var $role_objects = array();
var $role_names = array();
var $role_key;
+ var $use_db = true;
function WP_Roles() {
- global $table_prefix;
- $this->role_key = $table_prefix . 'user_roles';
+ $this->_init();
+ }
- $this->roles = get_option($this->role_key);
+ function _init () {
+ global $wpdb;
+ global $wp_user_roles;
+ $this->role_key = $wpdb->prefix . 'user_roles';
+ if ( ! empty($wp_user_roles) ) {
+ $this->roles = $wp_user_roles;
+ $this->use_db = false;
+ } else {
+ $this->roles = get_option($this->role_key);
+ }
if ( empty($this->roles) )
return;
+ $this->role_objects = array();
+ $this->role_names = array();
foreach ($this->roles as $role => $data) {
$this->role_objects[$role] = new WP_Role($role, $this->roles[$role]['capabilities']);
$this->role_names[$role] = $this->roles[$role]['name'];
$this->roles[$role] = array(
'name' => $display_name,
'capabilities' => $capabilities);
- update_option($this->role_key, $this->roles);
+ if ( $this->use_db )
+ update_option($this->role_key, $this->roles);
$this->role_objects[$role] = new WP_Role($role, $capabilities);
$this->role_names[$role] = $display_name;
return $this->role_objects[$role];
}
-
+
function remove_role($role) {
if ( ! isset($this->role_objects[$role]) )
return;
-
+
unset($this->role_objects[$role]);
unset($this->role_names[$role]);
unset($this->roles[$role]);
-
- update_option($this->role_key, $this->roles);
+
+ if ( $this->use_db )
+ update_option($this->role_key, $this->roles);
}
function add_cap($role, $cap, $grant = true) {
$this->roles[$role]['capabilities'][$cap] = $grant;
- update_option($this->role_key, $this->roles);
+ if ( $this->use_db )
+ update_option($this->role_key, $this->roles);
}
function remove_cap($role, $cap) {
unset($this->roles[$role]['capabilities'][$cap]);
- update_option($this->role_key, $this->roles);
+ if ( $this->use_db )
+ update_option($this->role_key, $this->roles);
}
function &get_role($role) {
function is_role($role)
{
return isset($this->role_names[$role]);
- }
+ }
}
class WP_Role {
class WP_User {
var $data;
- var $id = 0;
+ var $ID = 0;
+ var $id = 0; // Deprecated, use $ID instead.
var $caps = array();
var $cap_key;
var $roles = array();
var $allcaps = array();
function WP_User($id, $name = '') {
- global $table_prefix;
if ( empty($id) && empty($name) )
return;
}
$this->id = $this->ID;
- $this->cap_key = $table_prefix . 'capabilities';
+ $this->_init_caps();
+ }
+
+ function _init_caps() {
+ global $wpdb;
+ $this->cap_key = $wpdb->prefix . 'capabilities';
$this->caps = &$this->{$this->cap_key};
if ( ! is_array($this->caps) )
$this->caps = array();
$this->get_role_caps();
}
-
+
function get_role_caps() {
global $wp_roles;
-
+
if ( ! isset($wp_roles) )
$wp_roles = new WP_Roles();
//Build $allcaps from role caps, overlay user's $caps
$this->allcaps = array();
- foreach($this->roles as $role) {
+ foreach( (array) $this->roles as $role) {
$role = $wp_roles->get_role($role);
$this->allcaps = array_merge($this->allcaps, $role->capabilities);
}
$this->allcaps = array_merge($this->allcaps, $this->caps);
}
-
+
function add_role($role) {
$this->caps[$role] = true;
- update_usermeta($this->id, $this->cap_key, $this->caps);
+ update_usermeta($this->ID, $this->cap_key, $this->caps);
$this->get_role_caps();
$this->update_user_level_from_caps();
}
-
+
function remove_role($role) {
if ( empty($this->roles[$role]) || (count($this->roles) <= 1) )
return;
unset($this->caps[$role]);
- update_usermeta($this->id, $this->cap_key, $this->caps);
+ update_usermeta($this->ID, $this->cap_key, $this->caps);
$this->get_role_caps();
}
-
+
function set_role($role) {
- foreach($this->roles as $oldrole)
+ foreach($this->roles as $oldrole)
unset($this->caps[$oldrole]);
- $this->caps[$role] = true;
- $this->roles = array($role => true);
- update_usermeta($this->id, $this->cap_key, $this->caps);
+ if ( !empty($role) ) {
+ $this->caps[$role] = true;
+ $this->roles = array($role => true);
+ } else {
+ $this->roles = false;
+ }
+ update_usermeta($this->ID, $this->cap_key, $this->caps);
$this->get_role_caps();
$this->update_user_level_from_caps();
}
function level_reduction($max, $item) {
- if(preg_match('/^level_(10|[0-9])$/i', $item, $matches)) {
- $level = intval($matches[1]);
- return max($max, $level);
- } else {
- return $max;
- }
+ if(preg_match('/^level_(10|[0-9])$/i', $item, $matches)) {
+ $level = intval($matches[1]);
+ return max($max, $level);
+ } else {
+ return $max;
+ }
}
-
+
function update_user_level_from_caps() {
- global $table_prefix;
- $this->user_level = array_reduce(array_keys($this->allcaps), array(&$this, 'level_reduction'), 0);
- update_usermeta($this->id, $table_prefix.'user_level', $this->user_level);
+ global $wpdb;
+ $this->user_level = array_reduce(array_keys($this->allcaps), array(&$this, 'level_reduction'), 0);
+ update_usermeta($this->ID, $wpdb->prefix.'user_level', $this->user_level);
}
-
+
function add_cap($cap, $grant = true) {
$this->caps[$cap] = $grant;
- update_usermeta($this->id, $this->cap_key, $this->caps);
+ update_usermeta($this->ID, $this->cap_key, $this->caps);
}
function remove_cap($cap) {
if ( empty($this->caps[$cap]) ) return;
unset($this->caps[$cap]);
- update_usermeta($this->id, $this->cap_key, $this->caps);
+ update_usermeta($this->ID, $this->cap_key, $this->caps);
+ }
+
+ function remove_all_caps() {
+ global $wpdb;
+ $this->caps = array();
+ update_usermeta($this->ID, $this->cap_key, '');
+ update_usermeta($this->ID, $wpdb->prefix.'user_level', '');
+ $this->get_role_caps();
}
-
+
//has_cap(capability_or_role_name) or
//has_cap('edit_post', post_id)
function has_cap($cap) {
if ( is_numeric($cap) )
$cap = $this->translate_level_to_cap($cap);
-
+
$args = array_slice(func_get_args(), 1);
- $args = array_merge(array($cap, $this->id), $args);
+ $args = array_merge(array($cap, $this->ID), $args);
$caps = call_user_func_array('map_meta_cap', $args);
// Must have ALL requested caps
$capabilities = apply_filters('user_has_cap', $this->allcaps, $caps, $args);
foreach ($caps as $cap) {
- //echo "Checking cap $cap<br/>";
+ //echo "Checking cap $cap<br />";
if(empty($capabilities[$cap]) || !$capabilities[$cap])
return false;
}
$caps = array();
switch ($cap) {
+ case 'delete_user':
+ $caps[] = 'delete_users';
+ break;
+ case 'edit_user':
+ if ( !isset($args[0]) || $user_id != $args[0] ) {
+ $caps[] = 'edit_users';
+ }
+ break;
+ case 'delete_post':
+ $author_data = get_userdata($user_id);
+ //echo "post ID: {$args[0]}<br />";
+ $post = get_post($args[0]);
+ if ( 'page' == $post->post_type ) {
+ $args = array_merge(array('delete_page', $user_id), $args);
+ return call_user_func_array('map_meta_cap', $args);
+ }
+ $post_author_data = get_userdata($post->post_author);
+ //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br />";
+ // If the user is the author...
+ if ($user_id == $post_author_data->ID) {
+ // If the post is published...
+ if ($post->post_status == 'publish')
+ $caps[] = 'delete_published_posts';
+ else
+ // If the post is draft...
+ $caps[] = 'delete_posts';
+ } else {
+ // The user is trying to edit someone else's post.
+ $caps[] = 'delete_others_posts';
+ // The post is published, extra cap required.
+ if ($post->post_status == 'publish')
+ $caps[] = 'delete_published_posts';
+ else if ($post->post_status == 'private')
+ $caps[] = 'delete_private_posts';
+ }
+ break;
+ case 'delete_page':
+ $author_data = get_userdata($user_id);
+ //echo "post ID: {$args[0]}<br />";
+ $page = get_page($args[0]);
+ $page_author_data = get_userdata($page->post_author);
+ //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />";
+ // If the user is the author...
+ if ($user_id == $page_author_data->ID) {
+ // If the page is published...
+ if ($page->post_status == 'publish')
+ $caps[] = 'delete_published_pages';
+ else
+ // If the page is draft...
+ $caps[] = 'delete_pages';
+ } else {
+ // The user is trying to edit someone else's page.
+ $caps[] = 'delete_others_pages';
+ // The page is published, extra cap required.
+ if ($page->post_status == 'publish')
+ $caps[] = 'delete_published_pages';
+ else if ($page->post_status == 'private')
+ $caps[] = 'delete_private_pages';
+ }
+ break;
// edit_post breaks down to edit_posts, edit_published_posts, or
// edit_others_posts
case 'edit_post':
$author_data = get_userdata($user_id);
- //echo "post ID: {$args[0]}<br/>";
+ //echo "post ID: {$args[0]}<br />";
$post = get_post($args[0]);
+ if ( 'page' == $post->post_type ) {
+ $args = array_merge(array('edit_page', $user_id), $args);
+ return call_user_func_array('map_meta_cap', $args);
+ }
$post_author_data = get_userdata($post->post_author);
- //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br/>";
+ //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br />";
// If the user is the author...
if ($user_id == $post_author_data->ID) {
// If the post is published...
if ($post->post_status == 'publish')
$caps[] = 'edit_published_posts';
- else if ($post->post_status == 'static')
- $caps[] = 'edit_pages';
else
// If the post is draft...
$caps[] = 'edit_posts';
} else {
- if ($post->post_status == 'static') {
- $caps[] = 'edit_pages';
- break;
- }
-
// The user is trying to edit someone else's post.
$caps[] = 'edit_others_posts';
// The post is published, extra cap required.
if ($post->post_status == 'publish')
$caps[] = 'edit_published_posts';
+ else if ($post->post_status == 'private')
+ $caps[] = 'edit_private_posts';
+ }
+ break;
+ case 'edit_page':
+ $author_data = get_userdata($user_id);
+ //echo "post ID: {$args[0]}<br />";
+ $page = get_page($args[0]);
+ $page_author_data = get_userdata($page->post_author);
+ //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />";
+ // If the user is the author...
+ if ($user_id == $page_author_data->ID) {
+ // If the page is published...
+ if ($page->post_status == 'publish')
+ $caps[] = 'edit_published_pages';
+ else
+ // If the page is draft...
+ $caps[] = 'edit_pages';
+ } else {
+ // The user is trying to edit someone else's page.
+ $caps[] = 'edit_others_pages';
+ // The page is published, extra cap required.
+ if ($page->post_status == 'publish')
+ $caps[] = 'edit_published_pages';
+ else if ($page->post_status == 'private')
+ $caps[] = 'edit_private_pages';
}
break;
case 'read_post':
$post = get_post($args[0]);
-
+ if ( 'page' == $post->post_type ) {
+ $args = array_merge(array('read_page', $user_id), $args);
+ return call_user_func_array('map_meta_cap', $args);
+ }
+
if ( 'private' != $post->post_status ) {
$caps[] = 'read';
- break;
+ break;
}
-
+
$author_data = get_userdata($user_id);
$post_author_data = get_userdata($post->post_author);
if ($user_id == $post_author_data->ID)
else
$caps[] = 'read_private_posts';
break;
+ case 'read_page':
+ $page = get_page($args[0]);
+
+ if ( 'private' != $page->post_status ) {
+ $caps[] = 'read';
+ break;
+ }
+
+ $author_data = get_userdata($user_id);
+ $page_author_data = get_userdata($page->post_author);
+ if ($user_id == $page_author_data->ID)
+ $caps[] = 'read';
+ else
+ $caps[] = 'read_private_pages';
+ break;
default:
// If no meta caps match, return the original cap.
$caps[] = $cap;
// Capability checking wrapper around the global $current_user object.
function current_user_can($capability) {
- global $current_user;
-
- $args = array_slice(func_get_args(), 1);
- $args = array_merge(array($capability), $args);
+ $current_user = wp_get_current_user();
if ( empty($current_user) )
return false;
+ $args = array_slice(func_get_args(), 1);
+ $args = array_merge(array($capability), $args);
+
return call_user_func_array(array(&$current_user, 'has_cap'), $args);
}
return $wp_roles->remove_role($role);
}
-//
-// These are deprecated. Use current_user_can().
-//
-
-/* returns true if $user_id can create a new post */
-function user_can_create_post($user_id, $blog_id = 1, $category_id = 'None') {
- $author_data = get_userdata($user_id);
- return ($author_data->user_level > 1);
-}
-
-/* returns true if $user_id can create a new post */
-function user_can_create_draft($user_id, $blog_id = 1, $category_id = 'None') {
- $author_data = get_userdata($user_id);
- return ($author_data->user_level >= 1);
-}
-
-/* returns true if $user_id can edit $post_id */
-function user_can_edit_post($user_id, $post_id, $blog_id = 1) {
- $author_data = get_userdata($user_id);
- $post = get_post($post_id);
- $post_author_data = get_userdata($post->post_author);
-
- if ( (($user_id == $post_author_data->ID) && !($post->post_status == 'publish' && $author_data->user_level < 2))
- || ($author_data->user_level > $post_author_data->user_level)
- || ($author_data->user_level >= 10) ) {
- return true;
- } else {
- return false;
- }
-}
-
-/* returns true if $user_id can delete $post_id */
-function user_can_delete_post($user_id, $post_id, $blog_id = 1) {
- // right now if one can edit, one can delete
- return user_can_edit_post($user_id, $post_id, $blog_id);
-}
-
-/* returns true if $user_id can set new posts' dates on $blog_id */
-function user_can_set_post_date($user_id, $blog_id = 1, $category_id = 'None') {
- $author_data = get_userdata($user_id);
- return (($author_data->user_level > 4) && user_can_create_post($user_id, $blog_id, $category_id));
-}
-
-/* returns true if $user_id can edit $post_id's date */
-function user_can_edit_post_date($user_id, $post_id, $blog_id = 1) {
- $author_data = get_userdata($user_id);
- return (($author_data->user_level > 4) && user_can_edit_post($user_id, $post_id, $blog_id));
-}
-
-/* returns true if $user_id can edit $post_id's comments */
-function user_can_edit_post_comments($user_id, $post_id, $blog_id = 1) {
- // right now if one can edit a post, one can edit comments made on it
- return user_can_edit_post($user_id, $post_id, $blog_id);
-}
-
-/* returns true if $user_id can delete $post_id's comments */
-function user_can_delete_post_comments($user_id, $post_id, $blog_id = 1) {
- // right now if one can edit comments, one can delete comments
- return user_can_edit_post_comments($user_id, $post_id, $blog_id);
-}
-
-function user_can_edit_user($user_id, $other_user) {
- $user = get_userdata($user_id);
- $other = get_userdata($other_user);
- if ( $user->user_level > $other->user_level || $user->user_level > 8 || $user->ID == $other->ID )
- return true;
- else
- return false;
-}
-
?>
scripts.mit.edu / autoinstalls / wordpress.git / blobdiff