Changes from trunk/wp-includes/capabilities.php at r16910 to branches/3.0/wp-includes/capabilities.php at r16631

File:

• branches/3.0/wp-includes/capabilities.php (modified) (13 diffs)

branches/3.0/wp-includes/capabilities.php

@@ -472 +472 @@
      * @param int|string $id User's ID or username
      * @param int $name Optional. User's username
-     * @param int $blog_id Optional Blog ID, defaults to current blog.
      * @return WP_User
      */
-    function WP_User( $id, $name = '', $blog_id = '' ) {
+    function WP_User( $id, $name = '' ) {
 
         if ( empty( $id ) && empty( $name ) )
@@ -498 +497 @@
 
         $this->id = $this->ID;
-        $this->for_blog( $blog_id );
+        $this->_init_caps();
     }
 
@@ -606 +605 @@
         foreach ( (array) $this->roles as $oldrole )
             unset( $this->caps[$oldrole] );
-
-        if ( 1 == count( $this->roles ) && $role == $this->roles[0] )
-            return;
-
         if ( !empty( $role ) ) {
             $this->caps[$role] = true;
@@ -742 +737 @@
         // Must have ALL requested caps
         $capabilities = apply_filters( 'user_has_cap', $this->allcaps, $caps, $args );
-        $capabilities['exist'] = true; // Everyone is allowed to exist
         foreach ( (array) $caps as $cap ) {
             //echo "Checking cap $cap<br />";
@@ -822 +816 @@
         break;
     case 'delete_post':
-    case 'delete_page':
         $author_data = get_userdata( $user_id );
+        //echo "post ID: {$args[0]}<br />";
         $post = get_post( $args[0] );
         $post_type = get_post_type_object( $post->post_type );
-
-        if ( ! $post_type->map_meta_cap ) {
-            $caps[] = $post_type->cap->$cap;
-            // Prior to 3.1 we would re-call map_meta_cap here.
-            if ( 'delete_post' == $cap )
-                $cap = $post_type->cap->$cap;
-            break;
+        if ( $post_type && 'post' != $post_type->capability_type ) {
+            $args = array_merge( array( $post_type->cap->delete_post, $user_id ), $args );
+            return call_user_func_array( 'map_meta_cap', $args );
         }
 
@@ -838 +828 @@
             $post_author_data = get_userdata( $post->post_author );
         } else {
-            // No author set yet, so default to current user for cap checks.
+            //No author set yet so default to current user for cap checks
             $post_author_data = $author_data;
         }
@@ -846 +836 @@
             // If the post is published...
             if ( 'publish' == $post->post_status ) {
-                $caps[] = $post_type->cap->delete_published_posts;
+                $caps[] = 'delete_published_posts';
             } elseif ( 'trash' == $post->post_status ) {
                 if ('publish' == get_post_meta($post->ID, '_wp_trash_meta_status', true) )
-                    $caps[] = $post_type->cap->delete_published_posts;
+                    $caps[] = 'delete_published_posts';
             } else {
                 // If the post is draft...
-                $caps[] = $post_type->cap->delete_posts;
+                $caps[] = 'delete_posts';
             }
         } else {
             // The user is trying to edit someone else's post.
-            $caps[] = $post_type->cap->delete_others_posts;
+            $caps[] = 'delete_others_posts';
             // The post is published, extra cap required.
             if ( 'publish' == $post->post_status )
-                $caps[] = $post_type->cap->delete_published_posts;
+                $caps[] = 'delete_published_posts';
             elseif ( 'private' == $post->post_status )
-                $caps[] = $post_type->cap->delete_private_posts;
+                $caps[] = 'delete_private_posts';
+        }
+        break;
+    case 'delete_page':
+        $author_data = get_userdata( $user_id );
+        //echo "post ID: {$args[0]}<br />";
+        $page = get_page( $args[0] );
+        $page_author_data = get_userdata( $page->post_author );
+        //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />";
+        // If the user is the author...
+
+        if ('' != $page->post_author) {
+            $page_author_data = get_userdata( $page->post_author );
+        } else {
+            //No author set yet so default to current user for cap checks
+            $page_author_data = $author_data;
+        }
+
+        if ( is_object( $page_author_data ) && $user_id == $page_author_data->ID ) {
+            // If the page is published...
+            if ( $page->post_status == 'publish' ) {
+                $caps[] = 'delete_published_pages';
+            } elseif ( 'trash' == $page->post_status ) {
+                if ('publish' == get_post_meta($page->ID, '_wp_trash_meta_status', true) )
+                    $caps[] = 'delete_published_pages';
+            } else {
+                // If the page is draft...
+                $caps[] = 'delete_pages';
+            }
+        } else {
+            // The user is trying to edit someone else's page.
+            $caps[] = 'delete_others_pages';
+            // The page is published, extra cap required.
+            if ( $page->post_status == 'publish' )
+                $caps[] = 'delete_published_pages';
+            elseif ( $page->post_status == 'private' )
+                $caps[] = 'delete_private_pages';
         }
         break;
@@ -867 +893 @@
         // edit_others_posts
     case 'edit_post':
-    case 'edit_page':
         $author_data = get_userdata( $user_id );
+        //echo "post ID: {$args[0]}<br />";
         $post = get_post( $args[0] );
         $post_type = get_post_type_object( $post->post_type );
-
-        if ( ! $post_type->map_meta_cap ) {
-            $caps[] = $post_type->cap->$cap;
-            // Prior to 3.1 we would re-call map_meta_cap here.
-            if ( 'edit_post' == $cap )
-                $cap = $post_type->cap->$cap;
-            break;
-        }
-
-        if ( '' != $post->post_author ) {
-            $post_author_data = get_userdata( $post->post_author );
-        } else {
-            // No author set yet, so default to current user for cap checks.
-            $post_author_data = $author_data;
-        }
-
+        if ( $post_type && 'post' != $post_type->capability_type ) {
+            $args = array_merge( array( $post_type->cap->edit_post, $user_id ), $args );
+            return call_user_func_array( 'map_meta_cap', $args );
+        }
+        $post_author_data = get_userdata( $post->post_author );
         //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br />";
         // If the user is the author...
@@ -892 +907 @@
             // If the post is published...
             if ( 'publish' == $post->post_status ) {
-                $caps[] = $post_type->cap->edit_published_posts;
+                $caps[] = 'edit_published_posts';
             } elseif ( 'trash' == $post->post_status ) {
                 if ('publish' == get_post_meta($post->ID, '_wp_trash_meta_status', true) )
-                    $caps[] = $post_type->cap->edit_published_posts;
+                    $caps[] = 'edit_published_posts';
             } else {
                 // If the post is draft...
-                $caps[] = $post_type->cap->edit_posts;
+                $caps[] = 'edit_posts';
             }
         } else {
             // The user is trying to edit someone else's post.
-            $caps[] = $post_type->cap->edit_others_posts;
+            $caps[] = 'edit_others_posts';
             // The post is published, extra cap required.
             if ( 'publish' == $post->post_status )
-                $caps[] = $post_type->cap->edit_published_posts;
+                $caps[] = 'edit_published_posts';
             elseif ( 'private' == $post->post_status )
-                $caps[] = $post_type->cap->edit_private_posts;
+                $caps[] = 'edit_private_posts';
+        }
+        break;
+    case 'edit_page':
+        $author_data = get_userdata( $user_id );
+        //echo "post ID: {$args[0]}<br />";
+        $page = get_page( $args[0] );
+        $page_author_data = get_userdata( $page->post_author );
+        //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />";
+        // If the user is the author...
+        if ( is_object( $page_author_data ) && $user_id == $page_author_data->ID ) {
+            // If the page is published...
+            if ( 'publish' == $page->post_status ) {
+                $caps[] = 'edit_published_pages';
+            } elseif ( 'trash' == $page->post_status ) {
+                if ('publish' == get_post_meta($page->ID, '_wp_trash_meta_status', true) )
+                    $caps[] = 'edit_published_pages';
+            } else {
+                // If the page is draft...
+                $caps[] = 'edit_pages';
+            }
+        } else {
+            // The user is trying to edit someone else's page.
+            $caps[] = 'edit_others_pages';
+            // The page is published, extra cap required.
+            if ( 'publish' == $page->post_status )
+                $caps[] = 'edit_published_pages';
+            elseif ( 'private' == $page->post_status )
+                $caps[] = 'edit_private_pages';
         }
         break;
     case 'read_post':
-    case 'read_page':
-        $author_data = get_userdata( $user_id );
         $post = get_post( $args[0] );
         $post_type = get_post_type_object( $post->post_type );
-
-        if ( ! $post_type->map_meta_cap ) {
-            $caps[] = $post_type->cap->$cap;
-            // Prior to 3.1 we would re-call map_meta_cap here.
-            if ( 'read_post' == $cap )
-                $cap = $post_type->cap->$cap;
+        if ( $post_type && 'post' != $post_type->capability_type ) {
+            $args = array_merge( array( $post_type->cap->read_post, $user_id ), $args );
+            return call_user_func_array( 'map_meta_cap', $args );
+        }
+
+        if ( 'private' != $post->post_status ) {
+            $caps[] = 'read';
             break;
         }
 
-        if ( 'private' != $post->post_status ) {
-            $caps[] = $post_type->cap->read;
+        $author_data = get_userdata( $user_id );
+        $post_author_data = get_userdata( $post->post_author );
+        if ( is_object( $post_author_data ) && $user_id == $post_author_data->ID )
+            $caps[] = 'read';
+        else
+            $caps[] = 'read_private_posts';
+        break;
+    case 'read_page':
+        $page = get_page( $args[0] );
+
+        if ( 'private' != $page->post_status ) {
+            $caps[] = 'read';
             break;
         }
 
-        if ( '' != $post->post_author ) {
-            $post_author_data = get_userdata( $post->post_author );
-        } else {
-            // No author set yet, so default to current user for cap checks.
-            $post_author_data = $author_data;
-        }
-
-        if ( is_object( $post_author_data ) && $user_id == $post_author_data->ID )
-            $caps[] = $post_type->cap->read;
+        $author_data = get_userdata( $user_id );
+        $page_author_data = get_userdata( $page->post_author );
+        if ( is_object( $page_author_data ) && $user_id == $page_author_data->ID )
+            $caps[] = 'read';
         else
-            $caps[] = $post_type->cap->read_private_posts;
-        break;
-    case 'edit_comment':
-        $comment = get_comment( $args[0] );
-        $post = get_post( $comment->comment_post_ID );
-        $post_type_object = get_post_type_object( $post->post_type );
-
-        $caps = map_meta_cap( $post_type_object->cap->edit_post, $user_id, $post->ID );
+            $caps[] = 'read_private_pages';
         break;
     case 'unfiltered_upload':
@@ -995 +1035 @@
         break;
     case 'create_users':
-        if ( !is_multisite() )
+        if ( is_multisite() && !get_site_option( 'add_new_users' ) )
+            $caps[] = 'do_not_allow';
+        else
             $caps[] = $cap;
-        elseif ( is_super_admin() || get_site_option( 'add_new_users' ) )
-            $caps[] = $cap;
-        else
-            $caps[] = 'do_not_allow';
         break;
     default:
-        // Handle meta capabilities for custom post types.
-        $post_type_meta_caps = _post_type_meta_capabilities();
-        if ( isset( $post_type_meta_caps[ $cap ] ) ) {
-            $args = array_merge( array( $post_type_meta_caps[ $cap ], $user_id ), $args );
-            return call_user_func_array( 'map_meta_cap', $args );
-        }
-
         // If no meta caps match, return the original cap.
         $caps[] = $cap;
@@ -1089 +1120 @@
 
 /**
- * Whether a particular user has capability or role.
- *
- * @since 3.1.0
- *
- * @param int|object $user User ID or object.
- * @param string $capability Capability or role name.
- * @return bool
- */
-function user_can( $user, $capability ) {
-    if ( ! is_object( $user ) )
-        $user = new WP_User( $user );
-
-    if ( ! $user || ! $user->ID )
-        return false;
-
-    $args = array_slice( func_get_args(), 2 );
-    $args = array_merge( array( $capability ), $args );
-
-    return call_user_func_array( array( &$user, 'has_cap' ), $args );
-}
-
-/**
  * Retrieve role object.
  *
@@ -1136 +1145 @@
  * @param string $role Role name.
  * @param string $display_name Display name for role.
- * @param array $capabilities List of capabilities, e.g. array( 'edit_posts' => true, 'delete_posts' => false );
+ * @param array $capabilities List of capabilities.
  * @return null|WP_Role WP_Role object if role is added, null if already exists.
  */
@@ -1193 +1202 @@
  */
 function is_super_admin( $user_id = false ) {
-    if ( $user_id )
-        $user = new WP_User( $user_id );
-    else
-        $user = wp_get_current_user();
-
-    if ( empty( $user->id ) )
+    if ( ! $user_id ) {
+        $current_user = wp_get_current_user();
+        $user_id = ! empty($current_user) ? $current_user->id : 0;
+    }
+
+    if ( ! $user_id )
         return false;
+
+    $user = new WP_User($user_id);
 
     if ( is_multisite() ) {