/** * AJAX revert to default call. */ function wpcf_access_ajax_reset_to_default() { if (!isset($_GET['_wpnonce']) || !wp_verify_nonce($_GET['_wpnonce'], 'wpcf_access_ajax_reset_to_default')) { die('verification failed'); } if ($_GET['type'] == 'type') { $caps = wpcf_access_types_caps_predefined(); } else { if ($_GET['type'] == 'tax') { $caps = wpcf_access_tax_caps(); } } if (!empty($caps) && isset($_GET['button_id'])) { $output = array(); foreach ($caps as $cap => $cap_data) { $output[$cap] = $cap_data['role']; } echo json_encode(array('output' => $output, 'type' => $_GET['type'], 'button_id' => $_GET['button_id'])); } die; }
/** * Admin page form. */ function wpcf_access_admin_edit_access($enabled = true) { global $wpcf_access; $roles = get_editable_roles(); $shortcuts = array(); $output = ''; $output .= '<form id="wpcf_access_admin_form" method="post" action="">'; // Types $types = get_option('wpcf-custom-types', array()); // Merge with other types $settings_access = get_option('wpcf-access-types', array()); $types_other = get_post_types(array('show_ui' => true), 'objects'); foreach ($types_other as $type_slug => $type_data) { if (isset($types[$type_slug])) { continue; } if ($type_slug == 'view-template' || $type_slug == 'view' || $type_slug == 'cred-form') { // Don't list Views and View templates separately. // Don't list CRED form post types. continue; } $types[$type_slug] = (array) $type_data; unset($types[$type_slug]->labels, $types[$type_slug]->cap); $types[$type_slug]['labels'] = (array) $type_data->labels; $types[$type_slug]['cap'] = (array) $type_data->cap; if (isset($settings_access[$type_slug])) { $types[$type_slug]['_wpcf_access_capabilities'] = $settings_access[$type_slug]; } $types[$type_slug]['_wpcf_access_outsider'] = 1; if (!empty($type_data->_wpcf_access_inherits_post_cap)) { $types[$type_slug]['_wpcf_access_inherits_post_cap'] = 1; } } if (!empty($types)) { $output .= '<h3>' . __('Custom Types', 'wpcf') . '</h3>'; foreach ($types as $type_slug => $type_data) { if ($type_data['public'] === 'hidden') { continue; } // Set data $mode = isset($type_data['_wpcf_access_capabilities']['mode']) ? $type_data['_wpcf_access_capabilities']['mode'] : 'not_managed'; $output .= '<a name="' . $type_slug . '"> </a><br />'; $shortcuts[__('Post types', 'wpcf-access')][] = array($type_data['labels']['name'], $type_slug); $output .= '<div class="wpcf-access-type-item">'; $output .= '<strong>' . $type_data['labels']['name'] . '</strong>'; $output .= '<div class="wpcf-access-mode">'; $output .= '<label><input type="checkbox" value="permissions"' . ' onclick="wpcfAccessEnable(jQuery(this));"'; if (!$enabled) { $output .= 'disabled="disabled" readonly="readonly" '; } $output .= $mode != 'not_managed' ? 'checked="checked" />' : ' />'; $output .= '<input type="hidden" class="wpcf-enable-set" ' . 'name="types_access[types][' . $type_slug . '][mode]" value="' . $mode . '" />'; $output .= ' ' . __('Managed by Access', 'wpcf_access') . '</label>'; // Warning fallback if ((empty($type_data['_wpcf_access_outsider']) || !empty($type_data['_wpcf_access_inherits_post_cap'])) && !in_array($type_slug, array('post', 'page'))) { $output .= '<div class="warning-fallback"'; if ($mode != 'not_managed') { $output .= ' style="display:none;"'; } $output .= '><p>' . __('This post type will inherit the same access rights as the standard WordPress Post when not Managed by Access.', 'wpcf_access') . '</p></div>'; } $permissions = !empty($type_data['_wpcf_access_capabilities']['permissions']) ? $type_data['_wpcf_access_capabilities']['permissions'] : array(); $output .= wpcf_access_permissions_table($roles, $permissions, wpcf_access_types_caps_predefined(), 'types', $type_slug, $enabled, $mode != 'not_managed'); $output .= '</div><!-- wpcf-access-mode -->'; $output .= wpcf_access_submit_button($enabled, $mode != 'not_managed'); $output .= ' ' . wpcf_access_reset_button($type_slug, 'type', $enabled, $mode != 'not_managed'); $output .= '<div style="clear:both;"></div></div><!-- wpcf-access-type-item -->'; } } // Taxonomies $taxonomies = get_option('wpcf-custom-taxonomies', array()); // Merge with other taxonomies $settings_access = get_option('wpcf-access-taxonomies', array()); $taxonomies_other = get_taxonomies(array('show_ui' => true), 'objects'); foreach ($taxonomies_other as $tax_slug => $tax_data) { if (isset($taxonomies[$tax_slug])) { continue; } $taxonomies[$tax_slug] = (array) $tax_data; unset($taxonomies[$tax_slug]->labels, $taxonomies[$tax_slug]->cap); $taxonomies[$tax_slug]['labels'] = (array) $tax_data->labels; $taxonomies[$tax_slug]['cap'] = (array) $tax_data->cap; $taxonomies[$tax_slug]['supports'] = array_flip($tax_data->object_type); if (isset($settings_access[$tax_slug])) { $taxonomies[$tax_slug]['_wpcf_access_capabilities'] = $settings_access[$tax_slug]; } } // See if taxonomies are shared between types with different settings if ($enabled) { $supports_check = array(); foreach ($taxonomies as $tax_slug => $tax_data) { $mode = isset($tax_data['_wpcf_access_capabilities']['mode']) ? $tax_data['_wpcf_access_capabilities']['mode'] : 'follow'; // Only check if in 'follow' mode // if ($mode != 'follow' || empty($tax_data['supports'])) { if (empty($tax_data['supports'])) { continue; } foreach ($tax_data['supports'] as $supports_type => $true) { if (!isset($types[$supports_type]['_wpcf_access_capabilities']['mode'])) { continue; } $mode = $types[$supports_type]['_wpcf_access_capabilities']['mode']; if (!isset($types[$supports_type]['_wpcf_access_capabilities'][$mode])) { continue; } $supports_check[$tax_slug][md5($mode . serialize($types[$supports_type]['_wpcf_access_capabilities'][$mode]))][] = $types[$supports_type]['labels']['name']; } } } if (!empty($taxonomies)) { $output .= '<br /><br /><h3>' . __('Custom Taxonomies', 'wpcf') . '</h3>'; foreach ($taxonomies as $tax_slug => $tax_data) { if ($tax_data['public'] === 'hidden') { continue; } // Set data $mode = isset($tax_data['_wpcf_access_capabilities']['mode']) ? $tax_data['_wpcf_access_capabilities']['mode'] : 'not_managed'; if ($enabled) { $mode = wpcf_access_get_taxonomy_mode($tax_slug, $mode); } // For built-in set default to 'not_managed' if (in_array($tax_slug, array('category', 'post_tag'))) { $mode = isset($tax_data['_wpcf_access_capabilities']['mode']) ? $tax_data['_wpcf_access_capabilities']['mode'] : 'not_managed'; } $custom_data = wpcf_access_tax_caps(); if (isset($tax_data['_wpcf_access_capabilities']['permissions'])) { foreach ($tax_data['_wpcf_access_capabilities']['permissions'] as $cap_slug => $cap_data) { $custom_data[$cap_slug]['role'] = $cap_data['role']; $custom_data[$cap_slug]['users'] = isset($cap_data['users']) ? $cap_data['users'] : array(); } } $output .= '<a name="' . $tax_slug . '"> </a><br />'; $shortcuts[__('Taxonomy', 'wpcf-access')][] = array($tax_data['labels']['name'], $tax_slug); $output .= '<div class="wpcf-access-type-item">'; $output .= '<strong>' . $tax_data['labels']['name'] . '</strong>'; // Add warning if shared and settings are different $disable_same_as_parent = false; if ($enabled && isset($supports_check[$tax_slug]) && count($supports_check[$tax_slug]) > 1) { $txt = array(); foreach ($supports_check[$tax_slug] as $sc_tax_md5 => $sc_tax_md5_data) { $txt = array_merge($txt, $sc_tax_md5_data); } $last_element = array_pop($txt); // $warning = '<br /><img src="' . WPCF_EMBEDDED_RES_RELPATH . '/images/warning.png" style="position:relative;top:2px;" /> ' . sprintf(__('Notice: %s belongs to %s and %s, which have different access settings. The WordPress admin menu might appear confusing to some users.'), // $tax_data['labels']['name'], // implode(', ', $txt), $last_element); $warning = '<br /><img src="' . WPCF_ACCESS_RELPATH . '/images/warning.png" style="position:relative;top:2px;" /> ' . sprintf(__('You need to manually set the access rules for taxonomy %s. That taxonomy is shared between several post types that have different access rules.'), $tax_data['labels']['name'], implode(', ', $txt), $last_element); $output .= $warning; $disable_same_as_parent = true; } $output .= '<div class="wpcf-access-mode">'; // Managed checkbox $output .= '<label><input type="checkbox" class="not-managed" name="types_access[tax][' . $tax_slug . '][not_managed]" value="1"'; if (!$enabled) { $output .= ' disabled="disabled" readonly="readonly"'; } $output .= $mode != 'not_managed' ? ' checked="checked"' : ''; $output .= '/> ' . __('Managed by Access', 'wpcf_access') . '</label>'; $output .= '<br />'; // 'Same as parent' checkbox $output .= '<label><input type="checkbox" class="follow" name="types_access[tax][' . $tax_slug . '][mode]" value="follow"'; if (!$enabled) { $output .= ' disabled="disabled" readonly="readonly" checked="checked"'; } else { if ($disable_same_as_parent) { $output .= ' disabled="disabled" readonly="readonly"'; } else { $output .= $mode == 'follow' ? ' checked="checked"' : ''; } } $output .= ' /> ' . __('Same as Parent', 'wpcf_access') . '</label>'; $output .= '<div class="wpcf-access-mode-custom">'; $output .= wpcf_access_permissions_table($roles, $custom_data, $custom_data, 'tax', $tax_slug, $enabled, $mode != 'not_managed'); $output .= '</div>'; $output .= '</div><!-- wpcf-access-mode -->'; $output .= wpcf_access_submit_button($enabled, $mode != 'not_managed'); $output .= ' ' . wpcf_access_reset_button($tax_slug, 'tax', $enabled); $output .= '<div style="clear:both;"></div></div><!-- wpcf-access-type-item -->'; } } // Allow 3rd party $third_party = get_option('wpcf-access-3rd-party', array()); $areas = array(); $areas = apply_filters('types-access-area', $areas); foreach ($areas as $area) { // Do not allow 'types' ID if (in_array($area['id'], array('types', 'tax'))) { continue; } $output .= '<br /><br /><h3>' . $area['name'] . '</h3>'; $groups = array(); $groups = apply_filters('types-access-group', $groups, $area['id']); foreach ($groups as $group) { $output .= '<a name="' . $group['id'] . '"> </a><br />'; $shortcuts[$group['name']][] = array($group['name'], $group['id']); $output .= '<div class="wpcf-access-type-item">'; $output .= '<strong>' . $group['name'] . '</strong>'; $output .= '<div class="wpcf-access-mode">'; $caps = array(); $caps_filter = apply_filters('types-access-cap', $caps, $area['id'], $group['id']); $saved_data = array(); foreach ($caps_filter as $cap_slug => $cap) { $caps[$cap['cap_id']] = $cap; if (isset($cap['default_role'])) { $caps[$cap['cap_id']]['role'] = $cap['role'] = $cap['default_role']; } $saved_data[$cap['cap_id']] = isset($third_party[$area['id']][$group['id']]['permissions'][$cap['cap_id']]) ? $third_party[$area['id']][$group['id']]['permissions'][$cap['cap_id']] : array('role' => $cap['role']); } // Add registered via other hook if (!empty($wpcf_access->third_party[$area['id']][$group['id']]['permissions'])) { foreach ($wpcf_access->third_party[$area['id']][$group['id']]['permissions'] as $cap_slug => $cap) { // Don't allow duplicates if (isset($caps[$cap['cap_id']])) { unset($wpcf_access->third_party[$area['id']][$group['id']]['permissions'][$cap_slug]); continue; } $saved_data[$cap['cap_id']] = $cap['saved_data']; $caps[$cap['cap_id']] = $cap; } } if (isset($cap['style']) && $cap['style'] == 'dropdown') { } else { $output .= wpcf_access_permissions_table($roles, $saved_data, $caps, $area['id'], $group['id'], $enabled); } $output .= wpcf_access_submit_button($enabled, true); $output .= '</div>'; $output .= '</div>'; } } // Custom roles $output .= '<a name="custom-roles"></a><br /><br />'; $output .= '<h3>' . __('Custom Roles', 'wpcf') . '</h3>'; $output .= wpcf_access_admin_set_custom_roles_level_form($roles, $enabled); $output .= wp_nonce_field('wpcf-access-edit', '_wpnonce', true, false); $output .= '<input type="hidden" name="action" value="wpcf_access_save_settings" />'; $output .= '</form>'; $output .= '<br /><br />' . wpcf_access_new_role_form($enabled); $shortmenus = ''; if (!empty($shortcuts)) { echo '<h3>' . __('On this page', 'wpcf-access') . '</h3>'; foreach ($shortcuts as $section => $items) { $shortmenu = ''; if (!empty($items)) { $shortmenu .= '<span class="wpcf-access-shortcut-section">' . $section . '</span>: '; foreach ($items as $item) { $shortmenu .= ' <a href="#' . $item[1] . '" class="wpcf-access-shortcuts">' . $item[0] . '</a>'; } $shortmenus .= rtrim($shortmenu, ',') . '<br />'; } } $shortmenus .= '<br /><br />'; } echo $shortmenus . $output; }
/** * Returns cap settings declared in embedded.php * * @param type $cap * @return type */ function wpcf_access_get_cap_predefined_settings($cap) { $predefined = wpcf_access_types_caps_predefined(); if (isset($predefined[$cap])) { return $predefined[$cap]; } // If not found, try other caps return wpcf_access_get_cap_settings($cap); }
/** * Admin page form. */ function wpcf_access_admin_edit_access($enabled = true) { $roles = get_editable_roles(); $output = ''; $output .= '<form id="wpcf_access_admin_form" method="post" action="">'; // Types $types = get_option('wpcf-custom-types', array()); // Merge with other types $settings_access = get_option('wpcf-access-types', array()); $types_other = get_post_types(array('show_ui' => true), 'objects'); foreach ($types_other as $type_slug => $type_data) { if (isset($types[$type_slug])) { continue; } $types[$type_slug] = (array) $type_data; unset($types[$type_slug]->labels, $types[$type_slug]->cap); $types[$type_slug]['labels'] = (array) $type_data->labels; $types[$type_slug]['cap'] = (array) $type_data->cap; if (isset($settings_access[$type_slug])) { $types[$type_slug]['_wpcf_access_capabilities'] = $settings_access[$type_slug]; } } if (!empty($types)) { $output .= '<h3>' . __('Custom Types', 'wpcf') . '</h3>'; foreach ($types as $type_slug => $type_data) { if ($type_data['public'] === 'hidden') { continue; } // Set data $mode = isset($type_data['_wpcf_access_capabilities']['mode']) ? $type_data['_wpcf_access_capabilities']['mode'] : 'predefined'; // For built-in set default to 'not_managed' if (in_array($type_slug, array('post', 'page'))) { $mode = isset($type_data['_wpcf_access_capabilities']['mode']) ? $type_data['_wpcf_access_capabilities']['mode'] : 'not_managed'; } $predefined_data = wpcf_access_types_caps_predefined(); if (isset($type_data['_wpcf_access_capabilities']['predefined'])) { foreach ($type_data['_wpcf_access_capabilities']['predefined'] as $cap_slug => $cap_data) { $predefined_data[$cap_slug]['role'] = $cap_data['role']; $predefined_data[$cap_slug]['users'] = isset($cap_data['users']) ? $cap_data['users'] : array(); } } $custom_data = wpcf_access_types_caps(); if (isset($type_data['_wpcf_access_capabilities']['custom'])) { foreach ($type_data['_wpcf_access_capabilities']['custom'] as $cap_slug => $cap_data) { $custom_data[$cap_slug]['role'] = $cap_data['role']; $custom_data[$cap_slug]['users'] = isset($cap_data['users']) ? $cap_data['users'] : array(); } } $output .= '<div class="wpcf-access-type-item">'; $output .= '<strong>' . $type_data['labels']['name'] . '</strong>'; if ($mode == 'not_managed') { $output .= ' ' . __('(not managed)', 'wpcf_access'); } $output .= ' <a href="javascript:void(0);" ' . 'class="button-secondary wpcf-access-edit-type">' . __('Edit') . '</a>'; $output .= '<div class="wpcf-access-mode" style="display:none;">'; $output .= '<p>' . __('How do you want to manage access control for this type?', 'wpcf_access') . '</p>'; $output .= '<label><input type="radio" name="types[' . $type_slug . '][mode]" value="predefined" class="wpcf-access-switch-mode"'; $output .= $mode == 'predefined' ? ' checked="checked" />' : ' />'; $output .= __('Simple settings', 'wpcf_access') . '</label> '; $output .= '<label><input type="radio" name="types[' . $type_slug . '][mode]" value="custom" class="wpcf-access-switch-mode"'; $output .= $mode == 'custom' ? ' checked="checked" />' : ' />'; $output .= __('Advanced settings', 'wpcf_access') . '</label> '; $output .= '<label><input type="radio" name="types[' . $type_slug . '][mode]" value="not_managed" class="wpcf-access-switch-mode"'; $output .= $mode == 'not_managed' ? ' checked="checked" />' : ' />'; $output .= __('Not managed by Types Access', 'wpcf_access') . '</label>'; $output .= '<div class="wpcf-access-mode-predefined"'; $output .= $mode == 'predefined' ? '>' : ' style="display:none;">'; $output .= wpcf_access_admin_predefined($type_slug, $roles, 'types[' . $type_slug . '][predefined]', $predefined_data, $enabled); $output .= '</div>'; $output .= '<div class="wpcf-access-mode-custom"'; $output .= $mode == 'custom' ? '>' : ' style="display:none;">'; $output .= wpcf_access_admin_edit_access_types_item($type_slug, $roles, 'types[' . $type_slug . '][custom]', $custom_data, $enabled); $output .= '</div>'; $output .= '<div class="wpcf-access-mode-not_managed"'; $output .= $mode == 'not_managed' ? '>' : ' style="display:none;">'; $output .= '</div>'; $output .= '<a href="javascript:void(0);" ' . 'class="button-primary wpcf-access-edit-type-done">' . __('Done') . '</a>'; $output .= '</div><!-- wpcf-access-mode -->'; $output .= '<div style="clear:both;"></div></div><!-- wpcf-access-type-item -->'; } } // Taxonomies $taxonomies = get_option('wpcf-custom-taxonomies', array()); // Merge with other taxonomies $settings_access = get_option('wpcf-access-taxonomies', array()); $taxonomies_other = get_taxonomies(array('show_ui' => true), 'objects'); foreach ($taxonomies_other as $tax_slug => $tax_data) { if (isset($taxonomies[$tax_slug])) { continue; } $taxonomies[$tax_slug] = (array) $tax_data; unset($taxonomies[$tax_slug]->labels, $taxonomies[$tax_slug]->cap); $taxonomies[$tax_slug]['labels'] = (array) $tax_data->labels; $taxonomies[$tax_slug]['cap'] = (array) $tax_data->cap; $taxonomies[$tax_slug]['supports'] = array_flip($tax_data->object_type); if (isset($settings_access[$tax_slug])) { $taxonomies[$tax_slug]['_wpcf_access_capabilities'] = $settings_access[$tax_slug]; } } // See if taxonomies are shared between types with different settings if ($enabled) { $supports_check = array(); foreach ($taxonomies as $tax_slug => $tax_data) { $mode = isset($tax_data['_wpcf_access_capabilities']['mode']) ? $tax_data['_wpcf_access_capabilities']['mode'] : 'follow'; // Only check if in 'follow' mode if ($mode != 'follow' || empty($tax_data['supports'])) { continue; } foreach ($tax_data['supports'] as $supports_type => $true) { if (!isset($types[$supports_type]['_wpcf_access_capabilities']['mode'])) { continue; } $mode = $types[$supports_type]['_wpcf_access_capabilities']['mode']; if (!isset($types[$supports_type]['_wpcf_access_capabilities'][$mode])) { continue; } $supports_check[$tax_slug][md5($mode . serialize($types[$supports_type]['_wpcf_access_capabilities'][$mode]))][] = $types[$supports_type]['labels']['name']; } } } if (!empty($taxonomies)) { $output .= '<h3>' . __('Custom Taxonomies', 'wpcf') . '</h3>'; foreach ($taxonomies as $tax_slug => $tax_data) { if ($tax_data['public'] === 'hidden') { continue; } // Set data $mode = isset($tax_data['_wpcf_access_capabilities']['mode']) ? $tax_data['_wpcf_access_capabilities']['mode'] : 'follow'; // For built-in set default to 'not_managed' if (in_array($tax_slug, array('category', 'post_tag'))) { $mode = isset($tax_data['_wpcf_access_capabilities']['mode']) ? $tax_data['_wpcf_access_capabilities']['mode'] : 'not_managed'; } $custom_data = wpcf_access_tax_caps(); if (isset($tax_data['_wpcf_access_capabilities']['custom'])) { foreach ($tax_data['_wpcf_access_capabilities']['custom'] as $cap_slug => $cap_data) { $custom_data[$cap_slug]['role'] = $cap_data['role']; $custom_data[$cap_slug]['users'] = isset($cap_data['users']) ? $cap_data['users'] : array(); } } $output .= '<div class="wpcf-access-type-item">'; $output .= '<strong>' . $tax_data['labels']['name'] . '</strong>'; if ($mode == 'not_managed') { $output .= ' ' . __('(not managed)', 'wpcf_access'); } $output .= ' <a href="javascript:void(0);" ' . 'class="button-secondary wpcf-access-edit-type">' . __('Edit') . '</a>'; // Add warning if shared and settings are different if ($enabled && isset($supports_check[$tax_slug]) && count($supports_check[$tax_slug]) > 1) { $txt = array(); foreach ($supports_check[$tax_slug] as $sc_tax_md5 => $sc_tax_md5_data) { $txt = array_merge($txt, $sc_tax_md5_data); } $last_element = array_pop($txt); $warning = '<br /><img src="' . WPCF_EMBEDDED_RES_RELPATH . '/images/warning.png" style="position:relative;top:2px;" /> ' . sprintf(__('Notice: %s belongs to %s and %s, which have different access settings. The WordPress admin menu might appear confusing to some users.'), $tax_data['labels']['name'], implode(', ', $txt), $last_element); $output .= $warning; } $output .= '<div class="wpcf-access-mode" style="display:none;">'; $output .= '<p>' . __('How do you want to manage access control for this taxonomy?', 'wpcf_access') . '</p>'; $output .= '<label><input type="radio" name="tax[' . $tax_slug . '][mode]" value="follow" class="wpcf-access-switch-mode"'; $output .= $mode == 'follow' ? ' checked="checked" />' : ' />'; $output .= __('Same as parent post', 'wpcf_access') . '</label> '; $output .= '<label><input type="radio" name="tax[' . $tax_slug . '][mode]" value="custom" class="wpcf-access-switch-mode"'; $output .= $mode == 'custom' ? ' checked="checked" />' : ' />'; $output .= __('Advanced settings', 'wpcf_access') . '</label> '; $output .= '<label><input type="radio" name="tax[' . $tax_slug . '][mode]" value="not_managed" class="wpcf-access-switch-mode"'; $output .= $mode == 'not_managed' ? ' checked="checked" />' : ' />'; $output .= __('Not managed by Types Access', 'wpcf_access') . '</label>'; $output .= '<div class="wpcf-access-mode-custom"'; $output .= $mode == 'custom' ? '>' : ' style="display:none;">'; $output .= wpcf_access_admin_edit_access_tax_item($tax_slug, $roles, 'tax[' . $tax_slug . '][custom]', $custom_data, $enabled); $output .= '</div>'; $output .= '<br /><br /><a href="javascript:void(0);" ' . 'class="button-primary wpcf-access-edit-type-done">' . __('Done') . '</a>'; $output .= '</div><!-- wpcf-access-mode -->'; $output .= '<div style="clear:both;"></div></div><!-- wpcf-access-type-item -->'; } } $output .= wpcf_access_admin_set_custom_roles_level_form($roles, $enabled); $output .= wp_nonce_field('wpcf-access-edit', '_wpnonce', true, false); if ($enabled) { $output .= get_submit_button(); } else { $output .= get_submit_button(__('Save Changes'), 'primary', 'submit', true, array('disabled' => 'disabled')); } $output .= '</form>'; echo $output; }
/** * Saves Access settings. */ function wpcf_access_save_settings() { if (isset($_POST['_wpnonce']) && wp_verify_nonce($_POST['_wpnonce'], 'wpcf-access-edit')) { $access_bypass_template = "<div class='error'><p>" . __("<strong>Warning:</strong> The %s <strong>%s</strong> uses the same name for singular name and plural name. Access can't control access to this object. Please use a different name for the singular and plural names.", 'wpcf-access') . "</p></div>"; $access_notices = ''; $_post_types = wpcf_object_to_array(get_post_types(array('show_ui' => true), 'objects')); $_taxonomies = wpcf_object_to_array(get_taxonomies(array('show_ui' => true), 'objects')); if (!empty($_POST['types_access']['types'])) { $settings = get_option('wpcf-custom-types', array()); $settings_access = array(); //); $caps = wpcf_access_types_caps_predefined(); foreach ($_POST['types_access']['types'] as $type => $data) { $mode = isset($data['mode']) ? $data['mode'] : 'not_managed'; // Use saved if any and not_managed if ($data['mode'] == 'not_managed' && isset($settings[$type]['_wpcf_access_capabilities'])) { $data = $settings[$type]['_wpcf_access_capabilities']; } $data['mode'] = $mode; $data['permissions'] = wpcf_access_parse_permissions($data, $caps); if (!wpcf_is_object_valid('type', $_post_types[$type])) { $data['mode'] = 'not_managed'; $access_notices .= sprintf($access_bypass_template, __('Post Type', 'wpcf-access'), $_post_types[$type]['labels']['singular_name']); } if (isset($settings[$type])) { $settings[$type]['_wpcf_access_capabilities'] = $data; } else { $settings_access[$type] = $data; //unset($settings[$type]); } } update_option('wpcf-custom-types', $settings); update_option('wpcf-access-types', $settings_access); } if (!empty($_POST['types_access'])) { $third_party = get_option('wpcf-access-3rd-party', array()); foreach ($_POST['types_access'] as $area_id => $area_data) { // Skip Types if ($area_id == 'types' || $area_id == 'tax') { unset($third_party[$area_id]); continue; } foreach ($area_data as $group => $group_data) { // Set user IDs $data['permissions'] = wpcf_access_parse_permissions($group_data, $caps, true); $third_party[$area_id][$group] = $data; $third_party[$area_id][$group]['mode'] = 'permissions'; } } update_option('wpcf-access-3rd-party', $third_party); } if (isset($_POST['types_access']['tax'])) { $settings = get_option('wpcf-custom-taxonomies', array()); // Taxonomies settings for non-created by Types $settings_access = array(); //); $caps = wpcf_access_tax_caps(); foreach ($_POST['types_access']['tax'] as $tax => $data) { if (!isset($data['mode'])) { $data['mode'] = 'permissions'; } if (!isset($data['not_managed'])) { $data['mode'] = 'not_managed'; } $data['mode'] = wpcf_access_get_taxonomy_mode($tax, $data['mode']); // Prevent overwriting if ($data['mode'] == 'not_managed' || $data['mode'] == 'follow') { if (isset($settings_access[$tax]) && isset($settings_access[$tax]['permissions'])) { $data['permissions'] = $settings_access[$tax]['permissions']; } } $data['permissions'] = wpcf_access_parse_permissions($data, $caps); /*if (isset($settings[$tax])) { $settings[$tax]['_wpcf_access_capabilities'] = $data; // ????? IS THIS ERROR/TYPO ???? //unset($settings[$type]); } else { $settings_access[$tax] = $data; }*/ if (!wpcf_is_object_valid('taxonomy', $_taxonomies[$tax])) { $data['mode'] = 'not_managed'; $access_notices .= sprintf($access_bypass_template, __('Taxonomy', 'wpcf-access'), $_taxonomies[$tax]['labels']['singular_name']); } if (isset($settings[$tax])) { $settings[$tax]['_wpcf_access_capabilities'] = $data; } else { $settings_access[$tax] = $data; //unset($settings[$type]); } } update_option('wpcf-custom-taxonomies', $settings); update_option('wpcf-access-taxonomies', $settings_access); } if (!empty($_POST['roles'])) { foreach ($_POST['roles'] as $role => $level) { $role_data = get_role($role); if (!empty($role)) { for ($index = 0; $index < 11; $index++) { if ($index <= intval($level)) { $role_data->add_cap('level_' . $index, 1); } else { $role_data->remove_cap('level_' . $index); } } } } } if (defined('DOING_AJAX')) { do_action('types_access_save_settings'); echo __('Access rules saved', 'wpcf_access') . $access_notices; die; } } }