PageRenderTime 48ms CodeModel.GetById 17ms RepoModel.GetById 0ms app.codeStats 0ms

/wp-content/plugins/role-scoper/admin/item_roles_ui_rs.php

https://bitbucket.org/broderboy/nycendurance-wordpress
PHP | 593 lines | 398 code | 151 blank | 44 comment | 103 complexity | d1ee3d273ba24ac5e065c10cc827fe76 MD5 | raw file
Possible License(s): AGPL-1.0, GPL-3.0, Apache-2.0, GPL-2.0, LGPL-2.1
  1. <?php
  2. if( basename(__FILE__) == basename($_SERVER['SCRIPT_FILENAME']) )
  3. die();
  4. require_once( dirname(__FILE__).'/admin_ui_lib_rs.php' );
  5. require_once( dirname(__FILE__).'/role_assignment_lib_rs.php' );
  6. class ScoperItemRolesUI {
  7. var $scoper;
  8. var $scoper_admin;
  9. var $loaded_src_name;
  10. var $loaded_object_type;
  11. var $loaded_object_id;
  12. var $no_object_roles;
  13. var $indicate_blended_roles;
  14. var $do_propagation_cboxes;
  15. var $role_handles;
  16. var $all_groups;
  17. var $group_members = array();
  18. var $agent_captions;
  19. var $agent_captions_plural;
  20. var $all_agents;
  21. var $eligible_agent_ids;
  22. var $current_roles;
  23. var $blog_term_roles;
  24. var $object_strict_roles;
  25. var $child_strict_roles;
  26. var $drew_objroles_marker;
  27. function ScoperItemRolesUI() {
  28. $this->scoper =& $GLOBALS['scoper'];
  29. $this->scoper_admin =& $GLOBALS['scoper_admin'];
  30. }
  31. function load_roles($src_name, $object_type, $object_id) {
  32. //log_mem_usage_rs( 'start ItemRolesUI::load_roles()' );
  33. if ( 'edit.php' == $GLOBALS['pagenow'] )
  34. return;
  35. if ( ! scoper_get_otype_option('use_object_roles', $src_name, $object_type) )
  36. return;
  37. if ( ! $src = $this->scoper->data_sources->get($src_name) )
  38. return;
  39. $this->loaded_src_name = $src_name;
  40. $this->loaded_object_type = $object_type;
  41. $this->loaded_object_id = $object_id;
  42. $this->indicate_blended_roles = scoper_get_option( 'indicate_blended_roles' );
  43. $this->all_agents = array();
  44. $this->agent_captions = array();
  45. $this->agent_captions_plural = array();
  46. $this->eligible_agent_ids = array();
  47. // note: if object_id = 0, default roles will be retrieved
  48. $get_defaults = ! $object_id;
  49. $obj_roles = array();
  50. $role_defs = $this->scoper->role_defs->get_matching('rs', $src_name, $object_type);
  51. $this->role_handles = array_keys($role_defs);
  52. // for default roles, distinguish between various object types
  53. $filter_role_handles = ( $object_id ) ? '' : array_keys($role_defs);
  54. if ( GROUP_ROLES_RS )
  55. $this->current_roles[ROLE_BASIS_GROUPS] = ScoperRoleAssignments::organize_assigned_roles(OBJECT_SCOPE_RS, $src_name, $object_id, $filter_role_handles, ROLE_BASIS_GROUPS, $get_defaults);
  56. //log_mem_usage_rs( 'load_roles: organize_assigned_roles for groups' );
  57. if ( USER_ROLES_RS )
  58. $this->current_roles[ROLE_BASIS_USER] = ScoperRoleAssignments::organize_assigned_roles(OBJECT_SCOPE_RS, $src_name, $object_id, $filter_role_handles, ROLE_BASIS_USER, $get_defaults);
  59. //log_mem_usage_rs( 'load_roles: organize_assigned_roles for users' );
  60. if ( GROUP_ROLES_RS ) {
  61. $this->all_groups = ScoperAdminLib::get_all_groups(UNFILTERED_RS);
  62. //log_mem_usage_rs( 'load_roles: get_all_groups' );
  63. if ( ! empty( $this->all_groups) ) {
  64. $this->agent_captions [ROLE_BASIS_GROUPS] = __('Group', 'scoper');
  65. $this->agent_captions_plural [ROLE_BASIS_GROUPS] = __('Groups', 'scoper');
  66. $this->all_agents[ROLE_BASIS_GROUPS] = $this->all_groups;
  67. $this->all_agents[ROLE_BASIS_GROUPS] = $this->all_groups;
  68. }
  69. //log_mem_usage_rs( 'load_roles: set all_groups properties' );
  70. }
  71. if ( USER_ROLES_RS ) {
  72. $this->agent_captions [ROLE_BASIS_USER] = __('User', 'scoper');
  73. $this->agent_captions_plural [ROLE_BASIS_USER] = __awp('Users');
  74. // note: all users are eligible for a reading role assignment, but we may not be displaying user checkboxes
  75. $user_csv_input = scoper_get_option("user_role_assignment_csv");
  76. if ( ! $user_csv_input )
  77. $this->all_agents[ROLE_BASIS_USER] = $this->scoper->users_who_can( '', COLS_ID_NAME_RS);
  78. elseif( $object_id ) {
  79. $assignees = array();
  80. if ( $this->current_roles[ROLE_BASIS_USER] )
  81. foreach ( array_keys($this->current_roles[ROLE_BASIS_USER]) as $role_handle )
  82. $assignees = array_merge( $assignees, array_keys( $this->current_roles[ROLE_BASIS_USER][$role_handle]['assigned'] ) );
  83. $assignees = array_unique( $assignees );
  84. global $wpdb;
  85. $this->all_agents[ROLE_BASIS_USER] = scoper_get_results( "SELECT ID, display_name FROM $wpdb->users WHERE ID IN ('" . implode("','", $assignees) . "')" );
  86. } else
  87. $this->all_agents[ROLE_BASIS_USER] = array();
  88. //log_mem_usage_rs( 'load_roles: users_who_can for all_agents' );
  89. //users eligible for an editing role assignments are those who have the basic edit cap via taxonomy or blog role
  90. if ( scoper_get_otype_option( 'limit_object_editors', $src_name, $object_type ) ) {
  91. // Limit eligible page contribs/editors based on blog ownership of "edit_posts"
  92. // Otherwise, since pages are generally not categorized, only Blog Editors and Admins are eligible for object role ass'n
  93. // It's more useful to exclude Blog Subscribers while including all others
  94. $role_object_type = ( 'page' == $object_type ) ? 'post' : $object_type;
  95. $reqd_caps = $this->scoper->cap_defs->get_matching($src_name, $role_object_type, OP_EDIT_RS, '', BASE_CAPS_RS); // status-specific and 'others' caps will not be returned
  96. $args = array( 'ignore_strict_terms' => true, 'ignore_group_roles' => true, 'skip_object_roles' => true );
  97. $this->eligible_agent_ids[ROLE_BASIS_USER][OP_EDIT_RS] = $this->scoper->users_who_can( array_keys($reqd_caps), COL_ID_RS, '', 0, $args );
  98. //log_mem_usage_rs( 'load_roles: users_who_can for eligible_agent_ids' );
  99. }
  100. }
  101. $this->blog_term_roles = array();
  102. // Pull object and blog/term role assignments for all roles
  103. // Do this first so contained / containing roles can be accounted for in UI
  104. foreach ($role_defs as $role_handle => $role_def) {
  105. if ( $this->indicate_blended_roles && isset($role_def->valid_scopes[OBJECT_SCOPE_RS]) ) {
  106. // might need to check term/blog assignment of a different role to reflect object's current status
  107. if ( ! empty( $role_def->other_scopes_check_role) && ! empty($src->cols->status) ) {
  108. $status = $this->scoper->data_sources->detect('status', $src, $object_id);
  109. if ( isset($role_def->other_scopes_check_role[$status]) )
  110. $blog_term_role_handle = $role_def->other_scopes_check_role[$status];
  111. elseif ( isset($role_def->other_scopes_check_role['']) )
  112. $blog_term_role_handle = $role_def->other_scopes_check_role[''];
  113. else
  114. $blog_term_role_handle = $role_handle;
  115. } else
  116. $blog_term_role_handle = $role_handle;
  117. $this_args = array('skip_object_roles' => true, 'object_type' => $object_type, 'ignore_group_roles' => true );
  118. if ( empty( $user_csv_input ) ) {
  119. $this->blog_term_roles[ROLE_BASIS_USER][$role_handle] = $this->scoper->users_who_can($blog_term_role_handle, COL_ID_RS, $src_name, $object_id, $this_args );
  120. //log_mem_usage_rs( "load_roles: users_who_can for $role_handle users" );
  121. } else
  122. $this->blog_term_roles[ROLE_BASIS_USER][$role_handle] = array();
  123. $this->blog_term_roles[ROLE_BASIS_GROUPS][$role_handle] = $this->scoper->groups_who_can($blog_term_role_handle, COL_ID_RS, $src_name, $object_id, $this_args );
  124. //log_mem_usage_rs( "load_roles: groups_who_can for $role_handle groups" );
  125. }
  126. }
  127. $this->do_propagation_cboxes = ( ! empty($src->cols->parent) && ! $this->scoper->data_sources->member_property($src_name, 'object_types', $object_type, 'ignore_object_hierarchy') );
  128. $this->object_strict_roles = array();
  129. $this->child_strict_roles = array();
  130. $args = array( 'id' => $object_id, 'include_child_restrictions' => true );
  131. if ( $restrictions = $this->scoper->get_restrictions(OBJECT_SCOPE_RS, $src_name, $args) ) {
  132. //log_mem_usage_rs( "load_roles: get_restrictions" );
  133. foreach ( $this->role_handles as $role_handle ) {
  134. // defaults for this role
  135. if ( isset($restrictions['unrestrictions'][$role_handle]) && is_array($restrictions['unrestrictions'][$role_handle]) ) {
  136. $this->object_strict_roles[$role_handle] = true;
  137. $this->child_strict_roles[$role_handle] = true;
  138. } else {
  139. $this->object_strict_roles[$role_handle] = false;
  140. $this->child_strict_roles[$role_handle] = false;
  141. }
  142. // role is not default strict, and a restriction is set
  143. if ( isset($restrictions['restrictions'][$role_handle][$object_id]) ) {
  144. switch ( $restrictions['restrictions'][$role_handle][$object_id] ) {
  145. case ASSIGN_FOR_ENTITY_RS:
  146. $this->object_strict_roles[$role_handle] = true;
  147. $this->child_strict_roles[$role_handle] = false;
  148. break;
  149. case ASSIGN_FOR_CHILDREN_RS:
  150. $this->object_strict_roles[$role_handle] = false;
  151. $this->child_strict_roles[$role_handle] = true;
  152. break;
  153. case ASSIGN_FOR_BOTH_RS:
  154. $this->object_strict_roles[$role_handle] = true;
  155. $this->child_strict_roles[$role_handle] = true;
  156. } // end switch
  157. // role IS default strict, and no unrestriction is set
  158. } elseif ( isset($restrictions['unrestrictions'][$role_handle][$object_id]) ) {
  159. switch ( $restrictions['unrestrictions'][$role_handle][$object_id] ) {
  160. case ASSIGN_FOR_ENTITY_RS:
  161. $this->object_strict_roles[$role_handle] = false;
  162. $this->child_strict_roles[$role_handle] = true;
  163. break;
  164. case ASSIGN_FOR_CHILDREN_RS:
  165. $this->object_strict_roles[$role_handle] = true;
  166. $this->child_strict_roles[$role_handle] = false;
  167. break;
  168. case ASSIGN_FOR_BOTH_RS:
  169. $this->object_strict_roles[$role_handle] = false;
  170. $this->child_strict_roles[$role_handle] = false;
  171. } // end switch
  172. }
  173. } // end foreach Role Handle
  174. }
  175. //log_mem_usage_rs( 'end ItemRolesUI::load_roles()' );
  176. }
  177. function draw_object_roles_content($src_name, $object_type, $role_handle, $object_id = '', $skip_user_validation = false, $object = false ) {
  178. //log_mem_usage_rs( 'start ItemRolesUI::draw_object_roles_content()' );
  179. if ( ! $object_id )
  180. $object_id = scoper_get_object_id( $src_name, $object_type );
  181. if ( ! empty($object) && ( 'auto-draft' == $object->post_status ) )
  182. $object_id = 0;
  183. if ( ( $src_name != $this->loaded_src_name ) || ( $object_type != $this->loaded_object_type ) || ( $object_id != $this->loaded_object_id ) )
  184. $this->load_roles($src_name, $object_type, $object_id);
  185. if ( ! $otype_def = $this->scoper->data_sources->member_property($src_name, 'object_types', $object_type) )
  186. return;
  187. if ( ! $skip_user_validation && ! $this->scoper_admin->user_can_admin_role($role_handle, $object_id, $src_name, $object_type) )
  188. return;
  189. // since we may be dumping a lot of hidden user <li> into the page, enumerate role names to shorten html
  190. $role_code = 'r' . array_search($role_handle, $this->role_handles);
  191. $role_def = $this->scoper->role_defs->get($role_handle);
  192. if ( ! isset($role_def->valid_scopes[OBJECT_SCOPE_RS]) )
  193. return;
  194. if ( empty( $this->drew_objroles_marker ) ) {
  195. echo "<input type='hidden' name='rs_object_roles' value='true' />";
  196. $this->drew_objroles_marker = true;
  197. }
  198. // ========== OBJECT RESTRICTION CHECKBOX(ES) ============
  199. // checkbox to control object role scoping (dictates whether taxonomy and blog role assignments also be honored for operations on this object )
  200. $checked = ( empty($this->object_strict_roles[$role_handle]) ) ? '' : 'checked="checked"';
  201. $val = ( $checked ) ? '1' : '0';
  202. echo "<input type='hidden' name='last_objscope_{$role_code}' value='$val' id='last_objscope_{$role_code}' />";
  203. echo "\r\n<p style='margin-bottom:0.8em;'>"
  204. . "<span class='alignright'><a href='#wphead'>" . __('top', 'scoper') . '</a></span>'
  205. . "<label for='objscope_{$role_code}'>"
  206. . "<input type='checkbox' class='rs-check' name='objscope_{$role_code}' value='1' id='objscope_{$role_code}' $checked />"
  207. . sprintf(__('Restrict for %1$s (<strong>only</strong> selected users/groups are %2$s)', 'scoper'), $otype_def->labels->singular_name, $this->scoper->role_defs->get_abbrev($role_handle, OBJECT_UI_RS) )
  208. . '</label></p>';
  209. if ( $this->do_propagation_cboxes ) {
  210. $checked = ( empty($this->child_strict_roles[$role_handle]) ) ? '' : 'checked="checked"';
  211. $val = ( $checked ) ? '1' : '0';
  212. echo "<input type='hidden' name='last_objscope_children_{$role_code}' value='$val' id='last_objscope_children_{$role_code}' />";
  213. echo "<p style='margin-top: 0.5em;'>"
  214. . "<label for='objscope_children_{$role_code}'>"
  215. . "<input type='checkbox' class='rs-check' name='objscope_children_{$role_code}' value='1' id='objscope_children_{$role_code}' $checked />"
  216. . sprintf(__('Restrict for Sub-%1$s', 'scoper'), $otype_def->labels->name )
  217. . '</label></p>';
  218. }
  219. // ========== OBJECT ROLE ASSIGNMENT CHECKBOX(ES) ============
  220. // toggle groups / users view if both are enabled
  221. //echo "<p style='margin: 1em 0 0.2em 0;'><strong>" . sprintf(__('Assign %s Role:', 'scoper'), $display_name ) . '</strong></p>';
  222. //echo '<br />';
  223. $toggle_agents = USER_ROLES_RS && GROUP_ROLES_RS && ! empty($this->all_groups);
  224. if ( $toggle_agents ) {
  225. if ( ! empty($this->current_roles[ROLE_BASIS_USER][$role_handle]) )
  226. $default_role_basis = ROLE_BASIS_USER;
  227. else
  228. $default_role_basis = ROLE_BASIS_GROUPS;
  229. $class_selected = 'agp-selected_agent_colorized agp-selected_agent agp-agent';
  230. $class_unselected = 'agp-unselected_agent_colorized agp-unselected_agent agp-agent';
  231. $class = ( ROLE_BASIS_GROUPS == $default_role_basis ) ? "class='$class_selected'" : "class='$class_unselected'";
  232. $js_call = "agp_swap_display('{$role_code}_groups', '{$role_code}_user', '{$role_code}_show_group_roles', '{$role_code}_show_user_roles', '$class_selected', '$class_unselected')";
  233. $bottom_margin = ( ! empty( $GLOBALS['is_IE'] ) ) ? '-0.7em' : 0;
  234. echo "\r\n"
  235. . "<div class='agp_js_show' style='display:none;margin:0 0 $bottom_margin 0'>"
  236. . "<ul class='rs-list_horiz' style='margin-bottom:-0.1em'><li $class>"
  237. . "<a href='javascript:void(0)' id='{$role_code}_show_group_roles' onclick=\"$js_call\">"
  238. . __('Groups', 'scoper') . '</a></li>';
  239. $class = ( ROLE_BASIS_USER == $default_role_basis ) ? "class='$class_selected'" : "class='$class_unselected'";
  240. $js_call = "agp_swap_display('{$role_code}_user', '{$role_code}_groups', '{$role_code}_show_user_roles', '{$role_code}_show_group_roles', '$class_selected', '$class_unselected')";
  241. echo "\r\n"
  242. . "<li $class><a href='javascript:void(0)' id='{$role_code}_show_user_roles' onclick=\"$js_call\">"
  243. . __awp('Users') . '</a></li>'
  244. . '</ul></div>';
  245. }
  246. $class = "class='rs-agents'";
  247. //need effective line break here if not IE
  248. echo "<div style='clear:both;margin:0 0 0.3em 0' $class>";
  249. $role_ops = $this->scoper->cap_defs->get_cap_ops( $this->scoper->role_defs->role_caps[$role_handle] );
  250. $agents_reqd_op = (isset($role_ops[OP_EDIT_RS]) ) ? OP_EDIT_RS : OP_READ_RS;
  251. $containing_roles = $this->scoper->role_defs->get_containing_roles($role_handle);
  252. require_once( dirname(__FILE__).'/agents_checklist_rs.php');
  253. $args = array( 'suppress_extra_prefix' => true, 'default_hide_threshold' => 20, 'propagation' => $this->do_propagation_cboxes,
  254. 'otype_label_singular' => $otype_def->labels->singular_name, 'otype_label' => $otype_def->labels->name,
  255. 'object_type' => $object_type, 'object_id' => $object_id );
  256. $args['via_other_role_ids'] = array(); // must set this here b/c subsequent for loop is set up for users iteration to recall via_other_role_ids from groups iteration
  257. foreach ( $this->agent_captions as $role_basis => $agent_caption ) {
  258. if ( ! is_array( $this->blog_term_roles[$role_basis][$role_handle] ) )
  259. $this->blog_term_roles[$role_basis][$role_handle] = array();
  260. // for the purpose of indicating implicit role ownership, we will consider any assignment of a containing role as equivalent
  261. foreach ( array_keys($containing_roles) as $containing_role_handle )
  262. if ( isset($this->blog_term_roles[$role_basis][$containing_role_handle]) && is_array($this->blog_term_roles[$role_basis][$containing_role_handle]) )
  263. $this->blog_term_roles[$role_basis][$role_handle] = array_merge( $this->blog_term_roles[$role_basis][$role_handle], $this->blog_term_roles[$role_basis][$containing_role_handle] );
  264. $this->blog_term_roles[$role_basis][$role_handle] = array_unique($this->blog_term_roles[$role_basis][$role_handle]);
  265. $hide_class = ( $toggle_agents && ( $role_basis != $default_role_basis ) ) ? ' class="agp_js_hide"' : '';
  266. echo "\r\n<div id='{$role_code}_{$role_basis}' $hide_class>";
  267. // also abbreviate "groups" to 'g', 'user' to 'u'
  268. $id_prefix = $role_code . substr($role_basis, 0, 1);
  269. if ( $this->indicate_blended_roles && $object_id && GROUP_ROLES_RS && (ROLE_BASIS_USER == $role_basis) ) {
  270. $args['via_other_basis_ids'] = array();
  271. // note users who are in a group that has this role object-assigned
  272. if ( ! empty($this->current_roles[ROLE_BASIS_GROUPS][$role_handle]['assigned']) ) {
  273. foreach ( array_keys($this->current_roles[ROLE_BASIS_GROUPS][$role_handle]['assigned']) as $group_id ) {
  274. if ( ! isset($this->group_members[$group_id]) )
  275. $this->group_members[$group_id] = ScoperAdminLib::get_group_members($group_id, COL_ID_RS, true); //arg: maybe WP role metagroup
  276. $args['via_other_basis_ids'] = array_merge($args['via_other_basis_ids'], $this->group_members[$group_id]);
  277. }
  278. }
  279. // note users who are in a group that has this role term-assigned or blog-assigned (and not restricted)
  280. foreach ( $this->blog_term_roles[ROLE_BASIS_GROUPS][$role_handle] as $group_id ) {
  281. if ( ! isset($this->group_members[$group_id]) )
  282. $this->group_members[$group_id] = ScoperAdminLib::get_group_members($group_id, COL_ID_RS, true); //arg: maybe WP role metagroup
  283. $args['via_other_basis_ids'] = array_merge($args['via_other_basis_ids'], $this->group_members[$group_id]);
  284. }
  285. // note users who are in a group that has a containing role object-assigned
  286. // (note: via_other_role_ids element was set in previous iteration since ROLE_BASIS_GROUPS is first element in agents_caption array
  287. foreach ( $args['via_other_role_ids'] as $group_id ) {
  288. if ( ! isset($this->group_members[$group_id]) )
  289. $this->group_members[$group_id] = ScoperAdminLib::get_group_members($group_id, COL_ID_RS, true); //arg: maybe WP role metagroup
  290. $args['via_other_basis_ids'] = array_merge($args['via_other_basis_ids'], $this->group_members[$group_id]);
  291. }
  292. $args['via_other_basis_ids'] = array_unique($args['via_other_basis_ids']);
  293. }
  294. if ( $this->indicate_blended_roles )
  295. $args['via_other_scope_ids'] = $this->blog_term_roles[$role_basis][$role_handle];
  296. $args['via_other_role_ids'] = array();
  297. if ( $this->indicate_blended_roles && $containing_roles ) {
  298. foreach ( array_keys($containing_roles) as $containing_role_handle ) {
  299. if ( isset($this->current_roles[$role_basis][$containing_role_handle]['assigned']) )
  300. $args['via_other_role_ids'] = array_merge($args['via_other_role_ids'], array_keys($this->current_roles[$role_basis][$containing_role_handle]['assigned']) );
  301. }
  302. $args['via_other_role_ids'] = array_unique($args['via_other_role_ids']);
  303. }
  304. if ( $object_id && $this->do_propagation_cboxes ) {
  305. $args['for_entity_ids'] = ( isset($this->current_roles[$role_basis][$role_handle]['entity']) ) ? array_keys($this->current_roles[$role_basis][$role_handle]['entity']) : array();
  306. $args['for_children_ids'] = ( isset($this->current_roles[$role_basis][$role_handle]['children']) ) ? array_keys($this->current_roles[$role_basis][$role_handle]['children']) : '';
  307. }
  308. $args['eligible_ids'] = isset($this->eligible_agent_ids[$role_basis][$agents_reqd_op]) ? $this->eligible_agent_ids[$role_basis][$agents_reqd_op]: '';
  309. if ( ( 'post' == $src_name ) && ( 'auto-draft' == $object->post_status ) )
  310. $args['suppress_last_agents'] = true;
  311. if ( ! empty($this->current_roles[$role_basis][$role_handle]['assigned']) ) {
  312. ScoperAgentsChecklist::agents_checklist( $role_basis, $this->all_agents[$role_basis], $id_prefix, $this->current_roles[$role_basis][$role_handle]['assigned'], $args );
  313. } else
  314. ScoperAgentsChecklist::agents_checklist( $role_basis, $this->all_agents[$role_basis], $id_prefix, '', $args );
  315. echo "\r\n</div>";
  316. } // end foreach role basis caption (user or group)
  317. echo '</div>'; // class rs-agents
  318. //log_mem_usage_rs( 'end ItemRolesUI::draw_object_roles_content()' );
  319. }
  320. function get_rolecount_caption($role_handle) {
  321. $count_sfx = '';
  322. $agents_caption = array();
  323. // indicate object role scoping in container caption
  324. if ( ! empty($this->object_strict_roles[$role_handle]) )
  325. $agents_caption[] = __( 'restricted role', 'scoper' );
  326. if ( USER_ROLES_RS && ! empty($this->current_roles[ROLE_BASIS_USER][$role_handle]) ) {
  327. $count = count(array_keys($this->current_roles[ROLE_BASIS_USER][$role_handle]['assigned']));
  328. $agents_caption[] = sprintf(_n('%s user', '%s users', $count, 'scoper'), $count);
  329. }
  330. if ( GROUP_ROLES_RS && ! empty($this->current_roles[ROLE_BASIS_GROUPS][$role_handle]) ) {
  331. $count = count(array_keys($this->current_roles[ROLE_BASIS_GROUPS][$role_handle]['assigned']));
  332. $agents_caption[] = sprintf(_n('%s group', '%s groups', $count, 'scoper'), $count);
  333. }
  334. if ( $agents_caption ) {
  335. $count_sfx = "<span class='rs-dbx_headline_populated'>";
  336. $count_sfx .= ( $agents_caption ) ? ' (' . implode(', ', $agents_caption) . ')' : '';
  337. $count_sfx .= "</span>";
  338. }
  339. return $count_sfx;
  340. }
  341. // This is now called only for direct single-object role edit via the bulk admin form,
  342. // and by any non-post data sources which define admin_actions->object_edit_ui
  343. function single_object_roles_ui($src_name, $object_type, $object_id, $args = array()) {
  344. $defaults = array( 'html_inserts' => '' );
  345. $args = array_merge( $defaults, (array) $args );
  346. extract($args);
  347. if ( ! scoper_get_otype_option('use_object_roles', $src_name, $object_type) )
  348. return;
  349. if ( ! $html_inserts ) {
  350. if ( ! $otype_def = $this->scoper->data_sources->member_property($src_name, 'object_types', $object_type) )
  351. return;
  352. if ( isset($otype_def->admin_inserts->bottom) )
  353. $html_inserts = $otype_def->admin_inserts->bottom;
  354. elseif ( ! $html_inserts = $src->admin_inserts->bottom ) {
  355. // TODO: CSS
  356. $html_inserts->open = (object) array(
  357. 'container' => '<br />',
  358. 'headline' => '<h3 style="margin-bottom: 0">',
  359. 'content' => '<div style="border:2px solid #ccc; margin-top: 0; padding: 0 0.2em 0 0.2em;">' );
  360. $html_inserts->close = (object) array(
  361. 'container' => '', 'headline' => '</h3>', 'content' => '</div>' );
  362. }
  363. }
  364. if ( ! isset($this->all_agents) || ( $src_name != $this->loaded_src_name ) || ( $object_type != $this->loaded_object_type ) || ( $object_id != $this->loaded_object_id ) )
  365. $this->load_roles($src_name, $object_type, $object_id);
  366. $group_members = array();
  367. $role_defs = $this->scoper->role_defs->get_matching('rs', $src_name, $object_type);
  368. foreach ($role_defs as $role_handle => $role_def) {
  369. if ( ! isset($role_def->valid_scopes[OBJECT_SCOPE_RS]) || ! $this->scoper_admin->user_can_admin_role($role_handle, $object_id, $src_name, $object_type) )
  370. continue;
  371. echo( "\r\n" . sprintf($html_inserts->open->container, "objrole_$role_handle") );
  372. $count_sfx = $this->get_rolecount_caption($role_handle);
  373. echo $html_inserts->open->headline . $this->scoper->role_defs->get_abbrev( $role_handle, OBJECT_UI_RS ) . $count_sfx
  374. . $html_inserts->close->headline
  375. . $html_inserts->open->content;
  376. $this->draw_object_roles_content($src_name, $object_type, $role_handle, $object_id, true); // arg: skip_user_validation
  377. echo "\r\n" . $html_inserts->close->content . "\r\n" . $html_inserts->close->container . "\r\n";
  378. } // end foreach role
  379. }
  380. function single_term_roles_ui($taxonomy, $args, $term) {
  381. if ( ! $taxonomy )
  382. return;
  383. if ( ! $tx = $this->scoper->taxonomies->get($taxonomy) )
  384. return;
  385. global $scoper;
  386. $tx_src = $scoper->data_sources->get( $tx->source );
  387. if ( is_object($term) ) {
  388. if ( empty( $term->{$tx_src->cols->id} ) )
  389. return;
  390. else
  391. $term_id = $term->{$tx_src->cols->id};
  392. } elseif ( $term )
  393. $term_id = $term;
  394. else
  395. return;
  396. if ( ! $role_defs_by_otype = $this->scoper->role_defs->get_for_taxonomy($tx->object_source, $taxonomy) )
  397. return;
  398. require_once( dirname(__FILE__).'/admin-bulk_rs.php');
  399. $all_terms = array( (object) array( $tx_src->cols->id => $term_id, $tx_src->cols->name => '', $tx_src->cols->parent => 0 ) );
  400. $admin_terms = array( $term_id => true );
  401. $role_bases = array();
  402. $term_roles = array();
  403. if ( USER_ROLES_RS ) {
  404. $term_roles[ROLE_BASIS_USER] = ScoperRoleAssignments::get_assigned_roles(TERM_SCOPE_RS, ROLE_BASIS_USER, $taxonomy, array( 'id' => $term_id) );
  405. $role_bases []= ROLE_BASIS_USER;
  406. }
  407. if ( GROUP_ROLES_RS ) {
  408. $term_roles[ROLE_BASIS_GROUPS] = ScoperRoleAssignments::get_assigned_roles(TERM_SCOPE_RS, ROLE_BASIS_GROUPS, $taxonomy, array( 'id' => $term_id) );
  409. $role_bases []= ROLE_BASIS_GROUPS;
  410. }
  411. $strict_terms = $this->scoper->get_restrictions(TERM_SCOPE_RS, $taxonomy );
  412. $agents = ScoperAdminBulk::get_agents($role_bases);
  413. $agent_names = ScoperAdminBulk::agent_names($agents);
  414. $agent_list_prefix = ScoperAdminBulk::agent_list_prefixes();
  415. $agent_caption_plural = ScoperAdminBulk::agent_captions_plural($role_bases);
  416. $default_restrictions = $this->scoper->get_default_restrictions(TERM_SCOPE_RS);
  417. $default_strict_roles = ( ! empty($default_restrictions[$taxonomy] ) ) ? array_flip(array_keys($default_restrictions[$taxonomy])) : array();
  418. require_once( dirname(__FILE__).'/admin_ui_lib_rs.php');
  419. $table_captions = ScoperAdminUI::restriction_captions(TERM_SCOPE_RS, $tx, $tx->labels->singular_name, $tx->labels->name );
  420. echo '<br />';
  421. $url = "admin.php?page=rs-category-restrictions_t#item-$term_id";
  422. echo "\n<h3><a href='$url'>" . __('Category Restrictions', 'scoper') . '</a></h3>';
  423. $args = array(
  424. 'admin_items' => $admin_terms, 'editable_roles' => array(), 'default_strict_roles' => $default_strict_roles,
  425. 'ul_class' => 'rs-termlist', 'table_captions' => $table_captions, 'single_item' => true
  426. );
  427. ScoperAdminBulk::item_tree( TERM_SCOPE_RS, ROLE_RESTRICTION_RS, $tx->source, $tx, $all_terms, '', $strict_terms, $role_defs_by_otype, array(), $args);
  428. $url = "admin.php?page=rs-category-roles_t#item-$term_id";
  429. echo "\n<h3><a href='$url'>" . __('Category Roles', 'scoper') . '</a></h3>';
  430. $args = array(
  431. 'admin_items' => $admin_terms, 'editable_roles' => array(), 'role_bases' => $role_bases,
  432. 'agent_names' => $agent_names, 'agent_caption_plural' => $agent_caption_plural, 'agent_list_prefix' => $agent_list_prefix,
  433. 'ul_class' => 'rs-termlist', 'single_item' => true
  434. );
  435. ScoperAdminBulk::item_tree(TERM_SCOPE_RS, ROLE_ASSIGNMENT_RS, $tx->source, $tx, $all_terms, $term_roles, $strict_terms, $role_defs_by_otype, array(), $args);
  436. if ( ! empty($term_roles) ) {
  437. $args = array( 'display_links' => false, 'display_restriction_key' => false);
  438. ScoperAdminUI::role_owners_key($tx, $args);
  439. }
  440. } // end function ui_single_term_roles
  441. } // end class ScoperObjectRolesUI
  442. ?>