/wp-content/plugins/role-scoper/admin/groups-support.php
PHP | 350 lines | 207 code | 82 blank | 61 comment | 50 complexity | 7f826a085110d31792ef715f3e8a050f MD5 | raw file
Possible License(s): AGPL-1.0, GPL-3.0, Apache-2.0, GPL-2.0, LGPL-2.1
- <?php
- if( basename(__FILE__) == basename($_SERVER['SCRIPT_FILENAME']) )
- die('This page cannot be called directly.');
-
- /* this file adapted from:
- Group Restriction plugin
- http://code.google.com/p/wp-group-restriction/
- Tiago Pocinho, Siemens Networks, S.A.
-
- some group-related functions also moved to ScoperAdminLib with slight adaptation
- */
-
- class UserGroups_tp {
- function getUsersWithGroup($group_id) {
- return ScoperAdminLib::get_group_members($group_id);
- }
-
- function addGroupMembers ($group_id, $user_ids){
- ScoperAdminLib::add_group_user($group_id, $user_ids);
- }
-
- function deleteGroupMembers ($group_id, $user_ids) {
- ScoperAdminLib::remove_group_user($group_id, $user_ids);
- }
-
-
- function GetGroup($group_id) {
- return ScoperAdminLib::get_group($group_id);
- }
-
- function getGroupByName($name) {
- return ScoperAdminLib::get_group_by_name($name);
- }
-
- /**
- * Creates a new Group
- *
- * @param string $name - Name of the group
- * @param string $description - Group description (optional)
- * @return group ID on successful creation
- **/
- function createGroup ($name, $description = ''){
- global $wpdb;
-
- if( ! UserGroups_tp::isValidName($name) )
- return false;
-
- $insert = "INSERT INTO $wpdb->groups_rs ($wpdb->groups_name_col, $wpdb->groups_descript_col) VALUES ('$name','$description')";
- scoper_query( $insert );
-
- wpp_cache_flush_group('all_usergroups');
- wpp_cache_flush_group('group_members' );
- wpp_cache_flush_group('usergroups_for_user');
- wpp_cache_flush_group('usergroups_for_groups');
- wpp_cache_flush_group('usergroups_for_ug');
-
- do_action('created_group_rs', (int) $wpdb->insert_id);
-
- return (int) $wpdb->insert_id;
- }
-
-
- /**
- * Removes a given group
- *
- * @param int $id - Identifier of the group to delete
- * @param boolean True if the deletion is successful
- **/
- function deleteGroup ($group_id){
- global $wpdb;
-
- if( ! $group_id || ! UserGroups_tp::getGroup($group_id) )
- return false;
-
- do_action('delete_group_rs', $group_id);
-
- wpp_cache_flush_group( 'all_usergroups' );
- wpp_cache_flush_group( 'group_members' );
- wpp_cache_flush_group( 'usergroups_for_user' );
- wpp_cache_flush_group( 'usergroups_for_groups' );
- wpp_cache_flush_group( 'usergroups_for_ug' );
-
- // first delete all cache entries related to this group
- if ( $group_members = ScoperAdminLib::get_group_members( $group_id, COL_ID_RS ) ) {
- $id_in = "'" . implode("', '", $group_members) . "'";
- $any_user_roles = scoper_get_var("SELECT assignment_id FROM $wpdb->user2role2object_rs WHERE role_type = 'rs' AND user_id IN ($id_in) LIMIT 1");
-
- foreach ($group_members as $user_id )
- wpp_cache_delete( $user_id, 'group_membership_for_user' );
- }
-
- //if ( $got_blogrole = scoper_get_var("SELECT assignment_id FROM $wpdb->user2role2object_rs WHERE scope = 'blog' AND role_type = 'rs' AND group_id = '$group_id' LIMIT 1") ) {
- scoper_query("DELETE FROM $wpdb->user2role2object_rs WHERE scope = 'blog' AND role_type = 'rs' AND group_id = '$group_id'");
-
- scoper_flush_roles_cache( BLOG_SCOPE_RS, ROLE_BASIS_GROUPS );
-
- if ( $any_user_roles )
- scoper_flush_roles_cache( BLOG_SCOPE_RS, ROLE_BASIS_USER_AND_GROUPS, $group_members );
- //}
-
- //if ( $got_taxonomyrole = scoper_get_var("SELECT assignment_id FROM $wpdb->user2role2object_rs WHERE scope = 'term' AND role_type = 'rs' AND group_id = '$group_id' LIMIT 1") ) {
- scoper_query("DELETE FROM $wpdb->user2role2object_rs WHERE scope = 'term' AND role_type = 'rs' AND group_id = '$group_id'");
-
- scoper_flush_roles_cache( TERM_SCOPE_RS, ROLE_BASIS_GROUPS );
-
- if ( $any_user_roles )
- scoper_flush_roles_cache( TERM_SCOPE_RS, ROLE_BASIS_USER_AND_GROUPS, $group_members );
- //}
-
- //if ( $got_objectrole = scoper_get_var("SELECT assignment_id FROM $wpdb->user2role2object_rs WHERE scope = 'object' AND role_type = 'rs' AND group_id = '$group_id' LIMIT 1") ) {
- scoper_query("DELETE FROM $wpdb->user2role2object_rs WHERE scope = 'object' AND role_type = 'rs' AND group_id = '$group_id'");
-
- scoper_flush_roles_cache( OBJECT_SCOPE_RS, ROLE_BASIS_GROUPS );
-
- if ( $any_user_roles )
- scoper_flush_roles_cache( OBJECT_SCOPE_RS, ROLE_BASIS_USER_AND_GROUPS, $group_members );
- //}
-
- //if ( $got_blogrole || $got_taxonomyrole || $got_objectrole ) {
- scoper_flush_results_cache( ROLE_BASIS_GROUPS );
-
- if ( $any_user_roles )
- scoper_flush_results_cache( ROLE_BASIS_USER_AND_GROUPS, $group_members );
- //}
-
- $delete = "DELETE FROM $wpdb->groups_rs WHERE $wpdb->groups_id_col='$group_id'";
- scoper_query( $delete );
-
- $delete = "DELETE FROM $wpdb->user2group_rs WHERE $wpdb->user2group_gid_col='$group_id'";
- scoper_query( $delete );
-
- return true;
- }
-
- /**
- * Checks if a group with a given name exists
- *
- * @param string $name - Name of the group to test
- * @return boolean True if the group exists, false otherwise.
- **/
- function groupExists($name) {
- global $wpdb;
-
- $query = "SELECT COUNT(*) FROM $wpdb->groups_rs WHERE $wpdb->groups_name_col = '$name'";
- $results = scoper_get_var( $query );
-
- return $results != 0;
- }
-
- /**
- * Verifies if a group name is valid (for a new group)
- *
- * @param string $string - Name of the group
- * @return boolean True if the name is valid, false otherwise.
- **/
- function isValidName($string){
- if($string == "" || UserGroups_tp::groupExists($string)){
- return false;
- }
- return true;
- }
-
- /**
- * Updates an existing Group
- *
- * @param int $groupID - Group identifier
- * @param string $name - Name of the group
- * @param string $description - Group description (optional)
- * @return boolean True on successful update
- **/
- function updateGroup ($group_id, $name, $description = ''){
- global $wpdb;
-
- $description = strip_tags($description);
-
- if ( $prev = scoper_get_row("SELECT * FROM $wpdb->groups_rs WHERE $wpdb->groups_id_col='$group_id';") ) {
-
- if( ($prev->{$wpdb->groups_name_col} != $name) && ! UserGroups_tp::isValidName($name))
- return false;
-
- // don't allow updating of metagroup name / descript
- if( ! empty($prev->meta_id) )
- return false;
- }
-
- do_action('update_group_rs', $group_id);
-
- $query = "UPDATE $wpdb->groups_rs SET $wpdb->groups_name_col = '$name', $wpdb->groups_descript_col='$description' WHERE $wpdb->groups_id_col='$group_id';";
- scoper_query( $query );
-
- wpp_cache_flush_group('all_usergroups');
- wpp_cache_flush_group('group_members' );
- wpp_cache_flush_group('usergroups_for_user');
- wpp_cache_flush_group('usergroups_for_groups');
- wpp_cache_flush_group('usergroups_for_ug');
-
- return true;
- }
-
- function update_group_members_multi_status( $group_id, $current_members ) {
- $posted_members = array();
-
- $is_administrator = is_user_administrator_rs();
-
- $can_manage = $is_administrator || current_user_can( 'manage_groups' );
- $can_moderate = $can_manage || current_user_can( 'recommend_group_membership' );
-
- if ( ! $can_moderate && ! current_user_can( 'request_group_membership' ) )
- return;
-
- if ( $can_manage )
- $posted_members['active'] = explode( ',', trim($_POST['current_agents_rs_csv'], ',') );
- else
- $current_members = array_diff_key( $current_members, array( 'active' => true ) );
-
- if ( $can_moderate ) {
- $current_members['recommended'] = ScoperAdminLib::get_group_members($group_id, COL_ID_RS, false, array( 'status' => 'recommended' ) );
-
- if ( ! empty($_POST['recommended_agents_rs_csv']) )
- $posted_members['recommended'] = explode( ',', trim($_POST['recommended_agents_rs_csv'], ',') );
- }
-
- $current_members['requested'] = ScoperAdminLib::get_group_members($group_id, COL_ID_RS, false, array( 'status' => 'requested' ) );
-
- if ( ! empty($_POST['requested_agents_rs_csv']) )
- $posted_members['requested'] = explode( ',', trim($_POST['requested_agents_rs_csv'], ',') );
-
- $all_current_members = agp_array_flatten ( $current_members );
- $all_posted_members = agp_array_flatten ( $posted_members );
-
- foreach ( $current_members as $status => $stored ) {
- // remove group memberships which were not posted for any status
- foreach ( $stored as $user_id ) {
- if ( $user_id )
- if ( ! in_array( $user_id, $all_posted_members ) )
- ScoperAdminLib::remove_group_user($group_id, $user_id);
- }
- }
-
- foreach ( $posted_members as $status => $posted ) {
- // insert or update group memberships as specified
- foreach ( $posted as $user_id ) {
- if ( $user_id )
- if ( ! in_array( $user_id, $all_current_members ) )
- ScoperAdminLib::add_group_user($group_id, $user_id, $status);
- elseif ( ! in_array( $user_id, $current_members[$status] ) )
- ScoperAdminLib::update_group_user($group_id, $user_id, $status);
- }
- }
- }
-
- // Called once each for members checklist, managers checklist in admin UI.
- // In either case, current (checked) members are at the top of the list.
- function group_members_checklist( $group_id, $user_class = 'member', $all_users = '' ) {
- global $scoper;
-
- if ( ! $all_users )
- $all_users = $scoper->users_who_can('', COLS_ID_NAME_RS);
-
- if ( $group_id )
- $group = ScoperAdminLib::get_group($group_id);
-
- if ( 'member' == $user_class ) {
- $current_ids = ($group_id) ? array_flip(ScoperAdminLib::get_group_members($group_id, COL_ID_RS)) : array();
-
- if ( ! empty($group) && in_array( $group->meta_id, array( 'rv_pending_rev_notice_ed_nr_', 'rv_scheduled_rev_notice_ed_nr_' ) ) ) {
- $args = array( 'any_object' => true );
-
- $eligible_ids = array();
- foreach( get_post_types( array( 'public' => true ), 'object' ) as $_type => $_type_obj ) {
- $args['object_type'] = $_type;
- $type_eligible_ids = $scoper->users_who_can( array( $_type_obj->cap->edit_published_posts, $_type_obj->cap->edit_others_posts ), COL_ID_RS, 'post', 0, $args );
- $eligible_ids = array_merge( $eligible_ids, $type_eligible_ids );
- }
- $eligible_ids = array_unique( $eligible_ids );
- } else {
- // force_all_users arg is a temporary measure to ensure that any user can be viewed / added to a sitewide MU group regardless of what blog backend it's edited through
- $_args = ( IS_MU_RS && scoper_get_option( 'mu_sitewide_groups', true ) ) ? array( 'force_all_users' => true ) : array();
-
- $eligible_ids = $scoper->users_who_can( '', COL_ID_RS, '', '', $_args );
- }
-
- $admin_ids = array();
- } else {
- $group_role_defs = ( 'moderator' == $user_class ) ? array( 'rs_group_moderator' ) : array( 'rs_group_manager' );
-
- if ( $group_id ) {
- require_once( dirname(__FILE__).'/role_assignment_lib_rs.php');
- $current_roles = ScoperRoleAssignments::organize_assigned_roles(OBJECT_SCOPE_RS, 'group', $group_id, $group_role_defs, ROLE_BASIS_USER);
-
- $current_roles = agp_array_flatten($current_roles, false);
-
- $current_ids = ( isset($current_roles['assigned']) ) ? $current_roles['assigned'] : array();
- } else
- $current_ids = array();
-
- $cap_name = ( defined( 'SCOPER_USER_ADMIN_CAP' ) ) ? constant( 'SCOPER_USER_ADMIN_CAP' ) : 'edit_users';
- $admin_ids = $scoper->users_who_can( $cap_name, COL_ID_RS );
-
- // optionally, limit available group managers according to role_admin_blogwide_editor_only option
- if ( 'manager' == $user_class ) {
- $require_blogwide_editor = false;
-
- if ( ! empty($group) ) {
- if ( ! strpos( $group->meta_id, '_nr_' ) ) { // don't limit manager selection for groups that don't have role assignments
- $require_blogwide_editor = scoper_get_option('role_admin_blogwide_editor_only');
- }
- }
-
- if ( 'admin' == $require_blogwide_editor ) {
- $eligible_ids = $admin_ids;
-
- } elseif ( 'admin_content' == $require_blogwide_editor ) {
- $cap_name = ( defined( 'SCOPER_CONTENT_ADMIN_CAP' ) ) ? constant( 'SCOPER_CONTENT_ADMIN_CAP' ) : 'activate_plugins';
- $eligible_ids = array_unique( array_merge( $admin_ids, $scoper->users_who_can( $cap_name, COL_ID_RS ) ) );
-
- } elseif ( $require_blogwide_editor ) {
- $post_editors = $scoper->users_who_can('edit_others_posts', COL_ID_RS);
- $page_editors = $scoper->users_who_can('edit_others_pages', COL_ID_RS);
-
- $eligible_ids = array_unique( array_merge($post_editors, $page_editors, $admin_ids) );
-
- } else
- $eligible_ids = '';
- } else
- $eligible_ids = '';
-
- } // endif user class is not "member"
-
- $css_id = $user_class;
- $args = array( 'eligible_ids' => $eligible_ids, 'via_other_scope_ids' => $admin_ids, 'suppress_extra_prefix' => true );
- require_once( dirname(__FILE__).'/agents_checklist_rs.php');
- ScoperAgentsChecklist::agents_checklist( ROLE_BASIS_USER, $all_users, $css_id, $current_ids, $args);
- }
-
- /**
- * Writes the success/error messages
- * @param string $string - message to be displayed
- * @param boolean $success - boolean that defines if is a success(true) or error(false) message
- **/
- function write($string, $success=true, $id="message"){
- if($success){
- echo '<div id="'.$id.'" class="updated fade"><p>'.$string.'</p></div>';
- }else{
- echo '<div id="'.$id.'" class="error fade"><p>'.$string.'</p></div>';
- }
- }
- }
-
- ?>