コード例 #1
0
function orbis_update_roles($roles)
{
    global $wp_roles;
    if (!isset($wp_roles)) {
        $wp_roles = new WP_Roles();
    }
    foreach ($roles as $role => $data) {
        if (isset($data['display_name'], $data['capabilities'])) {
            $display_name = $data['display_name'];
            $capabilities = $data['capabilities'];
            if ($wp_roles->is_role($role)) {
                foreach ($capabilities as $cap => $grant) {
                    $wp_roles->add_cap($role, $cap, $grant);
                }
            } else {
                $wp_roles->add_role($role, $display_name, $capabilities);
            }
        }
    }
}
コード例 #2
0
ファイル: ure-lib.php プロジェクト: kitfrench/Futurestep
function ure_newRoleCreate(&$ure_currentRole)
{
    global $wp_roles;
    $mess = '';
    $ure_currentRole = '';
    if (isset($_GET['user_role']) && $_GET['user_role']) {
        $user_role = utf8_decode(urldecode($_GET['user_role']));
        // sanitize user input for security
        $valid_name = preg_match('/^[A-Za-z_][A-Za-z0-9_]*/', $user_role, $match);
        if (!$valid_name || $valid_name && $match[0] != $user_role) {
            // some non-alphanumeric charactes found!
            return __('Error: Role name must contain latin characters and digits only!', 'ure');
        }
        if ($user_role) {
            if (!isset($wp_roles)) {
                $wp_roles = new WP_Roles();
            }
            if (isset($wp_roles->roles[$user_role])) {
                return sprintf('Error! ' . __('Role %s exists already', 'ure'), $user_role);
            }
            // add new role to the roles array
            $ure_currentRole = strtolower($user_role);
            $user_role_copy_from = isset($_GET['user_role_copy_from']) ? $_GET['user_role_copy_from'] : false;
            if (!empty($user_role_copy_from) && $user_role_copy_from != 'none' && $wp_roles->is_role($user_role_copy_from)) {
                $role = $wp_roles->get_role($user_role_copy_from);
                $capabilities = $role->capabilities;
            } else {
                $capabilities = array('read' => 1, 'level_0' => 1);
            }
            $result = add_role($ure_currentRole, $user_role, $capabilities);
            if (!isset($result) || !$result) {
                $mess = 'Error! ' . __('Error is encountered during new role create operation', 'ure');
            } else {
                $mess = sprintf(__('Role %s is created successfully', 'ure'), $user_role);
            }
        }
    }
    return $mess;
}
コード例 #3
0
 /**
  * process new role create request
  * 
  * @global WP_Roles $wp_roles
  * 
  * @return string   - message about operation result
  * 
  */
 protected function add_new_role()
 {
     global $wp_roles;
     if (!current_user_can('ure_create_roles')) {
         return esc_html__('Insufficient permissions to work with User Role Editor', 'user-role-editor');
     }
     $mess = '';
     $this->current_role = '';
     if (isset($_POST['user_role_id']) && $_POST['user_role_id']) {
         $user_role_id = utf8_decode($_POST['user_role_id']);
         // sanitize user input for security
         $valid_name = preg_match('/[A-Za-z0-9_\\-]*/', $user_role_id, $match);
         if (!$valid_name || $valid_name && $match[0] != $user_role_id) {
             // some non-alphanumeric charactes found!
             return esc_html__('Error: Role ID must contain latin characters, digits, hyphens or underscore only!', 'user-role-editor');
         }
         $numeric_name = preg_match('/[0-9]*/', $user_role_id, $match);
         if ($numeric_name && $match[0] == $user_role_id) {
             // numeric name discovered
             return esc_html__('Error: WordPress does not support numeric Role name (ID). Add latin characters to it.', 'user-role-editor');
         }
         if ($user_role_id) {
             $user_role_name = isset($_POST['user_role_name']) ? $_POST['user_role_name'] : false;
             if (!empty($user_role_name)) {
                 $user_role_name = sanitize_text_field($user_role_name);
             } else {
                 $user_role_name = $user_role_id;
                 // as user role name is empty, use user role ID instead
             }
             if (!isset($wp_roles)) {
                 $wp_roles = new WP_Roles();
             }
             if (isset($wp_roles->roles[$user_role_id])) {
                 return sprintf('Error! ' . esc_html__('Role %s exists already', 'user-role-editor'), $user_role_id);
             }
             $user_role_id = strtolower($user_role_id);
             $this->current_role = $user_role_id;
             $user_role_copy_from = isset($_POST['user_role_copy_from']) ? $_POST['user_role_copy_from'] : false;
             if (!empty($user_role_copy_from) && $user_role_copy_from != 'none' && $wp_roles->is_role($user_role_copy_from)) {
                 $role = $wp_roles->get_role($user_role_copy_from);
                 $capabilities = $this->remove_caps_not_allowed_for_single_admin($role->capabilities);
             } else {
                 $capabilities = array('read' => true, 'level_0' => true);
             }
             // add new role to the roles array
             $result = add_role($user_role_id, $user_role_name, $capabilities);
             if (!isset($result) || empty($result)) {
                 $mess = 'Error! ' . esc_html__('Error is encountered during new role create operation', 'user-role-editor');
             } else {
                 $mess = sprintf(esc_html__('Role %s is created successfully', 'user-role-editor'), $user_role_name);
             }
         }
     }
     return $mess;
 }
コード例 #4
0
 /**
  * Updates a specific Wordpress user account
  * 
  * @param string $username
  * @param array $userinfo
  * @param string $display_name
  * @param string $role
  * @param string $password
  * @return integer user_id
  */
 protected function _update_user($username, $userinfo, $display_name = '', $role = '', $password = '', $bulkimport = false)
 {
     global $wp_version;
     $info = $this->_create_info_array($userinfo);
     // get UPN suffix
     $parts = explode('@', $info['userprincipalname']);
     if (isset($parts[1])) {
         $account_suffix = '@' . $parts[1];
     } else {
         $account_suffix = '';
     }
     if (isset($info['mail'])) {
         $email = $info['mail'];
     } else {
         $email = '';
     }
     if ($email == '') {
         if (trim($this->_default_email_domain) != '') {
             $email = $username . '@' . $this->_default_email_domain;
         } else {
             if (strpos($username, '@') !== false) {
                 $email = $username;
             }
         }
     }
     if ($this->_append_suffix_to_new_users) {
         $username .= $account_suffix;
     }
     $this->_log(ADI_LOG_NOTICE, 'Updating user "' . $username . "\" with following data:\n" . "- email         : {$email}\n" . "- first name    : " . $info['givenname'] . "\n" . "- last name     : " . $info['sn'] . "\n" . "- display name  : {$display_name}\n" . "- account suffix: {$account_suffix}\n" . "- role          : {$role}");
     if (version_compare($wp_version, '3.1', '<')) {
         require_once ABSPATH . WPINC . DIRECTORY_SEPARATOR . 'registration.php';
     }
     $user_id = username_exists($username);
     if ($user_id === false) {
         return false;
     }
     $this->_log(ADI_LOG_NOTICE, '- user_id       : ' . $user_id);
     if (!$user_id) {
         $this->_log(ADI_LOG_FATAL, 'Error updating user.');
         die('Error updating user!');
     } else {
         update_user_meta($user_id, 'first_name', $info['givenname']);
         update_user_meta($user_id, 'last_name', $info['sn']);
         if ($this->_auto_update_description) {
             update_user_meta($user_id, 'description', $info['description']);
         }
         // set display_name
         if ($display_name != '') {
             wp_update_user(array('ID' => $user_id, 'display_name' => $display_name));
         }
         // set role
         if ($role != '') {
             $roles = new WP_Roles();
             if ($roles->is_role($role)) {
                 // Updates role only if role exists
                 wp_update_user(array('ID' => $user_id, 'role' => $role));
             } else {
                 $this->_log(ADI_LOG_WARN, 'Role "' . $role . '" currently does not exist in WordPress. Role of "' . $username . '" is not set.');
             }
         }
         // set email if not empty
         if ($email != '') {
             // if we allow duplicate email addresses just set it
             if ($this->_duplicate_email_prevention == ADI_DUPLICATE_EMAIL_ADDRESS_ALLOW) {
                 $return = wp_update_user(array('ID' => $user_id, 'user_email' => $email));
             } else {
                 // duplicate email addresses disallowed
                 // if we don't have a conflict, just set it
                 if (!email_exists($email)) {
                     $return = wp_update_user(array('ID' => $user_id, 'user_email' => $email));
                 } else {
                     // we have a conflict, so only update when the "create" option is set
                     if ($this->_duplicate_email_prevention == ADI_DUPLICATE_EMAIL_ADDRESS_CREATE) {
                         $userdata = get_userdata($user_id);
                         // only update if the email is not already set
                         if ($userdata->user_email == '') {
                             $new_email = $this->_create_non_duplicate_email($email);
                             $this->_log(ADI_LOG_NOTICE, "Duplicate email address prevention: Email changed from {$email} to {$new_email}.");
                             $return = wp_update_user(array('ID' => $user_id, 'user_email' => $new_email));
                         } else {
                             $this->_log(ADI_LOG_NOTICE, "Duplicate email address prevention: Existing email " . $userdata->user_email . " left unchanged.");
                         }
                     }
                 }
             }
         }
     }
     // Update password if needed (NOT on Bulk Import)
     if ($this->_auto_update_password === true && $bulkimport === false) {
         $this->_log(ADI_LOG_NOTICE, 'Setting local password to the one used for this login.');
         @wp_update_user(array('ID' => $user_id, 'user_pass' => $password));
         // can lead to notices so we use @
     }
     // Important for SyncBack: store account suffix in user meta
     update_user_meta($user_id, 'ad_integration_account_suffix', $account_suffix);
     // Update User Meta
     if ($this->_write_usermeta === true) {
         $attributes = $this->_get_attributes_array();
         // load attribute informations: type, metakey, description
         foreach ($info as $attribute => $value) {
             // conversion/formatting
             $type = $attributes[$attribute]['type'];
             $metakey = $attributes[$attribute]['metakey'];
             $value = $this->_format_attribute_value($type, $value);
             if (trim($value) != '' || $this->_usermeta_empty_overwrite == true) {
                 $this->_log(ADI_LOG_DEBUG, "{$attribute} = {$value} / type = {$type} / meta key = {$metakey}");
                 // store it
                 update_user_meta($user_id, $metakey, $value);
             } else {
                 $this->_log(ADI_LOG_DEBUG, "{$attribute} is empty. Local value of meta key {$metakey} left unchanged.");
             }
         }
     }
     // log errors
     if (isset($return)) {
         if (is_wp_error($return)) {
             $this->_log(ADI_LOG_ERROR, $return->get_error_message());
         }
     }
     return $user_id;
 }
コード例 #5
0
/**
 * Render the capabilities metabox for user profile screen
 *
 * @since 0.1.0
 *
 * @param WP_User $user The WP_User object to be edited.
 */
function wp_user_profiles_additional_capabilities_metabox($user = null)
{
    // Get the roles global
    $wp_roles = new WP_Roles();
    ?>

	<table class="form-table">

		<?php 
    if (is_multisite() && is_network_admin() && !IS_PROFILE_PAGE && current_user_can('manage_network_options') && !isset($GLOBALS['super_admins'])) {
        ?>

			<tr class="user-super-admin-wrap"><th><?php 
        esc_html_e('Super Admin', 'wp-user-profiles');
        ?>
</th>
				<td>

					<?php 
        if ($user->user_email !== get_site_option('admin_email') || !is_super_admin($user->ID)) {
            ?>

						<p>
							<label>
								<input type="checkbox" id="super_admin" name="super_admin"<?php 
            checked(is_super_admin($user->ID));
            ?>
 />
								<?php 
            esc_html_e('Grant this user super admin privileges for the Network.', 'wp-user-profiles');
            ?>
							</label>
						</p>

					<?php 
        } else {
            ?>

						<p><?php 
            esc_html_e('Super admin privileges cannot be removed because this user has the network admin email.', 'wp-user-profiles');
            ?>
</p>

					<?php 
        }
        ?>

				</td>
			</tr>

		<?php 
    }
    ?>

		<tr class="user-capabilities-wrap">
			<th scope="row"><?php 
    esc_html_e('Capabilities', 'wp-user-profiles');
    ?>
</th>
			<td>
				<?php 
    $output = '';
    foreach ($user->caps as $cap => $value) {
        if (!$wp_roles->is_role($cap)) {
            if ('' !== $output) {
                $output .= ', ';
            }
            $output .= $value ? sprintf(esc_html__('Allowed: %s', 'wp-user-profiles'), $cap) : sprintf(esc_html__('Denied: %s', 'wp-user-profiles'), $cap);
        }
    }
    if (!empty($output)) {
        echo $output;
    } else {
        esc_html_e('No additional capabilities', 'wp-user-profiles');
    }
    ?>
			</td>
		</tr>
	</table>

<?php 
}
コード例 #6
0
ファイル: authLdap.php プロジェクト: heiglandreas/authLdap
/**
 * This method authenticates a user using either the LDAP or, if LDAP is not
 * available, the local database
 *
 * For this we store the hashed passwords in the WP_Database to ensure working
 * conditions even without an LDAP-Connection
 *
 * @param null|WP_User|WP_Error
 * @param string $username
 * @param string $password
 * @param boolean $already_md5
 * @return boolean true, if login was successfull or false, if it wasn't
 * @conf boolean authLDAP true, if authLDAP should be used, false if not. Defaults to false
 * @conf string authLDAPFilter LDAP filter to use to find correct user, defaults to '(uid=%s)'
 * @conf string authLDAPNameAttr LDAP attribute containing user (display) name, defaults to 'name'
 * @conf string authLDAPSecName LDAP attribute containing second name, defaults to ''
 * @conf string authLDAPMailAttr LDAP attribute containing user e-mail, defaults to 'mail'
 * @conf string authLDAPUidAttr LDAP attribute containing user id (the username we log on with), defaults to 'uid'
 * @conf string authLDAPWebAttr LDAP attribute containing user website, defaults to ''
 * @conf string authLDAPDefaultRole default role for authenticated user, defaults to ''
 * @conf boolean authLDAPGroupEnable true, if we try to map LDAP groups to Wordpress roles
 * @conf boolean authLDAPGroupOverUser true, if LDAP Groups have precedence over existing user roles
 */
function authLdap_login($user, $username, $password, $already_md5 = false)
{
    // don't do anything when authLDAP is disabled
    if (!authLdap_get_option('Enabled')) {
        authLdap_debug('LDAP disabled in AuthLDAP plugin options (use the first option in the AuthLDAP options to enable it)');
        return $user;
    }
    // If the user has already been authenticated (only in that case we get a
    // WP_User-Object as $user) we skip LDAP-authentication and simply return
    // the existing user-object
    if ($user instanceof WP_User) {
        authLdap_debug(sprintf('User %s has already been authenticated - skipping LDAP-Authentication', $user->get('nickname')));
        return $user;
    }
    authLdap_debug("User '{$username}' logging in");
    if ($username == 'admin') {
        authLdap_debug('Doing nothing for possible local user admin');
        return $user;
    }
    global $wpdb, $error;
    try {
        $authLDAP = authLdap_get_option('Enabled');
        $authLDAPFilter = authLdap_get_option('Filter');
        $authLDAPNameAttr = authLdap_get_option('NameAttr');
        $authLDAPSecName = authLdap_get_option('SecName');
        $authLDAPMailAttr = authLdap_get_option('MailAttr');
        $authLDAPUidAttr = authLdap_get_option('UidAttr');
        $authLDAPWebAttr = authLdap_get_option('WebAttr');
        $authLDAPDefaultRole = authLdap_get_option('DefaultRole');
        $authLDAPGroupEnable = authLdap_get_option('GroupEnable');
        $authLDAPGroupOverUser = authLdap_get_option('GroupOverUser');
        if (!$username) {
            authLdap_debug('Username not supplied: return false');
            return false;
        }
        if (!$password) {
            authLdap_debug('Password not supplied: return false');
            $error = __('<strong>Error</strong>: The password field is empty.');
            return false;
        }
        // First check for valid values and set appropriate defaults
        if (!$authLDAPFilter) {
            $authLDAPFilter = '(uid=%s)';
        }
        if (!$authLDAPNameAttr) {
            $authLDAPNameAttr = 'name';
        }
        if (!$authLDAPMailAttr) {
            $authLDAPMailAttr = 'mail';
        }
        if (!$authLDAPUidAttr) {
            $authLDAPUidAttr = 'uid';
        }
        // If already_md5 is TRUE, then we're getting the user/password from the cookie. As we don't want to store LDAP passwords in any
        // form, we've already replaced the password with the hashed username and LDAP_COOKIE_MARKER
        if ($already_md5) {
            if ($password == md5($username) . md5($ldapCookieMarker)) {
                authLdap_debug('cookie authentication');
                return true;
            }
        }
        // No cookie, so have to authenticate them via LDAP
        $result = false;
        try {
            authLdap_debug('about to do LDAP authentication');
            $result = authLdap_get_server()->Authenticate($username, $password, $authLDAPFilter);
        } catch (Exception $e) {
            authLdap_debug('LDAP authentication failed with exception: ' . $e->getMessage());
            return false;
        }
        // Rebind with the default credentials after the user has been loged in
        // Otherwise the credentials of the user trying to login will be used
        // This fixes #55
        authLdap_get_server()->bind();
        if (true !== $result) {
            authLdap_debug('LDAP authentication failed');
            // TODO what to return? WP_User object, true, false, even an WP_Error object... all seem to fall back to normal wp user authentication
            return;
        }
        authLdap_debug('LDAP authentication successfull');
        $attributes = array_values(array_filter(array($authLDAPNameAttr, $authLDAPSecName, $authLDAPMailAttr, $authLDAPWebAttr, $authLDAPUidAttr)));
        try {
            $attribs = authLdap_get_server()->search(sprintf($authLDAPFilter, $username), $attributes);
            // First get all the relevant group informations so we can see if
            // whether have been changes in group association of the user
            if (!isset($attribs[0]['dn'])) {
                authLdap_debug('could not get user attributes from LDAP');
                throw new UnexpectedValueException('dn has not been returned');
            }
            if (!isset($attribs[0][strtolower($authLDAPUidAttr)][0])) {
                authLdap_debug('could not get user attributes from LDAP');
                throw new UnexpectedValueException('The user-ID attribute has not been returned');
            }
            $dn = $attribs[0]['dn'];
            $realuid = $attribs[0][strtolower($authLDAPUidAttr)][0];
        } catch (Exception $e) {
            authLdap_debug('Exception getting LDAP user: '******'';
        // we only need this if either LDAP groups are disabled or
        // if the WordPress role of the user overrides LDAP groups
        if (!$authLDAPGroupEnable || !$authLDAPGroupOverUser) {
            $role = authLdap_user_role($uid);
        }
        // do LDAP group mapping if needed
        // (if LDAP groups override worpress user role, $role is still empty)
        if (empty($role) && $authLDAPGroupEnable) {
            $role = authLdap_groupmap($realuid, $dn);
            authLdap_debug('role from group mapping: ' . $role);
        }
        // if we don't have a role yet, use default role
        if (empty($role) && !empty($authLDAPDefaultRole)) {
            authLdap_debug('no role yet, set default role');
            $role = $authLDAPDefaultRole;
        }
        if (empty($role)) {
            // Sorry, but you are not in any group that is allowed access
            trigger_error('no group found');
            authLdap_debug('user is not in any group that is allowed access');
            return false;
        } else {
            $roles = new WP_Roles();
            // not sure if this is needed, but it can't hurt
            if (!$roles->is_role($role)) {
                trigger_error('no group found');
                authLdap_debug('role is invalid');
                return false;
            }
        }
        // from here on, the user has access!
        // now, lets update some user details
        $user_info = array();
        $user_info['user_login'] = $realuid;
        $user_info['role'] = $role;
        $user_info['user_email'] = '';
        // first name
        if (isset($attribs[0][strtolower($authLDAPNameAttr)][0])) {
            $user_info['first_name'] = $attribs[0][strtolower($authLDAPNameAttr)][0];
        }
        // last name
        if (isset($attribs[0][strtolower($authLDAPSecName)][0])) {
            $user_info['last_name'] = $attribs[0][strtolower($authLDAPSecName)][0];
        }
        // mail address
        if (isset($attribs[0][strtolower($authLDAPMailAttr)][0])) {
            $user_info['user_email'] = $attribs[0][strtolower($authLDAPMailAttr)][0];
        }
        // website
        if (isset($attribs[0][strtolower($authLDAPWebAttr)][0])) {
            $user_info['user_url'] = $attribs[0][strtolower($authLDAPWebAttr)][0];
        }
        // display name, nickname, nicename
        if (array_key_exists('first_name', $user_info)) {
            $user_info['display_name'] = $user_info['first_name'];
            $user_info['nickname'] = $user_info['first_name'];
            $user_info['user_nicename'] = sanitize_title_with_dashes($user_info['first_name']);
            if (array_key_exists('last_name', $user_info)) {
                $user_info['display_name'] .= ' ' . $user_info['last_name'];
                $user_info['nickname'] .= ' ' . $user_info['last_name'];
                $user_info['user_nicename'] .= '_' . sanitize_title_with_dashes($user_info['last_name']);
            }
        }
        // optionally store the password into the wordpress database
        if (authLdap_get_option('CachePW')) {
            // Password will be hashed inside wp_update_user or wp_insert_user
            $user_info['user_pass'] = $password;
        } else {
            // clear the password
            $user_info['user_pass'] = '';
        }
        // add uid if user exists
        if ($uid) {
            // found user in the database
            authLdap_debug('The LDAP user has an entry in the WP-Database');
            $user_info['ID'] = $uid;
            unset($user_info['display_name'], $user_info['nickname']);
            $userid = wp_update_user($user_info);
        } else {
            // new wordpress account will be created
            authLdap_debug('The LDAP user does not have an entry in the WP-Database, a new WP account will be created');
            $userid = wp_insert_user($user_info);
        }
        // if the user exists, wp_insert_user will update the existing user record
        if (is_wp_error($userid)) {
            authLdap_debug('Error creating user : '******'Error creating user: '******'user id = ' . $userid);
        // flag the user as an ldap user so we can hide the password fields in the user profile
        update_user_meta($userid, 'authLDAP', true);
        // return a user object upon positive authorization
        return new WP_User($userid);
    } catch (Exception $e) {
        authLdap_debug($e->getMessage() . '. Exception thrown in line ' . $e->getLine());
        trigger_error($e->getMessage() . '. Exception thrown in line ' . $e->getLine());
    }
}
コード例 #7
0
ファイル: Install.php プロジェクト: robbiespire/paQui
	/**
	 * Installed roles and capabilities used for Ecart
	 *
	 * Capabilities						Role
	 * _______________________________________________
	 *
	 * ecart_settings					admin
	 * ecart_settings_checkout
	 * ecart_settings_payments
	 * ecart_settings_shipping
	 * ecart_settings_taxes
	 * ecart_settings_presentation
	 * ecart_settings_system
	 * ecart_settings_update
	 * ecart_financials					merchant
	 * ecart_promotions
	 * ecart_products
	 * ecart_categories
	 * ecart_orders						ecart-csr
	 * ecart_customers
	 * ecart_menu
	 *
	 * @author John Dillick
	 * @since 1.1
	 *
	 **/
	function roles () {
		global $wp_roles; // WP_Roles roles container
		if(!$wp_roles) $wp_roles = new WP_Roles();
		$ecart_roles = array('administrator'=>'Administrator', 'ecart-merchant'=>__('Merchant','Ecart'), 'ecart-csr'=>__('Customer Service Rep','Ecart'));
		$caps['ecart-csr'] = array('ecart_customers', 'ecart_orders','ecart_menu','read');
		$caps['ecart-merchant'] = array_merge($caps['ecart-csr'],
			array('ecart_categories',
				'ecart_products',
				'ecart_promotions',
				'ecart_financials',
				'ecart_export_orders',
				'ecart_export_customers',
				'ecart_delete_orders',
				'ecart_delete_customers'));
		$caps['administrator'] = array_merge($caps['ecart-merchant'],
			array('ecart_settings_update',
				'ecart_settings_system',
				'ecart_settings_presentation',
				'ecart_settings_taxes',
				'ecart_settings_shipping',
				'ecart_settings_payments',
				'ecart_settings_checkout',
				'ecart_settings'));
		$wp_roles->remove_role('ecart-csr');
		$wp_roles->remove_role('ecart-merchant');

		foreach($ecart_roles as $role => $display) {
			if($wp_roles->is_role($role)) {
				foreach($caps[$role] as $cap) $wp_roles->add_cap($role, $cap, true);
			} else {
				$wp_roles->add_role($role, $display, array_combine($caps[$role],array_fill(0,count($caps[$role]),true)));
			}
		}
	}
コード例 #8
0
ファイル: CRED.php プロジェクト: adisonc/MaineLearning
 private static function setupCustomCaps()
 {
     global $wp_roles;
     if (function_exists('wpcf_access_register_caps')) {
         cred_log('Access Active', 'access.log');
         add_filter('types-access-area', array('CRED_CRED', 'register_access_cred_area'));
         add_filter('types-access-group', array('CRED_CRED', 'register_access_cred_group'), 10, 2);
         add_filter('types-access-cap', array('CRED_CRED', 'register_access_cred_caps'), 10, 3);
     } elseif (function_exists('ure_not_edit_admin') || class_exists('Members_Load')) {
         if (!isset($wp_roles) && class_exists('WP_Roles')) {
             $wp_roles = new WP_Roles();
         }
         $wp_roles->use_db = true;
         if ($wp_roles->is_role('administrator')) {
             $administrator = $wp_roles->get_role('administrator');
         } else {
             $administrator = false;
             trigger_error(__('Administrator Role not found! CRED capabilities will not work', 'wp-cred'), E_USER_NOTICE);
         }
         if ($administrator) {
             $forms = self::getAllFormsCached();
             // register custom CRED Frontend capabilities specific to each form type
             //foreach ($wp_roles as $role)
             //{
             foreach ($forms as $form) {
                 $settings = isset($form->meta) ? maybe_unserialize($form->meta) : false;
                 // caps for forms that create
                 if ($settings && $settings->form_type == 'new') {
                     $cred_cap = 'create_posts_with_cred_' . $form->ID;
                     if (!$administrator->has_cap($cred_cap)) {
                         $wp_roles->add_cap('administrator', $cred_cap);
                     }
                     /*if (!$role->has_cap($cred_cap))
                       $role->add_cap($cred_cap);*/
                 } elseif ($settings && $settings->form_type == 'edit') {
                     $cred_cap = 'edit_own_posts_with_cred_' . $form->ID;
                     if (!$administrator->has_cap($cred_cap)) {
                         $wp_roles->add_cap('administrator', $cred_cap);
                     }
                     /*if (!$role->has_cap($cred_cap))
                       $role->add_cap($cred_cap);*/
                     $cred_cap = 'edit_other_posts_with_cred_' . $form->ID;
                     if (!$administrator->has_cap($cred_cap)) {
                         $wp_roles->add_cap('administrator', $cred_cap);
                     }
                     /*if (!$role->has_cap($cred_cap))
                       $role->add_cap($cred_cap);*/
                 }
             }
             // these caps do not require a specific form
             $cred_cap = 'delete_own_posts_with_cred';
             if (!$administrator->has_cap($cred_cap)) {
                 $wp_roles->add_cap('administrator', $cred_cap);
             }
             /*if (!$role->has_cap($cred_cap))
               $role->add_cap($cred_cap);*/
             $cred_cap = 'delete_other_posts_with_cred';
             if (!$administrator->has_cap($cred_cap)) {
                 $wp_roles->add_cap('administrator', $cred_cap);
             }
             /*if (!$role->has_cap($cred_cap))
               $role->add_cap($cred_cap);*/
         }
         //}
     } else {
         $forms = self::getAllFormsCached();
         // register custom CRED Frontend capabilities specific to each form type
         foreach ($forms as $form) {
             $settings = isset($form->meta) ? maybe_unserialize($form->meta) : false;
             // caps for forms that create
             if ($settings && $settings->form_type == 'new') {
                 $cred_cap = 'create_posts_with_cred_' . $form->ID;
                 self::$caps[] = $cred_cap;
             } elseif ($settings && $settings->form_type == 'edit') {
                 $cred_cap = 'edit_own_posts_with_cred_' . $form->ID;
                 self::$caps[] = $cred_cap;
                 $cred_cap = 'edit_other_posts_with_cred_' . $form->ID;
                 self::$caps[] = $cred_cap;
             }
         }
         // these caps do not require a specific form
         $cred_cap = 'delete_own_posts_with_cred';
         self::$caps[] = $cred_cap;
         $cred_cap = 'delete_other_posts_with_cred';
         self::$caps[] = $cred_cap;
         add_filter('user_has_cap', array('CRED_CRED', 'default_cred_caps_filter'), 5, 3);
     }
 }
コード例 #9
0
 /**
  * Adds specified cap(s) to specified role(s)
  *
  * @param String/Array $role_names Role name(s)
  * @param String/Array $caps Capability(-es) to add.
  */
 function add_caps($role_names, $caps)
 {
     $role = new WP_Roles();
     if (!is_array($role_names)) {
         $role_names = array($role_names);
     }
     # add_cap() writes to database on every call if use_db is true, don't need that
     $role->use_db = false;
     foreach ((array) $role_names as $name) {
         if ($role->is_role($name)) {
             foreach ((array) $caps as $cap) {
                 $role->add_cap($name, $cap);
             }
         }
     }
     $role->use_db = true;
     update_option($role->role_key, $role->roles);
 }
コード例 #10
0
ファイル: ure-lib.php プロジェクト: Jtgadbois/Pedadida
function ure_newRoleCreate(&$ure_currentRole) {

  global $wp_roles;
  
  $mess = '';
  $ure_currentRole = '';
  if (isset($_POST['user_role_id']) && $_POST['user_role_id']) {
    $user_role_id = utf8_decode($_POST['user_role_id']);
    // sanitize user input for security
    $valid_name = preg_match('/[A-Za-z0-9_\-]*/', $user_role_id, $match);
    if (!$valid_name || ($valid_name && ($match[0]!=$user_role_id))) { // some non-alphanumeric charactes found!
      return __('Error: Role ID must contain latin characters, digits, hyphens or underscore only!', 'ure');
    }  
        
    if ($user_role_id) {      
      $user_role_name = isset( $_POST['user_role_name']) ? $_POST['user_role_name'] : false;
      if (!empty($user_role_name)) {
        $user_role_name = sanitize_text_field( $user_role_name );      
      } else {
        $user_role_name = $user_role_id;  // as user role name is empty, use user role ID instead
      }
      
      if (!isset($wp_roles)) {
        $wp_roles = new WP_Roles();
      }
      if ( isset( $wp_roles->roles[ $user_role_id ] ) ) {      
        return sprintf( 'Error! '.__('Role %s exists already', 'ure'), $user_role_id );
      }
      $user_role_id = strtolower($user_role_id);
      $ure_currentRole = $user_role_id;
      
      $user_role_copy_from = isset($_POST['user_role_copy_from']) ? $_POST['user_role_copy_from'] : false;
      if ( !empty($user_role_copy_from) && $user_role_copy_from!='none' && $wp_roles->is_role($user_role_copy_from) ) {
        $role = $wp_roles->get_role( $user_role_copy_from );
        $capabilities = $role->capabilities;
      } else {
        $capabilities = array('read'=>1, 'level_0'=>1);
      }
      // add new role to the roles array      
      $result = add_role($user_role_id, $user_role_name, $capabilities);
      if ( !isset($result) || empty($result) ) {
        $mess = 'Error! '.__('Error is encountered during new role create operation', 'ure');
      } else {
        $mess = sprintf(__('Role %s is created successfully', 'ure'), $user_role_name);
      }
    }
  }
  return $mess;
}
コード例 #11
0
ファイル: Install.php プロジェクト: crunnells/shopp
 /**
  * Installed roles and capabilities used for Shopp
  *
  * Capabilities						Role
  * _______________________________________________
  *
  * shopp_settings					admin
  * shopp_settings_checkout
  * shopp_settings_payments
  * shopp_settings_shipping
  * shopp_settings_taxes
  * shopp_settings_presentation
  * shopp_settings_system
  * shopp_settings_update
  * shopp_financials					merchant
  * shopp_promotions
  * shopp_products
  * shopp_categories
  * shopp_export_orders
  * shopp_export_customers
  * shopp_delete_orders
  * shopp_delete_customers
  * shopp_void
  * shopp_refund
  * shopp_orders						shopp-csr
  * shopp_customers
  * shopp_capture
  * shopp_menu
  *
  * @author John Dillick
  * @since 1.1
  *
  * @return void
  **/
 public function roles()
 {
     global $wp_roles;
     // WP_Roles roles container
     if (!$wp_roles) {
         $wp_roles = new WP_Roles();
     }
     $shopp_roles = apply_filters('shopp_user_roles', array('administrator' => 'Administrator', 'shopp-merchant' => __('Merchant', 'Shopp'), 'shopp-csr' => __('Customer Service', 'Shopp')));
     $caps['shopp-csr'] = array('shopp_capture', 'shopp_customers', 'shopp_orders', 'shopp_menu', 'read');
     $caps['shopp-merchant'] = array_merge($caps['shopp-csr'], array('shopp_categories', 'shopp_products', 'shopp_memberships', 'shopp_promotions', 'shopp_financials', 'shopp_export_orders', 'shopp_export_customers', 'shopp_delete_orders', 'shopp_delete_customers', 'shopp_void', 'shopp_refund'));
     $caps['administrator'] = array_merge($caps['shopp-merchant'], array('shopp_settings_update', 'shopp_settings_system', 'shopp_settings_presentation', 'shopp_settings_taxes', 'shopp_settings_shipping', 'shopp_settings_payments', 'shopp_settings_checkout', 'shopp_settings'));
     $caps = apply_filters('shopp_role_caps', $caps, $shopp_roles);
     foreach ($shopp_roles as $role => $display) {
         if ($wp_roles->is_role($role)) {
             foreach ($caps[$role] as $cap) {
                 $wp_roles->add_cap($role, $cap, true);
             }
         } else {
             $wp_roles->add_role($role, $display, array_combine($caps[$role], array_fill(0, count($caps[$role]), true)));
         }
     }
 }
コード例 #12
0
 function create_role_if_missing()
 {
     $wp_roles = new WP_Roles();
     if ($wp_roles->is_role('webmaster')) {
         return;
     }
     $this->deactivate(is_multisite());
     $this->activate(is_multisite());
 }
コード例 #13
0
ファイル: CRED_Helper.php プロジェクト: rebeccayshen/kitlist
 public static function setupCustomUserCaps()
 {
     global $wp_roles;
     if (function_exists('wpcf_access_register_caps')) {
         // integrate with Types Access
         //cred_log('Access Active', 'access.log');
         add_filter('types-access-area', array(__CLASS__, 'register_access_cred_user_area'));
         add_filter('types-access-group', array(__CLASS__, 'register_access_cred_user_group'), 10, 2);
         add_filter('types-access-cap', array(__CLASS__, 'register_access_cred_user_caps'), 10, 3);
         // do any necessary changes when access imports / exports custom capabilities
         add_filter('access_import_custom_capabilities_' . '__CRED_CRED_USER', array(__CLASS__, 'import_access_cred_user_caps'), 1, 2);
         add_filter('access_export_custom_capabilities_' . '__CRED_CRED_USER', array(__CLASS__, 'export_access_cred_user_caps'), 1, 2);
     } elseif (function_exists('ure_not_edit_admin') || class_exists('Members_Load')) {
         // export custom cred caps to admin role for other plugins to manipulate them (eg User Role Editor or Members)
         if (!isset($wp_roles) && class_exists('WP_Roles')) {
             $wp_roles = new WP_Roles();
         }
         $wp_roles->use_db = true;
         if ($wp_roles->is_role('administrator')) {
             $administrator = $wp_roles->get_role('administrator');
         } else {
             $administrator = false;
             trigger_error(__('Administrator Role not found! CRED Users capabilities will not work', 'wp-cred'), E_USER_NOTICE);
             return;
         }
         if ($administrator) {
             self::addCredUserCapsToRoleUser($administrator);
         }
     } else {
         self::$caps = array_merge(self::$caps, self::buildCredUserCaps());
         add_filter('user_has_cap', array('CRED_Helper', 'defaultCredCapsFilter'), 5, 3);
     }
 }