/**
* checks if user has permissions to edit a specific entry
*
* Needs to be used combined with GravityView_Edit_Entry::user_can_edit_entry for maximum security!!
*
* @param array $entry Gravity Forms entry array
* @param int $view_id ID of the view you want to check visibility against {@since 1.9.2}
* @return bool
*/
public static function check_user_cap_edit_entry($entry, $view_id = 0)
{
// No permission by default
$user_can_edit = false;
// If they can edit any entries (as defined in Gravity Forms)
// Or if they can edit other people's entries
// Then we're good.
if (GVCommon::has_cap(array('gravityforms_edit_entries', 'gravityview_edit_others_entries'), $entry['id'])) {
do_action('gravityview_log_debug', __METHOD__ . ' - User has ability to edit all entries.');
$user_can_edit = true;
} else {
if (!isset($entry['created_by'])) {
do_action('gravityview_log_error', 'GravityView_Edit_Entry[check_user_cap_edit_entry] Entry `created_by` doesn\'t exist.');
$user_can_edit = false;
} else {
// get user_edit setting
if (empty($view_id) || $view_id == GravityView_View::getInstance()->getViewId()) {
// if View ID not specified or is the current view
$user_edit = GravityView_View::getInstance()->getAtts('user_edit');
} else {
// in case is specified and not the current view
$user_edit = GVCommon::get_template_setting($view_id, 'user_edit');
}
$current_user = wp_get_current_user();
// User edit is disabled
if (empty($user_edit)) {
do_action('gravityview_log_debug', 'GravityView_Edit_Entry[check_user_cap_edit_entry] User Edit is disabled. Returning false.');
$user_can_edit = false;
} else {
if (is_user_logged_in() && intval($current_user->ID) === intval($entry['created_by'])) {
do_action('gravityview_log_debug', sprintf('GravityView_Edit_Entry[check_user_cap_edit_entry] User %s created the entry.', $current_user->ID));
$user_can_edit = true;
} else {
if (!is_user_logged_in()) {
do_action('gravityview_log_debug', __METHOD__ . ' No user defined; edit entry requires logged in user');
}
}
}
}
}
/**
* @filter `gravityview/edit_entry/user_can_edit_entry` Modify whether user can edit an entry.
* @since 1.15 Added `$entry` and `$view_id` parameters
* @param[in,out] boolean $user_can_edit Can the current user edit the current entry? (Default: false)
* @param[in] array $entry Gravity Forms entry array {@since 1.15}
* @param[in] int $view_id ID of the view you want to check visibility against {@since 1.15}
*/
$user_can_edit = apply_filters('gravityview/edit_entry/user_can_edit_entry', $user_can_edit, $entry, $view_id);
return (bool) $user_can_edit;
}
/**
* Get the setting for a View
*
* If the setting isn't set by the View, it returns the plugin default.
*
* @param int $post_id View ID
* @param string $key Key for the setting
* @return mixed|null Setting value, or NULL if not set.
*/
function gravityview_get_template_setting($post_id, $key)
{
return GVCommon::get_template_setting($post_id, $key);
}
/**
* checks if user has permissions to edit a specific entry
*
* Needs to be used combined with GravityView_Edit_Entry::user_can_edit_entry for maximum security!!
*
* @param array $entry Gravity Forms entry array
* @param int $view_id ID of the view you want to check visibility against {@since 1.9.2}
* @return bool
*/
public static function check_user_cap_edit_entry($entry, $view_id = 0)
{
// No permission by default
$user_can_edit = false;
// Or if they can edit any entries (as defined in Gravity Forms), we're good.
if (GFCommon::current_user_can_any('gravityforms_edit_entries')) {
$user_can_edit = true;
} else {
if (!isset($entry['created_by'])) {
do_action('gravityview_log_error', 'GravityView_Edit_Entry[check_user_cap_edit_entry] Entry `created_by` doesn\'t exist.');
$user_can_edit = false;
} else {
// get user_edit setting
if (empty($view_id) || $view_id == GravityView_View::getInstance()->getViewId()) {
// if View ID not specified or is the current view
$user_edit = GravityView_View::getInstance()->getAtts('user_edit');
} else {
// in case is specified and not the current view
$user_edit = GVCommon::get_template_setting($view_id, 'user_edit');
}
$current_user = wp_get_current_user();
// User edit is disabled
if (empty($user_edit)) {
do_action('gravityview_log_debug', 'GravityView_Edit_Entry[check_user_cap_edit_entry] User Edit is disabled. Returning false.');
$user_can_edit = false;
} else {
if (is_user_logged_in() && intval($current_user->ID) === intval($entry['created_by'])) {
do_action('gravityview_log_debug', sprintf('GravityView_Edit_Entry[check_user_cap_edit_entry] User %s created the entry.', $current_user->ID));
$user_can_edit = true;
}
}
}
}
/**
* @param boolean $user_can_edit Can the current user edit the current entry? (Default: false)
*/
$user_can_edit = apply_filters('gravityview/edit_entry/user_can_edit_entry', $user_can_edit);
return (bool) $user_can_edit;
}