function all_agents_checklist($role_bases, $agents, $args, $class = 'rs-agents') { if (MULTISITE && scoper_get_site_option('mu_sitewide_groups')) { $groups_url = awp_ver('3.1') ? 'network/users.php?page=rs-groups' : 'ms-admin.php?page=rs-groups'; } else { $groups_url = 'admin.php?page=rs-groups'; } $div_style = "class='{$class}' style='padding:0.5em 0 0.5em 0.5em'"; //if ( in_array(ROLE_BASIS_GROUPS, $role_bases) && $agents[ROLE_BASIS_GROUPS] ) // $edit_groups_link = sprintf(_ x('%1$s define user groups%2$s', 'Args are link open, close tags', 'scoper'), "<a href='$groups_url'>", '</a>'); //else // $edit_groups_link = sprintf(_ x('<strong>Note:</strong> To assign roles to user groups, first %1$s define the group(s)%2$s.', 'Args are link open, close tags', 'scoper'), "<a href='$groups_url'>", '</a>'); if (in_array(ROLE_BASIS_GROUPS, $role_bases) && $agents[ROLE_BASIS_GROUPS]) { $edit_groups_link = sprintf(__('%1$s define user groups%2$s', 'scoper'), "<a href='{$groups_url}'>", '</a>'); } else { $edit_groups_link = sprintf(__('<strong>Note:</strong> To assign roles to user groups, first %1$s define the group(s)%2$s.', 'scoper'), "<a href='{$groups_url}'>", '</a>'); } foreach ($role_bases as $role_basis) { echo "<div {$div_style}>"; ScoperAgentsChecklist::agents_checklist($role_basis, $agents[$role_basis], $role_basis, array(), $args); if (ROLE_BASIS_GROUPS == $role_basis) { echo $edit_groups_link; } echo "</div>"; } if (!in_array(ROLE_BASIS_GROUPS, $role_bases)) { echo "<div {$div_style}>{$edit_groups_link}</div>"; } }
function group_members_checklist($group_id, $user_class = 'member', $all_users = '') { global $scoper; if (!$all_users) { $all_users = $scoper->users_who_can('', COLS_ID_NAME_RS); } if ($group_id) { $group = ScoperAdminLib::get_group($group_id); } if ('member' == $user_class) { $current_ids = $group_id ? array_flip(ScoperAdminLib::get_group_members($group_id, COL_ID_RS)) : array(); if (!empty($group) && in_array($group->meta_id, array('rv_pending_rev_notice_ed_nr_', 'rv_scheduled_rev_notice_ed_nr_'))) { $args = array('any_object' => true); $eligible_ids = array(); foreach (get_post_types(array('public' => true), 'object') as $_type => $_type_obj) { $args['object_type'] = $_type; $type_eligible_ids = $scoper->users_who_can(array($_type_obj->cap->edit_published_posts, $_type_obj->cap->edit_others_posts), COL_ID_RS, 'post', 0, $args); $eligible_ids = array_merge($eligible_ids, $type_eligible_ids); } $eligible_ids = array_unique($eligible_ids); } else { // force_all_users arg is a temporary measure to ensure that any user can be viewed / added to a sitewide MU group regardless of what blog backend it's edited through $_args = IS_MU_RS && scoper_get_option('mu_sitewide_groups', true) ? array('force_all_users' => true) : array(); $eligible_ids = $scoper->users_who_can('', COL_ID_RS, '', '', $_args); } $admin_ids = array(); } else { $group_role_defs = 'moderator' == $user_class ? array('rs_group_moderator') : array('rs_group_manager'); if ($group_id) { require_once dirname(__FILE__) . '/role_assignment_lib_rs.php'; $current_roles = ScoperRoleAssignments::organize_assigned_roles(OBJECT_SCOPE_RS, 'group', $group_id, $group_role_defs, ROLE_BASIS_USER); $current_roles = agp_array_flatten($current_roles, false); $current_ids = isset($current_roles['assigned']) ? $current_roles['assigned'] : array(); } else { $current_ids = array(); } $cap_name = defined('SCOPER_USER_ADMIN_CAP') ? constant('SCOPER_USER_ADMIN_CAP') : 'edit_users'; $admin_ids = $scoper->users_who_can($cap_name, COL_ID_RS); // optionally, limit available group managers according to role_admin_blogwide_editor_only option if ('manager' == $user_class) { $require_blogwide_editor = false; if (!empty($group)) { if (!strpos($group->meta_id, '_nr_')) { // don't limit manager selection for groups that don't have role assignments $require_blogwide_editor = scoper_get_option('role_admin_blogwide_editor_only'); } } if ('admin' == $require_blogwide_editor) { $eligible_ids = $admin_ids; } elseif ('admin_content' == $require_blogwide_editor) { $cap_name = defined('SCOPER_CONTENT_ADMIN_CAP') ? constant('SCOPER_CONTENT_ADMIN_CAP') : 'activate_plugins'; $eligible_ids = array_unique(array_merge($admin_ids, $scoper->users_who_can($cap_name, COL_ID_RS))); } elseif ($require_blogwide_editor) { $post_editors = $scoper->users_who_can('edit_others_posts', COL_ID_RS); $page_editors = $scoper->users_who_can('edit_others_pages', COL_ID_RS); $eligible_ids = array_unique(array_merge($post_editors, $page_editors, $admin_ids)); } else { $eligible_ids = ''; } } else { $eligible_ids = ''; } } // endif user class is not "member" $css_id = $user_class; $args = array('eligible_ids' => $eligible_ids, 'via_other_scope_ids' => $admin_ids, 'suppress_extra_prefix' => true); require_once dirname(__FILE__) . '/agents_checklist_rs.php'; ScoperAgentsChecklist::agents_checklist(ROLE_BASIS_USER, $all_users, $css_id, $current_ids, $args); }
function display_ui_user_groups() { if (!($all_groups = ScoperAdminLib::get_all_groups(UNFILTERED_RS))) { return; } global $current_rs_user, $profileuser; $user_id = $profileuser->ID; $editable_ids = ScoperAdminLib::get_all_groups(FILTERED_RS, COL_ID_RS); if ($user_id == $current_rs_user->ID) { $stored_groups = array_keys($current_rs_user->groups); } else { $user = new WP_Scoped_User($user_id, '', array('skip_role_merge' => 1)); $stored_groups = array_keys($user->groups); } // can't manually edit membership of WP Roles groups, other metagroups $all_ids = array(); foreach ($all_groups as $key => $group) { $all_ids[] = $group->ID; if (!empty($group->meta_id) && !is_null($group->meta_id) && in_array($group->ID, $editable_ids) && !strpos($group->meta_id, '_editable')) { $editable_ids = array_diff($editable_ids, array($group->ID)); $stored_groups = array_diff($stored_groups, array($group->ID)); unset($all_groups[$key]); } } // avoid incorrect eligible count if orphaned group roles are included in editable_ids $editable_ids = array_intersect($editable_ids, $all_ids); if (!$editable_ids && !$stored_groups) { return; } echo "<div id='userprofile_groupsdiv_rs' class='rs-group_members'>"; echo "<h3>"; if (defined('GROUPS_CAPTION_RS')) { echo GROUPS_CAPTION_RS; } else { _e('User Groups', 'scoper'); } echo "</h3>"; if (scoper_get_option('group_ajax')) { $arr_display_names = array(); $group_ids = array(); $group_ids['active'] = $stored_groups; $group_ids['recommended'] = $current_rs_user->get_groups_for_user($user_id, array('status' => 'recommended')); $group_ids['requested'] = $current_rs_user->get_groups_for_user($user_id, array('status' => 'requested')); foreach ($group_ids as $key => $ids) { foreach ($ids as $group_id) { foreach (array_keys($all_groups) as $nkey) { if ($all_groups[$nkey]->ID == $group_id) { $arr_display_names[$key][$group_id] = $all_groups[$nkey]->display_name; break; } } } } global $scoper_user_search; $scoper_user_search->output_html($arr_display_names, 'groups'); } else { $css_id = 'group'; $locked_ids = array_diff($stored_groups, $editable_ids); $args = array('suppress_extra_prefix' => true, 'eligible_ids' => $editable_ids, 'locked_ids' => $locked_ids); require_once dirname(__FILE__) . '/agents_checklist_rs.php'; ScoperAgentsChecklist::agents_checklist(ROLE_BASIS_GROUPS, $all_groups, $css_id, array_flip($stored_groups), $args); echo '</fieldset>'; } echo '</div><br />'; echo "<input type='hidden' name='rs_editing_user_groups' value='1' />"; }
$stored_groups = array(); echo '<p><strong>'; _e('No default groups defined.', 'scoper'); echo '</strong></p>'; } // WP Roles groups, other metagroups can't be a default group foreach ($all_groups as $key => $group) { if (!empty($group->meta_id) && in_array($group->ID, $editable_ids)) { $editable_ids = array_diff($editable_ids, array($group->ID)); } } $css_id = 'group'; $locked_ids = array_diff($stored_groups, $editable_ids); $args = array('suppress_extra_prefix' => true, 'eligible_ids' => $editable_ids, 'locked_ids' => $locked_ids); require_once dirname(__FILE__) . '/agents_checklist_rs.php'; ScoperAgentsChecklist::agents_checklist(ROLE_BASIS_GROUPS, $all_groups, $css_id, array_flip($stored_groups), $args); ?> </div> <span class="submit" style="border:none;"> <input type="submit" name="rs_submit" value="<?php _e('Update »', 'scoper'); ?> " /> </span> <?php } else { _e('No groups defined.', 'scoper'); } ?> <a name="scoper_notes"></a>
function draw_object_roles_content($src_name, $object_type, $role_handle, $object_id = '', $skip_user_validation = false, $object = false) { //log_mem_usage_rs( 'start ItemRolesUI::draw_object_roles_content()' ); if (!$object_id) { $object_id = scoper_get_object_id($src_name, $object_type); } if (!empty($object) && 'auto-draft' == $object->post_status) { $object_id = 0; } if ($src_name != $this->loaded_src_name || $object_type != $this->loaded_object_type || $object_id != $this->loaded_object_id) { $this->load_roles($src_name, $object_type, $object_id); } if (!($otype_def = $this->scoper->data_sources->member_property($src_name, 'object_types', $object_type))) { return; } if (!$skip_user_validation && !$this->scoper_admin->user_can_admin_role($role_handle, $object_id, $src_name, $object_type)) { return; } // since we may be dumping a lot of hidden user <li> into the page, enumerate role names to shorten html $role_code = 'r' . array_search($role_handle, $this->role_handles); $role_def = $this->scoper->role_defs->get($role_handle); if (!isset($role_def->valid_scopes[OBJECT_SCOPE_RS])) { return; } if (empty($this->drew_objroles_marker)) { echo "<input type='hidden' name='rs_object_roles' value='true' />"; $this->drew_objroles_marker = true; } // ========== OBJECT RESTRICTION CHECKBOX(ES) ============ // checkbox to control object role scoping (dictates whether taxonomy and blog role assignments also be honored for operations on this object ) $checked = empty($this->object_strict_roles[$role_handle]) ? '' : 'checked="checked"'; $val = $checked ? '1' : '0'; echo "<input type='hidden' name='last_objscope_{$role_code}' value='{$val}' id='last_objscope_{$role_code}' />"; echo "\r\n<p style='margin-bottom:0.8em;'>" . "<span class='alignright'><a href='#wphead'>" . __('top', 'scoper') . '</a></span>' . "<label for='objscope_{$role_code}'>" . "<input type='checkbox' class='rs-check' name='objscope_{$role_code}' value='1' id='objscope_{$role_code}' {$checked} /> " . sprintf(__('Restrict for %1$s (<strong>only</strong> selected users/groups are %2$s)', 'scoper'), $otype_def->labels->singular_name, $this->scoper->role_defs->get_abbrev($role_handle, OBJECT_UI_RS)) . '</label></p>'; if ($this->do_propagation_cboxes) { $checked = empty($this->child_strict_roles[$role_handle]) ? '' : 'checked="checked"'; $val = $checked ? '1' : '0'; echo "<input type='hidden' name='last_objscope_children_{$role_code}' value='{$val}' id='last_objscope_children_{$role_code}' />"; echo "<p style='margin-top: 0.5em;'>" . "<label for='objscope_children_{$role_code}'>" . "<input type='checkbox' class='rs-check' name='objscope_children_{$role_code}' value='1' id='objscope_children_{$role_code}' {$checked} /> " . sprintf(__('Restrict for Sub-%1$s', 'scoper'), $otype_def->labels->name) . '</label></p>'; } // ========== OBJECT ROLE ASSIGNMENT CHECKBOX(ES) ============ // toggle groups / users view if both are enabled //echo "<p style='margin: 1em 0 0.2em 0;'><strong>" . sprintf(__('Assign %s Role:', 'scoper'), $display_name ) . '</strong></p>'; //echo '<br />'; $toggle_agents = USER_ROLES_RS && GROUP_ROLES_RS && !empty($this->all_groups); if ($toggle_agents) { if (!empty($this->current_roles[ROLE_BASIS_USER][$role_handle])) { $default_role_basis = ROLE_BASIS_USER; } else { $default_role_basis = ROLE_BASIS_GROUPS; } $class_selected = 'agp-selected_agent_colorized agp-selected_agent agp-agent'; $class_unselected = 'agp-unselected_agent_colorized agp-unselected_agent agp-agent'; $class = ROLE_BASIS_GROUPS == $default_role_basis ? "class='{$class_selected}'" : "class='{$class_unselected}'"; $js_call = "agp_swap_display('{$role_code}_groups', '{$role_code}_user', '{$role_code}_show_group_roles', '{$role_code}_show_user_roles', '{$class_selected}', '{$class_unselected}')"; $bottom_margin = !empty($GLOBALS['is_IE']) ? '-0.7em' : 0; echo "\r\n" . "<div class='agp_js_show' style='display:none;margin:0 0 {$bottom_margin} 0'>" . "<ul class='rs-list_horiz' style='margin-bottom:-0.1em'><li {$class}>" . "<a href='javascript:void(0)' id='{$role_code}_show_group_roles' onclick=\"{$js_call}\">" . __('Groups', 'scoper') . '</a></li>'; $class = ROLE_BASIS_USER == $default_role_basis ? "class='{$class_selected}'" : "class='{$class_unselected}'"; $js_call = "agp_swap_display('{$role_code}_user', '{$role_code}_groups', '{$role_code}_show_user_roles', '{$role_code}_show_group_roles', '{$class_selected}', '{$class_unselected}')"; echo "\r\n" . "<li {$class}><a href='javascript:void(0)' id='{$role_code}_show_user_roles' onclick=\"{$js_call}\">" . __awp('Users') . '</a></li>' . '</ul></div>'; } $class = "class='rs-agents'"; //need effective line break here if not IE echo "<div style='clear:both;margin:0 0 0.3em 0' {$class}>"; $role_ops = $this->scoper->cap_defs->get_cap_ops($this->scoper->role_defs->role_caps[$role_handle]); $agents_reqd_op = isset($role_ops[OP_EDIT_RS]) ? OP_EDIT_RS : OP_READ_RS; $containing_roles = $this->scoper->role_defs->get_containing_roles($role_handle); require_once dirname(__FILE__) . '/agents_checklist_rs.php'; $args = array('suppress_extra_prefix' => true, 'default_hide_threshold' => 20, 'propagation' => $this->do_propagation_cboxes, 'otype_label_singular' => $otype_def->labels->singular_name, 'otype_label' => $otype_def->labels->name, 'object_type' => $object_type, 'object_id' => $object_id); $args['via_other_role_ids'] = array(); // must set this here b/c subsequent for loop is set up for users iteration to recall via_other_role_ids from groups iteration foreach ($this->agent_captions as $role_basis => $agent_caption) { if (!is_array($this->blog_term_roles[$role_basis][$role_handle])) { $this->blog_term_roles[$role_basis][$role_handle] = array(); } // for the purpose of indicating implicit role ownership, we will consider any assignment of a containing role as equivalent foreach (array_keys($containing_roles) as $containing_role_handle) { if (isset($this->blog_term_roles[$role_basis][$containing_role_handle]) && is_array($this->blog_term_roles[$role_basis][$containing_role_handle])) { $this->blog_term_roles[$role_basis][$role_handle] = array_merge($this->blog_term_roles[$role_basis][$role_handle], $this->blog_term_roles[$role_basis][$containing_role_handle]); } } $this->blog_term_roles[$role_basis][$role_handle] = array_unique($this->blog_term_roles[$role_basis][$role_handle]); $hide_class = $toggle_agents && $role_basis != $default_role_basis ? ' class="agp_js_hide"' : ''; echo "\r\n<div id='{$role_code}_{$role_basis}' {$hide_class}>"; // also abbreviate "groups" to 'g', 'user' to 'u' $id_prefix = $role_code . substr($role_basis, 0, 1); if ($this->indicate_blended_roles && $object_id && GROUP_ROLES_RS && ROLE_BASIS_USER == $role_basis) { $args['via_other_basis_ids'] = array(); // note users who are in a group that has this role object-assigned if (!empty($this->current_roles[ROLE_BASIS_GROUPS][$role_handle]['assigned'])) { foreach (array_keys($this->current_roles[ROLE_BASIS_GROUPS][$role_handle]['assigned']) as $group_id) { if (!isset($this->group_members[$group_id])) { $this->group_members[$group_id] = ScoperAdminLib::get_group_members($group_id, COL_ID_RS, true); } //arg: maybe WP role metagroup $args['via_other_basis_ids'] = array_merge($args['via_other_basis_ids'], $this->group_members[$group_id]); } } // note users who are in a group that has this role term-assigned or blog-assigned (and not restricted) foreach ($this->blog_term_roles[ROLE_BASIS_GROUPS][$role_handle] as $group_id) { if (!isset($this->group_members[$group_id])) { $this->group_members[$group_id] = ScoperAdminLib::get_group_members($group_id, COL_ID_RS, true); } //arg: maybe WP role metagroup $args['via_other_basis_ids'] = array_merge($args['via_other_basis_ids'], $this->group_members[$group_id]); } // note users who are in a group that has a containing role object-assigned // (note: via_other_role_ids element was set in previous iteration since ROLE_BASIS_GROUPS is first element in agents_caption array foreach ($args['via_other_role_ids'] as $group_id) { if (!isset($this->group_members[$group_id])) { $this->group_members[$group_id] = ScoperAdminLib::get_group_members($group_id, COL_ID_RS, true); } //arg: maybe WP role metagroup $args['via_other_basis_ids'] = array_merge($args['via_other_basis_ids'], $this->group_members[$group_id]); } $args['via_other_basis_ids'] = array_unique($args['via_other_basis_ids']); } if ($this->indicate_blended_roles) { $args['via_other_scope_ids'] = $this->blog_term_roles[$role_basis][$role_handle]; } $args['via_other_role_ids'] = array(); if ($this->indicate_blended_roles && $containing_roles) { foreach (array_keys($containing_roles) as $containing_role_handle) { if (isset($this->current_roles[$role_basis][$containing_role_handle]['assigned'])) { $args['via_other_role_ids'] = array_merge($args['via_other_role_ids'], array_keys($this->current_roles[$role_basis][$containing_role_handle]['assigned'])); } } $args['via_other_role_ids'] = array_unique($args['via_other_role_ids']); } if ($object_id && $this->do_propagation_cboxes) { $args['for_entity_ids'] = isset($this->current_roles[$role_basis][$role_handle]['entity']) ? array_keys($this->current_roles[$role_basis][$role_handle]['entity']) : array(); $args['for_children_ids'] = isset($this->current_roles[$role_basis][$role_handle]['children']) ? array_keys($this->current_roles[$role_basis][$role_handle]['children']) : ''; } $args['eligible_ids'] = isset($this->eligible_agent_ids[$role_basis][$agents_reqd_op]) ? $this->eligible_agent_ids[$role_basis][$agents_reqd_op] : ''; if ('post' == $src_name && 'auto-draft' == $object->post_status) { $args['suppress_last_agents'] = true; } if (!empty($this->current_roles[$role_basis][$role_handle]['assigned'])) { ScoperAgentsChecklist::agents_checklist($role_basis, $this->all_agents[$role_basis], $id_prefix, $this->current_roles[$role_basis][$role_handle]['assigned'], $args); } else { ScoperAgentsChecklist::agents_checklist($role_basis, $this->all_agents[$role_basis], $id_prefix, '', $args); } echo "\r\n</div>"; } // end foreach role basis caption (user or group) echo '</div>'; // class rs-agents //log_mem_usage_rs( 'end ItemRolesUI::draw_object_roles_content()' ); }