/**
* Add XRDS entries for OpenID Server. Entries added will be highly
* dependant on the requested URL and plugin configuration.
*
* @uses apply_filters() Calls 'openid_server_xrds_types' before returning XRDS Types for OpenID authentication services.
*/
function openid_provider_xrds_simple($xrds)
{
global $nxt_roles;
if (!$nxt_roles) {
$nxt_roles = new nxt_Roles();
}
$provider_enabled = false;
foreach ($nxt_roles->role_names as $key => $name) {
$role = $nxt_roles->get_role($key);
if ($role->has_cap('use_openid_provider')) {
$provider_enabled = true;
break;
}
}
if (!$provider_enabled) {
return $xrds;
}
$user = openid_server_requested_user();
if (!$user && get_option('openid_blog_owner')) {
$url_parts = parse_url(get_option('home'));
$path = array_key_exists('path', $url_parts) ? $url_parts['path'] : '';
$path = trailingslashit($path);
$script = preg_replace('/index.php$/', '', $_SERVER['SCRIPT_NAME']);
$script = trailingslashit($script);
if ($path != $script && !is_admin()) {
return $xrds;
}
if (!defined('OPENID_DISALLOW_OWNER') || !OPENID_DISALLOW_OWNER) {
$user = get_user_by('login', get_option('openid_blog_owner'));
}
}
if ($user) {
// if user doesn't have capability, bail
$user_object = new nxt_User($user->ID);
if (!$user_object->has_cap('use_openid_provider')) {
return $xrds;
}
if (get_user_meta($user->ID, 'openid_delegate', true)) {
$services = get_user_meta($user->ID, 'openid_delegate_services', true);
} else {
$services = array();
$tmp_types = apply_filters('openid_server_xrds_types', array('http://specs.openid.net/auth/2.0/signon'));
$types = array();
foreach ($tmp_types as $t) {
$types[] = array('content' => $t);
}
$services[] = array('Type' => $types, 'URI' => openid_server_url(), 'LocalID' => get_author_posts_url($user->ID));
$tmp_types = apply_filters('openid_server_xrds_types', array('http://openid.net/signon/1.1'));
$types = array();
foreach ($tmp_types as $t) {
$types[] = array('content' => $t);
}
$services[] = array('Type' => $types, 'URI' => openid_server_url(), 'openid:Delegate' => get_author_posts_url($user->ID));
}
} else {
$services = array(array('Type' => array(array('content' => 'http://specs.openid.net/auth/2.0/server')), 'URI' => openid_server_url(), 'LocalID' => 'http://specs.openid.net/auth/2.0/identifier_select'));
}
if (!empty($services)) {
foreach ($services as $index => $service) {
$name = 'OpenID Provider Service (' . $index . ')';
$xrds = xrds_add_service($xrds, 'main', $name, $service, $index);
}
}
return $xrds;
}
/**
* Retrieve all of the role capabilities and merge with individual capabilities.
*
* All of the capabilities of the roles the user belongs to are merged with
* the users individual roles. This also means that the user can be denied
* specific roles that their role might have, but the specific user isn't
* granted permission to.
*
* @since 2.0.0
* @uses $nxt_roles
* @access public
*/
function get_role_caps()
{
global $nxt_roles;
if (!isset($nxt_roles)) {
$nxt_roles = new nxt_Roles();
}
//Filter out caps that are not role names and assign to $this->roles
if (is_array($this->caps)) {
$this->roles = array_filter(array_keys($this->caps), array(&$nxt_roles, 'is_role'));
}
//Build $allcaps from role caps, overlay user's $caps
$this->allcaps = array();
foreach ((array) $this->roles as $role) {
$the_role = $nxt_roles->get_role($role);
$this->allcaps = array_merge((array) $this->allcaps, (array) $the_role->capabilities);
}
$this->allcaps = array_merge((array) $this->allcaps, (array) $this->caps);
}
