/**
* Handle uploads.
*
* Set 'upload_files' capability for current user on 'init' hook.
* After we set default capabilities, we dynamically set upload_files
* to match current action.
*
* @global type $current_user
* @global type $wpcf_access
*/
function wpcf_access_user_can_upload_files()
{
global $wpcf_access;
$current_user = wp_get_current_user();
list($role, $level) = wpcf_access_rank_user($current_user->ID);
// Enqueue
add_filter('wpcf_access_exceptions', 'wpcf_access_exceptions_upload_files', 10, 4);
add_filter('types_access_check_override', 'wpcf_access_upload_files_check_override');
// First detect if attachment
$post_type = wpcf_access_attachment_parent_type();
// Determine post_type
if (empty($post_type)) {
$post_id = wpcf_access_determine_post_id();
if ($post_id) {
$post_type = get_post_type(get_post($post_id));
} else {
$post_type = wpcf_access_determine_post_type();
}
if (empty($post_type)) {
$post_type = 'post';
}
}
$wpcf_access->upload_files['post_type'] = $post_type;
// If rule for post_type exists - follow it
if (!empty($current_user->allcaps) && !empty($post_type)) {
// TODO Monitor this
$post_type_obj = get_post_type_object($post_type);
if (is_null($post_type_obj)) {
$wpcf_access->errors['post_type_object_missing'][] = $post_type;
return false;
}
$wpcf_access->upload_files['post_type_cap'] = $post_type_obj->cap;
if (!empty($post_type_obj->cap->edit_posts)) {
$cap_found = wpcf_access_search_cap($post_type_obj->cap->edit_posts);
if (!empty($cap_found)) {
$wpcf_access->upload_files['cap_found'] = $cap_found;
$allow = wpcf_access_is_role_ranked_higher($role, $cap_found['role']);
if (!$allow) {
$allow = in_array($current_user->ID, $cap_found['users']);
}
if (!$allow) {
unset($current_user->allcaps['upload_files']);
unset($current_user->caps['upload_files']);
} else {
$current_user->allcaps['upload_files'] = 1;
$current_user->caps['upload_files'] = 1;
}
$wpcf_access->upload_files['allow'] = (bool) $allow ? 1 : 0;
// If found return $allow
return $allow;
}
}
}
$wpcf_access->upload_files['handled'] = 0;
$wpcf_access->upload_files['allow'] = !empty($current_user->allcaps['upload_files']) ? 1 : 0;
// Return default setting if not found
return !empty($current_user->allcaps['upload_files']);
}
/**
* Filters default WP capabilities for user.
*
* WP adds default capabilities depending on built-in role
* that sometimes by-pass user_can() check.
*
* @todo Check if upload_files should be suspended from 3.5
* @global type $current_user
* @global type $wpcf_access
*/
function wpcf_access_user_filter_caps()
{
$current_user = wp_get_current_user();
if (!empty($current_user->allcaps)) {
list($role, $level) = wpcf_access_rank_user($current_user->ID);
foreach ($current_user->allcaps as $cap => $true) {
$cap_found = wpcf_access_search_cap($cap);
if (!empty($cap_found)) {
$allow = wpcf_access_is_role_ranked_higher($role, $cap_found['role']);
if (!$allow) {
$allow = in_array($current_user->ID, $cap_found['users']);
}
if (!$allow) {
unset($current_user->allcaps[$cap]);
}
}
}
}
}
