/** * Check if specified user can be managed by current user * * @param WP_User $user * * @return boolean * * @access public */ public function canManage(WP_User $user = null) { //AAM does not support multi-roles. Get only one first role $roles = $user->roles; $role = get_role(array_shift($roles)); //get user's highest level $level = aam_Core_API::getUserLevel(); if (empty($role->capabilities['level_' . $level]) || !$role->capabilities['level_' . $level] || aam_Core_API::isSuperAdmin()) { $response = true; } else { $response = false; } return $response; }
/** * Check if view can be managed * * @return void * * @access public * @throw Exception You are not allowed to manage current view */ public function isManagable() { if ($this->getSubject()->getUID() == aam_Control_Subject_Role::UID) { $caps = $this->getSubject()->capabilities; } elseif ($this->getSubject()->getUID == aam_Control_Subject_User::UID) { //AAM does not support multi-roles. Get only one first role $roles = $this->getSubject()->roles; $caps = get_role(array_shift($roles))->capabilities; } else { $caps = apply_filters('aam_managable_capabilities', null, $this); } if ($caps && !aam_Core_API::isSuperAdmin()) { //get user's highest level $level = aam_Core_API::getUserLevel(); if (!empty($caps['level_' . $level]) && $caps['level_' . $level]) { throw new Exception(__('You are not allowed to manager current view', 'aam')); } } return true; }
/** * Filter list of editable roles * * Does not allow for current user manager roles that have same or higher Level * * @param array $roles * * @return array * * @access public */ public function editableRoles($roles) { $filtered = array(); $level = aam_Core_API::getUserLevel(); //check if super admin is specified if (aam_Core_API::isSuperAdmin() === false) { foreach ($roles as $role => $info) { if (empty($info['capabilities']["level_{$level}"]) || !$info['capabilities']["level_{$level}"]) { $filtered[$role] = $info; } } } else { $filtered = $roles; } return $filtered; }