PageRenderTime 53ms CodeModel.GetById 27ms RepoModel.GetById 1ms app.codeStats 0ms

/wp-content/plugins/role-scoper/analyst_rs.php

https://bitbucket.org/broderboy/nycendurance-wordpress
PHP | 231 lines | 165 code | 51 blank | 15 comment | 45 complexity | 0a860f5c50e71f044aee991e72075775 MD5 | raw file
Possible License(s): AGPL-1.0, GPL-3.0, Apache-2.0, GPL-2.0, LGPL-2.1 
    

  1. <?php

    2. 

  2. /**

    3. 

  3.  * ScoperAnalyst PHP class for the WordPress plugin Role Scoper

    4. 

  4.  * analyst_rs.php

    5. 

  5.  * 

    6. 

  6.  * @author 		Kevin Behrens

    7. 

  7.  * @copyright 	Copyright 2011

    8. 

  8.  * 

    9. 

  9.  */

    10. 

  10.   

    11. 

  11.  

    12. 

  12. class ScoperAnalyst {

    13. 

  13. 

    14. 

  14. 	function identify_protected_attachments( $attachment_id = 0, $guid = '', $cols = '', $args = array() ) {

    15. 

  15. 		if ( $guid && empty( $args['guid'] ) )

    16. 

  16. 			$args = array_merge( $args, array( 'guid' => $guid ) );

    17. 

  17. 

    18. 

  18. 		return ScoperAnalyst::identify_protected_posts( $attachment_id, true, $cols, $args );

    19. 

  19. 	}

    20. 

  20. 	

    21. 

  21. 	

    22. 

  22. 	function identify_protected_posts( $attachment_id = 0, $attachments = false, $cols = '',  $args = array() ) {

    23. 

  23. 		$defaults = array( 'use_object_restrictions' => true, 'use_term_restrictions' => true, 'use_private_status' => true, 'guid' => '' );

    24. 

  24. 		$args = array_merge( $defaults, (array) $args );

    25. 

  25. 		extract($args);

    26. 

  26. 		

    27. 

  27. 		global $wpdb, $scoper;

    28. 

  28. 

    29. 

  29. 		if ( ! isset($scoper) || is_null($scoper) ) {

    30. 

  30. 			scoper_get_init_options();	

    31. 

  31. 			scoper_init();

    32. 

  32. 		}

    33. 

  33. 		

    34. 

  34. 		if ( empty($scoper->taxonomies) )

    35. 

  35. 			$scoper->load_config();

    36. 

  36. 

    37. 

  37. 		$restricted_roles = array();

    38. 

  38. 		$unrestricted_roles = array();				// TODO: also protect uploads based on restriction of other taxonomies

    39. 

  39. 		

    40. 

  40. 		$restricted_terms = array();

    41. 

  41. 		$restricted_objects = array();

    42. 

  42. 		

    43. 

  43. 		$term_restriction_clause = '';

    44. 

  44. 		$object_restriction_clause = '';

    45. 

  45. 		$limit_clause = '';

    46. 

  46. 		$unattached_clause = '';

    47. 

  47. 		

    48. 

  48. 		global $scoper;

    49. 

  49. 				

    50. 

  50. 		$reader_roles = array();

    51. 

  51. 		foreach( $scoper->role_defs->role_caps as $role_handle => $role_caps ) {

    52. 

  52. 			$caps_by_op = $scoper->cap_defs->organize_caps_by_op( array_keys($role_caps) );

    53. 

  53. 			if ( ( count( $caps_by_op ) == 1 ) &&( 'read' == key($caps_by_op ) ) )

    54. 

  54. 				$reader_roles[]= $role_handle;

    55. 

  55. 		}

    56. 

  56. 

    57. 

  57. 		$role_clause = "AND rs.role_name IN ('" . implode( "','", scoper_role_handles_to_names($reader_roles) ) . "')";

    58. 

  58. 

    59. 

  59. 		//if ( $use_private_status )

    60. 

  60. 		//	$role_clause = ( 'rs' == SCOPER_ROLE_TYPE ) ? "AND rs.role_name IN ('post_reader', 'page_reader')" : '';	// if also checking for private status, don't need to check for restriction of private_reader roles

    61. 

  61. 		//else

    62. 

  62. 		//	$role_clause = ( 'rs' == SCOPER_ROLE_TYPE ) ? "AND rs.role_name IN ('post_reader', 'page_reader', 'private_post_reader', 'private_page_reader')" : '';

    63. 

  63. 

    64. 

  64. 	

    65. 

  65. 		if ( $use_term_restrictions ) {

    66. 

  66. 			$term_restriction_query = "SELECT rs.obj_or_term_id AS term_id, rs.role_name, rs.max_scope FROM $wpdb->role_scope_rs AS rs "

    67. 

  67. 									. "INNER JOIN $wpdb->term_taxonomy AS tt ON tt.taxonomy = rs.src_or_tx_name AND tt.taxonomy = 'category' AND tt.term_taxonomy_id = rs.obj_or_term_id "

    68. 

  68. 									. "WHERE rs.role_type = 'rs' AND rs.require_for IN ('entity', 'both') AND rs.topic = 'term' $role_clause";

    69. 

  69. 			

    70. 

  70. 			$term_default_restriction_query = "SELECT rs.role_name FROM $wpdb->role_scope_rs AS rs "

    71. 

  71. 											. "WHERE rs.role_type = 'rs' AND rs.require_for IN ('children', 'both') AND rs.topic = 'term' AND rs.max_scope = 'term' AND rs.src_or_tx_name = 'category' AND rs.obj_or_term_id = '0' $role_clause";

    72. 

  72. 			

    73. 

  73. 			$all_terms = array();

    74. 

  74. 			

    75. 

  75. 			$all_terms['category'] = $scoper->get_terms( 'category', false, COL_ID_RS );

    76. 

  76. 													

    77. 

  77. 			if ( $results = scoper_get_results( $term_restriction_query ) ) {

    78. 

  78. 				foreach ( $results as $row ) {

    79. 

  79. 					if ( 'blog' == $row->max_scope )

    80. 

  80. 						$unrestricted_roles['category'][$row->role_name] []= $row->term_id;

    81. 

  81. 					else

    82. 

  82. 						$restricted_roles['category'][$row->role_name] []= $row->term_id;

    83. 

  83. 				}

    84. 

  84. 			}

    85. 

  85. 			

    86. 

  86. 			// if there a role is default-restricted, mark all terms as restricted (may be unrestricted later)

    87. 

  87. 			if ( $results = scoper_get_col( $term_default_restriction_query ) ) {

    88. 

  88. 				foreach ( $results as $role_name ) {

    89. 

  89. 					if ( isset( $unrestricted_roles['category'][$role_name] ) )

    90. 

  90. 						$default_restricted = array_diff( $all_terms['category'], $unrestricted_roles['category'][$role_name] );

    91. 

  91. 					else

    92. 

  92. 						$default_restricted = $all_terms['category'];

    93. 

  93. 		

    94. 

  94. 					if ( isset( $restricted_roles['category'][$role_name] ) )

    95. 

  95. 						$restricted_roles['category'][$role_name] = array_unique( array_merge( $restricted_roles['category'][$role_name], $default_restricted ) );

    96. 

  96. 					else

    97. 

  97. 						$restricted_roles['category'][$role_name] = $default_restricted;

    98. 

  98. 				}											

    99. 

  99. 			}

    100. 

  100. 			

    101. 

  101. 			$restricted_terms['category'] = isset($restricted_roles['category']) ? agp_array_flatten( $restricted_roles['category'] ) : array();

    102. 

  102. 			

    103. 

  103. 			if ( $restricted_terms['category'] ) {

    104. 

  104. 				$term_restriction_clause = "OR post_parent IN ( SELECT $wpdb->posts.ID FROM $wpdb->posts "

    105. 

  105. 											. "INNER JOIN $wpdb->term_relationships AS tr ON tr.object_id = $wpdb->posts.ID "

    106. 

  106. 											. "WHERE tr.term_taxonomy_id IN ('" . implode( "','", $restricted_terms['category'] ) . "') )";

    107. 

  107. 			}

    108. 

  108. 		}

    109. 

  109. 		

    110. 

  110. 		

    111. 

  111. 		if ( $attachment_id ) {

    112. 

  112. 			if ( is_array($attachment_id) )

    113. 

  113. 				$id_clause = "AND ID IN ('" . implode( "','", $attachment_id ) . "')";

    114. 

  114. 			else {

    115. 

  115. 				$id_clause = "AND ID = '$attachment_id'";

    116. 

  116. 				$limit_clause = 'LIMIT 1';

    117. 

  117. 			}

    118. 

  118. 		} elseif ( $guid )

    119. 

  119. 			$id_clause = "AND guid = '$file_path'";

    120. 

  120. 		else

    121. 

  121. 			$id_clause = '';

    122. 

  122. 	

    123. 

  123. 		if ( defined( 'SCOPER_NO_THUMBNAIL_FILTER' ) ) {

    124. 

  124. 			if ( $thumbnail_ids = scoper_get_col( "SELECT DISTINCT meta_value FROM $wpdb->postmeta WHERE meta_key = '_thumbnail_id'" ) ) {

    125. 

  125. 				$id_clause .= " AND ID NOT IN ('" . implode( "','", $thumbnail_ids ) . "')";

    126. 

  126. 			}

    127. 

  127. 		}

    128. 

  128. 		

    129. 

  129. 		if ( $attachments ) {

    130. 

  130. 			// to reduce pool of objects, we only care about those that have an attachment

    131. 

  131. 			$attachment_query = "SELECT $wpdb->posts.ID FROM $wpdb->posts WHERE $wpdb->posts.ID IN ( SELECT post_parent FROM $wpdb->posts WHERE post_type = 'attachment' $id_clause ) ";

    132. 

  132. 		}

    133. 

  133. 		

    134. 

  134. 		if ( $use_object_restrictions ) {

    135. 

  135. 			$object_restriction_query = "SELECT rs.obj_or_term_id AS obj_id, rs.role_name, rs.max_scope FROM $wpdb->role_scope_rs AS rs "

    136. 

  136. 									. "WHERE rs.role_type = 'rs' AND rs.require_for IN ('entity', 'both') AND rs.topic = 'object' AND rs.src_or_tx_name = 'post' $role_clause AND rs.obj_or_term_id IN ( $attachment_query )";

    137. 

  137. 			

    138. 

  138. 			$object_default_restriction_query = "SELECT rs.role_name FROM $wpdb->role_scope_rs AS rs "

    139. 

  139. 											. "WHERE rs.require_for IN ('children', 'both') AND rs.topic = 'object' AND rs.max_scope = 'object' AND rs.src_or_tx_name = 'post' AND rs.obj_or_term_id = '0' $role_clause";

    140. 

  140. 			

    141. 

  141. 			$all_objects = array();

    142. 

  142. 			$all_objects['post'] = scoper_get_col( $attachment_query );

    143. 

  143. 								

    144. 

  144. 			$restricted_roles = array();

    145. 

  145. 			$unrestricted_roles = array();

    146. 

  146. 							

    147. 

  147. 			if ( $results = scoper_get_results( $object_restriction_query ) ) {

    148. 

  148. 				foreach ( $results as $row ) {

    149. 

  149. 					if ( 'blog' == $row->max_scope )

    150. 

  150. 						$unrestricted_roles['post'][$row->role_name] []= $row->obj_id;

    151. 

  151. 					else

    152. 

  152. 						$restricted_roles['post'][$row->role_name] []= $row->obj_id;

    153. 

  153. 				}

    154. 

  154. 			}

    155. 

  155. 

    156. 

  156. 			// if there a role is default-restricted, mark all terms as restricted (may be unrestricted later)

    157. 

  157. 			if ( $results = scoper_get_col( $object_default_restriction_query ) ) {

    158. 

  158. 				foreach ( $results as $role_name ) {

    159. 

  159. 					if ( isset( $unrestricted_roles['category'][$role_name] ) )

    160. 

  160. 						$default_restricted = array_diff( $all_terms['post'], $unrestricted_roles['post'][$role_name] );

    161. 

  161. 					else

    162. 

  162. 						$default_restricted = $all_objects['post'];

    163. 

  163. 		

    164. 

  164. 					if ( isset( $restricted_roles['post'][$role_name] ) )

    165. 

  165. 						$restricted_roles['post'][$role_name] = array_unique( array_merge( $restricted_roles['post'][$role_name], $default_restricted ) );

    166. 

  166. 					else

    167. 

  167. 						$restricted_roles['post'][$role_name] = $default_restricted;

    168. 

  168. 				}											

    169. 

  169. 			}

    170. 

  170. 			

    171. 

  171. 			if ( ! empty( $restricted_roles ) ) {

    172. 

  172. 				$restricted_objects['post'] = array_unique( agp_array_flatten( $restricted_roles['post'] ) );

    173. 

  173. 			

    174. 

  174. 				if ( $restricted_objects['post'] )

    175. 

  175. 					$object_restriction_clause = "OR post_parent IN ( SELECT ID FROM $wpdb->posts WHERE ID IN ('" . implode( "','", $restricted_objects['post'] ) . "') )";

    176. 

  176. 			}

    177. 

  177. 		}	

    178. 

  178. 		

    179. 

  179. 					

    180. 

  180. 		if ( $use_private_status ) {

    181. 

  181. 			$status_query = "AND post_parent IN ( SELECT $wpdb->posts.ID FROM $wpdb->posts WHERE $wpdb->posts.post_status = 'private' )";

    182. 

  182. 		}

    183. 

  183. 		

    184. 

  184. 		if ( $attachments ) {

    185. 

  185. 			$attachment_type_clause = "post_type = 'attachment' AND";

    186. 

  186. 			

    187. 

  187. 			$unattached_clause = ( defined('SCOPER_BLOCK_UNATTACHED_UPLOADS') ) ? " OR post_parent < 1" : '';

    188. 

  188. 		}

    189. 

  189. 			

    190. 

  190. 		

    191. 

  191. 		$single_col = false;

    192. 

  192. 

    193. 

  193. 		if ( COLS_ALL_RS === $cols )

    194. 

  194. 			$query_cols = '*';

    195. 

  195. 		elseif ( COL_ID_RS == $cols ) {

    196. 

  196. 			$query_cols = 'ID';

    197. 

  197. 			$single_col = true;

    198. 

  198. 		} elseif ( COLS_ID_DISPLAYNAME_RS == $cols ) {

    199. 

  199. 			if ( $attachment )

    200. 

  200. 				$query_cols = 'ID, post_title, guid';

    201. 

  201. 			else

    202. 

  202. 				$query_cols = 'ID, post_title';

    203. 

  203. 		} else {

    204. 

  204. 			if ( $attachments )

    205. 

  205. 				$query_cols = 'ID, guid';

    206. 

  206. 			else {

    207. 

  207. 				$query_cols = 'ID';

    208. 

  208. 				$single_col = true;

    209. 

  209. 			}

    210. 

  210. 		}

    211. 

  211. 		

    212. 

  212. 		$query = "SELECT $query_cols FROM $wpdb->posts WHERE $attachment_type_clause ( 1=1 $status_query $term_restriction_clause $object_restriction_clause $unattached_clause ) $id_clause ORDER BY ID DESC $limit_clause";

    213. 

  213. 		

    214. 

  214. 		if ( $attachment_id && ! is_array( $attachment_id ) ) {

    215. 

  215. 			if ( $single_col )

    216. 

  216. 				$results = scoper_get_var( $query );

    217. 

  217. 			else

    218. 

  218. 				$results = scoper_get_row( $query );

    219. 

  219. 		} else {

    220. 

  220. 			if ( $single_col )

    221. 

  221. 				$results = scoper_get_col( $query );

    222. 

  222. 			else

    223. 

  223. 				$results = scoper_get_results( $query );

    224. 

  224. 		}

    225. 

  225. 		

    226. 

  226. 		return $results;

    227. 

  227. 	}

    228. 

  228. 

    229. 

  229. }

    230. 

  230. 

    231. 

  231. ?>
    232.