PageRenderTime 63ms CodeModel.GetById 26ms RepoModel.GetById 1ms app.codeStats 0ms

/components/Roles/Roles.php

https://github.com/ElmsPark/pods
PHP | 485 lines | 323 code | 106 blank | 56 comment | 53 complexity | 6ab236ab16e5dfd87ab3cbe115fbd3f6 MD5 | raw file
Possible License(s): AGPL-1.0 
    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * Name: Roles and Capabilities
    4. 

  4.  *
    5. 

  5.  * Menu Name: Roles &amp; Capabilities
    6. 

  6.  *
    7. 

  7.  * Description: Create and Manage WordPress User Roles and Capabilities; Uses the 'Members' plugin filters for additional plugin integrations; Portions of code based on the 'Members' plugin by Justin Tadlock
    8. 

  8.  *
    9. 

  9.  * Version: 1.0
    10. 

  10.  *
    11. 

  11.  * Category: Tools
    12. 

  12.  *
    13. 

  13.  * @package Pods\Components
    14. 

  14.  * @subpackage Roles
    15. 

  15.  */
    16. 

  16. 

  17. class Pods_Roles extends PodsComponent {
    18. 

  18. 

  19.     /**
    20. 

  20.      * Do things like register/enqueue scripts and stylesheets
    21. 

  21.      *
    22. 

  22.      * @since 2.0.0
    23. 

  23.      */
    24. 

  24.     public function __construct () {
    25. 

  25.         add_filter( 'pods_roles_get_capabilities', array( $this, 'remove_deprecated_capabilities' ) );
    26. 

  26.     }
    27. 

  27. 

  28.     /**
    29. 

  29.      * Enqueue styles
    30. 

  30.      *
    31. 

  31.      * @since 2.0.0
    32. 

  32.      */
    33. 

  33.     public function admin_assets () {
    34. 

  34.         wp_enqueue_style( 'pods-wizard' );
    35. 

  35.     }
    36. 

  36. 

  37.     /**
    38. 

  38.      * Build admin area
    39. 

  39.      *
    40. 

  40.      * @param $options
    41. 

  41.      * @param $component
    42. 

  42.      *
    43. 

  43.      * @return void
    44. 

  44.      * @since 2.0.0
    45. 

  45.      */
    46. 

  46.     public function admin ( $options, $component ) {
    47. 

  47.         global $wp_roles;
    48. 

  48. 

  49.         $default_role = get_option( 'default_role' );
    50. 

  50. 

  51.         $roles = array();
    52. 

  52. 

  53.         foreach ( $wp_roles->role_objects as $key => $role ) {
    54. 

  54.             $count = $this->count_users( $key );
    55. 

  55. 

  56.             $roles[ $key ] = array(
    57. 

  57.                 'id' => $key,
    58. 

  58.                 'label' => $wp_roles->role_names[ $key ],
    59. 

  59.                 'name' => $key,
    60. 

  60.                 'capabilities' => count( (array) $role->capabilities ),
    61. 

  61.                 'users' => sprintf( _n( '%s User', '%s Users', $count, 'pods' ), $count )
    62. 

  62.             );
    63. 

  63. 

  64.             if ( $default_role == $key )
    65. 

  65.                 $roles[ $key ][ 'label' ] .= ' (site default)';
    66. 

  66. 

  67.             if ( 0 < $count && ( is_super_admin() || current_user_can( 'delete_users' ) || current_user_can( 'list_users' ) ) ) {
    68. 

  68.                 $roles[ $key ][ 'users' ] .= '<br /><a href="'
    69. 

  69.                                              . admin_url( esc_url( 'users.php?role=' . $key ) ) . '">'
    70. 

  70.                                              . __( 'View Users', 'pods' ) . '</a>';
    71. 

  71.             }
    72. 

  72.         }
    73. 

  73. 

  74.         $ui = array(
    75. 

  75.             'component' => $component,
    76. 

  76.             'data' => $roles,
    77. 

  77.             'total' => count( $roles ),
    78. 

  78.             'total_found' => count( $roles ),
    79. 

  79.             'icon' => PODS_URL . 'ui/images/icon32.png',
    80. 

  80.             'items' => 'Roles',
    81. 

  81.             'item' => 'Role',
    82. 

  82.             'fields' => array(
    83. 

  83.                 'manage' => array(
    84. 

  84.                     'label' => array( 'label' => __( 'Label', 'pods' ) ),
    85. 

  85.                     'name' => array( 'label' => __( 'Name', 'pods' ) ),
    86. 

  86.                     'capabilities' => array( 'label' => __( 'Capabilities', 'pods' ) ),
    87. 

  87.                     'users' => array(
    88. 

  88.                         'label' => __( 'Users', 'pods' ),
    89. 

  89.                         'type' => 'text',
    90. 

  90.                         'options' => array(
    91. 

  91.                             'text_allow_html' => 1,
    92. 

  92.                             'text_allowed_html_tags' => ''
    93. 

  93.                         )
    94. 

  94.                     )
    95. 

  95.                 )
    96. 

  96.             ),
    97. 

  97.             'actions_disabled' => array( 'duplicate', 'view', 'export' ),
    98. 

  98.             'actions_custom' => array(
    99. 

  99.                 'add' => array( $this, 'admin_add' ),
    100. 

  100.                 'edit' => array( $this, 'admin_edit' ),
    101. 

  101.                 'delete' => array( $this, 'admin_delete' )
    102. 

  102.             ),
    103. 

  103.             'search' => false,
    104. 

  104.             'searchable' => false,
    105. 

  105.             'sortable' => false,
    106. 

  106.             'pagination' => false
    107. 

  107.         );
    108. 

  108. 

  109.         if ( isset( $roles[ pods_var( 'id', 'get', -1 ) ] ) )
    110. 

  110.             $ui[ 'row' ] = $roles[ pods_var( 'id', 'get', -1 ) ];
    111. 

  111. 

  112.         if ( !is_super_admin() && !current_user_can( 'delete_users' ) && !current_user_can( 'pods_roles_add' ) )
    113. 

  113.             $ui[ 'actions_disabled' ][] = 'add';
    114. 

  114. 

  115.         if ( !is_super_admin() && !current_user_can( 'delete_users' ) && !current_user_can( 'pods_roles_edit' ) )
    116. 

  116.             $ui[ 'actions_disabled' ][] = 'edit';
    117. 

  117. 

  118.         if ( count( $roles ) < 2 || ( !is_super_admin() && !current_user_can( 'delete_users' ) && !current_user_can( 'pods_roles_delete' ) ) )
    119. 

  119.             $ui[ 'actions_disabled' ][] = 'delete';
    120. 

  120. 

  121.         pods_ui( $ui );
    122. 

  122.     }
    123. 

  123. 

  124.     function admin_add ( $obj ) {
    125. 

  125.         global $wp_roles;
    126. 

  126. 

  127.         $capabilities = $this->get_capabilities();
    128. 

  128. 

  129.         $defaults = $this->get_default_capabilities();
    130. 

  130. 

  131.         $component = $obj->x[ 'component' ];
    132. 

  132. 

  133.         $method = 'add'; // ajax_add
    134. 

  134. 

  135.         pods_view( PODS_DIR . 'components/Roles/ui/add.php', compact( array_keys( get_defined_vars() ) ) );
    136. 

  136.     }
    137. 

  137. 

  138.     function admin_edit ( $duplicate, $obj ) {
    139. 

  139.         global $wp_roles;
    140. 

  140. 

  141.         $id = $obj->id;
    142. 

  142. 

  143.         $capabilities = $this->get_capabilities();
    144. 

  144. 

  145.         $role_name = $role_label = $role_capabilities = null;
    146. 

  146. 

  147.         foreach ( $wp_roles->role_objects as $key => $role ) {
    148. 

  148.             if ( $key != $id )
    149. 

  149.                 continue;
    150. 

  150. 

  151.             $role_name = $key;
    152. 

  152.             $role_label = $wp_roles->role_names[ $key ];
    153. 

  153.             $role_capabilities = $role->capabilities;
    154. 

  154.         }
    155. 

  155. 

  156.         if ( empty( $role ) )
    157. 

  157.             return $obj->error( __( 'Role not found, cannot edit it.', 'pods' ) );
    158. 

  158. 

  159.         $component = $obj->x[ 'component' ];
    160. 

  160. 

  161.         $method = 'edit'; // ajax_edit
    162. 

  162. 

  163.         pods_view( PODS_DIR . 'components/Roles/ui/edit.php', compact( array_keys( get_defined_vars() ) ) );
    164. 

  164.     }
    165. 

  165. 

  166.     function admin_delete ( $id, &$obj ) {
    167. 

  167.         global $wp_roles;
    168. 

  168. 

  169.         $id = $obj->id;
    170. 

  170. 

  171.         if ( !isset( $obj->data[ $id ] ) )
    172. 

  172.             return $obj->error( __( 'Role not found, it cannot be deleted.', 'pods' ) );
    173. 

  173. 

  174.         $default_role = get_option( 'default_role' );
    175. 

  175. 

  176.         if ( $id == $default_role ) {
    177. 

  177.             return $obj->error( sprintf( __( 'You cannot remove the <strong>%s</strong> role, you must set a new default role for the site first.', 'pods' ), $obj->data[ $id ][ 'name' ] ) );
    178. 

  178.         }
    179. 

  179. 

  180.         $wp_user_search = new WP_User_Search( '', '', $id );
    181. 

  181. 

  182.         $users = $wp_user_search->get_results();
    183. 

  183. 

  184.         if ( !empty( $users ) && is_array( $users ) ) {
    185. 

  185.             foreach ( $users as $user ) {
    186. 

  186.                 $user_object = new WP_User( $user );
    187. 

  187. 

  188.                 if ( $user_object->has_cap( $id ) ) {
    189. 

  189.                     $user_object->remove_role( $id );
    190. 

  190.                     $user_object->set_role( $default_role );
    191. 

  191.                 }
    192. 

  192.             }
    193. 

  193.         }
    194. 

  194. 

  195.         remove_role( $id );
    196. 

  196. 

  197.         $roles = array();
    198. 

  198. 

  199.         foreach ( $wp_roles->role_objects as $key => $role ) {
    200. 

  200.             $count = $this->count_users( $key );
    201. 

  201. 

  202.             $roles[ $key ] = array(
    203. 

  203.                 'id' => $key,
    204. 

  204.                 'label' => $wp_roles->role_names[ $key ],
    205. 

  205.                 'name' => $key,
    206. 

  206.                 'capabilities' => count( (array) $role->capabilities ),
    207. 

  207.                 'users' => sprintf( _n( '%s User', '%s Users', $count, 'pods' ), $count )
    208. 

  208.             );
    209. 

  209. 

  210.             if ( $default_role == $key )
    211. 

  211.                 $roles[ $key ][ 'label' ] .= ' (site default)';
    212. 

  212. 

  213.             if ( 0 < $count && ( is_super_admin() || current_user_can( 'delete_users' ) || current_user_can( 'list_users' ) ) ) {
    214. 

  214.                 $roles[ $key ][ 'users' ] .= '<br /><a href="'
    215. 

  215.                                              . admin_url( esc_url( 'users.php?role=' . $key ) ) . '">'
    216. 

  216.                                              . __( 'View Users', 'pods' ) . '</a>';
    217. 

  217.             }
    218. 

  218.         }
    219. 

  219. 

  220.         $name = $obj->data[ $id ][ 'label' ] . ' (' . $obj->data[ $id ][ 'name' ] . ')';
    221. 

  221. 

  222.         $obj->data = $roles;
    223. 

  223.         $obj->total = count( $roles );
    224. 

  224.         $obj->total_found = count( $roles );
    225. 

  225. 

  226.         $obj->message( '<strong>' . $name . '</strong> ' . __( 'role removed from site.', 'pods' ) );
    227. 

  227.     }
    228. 

  228. 

  229.     /**
    230. 

  230.      * Handle the Add Role AJAX
    231. 

  231.      *
    232. 

  232.      * @param $params
    233. 

  233.      * @return mixed|void
    234. 

  234.      */
    235. 

  235.     public function ajax_add ( $params ) {
    236. 

  236.         global $wp_roles;
    237. 

  237. 

  238.         $role_name = pods_var_raw( 'role_name', $params );
    239. 

  239.         $role_label = pods_var_raw( 'role_label', $params );
    240. 

  240. 

  241.         $params->capabilities = (array) pods_var_raw( 'capabilities', $params, array() );
    242. 

  242. 

  243.         $params->custom_capabilities = (array) pods_var_raw( 'custom_capabilities', $params, array() );
    244. 

  244.         $params->custom_capabilities = array_filter( array_unique( $params->custom_capabilities ) );
    245. 

  245. 

  246.         $capabilities = array();
    247. 

  247. 

  248.         foreach ( $params->capabilities as $capability => $x ) {
    249. 

  249.             if ( empty( $capability ) || true !== (boolean) $x )
    250. 

  250.                 continue;
    251. 

  251. 

  252.             $capabilities[ esc_attr( $capability ) ] = true;
    253. 

  253.         }
    254. 

  254. 

  255.         foreach ( $params->custom_capabilities as $x => $capability ) {
    256. 

  256.             if ( empty( $capability ) || '--1' == $x )
    257. 

  257.                 continue;
    258. 

  258. 

  259.             $capabilities[ esc_attr( $capability ) ] = true;
    260. 

  260.         }
    261. 

  261. 

  262.         if ( empty( $role_name ) )
    263. 

  263.             return pods_error( __( 'Role name is required', 'pods' ) );
    264. 

  264. 

  265.         if ( empty( $role_label ) )
    266. 

  266.             return pods_error( __( 'Role label is required', 'pods' ) );
    267. 

  267. 

  268.         if ( !isset( $wp_roles ) )
    269. 

  269.             $wp_roles = new WP_Roles();
    270. 

  270. 

  271.         return $wp_roles->add_role( $role_name, $role_label, $capabilities );
    272. 

  272.     }
    273. 

  273. 

  274.     /**
    275. 

  275.      * Handle the Edit Role AJAX
    276. 

  276.      *
    277. 

  277.      * @todo allow rename role_label
    278. 

  278.      *
    279. 

  279.      * @param $params
    280. 

  280.      * @return bool|mixed|void
    281. 

  281.      */
    282. 

  282.     public function ajax_edit ( $params ) {
    283. 

  283.         global $wp_roles;
    284. 

  284. 

  285.         $capabilities = $this->get_capabilities();
    286. 

  286. 

  287.         $params->capabilities = (array) pods_var_raw( 'capabilities', $params, array() );
    288. 

  288. 

  289.         $params->custom_capabilities = (array) pods_var_raw( 'custom_capabilities', $params, array() );
    290. 

  290.         $params->custom_capabilities = array_filter( array_unique( $params->custom_capabilities ) );
    291. 

  291. 

  292.         if ( !isset( $params->id ) || empty( $params->id ) || !isset( $wp_roles->role_objects[ $params->id ] ) )
    293. 

  293.             return pods_error( __( 'Role not found, cannot edit it.', 'pods' ) );
    294. 

  294. 

  295.         $role = $wp_roles->role_objects[ $params->id ];
    296. 

  296.         $role_name = $params->id;
    297. 

  297.         $role_label = $wp_roles->role_names[ $params->id ];
    298. 

  298.         $role_capabilities = $role->capabilities;
    299. 

  299. 

  300.         $new_capabilities = array();
    301. 

  301. 

  302.         foreach ( $params->capabilities as $capability => $x ) {
    303. 

  303.             if ( empty( $capability ) || true !== (boolean) $x )
    304. 

  304.                 continue;
    305. 

  305. 

  306.             $new_capabilities[] = esc_attr( $capability );
    307. 

  307. 

  308.             if ( !$role->has_cap( $capability ) )
    309. 

  309.                 $role->add_cap( $capability );
    310. 

  310.         }
    311. 

  311. 

  312.         foreach ( $params->custom_capabilities as $x => $capability ) {
    313. 

  313.             if ( empty( $capability ) )
    314. 

  314.                 continue;
    315. 

  315. 

  316.             if ( in_array( $capability, $new_capabilities ) )
    317. 

  317.                 continue;
    318. 

  318. 

  319.             $new_capabilities[] = esc_attr( $capability );
    320. 

  320. 

  321.             if ( !$role->has_cap( $capability ) )
    322. 

  322.                 $role->add_cap( $capability );
    323. 

  323.         }
    324. 

  324. 

  325.         foreach ( $role_capabilities as $capability => $x ) {
    326. 

  326.             if ( !in_array( $capability, $new_capabilities ) )
    327. 

  327.                 $role->remove_cap( $capability );
    328. 

  328.         }
    329. 

  329. 

  330.         return true;
    331. 

  331.     }
    332. 

  332. 

  333.     /**
    334. 

  334.      * Basic logic from Members plugin, it counts users of a specific role
    335. 

  335.      *
    336. 

  336.      * @param $role
    337. 

  337.      *
    338. 

  338.      * @return array
    339. 

  339.      */
    340. 

  340.     function count_users ( $role ) {
    341. 

  341.         $count_users = count_users();
    342. 

  342. 

  343.         $avail_roles = array();
    344. 

  344. 

  345.         foreach ( $count_users[ 'avail_roles' ] as $count_role => $count ) {
    346. 

  346.             $avail_roles[ $count_role ] = $count;
    347. 

  347.         }
    348. 

  348. 

  349.         if ( empty( $role ) )
    350. 

  350.             return $avail_roles;
    351. 

  351. 

  352.         if ( !isset( $avail_roles[ $role ] ) )
    353. 

  353.             $avail_roles[ $role ] = 0;
    354. 

  354. 

  355.         return $avail_roles[ $role ];
    356. 

  356.     }
    357. 

  357. 

  358.     function get_capabilities () {
    359. 

  359.         global $wp_roles;
    360. 

  360. 

  361.         $default_caps = $this->get_wp_capabilities();
    362. 

  362. 

  363.         $role_caps = array();
    364. 

  364. 

  365.         foreach ( $wp_roles->role_objects as $key => $role ) {
    366. 

  366.             if ( is_array( $role->capabilities ) ) {
    367. 

  367.                 foreach ( $role->capabilities as $cap => $grant ) {
    368. 

  368.                     $role_caps[ $cap ] = $cap;
    369. 

  369.                 }
    370. 

  370.             }
    371. 

  371.         }
    372. 

  372. 

  373.         $role_caps = array_unique( $role_caps );
    374. 

  374. 

  375.         $plugin_caps = array(
    376. 

  376.             'pods_roles_list',
    377. 

  377.             'pods_roles_add',
    378. 

  378.             'pods_roles_delete',
    379. 

  379.             'pods_roles_edit',
    380. 

  380.             'restrict_content'
    381. 

  381.         );
    382. 

  382. 

  383.         $capabilities = array_merge( $default_caps, $role_caps, $plugin_caps );
    384. 

  384. 

  385.         // To support Members filters
    386. 

  386.         $capabilities = apply_filters( 'members_get_capabilities', $capabilities );
    387. 

  387. 

  388.         $capabilities = apply_filters( 'pods_roles_get_capabilities', $capabilities );
    389. 

  389. 

  390.         sort( $capabilities );
    391. 

  391. 

  392.         $capabilities = array_unique( $capabilities );
    393. 

  393. 

  394.         return $capabilities;
    395. 

  395.     }
    396. 

  396. 

  397.     function get_wp_capabilities () {
    398. 

  398.         $defaults = array(
    399. 

  399.             'activate_plugins',
    400. 

  400.             'add_users',
    401. 

  401.             'create_users',
    402. 

  402.             'delete_others_pages',
    403. 

  403.             'delete_others_posts',
    404. 

  404.             'delete_pages',
    405. 

  405.             'delete_plugins',
    406. 

  406.             'delete_posts',
    407. 

  407.             'delete_private_pages',
    408. 

  408.             'delete_private_posts',
    409. 

  409.             'delete_published_pages',
    410. 

  410.             'delete_published_posts',
    411. 

  411.             'delete_users',
    412. 

  412.             'edit_dashboard',
    413. 

  413.             'edit_files',
    414. 

  414.             'edit_others_pages',
    415. 

  415.             'edit_others_posts',
    416. 

  416.             'edit_pages',
    417. 

  417.             'edit_plugins',
    418. 

  418.             'edit_posts',
    419. 

  419.             'edit_private_pages',
    420. 

  420.             'edit_private_posts',
    421. 

  421.             'edit_published_pages',
    422. 

  422.             'edit_published_posts',
    423. 

  423.             'edit_theme_options',
    424. 

  424.             'edit_themes',
    425. 

  425.             'edit_users',
    426. 

  426.             'import',
    427. 

  427.             'install_plugins',
    428. 

  428.             'install_themes',
    429. 

  429.             'list_users',
    430. 

  430.             'manage_categories',
    431. 

  431.             'manage_links',
    432. 

  432.             'manage_options',
    433. 

  433.             'moderate_comments',
    434. 

  434.             'promote_users',
    435. 

  435.             'publish_pages',
    436. 

  436.             'publish_posts',
    437. 

  437.             'read',
    438. 

  438.             'read_private_pages',
    439. 

  439.             'read_private_posts',
    440. 

  440.             'remove_users',
    441. 

  441.             'switch_themes',
    442. 

  442.             'unfiltered_html',
    443. 

  443.             'unfiltered_upload',
    444. 

  444.             'update_core',
    445. 

  445.             'update_plugins',
    446. 

  446.             'update_themes',
    447. 

  447.             'upload_files'
    448. 

  448.         );
    449. 

  449. 

  450.         return $defaults;
    451. 

  451.     }
    452. 

  452. 

  453.     function get_default_capabilities () {
    454. 

  454.         $capabilities = array(
    455. 

  455.             'read'
    456. 

  456.         );
    457. 

  457. 

  458.         // To support Members filters
    459. 

  459.         $capabilities = apply_filters( 'members_new_role_default_capabilities', $capabilities );
    460. 

  460. 

  461.         $capabilities = apply_filters( 'pods_roles_default_capabilities', $capabilities );
    462. 

  462. 

  463.         return $capabilities;
    464. 

  464.     }
    465. 

  465. 

  466.     function remove_deprecated_capabilities ( $capabilities ) {
    467. 

  467.         $deprecated_capabilities = array(
    468. 

  468.             'level_0',
    469. 

  469.             'level_1',
    470. 

  470.             'level_2',
    471. 

  471.             'level_3',
    472. 

  472.             'level_4',
    473. 

  473.             'level_5',
    474. 

  474.             'level_6',
    475. 

  475.             'level_7',
    476. 

  476.             'level_8',
    477. 

  477.             'level_9',
    478. 

  478.             'level_10'
    479. 

  479.         );
    480. 

  480. 

  481.         $capabilities = array_diff( $capabilities, $deprecated_capabilities );
    482. 

  482. 

  483.         return $capabilities;
    484. 

  484.     }
    485. 

  485. }
    486. 

  486.