/**
* Saves Access settings by section
*/
public static function wpcf_access_save_settings_section()
{
if (!current_user_can('manage_options')) {
_e('There are security problems. You do not have permissions.', 'wpcf-access');
die;
}
if (isset($_POST['_wpnonce']) && wp_verify_nonce($_POST['_wpnonce'], 'wpcf-access-edit')) {
//taccess_log($_POST['types_access']);
$model = TAccess_Loader::get('MODEL/Access');
//$isTypesActive = Access_Helper::wpcf_access_is_wpcf_active();
$access_bypass_template = "<div class='error'><p>" . __("<strong>Warning:</strong> The %s <strong>%s</strong> uses the same name for singular name and plural name. Access can't control access to this object. Please use a different name for the singular and plural names.", 'wpcf-access') . "</p></div>";
$access_conflict_template = "<div class='error'><p>" . __("<strong>Warning:</strong> The %s <strong>%s</strong> uses capability names that conflict with default Wordpress capabilities. Access can not manage this entity, try changing entity's name and / or slug", 'wpcf-access') . "</p></div>";
$access_notices = '';
$_post_types = Access_Helper::wpcf_object_to_array($model->getPostTypes());
$_taxonomies = Access_Helper::wpcf_object_to_array($model->getTaxonomies());
//taccess_log($_taxonomies);
// start empty
$settings_access_types_previous = $model->getAccessTypes();
$settings_access_taxs_previous = $model->getAccessTaxonomies();
$settings_access_thirdparty_previous = $model->getAccessThirdParty();
$settings_access_types = array();
$settings_access_taxs = array();
// Post Types
$custom_data = array();
$settings_access = $model->getAccessTypes();
if (!empty($_POST['types_access_error_type']['types'])) {
foreach ($_POST['types_access_error_type']['types'] as $type => $data) {
$type = sanitize_text_field($type);
$settings_access_types_previous['_custom_read_errors'][$type] = $data;
}
$model->updateAccessTypes($settings_access_types_previous);
}
if (!empty($_POST['types_access_error_value']['types'])) {
foreach ($_POST['types_access_error_value']['types'] as $type => $data) {
$type = sanitize_text_field($type);
$settings_access_types_previous['_custom_read_errors_value'][$type] = $data;
}
$model->updateAccessTypes($settings_access_types_previous);
}
//Archives
if (!empty($_POST['types_access_archive_error_type']['types'])) {
foreach ($_POST['types_access_archive_error_type']['types'] as $type => $data) {
$type = sanitize_text_field($type);
$settings_access_types_previous['_archive_custom_read_errors'][$type] = $data;
}
$model->updateAccessTypes($settings_access_types_previous);
}
if (!empty($_POST['types_access_archive_error_value']['types'])) {
foreach ($_POST['types_access_archive_error_value']['types'] as $type => $data) {
$type = sanitize_text_field($type);
$settings_access_types_previous['_archive_custom_read_errors_value'][$type] = $data;
}
$model->updateAccessTypes($settings_access_types_previous);
}
// Post Types
if (!empty($_POST['types_access']['types'])) {
$caps = Access_Helper::wpcf_access_types_caps_predefined();
foreach ($_POST['types_access']['types'] as $type => $data) {
$mode = isset($data['mode']) ? $data['mode'] : 'not_managed';
// Use saved if any and not_managed
if (isset($data['mode']) && $data['mode'] == 'not_managed' && isset($settings_access_types_previous[$type])) {
$data = $settings_access_types_previous[$type];
}
$data['mode'] = $mode;
if (strpos($type, 'wpcf-custom-group-') === 0 && isset($_POST['groupvalue-' . $type])) {
$data['title'] = sanitize_text_field($_POST['groupvalue-' . $type]);
}
$data['permissions'] = Access_Helper::wpcf_access_parse_permissions($data, $caps);
//taccess_log($data['permissions']);
if (isset($_post_types[$type]['__accessIsNameValid']) && !$_post_types[$type]['__accessIsNameValid']) {
$data['mode'] = 'not_managed';
$access_notices .= sprintf($access_bypass_template, __('Post Type', 'wpcf-access'), $_post_types[$type]['labels']['singular_name']);
}
if (isset($_post_types[$type]['__accessIsCapValid']) && !$_post_types[$type]['__accessIsCapValid']) {
$data['mode'] = 'not_managed';
$access_notices .= sprintf($access_conflict_template, __('Post Type', 'wpcf-access'), $_post_types[$type]['labels']['singular_name']);
}
//$settings_access_types[$type] = $data;
$settings_access_types_previous[$type] = $data;
}
// update settings
$model->updateAccessTypes($settings_access_types_previous);
//unset($settings_access_types_previous);
}
// Taxonomies
$caps = Access_Helper::wpcf_access_tax_caps();
// when a taxonomy is unchecked, no $_POST data exist, so loop over all existing taxonomies, instead of $_POST data
foreach ($_taxonomies as $tax => $_taxdata) {
if (isset($_POST['types_access']['tax']) && isset($_POST['types_access']['tax'][$tax])) {
$data = $_POST['types_access']['tax'][$tax];
//foreach ($_POST['types_access']['tax'] as $tax => $data) {
if (!isset($data['not_managed'])) {
$data['mode'] = 'not_managed';
}
if (!isset($data['mode'])) {
$data['mode'] = 'permissions';
}
$data['mode'] = isset($data['mode']) ? $data['mode'] : 'not_managed';
//Checkthis
//$data['mode'] = Access_Helper::wpcf_access_get_taxonomy_mode($tax, $data['mode']);
// Prevent overwriting
if ($data['mode'] == 'not_managed') {
if (isset($settings_access_taxs_previous[$tax])) {
//$data['permissions'] = $settings_access_taxs_previous[$tax]['permissions'];
$data = $settings_access_taxs_previous[$tax];
$data['mode'] = 'not_managed';
}
} elseif ($data['mode'] == 'follow') {
if (!isset($data['__permissions'])) {
// add this here since it is needed elsewhere
// and it is missing :P
$data['__permissions'] = Access_Helper::wpcf_get_taxs_caps_default();
}
//taccess_log($_taxdata);
$tax_post_type = '';
if (isset($tax_post_type)) {
$tax_arr = array_values($_taxdata['object_type']);
if (is_array($tax_arr)) {
$tax_post_type = array_shift($tax_arr);
}
}
//$tax_post_type = array_shift(array_values($_taxdata['object_type']));
$follow_caps = array();
// if parent post type managed by access, and tax is same as parent
// translate and hardcode the post type capabilities to associated tax capabilties
if (isset($settings_access_types_previous[$tax_post_type]) && 'permissions' == $settings_access_types_previous[$tax_post_type]['mode']) {
$follow_caps = Access_Helper::wpcf_types_to_tax_caps($tax, $_taxdata, $settings_access_types_previous[$tax_post_type]);
}
//taccess_log(array($tax, $follow_caps));
if (!empty($follow_caps)) {
$data['permissions'] = $follow_caps;
} else {
$data['mode'] = 'not_managed';
}
//taccess_log(array($tax_post_type, $follow_caps, $settings_access_types[$tax_post_type]['permissions']));
/*if (isset($settings_access_taxs[$tax]) && isset($settings_access_taxs[$tax]['permissions']))
$data['permissions'] = $settings_access_taxs[$tax]['permissions'];*/
}
//taccess_log($data['permissions']);
$data['permissions'] = Access_Helper::wpcf_access_parse_permissions($data, $caps);
//taccess_log(array($tax, $data));
if (isset($_taxonomies[$tax]['__accessIsNameValid']) && !$_taxonomies[$tax]['__accessIsNameValid']) {
$data['mode'] = 'not_managed';
$access_notices .= sprintf($access_bypass_template, __('Taxonomy', 'wpcf-access'), $_taxonomies[$tax]['labels']['singular_name']);
}
if (isset($_taxonomies[$tax]['__accessIsCapValid']) && !$_taxonomies[$tax]['__accessIsCapValid']) {
$data['mode'] = 'not_managed';
$access_notices .= sprintf($access_conflict_template, __('Taxonomy', 'wpcf-access'), $_taxonomies[$tax]['labels']['singular_name']);
}
//$settings_access_taxs[$tax] = $data;
$settings_access_taxs_previous[$tax] = $data;
}
}
//taccess_log($settings_access_taxs);
// update settings
$model->updateAccessTaxonomies($settings_access_taxs_previous);
unset($settings_access_taxs_previous);
// 3rd-Party
if (!empty($_POST['types_access'])) {
// start empty
//$settings_access_thirdparty_previous = $model->getAccessThirdParty();
$third_party = $settings_access_thirdparty_previous;
if (!is_array($third_party)) {
$third_party = array();
}
foreach ($_POST['types_access'] as $area_id => $area_data) {
// Skip Types
if ($area_id == 'types' || $area_id == 'tax') {
//unset($third_party[$area_id]);
continue;
}
if (!isset($third_party[$area_id]) || empty($third_party[$area_id])) {
$third_party[$area_id] = array();
}
foreach ($area_data as $group => $group_data) {
$group = sanitize_text_field($group);
// Set user IDs
$group_data['permissions'] = Access_Helper::wpcf_access_parse_permissions($group_data, $caps, true);
$third_party[$area_id][$group] = $group_data;
$third_party[$area_id][$group]['mode'] = 'permissions';
}
}
//taccess_log($third_party);
// update settings
$model->updateAccessThirdParty($third_party);
}
// Roles
if (!empty($_POST['roles'])) {
$access_roles = $model->getAccessRoles();
foreach ($_POST['roles'] as $role => $level) {
$role = sanitize_text_field($role);
$level = sanitize_text_field($level);
$role_data = get_role($role);
if (!empty($role_data)) {
$level = intval($level);
for ($index = 0; $index < 11; $index++) {
if ($index <= $level) {
$role_data->add_cap('level_' . $index, 1);
} else {
$role_data->remove_cap('level_' . $index);
}
if (isset($access_roles[$role])) {
if (isset($access_roles[$role]['caps'])) {
if ($index <= $level) {
$access_roles[$role]['caps']['level_' . $index] = true;
} else {
unset($access_roles[$role]['caps']['level_' . $index]);
}
}
}
}
}
}
//taccess_log(array($_POST['roles'], $access_roles));
$model->updateAccessRoles($access_roles);
}
if (defined('DOING_AJAX')) {
do_action('types_access_save_settings');
echo "<div class='updated'><p>" . __('Access rules saved', 'wpcf-access') . "</p></div>";
echo $access_notices;
die;
}
}
}
