/** * given a permission string, check for access requirements * * @param string $str the permission to check * * @return boolean true if yes, else false * @access public */ function check($str) { // Generic cms 'administer users' role tranlates to 'administrator' WordPress role $str = $this->translatePermission($str, 'WordPress', array('administer users' => 'administrator')); if ($str == CRM_Core_Permission::ALWAYS_DENY_PERMISSION) { return FALSE; } if ($str == CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION) { return TRUE; } // for administrators give them all permissions if (!function_exists('current_user_can')) { return TRUE; } if (current_user_can('super admin') || current_user_can('administrator')) { return TRUE; } // Make string lowercase and convert spaces into underscore $str = CRM_Utils_String::munge(strtolower($str)); if (is_user_logged_in()) { // Check whether the logged in user has the capabilitity if (current_user_can($str)) { return TRUE; } } else { //check the capabilities of Anonymous user) $roleObj = new WP_Roles(); if ($roleObj->get_role('anonymous_user') != NULL && array_key_exists($str, $roleObj->get_role('anonymous_user')->capabilities)) { return TRUE; } } return FALSE; }
/** * * @return type */ public function retrieveList() { $response = array('aaData' => array(), 'aaDefault' => 1); $subject = $this->getSubject(); $roles = new WP_Roles(); if ($subject->getUID() === aam_Control_Subject_Role::UID) { //prepare list of all capabilities $caps = array(); foreach ($roles->role_objects as $role) { $caps = array_merge($caps, $role->capabilities); } //init all caps foreach ($caps as $capability => $grant) { $response['aaData'][] = array($capability, $subject->hasCapability($capability) ? 1 : 0, $this->getGroup($capability), $this->getHumanText($capability), ''); } } else { $role_list = $subject->roles; $role = $roles->get_role(array_shift($role_list)); foreach ($role->capabilities as $capability => $grant) { $response['aaData'][] = array($capability, $subject->hasCapability($capability) ? 1 : 0, $this->getGroup($capability), $this->getHumanText($capability), ''); $response['aaDefault'] = $subject->isDefaultCapSet() ? 1 : 0; } } return json_encode($response); }
/** * * @return type */ public function add() { $name = trim(aam_Core_Request::post('name')); $roles = new WP_Roles(); $role_id = 'aamrole_' . uniqid(); //if inherited role is set get capabilities from it $parent = trim(aam_Core_Request::post('inherit')); if ($parent && $roles->get_role($parent)) { $caps = $roles->get_role($parent)->capabilities; } else { $caps = array(); } if ($roles->add_role($role_id, $name, $caps)) { $response = array('status' => 'success', 'role' => $role_id); } else { $response = array('status' => 'failure'); } return json_encode($response); }
/** * Given a permission string, check for access requirements * * @param string $str * The permission to check. * * @return bool * true if yes, else false */ public function check($str) { // Generic cms 'administer users' role tranlates to 'administrator' WordPress role $str = $this->translatePermission($str, 'WordPress', array('administer users' => 'edit_users')); if ($str == CRM_Core_Permission::ALWAYS_DENY_PERMISSION) { return FALSE; } if ($str == CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION) { return TRUE; } // CRM-15629 // During some extern/* calls we don't bootstrap CMS hence // below constants are not set. In such cases, we don't need to // check permission, hence directly return TRUE if (!defined('ABSPATH') || !defined('WPINC')) { require_once 'CRM/Utils/System.php'; CRM_Utils_System::loadBootStrap(); } require_once ABSPATH . WPINC . '/pluggable.php'; // for administrators give them all permissions if (!function_exists('current_user_can')) { return TRUE; } if (current_user_can('super admin') || current_user_can('administrator')) { return TRUE; } // Make string lowercase and convert spaces into underscore $str = CRM_Utils_String::munge(strtolower($str)); if (is_user_logged_in()) { // Check whether the logged in user has the capabilitity if (current_user_can($str)) { return TRUE; } } else { //check the capabilities of Anonymous user) $roleObj = new WP_Roles(); if ($roleObj->get_role('anonymous_user') != NULL && array_key_exists($str, $roleObj->get_role('anonymous_user')->capabilities)) { return TRUE; } } return FALSE; }
/** * Retrieve Role based on ID * * @return WP_Role|null * * @access protected */ protected function retrieveSubject() { $roles = new WP_Roles(); $role = $roles->get_role($this->getId()); if (!is_null($role) && isset($role->capabilities)) { //add role capability as role id, weird WordPress behavior //example is administrator capability $role->capabilities[$this->getId()] = true; } return $role; }
/** * Add custom user role. * * @param $roleKey * @param $roleName * * @since 1.0.0 */ public function addCustomRole($roleKey, $roleName) { global $wp_roles; if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } $customerRole = $wp_roles->get_role('customer'); // Copy customer role capabilities do_action('wwp_action_before_add_custom_role', $roleKey, $roleName, $customerRole->capabilities); add_role($roleKey, $roleName, $customerRole->capabilities); do_action('wwp_action_after_add_custom_role', $roleKey, $roleName, $customerRole->capabilities); }
/** * Retrieve Role based on ID * * @return WP_Role|null * * @access protected */ protected function retrieveSubject() { $roles = new WP_Roles(); $role = $roles->get_role($this->getId()); if (is_null($role)) { aam_Core_Console::write('Role ' . $this->getId() . ' does not exist'); } elseif (isset($role->capabilities)) { //add role capability as role id, weird WordPress behavior //example is administrator capability $role->capabilities[$this->getId()] = true; } return $role; }
protected function add_gf_import_capability() { global $wp_roles; if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } $admin_role = $wp_roles->get_role('administrator'); if (!empty($admin_role) && !$admin_role->has_cap('gravityforms_import')) { $wp_roles->use_db = true; // save changes to the database $admin_role->add_cap('gravityforms_import'); } }
/** * Add XRDS entries for OpenID Server. Entries added will be highly * dependant on the requested URL and plugin configuration. */ function openid_provider_xrds_simple($xrds) { global $wp_roles; if (!$wp_roles) { $wp_roles = new WP_Roles(); } $provider_enabled = false; foreach ($wp_roles->role_names as $key => $name) { $role = $wp_roles->get_role($key); if ($role->has_cap('use_openid_provider')) { $provider_enabled = true; break; } } if (!$provider_enabled) { return $xrds; } $user = openid_server_requested_user(); if (!$user && get_option('openid_blog_owner')) { $url_parts = parse_url(get_option('home')); $script = preg_replace('/index.php$/', '', $_SERVER['SCRIPT_NAME']); if ('/' . $url_parts['path'] != $script && !is_admin()) { return $xrds; } if (!defined('OPENID_DISALLOW_OWNER') || !OPENID_DISALLOW_OWNER) { $user = get_userdatabylogin(get_option('openid_blog_owner')); } } if ($user) { // if user doesn't have capability, bail $user_object = new WP_User($user->ID); if (!$user_object->has_cap('use_openid_provider')) { return $xrds; } if (get_usermeta($user->ID, 'openid_delegate')) { $services = get_usermeta($user->ID, 'openid_delegate_services'); } else { $services = array(0 => array('Type' => array(array('content' => 'http://specs.openid.net/auth/2.0/signon')), 'URI' => trailingslashit(get_option('siteurl')) . '?openid_server=1', 'LocalID' => get_author_posts_url($user->ID)), 1 => array('Type' => array(array('content' => 'http://openid.net/signon/1.1')), 'URI' => trailingslashit(get_option('siteurl')) . '?openid_server=1', 'openid:Delegate' => get_author_posts_url($user->ID))); } } else { $services = array(array('Type' => array(array('content' => 'http://specs.openid.net/auth/2.0/server')), 'URI' => trailingslashit(get_option('siteurl')) . '?openid_server=1', 'LocalID' => 'http://specs.openid.net/auth/2.0/identifier_select')); } if (!empty($services)) { foreach ($services as $index => $service) { $name = 'OpenID Provider Service (' . $index . ')'; $xrds = xrds_add_service($xrds, 'main', $name, $service, $index); } } return $xrds; }
public function add_dentix_caps_to_admin() { global $wp_roles; if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } //create a new role, based on the subscriber role $subscriber = $wp_roles->get_role('subscriber'); $wp_roles->add_role('dentist', __('Dentist', 'dentix'), $subscriber->capabilities); $caps = array('read', 'read_patient', 'read_private_patients', 'edit_patients', 'edit_private_patients', 'edit_published_patients', 'edit_others_patients', 'publish_patients', 'delete_patients', 'delete_private_patients', 'delete_published_patients', 'delete_others_patients', 'upload_files'); $roles = array(get_role('administrator'), get_role('dentist')); foreach ($roles as $role) { foreach ($caps as $cap) { $role->add_cap($cap); } } }
/** * Add new capability * * @global WP_Roles $wp_roles * @return string */ protected function add_new_capability() { global $wp_roles; if (!current_user_can('ure_create_capabilities')) { return esc_html__('Insufficient permissions to work with User Role Editor', 'user-role-editor'); } $mess = ''; if (isset($_POST['capability_id']) && $_POST['capability_id']) { $user_capability = $_POST['capability_id']; // sanitize user input for security $valid_name = preg_match('/[A-Za-z0-9_\\-]*/', $user_capability, $match); if (!$valid_name || $valid_name && $match[0] != $user_capability) { // some non-alphanumeric charactes found! return 'Error! ' . esc_html__('Error: Capability name must contain latin characters and digits only!', 'user-role-editor'); } if ($user_capability) { $user_capability = strtolower($user_capability); if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } $wp_roles->use_db = true; $administrator = $wp_roles->get_role('administrator'); if (!$administrator->has_cap($user_capability)) { $wp_roles->add_cap('administrator', $user_capability); $mess = sprintf(esc_html__('Capability %s is added successfully', 'user-role-editor'), $user_capability); } else { $mess = sprintf('Error! ' . esc_html__('Capability %s exists already', 'user-role-editor'), $user_capability); } } } return $mess; }
/** * process new role create request * * @global WP_Roles $wp_roles * * @return string - message about operation result * */ protected function add_new_role() { global $wp_roles; if (!current_user_can('ure_create_roles')) { return esc_html__('Insufficient permissions to work with User Role Editor', 'user-role-editor'); } $mess = ''; $this->current_role = ''; if (isset($_POST['user_role_id']) && $_POST['user_role_id']) { $user_role_id = utf8_decode($_POST['user_role_id']); // sanitize user input for security $valid_name = preg_match('/[A-Za-z0-9_\\-]*/', $user_role_id, $match); if (!$valid_name || $valid_name && $match[0] != $user_role_id) { // some non-alphanumeric charactes found! return esc_html__('Error: Role ID must contain latin characters, digits, hyphens or underscore only!', 'user-role-editor'); } $numeric_name = preg_match('/[0-9]*/', $user_role_id, $match); if ($numeric_name && $match[0] == $user_role_id) { // numeric name discovered return esc_html__('Error: WordPress does not support numeric Role name (ID). Add latin characters to it.', 'user-role-editor'); } if ($user_role_id) { $user_role_name = isset($_POST['user_role_name']) ? $_POST['user_role_name'] : false; if (!empty($user_role_name)) { $user_role_name = sanitize_text_field($user_role_name); } else { $user_role_name = $user_role_id; // as user role name is empty, use user role ID instead } if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } if (isset($wp_roles->roles[$user_role_id])) { return sprintf('Error! ' . esc_html__('Role %s exists already', 'user-role-editor'), $user_role_id); } $user_role_id = strtolower($user_role_id); $this->current_role = $user_role_id; $user_role_copy_from = isset($_POST['user_role_copy_from']) ? $_POST['user_role_copy_from'] : false; if (!empty($user_role_copy_from) && $user_role_copy_from != 'none' && $wp_roles->is_role($user_role_copy_from)) { $role = $wp_roles->get_role($user_role_copy_from); $capabilities = $this->remove_caps_not_allowed_for_single_admin($role->capabilities); } else { $capabilities = array('read' => true, 'level_0' => true); } // add new role to the roles array $result = add_role($user_role_id, $user_role_name, $capabilities); if (!isset($result) || empty($result)) { $mess = 'Error! ' . esc_html__('Error is encountered during new role create operation', 'user-role-editor'); } else { $mess = sprintf(esc_html__('Role %s is created successfully', 'user-role-editor'), $user_role_name); } } } return $mess; }
/** * Function to process the form * * @access public * @return void */ public function postProcess() { $params = $this->controller->exportValues($this->_name); $permissionsArray = self::getPermissionArray(); // Function to get Wordpress roles global $wp_roles; if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } foreach ($wp_roles->role_names as $role => $name) { $roleObj = $wp_roles->get_role($role); //Remove all civicrm capabilities for the role, as there may be some capabilities checkbox unticked foreach ($permissionsArray as $key => $capability) { $roleObj->remove_cap($key); } //Add the selected wordpress capabilities for the role $rolePermissions = $params[$role]; if (!empty($rolePermissions)) { foreach ($rolePermissions as $key => $capability) { $roleObj->add_cap($key); } } } // FIXME // Changed the 'access_civicrm_nav_link' capability in civicrm.php file // But for some reason, if i remove 'Access CiviCRM' administrator and save, it is showing // 'You do not have sufficient permissions to access this page' // which should not happen for Super Admin and Administrators, as checking permissions for Super // Admin and Administrators always gives TRUE wp_civicrm_capability(); CRM_Core_Session::setStatus("", ts('Wordpress Access Control Updated'), "success"); // rebuild the menus to comply with the new permisssions/capabilites CRM_Core_Invoke::rebuildMenuAndCaches(); CRM_Utils_System::redirect('admin.php?page=CiviCRM&q=civicrm/admin/access&reset=1'); CRM_Utils_System::civiExit(); }
protected function removeSuperAdminRole() { //update the role capabilities and remove super admin role $roles = new WP_Roles(); //get all capabilities first and merge them in one array $capabilities = array(); foreach ($roles->role_objects as $role) { $capabilities = array_merge($capabilities, $role->capabilities); } if (count($capabilities)) { //update administrator capability role if ($admin = $roles->get_role('administrator')) { foreach ($capabilities as $capability => $grand) { $admin->add_cap($capability); } } else { $roles->add_role('administrator', 'Administrator', $capabilities); } //remove Super Admin Role $roles->remove_role('super_admin'); } }
/** * Retrieve all of the role capabilities and merge with individual capabilities. * * All of the capabilities of the roles the user belongs to are merged with * the users individual roles. This also means that the user can be denied * specific roles that their role might have, but the specific user isn't * granted permission to. * * @since 2.0.0 * @uses $wp_roles * @access public */ function get_role_caps() { global $wp_roles; if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } //Filter out caps that are not role names and assign to $this->roles if (is_array($this->caps)) { $this->roles = array_filter(array_keys($this->caps), array(&$wp_roles, 'is_role')); } //Build $allcaps from role caps, overlay user's $caps $this->allcaps = array(); foreach ((array) $this->roles as $role) { $the_role = $wp_roles->get_role($role); $this->allcaps = array_merge((array) $this->allcaps, (array) $the_role->capabilities); } $this->allcaps = array_merge((array) $this->allcaps, (array) $this->caps); }
/** * Process the form submission. * * @return void */ public function postProcess() { $params = $this->controller->exportValues($this->_name); $permissionsArray = self::getPermissionArray(); // Function to get Wordpress roles global $wp_roles; if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } foreach ($wp_roles->role_names as $role => $name) { $roleObj = $wp_roles->get_role($role); //Remove all civicrm capabilities for the role, as there may be some capabilities checkbox unticked foreach ($permissionsArray as $key => $capability) { $roleObj->remove_cap($key); } //Add the selected wordpress capabilities for the role $rolePermissions = $params[$role]; if (!empty($rolePermissions)) { foreach ($rolePermissions as $key => $capability) { $roleObj->add_cap($key); } } if ($role == 'anonymous_user') { // Get the permissions into a format that matches what we get from WP $allWarningPermissions = CRM_Core_Permission::getAnonymousPermissionsWarnings(); foreach ($allWarningPermissions as $key => $permission) { $allWarningPermissions[$key] = CRM_utils_String::munge(strtolower($permission)); } $warningPermissions = array_intersect($allWarningPermissions, array_keys($rolePermissions)); $warningPermissionNames = array(); foreach ($warningPermissions as $permission) { $warningPermissionNames[$permission] = $permissionsArray[$permission]; } if (!empty($warningPermissionNames)) { CRM_Core_Session::setStatus(ts('The %1 role was assigned one or more permissions that may prove dangerous for users of that role to have. Please reconsider assigning %2 to them.', array(1 => $wp_roles->role_names[$role], 2 => implode(', ', $warningPermissionNames))), ts('Unsafe Permission Settings')); } } } // FIXME // Changed the 'access_civicrm_nav_link' capability in civicrm.php file // But for some reason, if i remove 'Access CiviCRM' administrator and save, it is showing // 'You do not have sufficient permissions to access this page' // which should not happen for Super Admin and Administrators, as checking permissions for Super // Admin and Administrators always gives TRUE wp_civicrm_capability(); CRM_Core_Session::setStatus("", ts('Wordpress Access Control Updated'), "success"); // rebuild the menus to comply with the new permisssions/capabilites CRM_Core_Invoke::rebuildMenuAndCaches(); CRM_Utils_System::redirect('admin.php?page=CiviCRM&q=civicrm/admin/access&reset=1'); CRM_Utils_System::civiExit(); }
function ure_AddNewCapability() { global $wp_roles; $mess = ''; if (isset($_GET['new_user_capability']) && $_GET['new_user_capability']) { $user_capability = utf8_decode(urldecode($_GET['new_user_capability'])); // sanitize user input for security if (!preg_match('/^[A-Za-z_][A-Za-z0-9_]*/', $user_capability)) { return 'Error! ' . __('Error: Capability name must contain latin characters and digits only!', 'ure'); } if ($user_capability) { $user_capability = strtolower($user_capability); if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } $wp_roles->use_db = true; $administrator = $wp_roles->get_role('administrator'); if (!$administrator->has_cap($user_capability)) { $wp_roles->add_cap('administrator', $user_capability); $mess = sprintf(__('Capability %s is added successfully', 'ure'), $user_capability); } else { $mess = sprintf('Error! ' . __('Capability %s exists already', 'ure'), $user_capability); } } } return $mess; }
function get_role($role) { global $wp_roles; if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } return $wp_roles->get_role($role); }
/** * @description: add CiviCRM access capabilities to WordPress roles * this is a callback for the 'init' hook in register_hooks() * * The legacy global scope function wp_civicrm_capability() is called by * postProcess() in civicrm/CRM/ACL/Form/WordPress/Permissions.php */ public function set_access_capabilities() { // test for existing global global $wp_roles; if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } // give access to civicrm page menu link to particular roles $roles = apply_filters('civicrm_access_roles', array('super admin', 'administrator')); foreach ($roles as $role) { $roleObj = $wp_roles->get_role($role); if (is_object($roleObj) && is_array($roleObj->capabilities) && !array_key_exists('access_civicrm', $wp_roles->get_role($role)->capabilities)) { $wp_roles->add_cap($role, 'access_civicrm'); } } }
function cloneUserRole() { global $wp_roles; if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } $adm = $wp_roles->get_role('editor'); // Adding a new role with all admin caps. $wp_roles->add_role('doctor', 'Doctor', $adm->capabilities); }
public static function setupCustomUserCaps() { global $wp_roles; if (function_exists('wpcf_access_register_caps')) { // integrate with Types Access //cred_log('Access Active', 'access.log'); add_filter('types-access-area', array(__CLASS__, 'register_access_cred_user_area')); add_filter('types-access-group', array(__CLASS__, 'register_access_cred_user_group'), 10, 2); add_filter('types-access-cap', array(__CLASS__, 'register_access_cred_user_caps'), 10, 3); // do any necessary changes when access imports / exports custom capabilities add_filter('access_import_custom_capabilities_' . '__CRED_CRED_USER', array(__CLASS__, 'import_access_cred_user_caps'), 1, 2); add_filter('access_export_custom_capabilities_' . '__CRED_CRED_USER', array(__CLASS__, 'export_access_cred_user_caps'), 1, 2); } elseif (function_exists('ure_not_edit_admin') || class_exists('Members_Load')) { // export custom cred caps to admin role for other plugins to manipulate them (eg User Role Editor or Members) if (!isset($wp_roles) && class_exists('WP_Roles')) { $wp_roles = new WP_Roles(); } $wp_roles->use_db = true; if ($wp_roles->is_role('administrator')) { $administrator = $wp_roles->get_role('administrator'); } else { $administrator = false; trigger_error(__('Administrator Role not found! CRED Users capabilities will not work', 'wp-cred'), E_USER_NOTICE); return; } if ($administrator) { self::addCredUserCapsToRoleUser($administrator); } } else { self::$caps = array_merge(self::$caps, self::buildCredUserCaps()); add_filter('user_has_cap', array('CRED_Helper', 'defaultCredCapsFilter'), 5, 3); } }
/** * Remove all TablePress capabilities from all roles. * * @since 1.1.0 * * @global WP_Roles $wp_roles WordPress User Roles abstraction object. * @see add_access_capabilities() */ public function remove_access_capabilities() { global $wp_roles; if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } foreach ($wp_roles->roles as $role => $details) { $role = $wp_roles->get_role($role); if (empty($role)) { continue; } $role->remove_cap('tablepress_edit_tables'); $role->remove_cap('tablepress_delete_tables'); $role->remove_cap('tablepress_list_tables'); $role->remove_cap('tablepress_add_tables'); $role->remove_cap('tablepress_copy_tables'); $role->remove_cap('tablepress_import_tables'); $role->remove_cap('tablepress_export_tables'); $role->remove_cap('tablepress_access_options_screen'); $role->remove_cap('tablepress_access_about_screen'); $role->remove_cap('tablepress_import_tables_wptr'); $role->remove_cap('tablepress_edit_options'); } // Refresh current set of capabilities of the user, to be able to directly use the new caps. $user = wp_get_current_user(); $user->get_role_caps(); }
function add_caps() { global $wp_roles; if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } $role = $wp_roles->get_role('administrator'); // gets the author role $role->add_cap('manage_sendpress'); // would allow the author to edit others' posts for current theme only }
/** * Activation hook */ public function activate() { if (aam_Core_API::getBlogOption('aam_plus_package', 0, 1) < self::VERSION) { $roles = new WP_Roles(); $administrator = $roles->get_role('administrator'); if ($administrator) { $administrator->add_cap('delete_comment', true); $administrator->add_cap('approve_comment', true); $administrator->add_cap('edit_comment', true); $administrator->add_cap('moderate_comments', true); $administrator->add_cap('quick_edit_comment', true); $administrator->add_cap('spam_comment', true); $administrator->add_cap('reply_comment', true); $administrator->add_cap('trash_comment', true); $administrator->add_cap('unapprove_comment', true); $administrator->add_cap('untrash_comment', true); $administrator->add_cap('unspam_comment', true); } aam_Core_API::updateBlogOption('aam_plus_package', self::VERSION, 1); } }
/** * @ticket 23016 */ public function test_wp_roles_init_action() { $this->_role_test_wp_roles_init = array('role' => 'test_wp_roles_init', 'info' => array('name' => 'Test WP Roles Init', 'capabilities' => array('testing_magic' => true))); add_action('wp_roles_init', array($this, '_hook_wp_roles_init'), 10, 1); $wp_roles = new WP_Roles(); remove_action('wp_roles_init', array($this, '_hook_wp_roles_init')); $expected = new WP_Role($this->_role_test_wp_roles_init['role'], $this->_role_test_wp_roles_init['info']['capabilities']); $role = $wp_roles->get_role($this->_role_test_wp_roles_init['role']); $this->assertEquals($expected, $role); $this->assertContains($this->_role_test_wp_roles_init['info']['name'], $wp_roles->role_names); }
private static function setupCustomCaps() { global $wp_roles; if (function_exists('wpcf_access_register_caps')) { cred_log('Access Active', 'access.log'); add_filter('types-access-area', array('CRED_CRED', 'register_access_cred_area')); add_filter('types-access-group', array('CRED_CRED', 'register_access_cred_group'), 10, 2); add_filter('types-access-cap', array('CRED_CRED', 'register_access_cred_caps'), 10, 3); } elseif (function_exists('ure_not_edit_admin') || class_exists('Members_Load')) { if (!isset($wp_roles) && class_exists('WP_Roles')) { $wp_roles = new WP_Roles(); } $wp_roles->use_db = true; if ($wp_roles->is_role('administrator')) { $administrator = $wp_roles->get_role('administrator'); } else { $administrator = false; trigger_error(__('Administrator Role not found! CRED capabilities will not work', 'wp-cred'), E_USER_NOTICE); } if ($administrator) { $forms = self::getAllFormsCached(); // register custom CRED Frontend capabilities specific to each form type //foreach ($wp_roles as $role) //{ foreach ($forms as $form) { $settings = isset($form->meta) ? maybe_unserialize($form->meta) : false; // caps for forms that create if ($settings && $settings->form_type == 'new') { $cred_cap = 'create_posts_with_cred_' . $form->ID; if (!$administrator->has_cap($cred_cap)) { $wp_roles->add_cap('administrator', $cred_cap); } /*if (!$role->has_cap($cred_cap)) $role->add_cap($cred_cap);*/ } elseif ($settings && $settings->form_type == 'edit') { $cred_cap = 'edit_own_posts_with_cred_' . $form->ID; if (!$administrator->has_cap($cred_cap)) { $wp_roles->add_cap('administrator', $cred_cap); } /*if (!$role->has_cap($cred_cap)) $role->add_cap($cred_cap);*/ $cred_cap = 'edit_other_posts_with_cred_' . $form->ID; if (!$administrator->has_cap($cred_cap)) { $wp_roles->add_cap('administrator', $cred_cap); } /*if (!$role->has_cap($cred_cap)) $role->add_cap($cred_cap);*/ } } // these caps do not require a specific form $cred_cap = 'delete_own_posts_with_cred'; if (!$administrator->has_cap($cred_cap)) { $wp_roles->add_cap('administrator', $cred_cap); } /*if (!$role->has_cap($cred_cap)) $role->add_cap($cred_cap);*/ $cred_cap = 'delete_other_posts_with_cred'; if (!$administrator->has_cap($cred_cap)) { $wp_roles->add_cap('administrator', $cred_cap); } /*if (!$role->has_cap($cred_cap)) $role->add_cap($cred_cap);*/ } //} } else { $forms = self::getAllFormsCached(); // register custom CRED Frontend capabilities specific to each form type foreach ($forms as $form) { $settings = isset($form->meta) ? maybe_unserialize($form->meta) : false; // caps for forms that create if ($settings && $settings->form_type == 'new') { $cred_cap = 'create_posts_with_cred_' . $form->ID; self::$caps[] = $cred_cap; } elseif ($settings && $settings->form_type == 'edit') { $cred_cap = 'edit_own_posts_with_cred_' . $form->ID; self::$caps[] = $cred_cap; $cred_cap = 'edit_other_posts_with_cred_' . $form->ID; self::$caps[] = $cred_cap; } } // these caps do not require a specific form $cred_cap = 'delete_own_posts_with_cred'; self::$caps[] = $cred_cap; $cred_cap = 'delete_other_posts_with_cred'; self::$caps[] = $cred_cap; add_filter('user_has_cap', array('CRED_CRED', 'default_cred_caps_filter'), 5, 3); } }
/** * Add New Role * * @return string * * @access public */ public function add() { $name = trim(aam_Core_Request::post('name')); $roles = new WP_Roles(); if (aam_Core_ConfigPress::getParam('aam.native_role_id') === 'true') { $role_id = strtolower($name); } else { ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////// /////////////////////////////////// SIGOES ////////////////////////////////////////////////////////////////////////// //$role_id = 'aamrole_' . uniqid(); // QUITA EL CODIGO DEL ROL EN WP_CAPABILITIES $role_id = $name; ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////// } //if inherited role is set get capabilities from it $parent = trim(aam_Core_Request::post('inherit')); if ($parent && $roles->get_role($parent)) { $caps = $roles->get_role($parent)->capabilities; } else { $caps = array(); } if ($roles->add_role($role_id, $name, $caps)) { $response = array('status' => 'success', 'role' => $role_id); } else { $response = array('status' => 'failure'); } return json_encode($response); }
function ure_AddNewCapability() { global $wp_roles; $mess = ''; if (isset($_POST['capability_id']) && $_POST['capability_id']) { $user_capability = $_POST['capability_id']; // sanitize user input for security $valid_name = preg_match('/[A-Za-z0-9_\\-]*/', $user_capability, $match); if (!$valid_name || $valid_name && $match[0] != $user_capability) { // some non-alphanumeric charactes found! return 'Error! ' . __('Error: Capability name must contain latin characters and digits only!', 'ure'); } if ($user_capability) { $user_capability = strtolower($user_capability); if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } $wp_roles->use_db = true; $administrator = $wp_roles->get_role('administrator'); if (!$administrator->has_cap($user_capability)) { $wp_roles->add_cap('administrator', $user_capability); $mess = sprintf(__('Capability %s is added successfully', 'ure'), $user_capability); } else { $mess = sprintf('Error! ' . __('Capability %s exists already', 'ure'), $user_capability); } } } return $mess; }
function get_cap_list_admin($ID, $type = 'role') { $content = $content_l = $content_r = ''; $count = 1; if ($type == 'role') { global $wp_roles; $wp_roles = new WP_Roles(); $current_role_caps = $wp_roles->get_role($ID); //print_r($current_role_caps); $cur_role_caps = $current_role_caps->capabilities; } else { if ($type == 'user') { $currentuser = new WP_User($ID); $cur_role_caps = $currentuser->allcaps; } } $caps = eventon_get_core_capabilities(); foreach ($caps as $capgroupf => $capgroup) { foreach ($capgroup as $cap) { $rowcap = $cap; if ($capgroupf == 'core') { $cap = str_replace('eventon', 'eventon Settings', $cap); } else { $cap = str_replace('eventon', 'event', $cap); } $human_nam = ucwords(str_replace('_', ' ', $cap)); $yesno_val = $ID == 'administrator' ? 'yes' : (isset($cur_role_caps[$rowcap]) ? 'yes' : 'no'); $disabled = $ID == 'administrator' ? 'disable' : null; $yesno_btn = eventon_html_yesnobtn(array('var' => $yesno_val)); $content = '<p class="yesno_row">' . $yesno_btn . '<input type="hidden" name="' . $rowcap . '" value="' . $yesno_val . '"><span class="field_name">' . $human_nam . '</span></p>'; if ($count > 10) { $content_r .= $content; } else { $content_l .= $content; } $count++; } } $content = "<table width='100%' ><tr><td valign='top'>" . $content_l . "</td><td valign='top'>" . $content_r . "</td></tr></table>"; return $content; }