/** * Add XRDS entries for OpenID Server. Entries added will be highly * dependant on the requested URL and plugin configuration. * * @uses apply_filters() Calls 'openid_server_xrds_types' before returning XRDS Types for OpenID authentication services. */ function openid_provider_xrds_simple($xrds) { global $nxt_roles; if (!$nxt_roles) { $nxt_roles = new nxt_Roles(); } $provider_enabled = false; foreach ($nxt_roles->role_names as $key => $name) { $role = $nxt_roles->get_role($key); if ($role->has_cap('use_openid_provider')) { $provider_enabled = true; break; } } if (!$provider_enabled) { return $xrds; } $user = openid_server_requested_user(); if (!$user && get_option('openid_blog_owner')) { $url_parts = parse_url(get_option('home')); $path = array_key_exists('path', $url_parts) ? $url_parts['path'] : ''; $path = trailingslashit($path); $script = preg_replace('/index.php$/', '', $_SERVER['SCRIPT_NAME']); $script = trailingslashit($script); if ($path != $script && !is_admin()) { return $xrds; } if (!defined('OPENID_DISALLOW_OWNER') || !OPENID_DISALLOW_OWNER) { $user = get_user_by('login', get_option('openid_blog_owner')); } } if ($user) { // if user doesn't have capability, bail $user_object = new nxt_User($user->ID); if (!$user_object->has_cap('use_openid_provider')) { return $xrds; } if (get_user_meta($user->ID, 'openid_delegate', true)) { $services = get_user_meta($user->ID, 'openid_delegate_services', true); } else { $services = array(); $tmp_types = apply_filters('openid_server_xrds_types', array('http://specs.openid.net/auth/2.0/signon')); $types = array(); foreach ($tmp_types as $t) { $types[] = array('content' => $t); } $services[] = array('Type' => $types, 'URI' => openid_server_url(), 'LocalID' => get_author_posts_url($user->ID)); $tmp_types = apply_filters('openid_server_xrds_types', array('http://openid.net/signon/1.1')); $types = array(); foreach ($tmp_types as $t) { $types[] = array('content' => $t); } $services[] = array('Type' => $types, 'URI' => openid_server_url(), 'openid:Delegate' => get_author_posts_url($user->ID)); } } else { $services = array(array('Type' => array(array('content' => 'http://specs.openid.net/auth/2.0/server')), 'URI' => openid_server_url(), 'LocalID' => 'http://specs.openid.net/auth/2.0/identifier_select')); } if (!empty($services)) { foreach ($services as $index => $service) { $name = 'OpenID Provider Service (' . $index . ')'; $xrds = xrds_add_service($xrds, 'main', $name, $service, $index); } } return $xrds; }
/** * Retrieve all of the role capabilities and merge with individual capabilities. * * All of the capabilities of the roles the user belongs to are merged with * the users individual roles. This also means that the user can be denied * specific roles that their role might have, but the specific user isn't * granted permission to. * * @since 2.0.0 * @uses $nxt_roles * @access public */ function get_role_caps() { global $nxt_roles; if (!isset($nxt_roles)) { $nxt_roles = new nxt_Roles(); } //Filter out caps that are not role names and assign to $this->roles if (is_array($this->caps)) { $this->roles = array_filter(array_keys($this->caps), array(&$nxt_roles, 'is_role')); } //Build $allcaps from role caps, overlay user's $caps $this->allcaps = array(); foreach ((array) $this->roles as $role) { $the_role = $nxt_roles->get_role($role); $this->allcaps = array_merge((array) $this->allcaps, (array) $the_role->capabilities); } $this->allcaps = array_merge((array) $this->allcaps, (array) $this->caps); }