Esempio n. 1
0
 /**
  * Handle uploads.
  * 
  * Set 'upload_files' capability for current user on 'init' hook.
  * After we set default capabilities, we dynamically set upload_files
  * to match current action.
  * 
  * @global type $current_user
  * @global type $wpcf_access 
  */
 public static function wpcf_access_user_can_upload_files()
 {
     global $wpcf_access;
     $current_user = wp_get_current_user();
     list($role, $level) = Access_Helper::wpcf_access_rank_user($current_user->ID);
     // Enqueue
     add_filter('wpcf_access_exceptions', array(__CLASS__, 'wpcf_access_exceptions_upload_files'), 10, 4);
     add_filter('types_access_check_override', array(__CLASS__, 'wpcf_access_upload_files_check_override'));
     // First detect if attachment
     $post_type = Access_Helper::wpcf_access_attachment_parent_type();
     // Determine post_type
     if (empty($post_type)) {
         $post_id = Access_Helper::wpcf_access_determine_post_id();
         if ($post_id) {
             $post_type = get_post_type(get_post($post_id));
         } else {
             $post_type = Access_Helper::wpcf_access_determine_post_type();
         }
         if (empty($post_type)) {
             $post_type = 'post';
         }
     }
     $wpcf_access->upload_files['post_type'] = $post_type;
     // If rule for post_type exists - follow it
     if (!empty($current_user->allcaps) && !empty($post_type)) {
         // TODO Monitor this
         $post_type_obj = get_post_type_object($post_type);
         if (is_null($post_type_obj)) {
             $wpcf_access->errors['post_type_object_missing'][] = $post_type;
             return false;
         }
         $wpcf_access->upload_files['post_type_cap'] = $post_type_obj->cap;
         if (!empty($post_type_obj->cap->edit_posts)) {
             $cap_found = Access_Helper::wpcf_access_search_cap($post_type_obj->cap->edit_posts);
             if (!empty($cap_found)) {
                 $wpcf_access->upload_files['cap_found'] = $cap_found;
                 $allow = Access_Helper::wpcf_access_is_role_ranked_higher($role, $cap_found['role']);
                 if (!$allow) {
                     $allow = in_array($current_user->ID, $cap_found['users']);
                 }
                 if (!$allow) {
                     unset($current_user->allcaps['upload_files']);
                     unset($current_user->caps['upload_files']);
                 } else {
                     $current_user->allcaps['upload_files'] = 1;
                     $current_user->caps['upload_files'] = 1;
                 }
                 $wpcf_access->upload_files['allow'] = (bool) $allow ? 1 : 0;
                 // If found return $allow
                 return $allow;
             }
         }
     }
     $wpcf_access->upload_files['handled'] = 0;
     $wpcf_access->upload_files['allow'] = !empty($current_user->allcaps['upload_files']) ? 1 : 0;
     // Return default setting if not found
     return !empty($current_user->allcaps['upload_files']);
 }