$html = '';
switch ($_GET['pp_ajax_item_ui']) {
case 'get_agent_exception_ui':
if (!is_user_logged_in()) {
echo '<option>' . __('(login timed out)', 'pp') . '</option>';
exit;
}
if (!($arr_sfx = explode(':', pp_sanitize_csv($_GET['id_sfx'])))) {
return '';
}
$op = $arr_sfx[0];
$for_item_type = $arr_sfx[1];
$agent_type = $arr_sfx[2];
$item_id = $_GET['item_id'];
$for_item_source = taxonomy_exists($for_item_type) ? 'term' : 'post';
$agent_ids = explode(',', pp_sanitize_csv($_GET['agent_ids']));
echo "<!--ppSfx-->{$op}|{$for_item_type}|{$agent_type}<--ppSfx-->" . "<!--ppResponse-->";
require_once dirname(__FILE__) . '/item-exceptions-data_pp.php';
$exc_data = new PP_ItemExceptionsData();
$args = array('post_types' => (array) $for_item_type, 'agent_type' => $agent_type, 'operations' => $op, 'agent_id' => $agent_ids);
$exc_data->load_exceptions(pp_sanitize_key($_GET['via_item_source']), $for_item_source, pp_sanitize_key($_GET['via_item_type']), $item_id, $args);
require_once dirname(__FILE__) . '/item-exceptions-render-ui_pp.php';
$exc_render = new PP_ItemExceptionsRenderUI();
$echo = false;
$reqd_caps = false;
$hierarchical = 'term' == $_GET['via_item_source'] ? is_taxonomy_hierarchical($_GET['via_item_type']) : is_post_type_hierarchical($_GET['via_item_type']);
$hierarchical = apply_filters('pp_do_assign_for_children_ui', $hierarchical, $_GET['via_item_type'], $args);
$default_select = true;
$exc_render->set_options($agent_type);
foreach ($agent_ids as $agent_id) {
if (!$agent_id) {
}
}
}
echo '<!--ppResponse-->' . implode('|', $input_vals) . '<--ppResponse-->';
break;
case 'exceptions_propagate':
case 'exceptions_unpropagate':
case 'exceptions_children_only':
if (empty($_GET['pp_eitem_ids'])) {
exit;
}
if (!current_user_can('pp_assign_roles')) {
exit;
}
$edited_input_ids = array();
$input_vals = explode('|', pp_sanitize_csv($_GET['pp_eitem_ids']));
foreach ($input_vals as $id_csv) {
$eitem_ids = _pp_editable_eitem_ids(explode(',', $id_csv));
if ($agent_type && $agent_id) {
$agent_clause = "e.agent_type = '{$agent_type}' AND e.agent_id = '{$agent_id}' AND";
} else {
$agent_clause = '';
}
if ($row = $wpdb->get_row("SELECT * FROM {$wpdb->ppc_exception_items} AS i INNER JOIN {$wpdb->ppc_exceptions} AS e ON i.exception_id = e.exception_id WHERE {$agent_clause} eitem_id IN ('" . implode("','", $eitem_ids) . "') LIMIT 1")) {
$args = (array) $row;
if ('exceptions_propagate' == $action) {
$agents = array('children' => array($agent_id => true));
ppc_assign_exceptions($agents, $agent_type, $args);
} elseif ('exceptions_unpropagate' == $action) {
$agents = array('item' => array($agent_id => true));
ppc_assign_exceptions($agents, $agent_type, $args);
/**
* Edit group settings based on contents of $_POST
*
* @param int $group_id Optional. Group ID.
* @return int group id of the updated group
*/
function _pp_edit_group($group_id = 0, $agent_type = 'pp_group', $members_only = false)
{
global $wpdb;
if ($group_id) {
$update = true;
$group = pp_get_group($group_id, $agent_type);
} else {
$update = false;
$group = (object) array();
}
if (!$members_only) {
if (isset($_REQUEST['group_name'])) {
$group->group_name = sanitize_text_field($_REQUEST['group_name']);
}
if (isset($_REQUEST['description'])) {
$group->group_description = sanitize_text_field($_REQUEST['description']);
}
$errors = new WP_Error();
/* checking that username has been typed */
if (!$group->group_name) {
$errors->add('group_name', __('<strong>ERROR</strong>: Please enter a group name.', 'pp'));
} elseif (!$update && !PP_GroupsUpdate::group_name_available($group->group_name, $agent_type)) {
$errors->add('user_login', __('<strong>ERROR</strong>: This group name is already registered. Please choose another one.', 'pp'));
}
// Allow plugins to return their own errors.
do_action_ref_array('pp_group_profile_update_errors', array(&$errors, $update, &$group));
if ($errors->get_error_codes()) {
return $errors;
}
if ($update) {
PP_GroupsUpdate::update_group($group_id, $group, $agent_type);
} else {
$group_id = PP_GroupsUpdate::create_group($group, $agent_type);
}
}
if ($group_id) {
$member_types = array();
if (pp_has_group_cap('pp_manage_members', $group_id, $agent_type)) {
$member_types[] = 'member';
}
foreach ($member_types as $member_type) {
if (isset($_REQUEST["{$member_type}_csv"]) && $_REQUEST["{$member_type}_csv"] != -1) {
// handle member changes
$current = pp_get_group_members($group_id, $agent_type, 'id', compact('member_type'));
$selected = isset($_REQUEST["{$member_type}_csv"]) ? explode(",", pp_sanitize_csv($_REQUEST["{$member_type}_csv"])) : array();
if ('member' != $member_type || !apply_filters('pp_custom_agent_update', false, $agent_type, $group_id, $selected)) {
if ($add_users = array_diff($selected, $current)) {
pp_add_group_user($group_id, $add_users, compact('agent_type', 'member_type'));
}
if ($remove_users = array_diff($current, $selected)) {
pp_remove_group_user($group_id, $remove_users, compact('agent_type', 'member_type'));
}
}
}
}
// end foreach member_types
do_action('pp_edited_group', $agent_type, $group_id, $update);
}
return $group_id;
}
<?php
if (empty($_GET['pp_for_type'])) {
exit;
}
if (!pp_bulk_roles_enabled()) {
exit;
}
$agent_type = pp_sanitize_key($_GET['pp_agent_type']);
$agent_id = (int) $_GET['pp_agent_id'];
$for_type = pp_sanitize_csv($_GET['pp_for_type']);
$operation = isset($_GET['pp_operation']) ? pp_sanitize_key($_GET['pp_operation']) : '';
$via_type = isset($_GET['pp_via_type']) ? pp_sanitize_key($_GET['pp_via_type']) : '';
$mod_type = isset($_GET['pp_mod_type']) ? pp_sanitize_key($_GET['pp_mod_type']) : '';
$item_id = isset($_GET['pp_item_id']) ? (int) $_GET['pp_item_id'] : 0;
if ('(all)' == $for_type) {
$for_src_name = 'post';
$via_src_name = 'term';
$for_type = '';
} else {
//$for_src_name = ( ! $for_type || post_type_exists( $for_type ) ) ? 'post' : 'term';
if (!$for_type || post_type_exists($for_type)) {
$for_src_name = 'post';
} elseif (taxonomy_exists($for_type)) {
$for_src_name = 'term';
} else {
$for_src_name = $for_type;
}
//$via_src_name = post_type_exists( $via_type ) ? 'post' : 'term';
if (post_type_exists($via_type)) {
$via_src_name = 'post';
<?php
if (!defined('ABSPATH')) {
exit;
}
// Exit if accessed directly
if (empty($_GET['pp_src_name']) || empty($_GET['pp_object_type'])) {
exit;
}
if (!pp_bulk_roles_enabled()) {
exit;
}
$for_item_source = pp_sanitize_key($_GET['pp_src_name']);
$for_item_type = pp_sanitize_key($_GET['pp_object_type']);
$role_name = isset($_GET['pp_role_name']) ? pp_sanitize_csv($_GET['pp_role_name']) : '';
if ($force_vars = apply_filters('pp_ajax_role_ui_vars', array(), compact('for_item_source', 'for_item_type', 'role_name'))) {
extract($force_vars);
}
$html = '';
switch ($_GET['pp_ajax_ui']) {
case 'get_role_options':
if (!is_user_logged_in()) {
echo '<option>' . __('(login timed out)', 'pp') . '</option>';
exit;
}
global $pp_admin, $wp_roles, $pp_role_defs;
//$is_tx_management = ( 'term' == $for_item_source );
if ($roles = _pp_get_type_roles($for_item_source, $for_item_type)) {
foreach ($roles as $_role_name => $role_title) {
if (pp_user_can_admin_role($_role_name, $for_item_type)) {
$selected = $_role_name == $role_name ? "selected='selected'" : '';
public static function insert_exceptions($mod_type, $operation, $via_item_source, $via_item_type, $for_item_source, $for_item_type, $item_id, $agent_type, $agents, $args)
{
$defaults = array('assign_for' => 'item', 'remove_assignments' => false, 'for_item_status' => '', 'mod_type' => '', 'inherited_from' => array(), 'is_auto_insertion' => false);
// auto_insertion arg set for propagation from parent objects
$args = array_merge($defaults, (array) $args);
extract($args, EXTR_SKIP);
if (!$agents) {
return;
}
global $wpdb, $current_user;
$updated_items = array();
// for use with do_action hook
$updated_items[] = $item_id;
$assigner_id = $current_user->ID;
$operation = pp_sanitize_key($operation);
$via_item_source = pp_sanitize_key($via_item_source);
$for_item_source = pp_sanitize_key($for_item_source);
$for_item_type = pp_sanitize_key($for_item_type);
$item_id = (int) $item_id;
$agent_type = pp_sanitize_key($agent_type);
$mod_type = pp_sanitize_key($mod_type);
$via_item_type = pp_sanitize_key($via_item_type);
$for_item_status = pp_sanitize_csv($for_item_status);
$assign_for = pp_sanitize_key($assign_for);
if ('children' == $assign_for) {
if ('term' == $via_item_source) {
$descendant_ids = array();
if ($_term = $wpdb->get_row("SELECT term_id, taxonomy FROM {$wpdb->term_taxonomy} WHERE term_taxonomy_id = '{$item_id}' LIMIT 1")) {
if ($_term_ids = pp_get_descendant_ids('term', $_term->term_id)) {
$descendant_ids = pp_termid_to_ttid($_term_ids, $_term->taxonomy);
}
}
} else {
$descendant_ids = pp_get_descendant_ids($via_item_source, $item_id, array('include_attachments' => false));
// don't propagate page exceptions to attachments
}
if ($descendant_ids) {
// TODO: reinstate this?
/*
global $pp_admin;
if ( ! $is_auto_insertion ) {
// don't allow a page parent change to modify role assignments for a descendant object which the current user can't administer
$remove_ids = array();
foreach ( $descendant_ids as $id ) {
if ( 'term' == $scope ) {
if ( ! $pp_admin->user_can_admin_terms($item_source, $id) ) // TODO: add $args with 'taxonomy'
$remove_ids []= $id;
} else {
if ( ! $pp_admin->user_can_admin_object( $item_source, $id ) )
$remove_ids []= $id;
}
}
$descendant_ids = array_diff( $descendant_ids, $remove_ids );
}
*/
$descendant_id_csv = implode("','", $descendant_ids);
}
}
// Before inserting an exception, delete any overlooked old exceptions for the same src/type/status.
$match_cols = compact('mod_type', 'for_item_source', 'for_item_status', 'operation', 'agent_type', 'via_item_source', 'via_item_type');
$_clauses = array();
foreach ($match_cols as $col => $val) {
$_clauses[] = "{$col} = '{$val}'";
}
$qry_exc_select_base = "SELECT * FROM {$wpdb->ppc_exceptions} WHERE " . implode(' AND ', $_clauses);
$qry_exc_select_type_base = "SELECT for_item_type, exception_id FROM {$wpdb->ppc_exceptions} WHERE " . implode(' AND ', $_clauses);
$insert_exc_data = $match_cols;
$insert_exc_data['assigner_id'] = $assigner_id;
$qry_item_select_base = "SELECT eitem_id FROM {$wpdb->ppc_exception_items} WHERE assign_for = '{$assign_for}' AND item_id = '{$item_id}'";
$qry_item_delete_base = "SELECT eitem_id FROM {$wpdb->ppc_exception_items} WHERE 1=1";
foreach (array_keys($agents) as $agent_id) {
$agent_id = (int) $agent_id;
// first, retrieve or create the pp_exceptions record for this user/group and src,type,status
if (!($exc = $wpdb->get_row("{$qry_exc_select_base} AND for_item_type = '{$for_item_type}' AND agent_id = '{$agent_id}'"))) {
$insert_exc_data['agent_id'] = $agent_id;
$insert_exc_data['for_item_type'] = $for_item_type;
$wpdb->insert($wpdb->ppc_exceptions, $insert_exc_data);
$exception_id = $wpdb->insert_id;
} else {
$exception_id = $exc->exception_id;
}
$this_inherited_from = isset($inherited_from[$agent_id]) ? $inherited_from[$agent_id] : 0;
// delete any existing items for this exception_id
if ($eitem_ids = $wpdb->get_col($qry_item_select_base . " AND exception_id = '{$exception_id}'")) {
self::remove_exception_items_by_id($eitem_ids);
}
// insert exception items
$item_data = compact('item_id', 'assign_for', 'exception_id', 'assigner_id');
$item_data['inherited_from'] = $this_inherited_from;
$wpdb->insert($wpdb->ppc_exception_items, $item_data);
do_action('pp_inserted_exception_item', array_merge((array) $exc, $item_data));
$assignment_id = $wpdb->insert_id;
// insert exception for all descendant items
if ('children' == $assign_for && $descendant_ids) {
if (!$this_inherited_from) {
$this_inherited_from = (int) $assignment_id;
//$role_arr['inherited_from'] = $this_inherited_from;
}
$exceptions_by_type = array();
$_results = $wpdb->get_results("{$qry_exc_select_type_base} AND for_item_type = '{$for_item_type}' AND agent_id = '{$agent_id}'");
foreach ($_results as $row) {
$exceptions_by_type[$row->for_item_type] = $row->exception_id;
}
if ('term' == $via_item_source && taxonomy_exists($for_item_type)) {
// need to allow for descendants of a different post type than parent
$descendant_types = $wpdb->get_results("SELECT term_taxonomy_id, taxonomy AS for_item_type FROM {$wpdb->term_taxonomy} WHERE term_taxonomy_id IN ('" . implode("','", $descendant_ids) . "')", OBJECT_K);
} elseif ('post' == $via_item_source) {
$descendant_types = $wpdb->get_results("SELECT ID, post_type AS for_item_type FROM {$wpdb->posts} WHERE ID IN ('" . implode("','", $descendant_ids) . "')", OBJECT_K);
} else {
$descendant_types = array();
}
foreach ($descendant_ids as $id) {
if ($for_item_type) {
// allow for descendants with post type different from parent
if (!isset($descendant_types[$id])) {
$child_for_item_type = $for_item_type;
// if child type could not be determined, assume parent type
} elseif ('revision' == $descendant_types[$id]->for_item_type) {
continue;
} else {
$child_for_item_type = $descendant_types[$id]->for_item_type;
}
} else {
$child_for_item_type = '';
}
if (!isset($exceptions_by_type[$child_for_item_type])) {
$insert_exc_data['agent_id'] = $agent_id;
$insert_exc_data['for_item_type'] = $child_for_item_type;
$wpdb->insert($wpdb->ppc_exceptions, $insert_exc_data);
$exceptions_by_type[$child_for_item_type] = $wpdb->insert_id;
}
$child_exception_id = $exceptions_by_type[$child_for_item_type];
// Don't overwrite an explicitly assigned exception with a propagated exception
if (!defined('PP_FORCE_EXCEPTION_OVERWRITE') || !PP_FORCE_EXCEPTION_OVERWRITE) {
$have_direct_assignments = $wpdb->get_col("SELECT item_id FROM {$wpdb->ppc_exception_items} WHERE exception_id = '{$child_exception_id}' AND inherited_from = '0' AND item_id IN ('{$descendant_id_csv}')");
if (in_array($id, $have_direct_assignments)) {
continue;
}
}
if ($eitem_ids = $wpdb->get_col($qry_item_delete_base . " AND exception_id = '{$child_exception_id}' AND item_id = '{$id}'")) {
self::remove_exception_items_by_id($eitem_ids);
}
// note: Propagated roles will be converted to direct-assigned roles if the parent object/term is deleted.
//$role_arr['item_id'] = $id;
$item_data = array('item_id' => $id, 'assign_for' => 'item', 'exception_id' => $child_exception_id, 'inherited_from' => $this_inherited_from, 'assigner_id' => $assigner_id);
$wpdb->insert($wpdb->ppc_exception_items, $item_data);
do_action('pp_inserted_exception_item', array_merge((array) $exc, $item_data));
//if ( $role_hooks ) {
// $assignment_id = $wpdb->insert_id;
// $role_arr['assign_for'] = 'item';
//}
$item_data['assign_for'] = 'children';
$wpdb->insert($wpdb->ppc_exception_items, $item_data);
do_action('pp_inserted_exception_item', array_merge((array) $exc, $item_data));
//if ( $role_hooks ) {
// $assignment_id = $wpdb->insert_id;
// $role_arr['assign_for'] = 'children';
//}
$updated_items[] = $id;
}
}
}
// end foreach agent_id
return $updated_items;
}
