wp-includes/capabilities.php

   1 <?php
   2
   3 class WP_Roles {
   4         var $roles;
   5
   6         var $role_objects = array();
   7         var $role_names = array();
   8         var $role_key;
   9
  10         function WP_Roles() {
  11                 global $table_prefix;
  12                 $this->role_key = $table_prefix . 'user_roles';
  13
  14                 $this->roles = get_option($this->role_key);
  15
  16                 if ( empty($this->roles) )
  17                         return;
  18
  19                 foreach ($this->roles as $role => $data) {
  20                         $this->role_objects[$role] = new WP_Role($role, $this->roles[$role]['capabilities']);
  21                         $this->role_names[$role] = $this->roles[$role]['name'];
  22                 }
  23         }
  24
  25         function add_role($role, $display_name, $capabilities = '') {
  26                 if ( isset($this->roles[$role]) )
  27                         return;
  28
  29                 $this->roles[$role] = array(
  30                         'name' => $display_name,
  31                         'capabilities' => $capabilities);
  32                 update_option($this->role_key, $this->roles);
  33                 $this->role_objects[$role] = new WP_Role($role, $capabilities);
  34                 $this->role_names[$role] = $display_name;
  35                 return $this->role_objects[$role];
  36         }
  37
  38         function remove_role($role) {
  39                 if ( ! isset($this->role_objects[$role]) )
  40                         return;
  41
  42                 unset($this->role_objects[$role]);
  43                 unset($this->role_names[$role]);
  44                 unset($this->roles[$role]);
  45
  46                 update_option($this->role_key, $this->roles);
  47         }
  48
  49         function add_cap($role, $cap, $grant = true) {
  50                 $this->roles[$role]['capabilities'][$cap] = $grant;
  51                 update_option($this->role_key, $this->roles);
  52         }
  53
  54         function remove_cap($role, $cap) {
  55                 unset($this->roles[$role]['capabilities'][$cap]);
  56                 update_option($this->role_key, $this->roles);
  57         }
  58
  59         function &get_role($role) {
  60                 if ( isset($this->role_objects[$role]) )
  61                         return $this->role_objects[$role];
  62                 else
  63                         return null;
  64         }
  65
  66         function get_names() {
  67                 return $this->role_names;
  68         }
  69
  70         function is_role($role)
  71         {
  72                 return isset($this->role_names[$role]);
  73         }
  74 }
  75
  76 class WP_Role {
  77         var $name;
  78         var $capabilities;
  79
  80         function WP_Role($role, $capabilities) {
  81                 $this->name = $role;
  82                 $this->capabilities = $capabilities;
  83         }
  84
  85         function add_cap($cap, $grant = true) {
  86                 global $wp_roles;
  87
  88                 if ( ! isset($wp_roles) )
  89                         $wp_roles = new WP_Roles();
  90
  91                 $this->capabilities[$cap] = $grant;
  92                 $wp_roles->add_cap($this->name, $cap, $grant);
  93         }
  94
  95         function remove_cap($cap) {
  96                 global $wp_roles;
  97
  98                 if ( ! isset($wp_roles) )
  99                         $wp_roles = new WP_Roles();
 100
 101                 unset($this->capabilities[$cap]);
 102                 $wp_roles->remove_cap($this->name, $cap);
 103         }
 104
 105         function has_cap($cap) {
 106                 $capabilities = apply_filters('role_has_cap', $this->capabilities, $cap, $this->name);
 107                 if ( !empty($capabilities[$cap]) )
 108                         return $capabilities[$cap];
 109                 else
 110                         return false;
 111         }
 112
 113 }
 114
 115 class WP_User {
 116         var $data;
 117         var $id = 0;
 118         var $caps = array();
 119         var $cap_key;
 120         var $roles = array();
 121         var $allcaps = array();
 122
 123         function WP_User($id, $name = '') {
 124                 global $table_prefix;
 125
 126                 if ( empty($id) && empty($name) )
 127                         return;
 128
 129                 if ( ! is_numeric($id) ) {
 130                         $name = $id;
 131                         $id = 0;
 132                 }
 133
 134                 if ( ! empty($id) )
 135                         $this->data = get_userdata($id);
 136                 else
 137                         $this->data = get_userdatabylogin($name);
 138
 139                 if ( empty($this->data->ID) )
 140                         return;
 141
 142                 foreach (get_object_vars($this->data) as $key => $value) {
 143                         $this->{$key} = $value;
 144                 }
 145
 146                 $this->id = $this->ID;
 147                 $this->cap_key = $table_prefix . 'capabilities';
 148                 $this->caps = &$this->{$this->cap_key};
 149                 if ( ! is_array($this->caps) )
 150                         $this->caps = array();
 151                 $this->get_role_caps();
 152         }
 153
 154         function get_role_caps() {
 155                 global $wp_roles;
 156
 157                 if ( ! isset($wp_roles) )
 158                         $wp_roles = new WP_Roles();
 159
 160                 //Filter out caps that are not role names and assign to $this->roles
 161                 if(is_array($this->caps))
 162                         $this->roles = array_filter(array_keys($this->caps), array(&$wp_roles, 'is_role'));
 163
 164                 //Build $allcaps from role caps, overlay user's $caps
 165                 $this->allcaps = array();
 166                 foreach($this->roles as $role) {
 167                         $role = $wp_roles->get_role($role);
 168                         $this->allcaps = array_merge($this->allcaps, $role->capabilities);
 169                 }
 170                 $this->allcaps = array_merge($this->allcaps, $this->caps);
 171         }
 172
 173         function add_role($role) {
 174                 $this->caps[$role] = true;
 175                 update_usermeta($this->id, $this->cap_key, $this->caps);
 176                 $this->get_role_caps();
 177                 $this->update_user_level_from_caps();
 178         }
 179
 180         function remove_role($role) {
 181                 if ( empty($this->roles[$role]) || (count($this->roles) <= 1) )
 182                         return;
 183                 unset($this->caps[$role]);
 184                 update_usermeta($this->id, $this->cap_key, $this->caps);
 185                 $this->get_role_caps();
 186         }
 187
 188         function set_role($role) {
 189                 foreach($this->roles as $oldrole)
 190                         unset($this->caps[$oldrole]);
 191                 $this->caps[$role] = true;
 192                 $this->roles = array($role => true);
 193                 update_usermeta($this->id, $this->cap_key, $this->caps);
 194                 $this->get_role_caps();
 195                 $this->update_user_level_from_caps();
 196         }
 197
 198         function level_reduction($max, $item) {
 199             if(preg_match('/^level_(10|[0-9])$/i', $item, $matches)) {
 200                 $level = intval($matches[1]);
 201                 return max($max, $level);
 202             } else {
 203                 return $max;
 204             }
 205         }
 206
 207         function update_user_level_from_caps() {
 208             global $table_prefix;
 209             $this->user_level = array_reduce(array_keys($this->allcaps),        array(&$this, 'level_reduction'), 0);
 210             update_usermeta($this->id, $table_prefix.'user_level', $this->user_level);
 211         }
 212
 213         function add_cap($cap, $grant = true) {
 214                 $this->caps[$cap] = $grant;
 215                 update_usermeta($this->id, $this->cap_key, $this->caps);
 216         }
 217
 218         function remove_cap($cap) {
 219                 if ( empty($this->caps[$cap]) ) return;
 220                 unset($this->caps[$cap]);
 221                 update_usermeta($this->id, $this->cap_key, $this->caps);
 222         }
 223
 224         //has_cap(capability_or_role_name) or
 225         //has_cap('edit_post', post_id)
 226         function has_cap($cap) {
 227                 if ( is_numeric($cap) )
 228                         $cap = $this->translate_level_to_cap($cap);
 229
 230                 $args = array_slice(func_get_args(), 1);
 231                 $args = array_merge(array($cap, $this->id), $args);
 232                 $caps = call_user_func_array('map_meta_cap', $args);
 233                 // Must have ALL requested caps
 234                 $capabilities = apply_filters('user_has_cap', $this->allcaps, $caps, $args);
 235                 foreach ($caps as $cap) {
 236                         //echo "Checking cap $cap<br/>";
 237                         if(empty($capabilities[$cap]) || !$capabilities[$cap])
 238                                 return false;
 239                 }
 240
 241                 return true;
 242         }
 243
 244         function translate_level_to_cap($level) {
 245                 return 'level_' . $level;
 246         }
 247
 248 }
 249
 250 // Map meta capabilities to primitive capabilities.
 251 function map_meta_cap($cap, $user_id) {
 252         $args = array_slice(func_get_args(), 2);
 253         $caps = array();
 254
 255         switch ($cap) {
 256                 // edit_post breaks down to edit_posts, edit_published_posts, or
 257                 // edit_others_posts
 258         case 'edit_post':
 259                 $author_data = get_userdata($user_id);
 260                 //echo "post ID: {$args[0]}<br/>";
 261                 $post = get_post($args[0]);
 262                 $post_author_data = get_userdata($post->post_author);
 263                 //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br/>";
 264                 // If the user is the author...
 265                 if ($user_id == $post_author_data->ID) {
 266                         // If the post is published...
 267                         if ($post->post_status == 'publish')
 268                                 $caps[] = 'edit_published_posts';
 269                         else if ($post->post_status == 'static')
 270                                 $caps[] = 'edit_pages';
 271                         else
 272                                 // If the post is draft...
 273                                 $caps[] = 'edit_posts';
 274                 } else {
 275                         if ($post->post_status == 'static') {
 276                                 $caps[] = 'edit_pages';
 277                                 break;
 278                         }
 279
 280                         // The user is trying to edit someone else's post.
 281                         $caps[] = 'edit_others_posts';
 282                         // The post is published, extra cap required.
 283                         if ($post->post_status == 'publish')
 284                                 $caps[] = 'edit_published_posts';
 285                 }
 286                 break;
 287         case 'read_post':
 288                 $post = get_post($args[0]);
 289
 290                 if ( 'private' != $post->post_status ) {
 291                         $caps[] = 'read';
 292                         break;
 293                 }
 294
 295                 $author_data = get_userdata($user_id);
 296                 $post_author_data = get_userdata($post->post_author);
 297                 if ($user_id == $post_author_data->ID)
 298                         $caps[] = 'read';
 299                 else
 300                         $caps[] = 'read_private_posts';
 301                 break;
 302         default:
 303                 // If no meta caps match, return the original cap.
 304                 $caps[] = $cap;
 305         }
 306
 307         return $caps;
 308 }
 309
 310 // Capability checking wrapper around the global $current_user object.
 311 function current_user_can($capability) {
 312         $current_user = wp_get_current_user();
 313
 314         $args = array_slice(func_get_args(), 1);
 315         $args = array_merge(array($capability), $args);
 316
 317         if ( empty($current_user) )
 318                 return false;
 319
 320         return call_user_func_array(array(&$current_user, 'has_cap'), $args);
 321 }
 322
 323 // Convenience wrappers around $wp_roles.
 324 function get_role($role) {
 325         global $wp_roles;
 326
 327         if ( ! isset($wp_roles) )
 328                 $wp_roles = new WP_Roles();
 329
 330         return $wp_roles->get_role($role);
 331 }
 332
 333 function add_role($role, $display_name, $capabilities = '') {
 334         global $wp_roles;
 335
 336         if ( ! isset($wp_roles) )
 337                 $wp_roles = new WP_Roles();
 338
 339         return $wp_roles->add_role($role, $display_name, $capabilities);
 340 }
 341
 342 function remove_role($role) {
 343         global $wp_roles;
 344
 345         if ( ! isset($wp_roles) )
 346                 $wp_roles = new WP_Roles();
 347
 348         return $wp_roles->remove_role($role);
 349 }
 350
 351 //
 352 // These are deprecated.  Use current_user_can().
 353 //
 354
 355 /* returns true if $user_id can create a new post */
 356 function user_can_create_post($user_id, $blog_id = 1, $category_id = 'None') {
 357         $author_data = get_userdata($user_id);
 358         return ($author_data->user_level > 1);
 359 }
 360
 361 /* returns true if $user_id can create a new post */
 362 function user_can_create_draft($user_id, $blog_id = 1, $category_id = 'None') {
 363         $author_data = get_userdata($user_id);
 364         return ($author_data->user_level >= 1);
 365 }
 366
 367 /* returns true if $user_id can edit $post_id */
 368 function user_can_edit_post($user_id, $post_id, $blog_id = 1) {
 369         $author_data = get_userdata($user_id);
 370         $post = get_post($post_id);
 371         $post_author_data = get_userdata($post->post_author);
 372
 373         if ( (($user_id == $post_author_data->ID) && !($post->post_status == 'publish' &&  $author_data->user_level < 2))
 374              || ($author_data->user_level > $post_author_data->user_level)
 375              || ($author_data->user_level >= 10) ) {
 376                 return true;
 377         } else {
 378                 return false;
 379         }
 380 }
 381
 382 /* returns true if $user_id can delete $post_id */
 383 function user_can_delete_post($user_id, $post_id, $blog_id = 1) {
 384         // right now if one can edit, one can delete
 385         return user_can_edit_post($user_id, $post_id, $blog_id);
 386 }
 387
 388 /* returns true if $user_id can set new posts' dates on $blog_id */
 389 function user_can_set_post_date($user_id, $blog_id = 1, $category_id = 'None') {
 390         $author_data = get_userdata($user_id);
 391         return (($author_data->user_level > 4) && user_can_create_post($user_id, $blog_id, $category_id));
 392 }
 393
 394 /* returns true if $user_id can edit $post_id's date */
 395 function user_can_edit_post_date($user_id, $post_id, $blog_id = 1) {
 396         $author_data = get_userdata($user_id);
 397         return (($author_data->user_level > 4) && user_can_edit_post($user_id, $post_id, $blog_id));
 398 }
 399
 400 /* returns true if $user_id can edit $post_id's comments */
 401 function user_can_edit_post_comments($user_id, $post_id, $blog_id = 1) {
 402         // right now if one can edit a post, one can edit comments made on it
 403         return user_can_edit_post($user_id, $post_id, $blog_id);
 404 }
 405
 406 /* returns true if $user_id can delete $post_id's comments */
 407 function user_can_delete_post_comments($user_id, $post_id, $blog_id = 1) {
 408         // right now if one can edit comments, one can delete comments
 409         return user_can_edit_post_comments($user_id, $post_id, $blog_id);
 410 }
 411
 412 function user_can_edit_user($user_id, $other_user) {
 413         $user  = get_userdata($user_id);
 414         $other = get_userdata($other_user);
 415         if ( $user->user_level > $other->user_level || $user->user_level > 8 || $user->ID == $other->ID )
 416                 return true;
 417         else
 418                 return false;
 419 }
 420
 421 ?>