/**
* Runs on the `load-{$page}` hook. This is the handler for form submissions.
*
* @since 1.0.0
* @access public
* @return void
*/
public function load()
{
// If the current user can't edit roles, don't proceed.
if (!current_user_can('edit_roles')) {
wp_die(esc_html__('Whoah, partner!', 'members'));
}
// Get the current role object to edit.
$this->role = get_role(members_sanitize_role($_GET['role']));
// If we don't have a real role, die.
if (is_null($this->role)) {
wp_die(esc_html__('The requested role to edit does not exist.', 'members'));
}
$this->members_role = members_get_role($this->role->name);
// Get all the capabilities.
$this->capabilities = members_get_capabilities();
// Add all caps from the cap groups.
foreach (members_get_cap_groups() as $group) {
$this->capabilities = array_merge($this->capabilities, $group->caps);
}
// Make sure we have a unique array of caps.
$this->capabilities = array_unique($this->capabilities);
// Is the role editable?
$this->is_editable = members_is_role_editable($this->role->name);
// Check if the form has been submitted.
if ($this->is_editable && isset($_POST['members_edit_role_nonce'])) {
// Verify the nonce.
check_admin_referer('edit_role', 'members_edit_role_nonce');
// Get the granted and denied caps.
$grant_caps = !empty($_POST['grant-caps']) ? array_unique($_POST['grant-caps']) : array();
$deny_caps = !empty($_POST['deny-caps']) ? array_unique($_POST['deny-caps']) : array();
// Get the new (custom) granted and denied caps.
$grant_new_caps = !empty($_POST['grant-new-caps']) ? array_unique($_POST['grant-new-caps']) : array();
$deny_new_caps = !empty($_POST['deny-new-caps']) ? array_unique($_POST['deny-new-caps']) : array();
// Get the all and custom cap group objects.
$all_group = members_get_cap_group('all');
$custom_group = members_get_cap_group('custom');
// New caps to push to cap groups on update.
$push_caps = array();
// Set the $role_updated variable to true.
$this->role_updated = true;
// Loop through all available capabilities.
foreach ($this->capabilities as $cap) {
// Get the posted capability.
$grant_this_cap = in_array($cap, $grant_caps);
$deny_this_cap = in_array($cap, $deny_caps);
// Does the role have the cap?
$is_granted_cap = $this->role->has_cap($cap);
$is_denied_cap = isset($this->role->capabilities[$cap]) && false === $this->role->capabilities[$cap];
if ($grant_this_cap && !$is_granted_cap) {
$this->role->add_cap($cap);
} else {
if ($deny_this_cap && !$is_denied_cap) {
$this->role->add_cap($cap, false);
} else {
if (!$grant_this_cap && $is_granted_cap) {
$this->role->remove_cap($cap);
} else {
if (!$deny_this_cap && $is_denied_cap) {
$this->role->remove_cap($cap);
}
}
}
}
}
// End loop through existing capabilities.
// Loop through the custom granted caps.
foreach ($grant_new_caps as $grant_new_cap) {
$_cap = members_sanitize_cap($grant_new_cap);
// If not an existing cap, add it.
if (!in_array($_cap, $this->capabilities)) {
$this->role->add_cap($_cap);
$push_caps[] = $_cap;
}
}
// Loop through the custom denied caps.
foreach ($deny_new_caps as $deny_new_cap) {
$_cap = members_sanitize_cap($deny_new_cap);
// If not a granted cap and not an existing cap, add it.
if (!in_array($_cap, $this->capabilities) && !in_array($_cap, $grant_new_caps)) {
$this->role->add_cap($_cap, false);
$push_caps[] = $_cap;
}
}
// If there are new caps, add them to the all and custom groups.
if ($push_caps) {
if ($all_group) {
$all_group->caps[] = $_cap;
sort($all_group->caps);
}
if ($custom_group) {
$custom_group->caps[] = $_cap;
sort($custom_group->caps);
}
}
// Add the updated role to the role factory.
members_role_factory()->add_role($this->role->name);
// Reset the Members role object.
$this->members_role = members_get_role($this->role->name);
// Action hook for when a role is updated.
do_action('members_role_updated', $this->role->name);
}
// End check for form submission.
// If successful update.
if ($this->role_updated) {
add_settings_error('members_edit_role', 'role_updated', sprintf(esc_html__('%s role updated.', 'members'), members_get_role_name($this->role->name)), 'updated');
}
// If the role is not editable.
if (!$this->is_editable) {
add_settings_error('members_edit_role', 'role_uneditable', sprintf(esc_html__('The %s role is not editable. This means that it is most likely added via another plugin for a special use or that you do not have permission to edit it.', 'members'), members_get_role_name($this->role->name)));
}
// If a new role was added (redirect from new role screen).
if (isset($_GET['message']) && 'role_added' === $_GET['message']) {
add_settings_error('members_edit_role', 'role_added', sprintf(esc_html__('The %s role has been created.', 'members'), members_get_role_name($this->role->name)), 'updated');
}
// Load page hook.
do_action('members_load_role_edit');
// Hook for adding in meta boxes.
do_action('add_meta_boxes_' . get_current_screen()->id, $this->role->name);
do_action('add_meta_boxes', get_current_screen()->id, $this->role->name);
// Add layout screen option.
add_screen_option('layout_columns', array('max' => 2, 'default' => 2));
}
/**
* Registers the default cap groups.
*
* @since 1.0.0
* @access public
* @return void
*/
function members_register_cap_groups()
{
// Register the all group.
members_register_cap_group('all', array('label' => esc_html__('All', 'members'), 'caps' => members_get_all_group_caps(), 'icon' => 'dashicons-plus', 'merge_added' => false));
// Registers the general group.
members_register_cap_group('general', array('label' => esc_html__('General', 'members'), 'caps' => members_get_general_group_caps(), 'icon' => 'dashicons-wordpress'));
// Loop through every custom post type.
foreach (get_post_types(array(), 'objects') as $type) {
// Skip revisions and nave menu items.
if (in_array($type->name, array('revision', 'nav_menu_item'))) {
continue;
}
// Get the caps for the post type.
$has_caps = members_get_post_type_group_caps($type->name);
// Skip if the post type doesn't have caps.
if (empty($has_caps)) {
continue;
}
// Set the default post type icon.
$icon = $type->hierarchical ? 'dashicons-admin-page' : 'dashicons-admin-post';
// Get the post type icon.
if (is_string($type->menu_icon) && preg_match('/dashicons-/i', $type->menu_icon)) {
$icon = $type->menu_icon;
} else {
if ('attachment' === $type->name) {
$icon = 'dashicons-admin-media';
} else {
if ('download' === $type->name) {
$icon = 'dashicons-download';
} else {
if ('product' === $type->name) {
$icon = 'dashicons-cart';
}
}
}
}
// Register the post type cap group.
members_register_cap_group("type-{$type->name}", array('label' => $type->labels->name, 'caps' => $has_caps, 'icon' => $icon));
}
// Register the taxonomy group.
members_register_cap_group('taxonomy', array('label' => esc_html__('Taxonomies', 'members'), 'caps' => members_get_taxonomy_group_caps(), 'icon' => 'dashicons-tag', 'diff_added' => true));
// Register the theme group.
members_register_cap_group('theme', array('label' => esc_html__('Appearance', 'members'), 'caps' => members_get_theme_group_caps(), 'icon' => 'dashicons-admin-appearance'));
// Register the plugin group.
members_register_cap_group('plugin', array('label' => esc_html__('Plugins', 'members'), 'caps' => members_get_plugin_group_caps(), 'icon' => 'dashicons-admin-plugins'));
// Register the user group.
members_register_cap_group('user', array('label' => esc_html__('Users', 'members'), 'caps' => members_get_user_group_caps(), 'icon' => 'dashicons-admin-users'));
// Register the custom group.
members_register_cap_group('custom', array('label' => esc_html__('Custom', 'members'), 'caps' => members_get_capabilities(), 'icon' => 'dashicons-admin-generic', 'diff_added' => true));
// Hook for registering cap groups. Plugins should always register on this hook.
do_action('members_register_cap_groups');
// Check if the `all` group is registered.
if (members_cap_group_exists('all')) {
// Set up an empty caps array and get the `all` group object.
$caps = array();
$_group = members_get_cap_group('all');
// Get the caps from every registered group.
foreach (members_get_cap_groups() as $group) {
$caps = array_merge($caps, $group->caps);
}
// Sort the caps alphabetically.
asort($caps);
// Assign all caps to the `all` group.
$_group->caps = array_unique($caps);
}
// Check if the `custom` group is registered and there's possibly other non-default groups.
if (has_action('members_register_cap_groups') && members_cap_group_exists('custom')) {
// Get the custom group object.
$custom = members_cap_group_factory()->groups['custom'];
// Unset the custom group object.
unset(members_cap_group_factory()->groups['custom']);
// Move the custom group object to the end.
members_cap_group_factory()->groups['custom'] = $custom;
}
}
/**
* Registers the sections (and each section's controls) that will be used for
* the tab content.
*
* @since 1.0.0
* @access public
* @return void
*/
public function register()
{
// Hook before registering.
do_action('members_pre_edit_caps_manager_register');
// Get and loop through the available capability groups.
foreach (members_get_cap_groups() as $group) {
$caps = $group->caps;
// Remove added caps.
if ($group->diff_added) {
$caps = array_diff($group->caps, $this->added_caps);
}
// Add group's caps to the added caps array.
if ($group->merge_added) {
$this->added_caps = array_unique(array_merge($this->added_caps, $caps));
}
// Create a new section.
$this->sections[] = $section = new Members_Cap_Section($this, $group->name, array('icon' => $group->icon, 'label' => $group->label));
// Get the section json data.
$this->sections_json[] = $section->json();
// Create new controls for each cap.
foreach ($caps as $cap) {
$this->controls[] = $control = new Members_Cap_Control($this, $cap, array('section' => $group->name));
// Get the control json data.
$this->controls_json[] = $control->json();
}
}
// Hook after registering.
do_action('members_edit_caps_manager_register');
}
/**
* Checks posted data on load and performs actions if needed.
*
* @since 1.0.0
* @access public
* @return void
*/
public function load()
{
// Are we cloning a role?
$this->is_clone = isset($_GET['clone']) && members_role_exists($_GET['clone']);
if ($this->is_clone) {
// Override the default new role caps.
add_filter('members_new_role_default_caps', array($this, 'clone_default_caps'), 15);
// Set the clone role.
$this->clone_role = members_sanitize_role($_GET['clone']);
}
// Check if the current user can create roles and the form has been submitted.
if (current_user_can('create_roles') && isset($_POST['members_new_role_nonce'])) {
// Verify the nonce.
check_admin_referer('new_role', 'members_new_role_nonce');
// Set up some variables.
$this->capabilities = array();
$new_caps = array();
$is_duplicate = false;
// Get all the capabilities.
$_m_caps = members_get_capabilities();
// Add all caps from the cap groups.
foreach (members_get_cap_groups() as $group) {
$_m_caps = array_merge($_m_caps, $group->caps);
}
// Make sure we have a unique array of caps.
$_m_caps = array_unique($_m_caps);
// Check if any capabilities were selected.
if (isset($_POST['grant-caps']) || isset($_POST['deny-caps'])) {
$grant_caps = !empty($_POST['grant-caps']) ? array_unique($_POST['grant-caps']) : array();
$deny_caps = !empty($_POST['deny-caps']) ? array_unique($_POST['deny-caps']) : array();
foreach ($_m_caps as $cap) {
if (in_array($cap, $grant_caps)) {
$new_caps[$cap] = true;
} else {
if (in_array($cap, $deny_caps)) {
$new_caps[$cap] = false;
}
}
}
}
$grant_new_caps = !empty($_POST['grant-new-caps']) ? array_unique($_POST['grant-new-caps']) : array();
$deny_new_caps = !empty($_POST['deny-new-caps']) ? array_unique($_POST['deny-new-caps']) : array();
foreach ($grant_new_caps as $grant_new_cap) {
$_cap = members_sanitize_cap($grant_new_cap);
if (!in_array($_cap, $_m_caps)) {
$new_caps[$_cap] = true;
}
}
foreach ($deny_new_caps as $deny_new_cap) {
$_cap = members_sanitize_cap($deny_new_cap);
if (!in_array($_cap, $_m_caps)) {
$new_caps[$_cap] = false;
}
}
// Sanitize the new role name/label. We just want to strip any tags here.
if (!empty($_POST['role_name'])) {
$this->role_name = wp_strip_all_tags($_POST['role_name']);
}
// Sanitize the new role, removing any unwanted characters.
if (!empty($_POST['role'])) {
$this->role = members_sanitize_role($_POST['role']);
} else {
if ($this->role_name) {
$this->role = members_sanitize_role($this->role_name);
}
}
// Is duplicate?
if (members_role_exists($this->role)) {
$is_duplicate = true;
}
// Add a new role with the data input.
if ($this->role && $this->role_name && !$is_duplicate) {
add_role($this->role, $this->role_name, $new_caps);
// Action hook for when a role is added.
do_action('members_role_added', $this->role);
// If the current user can edit roles, redirect to edit role screen.
if (current_user_can('edit_roles')) {
wp_redirect(esc_url_raw(add_query_arg('message', 'role_added', members_get_edit_role_url($this->role))));
exit;
}
// Add role added message.
add_settings_error('members_role_new', 'role_added', sprintf(esc_html__('The %s role has been created.', 'members'), $this->role_name), 'updated');
}
// If there are new caps, let's assign them.
if (!empty($new_caps)) {
$this->capabilities = $new_caps;
}
// Add error if there's no role.
if (!$this->role) {
add_settings_error('members_role_new', 'no_role', esc_html__('You must enter a valid role.', 'members'));
}
// Add error if this is a duplicate role.
if ($is_duplicate) {
add_settings_error('members_role_new', 'duplicate_role', sprintf(esc_html__('The %s role already exists.', 'members'), $this->role));
}
// Add error if there's no role name.
if (!$this->role_name) {
add_settings_error('members_role_new', 'no_role_name', esc_html__('You must enter a valid role name.', 'members'));
}
}
// If we don't have caps yet, get the new role default caps.
if (empty($this->capabilities)) {
$this->capabilities = members_new_role_default_caps();
}
// Load page hook.
do_action('members_load_role_new');
// Hook for adding in meta boxes.
do_action('add_meta_boxes_' . get_current_screen()->id, '');
do_action('add_meta_boxes', get_current_screen()->id, '');
// Add layout screen option.
add_screen_option('layout_columns', array('max' => 2, 'default' => 2));
// Load scripts/styles.
add_action('admin_enqueue_scripts', array($this, 'enqueue'));
}