6 var $role_objects = array();
7 var $role_names = array();
17 global $wp_user_roles;
18 $this->role_key = $wpdb->prefix . 'user_roles';
19 if ( ! empty($wp_user_roles) ) {
20 $this->roles = $wp_user_roles;
21 $this->use_db = false;
23 $this->roles = get_option($this->role_key);
26 if ( empty($this->roles) )
29 $this->role_objects = array();
30 $this->role_names = array();
31 foreach ($this->roles as $role => $data) {
32 $this->role_objects[$role] = new WP_Role($role, $this->roles[$role]['capabilities']);
33 $this->role_names[$role] = $this->roles[$role]['name'];
37 function add_role($role, $display_name, $capabilities = '') {
38 if ( isset($this->roles[$role]) )
41 $this->roles[$role] = array(
42 'name' => $display_name,
43 'capabilities' => $capabilities);
45 update_option($this->role_key, $this->roles);
46 $this->role_objects[$role] = new WP_Role($role, $capabilities);
47 $this->role_names[$role] = $display_name;
48 return $this->role_objects[$role];
51 function remove_role($role) {
52 if ( ! isset($this->role_objects[$role]) )
55 unset($this->role_objects[$role]);
56 unset($this->role_names[$role]);
57 unset($this->roles[$role]);
60 update_option($this->role_key, $this->roles);
63 function add_cap($role, $cap, $grant = true) {
64 $this->roles[$role]['capabilities'][$cap] = $grant;
66 update_option($this->role_key, $this->roles);
69 function remove_cap($role, $cap) {
70 unset($this->roles[$role]['capabilities'][$cap]);
72 update_option($this->role_key, $this->roles);
75 function &get_role($role) {
76 if ( isset($this->role_objects[$role]) )
77 return $this->role_objects[$role];
82 function get_names() {
83 return $this->role_names;
86 function is_role($role)
88 return isset($this->role_names[$role]);
96 function WP_Role($role, $capabilities) {
98 $this->capabilities = $capabilities;
101 function add_cap($cap, $grant = true) {
104 if ( ! isset($wp_roles) )
105 $wp_roles = new WP_Roles();
107 $this->capabilities[$cap] = $grant;
108 $wp_roles->add_cap($this->name, $cap, $grant);
111 function remove_cap($cap) {
114 if ( ! isset($wp_roles) )
115 $wp_roles = new WP_Roles();
117 unset($this->capabilities[$cap]);
118 $wp_roles->remove_cap($this->name, $cap);
121 function has_cap($cap) {
122 $capabilities = apply_filters('role_has_cap', $this->capabilities, $cap, $this->name);
123 if ( !empty($capabilities[$cap]) )
124 return $capabilities[$cap];
134 var $id = 0; // Deprecated, use $ID instead.
137 var $roles = array();
138 var $allcaps = array();
140 function WP_User($id, $name = '') {
142 if ( empty($id) && empty($name) )
145 if ( ! is_numeric($id) ) {
151 $this->data = get_userdata($id);
153 $this->data = get_userdatabylogin($name);
155 if ( empty($this->data->ID) )
158 foreach (get_object_vars($this->data) as $key => $value) {
159 $this->{$key} = $value;
162 $this->id = $this->ID;
166 function _init_caps() {
168 $this->cap_key = $wpdb->prefix . 'capabilities';
169 $this->caps = &$this->{$this->cap_key};
170 if ( ! is_array($this->caps) )
171 $this->caps = array();
172 $this->get_role_caps();
175 function get_role_caps() {
178 if ( ! isset($wp_roles) )
179 $wp_roles = new WP_Roles();
181 //Filter out caps that are not role names and assign to $this->roles
182 if(is_array($this->caps))
183 $this->roles = array_filter(array_keys($this->caps), array(&$wp_roles, 'is_role'));
185 //Build $allcaps from role caps, overlay user's $caps
186 $this->allcaps = array();
187 foreach( (array) $this->roles as $role) {
188 $role = $wp_roles->get_role($role);
189 $this->allcaps = array_merge($this->allcaps, $role->capabilities);
191 $this->allcaps = array_merge($this->allcaps, $this->caps);
194 function add_role($role) {
195 $this->caps[$role] = true;
196 update_usermeta($this->ID, $this->cap_key, $this->caps);
197 $this->get_role_caps();
198 $this->update_user_level_from_caps();
201 function remove_role($role) {
202 if ( empty($this->roles[$role]) || (count($this->roles) <= 1) )
204 unset($this->caps[$role]);
205 update_usermeta($this->ID, $this->cap_key, $this->caps);
206 $this->get_role_caps();
209 function set_role($role) {
210 foreach($this->roles as $oldrole)
211 unset($this->caps[$oldrole]);
212 if ( !empty($role) ) {
213 $this->caps[$role] = true;
214 $this->roles = array($role => true);
216 $this->roles = false;
218 update_usermeta($this->ID, $this->cap_key, $this->caps);
219 $this->get_role_caps();
220 $this->update_user_level_from_caps();
223 function level_reduction($max, $item) {
224 if(preg_match('/^level_(10|[0-9])$/i', $item, $matches)) {
225 $level = intval($matches[1]);
226 return max($max, $level);
232 function update_user_level_from_caps() {
234 $this->user_level = array_reduce(array_keys($this->allcaps), array(&$this, 'level_reduction'), 0);
235 update_usermeta($this->ID, $wpdb->prefix.'user_level', $this->user_level);
238 function add_cap($cap, $grant = true) {
239 $this->caps[$cap] = $grant;
240 update_usermeta($this->ID, $this->cap_key, $this->caps);
243 function remove_cap($cap) {
244 if ( empty($this->caps[$cap]) ) return;
245 unset($this->caps[$cap]);
246 update_usermeta($this->ID, $this->cap_key, $this->caps);
249 function remove_all_caps() {
251 $this->caps = array();
252 update_usermeta($this->ID, $this->cap_key, '');
253 update_usermeta($this->ID, $wpdb->prefix.'user_level', '');
254 $this->get_role_caps();
257 //has_cap(capability_or_role_name) or
258 //has_cap('edit_post', post_id)
259 function has_cap($cap) {
260 if ( is_numeric($cap) )
261 $cap = $this->translate_level_to_cap($cap);
263 $args = array_slice(func_get_args(), 1);
264 $args = array_merge(array($cap, $this->ID), $args);
265 $caps = call_user_func_array('map_meta_cap', $args);
266 // Must have ALL requested caps
267 $capabilities = apply_filters('user_has_cap', $this->allcaps, $caps, $args);
268 foreach ($caps as $cap) {
269 //echo "Checking cap $cap<br />";
270 if(empty($capabilities[$cap]) || !$capabilities[$cap])
277 function translate_level_to_cap($level) {
278 return 'level_' . $level;
283 // Map meta capabilities to primitive capabilities.
284 function map_meta_cap($cap, $user_id) {
285 $args = array_slice(func_get_args(), 2);
290 $caps[] = 'delete_users';
293 if ( !isset($args[0]) || $user_id != $args[0] ) {
294 $caps[] = 'edit_users';
298 $author_data = get_userdata($user_id);
299 //echo "post ID: {$args[0]}<br />";
300 $post = get_post($args[0]);
301 if ( 'page' == $post->post_type ) {
302 $args = array_merge(array('delete_page', $user_id), $args);
303 return call_user_func_array('map_meta_cap', $args);
305 $post_author_data = get_userdata($post->post_author);
306 //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br />";
307 // If the user is the author...
308 if ($user_id == $post_author_data->ID) {
309 // If the post is published...
310 if ($post->post_status == 'publish')
311 $caps[] = 'delete_published_posts';
313 // If the post is draft...
314 $caps[] = 'delete_posts';
316 // The user is trying to edit someone else's post.
317 $caps[] = 'delete_others_posts';
318 // The post is published, extra cap required.
319 if ($post->post_status == 'publish')
320 $caps[] = 'delete_published_posts';
321 else if ($post->post_status == 'private')
322 $caps[] = 'delete_private_posts';
326 $author_data = get_userdata($user_id);
327 //echo "post ID: {$args[0]}<br />";
328 $page = get_page($args[0]);
329 $page_author_data = get_userdata($page->post_author);
330 //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />";
331 // If the user is the author...
332 if ($user_id == $page_author_data->ID) {
333 // If the page is published...
334 if ($page->post_status == 'publish')
335 $caps[] = 'delete_published_pages';
337 // If the page is draft...
338 $caps[] = 'delete_pages';
340 // The user is trying to edit someone else's page.
341 $caps[] = 'delete_others_pages';
342 // The page is published, extra cap required.
343 if ($page->post_status == 'publish')
344 $caps[] = 'delete_published_pages';
345 else if ($page->post_status == 'private')
346 $caps[] = 'delete_private_pages';
349 // edit_post breaks down to edit_posts, edit_published_posts, or
352 $author_data = get_userdata($user_id);
353 //echo "post ID: {$args[0]}<br />";
354 $post = get_post($args[0]);
355 if ( 'page' == $post->post_type ) {
356 $args = array_merge(array('edit_page', $user_id), $args);
357 return call_user_func_array('map_meta_cap', $args);
359 $post_author_data = get_userdata($post->post_author);
360 //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br />";
361 // If the user is the author...
362 if ($user_id == $post_author_data->ID) {
363 // If the post is published...
364 if ($post->post_status == 'publish')
365 $caps[] = 'edit_published_posts';
367 // If the post is draft...
368 $caps[] = 'edit_posts';
370 // The user is trying to edit someone else's post.
371 $caps[] = 'edit_others_posts';
372 // The post is published, extra cap required.
373 if ($post->post_status == 'publish')
374 $caps[] = 'edit_published_posts';
375 else if ($post->post_status == 'private')
376 $caps[] = 'edit_private_posts';
380 $author_data = get_userdata($user_id);
381 //echo "post ID: {$args[0]}<br />";
382 $page = get_page($args[0]);
383 $page_author_data = get_userdata($page->post_author);
384 //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />";
385 // If the user is the author...
386 if ($user_id == $page_author_data->ID) {
387 // If the page is published...
388 if ($page->post_status == 'publish')
389 $caps[] = 'edit_published_pages';
391 // If the page is draft...
392 $caps[] = 'edit_pages';
394 // The user is trying to edit someone else's page.
395 $caps[] = 'edit_others_pages';
396 // The page is published, extra cap required.
397 if ($page->post_status == 'publish')
398 $caps[] = 'edit_published_pages';
399 else if ($page->post_status == 'private')
400 $caps[] = 'edit_private_pages';
404 $post = get_post($args[0]);
405 if ( 'page' == $post->post_type ) {
406 $args = array_merge(array('read_page', $user_id), $args);
407 return call_user_func_array('map_meta_cap', $args);
410 if ( 'private' != $post->post_status ) {
415 $author_data = get_userdata($user_id);
416 $post_author_data = get_userdata($post->post_author);
417 if ($user_id == $post_author_data->ID)
420 $caps[] = 'read_private_posts';
423 $page = get_page($args[0]);
425 if ( 'private' != $page->post_status ) {
430 $author_data = get_userdata($user_id);
431 $page_author_data = get_userdata($page->post_author);
432 if ($user_id == $page_author_data->ID)
435 $caps[] = 'read_private_pages';
438 // If no meta caps match, return the original cap.
445 // Capability checking wrapper around the global $current_user object.
446 function current_user_can($capability) {
447 $current_user = wp_get_current_user();
449 if ( empty($current_user) )
452 $args = array_slice(func_get_args(), 1);
453 $args = array_merge(array($capability), $args);
455 return call_user_func_array(array(&$current_user, 'has_cap'), $args);
458 // Convenience wrappers around $wp_roles.
459 function get_role($role) {
462 if ( ! isset($wp_roles) )
463 $wp_roles = new WP_Roles();
465 return $wp_roles->get_role($role);
468 function add_role($role, $display_name, $capabilities = '') {
471 if ( ! isset($wp_roles) )
472 $wp_roles = new WP_Roles();
474 return $wp_roles->add_role($role, $display_name, $capabilities);
477 function remove_role($role) {
480 if ( ! isset($wp_roles) )
481 $wp_roles = new WP_Roles();
483 return $wp_roles->remove_role($role);