WordPress 3.0 beta 1 documentation kindly provided to you by Hay Kranen
WordPress 3.0 beta 1 documentation kindly provided to you by Hay Kranen
| [ Index ] |
PHP Cross Reference of WordPress 3.0 beta 1 |
|
| [ Index ] [ Variables ] [ Functions ] [ Classes ] [ Constants ] [ Statistics ] | ||
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * WordPress Roles and Capabilities. 4 * 5 * @package WordPress 6 * @subpackage User 7 */ 8 9 /** 10 * WordPress User Roles. 11 * 12 * The role option is simple, the structure is organized by role name that store 13 * the name in value of the 'name' key. The capabilities are stored as an array 14 * in the value of the 'capability' key. 15 * 16 * <code> 17 * array ( 18 * 'rolename' => array ( 19 * 'name' => 'rolename', 20 * 'capabilities' => array() 21 * ) 22 * ) 23 * </code> 24 * 25 * @since 2.0.0 26 * @package WordPress 27 * @subpackage User 28 */ 29 class WP_Roles { 30 /** 31 * List of roles and capabilities. 32 * 33 * @since 2.0.0 34 * @access public 35 * @var array 36 */ 37 var $roles; 38 39 /** 40 * List of the role objects. 41 * 42 * @since 2.0.0 43 * @access public 44 * @var array 45 */ 46 var $role_objects = array(); 47 48 /** 49 * List of role names. 50 * 51 * @since 2.0.0 52 * @access public 53 * @var array 54 */ 55 var $role_names = array(); 56 57 /** 58 * Option name for storing role list. 59 * 60 * @since 2.0.0 61 * @access public 62 * @var string 63 */ 64 var $role_key; 65 66 /** 67 * Whether to use the database for retrieval and storage. 68 * 69 * @since 2.1.0 70 * @access public 71 * @var bool 72 */ 73 var $use_db = true; 74 75 /** 76 * PHP4 Constructor - Call {@link WP_Roles::_init()} method. 77 * 78 * @since 2.0.0 79 * @access public 80 * 81 * @return WP_Roles 82 */ 83 function WP_Roles() { 84 $this->_init(); 85 } 86 87 /** 88 * Set up the object properties. 89 * 90 * The role key is set to the current prefix for the $wpdb object with 91 * 'user_roles' appended. If the $wp_user_roles global is set, then it will 92 * be used and the role option will not be updated or used. 93 * 94 * @since 2.1.0 95 * @access protected 96 * @uses $wpdb Used to get the database prefix. 97 * @global array $wp_user_roles Used to set the 'roles' property value. 98 */ 99 function _init () { 100 global $wpdb, $wp_user_roles; 101 $this->role_key = $wpdb->prefix . 'user_roles'; 102 if ( ! empty( $wp_user_roles ) ) { 103 $this->roles = $wp_user_roles; 104 $this->use_db = false; 105 } else { 106 $this->roles = get_option( $this->role_key ); 107 } 108 109 if ( empty( $this->roles ) ) 110 return; 111 112 $this->role_objects = array(); 113 $this->role_names = array(); 114 foreach ( (array) $this->roles as $role => $data ) { 115 $this->role_objects[$role] = new WP_Role( $role, $this->roles[$role]['capabilities'] ); 116 $this->role_names[$role] = $this->roles[$role]['name']; 117 } 118 } 119 120 /** 121 * Add role name with capabilities to list. 122 * 123 * Updates the list of roles, if the role doesn't already exist. 124 * 125 * The capabilities are defined in the following format `array( 'read' => true );` 126 * To explicitly deny a role a capability you set the value for that capability to false. 127 * 128 * @since 2.0.0 129 * @access public 130 * 131 * @param string $role Role name. 132 * @param string $display_name Role display name. 133 * @param array $capabilities List of role capabilities in the above format. 134 * @return null|WP_Role WP_Role object if role is added, null if already exists. 135 */ 136 function add_role( $role, $display_name, $capabilities = array() ) { 137 if ( isset( $this->roles[$role] ) ) 138 return; 139 140 $this->roles[$role] = array( 141 'name' => $display_name, 142 'capabilities' => $capabilities 143 ); 144 if ( $this->use_db ) 145 update_option( $this->role_key, $this->roles ); 146 $this->role_objects[$role] = new WP_Role( $role, $capabilities ); 147 $this->role_names[$role] = $display_name; 148 return $this->role_objects[$role]; 149 } 150 151 /** 152 * Remove role by name. 153 * 154 * @since 2.0.0 155 * @access public 156 * 157 * @param string $role Role name. 158 */ 159 function remove_role( $role ) { 160 if ( ! isset( $this->role_objects[$role] ) ) 161 return; 162 163 unset( $this->role_objects[$role] ); 164 unset( $this->role_names[$role] ); 165 unset( $this->roles[$role] ); 166 167 if ( $this->use_db ) 168 update_option( $this->role_key, $this->roles ); 169 } 170 171 /** 172 * Add capability to role. 173 * 174 * @since 2.0.0 175 * @access public 176 * 177 * @param string $role Role name. 178 * @param string $cap Capability name. 179 * @param bool $grant Optional, default is true. Whether role is capable of performing capability. 180 */ 181 function add_cap( $role, $cap, $grant = true ) { 182 $this->roles[$role]['capabilities'][$cap] = $grant; 183 if ( $this->use_db ) 184 update_option( $this->role_key, $this->roles ); 185 } 186 187 /** 188 * Remove capability from role. 189 * 190 * @since 2.0.0 191 * @access public 192 * 193 * @param string $role Role name. 194 * @param string $cap Capability name. 195 */ 196 function remove_cap( $role, $cap ) { 197 unset( $this->roles[$role]['capabilities'][$cap] ); 198 if ( $this->use_db ) 199 update_option( $this->role_key, $this->roles ); 200 } 201 202 /** 203 * Retrieve role object by name. 204 * 205 * @since 2.0.0 206 * @access public 207 * 208 * @param string $role Role name. 209 * @return object|null Null, if role does not exist. WP_Role object, if found. 210 */ 211 function &get_role( $role ) { 212 if ( isset( $this->role_objects[$role] ) ) 213 return $this->role_objects[$role]; 214 else 215 return null; 216 } 217 218 /** 219 * Retrieve list of role names. 220 * 221 * @since 2.0.0 222 * @access public 223 * 224 * @return array List of role names. 225 */ 226 function get_names() { 227 return $this->role_names; 228 } 229 230 /** 231 * Whether role name is currently in the list of available roles. 232 * 233 * @since 2.0.0 234 * @access public 235 * 236 * @param string $role Role name to look up. 237 * @return bool 238 */ 239 function is_role( $role ) 240 { 241 return isset( $this->role_names[$role] ); 242 } 243 } 244 245 /** 246 * WordPress Role class. 247 * 248 * @since 2.0.0 249 * @package WordPress 250 * @subpackage User 251 */ 252 class WP_Role { 253 /** 254 * Role name. 255 * 256 * @since 2.0.0 257 * @access public 258 * @var string 259 */ 260 var $name; 261 262 /** 263 * List of capabilities the role contains. 264 * 265 * @since 2.0.0 266 * @access public 267 * @var array 268 */ 269 var $capabilities; 270 271 /** 272 * PHP4 Constructor - Set up object properties. 273 * 274 * The list of capabilities, must have the key as the name of the capability 275 * and the value a boolean of whether it is granted to the role. 276 * 277 * @since 2.0.0 278 * @access public 279 * 280 * @param string $role Role name. 281 * @param array $capabilities List of capabilities. 282 * @return WP_Role 283 */ 284 function WP_Role( $role, $capabilities ) { 285 $this->name = $role; 286 $this->capabilities = $capabilities; 287 } 288 289 /** 290 * Assign role a capability. 291 * 292 * @see WP_Roles::add_cap() Method uses implementation for role. 293 * @since 2.0.0 294 * @access public 295 * 296 * @param string $cap Capability name. 297 * @param bool $grant Whether role has capability privilege. 298 */ 299 function add_cap( $cap, $grant = true ) { 300 global $wp_roles; 301 302 if ( ! isset( $wp_roles ) ) 303 $wp_roles = new WP_Roles(); 304 305 $this->capabilities[$cap] = $grant; 306 $wp_roles->add_cap( $this->name, $cap, $grant ); 307 } 308 309 /** 310 * Remove capability from role. 311 * 312 * This is a container for {@link WP_Roles::remove_cap()} to remove the 313 * capability from the role. That is to say, that {@link 314 * WP_Roles::remove_cap()} implements the functionality, but it also makes 315 * sense to use this class, because you don't need to enter the role name. 316 * 317 * @since 2.0.0 318 * @access public 319 * 320 * @param string $cap Capability name. 321 */ 322 function remove_cap( $cap ) { 323 global $wp_roles; 324 325 if ( ! isset( $wp_roles ) ) 326 $wp_roles = new WP_Roles(); 327 328 unset( $this->capabilities[$cap] ); 329 $wp_roles->remove_cap( $this->name, $cap ); 330 } 331 332 /** 333 * Whether role has capability. 334 * 335 * The capabilities is passed through the 'role_has_cap' filter. The first 336 * parameter for the hook is the list of capabilities the class has 337 * assigned. The second parameter is the capability name to look for. The 338 * third and final parameter for the hook is the role name. 339 * 340 * @since 2.0.0 341 * @access public 342 * 343 * @param string $cap Capability name. 344 * @return bool True, if user has capability. False, if doesn't have capability. 345 */ 346 function has_cap( $cap ) { 347 $capabilities = apply_filters( 'role_has_cap', $this->capabilities, $cap, $this->name ); 348 if ( !empty( $capabilities[$cap] ) ) 349 return $capabilities[$cap]; 350 else 351 return false; 352 } 353 354 } 355 356 /** 357 * WordPress User class. 358 * 359 * @since 2.0.0 360 * @package WordPress 361 * @subpackage User 362 */ 363 class WP_User { 364 /** 365 * User data container. 366 * 367 * This will be set as properties of the object. 368 * 369 * @since 2.0.0 370 * @access private 371 * @var array 372 */ 373 var $data; 374 375 /** 376 * The user's ID. 377 * 378 * @since 2.1.0 379 * @access public 380 * @var int 381 */ 382 var $ID = 0; 383 384 /** 385 * The deprecated user's ID. 386 * 387 * @since 2.0.0 388 * @access public 389 * @deprecated Use WP_User::$ID 390 * @see WP_User::$ID 391 * @var int 392 */ 393 var $id = 0; 394 395 /** 396 * The individual capabilities the user has been given. 397 * 398 * @since 2.0.0 399 * @access public 400 * @var array 401 */ 402 var $caps = array(); 403 404 /** 405 * User metadata option name. 406 * 407 * @since 2.0.0 408 * @access public 409 * @var string 410 */ 411 var $cap_key; 412 413 /** 414 * The roles the user is part of. 415 * 416 * @since 2.0.0 417 * @access public 418 * @var array 419 */ 420 var $roles = array(); 421 422 /** 423 * All capabilities the user has, including individual and role based. 424 * 425 * @since 2.0.0 426 * @access public 427 * @var array 428 */ 429 var $allcaps = array(); 430 431 /** 432 * First name of the user. 433 * 434 * Created to prevent notices. 435 * 436 * @since 2.7.0 437 * @access public 438 * @var string 439 */ 440 var $first_name = ''; 441 442 /** 443 * Last name of the user. 444 * 445 * Created to prevent notices. 446 * 447 * @since 2.7.0 448 * @access public 449 * @var string 450 */ 451 var $last_name = ''; 452 453 /** 454 * The filter context applied to user data fields. 455 * 456 * @since 2.9.0 457 * @access private 458 * @var string 459 */ 460 var $filter = null; 461 462 /** 463 * PHP4 Constructor - Sets up the object properties. 464 * 465 * Retrieves the userdata and then assigns all of the data keys to direct 466 * properties of the object. Calls {@link WP_User::_init_caps()} after 467 * setting up the object's user data properties. 468 * 469 * @since 2.0.0 470 * @access public 471 * 472 * @param int|string $id User's ID or username 473 * @param int $name Optional. User's username 474 * @return WP_User 475 */ 476 function WP_User( $id, $name = '' ) { 477 478 if ( empty( $id ) && empty( $name ) ) 479 return; 480 481 if ( ! is_numeric( $id ) ) { 482 $name = $id; 483 $id = 0; 484 } 485 486 if ( ! empty( $id ) ) 487 $this->data = get_userdata( $id ); 488 else 489 $this->data = get_userdatabylogin( $name ); 490 491 if ( empty( $this->data->ID ) ) 492 return; 493 494 foreach ( get_object_vars( $this->data ) as $key => $value ) { 495 $this->{$key} = $value; 496 } 497 498 $this->id = $this->ID; 499 $this->_init_caps(); 500 } 501 502 /** 503 * Set up capability object properties. 504 * 505 * Will set the value for the 'cap_key' property to current database table 506 * prefix, followed by 'capabilities'. Will then check to see if the 507 * property matching the 'cap_key' exists and is an array. If so, it will be 508 * used. 509 * 510 * @since 2.1.0 511 * 512 * @param string $cap_key Optional capability key 513 * @access protected 514 */ 515 function _init_caps( $cap_key = '' ) { 516 global $wpdb; 517 if ( empty($cap_key) ) 518 $this->cap_key = $wpdb->prefix . 'capabilities'; 519 else 520 $this->cap_key = $cap_key; 521 $this->caps = &$this->{$this->cap_key}; 522 if ( ! is_array( $this->caps ) ) 523 $this->caps = array(); 524 $this->get_role_caps(); 525 } 526 527 /** 528 * Retrieve all of the role capabilities and merge with individual capabilities. 529 * 530 * All of the capabilities of the roles the user belongs to are merged with 531 * the users individual roles. This also means that the user can be denied 532 * specific roles that their role might have, but the specific user isn't 533 * granted permission to. 534 * 535 * @since 2.0.0 536 * @uses $wp_roles 537 * @access public 538 */ 539 function get_role_caps() { 540 global $wp_roles; 541 542 if ( ! isset( $wp_roles ) ) 543 $wp_roles = new WP_Roles(); 544 545 //Filter out caps that are not role names and assign to $this->roles 546 if ( is_array( $this->caps ) ) 547 $this->roles = array_filter( array_keys( $this->caps ), array( &$wp_roles, 'is_role' ) ); 548 549 //Build $allcaps from role caps, overlay user's $caps 550 $this->allcaps = array(); 551 foreach ( (array) $this->roles as $role ) { 552 $the_role =& $wp_roles->get_role( $role ); 553 $this->allcaps = array_merge( (array) $this->allcaps, (array) $the_role->capabilities ); 554 } 555 $this->allcaps = array_merge( (array) $this->allcaps, (array) $this->caps ); 556 } 557 558 /** 559 * Add role to user. 560 * 561 * Updates the user's meta data option with capabilities and roles. 562 * 563 * @since 2.0.0 564 * @access public 565 * 566 * @param string $role Role name. 567 */ 568 function add_role( $role ) { 569 $this->caps[$role] = true; 570 update_user_meta( $this->ID, $this->cap_key, $this->caps ); 571 $this->get_role_caps(); 572 $this->update_user_level_from_caps(); 573 } 574 575 /** 576 * Remove role from user. 577 * 578 * @since 2.0.0 579 * @access public 580 * 581 * @param string $role Role name. 582 */ 583 function remove_role( $role ) { 584 if ( !in_array($role, $this->roles) ) 585 return; 586 unset( $this->caps[$role] ); 587 update_user_meta( $this->ID, $this->cap_key, $this->caps ); 588 $this->get_role_caps(); 589 $this->update_user_level_from_caps(); 590 } 591 592 /** 593 * Set the role of the user. 594 * 595 * This will remove the previous roles of the user and assign the user the 596 * new one. You can set the role to an empty string and it will remove all 597 * of the roles from the user. 598 * 599 * @since 2.0.0 600 * @access public 601 * 602 * @param string $role Role name. 603 */ 604 function set_role( $role ) { 605 foreach ( (array) $this->roles as $oldrole ) 606 unset( $this->caps[$oldrole] ); 607 if ( !empty( $role ) ) { 608 $this->caps[$role] = true; 609 $this->roles = array( $role => true ); 610 } else { 611 $this->roles = false; 612 } 613 update_user_meta( $this->ID, $this->cap_key, $this->caps ); 614 $this->get_role_caps(); 615 $this->update_user_level_from_caps(); 616 do_action( 'set_user_role', $this->ID, $role ); 617 } 618 619 /** 620 * Choose the maximum level the user has. 621 * 622 * Will compare the level from the $item parameter against the $max 623 * parameter. If the item is incorrect, then just the $max parameter value 624 * will be returned. 625 * 626 * Used to get the max level based on the capabilities the user has. This 627 * is also based on roles, so if the user is assigned the Administrator role 628 * then the capability 'level_10' will exist and the user will get that 629 * value. 630 * 631 * @since 2.0.0 632 * @access public 633 * 634 * @param int $max Max level of user. 635 * @param string $item Level capability name. 636 * @return int Max Level. 637 */ 638 function level_reduction( $max, $item ) { 639 if ( preg_match( '/^level_(10|[0-9])$/i', $item, $matches ) ) { 640 $level = intval( $matches[1] ); 641 return max( $max, $level ); 642 } else { 643 return $max; 644 } 645 } 646 647 /** 648 * Update the maximum user level for the user. 649 * 650 * Updates the 'user_level' user metadata (includes prefix that is the 651 * database table prefix) with the maximum user level. Gets the value from 652 * the all of the capabilities that the user has. 653 * 654 * @since 2.0.0 655 * @access public 656 */ 657 function update_user_level_from_caps() { 658 global $wpdb; 659 $this->user_level = array_reduce( array_keys( $this->allcaps ), array( &$this, 'level_reduction' ), 0 ); 660 update_user_meta( $this->ID, $wpdb->prefix . 'user_level', $this->user_level ); 661 } 662 663 /** 664 * Add capability and grant or deny access to capability. 665 * 666 * @since 2.0.0 667 * @access public 668 * 669 * @param string $cap Capability name. 670 * @param bool $grant Whether to grant capability to user. 671 */ 672 function add_cap( $cap, $grant = true ) { 673 $this->caps[$cap] = $grant; 674 update_user_meta( $this->ID, $this->cap_key, $this->caps ); 675 } 676 677 /** 678 * Remove capability from user. 679 * 680 * @since 2.0.0 681 * @access public 682 * 683 * @param string $cap Capability name. 684 */ 685 function remove_cap( $cap ) { 686 if ( empty( $this->caps[$cap] ) ) 687 return; 688 unset( $this->caps[$cap] ); 689 update_user_meta( $this->ID, $this->cap_key, $this->caps ); 690 } 691 692 /** 693 * Remove all of the capabilities of the user. 694 * 695 * @since 2.1.0 696 * @access public 697 */ 698 function remove_all_caps() { 699 global $wpdb; 700 $this->caps = array(); 701 delete_user_meta( $this->ID, $this->cap_key ); 702 delete_user_meta( $this->ID, $wpdb->prefix . 'user_level' ); 703 $this->get_role_caps(); 704 } 705 706 /** 707 * Whether user has capability or role name. 708 * 709 * This is useful for looking up whether the user has a specific role 710 * assigned to the user. The second optional parameter can also be used to 711 * check for capabilities against a specfic post. 712 * 713 * @since 2.0.0 714 * @access public 715 * 716 * @param string|int $cap Capability or role name to search. 717 * @param int $post_id Optional. Post ID to check capability against specific post. 718 * @return bool True, if user has capability; false, if user does not have capability. 719 */ 720 function has_cap( $cap ) { 721 if ( is_numeric( $cap ) ) { 722 _deprecated_argument( __FUNCTION__, '2.0', __('Usage of user levels by plugins and themes is deprecated. Use roles and capabilities instead.') ); 723 $cap = $this->translate_level_to_cap( $cap ); 724 } 725 726 $args = array_slice( func_get_args(), 1 ); 727 $args = array_merge( array( $cap, $this->ID ), $args ); 728 $caps = call_user_func_array( 'map_meta_cap', $args ); 729 730 // Multisite super admin has all caps by definition, Unless specifically denied. 731 if ( is_multisite() && is_super_admin() ) { 732 if ( in_array('do_not_allow', $caps) ) 733 return false; 734 return true; 735 } 736 737 // Must have ALL requested caps 738 $capabilities = apply_filters( 'user_has_cap', $this->allcaps, $caps, $args ); 739 foreach ( (array) $caps as $cap ) { 740 //echo "Checking cap $cap<br />"; 741 if ( empty( $capabilities[$cap] ) || !$capabilities[$cap] ) 742 return false; 743 } 744 745 return true; 746 } 747 748 /** 749 * Convert numeric level to level capability name. 750 * 751 * Prepends 'level_' to level number. 752 * 753 * @since 2.0.0 754 * @access public 755 * 756 * @param int $level Level number, 1 to 10. 757 * @return string 758 */ 759 function translate_level_to_cap( $level ) { 760 return 'level_' . $level; 761 } 762 763 /** 764 * Set the blog to operate on. Defaults to the current blog. 765 * 766 * @since 3.0.0 767 * 768 * @param int $blog_id Optional Blog ID, defaults to current blog. 769 */ 770 function for_blog( $blog_id = '' ) { 771 global $wpdb; 772 if ( ! empty( $blog_id ) ) 773 $cap_key = $wpdb->get_blog_prefix( $blog_id ) . 'capabilities'; 774 else 775 $cap_key = ''; 776 $this->_init_caps( $cap_key ); 777 } 778 } 779 780 /** 781 * Map meta capabilities to primitive capabilities. 782 * 783 * This does not actually compare whether the user ID has the actual capability, 784 * just what the capability or capabilities are. Meta capability list value can 785 * be 'delete_user', 'edit_user', 'delete_post', 'delete_page', 'edit_post', 786 * 'edit_page', 'read_post', or 'read_page'. 787 * 788 * @since 2.0.0 789 * 790 * @param string $cap Capability name. 791 * @param int $user_id User ID. 792 * @return array Actual capabilities for meta capability. 793 */ 794 function map_meta_cap( $cap, $user_id ) { 795 $args = array_slice( func_get_args(), 2 ); 796 $caps = array(); 797 798 switch ( $cap ) { 799 case 'delete_user': 800 $caps[] = 'delete_users'; 801 break; 802 case 'edit_user': 803 if ( !isset( $args[0] ) || $user_id != $args[0] ) { 804 $caps[] = 'edit_users'; 805 } 806 break; 807 case 'delete_post': 808 $author_data = get_userdata( $user_id ); 809 //echo "post ID: {$args[0]}<br />"; 810 $post = get_post( $args[0] ); 811 $post_type = get_post_type_object( $post->post_type ); 812 if ( $post_type && 'post' != $post_type->capability_type ) { 813 $args = array_merge( array( $post_type->delete_cap, $user_id ), $args ); 814 return call_user_func_array( 'map_meta_cap', $args ); 815 } 816 817 if ( '' != $post->post_author ) { 818 $post_author_data = get_userdata( $post->post_author ); 819 } else { 820 //No author set yet so default to current user for cap checks 821 $post_author_data = $author_data; 822 } 823 824 // If the user is the author... 825 if ( $user_id == $post_author_data->ID ) { 826 // If the post is published... 827 if ( 'publish' == $post->post_status ) { 828 $caps[] = 'delete_published_posts'; 829 } elseif ( 'trash' == $post->post_status ) { 830 if ('publish' == get_post_meta($post->ID, '_wp_trash_meta_status', true) ) 831 $caps[] = 'delete_published_posts'; 832 } else { 833 // If the post is draft... 834 $caps[] = 'delete_posts'; 835 } 836 } else { 837 // The user is trying to edit someone else's post. 838 $caps[] = 'delete_others_posts'; 839 // The post is published, extra cap required. 840 if ( 'publish' == $post->post_status ) 841 $caps[] = 'delete_published_posts'; 842 elseif ( 'private' == $post->post_status ) 843 $caps[] = 'delete_private_posts'; 844 } 845 break; 846 case 'delete_page': 847 $author_data = get_userdata( $user_id ); 848 //echo "post ID: {$args[0]}<br />"; 849 $page = get_page( $args[0] ); 850 $page_author_data = get_userdata( $page->post_author ); 851 //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />"; 852 // If the user is the author... 853 854 if ('' != $page->post_author) { 855 $page_author_data = get_userdata( $page->post_author ); 856 } else { 857 //No author set yet so default to current user for cap checks 858 $page_author_data = $author_data; 859 } 860 861 if ( $user_id == $page_author_data->ID ) { 862 // If the page is published... 863 if ( $page->post_status == 'publish' ) { 864 $caps[] = 'delete_published_pages'; 865 } elseif ( 'trash' == $page->post_status ) { 866 if ('publish' == get_post_meta($page->ID, '_wp_trash_meta_status', true) ) 867 $caps[] = 'delete_published_pages'; 868 } else { 869 // If the page is draft... 870 $caps[] = 'delete_pages'; 871 } 872 } else { 873 // The user is trying to edit someone else's page. 874 $caps[] = 'delete_others_pages'; 875 // The page is published, extra cap required. 876 if ( $page->post_status == 'publish' ) 877 $caps[] = 'delete_published_pages'; 878 elseif ( $page->post_status == 'private' ) 879 $caps[] = 'delete_private_pages'; 880 } 881 break; 882 // edit_post breaks down to edit_posts, edit_published_posts, or 883 // edit_others_posts 884 case 'edit_post': 885 $author_data = get_userdata( $user_id ); 886 //echo "post ID: {$args[0]}<br />"; 887 $post = get_post( $args[0] ); 888 $post_type = get_post_type_object( $post->post_type ); 889 if ( $post_type && 'post' != $post_type->capability_type ) { 890 $args = array_merge( array( $post_type->edit_cap, $user_id ), $args ); 891 return call_user_func_array( 'map_meta_cap', $args ); 892 } 893 $post_author_data = get_userdata( $post->post_author ); 894 //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br />"; 895 // If the user is the author... 896 if ( $user_id == $post_author_data->ID ) { 897 // If the post is published... 898 if ( 'publish' == $post->post_status ) { 899 $caps[] = 'edit_published_posts'; 900 } elseif ( 'trash' == $post->post_status ) { 901 if ('publish' == get_post_meta($post->ID, '_wp_trash_meta_status', true) ) 902 $caps[] = 'edit_published_posts'; 903 } else { 904 // If the post is draft... 905 $caps[] = 'edit_posts'; 906 } 907 } else { 908 // The user is trying to edit someone else's post. 909 $caps[] = 'edit_others_posts'; 910 // The post is published, extra cap required. 911 if ( 'publish' == $post->post_status ) 912 $caps[] = 'edit_published_posts'; 913 elseif ( 'private' == $post->post_status ) 914 $caps[] = 'edit_private_posts'; 915 } 916 break; 917 case 'edit_page': 918 $author_data = get_userdata( $user_id ); 919 //echo "post ID: {$args[0]}<br />"; 920 $page = get_page( $args[0] ); 921 $page_author_data = get_userdata( $page->post_author ); 922 //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />"; 923 // If the user is the author... 924 if ( $user_id == $page_author_data->ID ) { 925 // If the page is published... 926 if ( 'publish' == $page->post_status ) { 927 $caps[] = 'edit_published_pages'; 928 } elseif ( 'trash' == $page->post_status ) { 929 if ('publish' == get_post_meta($page->ID, '_wp_trash_meta_status', true) ) 930 $caps[] = 'edit_published_pages'; 931 } else { 932 // If the page is draft... 933 $caps[] = 'edit_pages'; 934 } 935 } else { 936 // The user is trying to edit someone else's page. 937 $caps[] = 'edit_others_pages'; 938 // The page is published, extra cap required. 939 if ( 'publish' == $page->post_status ) 940 $caps[] = 'edit_published_pages'; 941 elseif ( 'private' == $page->post_status ) 942 $caps[] = 'edit_private_pages'; 943 } 944 break; 945 case 'read_post': 946 $post = get_post( $args[0] ); 947 $post_type = get_post_type_object( $post->post_type ); 948 if ( $post_type && 'post' != $post_type->capability_type ) { 949 $args = array_merge( array( $post_type->read_cap, $user_id ), $args ); 950 return call_user_func_array( 'map_meta_cap', $args ); 951 } 952 953 if ( 'private' != $post->post_status ) { 954 $caps[] = 'read'; 955 break; 956 } 957 958 $author_data = get_userdata( $user_id ); 959 $post_author_data = get_userdata( $post->post_author ); 960 if ( $user_id == $post_author_data->ID ) 961 $caps[] = 'read'; 962 else 963 $caps[] = 'read_private_posts'; 964 break; 965 case 'read_page': 966 $page = get_page( $args[0] ); 967 968 if ( 'private' != $page->post_status ) { 969 $caps[] = 'read'; 970 break; 971 } 972 973 $author_data = get_userdata( $user_id ); 974 $page_author_data = get_userdata( $page->post_author ); 975 if ( $user_id == $page_author_data->ID ) 976 $caps[] = 'read'; 977 else 978 $caps[] = 'read_private_pages'; 979 break; 980 case 'unfiltered_upload': 981 if ( defined('ALLOW_UNFILTERED_UPLOADS') && ALLOW_UNFILTERED_UPLOADS && ( !is_multisite() || is_super_admin() ) ) 982 $caps[] = $cap; 983 else 984 $caps[] = 'do_not_allow'; 985 break; 986 case 'edit_plugins': 987 case 'edit_themes': 988 if ( defined('DISALLOW_FILE_EDIT') && DISALLOW_FILE_EDIT ) { 989 $caps[] = 'do_not_allow'; 990 break; 991 } 992 // Fall through if not DISALLOW_FILE_EDIT. 993 case 'unfiltered_html': 994 case 'update_plugins': 995 case 'delete_plugins': 996 case 'install_plugins': 997 case 'update_themes': 998 case 'delete_themes': 999 case 'install_themes': 1000 case 'update_core': 1001 case 'delete_user': 1002 case 'delete_users': 1003 // If multisite these caps are allowed only for super admins. 1004 if ( is_multisite() && !is_super_admin() ) 1005 $caps[] = 'do_not_allow'; 1006 else 1007 $caps[] = $cap; 1008 break; 1009 case 'create_users': 1010 if ( is_multisite() && !get_site_option( 'add_new_users' ) ) 1011 $caps[] = 'do_not_allow'; 1012 else 1013 $caps[] = $cap; 1014 break; 1015 default: 1016 // If no meta caps match, return the original cap. 1017 $caps[] = $cap; 1018 } 1019 1020 return apply_filters('map_meta_cap', $caps, $cap, $user_id, $args); 1021 } 1022 1023 /** 1024 * Whether current user has capability or role. 1025 * 1026 * @since 2.0.0 1027 * 1028 * @param string $capability Capability or role name. 1029 * @return bool 1030 */ 1031 function current_user_can( $capability ) { 1032 $current_user = wp_get_current_user(); 1033 1034 if ( empty( $current_user ) ) 1035 return false; 1036 1037 $args = array_slice( func_get_args(), 1 ); 1038 $args = array_merge( array( $capability ), $args ); 1039 1040 return call_user_func_array( array( &$current_user, 'has_cap' ), $args ); 1041 } 1042 1043 /** 1044 * Whether current user has a capability or role for a given blog. 1045 * 1046 * @since 2.0.0 1047 * 1048 * @param int $blog_id Blog ID 1049 * @param string $capability Capability or role name. 1050 * @return bool 1051 */ 1052 function current_user_can_for_blog( $blog_id, $capability ) { 1053 $current_user = wp_get_current_user(); 1054 1055 if ( is_multisite() && is_super_admin() ) 1056 return true; 1057 1058 if ( empty( $current_user ) ) 1059 return false; 1060 1061 // Create new object to avoid stomping the global current_user. 1062 $user = new WP_User( $current_user->id) ; 1063 1064 // Set the blog id. @todo add blog id arg to WP_User constructor? 1065 $user->for_blog( $blog_id ); 1066 1067 $args = array_slice( func_get_args(), 2 ); 1068 $args = array_merge( array( $capability ), $args ); 1069 1070 return call_user_func_array( array( &$user, 'has_cap' ), $args ); 1071 } 1072 1073 /** 1074 * Whether author of supplied post has capability or role. 1075 * 1076 * @since 2.9.0 1077 * 1078 * @param int|object $post Post ID or post object. 1079 * @param string $capability Capability or role name. 1080 * @return bool 1081 */ 1082 function author_can( $post, $capability ) { 1083 if ( !$post = get_post($post) ) 1084 return false; 1085 1086 $author = new WP_User( $post->post_author ); 1087 1088 if ( empty( $author ) ) 1089 return false; 1090 1091 $args = array_slice( func_get_args(), 2 ); 1092 $args = array_merge( array( $capability ), $args ); 1093 1094 return call_user_func_array( array( &$author, 'has_cap' ), $args ); 1095 } 1096 1097 /** 1098 * Retrieve role object. 1099 * 1100 * @see WP_Roles::get_role() Uses method to retrieve role object. 1101 * @since 2.0.0 1102 * 1103 * @param string $role Role name. 1104 * @return object 1105 */ 1106 function get_role( $role ) { 1107 global $wp_roles; 1108 1109 if ( ! isset( $wp_roles ) ) 1110 $wp_roles = new WP_Roles(); 1111 1112 return $wp_roles->get_role( $role ); 1113 } 1114 1115 /** 1116 * Add role, if it does not exist. 1117 * 1118 * @see WP_Roles::add_role() Uses method to add role. 1119 * @since 2.0.0 1120 * 1121 * @param string $role Role name. 1122 * @param string $display_name Display name for role. 1123 * @param array $capabilities List of capabilities. 1124 * @return null|WP_Role WP_Role object if role is added, null if already exists. 1125 */ 1126 function add_role( $role, $display_name, $capabilities = array() ) { 1127 global $wp_roles; 1128 1129 if ( ! isset( $wp_roles ) ) 1130 $wp_roles = new WP_Roles(); 1131 1132 return $wp_roles->add_role( $role, $display_name, $capabilities ); 1133 } 1134 1135 /** 1136 * Remove role, if it exists. 1137 * 1138 * @see WP_Roles::remove_role() Uses method to remove role. 1139 * @since 2.0.0 1140 * 1141 * @param string $role Role name. 1142 * @return null 1143 */ 1144 function remove_role( $role ) { 1145 global $wp_roles; 1146 1147 if ( ! isset( $wp_roles ) ) 1148 $wp_roles = new WP_Roles(); 1149 1150 return $wp_roles->remove_role( $role ); 1151 } 1152 1153 /** 1154 * Determine if user is a site admin. 1155 * 1156 * @since 3.0.0 1157 * 1158 * @param int $user_id (Optional) The ID of a user. Defaults to the current user. 1159 * @return bool True if the user is a site admin. 1160 */ 1161 function is_super_admin( $user_id = false ) { 1162 if ( ! $user_id ) { 1163 $current_user = wp_get_current_user(); 1164 $user_id = ! empty($current_user) ? $current_user->id : 0; 1165 } 1166 1167 if ( ! $user_id ) 1168 return false; 1169 1170 $user = new WP_User($user_id); 1171 1172 if ( is_multisite() ) { 1173 $site_admins = get_site_option( 'site_admins', array('admin') ); 1174 if ( is_array( $site_admins ) && in_array( $user->user_login, $site_admins ) ) 1175 return true; 1176 } else { 1177 if ( $user->has_cap('delete_users') ) 1178 return true; 1179 } 1180 1181 return false; 1182 } 1183 1184 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Mon Apr 5 14:26:09 2010 | Cross-referenced by PHPXref 0.7 |
