Make WordPress Core


Ignore:
Timestamp:
04/14/2016 03:34:07 AM (9 years ago)
Author:
jeremyfelt
Message:

Multisite: Relocate revoke_super_admin() and grant_super_admin()

Moving these functions to wp-includes/capabilities.php allows plugins to access more than just is_super_admin() and get_super_admin() from the front end without including a file via wp-admin/. Add an is_multisite() check to prevent use of these on single site environments now that they have left ms.php..

Props johnjamesjacoby.
Fixes #21788.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/capabilities.php

    r36492 r37200  
    620620    return false;
    621621}
     622
     623/**
     624 * Grants Super Admin privileges.
     625 *
     626 * @since 3.0.0
     627 *
     628 * @global array $super_admins
     629 *
     630 * @param int $user_id ID of the user to be granted Super Admin privileges.
     631 * @return bool True on success, false on failure. This can fail when the user is
     632 *              already a super admin or when the `$super_admins` global is defined.
     633 */
     634function grant_super_admin( $user_id ) {
     635    // If global super_admins override is defined, there is nothing to do here.
     636    if ( isset( $GLOBALS['super_admins'] ) || ! is_multisite() ) {
     637        return false;
     638    }
     639
     640    /**
     641     * Fires before the user is granted Super Admin privileges.
     642     *
     643     * @since 3.0.0
     644     *
     645     * @param int $user_id ID of the user that is about to be granted Super Admin privileges.
     646     */
     647    do_action( 'grant_super_admin', $user_id );
     648
     649    // Directly fetch site_admins instead of using get_super_admins()
     650    $super_admins = get_site_option( 'site_admins', array( 'admin' ) );
     651
     652    $user = get_userdata( $user_id );
     653    if ( $user && ! in_array( $user->user_login, $super_admins ) ) {
     654        $super_admins[] = $user->user_login;
     655        update_site_option( 'site_admins' , $super_admins );
     656
     657        /**
     658         * Fires after the user is granted Super Admin privileges.
     659         *
     660         * @since 3.0.0
     661         *
     662         * @param int $user_id ID of the user that was granted Super Admin privileges.
     663         */
     664        do_action( 'granted_super_admin', $user_id );
     665        return true;
     666    }
     667    return false;
     668}
     669
     670/**
     671 * Revokes Super Admin privileges.
     672 *
     673 * @since 3.0.0
     674 *
     675 * @global array $super_admins
     676 *
     677 * @param int $user_id ID of the user Super Admin privileges to be revoked from.
     678 * @return bool True on success, false on failure. This can fail when the user's email
     679 *              is the network admin email or when the `$super_admins` global is defined.
     680 */
     681function revoke_super_admin( $user_id ) {
     682    // If global super_admins override is defined, there is nothing to do here.
     683    if ( isset( $GLOBALS['super_admins'] ) || ! is_multisite() ) {
     684        return false;
     685    }
     686
     687    /**
     688     * Fires before the user's Super Admin privileges are revoked.
     689     *
     690     * @since 3.0.0
     691     *
     692     * @param int $user_id ID of the user Super Admin privileges are being revoked from.
     693     */
     694    do_action( 'revoke_super_admin', $user_id );
     695
     696    // Directly fetch site_admins instead of using get_super_admins()
     697    $super_admins = get_site_option( 'site_admins', array( 'admin' ) );
     698
     699    $user = get_userdata( $user_id );
     700    if ( $user && 0 !== strcasecmp( $user->user_email, get_site_option( 'admin_email' ) ) ) {
     701        if ( false !== ( $key = array_search( $user->user_login, $super_admins ) ) ) {
     702            unset( $super_admins[$key] );
     703            update_site_option( 'site_admins', $super_admins );
     704
     705            /**
     706             * Fires after the user's Super Admin privileges are revoked.
     707             *
     708             * @since 3.0.0
     709             *
     710             * @param int $user_id ID of the user Super Admin privileges were revoked from.
     711             */
     712            do_action( 'revoked_super_admin', $user_id );
     713            return true;
     714        }
     715    }
     716    return false;
     717}
Note: See TracChangeset for help on using the changeset viewer.