6 var $role_objects = array();
7 var $role_names = array();
17 global $wp_user_roles;
18 $this->role_key = $wpdb->prefix . 'user_roles';
19 if ( ! empty($wp_user_roles) ) {
20 $this->roles = $wp_user_roles;
21 $this->use_db = false;
23 $this->roles = get_option($this->role_key);
26 if ( empty($this->roles) )
29 $this->role_objects = array();
30 $this->role_names = array();
31 foreach ($this->roles as $role => $data) {
32 $this->role_objects[$role] = new WP_Role($role, $this->roles[$role]['capabilities']);
33 $this->role_names[$role] = $this->roles[$role]['name'];
37 function add_role($role, $display_name, $capabilities = '') {
38 if ( isset($this->roles[$role]) )
41 $this->roles[$role] = array(
42 'name' => $display_name,
43 'capabilities' => $capabilities);
45 update_option($this->role_key, $this->roles);
46 $this->role_objects[$role] = new WP_Role($role, $capabilities);
47 $this->role_names[$role] = $display_name;
48 return $this->role_objects[$role];
51 function remove_role($role) {
52 if ( ! isset($this->role_objects[$role]) )
55 unset($this->role_objects[$role]);
56 unset($this->role_names[$role]);
57 unset($this->roles[$role]);
60 update_option($this->role_key, $this->roles);
63 function add_cap($role, $cap, $grant = true) {
64 $this->roles[$role]['capabilities'][$cap] = $grant;
66 update_option($this->role_key, $this->roles);
69 function remove_cap($role, $cap) {
70 unset($this->roles[$role]['capabilities'][$cap]);
72 update_option($this->role_key, $this->roles);
75 function &get_role($role) {
76 if ( isset($this->role_objects[$role]) )
77 return $this->role_objects[$role];
82 function get_names() {
83 return $this->role_names;
86 function is_role($role)
88 return isset($this->role_names[$role]);
96 function WP_Role($role, $capabilities) {
98 $this->capabilities = $capabilities;
101 function add_cap($cap, $grant = true) {
104 if ( ! isset($wp_roles) )
105 $wp_roles = new WP_Roles();
107 $this->capabilities[$cap] = $grant;
108 $wp_roles->add_cap($this->name, $cap, $grant);
111 function remove_cap($cap) {
114 if ( ! isset($wp_roles) )
115 $wp_roles = new WP_Roles();
117 unset($this->capabilities[$cap]);
118 $wp_roles->remove_cap($this->name, $cap);
121 function has_cap($cap) {
122 $capabilities = apply_filters('role_has_cap', $this->capabilities, $cap, $this->name);
123 if ( !empty($capabilities[$cap]) )
124 return $capabilities[$cap];
134 var $id = 0; // Deprecated, use $ID instead.
137 var $roles = array();
138 var $allcaps = array();
140 function WP_User($id, $name = '') {
143 if ( empty($id) && empty($name) )
146 if ( ! is_numeric($id) ) {
152 $this->data = get_userdata($id);
154 $this->data = get_userdatabylogin($name);
156 if ( empty($this->data->ID) )
159 foreach (get_object_vars($this->data) as $key => $value) {
160 $this->{$key} = $value;
163 $this->id = $this->ID;
167 function _init_caps() {
169 $this->cap_key = $wpdb->prefix . 'capabilities';
170 $this->caps = &$this->{$this->cap_key};
171 if ( ! is_array($this->caps) )
172 $this->caps = array();
173 $this->get_role_caps();
176 function get_role_caps() {
179 if ( ! isset($wp_roles) )
180 $wp_roles = new WP_Roles();
182 //Filter out caps that are not role names and assign to $this->roles
183 if(is_array($this->caps))
184 $this->roles = array_filter(array_keys($this->caps), array(&$wp_roles, 'is_role'));
186 //Build $allcaps from role caps, overlay user's $caps
187 $this->allcaps = array();
188 foreach( (array) $this->roles as $role) {
189 $role = $wp_roles->get_role($role);
190 $this->allcaps = array_merge($this->allcaps, $role->capabilities);
192 $this->allcaps = array_merge($this->allcaps, $this->caps);
195 function add_role($role) {
196 $this->caps[$role] = true;
197 update_usermeta($this->ID, $this->cap_key, $this->caps);
198 $this->get_role_caps();
199 $this->update_user_level_from_caps();
202 function remove_role($role) {
203 if ( empty($this->roles[$role]) || (count($this->roles) <= 1) )
205 unset($this->caps[$role]);
206 update_usermeta($this->ID, $this->cap_key, $this->caps);
207 $this->get_role_caps();
210 function set_role($role) {
211 foreach($this->roles as $oldrole)
212 unset($this->caps[$oldrole]);
213 if ( !empty($role) ) {
214 $this->caps[$role] = true;
215 $this->roles = array($role => true);
217 $this->roles = false;
219 update_usermeta($this->ID, $this->cap_key, $this->caps);
220 $this->get_role_caps();
221 $this->update_user_level_from_caps();
224 function level_reduction($max, $item) {
225 if(preg_match('/^level_(10|[0-9])$/i', $item, $matches)) {
226 $level = intval($matches[1]);
227 return max($max, $level);
233 function update_user_level_from_caps() {
235 $this->user_level = array_reduce(array_keys($this->allcaps), array(&$this, 'level_reduction'), 0);
236 update_usermeta($this->ID, $wpdb->prefix.'user_level', $this->user_level);
239 function add_cap($cap, $grant = true) {
240 $this->caps[$cap] = $grant;
241 update_usermeta($this->ID, $this->cap_key, $this->caps);
244 function remove_cap($cap) {
245 if ( empty($this->caps[$cap]) ) return;
246 unset($this->caps[$cap]);
247 update_usermeta($this->ID, $this->cap_key, $this->caps);
250 function remove_all_caps() {
252 $this->caps = array();
253 update_usermeta($this->ID, $this->cap_key, '');
254 update_usermeta($this->ID, $wpdb->prefix.'user_level', '');
255 $this->get_role_caps();
258 //has_cap(capability_or_role_name) or
259 //has_cap('edit_post', post_id)
260 function has_cap($cap) {
261 if ( is_numeric($cap) )
262 $cap = $this->translate_level_to_cap($cap);
264 $args = array_slice(func_get_args(), 1);
265 $args = array_merge(array($cap, $this->ID), $args);
266 $caps = call_user_func_array('map_meta_cap', $args);
267 // Must have ALL requested caps
268 $capabilities = apply_filters('user_has_cap', $this->allcaps, $caps, $args);
269 foreach ($caps as $cap) {
270 //echo "Checking cap $cap<br />";
271 if(empty($capabilities[$cap]) || !$capabilities[$cap])
278 function translate_level_to_cap($level) {
279 return 'level_' . $level;
284 // Map meta capabilities to primitive capabilities.
285 function map_meta_cap($cap, $user_id) {
286 $args = array_slice(func_get_args(), 2);
291 $caps[] = 'delete_users';
294 $caps[] = 'edit_users';
297 $author_data = get_userdata($user_id);
298 //echo "post ID: {$args[0]}<br />";
299 $post = get_post($args[0]);
300 if ( 'page' == $post->post_type ) {
301 $args = array_merge(array('delete_page', $user_id), $args);
302 return call_user_func_array('map_meta_cap', $args);
304 $post_author_data = get_userdata($post->post_author);
305 //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br />";
306 // If the user is the author...
307 if ($user_id == $post_author_data->ID) {
308 // If the post is published...
309 if ($post->post_status == 'publish')
310 $caps[] = 'delete_published_posts';
312 // If the post is draft...
313 $caps[] = 'delete_posts';
315 // The user is trying to edit someone else's post.
316 $caps[] = 'delete_others_posts';
317 // The post is published, extra cap required.
318 if ($post->post_status == 'publish')
319 $caps[] = 'delete_published_posts';
320 else if ($post->post_status == 'private')
321 $caps[] = 'delete_private_posts';
325 $author_data = get_userdata($user_id);
326 //echo "post ID: {$args[0]}<br />";
327 $page = get_page($args[0]);
328 $page_author_data = get_userdata($page->post_author);
329 //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />";
330 // If the user is the author...
331 if ($user_id == $page_author_data->ID) {
332 // If the page is published...
333 if ($page->post_status == 'publish')
334 $caps[] = 'delete_published_pages';
336 // If the page is draft...
337 $caps[] = 'delete_pages';
339 // The user is trying to edit someone else's page.
340 $caps[] = 'delete_others_pages';
341 // The page is published, extra cap required.
342 if ($page->post_status == 'publish')
343 $caps[] = 'delete_published_pages';
344 else if ($page->post_status == 'private')
345 $caps[] = 'delete_private_pages';
348 // edit_post breaks down to edit_posts, edit_published_posts, or
351 $author_data = get_userdata($user_id);
352 //echo "post ID: {$args[0]}<br />";
353 $post = get_post($args[0]);
354 if ( 'page' == $post->post_type ) {
355 $args = array_merge(array('edit_page', $user_id), $args);
356 return call_user_func_array('map_meta_cap', $args);
358 $post_author_data = get_userdata($post->post_author);
359 //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br />";
360 // If the user is the author...
361 if ($user_id == $post_author_data->ID) {
362 // If the post is published...
363 if ($post->post_status == 'publish')
364 $caps[] = 'edit_published_posts';
366 // If the post is draft...
367 $caps[] = 'edit_posts';
369 // The user is trying to edit someone else's post.
370 $caps[] = 'edit_others_posts';
371 // The post is published, extra cap required.
372 if ($post->post_status == 'publish')
373 $caps[] = 'edit_published_posts';
374 else if ($post->post_status == 'private')
375 $caps[] = 'edit_private_posts';
379 $author_data = get_userdata($user_id);
380 //echo "post ID: {$args[0]}<br />";
381 $page = get_page($args[0]);
382 $page_author_data = get_userdata($page->post_author);
383 //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />";
384 // If the user is the author...
385 if ($user_id == $page_author_data->ID) {
386 // If the page is published...
387 if ($page->post_status == 'publish')
388 $caps[] = 'edit_published_pages';
390 // If the page is draft...
391 $caps[] = 'edit_pages';
393 // The user is trying to edit someone else's page.
394 $caps[] = 'edit_others_pages';
395 // The page is published, extra cap required.
396 if ($page->post_status == 'publish')
397 $caps[] = 'edit_published_pages';
398 else if ($page->post_status == 'private')
399 $caps[] = 'edit_private_pages';
403 $post = get_post($args[0]);
404 if ( 'page' == $post->post_type ) {
405 $args = array_merge(array('read_page', $user_id), $args);
406 return call_user_func_array('map_meta_cap', $args);
409 if ( 'private' != $post->post_status ) {
414 $author_data = get_userdata($user_id);
415 $post_author_data = get_userdata($post->post_author);
416 if ($user_id == $post_author_data->ID)
419 $caps[] = 'read_private_posts';
422 $page = get_page($args[0]);
424 if ( 'private' != $page->post_status ) {
429 $author_data = get_userdata($user_id);
430 $page_author_data = get_userdata($page->post_author);
431 if ($user_id == $page_author_data->ID)
434 $caps[] = 'read_private_pages';
437 // If no meta caps match, return the original cap.
444 // Capability checking wrapper around the global $current_user object.
445 function current_user_can($capability) {
446 $current_user = wp_get_current_user();
448 if ( empty($current_user) )
451 $args = array_slice(func_get_args(), 1);
452 $args = array_merge(array($capability), $args);
454 return call_user_func_array(array(&$current_user, 'has_cap'), $args);
457 // Convenience wrappers around $wp_roles.
458 function get_role($role) {
461 if ( ! isset($wp_roles) )
462 $wp_roles = new WP_Roles();
464 return $wp_roles->get_role($role);
467 function add_role($role, $display_name, $capabilities = '') {
470 if ( ! isset($wp_roles) )
471 $wp_roles = new WP_Roles();
473 return $wp_roles->add_role($role, $display_name, $capabilities);
476 function remove_role($role) {
479 if ( ! isset($wp_roles) )
480 $wp_roles = new WP_Roles();
482 return $wp_roles->remove_role($role);