function item_tree($scope, $mode, $src, $otype_or_tx, $all_items, $assigned_roles, $strict_items, $role_defs_by_otype, $role_codes, $args = array()) { $defaults = array('admin_items' => '', 'editable_roles' => '', 'ul_class' => 'rs-termlist', 'ie_link_style' => '', 'object_names' => '', 'table_captions' => '', 'err' => '', 'object_status' => '', 'agent_caption_plural' => '', 'agent_list_prefix' => '', 'agent_names' => '', 'default_hide_empty' => false, 'role_bases' => array(ROLE_BASIS_USER, ROLE_BASIS_GROUPS), 'single_item' => false); $args = array_merge($defaults, (array) $args); extract($args); global $scoper; if (!is_object($src)) { $src = $scoper->data_sources->get($src); } $col_id = $src->cols->id; $col_name = $src->cols->name; $col_parent = isset($src->cols->parent) ? $src->cols->parent : ''; $item_label = $otype_or_tx->labels->singular_name; if (TERM_SCOPE_RS == $scope) { $src_or_tx_name = $otype_or_tx->name; $edit_url_base = !empty($otype_or_tx->edit_url) ? $otype_or_tx->edit_url : ''; } else { $src_or_tx_name = $src->name; $edit_url_base = !empty($src->edit_url) ? $src->edit_url : ''; } if ($default_hide_empty) { $hide_tr_sfx = '-hide'; $hide_li_sfx = '-hide'; } else { $hide_tr_sfx = ''; $hide_li_sfx = ''; } $nextlink = ''; $prevlink = ''; if (empty($admin_items)) { $admin_items = array(); } if (empty($agent_caption_plural)) { $agent_caption_plural = __('Users or Groups', 'scoper'); } if (empty($agent_list_prefix)) { $agent_list_prefix = array(); $agent_list_prefix[ROLE_BASIS_USER] = ''; $agent_list_prefix[ROLE_BASIS_GROUPS] = __('Groups') . ': '; } static $prevtext, $nexttext, $is_administrator, $role_header, $agents_header; if (empty($prevtext)) { // buffer prev/next caption for display with each term //$prevtext = _ x('prev', '|abbreviated link to previous item', 'scoper'); //$nexttext = _ x('next', '|abbreviated link to next item', 'scoper'); $prevtext = __('prev', 'scoper'); $nexttext = __('next', 'scoper'); $is_administrator = is_administrator_rs($src, 'user'); $role_header = __awp('Role'); switch ($mode) { case ROLE_ASSIGNMENT_RS: //$agents_header = sprintf( _ x('Current %s', 'users or groups', 'scoper'), $agent_caption_plural); $agents_header = sprintf(__('Current %s', 'scoper'), $agent_caption_plural); break; case ROLE_RESTRICTION_RS: $agents_header = __('Current Restrictions', 'scoper'); break; default: return; } } // disregard roles that don't apply to this scope foreach ($role_defs_by_otype as $object_type => $role_defs) { foreach ($role_defs as $role_handle => $role) { if (!isset($role->valid_scopes[$scope])) { unset($role_defs_by_otype[$object_type][$role_handle]); } } } // for object scope, assign "private post reader" role, but label it as "post reader" to limit confusion $role_display_name = array(); foreach ($role_defs_by_otype as $role_defs) { foreach (array_keys($role_defs) as $role_handle) { $role_display_name[$role_handle] = $scoper->role_defs->get_display_name($role_handle, $scope . '_ui'); } } // display a separate role assignment list for each individual term / object $last_id = -1; $last_name = ''; $last_parent_id = -1; $parent_id = 0; $parents = array(); $depth = 0; $_top_link = "<a{$ie_link_style} href='#scoper_top'>" . __('top', 'scoper') . '</a>'; $tr_display = strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false ? 'block' : 'table-row'; $show_all_caption = __('show all', 'scoper'); echo "<ul class='{$ul_class}' style='padding-left:0.1em;'>"; if (empty($all_items)) { $all_items = array(); } if (!$single_item && is_user_administrator_rs() && 'nav_menu' != $src_or_tx_name) { // TODO: action handler for new menu item storage if (ROLE_ASSIGNMENT_RS == $mode) { $root_caption = sprintf(__('DEFAULTS for new %s', 'scoper'), $otype_or_tx->labels->name); } else { $root_caption = sprintf(__('DEFAULTS for all %s', 'scoper'), $otype_or_tx->labels->name); } if (TERM_SCOPE_RS == $scope) { $root_item = (object) array($col_id => 0, $col_name => $root_caption, $col_parent => 0); array_unshift($all_items, $root_item); } else { $obj = (object) array($col_id => 0); $all_items = array($root_caption => $obj) + $all_items; $object_names[0] = $root_caption; $status_objects = 'post' == $src->name ? get_post_stati(array(), 'object') : array(); } } $title_roles = __('edit roles', 'scoper'); $title_item = sprintf(__('edit %s', 'scoper'), agp_strtolower($item_label)); foreach ($all_items as $key => $item) { $id = $item->{$col_id}; if (!empty($object_names[$id])) { $name = esc_attr(str_replace(' ', ' ', $object_names[$id])); } else { $name = str_replace(' ', ' ', $item->{$col_name}); } if ($col_parent && isset($item->{$col_parent})) { $parent_id = $item->{$col_parent}; if ($parent_id != $last_parent_id) { if ($parent_id == $last_id && $last_id) { $parents[$last_name] = $last_id; echo "<ul class='{$ul_class}'>"; $depth++; } elseif ($depth) { do { //echo "term $name: depth $depth, current parents: " . print_r($parents); array_pop($parents); echo '</li></ul>'; $depth--; } while ($parents && end($parents) != $parent_id && $depth); } $last_parent_id = $parent_id; } } if ($is_administrator || isset($admin_items[$last_id])) { if (!$last_id) { // always close li for defaults echo '</li>'; } elseif (-1 != $last_id && $parent_id != $last_id) { echo '</li>'; } } if (OBJECT_SCOPE_RS == $scope) { if (isset($object_status) && !empty($object_status[$id]) && 'publish' != $object_status[$id] && 'private' != $object_status[$id]) { $status_text = isset($status_objects[$object_status[$id]]) ? "{$status_objects[$object_status[$id]]->label}, " : "{$object_status[$id]}, "; } else { $status_text = ''; } $link_span_open = $status_text ? "<span class='rs-brown'>" : ''; $link_span_close = $status_text ? "</span>" : ''; // link from object name to our "Edit Object Role Assignment" interface if ($id) { $rs_edit_url = "admin.php?page=rs-object_role_edit&src_name={$src_or_tx_name}&object_type={$otype_or_tx->name}&object_id={$id}&object_name=" . urlencode($name); $name_text = "{$link_span_open}<a title='{$title_roles}' href='{$rs_edit_url}'>{$name}</a>{$link_span_close}"; } else { $name_text = $name; } // link from object ID to the object type's default editor, if defined if ($id && $edit_url_base) { $content_edit_url = sprintf($edit_url_base, $id); $id_text = "<a title='{$title_item}' href='{$content_edit_url}' class='edit'>{$id}</a>"; } else { $id_text = $id; } $id_text = $id ? " ({$status_text}" . sprintf(__('id %s', 'scoper'), $id_text) . ')' : ''; } elseif ($id && TERM_SCOPE_RS == $scope && $edit_url_base) { $content_edit_url = sprintf($edit_url_base, $id); $name_text = "<a class='rs-dlink_rev' href='{$content_edit_url}' title='{$title_item}'>{$name}</a>"; $id_text = ''; } else { $name_text = $name; $id_text = ''; } //display scroll links for this term if (TERM_SCOPE_RS == $scope) { $prevlink = $last_id && !$single_item && $id ? "<a{$ie_link_style} href='#item-" . $last_id . "'>" . $prevtext . "</a>" : ''; } if ($id && (!$is_administrator && !isset($admin_items[$id]))) { continue; } $last_id = $id; $last_name = $name; $next_id = $id && isset($all_items[$key + 1]) ? $all_items[$key + 1]->{$col_id} : 0; if (TERM_SCOPE_RS == $scope) { if ($next_id) { $nextlink = "<a{$ie_link_style} href='#item-" . $next_id . "'>" . $nexttext . "</a>"; } elseif ($id) { $nextlink = "<span class='rs-termlist_linkspacer'>{$nexttext}</span>"; } else { $nextlink = ''; } } if ($parents) { //$color_class = ( TERM_SCOPE_RS == $scope ) ? 'rs-lgray' : 'rs-gray'; //$item_path = "<span class='$color_class'>" . implode(' / ', array_keys($parents)) . ' / ' . '</span>'; $item_path = implode(' / ', array_keys($parents)) . ' / '; $margin = ''; $top_pad = '1.5em'; } else { $item_path = ''; $margin = 'margin-top:2em;'; $top_pad = '0.2em'; } $js_call = "agp_toggle_display('roles-{$id}','block','tgl-{$id}', '-', '+');" . "agp_toggle_display('jump-{$id}','block');"; $role_class = ''; if ($id) { // never hide defaults block if (ROLE_ASSIGNMENT_RS == $mode) { $role_class = ''; if (!isset($assigned_roles[ROLE_BASIS_USER][$id]) && !isset($assigned_roles[ROLE_BASIS_GROUPS][$id])) { $role_class = " no-rol-li{$hide_li_sfx}"; } elseif (!isset($assigned_roles[ROLE_BASIS_USER][$id])) { $role_class = " no-user-li"; } elseif (!isset($assigned_roles[ROLE_BASIS_GROUPS][$id])) { $role_class = " no-groups-li"; } } elseif (ROLE_RESTRICTION_RS == $mode) { $role_class = " no-rol-li{$hide_li_sfx}"; $setting_types = array('restrictions', 'unrestrictions'); foreach ($setting_types as $setting_type) { if (isset($strict_items[$setting_type])) { foreach (array_keys($strict_items[$setting_type]) as $role_handle) { // key is role_handle if (isset($strict_items[$setting_type][$role_handle][$id])) { $role_class = ''; break; } } } } } } $class = $role_class ? "class='" . trim($role_class) . "' " : ''; echo "\r\n\r\n<li {$class}style='padding:{$top_pad} 0.5em 0 0.3em;{$margin}'>"; if (!$single_item) { $top_link = $id ? $_top_link : ''; echo "<a name='item-{$id}'></a>" . "<span id='jump-{$id}' class='rs-termjump alignright'>{$prevlink}{$nextlink}" . $top_link . '</span>' . "<strong><a class='rs-link_plain_rev term-tgl' id='tgl-{$id}' href='javascript:void(0);' onclick=\"{$js_call}\" title=\"{$otype_or_tx->labels->singular_name} {$id}: {$name}\">" . "-</a></strong> " . $item_path . '<strong>' . $name_text . '</strong>' . $id_text . ': '; } echo "</li><li id='roles-{$id}' class='role-li{$role_class}'>"; ?> <table class='rs-widefat rs-role-tbl'> <thead> <tr class="thead"> <th class="rs-tightcol"><?php $js_call = "agp_display_child_nodes( 'tbl-{$id}', 'TR', '{$tr_display}' );"; echo "<a href='javascript:void(0);' title='{$show_all_caption}' onclick=\"{$js_call}\">+</a>"; ?> </th> <th class="rs-tightcol"><?php echo $role_header; ?> </th> <th><?php echo $agents_header; ?> </th> </tr> </thead> <tbody id='<?php echo "tbl-{$id}"; ?> '> <?php // display each role eligible for group/user assignment in this term/object foreach ($role_defs_by_otype as $object_type => $role_defs) { $vals = array(); $ids = array(); if (!$single_item) { foreach (array_keys($role_defs) as $role_handle) { // retain previous selections in case of error ( user forgets to select groups/users ) $vals[$role_handle] = "{$role_codes[$role_handle]}-{$id}"; // pre-generate all checkbox ids in this op_type, to pass to javascript $ids[$role_handle] = 'rs-' . $vals[$role_handle]; } } foreach (array_keys($role_defs) as $role_handle) { // Does current user have this role? if (!$single_item && ($is_administrator || !is_array($editable_roles) || !empty($editable_roles[0][$role_handle]) || !empty($editable_roles[$id][$role_handle]))) { $form_id = $id || ROLE_ASSIGNMENT_RS == $mode ? 'roles' : 'default_restrictions'; $checked = $err && isset($_POST[$form_id]) && in_array($vals[$role_handle], $_POST[$form_id]) ? 'checked="checked"' : ''; if (ROLE_ASSIGNMENT_RS == $mode) { //$skip_if_id = 'assign_for'; // reduced html bulk by making 3rd & 4th args of agp_uncheck default to these values //$skip_if_val = REMOVE_ASSIGNMENT_RS; $js_call = "agp_uncheck('" . implode(',', $ids) . "',this.id);"; $onclick = "onclick=\"{$js_call}\""; } else { $onclick = ''; } $checkbox = "<input type='checkbox' name='{$form_id}[]' id='{$ids[$role_handle]}' value='{$vals[$role_handle]}' {$checked} {$onclick} />"; $label = "<label for='{$ids[$role_handle]}'>" . str_replace(' ', ' ', $role_display_name[$role_handle]) . "</label>"; } else { $checkbox = ''; $label = str_replace(' ', ' ', $role_display_name[$role_handle]); } $classes = array(); if ($default_strict = isset($strict_items['unrestrictions'][$role_handle]) && is_array($strict_items['unrestrictions'][$role_handle])) { $setting = 'unrestrictions'; } else { $setting = 'restrictions'; } if (isset($strict_items[$setting][$role_handle][$id])) { if ($single_item) { $require_for = $strict_items[$setting][$role_handle][$id]; $open_brace = $close_brace = ''; } else { $require_for = $strict_items[$setting][$role_handle][$id]['assign_for']; $open_brace = $strict_items[$setting][$role_handle][$id]['inherited_from'] ? '{' : ''; $close_brace = $open_brace ? '}' : ''; } } else { $require_for = false; $open_brace = $close_brace = ''; } switch ($mode) { case ROLE_ASSIGNMENT_RS: $open_brace = $close_brace = ''; $assignment_list = array(); foreach ($role_bases as $role_basis) { if (isset($assigned_roles[$role_basis][$id][$role_handle])) { $checkbox_id = $single_item ? '' : $role_basis; $assignment_names = array_intersect_key($agent_names[$role_basis], $assigned_roles[$role_basis][$id][$role_handle]); $assignment_list[$role_basis] = "<span class='{$role_basis}-csv'><span class='rs-bold'>" . $agent_list_prefix[$role_basis] . '</span>' . ScoperAdminBulkLib::role_assignment_list($assigned_roles[$role_basis][$id][$role_handle], $assignment_names, $checkbox_id, $role_basis) . '</span>'; } } $setting_display = implode(' ', $assignment_list); // don't hide rows for default roles if ($id) { if (!isset($assigned_roles[ROLE_BASIS_USER][$id][$role_handle]) && !isset($assigned_roles[ROLE_BASIS_GROUPS][$id][$role_handle])) { $classes[] = "no-rol{$hide_tr_sfx}"; } elseif (!isset($assigned_roles[ROLE_BASIS_USER][$id][$role_handle])) { $classes[] = "no-user"; } elseif (!isset($assigned_roles[ROLE_BASIS_GROUPS][$id][$role_handle])) { $classes[] = "no-groups"; } } break; case ROLE_RESTRICTION_RS: if (!$id) { $setting_display = $table_captions[$setting]['default']; } elseif ($require_for) { $setting_display = $table_captions[$setting][$require_for]; } else { $setting_display = '(' . $table_captions[$setting][false] . ')'; // don't hide rows for default restrictions if ($id) { $classes[] = " no-rol{$hide_tr_sfx}"; } } } // end switch $mode switch ($require_for) { case ASSIGN_FOR_BOTH_RS: $open_brace = '<span class="rs-bold">' . $open_brace; $close_brace .= '</span>'; break; case ASSIGN_FOR_CHILDREN_RS: $open_brace = '<span class="rs-gray">' . $open_brace; $close_brace .= '</span>'; } // end switch if (empty($default_strict) && $require_for && $require_for != ASSIGN_FOR_CHILDREN_RS || !empty($default_strict) && !$require_for) { $classes[] = 'rs-backylw'; } $class = $classes ? " class='" . implode(' ', $classes) . "'" : ''; echo "\r\n" . "<tr{$class}>" . "<td>{$checkbox}</td>" . "<td>{$label}</td>" . "<td>{$open_brace}{$setting_display}{$close_brace}</td>" . "</tr>"; } // end foreach role } // end foreach object_type echo '</tbody></table>'; } // end foreach term while ($depth) { echo '</li></ul>'; $depth--; } echo '</li>'; echo '</ul><br /><ul>'; // now display "select all" checkboxes for all terms in this taxonomy if (empty($single_item)) { if (defined('SCOPER_EXTRA_SUBMIT_BUTTON')) { echo '<li class="alignright"><span class="submit" style="border:none;"><input type="submit" name="rs_submit" value="' . __('Update »', 'scoper') . '" /></span></li>'; } ?> <li><table class='widefat' style='width:auto;'> <thead> <tr class="thead"> <th colspan="2"><?php printf(__('select / unselect all:', 'scoper'), agp_strtolower($otype_or_tx->labels->name)); ?> </th> <!--<th colspan="2" style="text-align: center"><?php _e('Actions'); ?> </th>--> </tr> </thead> <tbody id="bulk_roles-<?php echo $otype_or_tx->name; ?> "> <?php //convert allterms stdobj to array for implosion $all_items_arr = array(); foreach ($all_items as $item) { $all_items_arr[] = $item->{$col_id}; } $all_items_ser = implode('-', $all_items_arr); //display "check for every term" shortcuts for each individual role global $scoper; $style = ' class="rs-backwhite"'; foreach ($role_defs_by_otype as $object_type => $roles) { foreach (array_keys($roles) as $role_handle) { $style = ' class="alternate"' == $style ? ' class="rs-backwhite"' : ' class="alternate"'; // $check_shorcut was displayed in first <td> $id = "rs-Z-{$role_codes[$role_handle]}"; $caption = ' <span class="rs-subtext">' . sprintf(__('(all %s)', 'scoper'), agp_strtolower($otype_or_tx->labels->name)) . '</span>'; $js_call = "scoper_checkroles('{$id}', '{$all_items_ser}', '{$role_codes[$role_handle]}');"; echo "\n\t<tr {$style}>" . "<td><input type='checkbox' id='{$id}' onclick=\"{$js_call}\" /></td>" . "<td><label for='{$id}'>" . $scoper->role_defs->get_display_name($role_handle, $scope . '_ui') . "{$caption}</label></td>" . "</tr>"; } // end foreach role } // end foreach roledef echo '</tbody></table></li></ul><br />'; } // endif not single item }
function scoper_object_roles_list($viewing_user, $args = array()) { $html = ''; if (!USER_ROLES_RS && !GROUP_ROLES_RS) { wp_die(__awp('Cheatin’ uh?')); } $defaults = array('enforce_duration_limits' => true, 'is_user_profile' => false, 'echo' => true); $args = array_merge($defaults, (array) $args); extract($args); global $scoper, $wpdb, $current_user; if ($viewing_user) { if (!is_object($viewing_user)) { global $current_rs_user; if ($viewing_user == $current_rs_user->ID) { $viewing_user = $current_rs_user; } else { $viewing_user = new WP_Scoped_User($viewing_user); } } } $all_roles = array(); $role_display = array(); foreach ($scoper->role_defs->get_all_keys() as $role_handle) { if ($viewing_user) { $role_display[$role_handle] = $scoper->role_defs->get_display_name($role_handle, OBJECT_UI_RS); } else { $role_display[$role_handle] = $scoper->role_defs->get_abbrev($role_handle, OBJECT_UI_RS); } } if (!$is_user_profile) { $require_blogwide_editor = scoper_get_option('role_admin_blogwide_editor_only'); if ('admin' === $require_blogwide_editor && !is_user_administrator_rs()) { return false; } if ('admin_content' === $require_blogwide_editor && !is_content_administrator_rs()) { return false; } } else { $require_blogwide_editor = false; } foreach ($scoper->data_sources->get_all() as $src_name => $src) { $otype_count = 0; if (!empty($src->taxonomy_only) || $src_name == 'group' && !$viewing_user) { continue; } $strict_objects = $scoper->get_restrictions(OBJECT_SCOPE_RS, $src_name); foreach ($src->object_types as $object_type => $otype) { $otype_count++; $disable_role_admin = false; if ($require_blogwide_editor) { if (!$scoper->user_can_edit_blogwide('post', $object_type, array('require_others_cap' => true))) { $disable_role_admin = true; } } if (!empty($src->cols->type) && !empty($otype->name)) { $col_type = $src->cols->type; $otype_clause = "AND {$src->table}.{$col_type} = '{$otype->name}'"; } elseif ($otype_count < 2) { $otype_clause = ''; } else { continue; } $col_id = $src->cols->id; $col_name = $src->cols->name; $ug_clause_for_user_being_viewed = $viewing_user ? $viewing_user->get_user_clause('uro') : ''; // TODO: replace join with uro subselect $qry = "SELECT DISTINCT {$src->table}.{$col_name}, {$src->table}.{$col_id}, uro.role_name, uro.date_limited, uro.start_date_gmt, uro.end_date_gmt" . " FROM {$src->table} "; $join = " INNER JOIN {$wpdb->user2role2object_rs} AS uro" . " ON uro.obj_or_term_id = {$src->table}.{$col_id}" . " AND uro.src_or_tx_name = '{$src_name}'" . " AND uro.scope = 'object' AND uro.role_type = 'rs'"; $duration_clause = $enforce_duration_limits ? scoper_get_duration_clause("{$src->table}.{$src->cols->date}") : ''; $status_clause = 'post' == $src_name ? "AND post_status != 'auto-draft'" : ''; // TODO: version update script to delete post roles on auto-drafts (stored via default roles) $where = " WHERE 1=1 {$status_clause} {$otype_clause} {$duration_clause} {$ug_clause_for_user_being_viewed}"; $orderby = " ORDER BY {$src->table}.{$col_name} ASC, uro.role_name ASC"; $qry .= $join . $where . $orderby; $results = scoper_get_results($qry); if (!is_user_administrator_rs()) { // no need to filter admins - just query the assignments // only list role assignments which the logged-in user can administer $args['required_operation'] = OP_EDIT_RS; // Possible TODO: re-implement OP_ADMIN distinction with admin-specific capabilities /* if ( cr_get_reqd_caps( $src_name, OP_ADMIN_RS, $object_type ) { $args['required_operation'] = OP_ADMIN_RS; } else { $reqd_caps = array(); foreach (array_keys($src->statuses) as $status_name) { $admin_caps = $scoper->cap_defs->get_matching($src_name, $object_type, OP_ADMIN_RS, $status_name); $delete_caps = $scoper->cap_defs->get_matching($src_name, $object_type, OP_DELETE_RS, $status_name); $reqd_caps[$object_type][$status_name] = array_merge(array_keys($admin_caps), array_keys($delete_caps)); } $args['force_reqd_caps'] = $reqd_caps; } */ $qry = "SELECT {$src->table}.{$col_id} FROM {$src->table} WHERE 1=1"; $args['require_full_object_role'] = true; $qry_flt = apply_filters('objects_request_rs', $qry, $src_name, $object_type, $args); $cu_admin_results = scoper_get_col($qry_flt); if (empty($viewing_user) || $current_user->ID != $viewing_user->ID) { foreach ($results as $key => $row) { if (!in_array($row->{$col_id}, $cu_admin_results)) { unset($results[$key]); } } } else { // for current user's view of their own user profile, just de-link unadminable objects $link_roles = array(); $link_objects = array(); if (!$disable_role_admin) { foreach ($results as $key => $row) { if (in_array($row->{$col_id}, $cu_admin_results)) { $link_roles[$row->{$col_id}] = true; } } $args['required_operation'] = OP_EDIT_RS; $args['require_full_object_role'] = false; if (isset($args['force_reqd_caps'])) { unset($args['force_reqd_caps']); } $qry_flt = apply_filters('objects_request_rs', $qry, $src_name, $object_type, $args); $cu_edit_results = scoper_get_col($qry_flt); foreach ($results as $key => $row) { if (in_array($row->{$col_id}, $cu_edit_results)) { $link_objects[$row->{$col_id}] = true; } } } } } $object_roles = array(); $objnames = array(); if ($results) { $got_object_roles = true; foreach ($results as $row) { if (!isset($objnames[$row->{$col_id}])) { if ('post' == $src->name) { $objnames[$row->{$col_id}] = apply_filters('the_title', $row->{$col_name}, $row->{$col_id}); } else { $objnames[$row->{$col_id}] = $row->{$col_name}; } } $role_handle = 'rs_' . $row->role_name; if ($row->date_limited) { $duration_key = serialize(array('start_date_gmt' => $row->start_date_gmt, 'end_date_gmt' => $row->end_date_gmt)); } else { $duration_key = ''; } $object_roles[$duration_key][$row->{$col_id}][$role_handle] = true; } } else { continue; } ?> <?php $title_roles = __('edit roles', 'scoper'); foreach (array_keys($object_roles) as $duration_key) { $date_caption = ''; $limit_class = ''; $limit_style = ''; $link_class = ''; if ($duration_key) { $html .= "<h3 style='margin-bottom:0'>{$date_caption}</h3>"; $duration_limits = unserialize($duration_key); $duration_limits['date_limited'] = true; ScoperAdminUI::set_agent_formatting($duration_limits, $date_caption, $limit_class, $link_class, $limit_style); $title = "title='{$date_caption}'"; $date_caption = '<span class="rs-gray"> ' . trim($date_caption) . '</span>'; } else { $title = "title='{$title_roles}'"; } if (!$disable_role_admin && (is_user_administrator_rs() || $cu_admin_results)) { //if ( ( $src_name != $object_type ) && ( 'post' != $object_type ) ) { // menu links currently assume unique object type names // $roles_page = "rs-roles-{$object_type}_{$src_name}"; //} else { $roles_page = "rs-{$object_type}-roles"; //} $url = "admin.php?page={$roles_page}"; $html .= "<h4><a name='{$object_type}' href='{$url}'><strong>" . sprintf(__('%1$s Roles%2$s:', 'scoper'), $otype->labels->singular_name, '</strong></a><span style="font-weight:normal">' . $date_caption) . "</span></h4>"; } else { $html .= "<h4><strong>" . sprintf(__('%1$s Roles%2$s:', 'scoper'), $otype->labels->singular_name, $date_caption) . "</strong></h4>"; } $html .= "<ul class='rs-termlist'><li>" . "<table class='widefat'>" . "<thead>" . "<tr class='thead'>" . "\t<th class='rs-tightcol'>" . __('ID') . "</th>" . "\t<th>" . __awp('Name') . "</th>" . "\t<th>" . __('Role Assignments', 'scoper') . "</th>" . "</tr>" . "</thead>"; $id_clause = isset($role_codes[$role_handle]) ? "id='roles-{$role_codes[$role_handle]}'" : ''; $html .= "<tbody {$id_clause}>"; $style = ' class="rs-backwhite"'; $title_item = sprintf(__('edit %s', 'scoper'), agp_strtolower($otype->labels->singular_name)); foreach ($object_roles[$duration_key] as $obj_id => $roles) { $object_name = esc_attr($objnames[$obj_id]); $html .= "\n\t<tr{$style}>"; $link_this_object = !isset($link_objects) || isset($link_objects[$obj_id]); // link from object ID to the object type's default editor, if defined if ($link_this_object && !empty($src->edit_url)) { $src_edit_url = sprintf($src->edit_url, $obj_id); $html .= "<td><a href='{$src_edit_url}' class='edit' title='{$title_item}'>{$obj_id}</a></td>"; } else { $html .= "<td>{$obj_id}</td>"; } $name = !empty($objnames[$obj_id]) ? $objnames[$obj_id] : __('(untitled)', 'scoper'); // link from object name to our "Edit Object Role Assignment" interface $link_this_role = !isset($link_roles) || isset($link_roles[$obj_id]); if ($link_this_role) { if ('group' == $object_type) { $rs_edit_url = sprintf($src->edit_url, $obj_id); } else { $rs_edit_url = "admin.php?page=rs-object_role_edit&src_name={$src_name}&object_type={$object_type}&object_id={$obj_id}&object_name={$object_name}"; } $html .= "\n\t<td><a {$title}{$limit_style}class='{$link_class}{$limit_class}' href='{$rs_edit_url}'>{$name}</a></td>"; } else { $html .= "\n\t<td>{$name}</td>"; } $html .= "<td>"; $role_list = array(); foreach (array_keys($roles) as $role_handle) { // roles which require object assignment are asterisked (bolding would contradict the notation of term roles list, where propogating roles are bolded) if (isset($strict_objects['restrictions'][$role_handle][$obj_id]) || isset($strict_objects['unrestrictions'][$role_handle]) && is_array($strict_objects['unrestrictions'][$role_handle]) && !isset($strict_objects['unrestrictions'][$role_handle][$obj_id])) { $role_list[] = "<span class='rs-backylw'>" . $role_display[$role_handle] . '</span>'; } else { $role_list[] = $role_display[$role_handle]; } } $html .= implode(', ', $role_list); $html .= '</td></tr>'; $style = ' class="alternate"' == $style ? ' class="rs-backwhite"' : ' class="alternate"'; } // end foreach object_roles $html .= '</tbody></table>'; $html .= '</li></ul><br />'; } // end foreach role date range } // end foreach object_types } // end foreach data source if ($echo) { echo $html; } else { return $html; } }
function role_owners_key($tx_or_otype, $args = array()) { $defaults = array('display_links' => true, 'display_restriction_key' => true, 'restriction_caption' => '', 'role_basis' => '', 'agent_caption' => '', 'single_item' => false); $args = array_merge($defaults, (array) $args); extract($args); $item_label = agp_strtolower($tx_or_otype->labels->name); $item_label_singular = agp_strtolower($tx_or_otype->labels->singular_name); if ($role_basis) { if (!$agent_caption && $role_basis) { $agent_caption = ROLE_BASIS_GROUPS == $role_basis ? __('Group', 'scoper') : __('User', 'scoper'); } $generic_name = ROLE_BASIS_GROUPS == $role_basis ? __('Groupname', 'scoper') : __('Username', 'scoper'); } else { $generic_name = __awp('Name'); } $agent_caption = agp_strtolower($agent_caption); if ($single_item) { echo '<div id="single_item_roles_key" style="display:none">'; echo '<div style="margin-bottom:0.1em;margin-top:0"><strong><a name="scoper_key"></a>' . __("Users / Groups Key", 'scoper') . ':</strong></div><ul class="rs-agents_key">'; } else { echo '<h4 style="margin-bottom:0.1em"><a name="scoper_key"></a>' . __("Users / Groups Key", 'scoper') . ':</h4><ul class="rs-agents_key">'; } $link_open = $display_links ? "<a class='rs-link_plain' href='javascript:void(0)'>" : ''; $link_close = $display_links ? '</a>' : ''; echo '<li>'; echo "{$link_open}{$generic_name}{$link_close}: "; printf(__('%1$s has role assigned for the specified %2$s.', 'scoper'), $agent_caption, $item_label_singular); echo '</li>'; echo '<li>'; echo "<span class='rs-bold'>{$link_open}{$generic_name}{$link_close}</span>: "; printf(__('%1$s has role assigned for the specified %2$s and, by default, for all its sub-%3$s. (Propagated roles can also be explicitly removed).', 'scoper'), $agent_caption, $item_label_singular, $item_label); echo '</li>'; echo '<li>'; echo "<span class='rs-bold rs-gray'>{$link_open}{$generic_name}{$link_close}</span>: "; printf(__('%1$s does NOT have role assigned for the specified %2$s, but has it by default for sub-%3$s.', 'scoper'), $agent_caption, $item_label_singular, $item_label); echo '</li>'; echo '<li>'; echo '<span class="rs-bold">{' . "{$link_open}{$generic_name}{$link_close}" . '}</span>: '; printf(__('%1$s has this role via propagation from parent %2$s, and by default for sub-%3$s.', 'scoper'), $agent_caption, $item_label_singular, $item_label); echo '</li>'; if ($display_restriction_key) { echo '<li>'; echo "<span class='rs-bold rs-backylw' style='border:1px solid #00a;padding-left:0.5em;padding-right:0.5em'>" . __('Role Name', 'scoper') . "</span>: "; echo "<span>" . sprintf(__('role is restricted for specified %s.', 'scoper'), $item_label_singular) . "</span>"; echo '</li>'; } echo '</ul>'; if ($single_item) { echo '</div><br />'; } }
function scoper_admin_section_restrictions($taxonomy) { global $scoper, $scoper_admin; $tx = $scoper->taxonomies->get($taxonomy); if (empty($tx) || empty($tx->requires_term)) { wp_die(__('Invalid taxonomy', 'scoper')); } $is_administrator = is_administrator_rs($tx, 'user'); if (!$scoper_admin->user_can_admin_terms($taxonomy)) { wp_die(__awp('Cheatin’ uh?')); } require_once dirname(__FILE__) . '/admin-bulk_rs.php'; $role_assigner = init_role_assigner(); $nonce_id = 'scoper-assign-roles'; $role_codes = ScoperAdminBulk::get_role_codes(); echo '<a name="scoper_top"></a>'; // retrieve all terms to track hierarchical relationship, even though some may not be adminable by current user $val = ORDERBY_HIERARCHY_RS; $args = array('order_by' => $val); $all_terms = $scoper->get_terms($taxonomy, UNFILTERED_RS, COLS_ALL_RS, 0, $args); // =========================== Submission Handling ========================= if (isset($_POST['rs_submit'])) { $err = ScoperAdminBulk::role_submission(TERM_SCOPE_RS, ROLE_RESTRICTION_RS, '', $taxonomy, $role_codes, '', $nonce_id); if (scoper_get_option('file_filtering')) { scoper_flush_file_rules(); } } else { $err = 0; } // =========================== Prepare Data =============================== $tx_src = $scoper->data_sources->get($tx->source); if ($col_id = $tx_src->cols->id) { // determine which terms current user can admin if ($admin_terms = $scoper->get_terms($taxonomy, ADMIN_TERMS_FILTER_RS, COL_ID_RS)) { $admin_terms = array_fill_keys($admin_terms, true); } } else { $admin_terms = array(); } // =========================== Display UI =============================== ?> <div class="wrap agp-width97"> <?php $tx_label = $tx->labels->singular_name; $src_label = $scoper->data_sources->member_property($tx->object_source, 'labels', 'singular_name'); echo '<h2>' . sprintf(__('%s Restrictions', 'scoper'), $tx_label); echo ' <span style="font-size: 0.6em; font-style: normal">(<a href="#scoper_notes">' . __('see notes', 'scoper') . '</a>)</span></h2>'; if (scoper_get_option('display_hints')) { echo '<div class="rs-hint">'; if ('category' == $taxonomy && scoper_get_otype_option('use_object_roles', 'post', 'post')) { printf(__('Reduce access by requiring some role(s) to be %1$s%2$s-assigned%3$s (or %4$s-assigned). Corresponding General Roles (whether assigned by WordPress or Role Scoper) are ignored.', 'scoper'), "<a href='admin.php?page=rs-{$taxonomy}-roles_t'>", $tx_label, '</a>', $src_label); } else { printf(__('Reduce access by requiring some role(s) to be %1$s%2$s-assigned%3$s. Corresponding General Role assignments are ignored.', 'scoper'), "<a href='admin.php?page=rs-{$taxonomy}-roles_t'>", $tx_label, '</a>'); } echo '</div>'; } if (!($role_defs_by_otype = $scoper->role_defs->get_for_taxonomy($tx->object_source, $taxonomy))) { echo '<br />' . sprintf(__('Role definition error (taxonomy: %s).', 'scoper'), $taxonomy); echo '</div>'; return; } if (empty($admin_terms)) { echo '<br />' . sprintf(__('Either you do not have permission to administer any %s, or none exist.', 'scoper'), $tx->labels->name); echo '</div>'; return; } ?> <form action="" method="post" name="role_scope" id="role_assign"> <?php wp_nonce_field($nonce_id); echo '<br /><div id="rs-term-scroll-links">'; echo ScoperAdminBulkLib::taxonomy_scroll_links($tx, $all_terms, $admin_terms); echo '</div><hr />'; // ============ Assignment Mode Selection Display ================ // TODO: is Link Category label handled without workaround now? $tx_label = agp_strtolower($tx->labels->name); $tx_label_singular = agp_strtolower($tx->labels->singular_name); $parent_col = $tx_src->cols->parent; if (!$parent_col || !empty($tx->uses_standard_schema) && empty($tx->hierarchical)) { $assignment_modes = array(ASSIGN_FOR_ENTITY_RS => sprintf(__('for selected %s', 'scoper'), $tx_label)); } else { $assignment_modes = array(ASSIGN_FOR_ENTITY_RS => sprintf(__('for selected %s', 'scoper'), $tx_label), ASSIGN_FOR_CHILDREN_RS => sprintf(__('for sub-%s of selected', 'scoper'), $tx_label), ASSIGN_FOR_BOTH_RS => sprintf(__('for selected and sub-%s', 'scoper'), $tx_label)); } $max_scopes = array('term' => __('Restrict selected roles', 'scoper'), 'blog' => __('Unrestrict selected roles', 'scoper')); $args = array('max_scopes' => $max_scopes, 'scope' => TERM_SCOPE_RS); ScoperAdminBulk::display_inputs(ROLE_RESTRICTION_RS, $assignment_modes, $args); ScoperAdminBulk::item_tree_jslinks(ROLE_RESTRICTION_RS); // IE (6 at least) won't obey link color directive in a.classname CSS $ie_link_style = strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false ? ' style="color:white;"' : ''; $args = array('include_child_restrictions' => true, 'return_array' => true, 'role_type' => 'rs', 'force_refresh' => true); $strict_terms = $scoper->get_restrictions(TERM_SCOPE_RS, $taxonomy, $args); //strict_terms[taxonomy][role name][term_id] = array: terms which require Role Scoper assignment for specified role (user blog roles ignored, required caps may be supplied by scoper term role or object-specific assignment) // (for other terms, Role Scoper role assignment is optional (term role assignments will supplement blog caps) $editable_roles = array(); foreach ($all_terms as $term) { $id = $term->{$col_id}; foreach ($role_defs_by_otype as $object_type => $role_defs) { foreach (array_keys($role_defs) as $role_handle) { if ($role_assigner->user_has_role_in_term($role_handle, $taxonomy, $id, '', array('src_name' => $tx->object_source, 'object_type' => $object_type))) { $editable_roles[$id][$role_handle] = true; } } } } $default_restrictions = $scoper->get_default_restrictions(TERM_SCOPE_RS); $default_strict_roles = !empty($default_restrictions[$taxonomy]) ? array_flip(array_keys($default_restrictions[$taxonomy])) : array(); $table_captions = ScoperAdminUI::restriction_captions(TERM_SCOPE_RS, $tx, $tx_label_singular, $tx_label); $args = array('admin_items' => $admin_terms, 'editable_roles' => $editable_roles, 'default_strict_roles' => $default_strict_roles, 'ul_class' => 'rs-termlist', 'ie_link_style' => $ie_link_style, 'err' => $err, 'table_captions' => $table_captions); ScoperAdminBulk::item_tree(TERM_SCOPE_RS, ROLE_RESTRICTION_RS, $tx_src, $tx, $all_terms, '', $strict_terms, $role_defs_by_otype, $role_codes, $args); echo '<a href="#scoper_top">' . __('top', 'scoper') . '</a>'; echo '<hr />'; echo '<h4 style="margin-bottom:0.1em"><a name="scoper_notes"></a>' . __("Notes", 'scoper') . ':</h4><ul class="rs-notes">'; $osrc = $scoper->data_sources->get($tx->object_source); if (empty($osrc->no_object_roles)) { echo '<li>'; printf(__('Any %1$s Restriction causes the specified role to be granted only via %1$s Role assignment, regardless of these %2$s settings.', 'scoper'), $osrc->labels->singular_name, $tx->labels->singular_name); echo '</li></ul>'; } ?> </form> </div> <?php }
function _agents_checklist_display($agents_subset, $role_basis, $all_agents, $id_prefix, $stored_assignments, $args, &$key, &$action_links) { $defaults = array('eligible_ids' => '', 'locked_ids' => '', 'suppress_extra_prefix' => false, 'check_for_incomplete_submission' => false, 'checkall_threshold' => 6, 'filter_threshold' => 10, 'default_hide_threshold' => 20, 'caption_length_limit' => 20, 'emsize_threshold' => 4, 'objtype_display_name' => '', 'objtype_display_name_plural' => '', 'propagation' => false, 'for_children_ids' => '', 'for_entity_ids' => '', 'via_other_scope_ids' => '', 'via_other_scope_prefix' => '/', 'via_other_scope_suffix' => '/', 'via_other_role_ids' => '', 'via_other_role_prefix' => '(', 'via_other_role_suffix' => ')', 'via_other_basis_ids' => '', 'via_other_basis_prefix' => "|", 'via_other_basis_suffix' => '|', 'inherited_prefix' => '{', 'inherited_suffix' => '}', 'suppress_last_agents' => false); $args = array_merge($defaults, (array) $args); extract($args); $ie_checkbox_style = !empty($GLOBALS['is_IE']) ? "style='height:1em'" : ''; if (ELIGIBLE_ITEMS_RS == $agents_subset && scoper_get_option("{$role_basis}_role_assignment_csv")) { return ScoperAgentsChecklist::eligible_agents_input_box($role_basis, $id_prefix, $propagation); } if (is_array($eligible_ids) && empty($eligible_ids)) { $eligible_ids = array(-1); } else { if (!is_array($eligible_ids)) { $eligible_ids = array(); } else { $eligible_ids = array_flip($eligible_ids); } } if (!is_array($stored_assignments)) { $stored_assignments = array(); } if (!is_array($locked_ids)) { $locked_ids = array(); } else { $locked_ids = array_flip($locked_ids); } if (!is_array($for_children_ids)) { $for_children_ids = array(); } else { $for_children_ids = array_flip($for_children_ids); } if (is_array($for_entity_ids) && !empty($for_entity_ids)) { $for_entity_ids = array_flip($for_entity_ids); } if (!$via_other_scope_ids || !is_array($via_other_scope_ids)) { $via_other_scope_ids = array(); } else { $via_other_scope_ids = array_flip($via_other_scope_ids); } if (!is_array($via_other_role_ids)) { $via_other_role_ids = array(); } else { $via_other_role_ids = array_flip($via_other_role_ids); } if (!is_array($via_other_basis_ids)) { $via_other_basis_ids = array(); } else { $via_other_basis_ids = array_flip($via_other_basis_ids); } if (!$suppress_extra_prefix) { $id_prefix .= "_{$role_basis}"; } $any_inherited = $any_other_scope = $any_other_role = $any_other_basis = $any_date_limits = false; $agent_count = array(); $agent_count[CURRENT_ITEMS_RS] = count($stored_assignments); if (empty($eligible_ids)) { $agent_count[ELIGIBLE_ITEMS_RS] = count($all_agents) - count($stored_assignments); } elseif ($eligible_ids != array(-1)) { foreach (array_keys($all_agents) as $_key) { $all_agent_ids[$all_agents[$_key]->ID] = true; } $eligible_ids = array_intersect_key($eligible_ids, $all_agent_ids); $agent_count[ELIGIBLE_ITEMS_RS] = count(array_diff_key($eligible_ids, $stored_assignments)); } else { $agent_count[ELIGIBLE_ITEMS_RS] = 0; } $default_hide_filtered_list = $default_hide_threshold && $agent_count[$agents_subset] > $default_hide_threshold; $checked = $agents_subset == CURRENT_ITEMS_RS ? $checked = "checked='checked'" : ''; // determine whether to show caption, show/hide checkbox and filter textbox $any_display_filtering = $agent_count[CURRENT_ITEMS_RS] > $filter_threshold || $agent_count[ELIGIBLE_ITEMS_RS] > $filter_threshold; if ($agent_count[$agents_subset] > $filter_threshold) { if (ROLE_BASIS_GROUPS == $role_basis) { $caption = CURRENT_ITEMS_RS == $agents_subset ? __('show current groups (%d)', 'scoper') : __('show eligible groups (%d)', 'scoper'); } else { $caption = CURRENT_ITEMS_RS == $agents_subset ? __('show current users (%d)', 'scoper') : __('show eligible users (%d)', 'scoper'); } $js_call = "agp_display_if('div_{$agents_subset}_{$id_prefix}', this.id);" . "agp_display_if('chk-links_{$agents_subset}_{$id_prefix}', this.id);"; $flt_checked = !$default_hide_filtered_list ? "checked='checked'" : ''; $ul_class = 'rs-agents-ul'; echo "<ul class='rs-list_horiz {$ul_class}'><li>"; // IE6 (at least) does not render label reliably without this echo "<input type='checkbox' name='rs-jscheck[]' value='validate_me_{$agents_subset}_{$id_prefix}' id='chk_{$agents_subset}_{$id_prefix}' {$flt_checked} onclick=\"{$js_call}\" {$ie_checkbox_style} /> "; echo "<strong><label for='chk_{$agents_subset}_{$id_prefix}'>"; printf($caption, $agent_count[$agents_subset]); echo '</label></strong>'; echo '</li>'; $class = $default_hide_filtered_list ? '' : 'class="agp_js_show"'; echo "\r\n" . "<li style='clear:both;'> <label for='flt_{$agents_subset}_{$id_prefix}' id='lbl_flt_{$id_prefix}'>"; _e('filter:', 'scoper'); $js_call = "agp_filter_ul('list_{$agents_subset}_{$id_prefix}', this.value, 'chk_{$agents_subset}_{$id_prefix}', 'chk-links_{$agents_subset}_{$id_prefix}');"; echo " <input type='text' id='flt_{$agents_subset}_{$id_prefix}' size='10' onkeyup=\"{$js_call}\" />"; echo "</label></li>"; echo "<li {$class} style='display:none;' id='chk-links_{$agents_subset}_{$id_prefix}'>"; $js_call = "agp_check_by_name('{$id_prefix}[]', true, true, false, 'list_{$agents_subset}_{$id_prefix}', 1);"; echo "\r\n" . " " . "<a href='javascript:void(0)' onclick=\"{$js_call}\">"; _e('select', 'scoper'); echo '</a> '; $js_call = "agp_check_by_name('{$id_prefix}[]', '', true, false, 'list_{$agents_subset}_{$id_prefix}', 1);"; echo "\r\n" . "<a href='javascript:void(0)' onclick=\"{$js_call}\">"; _e('unselect', 'scoper'); echo "</a>"; if ($propagation) { $js_call = "agp_check_by_name('p_{$id_prefix}[]', true, true, false, 'list_{$agents_subset}_{$id_prefix}', 1);"; echo "\r\n" . " " . "<a href='javascript:void(0)' onclick=\"{$js_call}\">"; _e('propagate', 'scoper'); echo '</a> '; $js_call = "agp_check_by_name('p_{$id_prefix}[]', '', true, false, 'list_{$agents_subset}_{$id_prefix}', 1);"; echo "\r\n" . "<a href='javascript:void(0)' onclick=\"{$js_call}\">"; _e('unpropagate', 'scoper'); echo "</a>"; } echo '</li></ul>'; } else { $ul_class = ''; if ($agent_count[$agents_subset]) { echo "<ul class='rs-list_horiz rs-agents_filter {$ul_class}'><li>"; if (ROLE_BASIS_GROUPS == $role_basis) { $caption = CURRENT_ITEMS_RS == $agents_subset ? __('current groups (%d):', 'scoper') : __('eligible groups (%d):', 'scoper'); } else { $caption = CURRENT_ITEMS_RS == $agents_subset ? __('current users (%d):', 'scoper') : __('eligible users (%d):', 'scoper'); } printf("<div class='rs-agents_caption'><strong>{$caption}</strong></div>", $agent_count[$agents_subset]); echo '</li></ul>'; } } $title = ''; if ($propagation) { if (!$otype_label_singular) { $otype_label_singular = __('object', 'scoper'); } if (!$otype_label) { $otype_label = __('objects', 'scoper'); } } if ($any_display_filtering || $agent_count[$agents_subset] > $emsize_threshold) { global $wp_locale; $rtl = isset($wp_locale) && 'rtl' == $wp_locale->text_direction; // -------- determine required list item width ----------- if ($caption_length_limit > 40) { $caption_length_limit = 40; } if ($caption_length_limit < 10) { $caption_length_limit = 10; } $longest_caption_length = 0; foreach ($all_agents as $agent) { $id = $agent->ID; if (is_array($for_entity_ids)) { $role_assigned = isset($for_entity_ids[$id]) || isset($for_children_ids[$id]); } else { $role_assigned = isset($stored_assignments[$id]); } switch ($agents_subset) { case CURRENT_ITEMS_RS: if (!$role_assigned) { continue 2; } break; default: //ELIGIBLE_ITEMS_RS if ($role_assigned) { continue 2; } if ($eligible_ids && !isset($eligible_ids[$id])) { continue 2; } } $caption = ROLE_BASIS_GROUPS == $role_basis && $agent->meta_id ? ScoperAdminLib::get_metagroup_name($agent->meta_id) : $agent->display_name; if ($role_assigned && !empty($stored_assignments[$id]['inherited_from'])) { $caption = $inherited_prefix . $caption . $inherited_suffix; } elseif (!$role_assigned && isset($via_other_basis_ids[$id])) { $caption = $via_other_basis_prefix . $caption . $via_other_basis_suffix; } elseif (isset($via_other_role_ids[$id])) { $caption = $via_other_role_prefix . $caption . $via_other_role_suffix; } elseif (isset($via_other_scope_ids[$id])) { $caption = $via_other_scope_prefix . $caption . $via_other_scope_suffix; } if (strlen($caption) > $longest_caption_length) { if (strlen($caption) >= $caption_length_limit) { $longest_caption_length = $caption_length_limit + 2; } else { $longest_caption_length = strlen($caption); } } } if ($longest_caption_length < 10) { $longest_caption_length = 10; } //if ( ! $ems_per_character = scoper_get_option('ems_per_character') ) if (defined('UI_EMS_PER_CHARACTER')) { $ems_per_character = UI_EMS_PER_CHARACTER; } else { $ems_per_character = 0.85; } $list_width_ems = $ems_per_character * $longest_caption_length; if ($propagation) { $list_width_ems = $list_width_ems + 1.0; } $ems_integer = intval($list_width_ems); $ems_half = $list_width_ems - $ems_integer >= 0.5 ? '_5' : ''; $ul_class = "rs-agents_list_{$ems_integer}{$ems_half}"; $hide_class = $default_hide_filtered_list && $agent_count[$agents_subset] > $filter_threshold ? 'class="agp_js_hide"' : ''; echo "\r\n" . "<div id='div_{$agents_subset}_{$id_prefix}' {$hide_class}>" . "<div class='rs-agents_emsized'>" . "<ul class='{$ul_class}' id='list_{$agents_subset}_{$id_prefix}'>"; } else { $ul_class = "rs-agents_list_auto"; echo "\r\n<ul class='{$ul_class}' id='list_{$agents_subset}_{$id_prefix}'>"; } //-------- end list item width determination -------------- $last_agents = array(); $last_agents_prop = array(); foreach ($all_agents as $agent) { $id = $agent->ID; $agent_display_name = ROLE_BASIS_GROUPS == $role_basis && $agent->meta_id ? ScoperAdminLib::get_metagroup_name($agent->meta_id) : $agent->display_name; if (is_array($for_entity_ids)) { $role_assigned = isset($for_entity_ids[$id]) || isset($for_children_ids[$id]); } else { $role_assigned = isset($stored_assignments[$id]); } switch ($agents_subset) { case CURRENT_ITEMS_RS: if (!$role_assigned) { continue 2; } break; default: //ELIGIBLE_ITEMS_RS if ($role_assigned) { continue 2; } if ($eligible_ids && !isset($eligible_ids[$id])) { continue 2; } } // markup for role duration / content date limits $title = ''; // we can't set the title because it's used by JS for onkey filtering $limit_class = ''; $link_class = ''; $limit_style = ''; if (isset($stored_assignments[$id])) { ScoperAdminUI::set_agent_formatting($stored_assignments[$id], $title, $limit_class, $link_class, $limit_style); } if ($title) { $any_date_limits = true; $label_title = " title='{$title}'"; } else { $label_title = ''; } $disabled = $locked_ids && isset($locked_ids[$id]) ? " disabled='disabled'" : ''; $li_title = "title=' " . agp_strtolower($agent_display_name) . " '"; if ($check_for_incomplete_submission && isset($_POST['scoper_error']) && isset($_POST[$id_prefix])) { $this_checked = in_array($id, $_POST[$id_prefix]) ? ' checked="checked"' : ''; } else { if ($role_assigned && (!is_array($for_entity_ids) || isset($for_entity_ids[$id]))) { $this_checked = ' checked="checked"'; } else { $this_checked = ''; } } if ($this_checked && !$suppress_last_agents) { $last_agents[] = $id; } if (isset($via_other_role_ids[$id])) { $label_class = " class='rs-via-r{$limit_class}'"; } elseif (!$role_assigned && isset($via_other_basis_ids[$id])) { $label_class = " class='rs-via-b{$limit_class}'"; } elseif (isset($via_other_scope_ids[$id])) { $label_class = " class='rs-via-s{$limit_class}'"; } elseif ($limit_class) { $label_class = " class='" . trim($limit_class) . "'"; } else { $label_class = ''; } echo "\r\n<li {$li_title}>" . "<input type='checkbox' name='{$id_prefix}[]'{$disabled}{$this_checked} value='{$id}' id='{$id_prefix}{$id}' {$ie_checkbox_style} />"; if ($propagation) { if ($check_for_incomplete_submission && isset($_POST['scoper_error']) && isset($_POST["p_{$id_prefix}"])) { $this_checked_prop = in_array($id, $_POST["p_{$id_prefix}"]) ? ' checked="checked"' : ''; } else { if (isset($for_children_ids[$id])) { $this_checked_prop = " checked='checked'"; } else { $this_checked_prop = ''; } } if ($this_checked_prop && !$suppress_last_agents) { $last_agents_prop[] = $id; } echo "{" . "<input type='checkbox' name='p_{$id_prefix}[]'{$disabled}{$this_checked_prop} value='{$id}' id='p_{$id_prefix}{$id}' {$ie_checkbox_style} />" . "}"; } echo "<label {$title} {$limit_style} for='{$id_prefix}{$id}'{$label_class}{$label_title}>"; $caption = $agent_display_name; if (strlen($caption) > $caption_length_limit) { if (!empty($rtl)) { $caption = '...' . substr($caption, strlen($caption) - $caption_length_limit); } else { $caption = substr($caption, 0, $caption_length_limit) . '...'; } } if ($role_assigned && !empty($stored_assignments[$id]['inherited_from'])) { $caption = $inherited_prefix . $caption . $inherited_suffix; $any_inherited = true; } elseif (isset($via_other_role_ids[$id])) { $caption = $via_other_role_prefix . $caption . $via_other_role_suffix; $any_other_role = true; } elseif (!$role_assigned && isset($via_other_basis_ids[$id])) { $caption = $via_other_basis_prefix . $caption . $via_other_basis_suffix; $any_other_basis = true; } elseif (isset($via_other_scope_ids[$id])) { $caption = $via_other_scope_prefix . $caption . $via_other_scope_suffix; $any_other_scope = true; } $caption = ' ' . $caption; echo $caption; // str_replace(' ', ' ', $caption); echo '</label></li>'; } //foreach agent echo "\r\n<li></li></ul>"; // prevent invalid markup if no other li's if (CURRENT_ITEMS_RS == $agents_subset) { $last_agents = implode("~", $last_agents); $last_agents_prop = implode("~", $last_agents_prop); echo "<input type=\"hidden\" id=\"last_{$id_prefix}\" name=\"last_{$id_prefix}\" value=\"{$last_agents}\" />"; echo "<input type=\"hidden\" id=\"last_p_{$id_prefix}\" name=\"last_p_{$id_prefix}\" value=\"{$last_agents_prop}\" />"; } if ($any_display_filtering || $agent_count[$agents_subset] > $emsize_threshold) { echo '</div></div>'; } // display key if ($any_inherited && $inherited_prefix) { $key['inherited'] = "{$inherited_prefix} {$inherited_suffix}" . '<span class="rs-keytext">' . sprintf(__('inherited from parent %s', 'scoper'), agp_strtolower($otype_label_singular)) . '</span>'; } if ($any_other_role && $via_other_role_prefix) { $key['other_role'] = "<span class='rs-via-r'>{$via_other_role_prefix} {$via_other_role_suffix}" . '<span class="rs-keytext">' . str_replace(' ', ' ', __('has via other role', 'scoper')) . '</span></span>'; } if ($any_other_basis && $via_other_basis_prefix) { $key['other_basis'] = "<span class='rs-via-b'>{$via_other_basis_prefix} {$via_other_basis_suffix}" . '<span class="rs-keytext">' . str_replace(' ', ' ', __('has via group', 'scoper')) . '</span></span>'; } if ($any_other_scope && $via_other_scope_prefix) { $key['other_scope'] = "<span class='rs-via-s'>{$via_other_scope_prefix} {$via_other_scope_suffix}" . '<span class="rs-keytext">' . str_replace(' ', ' ', __('has via other scope', 'scoper')) . '</span></span>'; } if ($propagation) { $key['propagation'] = "{<input type='checkbox' disabled='disabled' name='rs-prop_key_{$agents_subset}_{$id_prefix}' id='rs-prop_key_{$agents_subset}_{$id_prefix}' style='vertical-align:middle' />}" . '<span class="rs-keytext">' . sprintf(__('propagate to sub-%s', 'scoper'), agp_strtolower($otype_label)) . '</span>'; } if ($any_date_limits && !empty($object_id)) { if (empty($GLOBALS['post']) || 'auto-draft' != $GLOBALS['post']->post_status) { //don't display link for auto-drafts $action_links['limits'] = sprintf(__('%1$sEdit date limits%2$s', 'scoper'), "<a href='admin.php?page=rs-{$object_type}-roles#item-{$object_id}'>", '</a>'); } } }
function admin_head() { global $pagenow, $plugin_page_cr; echo '<link rel="stylesheet" href="' . SCOPER_URLPATH . '/admin/role-scoper.css" type="text/css" />' . "\n"; if ('rs-about' == $plugin_page_cr) { echo '<link rel="stylesheet" href="' . SCOPER_URLPATH . '/admin/about/about.css" type="text/css" />' . "\n"; } if (in_array($pagenow, array('post.php', 'post-new.php'))) { $src_name = 'post'; $object_type = cr_find_post_type(); } elseif (isset($_GET['src_name']) && isset($_GET['object_type'])) { $src_name = sanitize_key($_GET['src_name']); $object_type = sanitize_key($_GET['object_type']); } if (!empty($object_type)) { // dynamically set checkbox titles for user/group object role selection $src = $this->scoper->data_sources->get($src_name); $otype_def = $this->scoper->data_sources->member_property($src_name, 'object_types', $object_type); if (!empty($src) && !empty($src->cols->parent) && empty($otype_def->ignore_object_hierarchy)) { if (!empty($otype_def->labels)) { $obj_title = sprintf(__('assign role for this %s', 'scoper'), agp_strtolower($otype_def->labels->singular_name)); $child_title = sprintf(__('assign role for sub-%s', 'scoper'), agp_strtolower($otype_def->labels->name)); $js_params = "var role_for_object_title = '{$obj_title}';" . "var role_for_children_title = '{$child_title}';"; // TODO: replace some of this JS with equivalent JQuery echo "\n" . '<script type="text/javascript">' . $js_params . '</script>'; echo "\n" . "<script type='text/javascript' src='" . SCOPER_URLPATH . "/admin/rs-objrole-cbox-maint.js'></script>"; } } } add_filter('contextual_help_list', array(&$this, 'flt_contextual_help_list'), 10, 2); if (0 === strpos($plugin_page_cr, 'rs-') && strpos($plugin_page_cr, 'roles')) { // add Ajax goodies we need for role duration/content date limit editing Bulk Role Admin if (!awp_ver('3.4')) { wp_print_scripts(array('page')); } require_once dirname(__FILE__) . '/admin_lib-bulk_rs.php'; ScoperAdminBulkLib::date_limits_js(); } // TODO: replace some of this JS with equivalent JQuery echo "\n" . "<script type='text/javascript' src='" . SCOPER_URLPATH . "/admin/agapetry.js'></script>"; echo "\n" . "<script type='text/javascript' src='" . SCOPER_URLPATH . "/admin/role-scoper.js'></script>"; if (scoper_get_option('group_ajax') && (in_array($pagenow, array('user-edit.php', 'profile.php')) || 'rs-groups' == $plugin_page_cr)) { global $scoper_user_search; if ('rs-groups' == $plugin_page_cr) { $agent_type = 'users'; $agent_id = isset($_GET['id']) ? $_GET['id'] : 0; } else { $agent_type = 'groups'; if ('profile.php' == $pagenow) { global $current_user; $agent_id = $current_user->ID; } else { $agent_id = (int) $_GET['user_id']; } } require_once dirname(__FILE__) . '/user_search_ui_rs.php'; $scoper_user_search = new ScoperUserSearch($agent_type); $scoper_user_search->output_js($agent_type, $agent_id); } }
function scoper_admin_section_roles($taxonomy) { global $scoper, $scoper_admin, $wpdb; if (!($tx = $scoper->taxonomies->get($taxonomy))) { wp_die(__('Invalid taxonomy', 'scoper')); } $is_administrator = is_administrator_rs($tx, 'user'); $role_bases = array(); if (USER_ROLES_RS && ($is_administrator || $scoper_admin->user_can_admin_terms($taxonomy))) { $role_bases[] = ROLE_BASIS_USER; } if (GROUP_ROLES_RS && ($is_administrator || $scoper_admin->user_can_admin_terms($taxonomy) || current_user_can('manage_groups'))) { $role_bases[] = ROLE_BASIS_GROUPS; } if (empty($role_bases)) { wp_die(__awp('Cheatin’ uh?')); } require_once dirname(__FILE__) . '/admin-bulk_rs.php'; require_once dirname(__FILE__) . '/role_assignment_lib_rs.php'; $role_assigner = init_role_assigner(); $nonce_id = 'scoper-assign-roles'; $agents = ScoperAdminBulk::get_agents($role_bases); $agent_names = ScoperAdminBulk::agent_names($agents); $agent_list_prefix = ScoperAdminBulk::agent_list_prefixes(); $agent_caption_plural = ScoperAdminBulk::agent_captions_plural($role_bases); $role_bases = array_keys($agents); $role_codes = ScoperAdminBulk::get_role_codes(); echo '<a name="scoper_top"></a>'; // retrieve all terms to track hierarchical relationship, even though some may not be adminable by current user $val = ORDERBY_HIERARCHY_RS; $args = array('order_by' => $val); $all_terms = $scoper->get_terms($taxonomy, UNFILTERED_RS, COLS_ALL_RS, 0, $args); // =========================== Submission Handling ========================= if (isset($_POST['rs_submit'])) { $err = ScoperAdminBulk::role_submission(TERM_SCOPE_RS, ROLE_ASSIGNMENT_RS, $role_bases, $taxonomy, $role_codes, $agent_caption_plural, $nonce_id); } else { $err = 0; } // =========================== Prepare Data =============================== //$term_roles [role_basis] [src_name] [object_id] [role_handle] [agent_id] = array( 'assign_for' => ENUM , 'inherited_from' => assignment_id) $term_roles = array(); foreach ($role_bases as $role_basis) { $term_roles[$role_basis] = ScoperRoleAssignments::get_assigned_roles(TERM_SCOPE_RS, $role_basis, $taxonomy); } $tx_src = $scoper->data_sources->get($tx->source); if ($col_id = $tx_src->cols->id) { // determine which terms current user can admin if ($admin_terms = $scoper->get_terms($taxonomy, ADMIN_TERMS_FILTER_RS, COL_ID_RS)) { $admin_terms = array_fill_keys($admin_terms, true); } } else { $admin_terms = array(); } // =========================== Display UI =============================== ?> <div class="wrap agp-width97" id="rs_admin_wrap"> <?php $tx->labels->singular_name = $tx->labels->singular_name; echo '<h2>' . sprintf(__('%s Roles', 'scoper'), $tx->labels->singular_name) . ' <span style="font-size: 0.6em; font-style: normal">(<a href="#scoper_notes">' . __('see notes', 'scoper') . '</a>)</span>' . '</h2>'; if (scoper_get_option('display_hints')) { echo '<div class="rs-hint">'; if (!empty($tx->requires_term)) { //printf(_ x('Grant capabilities within a specific %2$s, potentially more than a user\'s WP role would allow. To reduce access, define %1$s%2$s Restrictions%3$s.', 'arguments are link open, taxonomy name, link close', 'scoper'), "<a href='admin.php?page=rs-$taxonomy-restrictions_t'>", $tx->labels->singular_name, '</a>'); printf(__('Grant capabilities within a specific %2$s, potentially more than a user\'s WP role would allow. To reduce access, define %1$s%2$s Restrictions%3$s.', 'scoper'), "<a href='admin.php?page=rs-{$taxonomy}-restrictions_t'>", $tx->labels->singular_name, '</a>'); } else { printf(__('Grant capabilities within a specific %s, potentially more than a user\'s WP role would allow.', 'scoper'), $tx->labels->singular_name); } echo '</div>'; } if (!($role_defs_by_otype = $scoper->role_defs->get_for_taxonomy($tx->object_source, $taxonomy))) { echo '<br />' . sprintf(__('Role definition error (taxonomy: %s).', 'scoper'), $taxonomy); echo '</div>'; return; } if (empty($admin_terms)) { echo '<br />' . sprintf(__('Either you do not have permission to administer any %s, or none exist.', 'scoper'), $tx->labels->singular_name); echo '</div>'; return; } ?> <form action="" method="post" name="role_assign" id="role_assign"> <?php wp_nonce_field($nonce_id); echo '<br /><div id="rs-term-scroll-links">'; echo ScoperAdminBulkLib::taxonomy_scroll_links($tx, $all_terms, $admin_terms); echo '</div><hr />'; // ============ Users / Groups and Assignment Mode Selection Display ================ $tx_label = agp_strtolower($tx->labels->name); $parent_col = !empty($tx_src->cols->parent) ? $tx_src->cols->parent : ''; if (!$parent_col || !empty($tx->uses_standard_schema) && empty($tx->hierarchical)) { $assignment_modes = array(ASSIGN_FOR_ENTITY_RS => __('Assign', 'scoper'), REMOVE_ASSIGNMENT_RS => __('Remove', 'scoper')); } else { $assignment_modes = array(ASSIGN_FOR_ENTITY_RS => sprintf(__('Assign for selected %s', 'scoper'), $tx_label), ASSIGN_FOR_CHILDREN_RS => sprintf(__('Assign for sub-%s of selected', 'scoper'), $tx_label), ASSIGN_FOR_BOTH_RS => sprintf(__('Assign for selected and sub-%s', 'scoper'), $tx_label), REMOVE_ASSIGNMENT_RS => __('Remove', 'scoper')); } $args = array('role_bases' => $role_bases, 'agents' => $agents, 'agent_caption_plural' => $agent_caption_plural, 'scope' => TERM_SCOPE_RS, 'src_or_tx_name' => $taxonomy); ScoperAdminBulk::display_inputs(ROLE_ASSIGNMENT_RS, $assignment_modes, $args); $args = array('role_bases' => $role_bases); ScoperAdminBulk::item_tree_jslinks(ROLE_ASSIGNMENT_RS, $args); echo '<div id="rs-section-roles">'; // IE (6 at least) won't obey link color directive in a.classname CSS $ie_link_style = strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false ? ' style="color:white;" ' : ''; $args = array('include_child_restrictions' => true, 'return_array' => true, 'role_type' => 'rs', 'force_refresh' => true); $strict_terms = $scoper->get_restrictions(TERM_SCOPE_RS, $taxonomy, $args); $src_name = $tx->object_source; $editable_roles = array(); foreach ($all_terms as $term) { $id = $term->{$col_id}; foreach ($role_defs_by_otype as $object_type => $role_defs) { foreach (array_keys($role_defs) as $role_handle) { if ($role_assigner->user_has_role_in_term($role_handle, $taxonomy, $id, '', compact('src_name', 'object_type'))) { $editable_roles[$id][$role_handle] = true; } } } } $args = array('admin_items' => $admin_terms, 'editable_roles' => $editable_roles, 'role_bases' => $role_bases, 'agent_names' => $agent_names, 'agent_caption_plural' => $agent_caption_plural, 'agent_list_prefix' => $agent_list_prefix, 'ul_class' => 'rs-termlist', 'ie_link_style' => $ie_link_style, 'err' => $err); ScoperAdminBulk::item_tree(TERM_SCOPE_RS, ROLE_ASSIGNMENT_RS, $tx_src, $tx, $all_terms, $term_roles, $strict_terms, $role_defs_by_otype, $role_codes, $args); echo '<hr /><div style="background-color: white;"></div>'; echo '</div>'; //rs-section-roles //================================ Notes Section ================================== ?> </form> <a name="scoper_notes"></a> <?php if ('nav_menu' != $taxonomy) { // TODO: better logic for note construction when related custom type is not being RS-filtered $args = array('display_links' => true, 'display_restriction_key' => true); ScoperAdminUI::role_owners_key($tx, $args); $osrc = $scoper->data_sources->get($tx->object_source); echo '<br /><h4 style="margin-bottom:0.1em">' . __("Notes", 'scoper') . ':</h4><ul class="rs-notes">'; echo '<li>'; _e('A Role is a collection of capabilities.', 'scoper'); echo '</li>'; echo '<li>'; _e("Capabilities in a user's WordPress Role (and, optionally, RS-assigned General Roles) enable site-wide operations (read/edit/delete) on some object type (post/page/link), perhaps of a certain status (private/published/draft).", 'scoper'); echo '</li>'; echo '<li>'; if (empty($osrc->no_object_roles)) { printf(__('Scoped Roles can grant users these same WordPress capabilities on a per-%1$s or per-%2$s basis. Useful in fencing off sections your site.', 'scoper'), $tx->labels->singular_name, $osrc->labels->singular_name); } else { printf(__('Scoped Roles can grant users these same WordPress capabilities on a per-%1$s basis. Useful in fencing off sections your site.', 'scoper'), $tx->labels->singular_name, $osrc->labels->singular_name); } echo '</li>'; echo '<li>'; printf(__('Users with a %1$s Role assignment may have capabilities beyond their General Role(s) for %2$s in the specified %1$s.', 'scoper'), $tx->labels->singular_name, $osrc->labels->name); echo '</li>'; if (!empty($tx->requires_term)) { echo '<li>'; printf(__('If a role is restricted for some %s, general (site-wide) assignments of that role are ignored.', 'scoper'), $tx->labels->singular_name); echo '</li>'; echo '<li>'; printf(__('If a %1$s is in multiple %2$s, permission is granted if any %3$s has a qualifying role assignment or permits a qualifying General Role.', 'scoper'), $osrc->labels->singular_name, $tx->labels->name, $tx->labels->singular_name); echo '</li>'; } if (empty($osrc->no_object_roles)) { echo '<li>'; printf(__('If a role is restricted for some requested %1$s, %2$s-assignment and General-assignment of that role are ignored.', 'scoper'), $osrc->labels->singular_name, $tx->labels->singular_name); echo '</li>'; } echo '<li>'; _e('Administrators are exempted from Role Restrictions.', 'scoper'); echo '</li></ul>'; } //endif showing notes echo '<a href="#scoper_top">' . __('top', 'scoper') . '</a>'; ?> </div> <?php }