/** * Retrieve all of the role capabilities and merge with individual capabilities. * * All of the capabilities of the roles the user belongs to are merged with * the users individual roles. This also means that the user can be denied * specific roles that their role might have, but the specific user isn't * granted permission to. * * @since 0.0.1 * @access public * * @return array List of all capabilities for the user. */ public function get_role_caps() { $hq_roles = hq_roles(); //Filter out caps that are not role names and assign to $this->roles if (is_array($this->caps)) { $this->roles = array_filter(array_keys($this->caps), array($hq_roles, 'is_role')); } //Build $allcaps from role caps, overlay user's $caps $this->allcaps = array(); foreach ((array) $this->roles as $role) { $the_role = $hq_roles->get_role($role); $this->allcaps = array_merge((array) $this->allcaps, (array) $the_role->capabilities); } $this->allcaps = array_merge((array) $this->allcaps, (array) $this->caps); return $this->allcaps; }
/** * Fetch a filtered list of user roles that the current user is * allowed to edit. * * Simple function who's main purpose is to allow filtering of the * list of roles in the $hq_roles object so that plugins can remove * inappropriate ones depending on the situation or user making edits. * Specifically because without filtering anyone with the edit_users * capability can edit others to be administrators, even if they are * only editors or authors. This filter allows admins to delegate * user management. * * @since 0.0.1 * * @return array */ function get_editable_roles() { $all_roles = hq_roles()->roles; /** * Filter the list of editable roles. * * @since 0.0.1 * * @param array $all_roles List of roles. */ $editable_roles = apply_filters('editable_roles', $all_roles); return $editable_roles; }