Projects : mp-wp : mp-wp_genesis
1 | <?php |
2 | /** |
3 | * WordPress Roles and Capabilities. |
4 | * |
5 | * @package WordPress |
6 | * @subpackage User |
7 | */ |
8 | |
9 | /** |
10 | * WordPress User Roles. |
11 | * |
12 | * The role option is simple, the structure is organized by role name that store |
13 | * the name in value of the 'name' key. The capabilities are stored as an array |
14 | * in the value of the 'capability' key. |
15 | * |
16 | * <code> |
17 | * array ( |
18 | * 'rolename' => array ( |
19 | * 'name' => 'rolename', |
20 | * 'capabilities' => array() |
21 | * ) |
22 | * ) |
23 | * </code> |
24 | * |
25 | * @since 2.0.0 |
26 | * @package WordPress |
27 | * @subpackage User |
28 | */ |
29 | class WP_Roles { |
30 | /** |
31 | * List of roles and capabilities. |
32 | * |
33 | * @since 2.0.0 |
34 | * @access public |
35 | * @var array |
36 | */ |
37 | var $roles; |
38 | |
39 | /** |
40 | * List of the role objects. |
41 | * |
42 | * @since 2.0.0 |
43 | * @access public |
44 | * @var array |
45 | */ |
46 | var $role_objects = array(); |
47 | |
48 | /** |
49 | * List of role names. |
50 | * |
51 | * @since 2.0.0 |
52 | * @access public |
53 | * @var array |
54 | */ |
55 | var $role_names = array(); |
56 | |
57 | /** |
58 | * Option name for storing role list. |
59 | * |
60 | * @since 2.0.0 |
61 | * @access public |
62 | * @var string |
63 | */ |
64 | var $role_key; |
65 | |
66 | /** |
67 | * Whether to use the database for retrieval and storage. |
68 | * |
69 | * @since 2.1.0 |
70 | * @access public |
71 | * @var bool |
72 | */ |
73 | var $use_db = true; |
74 | |
75 | /** |
76 | * PHP4 Constructor - Call {@link WP_Roles::_init()} method. |
77 | * |
78 | * @since 2.0.0 |
79 | * @access public |
80 | * |
81 | * @return WP_Roles |
82 | */ |
83 | function WP_Roles() { |
84 | $this->_init(); |
85 | } |
86 | |
87 | /** |
88 | * Setup the object properties. |
89 | * |
90 | * The role key is set to the current prefix for the $wpdb object with |
91 | * 'user_roles' appended. If the $wp_user_roles global is set, then it will |
92 | * be used and the role option will not be updated or used. |
93 | * |
94 | * @since 2.1.0 |
95 | * @access protected |
96 | * @uses $wpdb Used to get the database prefix. |
97 | * @global array $wp_user_roles Used to set the 'roles' property value. |
98 | */ |
99 | function _init () { |
100 | global $wpdb; |
101 | global $wp_user_roles; |
102 | $this->role_key = $wpdb->prefix . 'user_roles'; |
103 | if ( ! empty( $wp_user_roles ) ) { |
104 | $this->roles = $wp_user_roles; |
105 | $this->use_db = false; |
106 | } else { |
107 | $this->roles = get_option( $this->role_key ); |
108 | } |
109 | |
110 | if ( empty( $this->roles ) ) |
111 | return; |
112 | |
113 | $this->role_objects = array(); |
114 | $this->role_names = array(); |
115 | foreach ( (array) $this->roles as $role => $data ) { |
116 | $this->role_objects[$role] = new WP_Role( $role, $this->roles[$role]['capabilities'] ); |
117 | $this->role_names[$role] = $this->roles[$role]['name']; |
118 | } |
119 | } |
120 | |
121 | /** |
122 | * Add role name with capabilities to list. |
123 | * |
124 | * Updates the list of roles, if the role doesn't already exist. |
125 | * |
126 | * @since 2.0.0 |
127 | * @access public |
128 | * |
129 | * @param string $role Role name. |
130 | * @param string $display_name Role display name. |
131 | * @param array $capabilities List of role capabilities. |
132 | * @return null|WP_Role WP_Role object if role is added, null if already exists. |
133 | */ |
134 | function add_role( $role, $display_name, $capabilities = array() ) { |
135 | if ( isset( $this->roles[$role] ) ) |
136 | return; |
137 | |
138 | $this->roles[$role] = array( |
139 | 'name' => $display_name, |
140 | 'capabilities' => $capabilities |
141 | ); |
142 | if ( $this->use_db ) |
143 | update_option( $this->role_key, $this->roles ); |
144 | $this->role_objects[$role] = new WP_Role( $role, $capabilities ); |
145 | $this->role_names[$role] = $display_name; |
146 | return $this->role_objects[$role]; |
147 | } |
148 | |
149 | /** |
150 | * Remove role by name. |
151 | * |
152 | * @since 2.0.0 |
153 | * @access public |
154 | * |
155 | * @param string $role Role name. |
156 | */ |
157 | function remove_role( $role ) { |
158 | if ( ! isset( $this->role_objects[$role] ) ) |
159 | return; |
160 | |
161 | unset( $this->role_objects[$role] ); |
162 | unset( $this->role_names[$role] ); |
163 | unset( $this->roles[$role] ); |
164 | |
165 | if ( $this->use_db ) |
166 | update_option( $this->role_key, $this->roles ); |
167 | } |
168 | |
169 | /** |
170 | * Add capability to role. |
171 | * |
172 | * @since 2.0.0 |
173 | * @access public |
174 | * |
175 | * @param string $role Role name. |
176 | * @param string $cap Capability name. |
177 | * @param bool $grant Optional, default is true. Whether role is capable of preforming capability. |
178 | */ |
179 | function add_cap( $role, $cap, $grant = true ) { |
180 | $this->roles[$role]['capabilities'][$cap] = $grant; |
181 | if ( $this->use_db ) |
182 | update_option( $this->role_key, $this->roles ); |
183 | } |
184 | |
185 | /** |
186 | * Remove capability from role. |
187 | * |
188 | * @since 2.0.0 |
189 | * @access public |
190 | * |
191 | * @param string $role Role name. |
192 | * @param string $cap Capability name. |
193 | */ |
194 | function remove_cap( $role, $cap ) { |
195 | unset( $this->roles[$role]['capabilities'][$cap] ); |
196 | if ( $this->use_db ) |
197 | update_option( $this->role_key, $this->roles ); |
198 | } |
199 | |
200 | /** |
201 | * Retrieve role object by name. |
202 | * |
203 | * @since 2.0.0 |
204 | * @access public |
205 | * |
206 | * @param string $role Role name. |
207 | * @return object|null Null, if role does not exist. WP_Role object, if found. |
208 | */ |
209 | function &get_role( $role ) { |
210 | if ( isset( $this->role_objects[$role] ) ) |
211 | return $this->role_objects[$role]; |
212 | else |
213 | return null; |
214 | } |
215 | |
216 | /** |
217 | * Retrieve list of role names. |
218 | * |
219 | * @since 2.0.0 |
220 | * @access public |
221 | * |
222 | * @return array List of role names. |
223 | */ |
224 | function get_names() { |
225 | return $this->role_names; |
226 | } |
227 | |
228 | /** |
229 | * Whether role name is currently in the list of available roles. |
230 | * |
231 | * @since 2.0.0 |
232 | * @access public |
233 | * |
234 | * @param string $role Role name to look up. |
235 | * @return bool |
236 | */ |
237 | function is_role( $role ) |
238 | { |
239 | return isset( $this->role_names[$role] ); |
240 | } |
241 | } |
242 | |
243 | /** |
244 | * WordPress Role class. |
245 | * |
246 | * @since 2.0.0 |
247 | * @package WordPress |
248 | * @subpackage User |
249 | */ |
250 | class WP_Role { |
251 | /** |
252 | * Role name. |
253 | * |
254 | * @since 2.0.0 |
255 | * @access public |
256 | * @var string |
257 | */ |
258 | var $name; |
259 | |
260 | /** |
261 | * List of capabilities the role contains. |
262 | * |
263 | * @since 2.0.0 |
264 | * @access public |
265 | * @var array |
266 | */ |
267 | var $capabilities; |
268 | |
269 | /** |
270 | * PHP4 Constructor - Setup object properties. |
271 | * |
272 | * The list of capabilities, must have the key as the name of the capability |
273 | * and the value a boolean of whether it is granted to the role or not. |
274 | * |
275 | * @since 2.0.0 |
276 | * @access public |
277 | * |
278 | * @param string $role Role name. |
279 | * @param array $capabilities List of capabilities. |
280 | * @return WP_Role |
281 | */ |
282 | function WP_Role( $role, $capabilities ) { |
283 | $this->name = $role; |
284 | $this->capabilities = $capabilities; |
285 | } |
286 | |
287 | /** |
288 | * Assign role a capability. |
289 | * |
290 | * @see WP_Roles::add_cap() Method uses implementation for role. |
291 | * @since 2.0.0 |
292 | * @access public |
293 | * |
294 | * @param string $cap Capability name. |
295 | * @param bool $grant Whether role has capability privilege. |
296 | */ |
297 | function add_cap( $cap, $grant = true ) { |
298 | global $wp_roles; |
299 | |
300 | if ( ! isset( $wp_roles ) ) |
301 | $wp_roles = new WP_Roles(); |
302 | |
303 | $this->capabilities[$cap] = $grant; |
304 | $wp_roles->add_cap( $this->name, $cap, $grant ); |
305 | } |
306 | |
307 | /** |
308 | * Remove capability from role. |
309 | * |
310 | * This is a container for {@link WP_Roles::remove_cap()} to remove the |
311 | * capability from the role. That is to say, that {@link |
312 | * WP_Roles::remove_cap()} implements the functionality, but it also makes |
313 | * sense to use this class, because you don't need to enter the role name. |
314 | * |
315 | * @since 2.0.0 |
316 | * @access public |
317 | * |
318 | * @param string $cap Capability name. |
319 | */ |
320 | function remove_cap( $cap ) { |
321 | global $wp_roles; |
322 | |
323 | if ( ! isset( $wp_roles ) ) |
324 | $wp_roles = new WP_Roles(); |
325 | |
326 | unset( $this->capabilities[$cap] ); |
327 | $wp_roles->remove_cap( $this->name, $cap ); |
328 | } |
329 | |
330 | /** |
331 | * Whether role has capability. |
332 | * |
333 | * The capabilities is passed through the 'role_has_cap' filter. The first |
334 | * parameter for the hook is the list of capabilities the class has |
335 | * assigned. The second parameter is the capability name to look for. The |
336 | * third and final parameter for the hook is the role name. |
337 | * |
338 | * @since 2.0.0 |
339 | * @access public |
340 | * |
341 | * @param string $cap Capability name. |
342 | * @return bool True, if user has capability. False, if doesn't have capability. |
343 | */ |
344 | function has_cap( $cap ) { |
345 | $capabilities = apply_filters( 'role_has_cap', $this->capabilities, $cap, $this->name ); |
346 | if ( !empty( $capabilities[$cap] ) ) |
347 | return $capabilities[$cap]; |
348 | else |
349 | return false; |
350 | } |
351 | |
352 | } |
353 | |
354 | /** |
355 | * WordPress User class. |
356 | * |
357 | * @since 2.0.0 |
358 | * @package WordPress |
359 | * @subpackage User |
360 | */ |
361 | class WP_User { |
362 | /** |
363 | * User data container. |
364 | * |
365 | * This will be set as properties of the object. |
366 | * |
367 | * @since 2.0.0 |
368 | * @access private |
369 | * @var array |
370 | */ |
371 | var $data; |
372 | |
373 | /** |
374 | * The user's ID. |
375 | * |
376 | * @since 2.1.0 |
377 | * @access public |
378 | * @var int |
379 | */ |
380 | var $ID = 0; |
381 | |
382 | /** |
383 | * The deprecated user's ID. |
384 | * |
385 | * @since 2.0.0 |
386 | * @access public |
387 | * @deprecated Use WP_User::$ID |
388 | * @see WP_User::$ID |
389 | * @var int |
390 | */ |
391 | var $id = 0; |
392 | |
393 | /** |
394 | * The individual capabilities the user has been given. |
395 | * |
396 | * @since 2.0.0 |
397 | * @access public |
398 | * @var array |
399 | */ |
400 | var $caps = array(); |
401 | |
402 | /** |
403 | * User metadata option name. |
404 | * |
405 | * @since 2.0.0 |
406 | * @access public |
407 | * @var string |
408 | */ |
409 | var $cap_key; |
410 | |
411 | /** |
412 | * The roles the user is part of. |
413 | * |
414 | * @since 2.0.0 |
415 | * @access public |
416 | * @var array |
417 | */ |
418 | var $roles = array(); |
419 | |
420 | /** |
421 | * All capabilities the user has, including individual and role based. |
422 | * |
423 | * @since 2.0.0 |
424 | * @access public |
425 | * @var array |
426 | */ |
427 | var $allcaps = array(); |
428 | |
429 | /** |
430 | * First name of the user. |
431 | * |
432 | * Created to prevent notices. |
433 | * |
434 | * @since 2.7.0 |
435 | * @access public |
436 | * @var string |
437 | */ |
438 | var $first_name = ''; |
439 | |
440 | /** |
441 | * Last name of the user. |
442 | * |
443 | * Created to prevent notices. |
444 | * |
445 | * @since 2.7.0 |
446 | * @access public |
447 | * @var string |
448 | */ |
449 | var $last_name = ''; |
450 | |
451 | /** |
452 | * PHP4 Constructor - Sets up the object properties. |
453 | * |
454 | * Retrieves the userdata and then assigns all of the data keys to direct |
455 | * properties of the object. Calls {@link WP_User::_init_caps()} after |
456 | * setting up the object's user data properties. |
457 | * |
458 | * @since 2.0.0 |
459 | * @access public |
460 | * |
461 | * @param int|string $id User's ID or username |
462 | * @param int $name Optional. User's username |
463 | * @return WP_User |
464 | */ |
465 | function WP_User( $id, $name = '' ) { |
466 | |
467 | if ( empty( $id ) && empty( $name ) ) |
468 | return; |
469 | |
470 | if ( ! is_numeric( $id ) ) { |
471 | $name = $id; |
472 | $id = 0; |
473 | } |
474 | |
475 | if ( ! empty( $id ) ) |
476 | $this->data = get_userdata( $id ); |
477 | else |
478 | $this->data = get_userdatabylogin( $name ); |
479 | |
480 | if ( empty( $this->data->ID ) ) |
481 | return; |
482 | |
483 | foreach ( get_object_vars( $this->data ) as $key => $value ) { |
484 | $this->{$key} = $value; |
485 | } |
486 | |
487 | $this->id = $this->ID; |
488 | $this->_init_caps(); |
489 | } |
490 | |
491 | /** |
492 | * Setup capability object properties. |
493 | * |
494 | * Will set the value for the 'cap_key' property to current database table |
495 | * prefix, followed by 'capabilities'. Will then check to see if the |
496 | * property matching the 'cap_key' exists and is an array. If so, it will be |
497 | * used. |
498 | * |
499 | * @since 2.1.0 |
500 | * @access protected |
501 | */ |
502 | function _init_caps() { |
503 | global $wpdb; |
504 | $this->cap_key = $wpdb->prefix . 'capabilities'; |
505 | $this->caps = &$this->{$this->cap_key}; |
506 | if ( ! is_array( $this->caps ) ) |
507 | $this->caps = array(); |
508 | $this->get_role_caps(); |
509 | } |
510 | |
511 | /** |
512 | * Retrieve all of the role capabilities and merge with individual capabilities. |
513 | * |
514 | * All of the capabilities of the roles the user belongs to are merged with |
515 | * the users individual roles. This also means that the user can be denied |
516 | * specific roles that their role might have, but the specific user isn't |
517 | * granted permission to. |
518 | * |
519 | * @since 2.0.0 |
520 | * @uses $wp_roles |
521 | * @access public |
522 | */ |
523 | function get_role_caps() { |
524 | global $wp_roles; |
525 | |
526 | if ( ! isset( $wp_roles ) ) |
527 | $wp_roles = new WP_Roles(); |
528 | |
529 | //Filter out caps that are not role names and assign to $this->roles |
530 | if ( is_array( $this->caps ) ) |
531 | $this->roles = array_filter( array_keys( $this->caps ), array( &$wp_roles, 'is_role' ) ); |
532 | |
533 | //Build $allcaps from role caps, overlay user's $caps |
534 | $this->allcaps = array(); |
535 | foreach ( (array) $this->roles as $role ) { |
536 | $role = $wp_roles->get_role( $role ); |
537 | $this->allcaps = array_merge( $this->allcaps, $role->capabilities ); |
538 | } |
539 | $this->allcaps = array_merge( $this->allcaps, $this->caps ); |
540 | } |
541 | |
542 | /** |
543 | * Add role to user. |
544 | * |
545 | * Updates the user's meta data option with capabilities and roles. |
546 | * |
547 | * @since 2.0.0 |
548 | * @access public |
549 | * |
550 | * @param string $role Role name. |
551 | */ |
552 | function add_role( $role ) { |
553 | $this->caps[$role] = true; |
554 | update_usermeta( $this->ID, $this->cap_key, $this->caps ); |
555 | $this->get_role_caps(); |
556 | $this->update_user_level_from_caps(); |
557 | } |
558 | |
559 | /** |
560 | * Remove role from user. |
561 | * |
562 | * @since 2.0.0 |
563 | * @access public |
564 | * |
565 | * @param string $role Role name. |
566 | */ |
567 | function remove_role( $role ) { |
568 | if ( empty( $this->roles[$role] ) || ( count( $this->roles ) <= 1 ) ) |
569 | return; |
570 | unset( $this->caps[$role] ); |
571 | update_usermeta( $this->ID, $this->cap_key, $this->caps ); |
572 | $this->get_role_caps(); |
573 | } |
574 | |
575 | /** |
576 | * Set the role of the user. |
577 | * |
578 | * This will remove the previous roles of the user and assign the user the |
579 | * new one. You can set the role to an empty string and it will remove all |
580 | * of the roles from the user. |
581 | * |
582 | * @since 2.0.0 |
583 | * @access public |
584 | * |
585 | * @param string $role Role name. |
586 | */ |
587 | function set_role( $role ) { |
588 | foreach ( (array) $this->roles as $oldrole ) |
589 | unset( $this->caps[$oldrole] ); |
590 | if ( !empty( $role ) ) { |
591 | $this->caps[$role] = true; |
592 | $this->roles = array( $role => true ); |
593 | } else { |
594 | $this->roles = false; |
595 | } |
596 | update_usermeta( $this->ID, $this->cap_key, $this->caps ); |
597 | $this->get_role_caps(); |
598 | $this->update_user_level_from_caps(); |
599 | } |
600 | |
601 | /** |
602 | * Choose the maximum level the user has. |
603 | * |
604 | * Will compare the level from the $item parameter against the $max |
605 | * parameter. If the item is incorrect, then just the $max parameter value |
606 | * will be returned. |
607 | * |
608 | * Used to get the max level based on the capabilities the user has. This |
609 | * is also based on roles, so if the user is assigned the Administrator role |
610 | * then the capability 'level_10' will exist and the user will get that |
611 | * value. |
612 | * |
613 | * @since 2.0.0 |
614 | * @access public |
615 | * |
616 | * @param int $max Max level of user. |
617 | * @param string $item Level capability name. |
618 | * @return int Max Level. |
619 | */ |
620 | function level_reduction( $max, $item ) { |
621 | if ( preg_match( '/^level_(10|[0-9])$/i', $item, $matches ) ) { |
622 | $level = intval( $matches[1] ); |
623 | return max( $max, $level ); |
624 | } else { |
625 | return $max; |
626 | } |
627 | } |
628 | |
629 | /** |
630 | * Update the maximum user level for the user. |
631 | * |
632 | * Updates the 'user_level' user metadata (includes prefix that is the |
633 | * database table prefix) with the maximum user level. Gets the value from |
634 | * the all of the capabilities that the user has. |
635 | * |
636 | * @since 2.0.0 |
637 | * @access public |
638 | */ |
639 | function update_user_level_from_caps() { |
640 | global $wpdb; |
641 | $this->user_level = array_reduce( array_keys( $this->allcaps ), array( &$this, 'level_reduction' ), 0 ); |
642 | update_usermeta( $this->ID, $wpdb->prefix.'user_level', $this->user_level ); |
643 | } |
644 | |
645 | /** |
646 | * Add capability and grant or deny access to capability. |
647 | * |
648 | * @since 2.0.0 |
649 | * @access public |
650 | * |
651 | * @param string $cap Capability name. |
652 | * @param bool $grant Whether to grant capability to user. |
653 | */ |
654 | function add_cap( $cap, $grant = true ) { |
655 | $this->caps[$cap] = $grant; |
656 | update_usermeta( $this->ID, $this->cap_key, $this->caps ); |
657 | } |
658 | |
659 | /** |
660 | * Remove capability from user. |
661 | * |
662 | * @since 2.0.0 |
663 | * @access public |
664 | * |
665 | * @param string $cap Capability name. |
666 | */ |
667 | function remove_cap( $cap ) { |
668 | if ( empty( $this->caps[$cap] ) ) return; |
669 | unset( $this->caps[$cap] ); |
670 | update_usermeta( $this->ID, $this->cap_key, $this->caps ); |
671 | } |
672 | |
673 | /** |
674 | * Remove all of the capabilities of the user. |
675 | * |
676 | * @since 2.1.0 |
677 | * @access public |
678 | */ |
679 | function remove_all_caps() { |
680 | global $wpdb; |
681 | $this->caps = array(); |
682 | update_usermeta( $this->ID, $this->cap_key, '' ); |
683 | update_usermeta( $this->ID, $wpdb->prefix.'user_level', '' ); |
684 | $this->get_role_caps(); |
685 | } |
686 | |
687 | /** |
688 | * Whether user has capability or role name. |
689 | * |
690 | * This is useful for looking up whether the user has a specific role |
691 | * assigned to the user. The second optional parameter can also be used to |
692 | * check for capabilities against a specfic post. |
693 | * |
694 | * @since 2.0.0 |
695 | * @access public |
696 | * |
697 | * @param string|int $cap Capability or role name to search. |
698 | * @param int $post_id Optional. Post ID to check capability against specific post. |
699 | * @return bool True, if user has capability; false, if user does not have capability. |
700 | */ |
701 | function has_cap( $cap ) { |
702 | if ( is_numeric( $cap ) ) |
703 | $cap = $this->translate_level_to_cap( $cap ); |
704 | |
705 | $args = array_slice( func_get_args(), 1 ); |
706 | $args = array_merge( array( $cap, $this->ID ), $args ); |
707 | $caps = call_user_func_array( 'map_meta_cap', $args ); |
708 | // Must have ALL requested caps |
709 | $capabilities = apply_filters( 'user_has_cap', $this->allcaps, $caps, $args ); |
710 | foreach ( (array) $caps as $cap ) { |
711 | //echo "Checking cap $cap<br />"; |
712 | if ( empty( $capabilities[$cap] ) || !$capabilities[$cap] ) |
713 | return false; |
714 | } |
715 | |
716 | return true; |
717 | } |
718 | |
719 | /** |
720 | * Convert numeric level to level capability name. |
721 | * |
722 | * Prepends 'level_' to level number. |
723 | * |
724 | * @since 2.0.0 |
725 | * @access public |
726 | * |
727 | * @param int $level Level number, 1 to 10. |
728 | * @return string |
729 | */ |
730 | function translate_level_to_cap( $level ) { |
731 | return 'level_' . $level; |
732 | } |
733 | |
734 | } |
735 | |
736 | /** |
737 | * Map meta capabilities to primitive capabilities. |
738 | * |
739 | * This does not actually compare whether the user ID has the actual capability, |
740 | * just what the capability or capabilities are. Meta capability list value can |
741 | * be 'delete_user', 'edit_user', 'delete_post', 'delete_page', 'edit_post', |
742 | * 'edit_page', 'read_post', or 'read_page'. |
743 | * |
744 | * @since 2.0.0 |
745 | * |
746 | * @param string $cap Capability name. |
747 | * @param int $user_id User ID. |
748 | * @return array Actual capabilities for meta capability. |
749 | */ |
750 | function map_meta_cap( $cap, $user_id ) { |
751 | $args = array_slice( func_get_args(), 2 ); |
752 | $caps = array(); |
753 | |
754 | switch ( $cap ) { |
755 | case 'delete_user': |
756 | $caps[] = 'delete_users'; |
757 | break; |
758 | case 'edit_user': |
759 | if ( !isset( $args[0] ) || $user_id != $args[0] ) { |
760 | $caps[] = 'edit_users'; |
761 | } |
762 | break; |
763 | case 'delete_post': |
764 | $author_data = get_userdata( $user_id ); |
765 | //echo "post ID: {$args[0]}<br />"; |
766 | $post = get_post( $args[0] ); |
767 | if ( 'page' == $post->post_type ) { |
768 | $args = array_merge( array( 'delete_page', $user_id ), $args ); |
769 | return call_user_func_array( 'map_meta_cap', $args ); |
770 | } |
771 | $post_author_data = get_userdata( $post->post_author ); |
772 | //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br />"; |
773 | // If the user is the author... |
774 | if ( $user_id == $post_author_data->ID ) { |
775 | // If the post is published... |
776 | if ( 'publish' == $post->post_status ) |
777 | $caps[] = 'delete_published_posts'; |
778 | else |
779 | // If the post is draft... |
780 | $caps[] = 'delete_posts'; |
781 | } else { |
782 | // The user is trying to edit someone else's post. |
783 | $caps[] = 'delete_others_posts'; |
784 | // The post is published, extra cap required. |
785 | if ( 'publish' == $post->post_status ) |
786 | $caps[] = 'delete_published_posts'; |
787 | elseif ( 'private' == $post->post_status ) |
788 | $caps[] = 'delete_private_posts'; |
789 | } |
790 | break; |
791 | case 'delete_page': |
792 | $author_data = get_userdata( $user_id ); |
793 | //echo "post ID: {$args[0]}<br />"; |
794 | $page = get_page( $args[0] ); |
795 | $page_author_data = get_userdata( $page->post_author ); |
796 | //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />"; |
797 | // If the user is the author... |
798 | if ( $user_id == $page_author_data->ID ) { |
799 | // If the page is published... |
800 | if ( $page->post_status == 'publish' ) |
801 | $caps[] = 'delete_published_pages'; |
802 | else |
803 | // If the page is draft... |
804 | $caps[] = 'delete_pages'; |
805 | } else { |
806 | // The user is trying to edit someone else's page. |
807 | $caps[] = 'delete_others_pages'; |
808 | // The page is published, extra cap required. |
809 | if ( $page->post_status == 'publish' ) |
810 | $caps[] = 'delete_published_pages'; |
811 | elseif ( $page->post_status == 'private' ) |
812 | $caps[] = 'delete_private_pages'; |
813 | } |
814 | break; |
815 | // edit_post breaks down to edit_posts, edit_published_posts, or |
816 | // edit_others_posts |
817 | case 'edit_post': |
818 | $author_data = get_userdata( $user_id ); |
819 | //echo "post ID: {$args[0]}<br />"; |
820 | $post = get_post( $args[0] ); |
821 | if ( 'page' == $post->post_type ) { |
822 | $args = array_merge( array( 'edit_page', $user_id ), $args ); |
823 | return call_user_func_array( 'map_meta_cap', $args ); |
824 | } |
825 | $post_author_data = get_userdata( $post->post_author ); |
826 | //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br />"; |
827 | // If the user is the author... |
828 | if ( $user_id == $post_author_data->ID ) { |
829 | // If the post is published... |
830 | if ( 'publish' == $post->post_status ) |
831 | $caps[] = 'edit_published_posts'; |
832 | else |
833 | // If the post is draft... |
834 | $caps[] = 'edit_posts'; |
835 | } else { |
836 | // The user is trying to edit someone else's post. |
837 | $caps[] = 'edit_others_posts'; |
838 | // The post is published, extra cap required. |
839 | if ( 'publish' == $post->post_status ) |
840 | $caps[] = 'edit_published_posts'; |
841 | elseif ( 'private' == $post->post_status ) |
842 | $caps[] = 'edit_private_posts'; |
843 | } |
844 | break; |
845 | case 'edit_page': |
846 | $author_data = get_userdata( $user_id ); |
847 | //echo "post ID: {$args[0]}<br />"; |
848 | $page = get_page( $args[0] ); |
849 | $page_author_data = get_userdata( $page->post_author ); |
850 | //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />"; |
851 | // If the user is the author... |
852 | if ( $user_id == $page_author_data->ID ) { |
853 | // If the page is published... |
854 | if ( 'publish' == $page->post_status ) |
855 | $caps[] = 'edit_published_pages'; |
856 | else |
857 | // If the page is draft... |
858 | $caps[] = 'edit_pages'; |
859 | } else { |
860 | // The user is trying to edit someone else's page. |
861 | $caps[] = 'edit_others_pages'; |
862 | // The page is published, extra cap required. |
863 | if ( 'publish' == $page->post_status ) |
864 | $caps[] = 'edit_published_pages'; |
865 | elseif ( 'private' == $page->post_status ) |
866 | $caps[] = 'edit_private_pages'; |
867 | } |
868 | break; |
869 | case 'read_post': |
870 | $post = get_post( $args[0] ); |
871 | if ( 'page' == $post->post_type ) { |
872 | $args = array_merge( array( 'read_page', $user_id ), $args ); |
873 | return call_user_func_array( 'map_meta_cap', $args ); |
874 | } |
875 | |
876 | if ( 'private' != $post->post_status ) { |
877 | $caps[] = 'read'; |
878 | break; |
879 | } |
880 | |
881 | $author_data = get_userdata( $user_id ); |
882 | $post_author_data = get_userdata( $post->post_author ); |
883 | if ( $user_id == $post_author_data->ID ) |
884 | $caps[] = 'read'; |
885 | else |
886 | $caps[] = 'read_private_posts'; |
887 | break; |
888 | case 'read_page': |
889 | $page = get_page( $args[0] ); |
890 | |
891 | if ( 'private' != $page->post_status ) { |
892 | $caps[] = 'read'; |
893 | break; |
894 | } |
895 | |
896 | $author_data = get_userdata( $user_id ); |
897 | $page_author_data = get_userdata( $page->post_author ); |
898 | if ( $user_id == $page_author_data->ID ) |
899 | $caps[] = 'read'; |
900 | else |
901 | $caps[] = 'read_private_pages'; |
902 | break; |
903 | default: |
904 | // If no meta caps match, return the original cap. |
905 | $caps[] = $cap; |
906 | } |
907 | |
908 | return $caps; |
909 | } |
910 | |
911 | /** |
912 | * Whether current user has capability or role. |
913 | * |
914 | * @since 2.0.0 |
915 | * |
916 | * @param string $capability Capability or role name. |
917 | * @return bool |
918 | */ |
919 | function current_user_can( $capability ) { |
920 | $current_user = wp_get_current_user(); |
921 | |
922 | if ( empty( $current_user ) ) |
923 | return false; |
924 | |
925 | $args = array_slice( func_get_args(), 1 ); |
926 | $args = array_merge( array( $capability ), $args ); |
927 | |
928 | return call_user_func_array( array( &$current_user, 'has_cap' ), $args ); |
929 | } |
930 | |
931 | /** |
932 | * Retrieve role object. |
933 | * |
934 | * @see WP_Roles::get_role() Uses method to retrieve role object. |
935 | * @since 2.0.0 |
936 | * |
937 | * @param string $role Role name. |
938 | * @return object |
939 | */ |
940 | function get_role( $role ) { |
941 | global $wp_roles; |
942 | |
943 | if ( ! isset( $wp_roles ) ) |
944 | $wp_roles = new WP_Roles(); |
945 | |
946 | return $wp_roles->get_role( $role ); |
947 | } |
948 | |
949 | /** |
950 | * Add role, if it does not exist. |
951 | * |
952 | * @see WP_Roles::add_role() Uses method to add role. |
953 | * @since 2.0.0 |
954 | * |
955 | * @param string $role Role name. |
956 | * @param string $display_name Display name for role. |
957 | * @param array $capabilities List of capabilities. |
958 | * @return null|WP_Role WP_Role object if role is added, null if already exists. |
959 | */ |
960 | function add_role( $role, $display_name, $capabilities = array() ) { |
961 | global $wp_roles; |
962 | |
963 | if ( ! isset( $wp_roles ) ) |
964 | $wp_roles = new WP_Roles(); |
965 | |
966 | return $wp_roles->add_role( $role, $display_name, $capabilities ); |
967 | } |
968 | |
969 | /** |
970 | * Remove role, if it exists. |
971 | * |
972 | * @see WP_Roles::remove_role() Uses method to remove role. |
973 | * @since 2.0.0 |
974 | * |
975 | * @param string $role Role name. |
976 | * @return null |
977 | */ |
978 | function remove_role( $role ) { |
979 | global $wp_roles; |
980 | |
981 | if ( ! isset( $wp_roles ) ) |
982 | $wp_roles = new WP_Roles(); |
983 | |
984 | return $wp_roles->remove_role( $role ); |
985 | } |
986 | |
987 | ?> |