code}' value='{$val}' id='last_objscope_children_{$role_code}' />"; echo "<p style='margin-top: 0.5em;'>" . "<label for='objscope_children_{$role_code}'>" . "<input type='checkbox' class='rs-check' name='objscope_children_{$role_code}' value='1' id='objscope_children_{$role_code}' {$checked} /> " . sprintf(__('Restrict for Sub-%1$s', 'scoper'), $otype_def->labels->name) . '</label></p>'; } // ========== OBJECT ROLE ASSIGNMENT CHECKBOX(ES) ============ // toggle groups / users view if both are enabled //echo "<p style='margin: 1em 0 0.2em 0;'><strong>" . sprintf(__('Assign %s Role:', 'scoper'), $display_name ) . '</strong></p>'; //echo '<br />'; $toggle_agents = USER_ROLES_RS && GROUP_ROLES_RS && !empty($this->all_groups); if ($toggle_agents) { if (!empty($this->current_roles[ROLE_BASIS_USER][$role_handle])) { $default_role_basis = ROLE_BASIS_USER; } else { $default_role_basis = ROLE_BASIS_GROUPS; } $class_selected = 'agp-selected_agent_colorized agp-selected_agent agp-agent'; $class_unselected = 'agp-unselected_agent_colorized agp-unselected_agent agp-agent'; $class = ROLE_BASIS_GROUPS == $default_role_basis ? "class='{$class_selected}'" : "class='{$class_unselected}'"; $js_call = "agp_swap_display('{$role_code}_groups', '{$role_code}_user', '{$role_code}_show_group_roles', '{$role_code}_show_user_roles', '{$class_selected}', '{$class_unselected}')"; $bottom_margin = !empty($GLOBALS['is_IE']) ? '-0.7em' : 0; echo "\r\n" . "<div class='agp_js_show' style='display:none;margin:0 0 {$bottom_margin} 0'>" . "<ul class='rs-list_horiz' style='margin-bottom:-0.1em'><li {$class}>" . "<a href='javascript:void(0)' id='{$role_code}_show_group_roles' onclick=\"{$js_call}\">" . __('Groups', 'scoper') . '</a></li>'; $class = ROLE_BASIS_USER == $default_role_basis ? "class='{$class_selected}'" : "class='{$class_unselected}'"; $js_call = "agp_swap_display('{$role_code}_user', '{$role_code}_groups', '{$role_code}_show_user_roles', '{$role_code}_show_group_roles', '{$class_selected}', '{$class_unselected}')"; echo "\r\n" . "<li {$class}><a href='javascript:void(0)' id='{$role_code}_show_user_roles' onclick=\"{$js_call}\">" . __awp('Users') . '</a></li>' . '</ul></div>'; } $class = "class='rs-agents'"; //need effective line break here if not IE echo "<div style='clear:both;margin:0 0 0.3em 0' {$class}>"; $role_ops = $this->scoper->cap_defs->get_cap_ops($this->scoper->role_defs->role_caps[$role_handle]); $agents_reqd_op = isset($role_ops[OP_EDIT_RS]) ? OP_EDIT_RS : OP_READ_RS; $containing_roles = $this->scoper->role_defs->get_containing_roles($role_handle); require_once dirname(__FILE__) . '/agents_checklist_rs.php'; $args = array('suppress_extra_prefix' => true, 'default_hide_threshold' => 20, 'propagation' => $this->do_propagation_cboxes, 'otype_label_singular' => $otype_def->labels->singular_name, 'otype_label' => $otype_def->labels->name, 'object_type' => $object_type, 'object_id' => $object_id); $args['via_other_role_ids'] = array(); // must set this here b/c subsequent for loop is set up for users iteration to recall via_other_role_ids from groups iteration foreach ($this->agent_captions as $role_basis => $agent_caption) { if (!is_array($this->blog_term_roles[$role_basis][$role_handle])) { $this->blog_term_roles[$role_basis][$role_handle] = array(); } // for the purpose of indicating implicit role ownership, we will consider any assignment of a containing role as equivalent foreach (array_keys($containing_roles) as $containing_role_handle) { if (isset($this->blog_term_roles[$role_basis][$containing_role_handle]) && is_array($this->blog_term_roles[$role_basis][$containing_role_handle])) { $this->blog_term_roles[$role_basis][$role_handle] = array_merge($this->blog_term_roles[$role_basis][$role_handle], $this->blog_term_roles[$role_basis][$containing_role_handle]); } } $this->blog_term_roles[$role_basis][$role_handle] = array_unique($this->blog_term_roles[$role_basis][$role_handle]); $hide_class = $toggle_agents && $role_basis != $default_role_basis ? ' class="agp_js_hide"' : ''; echo "\r\n<div id='{$role_code}_{$role_basis}' {$hide_class}>"; // also abbreviate "groups" to 'g', 'user' to 'u' $id_prefix = $role_code . substr($role_basis, 0, 1); if ($this->indicate_blended_roles && $object_id && GROUP_ROLES_RS && ROLE_BASIS_USER == $role_basis) { $args['via_other_basis_ids'] = array(); // note users who are in a group that has this role object-assigned if (!empty($this->current_roles[ROLE_BASIS_GROUPS][$role_handle]['assigned'])) { foreach (array_keys($this->current_roles[ROLE_BASIS_GROUPS][$role_handle]['assigned']) as $group_id) { if (!isset($this->group_members[$group_id])) { $this->group_members[$group_id] = ScoperAdminLib::get_group_members($group_id, COL_ID_RS, true); } //arg: maybe WP role metagroup $args['via_other_basis_ids'] = array_merge($args['via_other_basis_ids'], $this->group_members[$group_id]); } } // note users who are in a group that has this role term-assigned or blog-assigned (and not restricted) foreach ($this->blog_term_roles[ROLE_BASIS_GROUPS][$role_handle] as $group_id) { if (!isset($this->group_members[$group_id])) { $this->group_members[$group_id] = ScoperAdminLib::get_group_members($group_id, COL_ID_RS, true); } //arg: maybe WP role metagroup $args['via_other_basis_ids'] = array_merge($args['via_other_basis_ids'], $this->group_members[$group_id]); } // note users who are in a group that has a containing role object-assigned // (note: via_other_role_ids element was set in previous iteration since ROLE_BASIS_GROUPS is first element in agents_caption array foreach ($args['via_other_role_ids'] as $group_id) { if (!isset($this->group_members[$group_id])) { $this->group_members[$group_id] = ScoperAdminLib::get_group_members($group_id, COL_ID_RS, true); } //arg: maybe WP role metagroup $args['via_other_basis_ids'] = array_merge($args['via_other_basis_ids'], $this->group_members[$group_id]); } $args['via_other_basis_ids'] = array_unique($args['via_other_basis_ids']); } if ($this->indicate_blended_roles) { $args['via_other_scope_ids'] = $this->blog_term_roles[$role_basis][$role_handle]; } $args['via_other_role_ids'] = array(); if ($this->indicate_blended_roles && $containing_roles) { foreach (array_keys($containing_roles) as $containing_role_handle) { if (isset($this->current_roles[$role_basis][$containing_role_handle]['assigned'])) { $args['via_other_role_ids'] = array_merge($args['via_other_role_ids'], array_keys($this->current_roles[$role_basis][$containing_role_handle]['assigned'])); } } $args['via_other_role_ids'] = array_unique($args['via_other_role_ids']); } if ($object_id && $this->do_propagation_cboxes) { $args['for_entity_ids'] = isset($this->current_roles[$role_basis][$role_handle]['entity']) ? array_keys($this->current_roles[$role_basis][$role_handle]['entity']) : array(); $args['for_children_ids'] = isset($this->current_roles[$role_basis][$role_handle]['children']) ? array_keys($this->current_roles[$role_basis][$role_handle]['children']) : ''; } $args['eligible_ids'] = isset($this->eligible_agent_ids[$role_basis][$agents_reqd_op]) ? $this->eligible_agent_ids[$role_basis][$agents_reqd_op] : ''; if ('post' == $src_name && 'auto-draft' == $object->post_status) { $args['suppress_last_agents'] = true; } if (!empty($this->current_roles[$role_basis][$role_handle]['assigned'])) { ScoperAgentsChecklist::agents_checklist($role_basis, $this->all_agents[$role_basis], $id_prefix, $this->current_roles[$role_basis][$role_handle]['assigned'], $args); } else { ScoperAgentsChecklist::agents_checklist($role_basis, $this->all_agents[$role_basis], $id_prefix, '', $args); } echo "\r\n</div>"; } // end foreach role basis caption (user or group) echo '</div>'; // class rs-agents //log_mem_usage_rs( 'end ItemRolesUI::draw_object_roles_content()' ); }
$results = $wpdb->get_results("SELECT ID, user_login FROM {$wpdb->users} ORDER BY user_login"); } else { if (awp_ver('3.1-beta')) { $search = new WP_User_Query('search=*' . $_GET['rs_user_search'] . '*'); } else { $search = new WP_User_Search($_GET['rs_user_search']); } if ($search) { global $wpdb; $results = $wpdb->get_results("SELECT ID, user_login {$search->query_from} {$search->query_where} ORDER BY user_login"); } } if ($results) { // determine all current users (of any status) for group in question if (!empty($_GET['rs_agent_id'])) { $users = ScoperAdminLib::get_group_members($_GET['rs_agent_id'], COL_ID_RS, false, array('status' => 'any')); } else { $users = array(); } foreach ($results as $row) { if (!in_array($row->ID, $users)) { echo "<option value='{$row->ID}'>{$row->user_login}</option>"; } } } } elseif (isset($_GET['rs_group_search'])) { if (!empty($_GET['rs_group_search'])) { $searches = array(); $where = 'AND ('; foreach (array('group_name', 'group_description') as $col) { $searches[] = $col . " LIKE '%{$_GET['rs_group_search']}%'";