/** * Safely return access capability for use in posts table. * * @param string $cap Access Area Capability name, valid role name, 'read' or 'exist' * @return object */ function wpaa_sanitize_access_cap($cap) { global $wp_roles; if ($cap == 'exist' || $cap == 'read' || $wp_roles->is_role($cap) || wpaa_access_area_exists($cap)) { return $cap; } return 'exist'; }
static function bulk_edit_access() { if (isset($_REQUEST['grant_access_area']) && !empty($_REQUEST['grantit']) || isset($_REQUEST['revoke_access_area']) && !empty($_REQUEST['revokeit'])) { check_admin_referer('bulk-access-areas', '_wpaanonce'); if (!current_user_can('promote_users')) { wp_die(__('You can’t edit that user.')); } $grant = isset($_REQUEST['grant_access_area']) && !empty($_REQUEST['grantit']); // check if if ($grant) { if (wpaa_access_area_exists($_REQUEST['grant_access_area'])) { $access_area = $_REQUEST['grant_access_area']; foreach ($_REQUEST['users'] as $user_id) { $user = new WP_User($user_id); self::_set_cap_for_user($access_area, $user, true); } } } else { if (wpaa_access_area_exists($_REQUEST['revoke_access_area'])) { // remove from all users $access_area = $_REQUEST['revoke_access_area']; foreach ($_REQUEST['users'] as $user_id) { $user = new WP_User($user_id); self::_set_cap_for_user($access_area, $user, false); } } } wp_redirect(add_query_arg('update', 'promote', 'users.php')); exit; } }