Changeset 8573
- Timestamp:
- 08/06/2008 08:50:30 PM (16 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-includes/capabilities.php
r8572 r8573 17 17 global $wp_user_roles; 18 18 $this->role_key = $wpdb->prefix . 'user_roles'; 19 if ( ! empty( $wp_user_roles) ) {19 if ( ! empty( $wp_user_roles ) ) { 20 20 $this->roles = $wp_user_roles; 21 21 $this->use_db = false; 22 22 } else { 23 $this->roles = get_option( $this->role_key);24 } 25 26 if ( empty( $this->roles) )23 $this->roles = get_option( $this->role_key ); 24 } 25 26 if ( empty( $this->roles ) ) 27 27 return; 28 28 29 29 $this->role_objects = array(); 30 30 $this->role_names = array(); 31 foreach ( (array) $this->roles as $role => $data ) {32 $this->role_objects[$role] = new WP_Role( $role, $this->roles[$role]['capabilities']);31 foreach ( (array) $this->roles as $role => $data ) { 32 $this->role_objects[$role] = new WP_Role( $role, $this->roles[$role]['capabilities'] ); 33 33 $this->role_names[$role] = $this->roles[$role]['name']; 34 34 } 35 35 } 36 36 37 function add_role( $role, $display_name, $capabilities = array()) {38 if ( isset( $this->roles[$role]) )37 function add_role( $role, $display_name, $capabilities = array() ) { 38 if ( isset( $this->roles[$role] ) ) 39 39 return; 40 40 41 41 $this->roles[$role] = array( 42 42 'name' => $display_name, 43 'capabilities' => $capabilities); 43 'capabilities' => $capabilities 44 ); 44 45 if ( $this->use_db ) 45 update_option( $this->role_key, $this->roles);46 $this->role_objects[$role] = new WP_Role( $role, $capabilities);46 update_option( $this->role_key, $this->roles ); 47 $this->role_objects[$role] = new WP_Role( $role, $capabilities ); 47 48 $this->role_names[$role] = $display_name; 48 49 return $this->role_objects[$role]; 49 50 } 50 51 51 function remove_role( $role) {52 if ( ! isset( $this->role_objects[$role]) )53 return; 54 55 unset( $this->role_objects[$role]);56 unset( $this->role_names[$role]);57 unset( $this->roles[$role]);52 function remove_role( $role ) { 53 if ( ! isset( $this->role_objects[$role] ) ) 54 return; 55 56 unset( $this->role_objects[$role] ); 57 unset( $this->role_names[$role] ); 58 unset( $this->roles[$role] ); 58 59 59 60 if ( $this->use_db ) 60 update_option( $this->role_key, $this->roles);61 } 62 63 function add_cap( $role, $cap, $grant = true) {61 update_option( $this->role_key, $this->roles ); 62 } 63 64 function add_cap( $role, $cap, $grant = true ) { 64 65 $this->roles[$role]['capabilities'][$cap] = $grant; 65 66 if ( $this->use_db ) 66 update_option( $this->role_key, $this->roles);67 } 68 69 function remove_cap( $role, $cap) {70 unset( $this->roles[$role]['capabilities'][$cap]);67 update_option( $this->role_key, $this->roles ); 68 } 69 70 function remove_cap( $role, $cap ) { 71 unset( $this->roles[$role]['capabilities'][$cap] ); 71 72 if ( $this->use_db ) 72 update_option( $this->role_key, $this->roles);73 } 74 75 function &get_role( $role) {76 if ( isset( $this->role_objects[$role]) )73 update_option( $this->role_key, $this->roles ); 74 } 75 76 function &get_role( $role ) { 77 if ( isset( $this->role_objects[$role] ) ) 77 78 return $this->role_objects[$role]; 78 79 else … … 84 85 } 85 86 86 function is_role( $role)87 function is_role( $role ) 87 88 { 88 return isset( $this->role_names[$role]);89 return isset( $this->role_names[$role] ); 89 90 } 90 91 } … … 94 95 var $capabilities; 95 96 96 function WP_Role( $role, $capabilities) {97 function WP_Role( $role, $capabilities ) { 97 98 $this->name = $role; 98 99 $this->capabilities = $capabilities; 99 100 } 100 101 101 function add_cap( $cap, $grant = true) {102 function add_cap( $cap, $grant = true ) { 102 103 global $wp_roles; 103 104 104 if ( ! isset( $wp_roles) )105 if ( ! isset( $wp_roles ) ) 105 106 $wp_roles = new WP_Roles(); 106 107 107 108 $this->capabilities[$cap] = $grant; 108 $wp_roles->add_cap( $this->name, $cap, $grant);109 } 110 111 function remove_cap( $cap) {109 $wp_roles->add_cap( $this->name, $cap, $grant ); 110 } 111 112 function remove_cap( $cap ) { 112 113 global $wp_roles; 113 114 114 if ( ! isset( $wp_roles) )115 if ( ! isset( $wp_roles ) ) 115 116 $wp_roles = new WP_Roles(); 116 117 117 unset( $this->capabilities[$cap]);118 $wp_roles->remove_cap( $this->name, $cap);119 } 120 121 function has_cap( $cap) {122 $capabilities = apply_filters( 'role_has_cap', $this->capabilities, $cap, $this->name);123 if ( !empty( $capabilities[$cap]) )118 unset( $this->capabilities[$cap] ); 119 $wp_roles->remove_cap( $this->name, $cap ); 120 } 121 122 function has_cap( $cap ) { 123 $capabilities = apply_filters( 'role_has_cap', $this->capabilities, $cap, $this->name ); 124 if ( !empty( $capabilities[$cap] ) ) 124 125 return $capabilities[$cap]; 125 126 else … … 138 139 var $allcaps = array(); 139 140 140 function WP_User( $id, $name = '') {141 142 if ( empty( $id) && empty($name) )143 return; 144 145 if ( ! is_numeric( $id) ) {141 function WP_User( $id, $name = '' ) { 142 143 if ( empty( $id ) && empty( $name ) ) 144 return; 145 146 if ( ! is_numeric( $id ) ) { 146 147 $name = $id; 147 148 $id = 0; 148 149 } 149 150 150 if ( ! empty( $id) )151 $this->data = get_userdata( $id);151 if ( ! empty( $id ) ) 152 $this->data = get_userdata( $id ); 152 153 else 153 $this->data = get_userdatabylogin( $name);154 155 if ( empty( $this->data->ID) )156 return; 157 158 foreach ( get_object_vars($this->data) as $key => $value) {154 $this->data = get_userdatabylogin( $name ); 155 156 if ( empty( $this->data->ID ) ) 157 return; 158 159 foreach ( get_object_vars( $this->data ) as $key => $value ) { 159 160 $this->{$key} = $value; 160 161 } … … 168 169 $this->cap_key = $wpdb->prefix . 'capabilities'; 169 170 $this->caps = &$this->{$this->cap_key}; 170 if ( ! is_array( $this->caps) )171 if ( ! is_array( $this->caps ) ) 171 172 $this->caps = array(); 172 173 $this->get_role_caps(); … … 176 177 global $wp_roles; 177 178 178 if ( ! isset( $wp_roles) )179 if ( ! isset( $wp_roles ) ) 179 180 $wp_roles = new WP_Roles(); 180 181 181 182 //Filter out caps that are not role names and assign to $this->roles 182 if (is_array($this->caps))183 $this->roles = array_filter( array_keys($this->caps), array(&$wp_roles, 'is_role'));183 if ( is_array( $this->caps ) ) 184 $this->roles = array_filter( array_keys( $this->caps ), array( &$wp_roles, 'is_role' ) ); 184 185 185 186 //Build $allcaps from role caps, overlay user's $caps 186 187 $this->allcaps = array(); 187 foreach ( (array) $this->roles as $role) {188 $role = $wp_roles->get_role( $role);189 $this->allcaps = array_merge( $this->allcaps, $role->capabilities);190 } 191 $this->allcaps = array_merge( $this->allcaps, $this->caps);192 } 193 194 function add_role( $role) {188 foreach ( (array) $this->roles as $role ) { 189 $role = $wp_roles->get_role( $role ); 190 $this->allcaps = array_merge( $this->allcaps, $role->capabilities ); 191 } 192 $this->allcaps = array_merge( $this->allcaps, $this->caps ); 193 } 194 195 function add_role( $role ) { 195 196 $this->caps[$role] = true; 196 update_usermeta( $this->ID, $this->cap_key, $this->caps);197 update_usermeta( $this->ID, $this->cap_key, $this->caps ); 197 198 $this->get_role_caps(); 198 199 $this->update_user_level_from_caps(); 199 200 } 200 201 201 function remove_role( $role) {202 if ( empty( $this->roles[$role]) || (count($this->roles) <= 1) )203 return; 204 unset( $this->caps[$role]);205 update_usermeta( $this->ID, $this->cap_key, $this->caps);202 function remove_role( $role ) { 203 if ( empty( $this->roles[$role] ) || ( count( $this->roles ) <= 1 ) ) 204 return; 205 unset( $this->caps[$role] ); 206 update_usermeta( $this->ID, $this->cap_key, $this->caps ); 206 207 $this->get_role_caps(); 207 208 } 208 209 209 function set_role( $role) {210 foreach ( (array) $this->roles as $oldrole)211 unset( $this->caps[$oldrole]);212 if ( !empty( $role) ) {210 function set_role( $role ) { 211 foreach ( (array) $this->roles as $oldrole ) 212 unset( $this->caps[$oldrole] ); 213 if ( !empty( $role ) ) { 213 214 $this->caps[$role] = true; 214 $this->roles = array( $role => true);215 $this->roles = array( $role => true ); 215 216 } else { 216 217 $this->roles = false; 217 218 } 218 update_usermeta( $this->ID, $this->cap_key, $this->caps);219 update_usermeta( $this->ID, $this->cap_key, $this->caps ); 219 220 $this->get_role_caps(); 220 221 $this->update_user_level_from_caps(); 221 222 } 222 223 223 function level_reduction( $max, $item) {224 if (preg_match('/^level_(10|[0-9])$/i', $item, $matches)) {225 $level = intval( $matches[1]);226 return max( $max, $level);224 function level_reduction( $max, $item ) { 225 if ( preg_match( '/^level_(10|[0-9])$/i', $item, $matches ) ) { 226 $level = intval( $matches[1] ); 227 return max( $max, $level ); 227 228 } else { 228 229 return $max; … … 232 233 function update_user_level_from_caps() { 233 234 global $wpdb; 234 $this->user_level = array_reduce( array_keys($this->allcaps), array(&$this, 'level_reduction'), 0);235 update_usermeta( $this->ID, $wpdb->prefix.'user_level', $this->user_level);236 } 237 238 function add_cap( $cap, $grant = true) {235 $this->user_level = array_reduce( array_keys( $this->allcaps ), array( &$this, 'level_reduction' ), 0 ); 236 update_usermeta( $this->ID, $wpdb->prefix.'user_level', $this->user_level ); 237 } 238 239 function add_cap( $cap, $grant = true ) { 239 240 $this->caps[$cap] = $grant; 240 update_usermeta( $this->ID, $this->cap_key, $this->caps);241 } 242 243 function remove_cap( $cap) {244 if ( empty( $this->caps[$cap]) ) return;245 unset( $this->caps[$cap]);246 update_usermeta( $this->ID, $this->cap_key, $this->caps);241 update_usermeta( $this->ID, $this->cap_key, $this->caps ); 242 } 243 244 function remove_cap( $cap ) { 245 if ( empty( $this->caps[$cap] ) ) return; 246 unset( $this->caps[$cap] ); 247 update_usermeta( $this->ID, $this->cap_key, $this->caps ); 247 248 } 248 249 … … 250 251 global $wpdb; 251 252 $this->caps = array(); 252 update_usermeta( $this->ID, $this->cap_key, '');253 update_usermeta( $this->ID, $wpdb->prefix.'user_level', '');253 update_usermeta( $this->ID, $this->cap_key, '' ); 254 update_usermeta( $this->ID, $wpdb->prefix.'user_level', '' ); 254 255 $this->get_role_caps(); 255 256 } 256 257 257 // has_cap(capability_or_role_name) or258 // has_cap('edit_post', post_id)259 function has_cap( $cap) {260 if ( is_numeric( $cap) )261 $cap = $this->translate_level_to_cap( $cap);262 263 $args = array_slice( func_get_args(), 1);264 $args = array_merge( array($cap, $this->ID), $args);265 $caps = call_user_func_array( 'map_meta_cap', $args);258 // has_cap( capability_or_role_name ) or 259 // has_cap( 'edit_post', post_id ) 260 function has_cap( $cap ) { 261 if ( is_numeric( $cap ) ) 262 $cap = $this->translate_level_to_cap( $cap ); 263 264 $args = array_slice( func_get_args(), 1 ); 265 $args = array_merge( array( $cap, $this->ID ), $args ); 266 $caps = call_user_func_array( 'map_meta_cap', $args ); 266 267 // Must have ALL requested caps 267 $capabilities = apply_filters( 'user_has_cap', $this->allcaps, $caps, $args);268 foreach ( (array) $caps as $cap ) {268 $capabilities = apply_filters( 'user_has_cap', $this->allcaps, $caps, $args ); 269 foreach ( (array) $caps as $cap ) { 269 270 //echo "Checking cap $cap<br />"; 270 if (empty($capabilities[$cap]) || !$capabilities[$cap])271 if ( empty( $capabilities[$cap] ) || !$capabilities[$cap] ) 271 272 return false; 272 273 } … … 275 276 } 276 277 277 function translate_level_to_cap( $level) {278 function translate_level_to_cap( $level ) { 278 279 return 'level_' . $level; 279 280 } … … 282 283 283 284 // Map meta capabilities to primitive capabilities. 284 function map_meta_cap( $cap, $user_id) {285 $args = array_slice( func_get_args(), 2);285 function map_meta_cap( $cap, $user_id ) { 286 $args = array_slice( func_get_args(), 2 ); 286 287 $caps = array(); 287 288 288 switch ( $cap) {289 switch ( $cap ) { 289 290 case 'delete_user': 290 291 $caps[] = 'delete_users'; 291 292 break; 292 293 case 'edit_user': 293 if ( !isset( $args[0]) || $user_id != $args[0] ) {294 if ( !isset( $args[0] ) || $user_id != $args[0] ) { 294 295 $caps[] = 'edit_users'; 295 296 } 296 297 break; 297 298 case 'delete_post': 298 $author_data = get_userdata( $user_id);299 $author_data = get_userdata( $user_id ); 299 300 //echo "post ID: {$args[0]}<br />"; 300 $post = get_post( $args[0]);301 $post = get_post( $args[0] ); 301 302 if ( 'page' == $post->post_type ) { 302 $args = array_merge( array('delete_page', $user_id), $args);303 return call_user_func_array( 'map_meta_cap', $args);304 } 305 $post_author_data = get_userdata( $post->post_author);303 $args = array_merge( array( 'delete_page', $user_id ), $args ); 304 return call_user_func_array( 'map_meta_cap', $args ); 305 } 306 $post_author_data = get_userdata( $post->post_author ); 306 307 //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br />"; 307 308 // If the user is the author... 308 if ( $user_id == $post_author_data->ID) {309 if ( $user_id == $post_author_data->ID ) { 309 310 // If the post is published... 310 if ( $post->post_status == 'publish')311 if ( 'publish' == $post->post_status ) 311 312 $caps[] = 'delete_published_posts'; 312 313 else … … 317 318 $caps[] = 'delete_others_posts'; 318 319 // The post is published, extra cap required. 319 if ( $post->post_status == 'publish')320 if ( 'publish' == $post->post_status ) 320 321 $caps[] = 'delete_published_posts'; 321 else if ($post->post_status == 'private')322 elseif ( 'private' == $post->post_status ) 322 323 $caps[] = 'delete_private_posts'; 323 324 } 324 325 break; 325 326 case 'delete_page': 326 $author_data = get_userdata( $user_id);327 $author_data = get_userdata( $user_id ); 327 328 //echo "post ID: {$args[0]}<br />"; 328 $page = get_page( $args[0]);329 $page_author_data = get_userdata( $page->post_author);329 $page = get_page( $args[0] ); 330 $page_author_data = get_userdata( $page->post_author ); 330 331 //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />"; 331 332 // If the user is the author... 332 if ( $user_id == $page_author_data->ID) {333 if ( $user_id == $page_author_data->ID ) { 333 334 // If the page is published... 334 if ( $page->post_status == 'publish')335 if ( $page->post_status == 'publish' ) 335 336 $caps[] = 'delete_published_pages'; 336 337 else … … 341 342 $caps[] = 'delete_others_pages'; 342 343 // The page is published, extra cap required. 343 if ( $page->post_status == 'publish')344 if ( $page->post_status == 'publish' ) 344 345 $caps[] = 'delete_published_pages'; 345 else if ($page->post_status == 'private')346 elseif ( $page->post_status == 'private' ) 346 347 $caps[] = 'delete_private_pages'; 347 348 } … … 350 351 // edit_others_posts 351 352 case 'edit_post': 352 $author_data = get_userdata( $user_id);353 $author_data = get_userdata( $user_id ); 353 354 //echo "post ID: {$args[0]}<br />"; 354 $post = get_post( $args[0]);355 $post = get_post( $args[0] ); 355 356 if ( 'page' == $post->post_type ) { 356 $args = array_merge( array('edit_page', $user_id), $args);357 return call_user_func_array( 'map_meta_cap', $args);358 } 359 $post_author_data = get_userdata( $post->post_author);357 $args = array_merge( array( 'edit_page', $user_id ), $args ); 358 return call_user_func_array( 'map_meta_cap', $args ); 359 } 360 $post_author_data = get_userdata( $post->post_author ); 360 361 //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br />"; 361 362 // If the user is the author... 362 if ( $user_id == $post_author_data->ID) {363 if ( $user_id == $post_author_data->ID ) { 363 364 // If the post is published... 364 if ( $post->post_status == 'publish')365 if ( 'publish' == $post->post_status ) 365 366 $caps[] = 'edit_published_posts'; 366 367 else … … 371 372 $caps[] = 'edit_others_posts'; 372 373 // The post is published, extra cap required. 373 if ( $post->post_status == 'publish')374 if ( 'publish' == $post->post_status ) 374 375 $caps[] = 'edit_published_posts'; 375 else if ($post->post_status == 'private')376 elseif ( 'private' == $post->post_status ) 376 377 $caps[] = 'edit_private_posts'; 377 378 } 378 379 break; 379 380 case 'edit_page': 380 $author_data = get_userdata( $user_id);381 $author_data = get_userdata( $user_id ); 381 382 //echo "post ID: {$args[0]}<br />"; 382 $page = get_page( $args[0]);383 $page_author_data = get_userdata( $page->post_author);383 $page = get_page( $args[0] ); 384 $page_author_data = get_userdata( $page->post_author ); 384 385 //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />"; 385 386 // If the user is the author... 386 if ( $user_id == $page_author_data->ID) {387 if ( $user_id == $page_author_data->ID ) { 387 388 // If the page is published... 388 if ( $page->post_status == 'publish')389 if ( 'publish' == $page->post_status ) 389 390 $caps[] = 'edit_published_pages'; 390 391 else … … 395 396 $caps[] = 'edit_others_pages'; 396 397 // The page is published, extra cap required. 397 if ( $page->post_status == 'publish')398 if ( 'publish' == $page->post_status ) 398 399 $caps[] = 'edit_published_pages'; 399 else if ($page->post_status == 'private')400 elseif ( 'private' == $page->post_status ) 400 401 $caps[] = 'edit_private_pages'; 401 402 } 402 403 break; 403 404 case 'read_post': 404 $post = get_post( $args[0]);405 $post = get_post( $args[0] ); 405 406 if ( 'page' == $post->post_type ) { 406 $args = array_merge( array('read_page', $user_id), $args);407 return call_user_func_array( 'map_meta_cap', $args);407 $args = array_merge( array( 'read_page', $user_id ), $args ); 408 return call_user_func_array( 'map_meta_cap', $args ); 408 409 } 409 410 … … 413 414 } 414 415 415 $author_data = get_userdata( $user_id);416 $post_author_data = get_userdata( $post->post_author);417 if ( $user_id == $post_author_data->ID)416 $author_data = get_userdata( $user_id ); 417 $post_author_data = get_userdata( $post->post_author ); 418 if ( $user_id == $post_author_data->ID ) 418 419 $caps[] = 'read'; 419 420 else … … 421 422 break; 422 423 case 'read_page': 423 $page = get_page( $args[0]);424 $page = get_page( $args[0] ); 424 425 425 426 if ( 'private' != $page->post_status ) { … … 428 429 } 429 430 430 $author_data = get_userdata( $user_id);431 $page_author_data = get_userdata( $page->post_author);432 if ( $user_id == $page_author_data->ID)431 $author_data = get_userdata( $user_id ); 432 $page_author_data = get_userdata( $page->post_author ); 433 if ( $user_id == $page_author_data->ID ) 433 434 $caps[] = 'read'; 434 435 else … … 444 445 445 446 // Capability checking wrapper around the global $current_user object. 446 function current_user_can( $capability) {447 function current_user_can( $capability ) { 447 448 $current_user = wp_get_current_user(); 448 449 449 if ( empty( $current_user) )450 if ( empty( $current_user ) ) 450 451 return false; 451 452 452 $args = array_slice( func_get_args(), 1);453 $args = array_merge( array($capability), $args);454 455 return call_user_func_array( array(&$current_user, 'has_cap'), $args);453 $args = array_slice( func_get_args(), 1 ); 454 $args = array_merge( array( $capability ), $args ); 455 456 return call_user_func_array( array( &$current_user, 'has_cap' ), $args ); 456 457 } 457 458 458 459 // Convenience wrappers around $wp_roles. 459 function get_role( $role) {460 function get_role( $role ) { 460 461 global $wp_roles; 461 462 462 if ( ! isset( $wp_roles) )463 if ( ! isset( $wp_roles ) ) 463 464 $wp_roles = new WP_Roles(); 464 465 465 return $wp_roles->get_role( $role);466 } 467 468 function add_role( $role, $display_name, $capabilities = array()) {466 return $wp_roles->get_role( $role ); 467 } 468 469 function add_role( $role, $display_name, $capabilities = array() ) { 469 470 global $wp_roles; 470 471 471 if ( ! isset( $wp_roles) )472 if ( ! isset( $wp_roles ) ) 472 473 $wp_roles = new WP_Roles(); 473 474 474 return $wp_roles->add_role( $role, $display_name, $capabilities);475 } 476 477 function remove_role( $role) {475 return $wp_roles->add_role( $role, $display_name, $capabilities ); 476 } 477 478 function remove_role( $role ) { 478 479 global $wp_roles; 479 480 480 if ( ! isset( $wp_roles) )481 if ( ! isset( $wp_roles ) ) 481 482 $wp_roles = new WP_Roles(); 482 483 483 return $wp_roles->remove_role( $role);484 return $wp_roles->remove_role( $role ); 484 485 } 485 486
Note: See TracChangeset
for help on using the changeset viewer.