senaduka/old-experiments
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add gravity flow demo

Browse Source
This commit is contained in:
Almira Krdzic
2018-06-28 10:02:07 +02:00
parent 1b5076bf2f
commit 12a5066018
1106 changed files with 317603 additions and 4720 deletions
Download Patch File Download Diff File Expand all files Collapse all files

497
backend/wordpress/wp-content/plugins/view-admin-as/modules/class-caps.php Executable file
View File

@@ -0,0 +1,497 @@
<?php
/**
* View Admin As - User switcher
*
* @author Jory Hogeveen <info@keraweb.nl>
* @package View_Admin_As
*/
if ( ! defined( 'VIEW_ADMIN_AS_DIR' ) ) {
die();
}
/**
* User switcher view type.
*
* @author Jory Hogeveen <info@keraweb.nl>
* @package View_Admin_As
* @since 1.3 View type existed in core.
* @since 1.8 Created this class.
* @version 1.8
* @uses \VAA_View_Admin_As_Type Extends class
*/
class VAA_View_Admin_As_Caps extends VAA_View_Admin_As_Type
{
/**
* The single instance of the class.
*
* @since 1.8
* @static
* @var \VAA_View_Admin_As_Caps
*/
private static $_instance = null;
/**
* @since 1.8
* @var string
*/
protected $type = 'caps';
/**
* The icon for this view type.
*
* @since 1.8
* @var string
*/
protected $icon = 'dashicons-forms';
/**
* Populate the instance.
*
* @since 1.8
* @access protected
* @param \VAA_View_Admin_As $vaa The main VAA object.
*/
protected function __construct( $vaa ) {
self::$_instance = $this;
parent::__construct( $vaa );
if ( ! $this->has_access() ) {
return;
}
$this->priorities = array(
'toolbar' => 10,
'view_title' => 80,
'validate_view_data' => 10,
'update_view' => 10,
'do_view' => 8,
);
$this->label = __( 'Capabilities', VIEW_ADMIN_AS_DOMAIN );
$this->label_singular = __( 'Capability', VIEW_ADMIN_AS_DOMAIN );
}
/**
* Apply the user view.
*
* @since 1.8
* @access public
*/
public function do_view() {
if ( parent::do_view() ) {
$this->add_action( 'vaa_view_admin_as_modify_user', array( $this, 'modify_user' ), 2, 2 );
$this->init_user_modifications();
}
}
/**
* Modify the current user object.
*
* @since 1.3
* @param \WP_User $user The modified user object.
*/
public function modify_user( $user ) {
$view_data = $this->store->get_view( $this->type );
if ( is_array( $view_data ) ) {
// @since 1.6.3 Set the current user's caps (roles) to the current view.
$user->allcaps = array_merge(
(array) array_filter( $view_data ),
(array) $user->caps // Contains the current user roles.
);
// Set the selected capabilities.
$this->store->set_selectedCaps( $user->allcaps );
}
}
/**
* Change the VAA admin bar menu title.
*
* @since 1.8
* @access public
* @param array $titles The current title(s).
* @return array
*/
public function view_title( $titles = array() ) {
if ( $this->selected ) {
$titles[] = $this->label;
}
return $titles;
}
/**
* Validate data for this view type
*
* @since 1.7
* @since 1.8 Moved from VAA_View_Admin_As_Controller
* @access public
* @param null $null Default return (invalid)
* @param mixed $data The view data
* @return mixed
*/
public function validate_view_data( $null, $data = null ) {
// Caps data must be an array
if ( is_array( $data ) ) {
// The data is an array, most likely from the database.
$data = array_map( 'absint', $data );
// Sort the new caps the same way we sort the existing caps.
ksort( $data );
// Only allow assigned capabilities if it isn't a super admin.
if ( ! VAA_API::is_super_admin() ) {
$data = array_intersect_key( $data, $this->store->get_caps() );
}
// @since 1.7.4 Forbidden capabilities.
unset( $data['do_not_allow'] );
unset( $data['vaa_do_not_allow'] );
return $data;
}
return $null;
}
/**
* View update handler (Ajax probably), called from main handler.
*
* @since 1.8 Renamed from `ajax_handler`
* @access public
* @param null $null Null.
* @param array $data The ajax data for this module.
* @param string $type The view type.
* @return bool
*/
public function update_view( $null, $data, $type = null ) {
$success = $null;
if ( ! is_array( $data ) || $this->type !== $type ) {
return $success;
}
// Check if the selected caps are equal to the default caps.
if ( VAA_API::array_equal( $this->store->get_curUser()->allcaps, $data ) ) {
// The selected caps are equal to the current user default caps so we can reset the view.
$this->vaa->controller()->reset_view();
if ( $this->selected ) {
// The user was in a custom caps view.
$success = true; // and continue.
} else {
// The user was in his default view, notify the user.
$success = array(
'success' => false,
'data' => array(
'type' => 'message',
'text' => esc_html__( 'These are your default capabilities!', VIEW_ADMIN_AS_DOMAIN ),
),
);
}
} else {
// Store the selected caps.
$new_caps = array_map( 'absint', $data );
// Check if the new caps selection is different.
if ( VAA_API::array_equal( $this->selected, $new_caps ) ) {
$success = array(
'success' => false,
'data' => array(
'type' => 'message',
'text' => esc_html__( 'This view is already selected!', VIEW_ADMIN_AS_DOMAIN ),
),
);
} else {
$this->store->set_view( $data, $type, true );
$success = true;
}
}
return $success;
}
/**
* Add the admin bar items.
*
* @since 1.5
* @since 1.8 Moved from VAA_View_Admin_As_Admin_Bar.
* @access public
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The root item.
*/
public function admin_bar_menu( $admin_bar, $root ) {
static $done;
if ( $done ) return;
/**
* Make sure we have the latest added capabilities.
* It can be that a plugin/theme adds a capability after the initial call to store_caps (hook: 'plugins_loaded').
*
* @see \VAA_View_Admin_As::run()
* @since 1.4.1
*/
$this->store_data();
if ( ! $this->get_data() ) {
return;
}
/**
* Whether the capability manager should be loaded as a submenu from the title element or as a separate node below the title.
* Default: true.
* Useful if you have a plugin that adds another sub-node below the capability title.
*
* @since 1.7.5
* @return bool
*/
$title_submenu = (bool) apply_filters( 'vaa_admin_bar_caps_do_title_submenu', true );
$main_root = $root;
$root = $main_root . '-caps';
$admin_bar->add_group( array(
'id' => $root,
'parent' => $main_root,
'meta' => array(
'class' => 'ab-sub-secondary',
),
) );
$title_class = '';
if ( $title_submenu ) {
$title_class .= ( $this->selected ) ? ' current' : '';
} else {
$title_class .= ' ab-vaa-toggle active';
}
$admin_bar->add_node( array(
'id' => $root . '-title',
'parent' => $root,
'title' => VAA_View_Admin_As_Form::do_icon( $this->icon ) . $this->label,
'href' => false,
'meta' => array(
'class' => 'vaa-has-icon ab-vaa-title' . $title_class,
'tabindex' => '0',
),
) );
/**
* Add items at the beginning of the caps group.
*
* @since 1.5
* @see 'admin_bar_menu' action
* @link https://codex.wordpress.org/Class_Reference/WP_Admin_Bar
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The current root item.
* @param string $main_root The main root item.
*/
do_action( 'vaa_admin_bar_caps_before', $admin_bar, $root, $main_root );
if ( $title_submenu ) {
$admin_bar->add_group( array(
'id' => $root . '-manager',
'parent' => $root . '-title',
) );
} else {
$admin_bar->add_node( array(
'id' => $root . '-manager',
'parent' => $root,
'title' => __( 'Manager', VIEW_ADMIN_AS_DOMAIN ),
'href' => false,
'meta' => array(
'class' => ( $this->selected ) ? 'current' : '',
'tabindex' => '0',
),
) );
}
// Capabilities submenu.
$admin_bar->add_node( array(
'id' => $root . '-applycaps',
'parent' => $root . '-manager',
'title' => VAA_View_Admin_As_Form::do_button( array(
'name' => 'apply-caps-view',
'label' => __( 'Apply', VIEW_ADMIN_AS_DOMAIN ),
'class' => 'button-primary',
) )
. VAA_View_Admin_As_Form::do_button( array(
'name' => 'close-caps-popup',
'label' => VAA_View_Admin_As_Form::do_icon( 'dashicons-editor-contract' ),
'class' => 'button-secondary vaa-icon vaa-hide-responsive',
'element' => 'a',
) )
. VAA_View_Admin_As_Form::do_button( array(
'name' => 'open-caps-popup',
'label' => VAA_View_Admin_As_Form::do_icon( 'dashicons-editor-expand' ),
'class' => 'button-secondary vaa-icon vaa-hide-responsive',
'element' => 'a',
) ),
'href' => false,
'meta' => array(
'class' => 'vaa-button-container',
),
) );
/**
* Add items at the before of the caps selection options.
*
* @since 1.7
* @see 'admin_bar_menu' action
* @link https://codex.wordpress.org/Class_Reference/WP_Admin_Bar
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The current root item. ($root.'-manager')
* @param string $main_root The main root item.
*/
do_action( 'vaa_admin_bar_caps_manager_before', $admin_bar, $root . '-manager', $main_root );
$admin_bar->add_group( array(
'id' => $root . '-select',
'parent' => $root . '-manager',
) );
// Used in templates
$parent = $root . '-select';
/**
* Add items at the before of the caps actions.
*
* @since 1.7
* @see 'admin_bar_menu' action
* @link https://codex.wordpress.org/Class_Reference/WP_Admin_Bar
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $parent The current root item.
* @param string $main_root The main root item.
*/
do_action( 'vaa_admin_bar_caps_actions_before', $admin_bar, $parent, $main_root );
// Add caps actions.
include VIEW_ADMIN_AS_DIR . 'ui/templates/adminbar-caps-actions.php';
/**
* Add items at the after of the caps actions.
*
* @since 1.7
* @see 'admin_bar_menu' action
* @link https://codex.wordpress.org/Class_Reference/WP_Admin_Bar
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $parent The current root item.
* @param string $main_root The main root item.
*/
do_action( 'vaa_admin_bar_caps_actions_after', $admin_bar, $parent, $main_root );
// Add the caps.
include VIEW_ADMIN_AS_DIR . 'ui/templates/adminbar-caps-items.php';
/**
* Add items at the end of the caps group.
*
* @since 1.5
* @see 'admin_bar_menu' action
* @link https://codex.wordpress.org/Class_Reference/WP_Admin_Bar
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The current root item.
* @param string $main_root The main root item.
*/
do_action( 'vaa_admin_bar_caps_after', $admin_bar, $root, $main_root );
$done = true;
}
/**
* Store available capabilities.
*
* @since 1.4.1
* @since 1.6 Moved to this class from main class.
* @since 1.8 Moved from VAA_View_Admin_As_Store.
* @access public
* @return void
*/
public function store_data() {
// Get current user capabilities.
$caps = $this->store->get_originalUserData( 'allcaps' );
if ( empty( $caps ) ) {
// Fallback.
$caps = $this->store->get_curUser()->allcaps;
}
// Only allow to add capabilities for an admin (or super admin).
if ( VAA_API::is_super_admin() ) {
/**
* Add compatibility for other cap managers.
*
* @since 1.5
* @see \VAA_View_Admin_As_Compat->init()
* @param array $caps An empty array, waiting to be filled with capabilities.
* @return array
*/
$all_caps = apply_filters( 'view_admin_as_get_capabilities', array() );
$add_caps = array();
// Add new capabilities to the capability array as disabled.
foreach ( $all_caps as $cap_key => $cap_val ) {
if ( is_numeric( $cap_key ) ) {
// Try to convert numeric (faulty) keys.
$add_caps[ (string) $cap_val ] = 0;
} else {
$add_caps[ (string) $cap_key ] = 0;
}
}
$caps = array_merge( $add_caps, $caps );
} // End if().
// Remove role names.
$caps = array_diff_key( $caps, $this->store->get_roles() );
// And sort alphabetical.
ksort( $caps );
$this->set_data( $caps );
}
/**
* Set the view type data.
*
* @since 1.8
* @access public
* @param mixed $val
* @param string $key (optional) The data key.
* @param bool $append (optional) Append if it doesn't exist?
*/
public function set_data( $val, $key = null, $append = true ) {
$this->store->set_caps( $val, $key, $append );
}
/**
* Get the view type data.
*
* @since 1.8
* @access public
* @param string $key (optional) The data key.
* @return mixed
*/
public function get_data( $key = null ) {
return $this->store->get_caps( $key );
}
/**
* Main Instance.
*
* Ensures only one instance of this class is loaded or can be loaded.
*
* @since 1.8
* @access public
* @static
* @param \VAA_View_Admin_As $caller The referrer class.
* @return \VAA_View_Admin_As_Caps $this
*/
public static function get_instance( $caller = null ) {
if ( is_null( self::$_instance ) ) {
self::$_instance = new self( $caller );
}
return self::$_instance;
}
} // End class VAA_View_Admin_As_Caps.

663
backend/wordpress/wp-content/plugins/view-admin-as/modules/class-groups.php Executable file
View File

@@ -0,0 +1,663 @@
<?php
/**
* View Admin As - Groups plugin
*
* @author Jory Hogeveen <info@keraweb.nl>
* @package View_Admin_As
*/
if ( ! defined( 'VIEW_ADMIN_AS_DIR' ) ) {
die();
}
/**
* Compatibility class for the Groups plugin
*
* Tested from Groups version: 2.1.2
*
* @author Jory Hogeveen <info@keraweb.nl>
* @package View_Admin_As
* @since 1.7.2
* @version 1.8
* @uses \VAA_View_Admin_As_Type Extends class
*/
final class VAA_View_Admin_As_Groups extends VAA_View_Admin_As_Type
{
/**
* The single instance of the class.
*
* @since 1.7.2
* @static
* @var \VAA_View_Admin_As_Groups
*/
private static $_instance = null;
/**
* @since 1.7.2
* @since 1.8 Renamed from $viewKey.
* @var string
*/
protected $type = 'groups';
/**
* The view icon.
*
* @todo Check for `dashicons-itthinx-groups`: https://github.com/itthinx/groups/pull/61
*
* @since 1.7.6
* @var string
*/
protected $icon = 'dashicons-image-filter';
/**
* @since 1.7.2
* @since 1.8 Renamed from $selectedGroup.
* @see \Groups_Group >> groups/lib/core/class-groups-group.php
* @var \Groups_Group
*/
protected $selected;
/**
* @since 1.7.4
* @var string
*/
protected $groupsScreen = 'groups-admin';
/**
* Populate the instance and validate Groups plugin.
*
* @since 1.7.2
* @access protected
* @param \VAA_View_Admin_As $vaa The main VAA object.
*/
protected function __construct( $vaa ) {
self::$_instance = $this;
if ( is_network_admin() || ! VAA_API::exists_callable( array( 'Groups_Group', 'get_groups' ), 'debug' ) ) {
return;
}
$this->cap = ( defined( 'GROUPS_ADMINISTER_GROUPS' ) ) ? GROUPS_ADMINISTER_GROUPS : 'manage_options';
parent::__construct( $vaa );
if ( ! $this->has_access() ) {
return;
}
$this->priorities['toolbar'] = 40;
$this->label = $this->translate_remote( 'Groups' );
$this->label_singular = $this->translate_remote( 'Group' );
$this->description = __( 'Plugin' ) . ': ' . $this->label;
// Add groups capabilities.
$this->capabilities[] = $this->cap;
if ( defined( 'GROUPS_ACCESS_GROUPS' ) ) {
$this->capabilities[] = GROUPS_ACCESS_GROUPS;
}
if ( defined( 'GROUPS_ADMINISTER_OPTIONS' ) ) {
$this->capabilities[] = GROUPS_ADMINISTER_OPTIONS;
}
if ( defined( 'GROUPS_RESTRICT_ACCESS' ) ) {
$this->capabilities[] = GROUPS_RESTRICT_ACCESS;
}
// Do not add to VAA capabilities.
$this->add_filter( 'members_get_capabilities', array( $this, 'add_capabilities' ) );
}
/**
* Setup module and hooks.
*
* @since 1.7.4
* @access private
*/
public function init() {
if ( parent::init() ) {
if ( defined( 'GROUPS_PLUGIN_URL' ) ) {
$this->icon = GROUPS_PLUGIN_URL . '/images/groups.png';
}
} else {
// Add this anyway.
$this->add_action( 'vaa_view_admin_as_do_view', array( $this, 'do_view' ) );
}
}
/**
* Initialize the Groups module.
* @since 1.7.2
* @access public
*/
public function do_view() {
if ( parent::do_view() ) {
$this->selected = new Groups_Group( $this->store->get_view( $this->type ) );
$this->reset_groups_user();
$this->vaa->view()->init_user_modifications();
$this->add_action( 'vaa_view_admin_as_modify_user', array( $this, 'modify_user' ), 10, 2 );
$this->add_filter( 'groups_post_access_user_can_read_post', array( $this, 'groups_post_access_user_can_read_post' ), 99, 3 );
/**
* Replicate 404 page when the selected user has no access to read.
* I use this since I can't hook into the `posts_where` filter from Groups.
* @see VAA_View_Admin_As_Groups::groups_post_access_user_can_read_post()
*/
$this->add_action( 'wp', array( $this, 'post_access_404' ) );
//$this->add_filter( 'groups_post_access_posts_where_apply', '__return_false' );
remove_shortcode( 'groups_member' );
remove_shortcode( 'groups_non_member' );
add_shortcode( 'groups_member', array( $this, 'shortcode_groups_member' ) );
add_shortcode( 'groups_non_member', array( $this, 'shortcode_groups_non_member' ) );
// Filter user-group relationships.
//$this->add_filter( 'groups_user_is_member', array( $this, 'groups_user_is_member' ), 20, 3 );
}
// Filter group capabilities.
if ( VAA_API::is_user_modified() ) {
$this->add_filter( 'groups_group_can', array( $this, 'groups_group_can' ), 20, 3 );
$this->add_filter( 'groups_user_can', array( $this, 'groups_user_can' ), 20, 3 );
}
}
/**
* Reset Groups_User data for the selected user.
*
* @see \Groups_Cache
* @see \Groups_User
*
* @since 1.7.2
* @access public
* @param int $user_id
*/
public function reset_groups_user( $user_id = null ) {
if ( ! VAA_API::exists_callable( array( 'Groups_User', 'clear_cache' ), 'debug' ) ) {
return;
}
if ( ! $user_id ) {
$user_id = $this->store->get_selectedUser()->ID;
}
try {
Groups_User::clear_cache( $user_id );
$capabilities_base = array();
$capability_ids_base = array();
$groups_ids_base = array( $this->selected->group_id );
$groups_base = array( $this->selected );
$capabilities = null;
$capability_ids = null;
$groups_ids = null;
$groups = null;
Groups_Cache::set( Groups_User::CAPABILITIES_BASE . $user_id, $capabilities_base, Groups_User::CACHE_GROUP );
Groups_Cache::set( Groups_User::CAPABILITY_IDS_BASE . $user_id, $capability_ids_base, Groups_User::CACHE_GROUP );
Groups_Cache::set( Groups_User::GROUP_IDS_BASE . $user_id, $groups_ids_base, Groups_User::CACHE_GROUP );
Groups_Cache::set( Groups_User::GROUPS_BASE . $user_id, $groups_base, Groups_User::CACHE_GROUP );
//Groups_Cache::set( Groups_User::CAPABILITIES . $user_id, $capabilities, Groups_User::CACHE_GROUP );
//Groups_Cache::set( Groups_User::CAPABILITY_IDS . $user_id, $capability_ids, Groups_User::CACHE_GROUP );
//Groups_Cache::set( Groups_User::GROUP_IDS . $user_id, $groups_ids, Groups_User::CACHE_GROUP );
//Groups_Cache::set( Groups_User::GROUPS . $user_id, $groups, Groups_User::CACHE_GROUP );
} catch ( Exception $e ) {
$this->vaa->add_error_notice( __METHOD__, array(
'message' => $e->getMessage(),
) );
} // End try().
}
/**
* Update the current user's WP_User instance with the current view data.
*
* @since 1.7.2
* @access public
* @param \WP_User $user User object.
*/
public function modify_user( $user ) {
$caps = array();
if ( $this->selected ) {
// Merge the caps with the current selected caps, overwrite existing.
$group_caps = (array) $this->selected->capabilities_deep;
foreach ( $group_caps as $group_cap ) {
/**
* @see \Groups_Capability::create()
* @see \Groups_Capability::__get()
* @param int $capability_id
* @param string $capability
* @param string $class
* @param string $object
* @param string $name
* @param string $description
* @param array $group_ids
*/
if ( isset( $group_cap->capability ) && is_string( $group_cap->capability ) ) {
$caps[ $group_cap->capability ] = 1;
} elseif ( isset( $group_cap->capability->capability ) ) {
$caps[ $group_cap->capability->capability ] = 1;
}
}
}
$caps = array_merge( $this->store->get_selectedCaps(), $caps );
$this->store->set_selectedCaps( $caps );
// Merge the caps with the current user caps, overwrite existing.
$user->allcaps = array_merge( $user->caps, $caps );
}
/**
* Filter the user-group relation.
*
* @todo https://github.com/itthinx/groups/pull/59
* @see \Groups_User_Group::read() >> groups/lib/core/class-groups-user-group.php
*
* @since 1.7.2
* @access public
* @param bool $result Current result.
* @param int $user_id User ID.
* @param int $group_id Group ID.
* @return bool|object
*/
public function groups_user_is_member( $result, $user_id, $group_id ) {
if ( (int) $user_id === (int) $this->store->get_curUser()->ID
&& $this->selected
&& (int) $group_id === (int) $this->selected->group->group_id
) {
$result = $this->selected->group;
}
return $result;
}
/**
* Filter for the current view.
*
* @see \Groups_User::can() >> groups/lib/core/class-groups-user.php
*
* @since 1.7.2
* @access public
* @param bool $result Current result.
* @param \Groups_Group $object (not used) Group object.
* @param string $cap Capability.
* @return bool
*/
public function groups_user_can( $result, $object = null, $cap = '' ) {
/**
* Fallback PHP < 5.4 due to apply_filters_ref_array
* @see https://codex.wordpress.org/Function_Reference/apply_filters_ref_array
*/
if ( is_array( $result ) ) {
$cap = $result[2];
//$object = $result[1];
$result = $result[0];
}
if ( ! $this->store->get_view() ) {
return $result;
}
if ( $this->selected &&
is_callable( array( $this->selected, 'can' ) ) &&
! $this->selected->can( $cap )
) {
$result = false;
} else {
// For other view types.
$result = VAA_API::current_view_can( $cap );
}
return $result;
}
/**
* Filter for the current view.
*
* @see \Groups_Group::can() >> groups/lib/core/class-groups-group.php
*
* @since 1.7.2
* @access public
* @param bool $result Current result.
* @param \Groups_Group $object Group object.
* @param string $cap Capability.
* @return bool
*/
public function groups_group_can( $result, $object = null, $cap = '' ) {
// Prevent loop on `groups_user_can` filter.
if ( $this->selected && $this->selected->group_id === $object->group_id ) {
return $result;
}
return $this->groups_user_can( $result, $object, $cap );
}
/**
* Filter whether the user can do something with a post.
*
* @see \Groups_Post_Access::user_can_read_post()
*
* @since 1.7.2
* @access public
* @param bool $result
* @param int $post_id
* @param int $user_id
* @return bool
*/
public function groups_post_access_user_can_read_post( $result, $post_id, $user_id ) {
if ( $this->store->get_selectedUser()->ID !== $user_id || ! $this->selected ) {
return $result;
}
if ( ! VAA_API::exists_callable( array( 'Groups_Post_Access', 'get_read_group_ids' ), 'debug' ) ) {
return $result;
}
$post_access = Groups_Post_Access::get_read_group_ids( $post_id );
$result = true;
if ( ! empty( $post_access ) && ! in_array( $this->selected->group_id, $post_access, true ) ) {
$result = false;
}
return $result;
}
/**
* Replicate 404 page when the selected user has no access to read.
* I use this since I can't hook into the `posts_where` filter from Groups.
*
* @hook `wp`
* @see \VAA_View_Admin_As_Groups::groups_post_access_user_can_read_post()
*
* @since 1.7.2
* @access public
*/
public function post_access_404() {
global $post;
if ( isset( $post->ID ) && ! $this->groups_post_access_user_can_read_post( true, $post->ID, $this->store->get_selectedUser()->ID ) ) {
global $wp_query;
$wp_query->set_404();
}
}
/**
* Our own implementation for the groups_member shortcode.
*
* @see \Groups_Access_Shortcodes::groups_member()
*
* @since 1.7.2
* @param array $atts
* @param string $content
* @return string
*/
public function shortcode_groups_member( $atts, $content ) {
return $this->shortcode_member( $atts, $content, false );
}
/**
* Our own implementation for the groups_non_member shortcode.
*
* @see \Groups_Access_Shortcodes::groups_non_member()
*
* @since 1.7.2
* @param array $atts
* @param string $content
* @return string
*/
public function shortcode_groups_non_member( $atts, $content ) {
return ! $this->shortcode_member( $atts, $content, true );
}
/**
* Our own implementation for the Groups member shortcodes.
*
* @see \VAA_View_Admin_As_Groups::shortcode_groups_member()
* @see \VAA_View_Admin_As_Groups::shortcode_groups_non_member()
*
* @since 1.7.2
* @param array $atts
* @param string $content
* @param bool $reverse
* @return string
*/
public function shortcode_member( $atts, $content, $reverse = false ) {
$output = '';
$shortcode = ( $reverse ) ? 'groups_non_member' : 'groups_member';
$options = shortcode_atts( array( 'group' => '' ), $atts ); //, $shortcode
$show_content = false;
if ( null !== $content ) {
$groups = explode( ',', $options['group'] );
foreach ( $groups as $group ) {
$group = trim( $group );
$selected_group = $this->selected;
$current_group = Groups_Group::read( $group );
if ( ! $current_group ) {
$current_group = Groups_Group::read_by_name( $group );
}
if ( $current_group && $current_group->group_id === $selected_group->group_id ) {
$show_content = ! $reverse;
break;
}
}
if ( $show_content ) {
remove_shortcode( $shortcode );
$content = do_shortcode( $content );
add_shortcode( $shortcode, array( $this, 'shortcode_' . $shortcode ) );
$output = $content;
}
}
return $output;
}
/**
* Validate data for this view type
*
* @since 1.7.2
* @param null $null Default return (invalid)
* @param mixed $data The view data
* @return mixed
*/
public function validate_view_data( $null, $data = null ) {
if ( is_numeric( $data ) && $this->get_groups( (int) $data ) ) {
return (int) $data;
}
return $null;
}
/**
* Change the VAA admin bar menu title.
*
* @since 1.7.2
* @since 1.7.5 Renamed from vaa_viewing_as_title().
* @access public
* @param array $titles The current title(s).
* @return array
*/
public function view_title( $titles = array() ) {
if ( $this->selected ) {
$titles[ $this->label_singular ] = $this->selected->name;
}
return $titles;
}
/**
* Add the Groups admin bar items.
*
* @since 1.7.2
* @access public
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The root item.
*/
public function admin_bar_menu( $admin_bar, $root ) {
if ( ! $this->get_groups() || ! count( $this->get_groups() ) ) {
return;
}
$admin_bar->add_group( array(
'id' => $root . '-groups',
'parent' => $root,
'meta' => array(
'class' => 'ab-sub-secondary',
),
) );
$root = $root . '-groups';
$admin_bar->add_node( array(
'id' => $root . '-title',
'parent' => $root,
'title' => VAA_View_Admin_As_Form::do_icon( $this->icon ) . $this->label,
'href' => false,
'meta' => array(
'class' => 'vaa-has-icon ab-vaa-title ab-vaa-toggle active',
'tabindex' => '0',
),
) );
$admin_bar->add_node( array(
'id' => $root . '-admin',
'parent' => $root,
'title' => VAA_View_Admin_As_Form::do_description(
VAA_View_Admin_As_Form::do_icon( 'dashicons-admin-links' )
. __( 'Plugin' ) . ': ' . $this->label
),
'href' => menu_page_url( $this->groupsScreen, false ),
'meta' => array(
'class' => 'auto-height',
),
) );
/**
* Add items at the beginning of the groups group.
*
* @see 'admin_bar_menu' action
* @link https://codex.wordpress.org/Class_Reference/WP_Admin_Bar
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The current root item.
*/
do_action( 'vaa_admin_bar_groups_before', $admin_bar, $root );
// Add the groups.
foreach ( $this->get_groups() as $group_key => $group ) {
$view_value = $group->group_id;
$view_data = array( $this->type => $view_value );
$href = VAA_API::get_vaa_action_link( $view_data, $this->store->get_nonce( true ) );
$class = 'vaa-' . $this->type . '-item';
$title = VAA_View_Admin_As_Form::do_view_title( $group->name, $this, $view_value );
// Check if this group is the current view.
if ( $this->store->get_view( $this->type ) ) {
if ( (int) $this->store->get_view( $this->type ) === (int) $group->group_id ) {
$class .= ' current';
$href = false;
} else {
$selected = $this->get_groups( $this->store->get_view( $this->type ) );
if ( (int) $selected->parent_id === (int) $group->group_id ) {
$class .= ' current-parent';
}
}
}
$parent = $root;
if ( ! empty( $group->parent_id ) ) {
$parent = $root . '-' . $this->type . '-' . (int) $group->parent_id;
}
$admin_bar->add_node( array(
'id' => $root . '-' . $this->type . '-' . (int) $group->group_id,
'parent' => $parent,
'title' => $title,
'href' => $href,
'meta' => array(
// Translators: %s stands for the view type name.
'title' => sprintf( __( 'View as %s', VIEW_ADMIN_AS_DOMAIN ), $group->name ),
'class' => $class,
),
) );
}
/**
* Add items at the end of the groups group.
*
* @see 'admin_bar_menu' action
* @link https://codex.wordpress.org/Class_Reference/WP_Admin_Bar
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The current root item.
*/
do_action( 'vaa_admin_bar_groups_after', $admin_bar, $root );
}
/**
* Store the available groups.
* @since 1.7.2
* @since 1.8 Renamed from store_groups().
* @access private
*/
public function store_data() {
$groups = Groups_Group::get_groups();
$data = array();
if ( ! empty( $groups ) ) {
foreach ( $groups as $group ) {
$data[ $group->group_id ] = $group;
}
}
$this->set_data( $data );
}
/**
* Get a group by ID.
*
* @since 1.7.2
* @access public
* @param string $key The group key.
* @return \Groups_Group[]|\Groups_Group|bool
*/
public function get_groups( $key = '-1' ) {
if ( ! is_numeric( $key ) ) {
return false;
}
if ( '-1' === $key ) {
$key = null;
}
return $this->get_data( $key );
}
/**
* Translate with another domain.
*
* @since 1.7.2
* @param string $string The string.
* @return string
*/
public function translate_remote( $string ) {
$domain = ( defined( 'GROUPS_PLUGIN_DOMAIN' ) ) ? GROUPS_PLUGIN_DOMAIN : 'groups';
// @codingStandardsIgnoreLine >> Prevent groups translation from getting parsed by translate.wordpress.org
return __( $string, $domain );
}
/**
* Main Instance.
*
* Ensures only one instance of this class is loaded or can be loaded.
*
* @since 1.7.2
* @access public
* @static
* @param \VAA_View_Admin_As $caller The referrer class.
* @return \VAA_View_Admin_As_Groups $this
*/
public static function get_instance( $caller = null ) {
if ( is_null( self::$_instance ) ) {
self::$_instance = new self( $caller );
}
return self::$_instance;
}
} // End class VAA_View_Admin_As_Groups.

370
backend/wordpress/wp-content/plugins/view-admin-as/modules/class-languages.php Executable file
View File

@@ -0,0 +1,370 @@
<?php
/**
* View Admin As - Language switcher
*
* @author Jory Hogeveen <info@keraweb.nl>
* @package View_Admin_As
*/
if ( ! defined( 'VIEW_ADMIN_AS_DIR' ) ) {
die();
}
/**
* Language switcher add-on.
*
* @author Jory Hogeveen <info@keraweb.nl>
* @package View_Admin_As
* @since 1.7.5
* @version 1.8
* @uses \VAA_View_Admin_As_Type Extends class
*/
class VAA_View_Admin_As_Languages extends VAA_View_Admin_As_Type
{
/**
* The single instance of the class.
*
* @since 1.7.5
* @static
* @var \VAA_View_Admin_As_Languages
*/
private static $_instance = null;
/**
* Option key.
*
* @since 1.7.5
* @var string
*/
protected $optionKey = 'languages';
/**
* @since 1.7.5
* @var string
*/
protected $type = 'locale';
/**
* The icon for this view type.
*
* @since 1.8
* @var string
*/
protected $icon = 'dashicons-translation';
/**
* Populate the instance.
*
* @since 1.7.5
* @access protected
* @param \VAA_View_Admin_As $vaa The main VAA object.
*/
protected function __construct( $vaa ) {
self::$_instance = $this;
parent::__construct( $vaa );
if ( ! $this->has_access() ) {
return;
}
$this->priorities = array(
'toolbar' => 9,
'view_title' => 90,
'validate_view_data' => 10,
'update_view' => 10,
'do_view' => 10,
);
$this->label = __( 'Languages', VIEW_ADMIN_AS_DOMAIN );
$this->label_singular = __( 'Language', VIEW_ADMIN_AS_DOMAIN );
}
/**
* Apply the language view.
*
* @since 1.7.5
* @access public
*/
public function do_view() {
if ( parent::do_view() ) {
$this->add_filter( 'locale', array( $this, 'filter_locale' ) );
$this->add_action( 'after_setup_theme', array( $this, 'action_switch_to_locale' ), 0 );
// Overwrite user setting for freeze locale.
$this->add_filter( 'view_admin_as_freeze_locale', '__return_false', 99 );
}
}
/**
* Change the site language.
*
* @since 1.7.5
* @access public
* param string $locale
* @return string
*/
public function filter_locale() {
return $this->selected;
}
/**
* Change the site language.
*
* @since 1.7.5
* @access public
*/
public function action_switch_to_locale() {
if ( function_exists( 'switch_to_locale' ) ) {
switch_to_locale( $this->selected );
}
}
/**
* Validate data for this view type
*
* @since 1.7.5
* @param null $null Default return (invalid)
* @param mixed $data The view data
* @return mixed
*/
public function validate_view_data( $null, $data = null ) {
if ( is_string( $data ) && $this->get_data( $data ) ) {
return $data;
}
return $null;
}
/**
* Change the VAA admin bar menu title.
*
* @since 1.7.5
* @since 1.8 Renamed from vaa_admin_bar_view_titles().
* @access public
* @param array $titles The current title(s).
* @return array
*/
public function view_title( $titles = array() ) {
$language = $this->get_data( $this->selected );
if ( $language ) {
$titles[ /* No need for view type key. */ ] = $this->get_view_title( $this->selected );
}
return $titles;
}
/**
* Get the view title.
*
* @since 1.8
* @param string $locale The locale.
* @return string
*/
public function get_view_title( $locale ) {
$title = $this->get_data( $locale );
/**
* Change the display title for language nodes.
*
* @since 1.8
* @param string $title Language (native).
* @param string $locale The locale.
* @return string
*/
$title = apply_filters( 'vaa_admin_bar_view_title_' . $this->type, $title, $locale );
return $title;
}
/**
* Add the admin bar items.
*
* @since 1.7.5
* @access public
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The root item.
*/
public function admin_bar_menu( $admin_bar, $root ) {
static $done;
if ( $done ) return;
$main_root = $root;
$root = $main_root . '-locale';
$admin_bar->add_group( array(
'id' => $root,
'parent' => $main_root,
'meta' => array(
'class' => 'ab-sub-secondary',
),
) );
$admin_bar->add_node( array(
'id' => $root . '-title',
'parent' => $root,
'title' => VAA_View_Admin_As_Form::do_icon( $this->icon ) . $this->label,
'href' => false,
'meta' => array(
'class' => 'vaa-has-icon ab-vaa-title' . ( ( $this->store->get_view( $this->type ) ) ? ' current' : '' ),
'tabindex' => '0',
),
) );
$admin_bar->add_group( array(
'id' => $root . '-languages',
'parent' => $root . '-title',
'meta' => array(
'class' => 'vaa-auto-max-height',
),
) );
/**
* Add items at the beginning of the rua group.
*
* @see 'admin_bar_menu' action
* @link https://codex.wordpress.org/Class_Reference/WP_Admin_Bar
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The current root item.
*/
do_action( 'vaa_admin_bar_languages_before', $admin_bar, $root );
// Add the levels.
include VIEW_ADMIN_AS_DIR . 'ui/templates/adminbar-language-items.php';
/**
* Add items at the end of the rua group.
*
* @see 'admin_bar_menu' action
* @link https://codex.wordpress.org/Class_Reference/WP_Admin_Bar
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The current root item.
*/
do_action( 'vaa_admin_bar_languages_after', $admin_bar, $root );
}
/**
* Store the available languages.
*
* @since 1.7.5
* @since 1.8 Renamed from store_languages().
* @access public
*/
public function store_data() {
$installed = get_available_languages();
if ( ! $installed || ( 1 === count( $installed ) && 'en_US' === reset( $installed ) ) ) {
return;
}
$existing = (array) $this->store->get_optionData( $this->optionKey );
$languages = $existing;
if ( array_diff_key( array_flip( $installed ), $existing ) ) {
// New languages detected. Call the WP API to get language info.
$languages = $this->get_wp_languages( $languages );
}
$data_languages['en_US'] = 'English';
// Same order as WordPress.
sort( $installed );
foreach ( $installed as $locale ) {
if ( array_key_exists( $locale, $languages ) ) {
$data_languages[ $locale ] = $languages[ $locale ];
}
}
if ( $languages !== $existing ) {
$this->store->update_optionData( $data_languages, $this->optionKey, true );
}
$this->set_data( $data_languages );
}
/**
* Call the WP API to get language info.
*
* @since 1.7.5
* @param array $languages Existing languages.
* @return array
*/
private function get_wp_languages( $languages ) {
if ( ! file_exists( ABSPATH . 'wp-admin/includes/translation-install.php' ) ) {
// @todo Notice on debug.
return $languages;
}
require_once ABSPATH . 'wp-admin/includes/translation-install.php';
if ( ! function_exists( 'wp_get_available_translations' ) ) {
return $languages;
}
$wp_languages = wp_get_available_translations();
if ( ! $wp_languages ) {
return $languages;
}
foreach ( $wp_languages as $locale => $language_info ) {
$name = $locale;
if ( isset( $language_info['native_name'] ) ) {
$name = $language_info['native_name'];
}
$languages[ $locale ] = $name;
}
return $languages;
}
/**
* Set the view type data.
*
* @since 1.8
* @access public
* @param mixed $val
* @param string $key (optional) The data key.
* @param bool $append (optional) Append if it doesn't exist?
*/
public function set_data( $val, $key = null, $append = true ) {
$this->store->set_languages( $val, $key, $append );
}
/**
* Get a language by locale.
*
* @since 1.7.5
* @since 1.8 Renamed from get_languages().
* @access public
* @param string $key (optional) The language locale.
* @return mixed
*/
public function get_data( $key = '-1' ) {
if ( ! is_string( $key ) ) {
return false;
}
if ( '-1' === $key ) {
$key = null;
}
return $this->store->get_languages( $key );
}
/**
* Main Instance.
*
* Ensures only one instance of this class is loaded or can be loaded.
*
* @since 1.7.5
* @access public
* @static
* @param \VAA_View_Admin_As $caller The referrer class.
* @return \VAA_View_Admin_As_Languages $this
*/
public static function get_instance( $caller = null ) {
if ( is_null( self::$_instance ) ) {
self::$_instance = new self( $caller );
}
return self::$_instance;
}
} // End class VAA_View_Admin_As_Languages.

588
backend/wordpress/wp-content/plugins/view-admin-as/modules/class-restrict-user-access.php Executable file
View File

@@ -0,0 +1,588 @@
<?php
/**
* View Admin As - Restrict User Access plugin
*
* @author Jory Hogeveen <info@keraweb.nl>
* @package View_Admin_As
*/
if ( ! defined( 'VIEW_ADMIN_AS_DIR' ) ) {
die();
}
/**
* Compatibility class for the Restrict User Access plugin.
*
* Tested from RUA version: 0.12.4
* Official RUA compat release: 0.13 (https://github.com/intoxstudio/restrict-user-access/pull/8)
* Required since v1.7.2: 0.15.1 (https://github.com/intoxstudio/restrict-user-access/pull/11)
* Checked version: 1.0
*
* @author Jory Hogeveen <info@keraweb.nl>
* @package View_Admin_As
* @since 1.6.4
* @version 1.8
* @uses \VAA_View_Admin_As_Type Extends class
*/
final class VAA_View_Admin_As_RUA extends VAA_View_Admin_As_Type
{
/**
* The single instance of the class.
*
* @since 1.6.4
* @static
* @var \VAA_View_Admin_As_RUA
*/
private static $_instance = null;
/**
* @since 1.6.4
* @since 1.8 Renamed from $viewKey.
* @var string
*/
protected $type = 'rua_level';
/**
* The view icon.
*
* @since 1.7.6
* @var string
*/
protected $icon = 'data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgdmlld0JveD0iMCAwIDIwIDIwIj48ZyBmaWxsPSIjYTBhNWFhIj48cGF0aCBkPSJNMTAuMDEyIDE0LjYyNUw1Ljc4IDEyLjI3Yy0xLjkwNi42NjQtMy42MDUgMS43Ni00Ljk4IDMuMTc4IDIuMTA1IDIuNzcgNS40MzYgNC41NiA5LjE4NSA0LjU2IDMuNzY2IDAgNy4xMTItMS44MDIgOS4yMTUtNC41OTMtMS4zOC0xLjQwNC0zLjA3LTIuNDk2LTQuOTctMy4xNTRsLTQuMjE4IDIuMzY3em0tLjAwNS0xNC42M0M3LjQxMi0uMDA1IDUuMzEgMS45MSA1LjMxIDQuMjhoOS4zOTNjMC0yLjM3LTIuMS00LjI4Ni00LjY5Ni00LjI4NnptNi4xMjYgMTAuNzFjLjE1OC0uMDMyLjY0LS4yMzIuNjMtLjMzMy0uMDI1LS4yNC0uNjg2LTUuNTg0LS42ODYtNS41ODRzLS40MjItLjI3LS42ODYtLjI5M2MuMDI0LjIxLjY5IDUuNzYuNzQ1IDYuMjF6bS0xMi4yNTMgMGMtLjE1OC0uMDMyLS42NC0uMjMyLS42My0uMzMzLjAyNS0uMjQuNjg2LTUuNTg0LjY4Ni01LjU4NHMuNDItLjI3LjY4Ni0uMjkzYy0uMDIuMjEtLjY5IDUuNzYtLjc0MiA2LjIxeiIvPjxwYXRoIGQ9Ik0xMCAxMy45NjdoLjAyM2wuOTc1LS41NXYtNC4yMWMuNzgtLjM3NyAxLjMxNC0xLjE3MyAxLjMxNC0yLjA5NyAwLTEuMjg1LTEuMDM1LTIuMzIzLTIuMzItMi4zMjNTNy42NyA1LjgyNSA3LjY3IDcuMTFjMCAuOTIzLjUzNSAxLjcyIDEuMzE1IDIuMDkzVjEzLjRsMS4wMTYuNTY3em0tMS43NjQtLjk4NXYtLjAzNWMwLTMuNjEtMS4zNS02LjU4My0zLjA4My02Ljk2bC0uMDMuMy0uNTIgNC42NyAzLjYzMyAyLjAyNXptMy41Ni0uMDM1YzAgLjAxNCAwIC4wMTguMDAzLjAyM2wzLjYxLTIuMDI1LS41My00LjY4LS4wMjgtLjI3M2MtMS43MjMuNC0zLjA1NyAzLjM2Mi0zLjA1NyA2Ljk1NXoiLz48L2c+PC9zdmc+';
/**
* @since 1.6.4
* @since 1.8 Renamed from $selectedLevel.
* @var int WP_Post ID (RUA access level post type).
*/
protected $selected;
/**
* @since 1.6.4
* @since 1.8 Renamed from $selectedLevelCaps.
* @var array The caps set for this level.
*/
protected $selectedCaps = array();
/**
* @since 1.6.4
* @var \WP_Post_Type The post type object of the level types.
*/
protected $levelPostType;
/**
* @since 1.6.4
* @var \RUA_App
*/
protected $ruaApp;
/**
* @since 1.7.2
* @var \RUA_Level_Manager
*/
protected $ruaLevelManager;
/**
* @since 1.6.4
* @var string
*/
protected $ruaMetaPrefix;
/**
* @since 1.6.4
* @var string
*/
protected $ruaTypeRestrict;
/**
* @since 1.7.4
* @var string
*/
protected $ruaScreen;
/**
* Populate the instance and validate RUA plugin is active.
*
* @since 1.6.4
* @access protected
* @param \VAA_View_Admin_As $vaa The main VAA object.
*/
protected function __construct( $vaa ) {
self::$_instance = $this;
if ( is_network_admin() || ! VAA_API::exists_callable( array( 'RUA_App', 'instance' ), 'debug' ) ) {
return;
}
$this->ruaApp = RUA_App::instance();
if ( ! is_object( $this->ruaApp->level_manager ) ) {
return;
}
$this->ruaLevelManager = $this->ruaApp->level_manager;
$this->ruaMetaPrefix = ( defined( 'RUA_App::META_PREFIX' ) ) ? RUA_App::META_PREFIX : '_ca_';
$this->ruaTypeRestrict = ( defined( 'RUA_App::TYPE_RESTRICT' ) ) ? RUA_App::TYPE_RESTRICT : 'restriction';
$this->ruaScreen = ( defined( 'RUA_App::BASE_SCREEN' ) ) ? RUA_App::BASE_SCREEN : 'wprua';
$this->cap = ( defined( 'RUA_App::CAPABILITY' ) ) ? RUA_App::CAPABILITY : 'manage_options';
parent::__construct( $vaa );
if ( ! $this->has_access() ) {
return;
}
$this->priorities['toolbar'] = 40;
$this->label = 'Access Levels';
$this->label_singular = 'Access Level';
$this->description = __( 'Plugin' ) . ': ' . $this->translate_remote( 'Restrict User Access' );
$this->add_action( 'init', array( $this, 'set_labels' ), 99999 );
}
/**
* Sets the type labels.
* @since 1.8
*/
public function set_labels() {
$this->levelPostType = get_post_type_object( $this->ruaTypeRestrict );
if ( ! empty( $this->levelPostType->labels->singular_name ) ) {
$this->label_singular = $this->levelPostType->labels->singular_name;
}
if ( isset( $this->levelPostType->label ) ) {
$this->label = $this->levelPostType->label;
}
}
/**
* Setup module and hooks.
*
* @since 1.7.4
* @access private
*/
public function init() {
if ( parent::init() ) {
$this->add_action( 'vaa_admin_bar_roles_after', array( $this, 'admin_bar_roles_after' ), 10, 2 );
} else {
// Add this anyway to reset user level caps.
$this->add_action( 'vaa_view_admin_as_do_view', array( $this, 'do_view' ) );
}
}
/**
* Initialize the RUA module.
*
* @since 1.6.4
* @access public
*/
public function do_view() {
if ( parent::do_view() ) {
if ( ! VAA_API::exists_callable( array( 'WPCALoader', 'load' ), 'debug' ) ) {
return;
}
WPCALoader::load();
//$this->selected = $this->store->get_view( $this->type );
$this->selectedCaps = $this->get_level_caps( $this->selected, true );
$this->vaa->view()->init_user_modifications();
$this->add_action( 'vaa_view_admin_as_modify_user', array( $this, 'modify_user' ), 10, 2 );
$this->add_filter( 'get_user_metadata', array( $this, 'get_user_metadata' ), 10, 3 );
// Administrators can see all restricted content in RUA.
if ( $this->store->get_view() && ! $this->store->get_selectedCaps( 'administrator' ) ) {
// Not a view with administrator capability == no global access.
$this->add_filter( 'rua/user/global-access', '__return_false' );
}
}
if ( VAA_API::is_user_modified() && is_object( $this->ruaLevelManager ) ) {
if ( is_callable( array( $this->ruaLevelManager, 'reset_user_levels_caps' ) ) ) {
/**
* Reset the user levels caps.
* @since 1.7.2
* @link https://github.com/JoryHogeveen/view-admin-as/issues/56#issuecomment-299077527
* @link https://github.com/intoxstudio/restrict-user-access/pull/11
* @see \RUA_Level_Manager::add_filters()
*/
$this->ruaLevelManager->reset_user_levels_caps( $this->store->get_selectedUser()->ID );
}
if ( $this->store->get_view( 'caps' ) ) {
/**
* Remove the whole filter when the caps view is selected.
* @since 1.7.2
* @link https://github.com/JoryHogeveen/view-admin-as/issues/56#issuecomment-299077527
* @see \RUA_Level_Manager::add_filters()
*/
remove_filter( 'user_has_cap', array( $this->ruaLevelManager, 'user_level_has_cap' ), 9 );
}
}
}
/**
* Update the current user's WP_User instance with the current view data.
*
* @since 1.6.4
* @param \WP_User $user User object.
*/
public function modify_user( $user ) {
$caps = (array) $this->selectedCaps;
// Merge the caps with the current selected caps, overwrite existing.
$caps = array_merge( $this->store->get_selectedCaps(), $caps );
$this->store->set_selectedCaps( $caps );
// Merge the caps with the current user caps, overwrite existing.
$user->allcaps = array_merge( $user->caps, $caps );
}
/**
* Filter the return metadata for the RUA levels.
*
* @since 1.6.4
* @param null $null The value get_metadata() should return.
* @param int $user_id User/Object ID.
* @param string $meta_key Meta key.
* @return array
*/
public function get_user_metadata( $null, $user_id, $meta_key ) {
if ( (int) $user_id === (int) $this->store->get_selectedUser()->ID
&& $this->get_levels( $this->selected )
) {
// @todo Check for future API updates in RUA plugin
if ( $this->ruaMetaPrefix . 'level' === $meta_key ) {
return array( $this->selected );
}
if ( $this->ruaMetaPrefix . 'level_' . $this->selected === $meta_key ) {
// Return current time + 120 seconds to make sure this level won't be set as expired.
return array( time() + 120 );
}
}
return $null;
}
/**
* Validate data for this view type
*
* @since 1.7
* @param null $null Default return (invalid)
* @param mixed $data The view data
* @return mixed
*/
public function validate_view_data( $null, $data = null ) {
if ( is_numeric( $data ) && $this->get_levels( (int) $data ) ) {
return (int) $data;
}
return $null;
}
/**
* Change the VAA admin bar menu title.
*
* @since 1.6.4
* @since 1.7.5 Renamed from vaa_viewing_as_title().
* @since 1.8 Renamed from vaa_admin_bar_view_titles().
* @access public
* @param array $titles The current title(s).
* @return array
*/
public function view_title( $titles = array() ) {
$current = $this->get_levels( $this->selected );
if ( $current ) {
$titles[ $this->label_singular ] = $current->post_title;
}
return $titles;
}
/**
* Add the RUA admin bar items.
*
* @since 1.6.4
* @access public
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The root item.
* @param string $role (optional) Role name.
* @param \WP_Role $role_obj (optional) Role object.
*/
public function admin_bar_menu( $admin_bar, $root, $role = null, $role_obj = null ) {
if ( ! $this->get_levels() ) {
return;
}
if ( ! $role ) {
$admin_bar->add_group( array(
'id' => $root . '-rua-levels',
'parent' => $root,
'meta' => array(
'class' => 'ab-sub-secondary',
),
) );
$root = $root . '-rua-levels';
$admin_bar->add_node( array(
'id' => $root . '-title',
'parent' => $root,
'title' => VAA_View_Admin_As_Form::do_icon( $this->icon ) . $this->label,
'href' => false,
'meta' => array(
'class' => 'vaa-has-icon ab-vaa-title ab-vaa-toggle active',
'tabindex' => '0',
),
) );
$admin_bar->add_node( array(
'id' => $root . '-admin',
'parent' => $root,
'title' => VAA_View_Admin_As_Form::do_description(
VAA_View_Admin_As_Form::do_icon( 'dashicons-admin-links' )
. __( 'Plugin' ) . ': ' . $this->translate_remote( 'Restrict User Access' )
),
'href' => menu_page_url( $this->ruaScreen, false ),
'meta' => array(
'class' => 'auto-height',
),
) );
} else {
$admin_bar->add_node( array(
'id' => $root . '-rua-levels',
'parent' => $root,
'title' => VAA_View_Admin_As_Form::do_icon( $this->icon ) . $this->label,
'href' => false,
'meta' => array(
'class' => 'vaa-has-icon',
'tabindex' => '0',
),
) );
$root = $root . '-rua-levels';
} // End if().
/**
* Add items at the beginning of the rua group.
*
* @see 'admin_bar_menu' action
* @link https://codex.wordpress.org/Class_Reference/WP_Admin_Bar
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The current root item.
*/
do_action( 'vaa_admin_bar_rua_levels_before', $admin_bar, $root );
// Add the levels.
foreach ( $this->get_levels() as $level ) {
$view_value = $level->ID;
$view_data = array( $this->type => $view_value );
if ( $role ) {
$view_data['role'] = $role;
}
$href = VAA_API::get_vaa_action_link( $view_data, $this->store->get_nonce( true ) );
$class = 'vaa-' . $this->type . '-item';
$title = VAA_View_Admin_As_Form::do_view_title( $level->post_title, $this, ( $role ) ? wp_json_encode( $view_data ) : $view_value );
// Check if this level is the current view.
if ( $this->store->get_view( $this->type ) ) {
if ( VAA_API::is_current_view( $view_value, $this->type ) ) {
$class .= ' current';
if ( 1 === count( $this->store->get_view() ) && empty( $role ) ) {
// The node item is the only view and is not related to a role.
$href = false;
} elseif ( ! empty( $role ) && $role === $this->store->get_view( 'role' ) ) {
// The node item is related to a role and that role is the current view.
$href = false;
}
} else {
$selected = $this->get_levels( $this->selected );
if ( $selected && (int) $selected->post_parent === (int) $view_value ) {
$class .= ' current-parent';
}
}
}
$parent = $root;
if ( ! empty( $level->post_parent ) ) {
$parent = $root . '-' . $this->type . '-' . (int) $level->post_parent;
}
$admin_bar->add_node( array(
'id' => $root . '-' . $this->type . '-' . $view_value,
'parent' => $parent,
'title' => $title,
'href' => $href,
'meta' => array(
// Translators: %s stands for the view type name.
'title' => sprintf( __( 'View as %s', VIEW_ADMIN_AS_DOMAIN ), $level->post_title )
. ( ( $role ) ? ' (' . $this->store->get_rolenames( $role_obj->name ) . ')' : '' ),
'class' => $class,
),
) );
} // End foreach().
/**
* Add items at the end of the rua group.
*
* @see 'admin_bar_menu' action
* @link https://codex.wordpress.org/Class_Reference/WP_Admin_Bar
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The current root item.
*/
do_action( 'vaa_admin_bar_rua_levels_after', $admin_bar, $root );
}
/**
* Add levels under roles.
*
* @since 1.6.4
* @access public
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The root item.
*/
public function admin_bar_roles_after( $admin_bar, $root ) {
$roles = $this->store->get_roles();
if ( ! $roles ) {
return;
}
foreach ( $roles as $role_key => $role ) {
// Admins always have full access in RUA.
if ( 'administrator' === $role_key ) {
continue;
}
$role_root = $root . '-role-' . $role_key;
$this->admin_bar_menu( $admin_bar, $role_root, $role_key, $role );
}
}
/**
* Store the available access levels.
*
* @since 1.6.4
* @since 1.8 Renamed from store_levels().
* @access private
*/
public function store_data() {
if ( is_callable( array( $this->ruaApp, 'get_levels' ) ) ) {
$levels = $this->ruaApp->get_levels();
} else {
// Fallback @todo Keep this updated on changes in RUA plugin.
$levels = get_posts( array(
'numberposts' => -1,
'post_type' => $this->ruaTypeRestrict,
'post_status' => array( 'publish', 'private', 'future' ),
) );
}
$data = array();
if ( ! empty( $levels ) ) {
foreach ( $levels as $level ) {
$data[ $level->ID ] = $level;
}
}
$this->set_data( $data );
}
/**
* Get an access level by ID.
*
* @since 1.6.4
* @see \RUA_App::get_levels()
* @access public
* @param string $key (optional) The level key.
* @return \WP_Post[]|\WP_Post Array of WP_Post objects (RUA access level post type)
*/
public function get_levels( $key = '-1' ) {
if ( ! is_numeric( $key ) ) {
return null;
}
if ( '-1' === $key ) {
$key = null;
}
return $this->get_data( $key );
}
/**
* Get all caps of a level.
* Also able to get all caps based on level hierarchy (default).
*
* @since 1.6.4
* @param int $level_id The level ID.
* @param bool $hierarchical Add parent level caps?
* @return array
*/
public function get_level_caps( $level_id, $hierarchical = true ) {
// @see https://github.com/intoxstudio/restrict-user-access/pull/8.
if ( function_exists( 'rua_get_level_caps' ) ) {
return (array) rua_get_level_caps( $level_id, $hierarchical );
}
$levels = array( $level_id );
if ( $hierarchical ) {
$levels = array_merge( $levels, get_post_ancestors( (int) $level_id ) );
$levels = array_reverse( (array) $levels );
}
$caps = array();
foreach ( $levels as $level ) {
// Just use the regular get_post_meta to prevent any errors in future or old versions of RUA.
// @todo Check for future API updates in RUA plugin.
// $level_caps = $this->ruaApp->level_manager->metadata()->get( "caps" )->get_data( $level );
$level_caps = get_post_meta( $level, $this->ruaMetaPrefix . 'caps', true );
if ( ! empty( $level_caps ) && is_array( $level_caps ) ) {
foreach ( $level_caps as $key => $level_cap ) {
$caps[ $key ] = (bool) $level_cap;
}
}
}
return $caps;
}
/**
* Translate with another domain.
*
* @since 1.7.4
* @param string $string The string.
* @return string
*/
public function translate_remote( $string ) {
$domain = ( defined( 'RUA_App::DOMAIN' ) ) ? RUA_App::DOMAIN : 'restrict-user-access';
// @codingStandardsIgnoreLine >> Prevent groups translation from getting parsed by translate.wordpress.org
return __( $string, $domain );
}
/**
* Main Instance.
*
* Ensures only one instance of this class is loaded or can be loaded.
*
* @since 1.6.4
* @access public
* @static
* @param \VAA_View_Admin_As $caller The referrer class.
* @return \VAA_View_Admin_As_RUA $this
*/
public static function get_instance( $caller = null ) {
if ( is_null( self::$_instance ) ) {
self::$_instance = new self( $caller );
}
return self::$_instance;
}
} // End class VAA_View_Admin_As_RUA.

1884
backend/wordpress/wp-content/plugins/view-admin-as/modules/class-role-defaults.php Executable file
View File

File diff suppressed because it is too large Load Diff

1578
backend/wordpress/wp-content/plugins/view-admin-as/modules/class-role-manager.php Executable file
View File

File diff suppressed because it is too large Load Diff

352
backend/wordpress/wp-content/plugins/view-admin-as/modules/class-roles.php Executable file
View File

@@ -0,0 +1,352 @@
<?php
/**
* View Admin As - User switcher
*
* @author Jory Hogeveen <info@keraweb.nl>
* @package View_Admin_As
*/
if ( ! defined( 'VIEW_ADMIN_AS_DIR' ) ) {
die();
}
/**
* User switcher view type.
*
* @author Jory Hogeveen <info@keraweb.nl>
* @package View_Admin_As
* @since 0.1 View type existed in core.
* @since 1.8 Created this class.
* @version 1.8
* @uses \VAA_View_Admin_As_Type Extends class
*/
class VAA_View_Admin_As_Roles extends VAA_View_Admin_As_Type
{
/**
* The single instance of the class.
*
* @since 1.8
* @static
* @var \VAA_View_Admin_As_Roles
*/
private static $_instance = null;
/**
* @since 1.8
* @var string
*/
protected $type = 'role';
/**
* The icon for this view type.
*
* @since 1.8
* @var string
*/
protected $icon = 'dashicons-groups';
/**
* Populate the instance.
*
* @since 1.8
* @access protected
* @param \VAA_View_Admin_As $vaa The main VAA object.
*/
protected function __construct( $vaa ) {
self::$_instance = $this;
if ( is_network_admin() ) {
return;
}
parent::__construct( $vaa );
// Roles should always be stored because of dependencies.
if ( ! $this->is_enabled() ) {
$this->store_data();
}
if ( ! $this->has_access() ) {
return;
}
$this->priorities = array(
'toolbar' => 20,
'view_title' => 8,
'validate_view_data' => 10,
'update_view' => 10,
'do_view' => 5,
);
$this->label = __( 'Roles', VIEW_ADMIN_AS_DOMAIN );
$this->label_singular = __( 'Role', VIEW_ADMIN_AS_DOMAIN );
}
/**
* Apply the user view.
*
* @since 1.8
* @access public
*/
public function do_view() {
if ( parent::do_view() ) {
$this->add_action( 'vaa_view_admin_as_modify_user', array( $this, 'modify_user' ), 2, 2 );
$this->init_user_modifications();
}
}
/**
* Modify the current user object.
*
* @param \WP_User $user The modified user object.
*/
public function modify_user( $user ) {
if ( $this->get_data( $this->selected ) instanceof WP_Role ) {
// @since 1.6.3 Set the current user's role to the current view.
$user->caps = array( $this->selected => 1 );
// Sets the `allcaps` and `roles` properties correct.
$user->get_role_caps();
// Set the selected capabilities.
$this->store->set_selectedCaps( $user->allcaps );
}
}
/**
* Change the VAA admin bar menu title.
*
* @since 1.8
* @access public
* @param array $titles The current title(s).
* @return array
*/
public function view_title( $titles = array() ) {
$current = $this->get_data( $this->selected );
if ( $current ) {
$titles[ $this->label_singular ] = $this->get_view_title( $current );
}
return $titles;
}
/**
* Get the view title.
*
* @since 1.8
* @param \WP_Role $role
* @return string
*/
public function get_view_title( $role ) {
$title = $this->store->get_rolenames( $role->name );
/**
* Change the display title for role nodes.
*
* @since 1.8
* @param string $title Role name (translated).
* @param \WP_Role $role The role object.
* @return string
*/
$title = apply_filters( 'vaa_admin_bar_view_title_' . $this->type, $title, $role );
return $title;
}
/**
* Validate data for this view type
*
* @since 1.7
* @since 1.8 Moved from VAA_View_Admin_As_Controller
* @access public
* @param null $null Default return (invalid)
* @param mixed $data The view data
* @return mixed
*/
public function validate_view_data( $null, $data = null ) {
// User data must be a number and exists in the loaded array of user id's.
if ( is_string( $data ) && array_key_exists( $data, $this->get_data() ) ) {
return $data;
}
return $null;
}
/**
* Add the admin bar items.
*
* @since 1.5
* @since 1.8 Moved from VAA_View_Admin_As_Admin_Bar.
* @access public
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The root item.
*/
public function admin_bar_menu( $admin_bar, $root ) {
static $done;
if ( $done ) return;
/**
* Make sure we have the latest added roles.
* It can be that a plugin/theme adds a role after the initial call to store_roles (hook: 'plugins_loaded').
*
* @see \VAA_View_Admin_As::run()
* @since 1.6.3
*/
$this->store_data();
if ( ! $this->get_data() ) {
return;
}
$main_root = $root;
$root = $main_root . '-roles';
$admin_bar->add_group( array(
'id' => $root,
'parent' => $main_root,
'meta' => array(
'class' => 'ab-sub-secondary',
),
) );
$admin_bar->add_node( array(
'id' => $root . '-title',
'parent' => $root,
'title' => VAA_View_Admin_As_Form::do_icon( $this->icon ) . $this->label,
'href' => false,
'meta' => array(
'class' => 'vaa-has-icon ab-vaa-title ab-vaa-toggle active',
'tabindex' => '0',
),
) );
/**
* Add items at the beginning of the roles group.
*
* @since 1.5
* @see 'admin_bar_menu' action
* @link https://codex.wordpress.org/Class_Reference/WP_Admin_Bar
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The current root item.
* @param string $main_root The main root item.
*/
do_action( 'vaa_admin_bar_roles_before', $admin_bar, $main_root );
// Add the roles.
include VIEW_ADMIN_AS_DIR . 'ui/templates/adminbar-role-items.php';
/**
* Add items at the end of the roles group.
*
* @since 1.5
* @see 'admin_bar_menu' action
* @link https://codex.wordpress.org/Class_Reference/WP_Admin_Bar
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The current root item.
* @param string $main_root The main root item.
*/
do_action( 'vaa_admin_bar_roles_after', $admin_bar, $root, $main_root );
$done = true;
}
/**
* Store available roles.
*
* @since 1.5
* @since 1.5.2 Get role objects instead of arrays.
* @since 1.6 Moved to this class from main class.
* @since 1.8 Moved from VAA_View_Admin_As_Store.
* @access public
* @global \WP_Roles $wp_roles
* @return void
*/
public function store_data() {
// @since 1.6.3 Check for the wp_roles() function in WP 4.3+.
if ( function_exists( 'wp_roles' ) ) {
$wp_roles = wp_roles();
} else {
global $wp_roles;
}
// Store available roles (role_objects for objects, roles for arrays).
$roles = $wp_roles->role_objects;
if ( ! VAA_API::is_super_admin() ) {
// The current user is not a super admin (or regular admin in single installations).
unset( $roles['administrator'] );
// @see https://codex.wordpress.org/Plugin_API/Filter_Reference/editable_roles.
$editable_roles = apply_filters( 'editable_roles', $wp_roles->roles );
// Current user has the view_admin_as capability, otherwise this functions would'nt be called.
foreach ( $roles as $role_key => $role ) {
if ( ! array_key_exists( $role_key, $editable_roles ) ) {
// Remove roles that this user isn't allowed to edit.
unset( $roles[ $role_key ] );
}
elseif ( $role instanceof WP_Role && $role->has_cap( 'view_admin_as' ) ) {
// Remove roles that have the view_admin_as capability.
unset( $roles[ $role_key ] );
}
}
}
// @since 1.6.4 Set role names.
$role_names = array();
foreach ( $roles as $role_key => $role ) {
if ( isset( $wp_roles->role_names[ $role_key ] ) ) {
$role_names[ $role_key ] = $wp_roles->role_names[ $role_key ];
} else {
$role_names[ $role_key ] = $role->name;
}
}
$this->store->set_rolenames( $role_names );
$this->set_data( $roles );
}
/**
* Set the view type data.
*
* @since 1.8
* @access public
* @param mixed $val
* @param string $key (optional) The data key.
* @param bool $append (optional) Append if it doesn't exist?
*/
public function set_data( $val, $key = null, $append = true ) {
$this->store->set_roles( $val, $key, $append );
}
/**
* Get the view type data.
*
* @since 1.8
* @access public
* @param string $key (optional) The data key.
* @return mixed
*/
public function get_data( $key = null ) {
return $this->store->get_roles( $key );
}
/**
* Main Instance.
*
* Ensures only one instance of this class is loaded or can be loaded.
*
* @since 1.8
* @access public
* @static
* @param \VAA_View_Admin_As $caller The referrer class.
* @return \VAA_View_Admin_As_Roles $this
*/
public static function get_instance( $caller = null ) {
if ( is_null( self::$_instance ) ) {
self::$_instance = new self( $caller );
}
return self::$_instance;
}
} // End class VAA_View_Admin_As_Roles.

944
backend/wordpress/wp-content/plugins/view-admin-as/modules/class-users.php Executable file
View File

@@ -0,0 +1,944 @@
<?php
/**
* View Admin As - User switcher
*
* @author Jory Hogeveen <info@keraweb.nl>
* @package View_Admin_As
*/
if ( ! defined( 'VIEW_ADMIN_AS_DIR' ) ) {
die();
}
/**
* User switcher view type.
*
* @author Jory Hogeveen <info@keraweb.nl>
* @package View_Admin_As
* @since 0.1 View type existed in core.
* @since 1.8 Created this class.
* @version 1.8
* @uses \VAA_View_Admin_As_Type Extends class
*/
class VAA_View_Admin_As_Users extends VAA_View_Admin_As_Type
{
/**
* The single instance of the class.
*
* @since 1.8
* @static
* @var \VAA_View_Admin_As_Users
*/
private static $_instance = null;
/**
* @since 1.8
* @var string
*/
protected $type = 'user';
/**
* The icon for this view type.
*
* @since 1.8
* @var string
*/
protected $icon = 'dashicons-admin-users';
/**
* Provide ajax search instead of loading all users at once?
*
* @since 1.8 Ajax search UI not available yet.
* @var bool
*/
protected $ajax_search = false;
/**
* Populate the instance.
*
* @since 1.8
* @access protected
* @param \VAA_View_Admin_As $vaa The main VAA object.
*/
protected function __construct( $vaa ) {
self::$_instance = $this;
parent::__construct( $vaa );
if ( ! $this->has_access() ) {
return;
}
$this->priorities = array(
'toolbar' => 30,
'view_title' => 5,
'validate_view_data' => 10,
'update_view' => 10,
'do_view' => 2,
);
$this->label = __( 'Users', VIEW_ADMIN_AS_DOMAIN );
$this->label_singular = __( 'User', VIEW_ADMIN_AS_DOMAIN );
$this->init_hooks();
if ( $this->is_enabled() ) {
$this->add_action( 'vaa_admin_bar_settings_after', array( $this, 'admin_bar_menu_settings' ), 10, 2 );
}
// Users can also be switched from the user list page.
if ( 'browse' === $this->store->get_userSettings( 'view_mode' ) ) {
$this->add_filter( 'user_row_actions', array( $this, 'filter_user_row_actions' ), 10, 2 );
}
if ( VAA_API::is_ajax_request( 'view_admin_as_search_users' ) ) {
$this->ajax_search_users();
}
}
/**
* Apply the user view.
*
* @since 1.8
* @access public
*/
public function do_view() {
if ( $this->selected && ( ! $this->is_enabled() || $this->ajax_search ) ) {
// Store the single selected user.
$this->validate_target_user( $this->selected );
}
if ( parent::do_view() ) {
/**
* Change current user object so changes can be made on various screen settings.
* wp_set_current_user() returns the new user object.
*/
$this->store->set_selectedUser( wp_set_current_user( (int) $this->selected ) );
// @since 1.6.2 Set the caps for this view (user view).
if ( isset( $this->store->get_selectedUser()->allcaps ) ) {
$this->store->set_selectedCaps( $this->store->get_selectedUser()->allcaps );
}
}
}
/**
* Change the VAA admin bar menu title.
*
* @since 1.8
* @access public
* @param array $titles The current title(s).
* @return array
*/
public function view_title( $titles = array() ) {
$current = $this->validate_target_user( $this->selected );
if ( $current ) {
$type = $this->label_singular;
$user = $this->store->get_selectedUser();
$titles[ $type ] = $this->get_view_title( $user );
/**
* Filter documented in /templates/adminbar-user-items.php
*/
if ( ! $this->store->get_view( 'role' ) && apply_filters( 'vaa_admin_bar_view_title_' . $this->type . '_show_roles', true, $user ) ) {
$user_roles = array();
foreach ( (array) $user->roles as $role ) {
$user_roles[] = $this->store->get_rolenames( $role );
}
$titles[ $type ] .= ' <span class="user-role">(' . implode( ', ', $user_roles ) . ')</span>';
}
}
return $titles;
}
/**
* Get the view title.
*
* @since 1.8
* @param \WP_User $user
* @return string
*/
public function get_view_title( $user ) {
$title = $user->display_name;
if ( ! $title ) {
$title = $user->nickname;
}
/**
* Change the display title for user nodes.
*
* @since 1.8
* @param string $title User display name.
* @param \WP_User $user The user object.
* @return string
*/
$title = apply_filters( 'vaa_admin_bar_view_title_' . $this->type, $title, $user );
return $title;
}
/**
* View update handler (Ajax probably), called from main handler.
*
* @since 1.8 Renamed from `ajax_handler`
* @access public
* @param null $null Null.
* @param mixed $data The ajax data for this module.
* @param string $type The view type.
* @return bool
*/
public function update_view( $null, $data, $type = null ) {
if ( $type !== $this->type ) {
return $null;
}
if ( $this->validate_view_data( null, $data ) ) {
$this->store->set_view( $data, $this->type, true );
return true;
}
return false;
}
/**
* Validate data for this view type
*
* @since 1.7
* @since 1.8 Moved from VAA_View_Admin_As_Controller
* @access public
* @param null $null Default return (invalid)
* @param mixed $data The view data
* @return mixed
*/
public function validate_view_data( $null, $data = null ) {
// User data must be a number and exists in the loaded array of user id's.
if ( is_numeric( $data ) && $this->validate_target_user( $data ) ) {
return $data;
}
return $null;
}
/**
* Add the admin bar items.
*
* @since 1.5
* @since 1.8 Moved from VAA_View_Admin_As_Admin_Bar.
* @access public
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The root item.
*/
public function admin_bar_menu( $admin_bar, $root ) {
static $done;
if ( $done ) return;
if ( ! $this->is_enabled() ) {
return;
}
$main_root = $root;
$root = $main_root . '-users';
$title_submenu = false;
$admin_bar->add_group( array(
'id' => $root,
'parent' => $main_root,
'meta' => array(
'class' => 'ab-sub-secondary',
),
) );
$admin_bar->add_node( array(
'id' => $root . '-title',
'parent' => $root,
'title' => VAA_View_Admin_As_Form::do_icon( $this->icon ) . $this->label,
'href' => false,
'meta' => array(
'class' => 'vaa-has-icon ab-vaa-title ab-vaa-toggle active',
'tabindex' => '0',
),
) );
if ( ! $this->group_user_roles() && 15 < count( $this->get_data() ) ) {
$admin_bar->add_group( array(
'id' => $root . '-all',
'parent' => $root . '-title',
'meta' => array(
'class' => 'vaa-auto-max-height',
),
) );
$title_submenu = true;
};
/**
* Add items at the beginning of the users group.
*
* @since 1.5
* @see 'admin_bar_menu' action
* @link https://codex.wordpress.org/Class_Reference/WP_Admin_Bar
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The current root item.
* @param string $main_root The main root item.
*/
do_action( 'vaa_admin_bar_users_before', $admin_bar, $root, $main_root );
include VIEW_ADMIN_AS_DIR . 'ui/templates/adminbar-user-actions.php';
if ( $this->get_data() ) {
if ( $title_submenu ) {
$parent = $root . '-all';
}
// Add the users.
include VIEW_ADMIN_AS_DIR . 'ui/templates/adminbar-user-items.php';
}
/**
* Add items at the end of the users group.
*
* @since 1.5
* @see 'admin_bar_menu' action
* @link https://codex.wordpress.org/Class_Reference/WP_Admin_Bar
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The current root item.
* @param string $main_root The main root item.
*/
do_action( 'vaa_admin_bar_users_after', $admin_bar, $root, $main_root );
$done = true;
}
/**
* User view type settings.
*
* @since 1.8
* @access public
* @param \WP_Admin_Bar $admin_bar The toolbar object.
* @param string $root The root item.
*/
public function admin_bar_menu_settings( $admin_bar, $root ) {
/**
* force_group_users setting.
*
* @since 1.5.2
* @since 1.8 Moved to this class & enhance checks whether to show this setting or not.
*/
if ( ! $this->ajax_search &&
VAA_API::is_view_type_enabled( 'role' ) &&
$this->store->get_roles() &&
(
! $this->group_user_roles() ||
15 >= ( count( (array) $this->get_data() ) + count( (array) $this->store->get_roles() ) )
)
) {
$admin_bar->add_node(
array(
'id' => $root . '-force-group-users',
'parent' => $root,
'title' => VAA_View_Admin_As_Form::do_checkbox(
array(
'name' => $root . '-force-group-users',
'value' => $this->store->get_userSettings( 'force_group_users' ),
'compare' => true,
'label' => __( 'Group users', VIEW_ADMIN_AS_DOMAIN ),
'description' => __( 'Group users under their assigned roles', VIEW_ADMIN_AS_DOMAIN ),
'help' => true,
'auto_js' => array(
'setting' => 'user_setting',
'key' => 'force_group_users',
'refresh' => true,
),
'auto_showhide' => true,
)
),
'href' => false,
'meta' => array(
'class' => 'auto-height',
),
)
);
}
}
/**
* Group the users under their roles?
*
* @since 1.5 As a parameter in VAA_View_Admin_As_Admin_Bar.
* @since 1.8 Moved from VAA_View_Admin_As_Admin_Bar and changed to a function.
* @access public
* @return bool
*/
public function group_user_roles() {
static $check;
if ( is_bool( $check ) ) return $check;
$check = false;
if ( $this->ajax_search ) {
return $check;
}
$roles = $this->store->get_roles();
if ( ! $roles || ! VAA_API::is_view_type_enabled( 'role' ) ) {
return $check;
}
$force = $this->store->get_userSettings( 'force_group_users' );
// If the amount of items (roles and users combined) is more than 15 users, group them under their roles.
// There are no roles to group users on network pages.
if ( ! is_network_admin() &&
( $force || 15 < ( count( (array) $this->get_data() ) + count( (array) $roles ) ) )
) {
$check = true;
}
return $check;
}
/**
* Check if the original user can access a user (view as).
* Also checks the current store.
*
* @since 1.8
* @access public
* @param int|\WP_User $user
* @return \WP_User
*/
public function validate_target_user( $user ) {
$user_id = ( $user instanceof WP_User ) ? $user->ID : $user;
$check = $this->get_data( $user_id );
if ( $check ) {
return $check;
}
$check = $this->filter_users_by_access( array( $user ) );
if ( ! empty( $check[ $user_id ] ) ) {
$user = $check[ $user_id ];
$this->set_data( $user, $user->ID, true );
return $user;
}
return null;
}
/**
* Search users with AJAX.
*
* @since 1.8
*/
public function ajax_search_users() {
$args = VAA_API::get_ajax_request( $this->store->get_nonce(), 'view_admin_as_search_users' );
if ( ! $args ) {
wp_send_json_error( __( 'Cheatin uh?', VIEW_ADMIN_AS_DOMAIN ) );
die();
}
if ( ! is_array( $args ) ) {
$args = array(
'search' => $args,
);
}
$users = $this->search_users( $args );
if ( ! $users ) {
wp_send_json_error();
die();
}
$return = '';
foreach ( $users as $user ) {
$href = VAA_API::get_vaa_action_link( array( $this->type => $user->ID ), $this->store->get_nonce( true ) );
$class = 'vaa-' . $this->type . '-item';
$title = $this->get_view_title( $user );
$view_title = VAA_View_Admin_As_Form::do_view_title( $title, $this, $user->ID );
/**
* Filter documented in /templates/adminbar-user-items.php
*/
if ( ! $this->store->get_view( 'role' ) && apply_filters( 'vaa_admin_bar_view_title_' . $this->type . '_show_roles', true, $user ) ) {
$selected_user_roles = array();
foreach ( (array) $user->roles as $role ) {
$selected_user_roles[] = $this->store->get_rolenames( $role );
}
$view_title .= ' <span class="user-role">(' . implode( ', ', $selected_user_roles ) . ')</span>';
}
$attr = array(
'href' => $href,
'class' => 'ab-item',
// Translators: %s stands for the user display name.
'title' => sprintf( __( 'View as %s', VIEW_ADMIN_AS_DOMAIN ), $title ),
);
$item = '<a ' . VAA_View_Admin_As_Form::parse_to_html_attr( $attr ) . '>' . $view_title . '</a>';
$return .= '<li class="' . $class . '">' . $item . '</a>';
}
wp_send_json_success( $return );
die();
}
/**
* Search users.
*
* @since 1.8
* @param array $args Function arguments.
* @return \WP_User[]
*/
public function search_users( $args = array() ) {
$this->store_data( $args );
return $this->get_data();
}
/**
* Store available users.
*
* @since 1.5
* @since 1.6 Moved to this class from main class.
* @since 1.6.2 Reduce user queries to 1 for non-network pages with custom query handling.
* @since 1.8 Moved from VAA_View_Admin_As_Store.
* @access public
* @global \wpdb $wpdb
* @param array $args Function arguments.
* @return void
*/
public function store_data( $args = array() ) {
global $wpdb;
$args = wp_parse_args( $args, array(
/**
* Change the limit for querying users.
* @since 1.8
* @param int $limit Default: 100.
* @return int
*/
'limit' => apply_filters( 'view_admin_as_user_query_limit', 100 ),
'search' => '',
'search_by' => 'display_name', // @todo: display_name|user_login|user_email
) );
$limit = (int) $args['limit'];
$super_admins = get_super_admins();
// Load the superior admins.
$superior_admins = VAA_API::get_superior_admins();
// Is the current user a super admin?
$is_super_admin = VAA_API::is_super_admin();
// Is it also one of the manually configured superior admins?
$is_superior_admin = VAA_API::is_superior_admin();
/**
* Base user query.
* Also gets the roles from the user meta table.
* Reduces queries to 1 when getting the available users.
*
* @since 1.6.2
* @todo Use it for network pages as well?
* @todo Check options https://github.com/JoryHogeveen/view-admin-as/issues/24.
*/
$user_query = array(
'select' => "SELECT users.*, usermeta.meta_value AS roles",
'from' => "FROM {$wpdb->users} users",
'join' => "INNER JOIN {$wpdb->usermeta} usermeta ON ( users.ID = usermeta.user_id )",
'where' => "WHERE ( usermeta.meta_key = '{$wpdb->get_blog_prefix()}capabilities' )",
'order_by' => "ORDER BY users.display_name ASC",
'limit' => 'LIMIT ' . $limit,
);
/**
* Search for users.
* @since 1.8
* @link https://developer.wordpress.org/reference/classes/wp_user_query/prepare_query/
* @link https://developer.wordpress.org/reference/classes/wp_user_query/get_search_sql/
*/
if ( ! empty( $args['search'] ) ) {
if ( ! in_array( $args['search_by'], array( 'display_name', 'user_login', 'user_email' ), true ) ) {
$args['search_by'] = 'display_name';
}
$args['search'] = esc_sql( $args['search'] );
$user_query['where'] .= " AND users.{$args['search_by']} LIKE '%{$args['search']}%'";
}
if ( is_network_admin() ) {
/**
* Super admins are only available for superior admins.
* (short circuit return for performance).
* @since 1.6.3
*/
if ( ! $is_superior_admin ) {
return;
}
// Get super admins (returns login's).
$users = $super_admins;
// Remove current user.
if ( in_array( $this->store->get_curUser()->user_login, $users, true ) ) {
unset( $users[ array_search( $this->store->get_curUser()->user_login, $users, true ) ] );
}
// Convert login to WP_User objects and filter them for superior admins.
foreach ( $users as $key => $user_login ) {
$user = get_user_by( 'login', $user_login );
// Compare user ID with superior admins array.
if ( isset( $user->ID ) && ! in_array( (int) $user->ID, $superior_admins, true ) ) {
$users[ $key ] = $user;
} else {
unset( $users[ $key ] );
}
}
// @todo Maybe build network super admins where clause for SQL instead of `get_user_by`.
/*
if ( ! empty( $users ) && $include = implode( ',', array_map( 'strval', $users ) ) ) {
$user_query['where'] .= " AND users.user_login IN ({$include})";
}
*/
} else {
/**
* Exclude current user and superior admins (values are user ID's).
*
* @since 1.5.2 Exclude the current user.
* @since 1.6.2 Exclude in SQL format.
*/
$exclude = implode( ',',
array_unique(
array_map( 'absint',
array_merge( $superior_admins, array( $this->store->get_curUser()->ID ) )
)
)
);
$user_query['where'] .= " AND users.ID NOT IN ({$exclude})";
/**
* Do not get regular admins for normal installs.
*
* @since 1.5.2 WP 4.4+ only >> ( 'role__not_in' => 'administrator' ).
* @since 1.6.2 Exclude in SQL format (Not WP dependent).
*/
if ( ! is_multisite() && ! $is_superior_admin ) {
$user_query['where'] .= " AND usermeta.meta_value NOT LIKE '%administrator%'";
}
/**
* Do not get super admins for network installs (values are usernames).
* These we're filtered after query in previous versions.
*
* @since 1.6.3
*/
if ( is_multisite() && ! $is_superior_admin && ! empty( $super_admins[0] ) ) {
// Escape usernames just to be sure.
$super_admins = array_filter( $super_admins, 'validate_username' );
// Pre WP 4.4 - Remove empty usernames since these return true before WP 4.4.
$super_admins = array_filter( $super_admins );
$exclude_siblings = "'" . implode( "','", $super_admins ) . "'";
$user_query['where'] .= " AND users.user_login NOT IN ({$exclude_siblings})";
}
// Run query (OBJECT_K to set the user ID as key).
// @codingStandardsIgnoreLine >> $wpdb->prepare() not needed
$users_results = $wpdb->get_results( implode( ' ', $user_query ), OBJECT_K );
if ( $users_results ) {
$users = array();
// Temp set users.
$this->set_data( $users_results );
// @hack Short circuit the meta queries (not needed).
add_filter( 'get_user_metadata', array( $this, '_filter_get_user_capabilities' ), 10, 3 );
// Turn query results into WP_User objects.
foreach ( $users_results as $user ) {
$user->roles = maybe_unserialize( $user->roles );
$users[ $user->ID ] = new WP_User( $user );
}
// @hack Restore the default meta queries.
remove_filter( 'get_user_metadata', array( $this, '_filter_get_user_capabilities' ) );
// Clear temp users.
$this->set_data( array() );
} else {
// @todo Notice on debug? If so, check if the query gave an error before doing so...
// Fallback to WP native functions.
$user_args = array(
'orderby' => 'display_name',
// @since 1.5.2 Exclude the current user.
'exclude' => array_merge( $superior_admins, array( $this->store->get_curUser()->ID ) ),
// @since 1.8 Limit the number of users to return.
'number' => $limit,
);
// @since 1.5.2 Do not get regular admins for normal installs (WP 4.4+).
if ( ! is_multisite() && ! $is_superior_admin ) {
$user_args['role__not_in'] = 'administrator';
}
// @since 1.8 Search for users.
if ( ! empty( $args['search'] ) ) {
$user_args['search'] = $args['search'];
$user_args['search_columns'] = (array) $args['search_by'];
}
$users = get_users( $user_args );
}
// @since 1.8 Switch to ajax search because of load time.
if ( $limit <= count( $users ) ) {
$this->ajax_search = true;
if ( ! VAA_API::is_ajax_request( 'view_admin_as_search_users' ) ) {
return;
}
}
// Sort users by role and filter them on available roles.
$users = $this->filter_sort_users_by_role( $users );
} // End if().
$users = $this->filter_users_by_access( $users );
$this->set_data( $users );
}
/**
* Filter the WP_User object construction to short circuit the extra meta queries.
*
* FOR INTERNAL USE ONLY!!!
* @hack
* @internal
*
* @since 1.6.2
* @since 1.8 Moved to this class from VAA_View_Admin_As_Store
* @see \WP_User::for_site() ( prev: \WP_User::_init_caps() ) >> wp-includes/class-wp-user.php
* @see get_metadata() >> `get_user_metadata` filter
* @link https://developer.wordpress.org/reference/functions/get_metadata/
*
* @global \wpdb $wpdb
* @param null $null The value get_metadata() should return.
* @param int $user_id Object ID.
* @param string $meta_key Meta key.
* @return mixed
*/
public function _filter_get_user_capabilities( $null, $user_id, $meta_key ) {
global $wpdb;
if ( $wpdb->get_blog_prefix() . 'capabilities' === $meta_key && array_key_exists( $user_id, $this->get_data() ) ) {
$roles = $this->get_data( $user_id )->roles;
if ( is_string( $roles ) ) {
// It is still raw DB data, unserialize it.
$roles = maybe_unserialize( $roles );
}
// Always return an array format due to $single handling (unused 4th parameter).
return array( $roles );
}
return $null;
}
/**
* Filter users and remove those who the selected user can't access.
*
* @since 1.8
* @access public
* @param \WP_User[]|\WP_User $users
* @param null|int|\WP_User $user_id
* @return array
*/
public function filter_users_by_access( $users, $user_id = null ) {
if ( ! is_array( $users ) ) {
$users = array( $users );
}
$super_admins = get_super_admins();
// Load the superior admins.
$superior_admins = VAA_API::get_superior_admins();
// Is the user a super admin?
$is_super_admin = VAA_API::is_super_admin( $user_id );
// Is it also one of the manually configured superior admins?
$is_superior_admin = VAA_API::is_superior_admin( $user_id );
foreach ( $users as $user_key => $user ) {
if ( ! $user instanceof WP_User ) {
$user = get_user_by( 'ID', $user );
unset( $users[ $user_key ] );
if ( ! $user instanceof WP_User ) {
continue;
}
$user_key = $user->ID;
$users[ $user_key ] = $user;
}
// If the current user is not a superior admin, run the user filters.
if ( true !== $is_superior_admin ) {
/**
* Implement in_array() on get_super_admins() check instead of is_super_admin().
* Reduces the amount of queries while the end result is the same.
*
* @since 1.5.2
* @see get_super_admins() >> wp-includes/capabilities.php
* @see is_super_admin() >> wp-includes/capabilities.php
* @link https://developer.wordpress.org/reference/functions/is_super_admin/
*/
if ( // Remove super admins for multisites.
( is_multisite() && in_array( $user->user_login, (array) $super_admins, true ) ) ||
// Remove regular admins for normal installs.
( ! is_multisite() && $user->has_cap( 'administrator' ) ) ||
// Remove users who can access this plugin for non-admin users with the view_admin_as capability.
( ! $is_super_admin && $user->has_cap( 'view_admin_as' ) )
) {
unset( $users[ $user_key ] );
continue;
}
}
// @since 1.7.6 Remove users who are not allowed to be edited by this user.
if ( ! current_user_can( 'edit_user', $user->ID ) ) {
unset( $users[ $user_key ] );
continue;
}
}
return $users;
}
/**
* Sort users by role.
* Only done if roles are stored (role type enabled and initialized before the user type).
*
* @since 1.1
* @since 1.6 Moved to this class from main class.
* @since 1.7.1 User ID as array key.
* @access public
*
* @see store_users()
*
* @param \WP_User[] $users Array of user objects (WP_User).
* @return \WP_User[] $users
*/
public function filter_sort_users_by_role( $users ) {
$roles = $this->store->get_roles();
if ( ! $roles ) {
return $users;
}
$tmp_users = array();
foreach ( $roles as $role => $role_data ) {
foreach ( $users as $user ) {
// Reset the array to make sure we find a key.
// Only one key is needed to add the user to the list of available users.
reset( $user->roles );
if ( current( $user->roles ) === $role ) {
$tmp_users[ $user->ID ] = $user;
}
}
}
$users = $tmp_users;
return $users;
}
/**
* Filter function to add view-as links on user rows in users.php.
*
* @since 1.6
* @since 1.6.3 Check whether to place link + reset link for current user.
* @since 1.8 Moved to this class from VAA_View_Admin_As_UI.
* @access public
* @param array $actions The existing actions.
* @param \WP_User $user The user object.
* @return array
*/
public function filter_user_row_actions( $actions, $user ) {
if ( is_network_admin() ) {
$link = network_admin_url();
} else {
$link = admin_url();
}
if ( $user->ID === $this->store->get_curUser()->ID ) {
// Add reset link if it is the current user and a view is selected.
if ( $this->store->get_view() ) {
$link = VAA_API::get_reset_link( $link );
} else {
$link = false;
}
}
elseif ( $this->store->get_users( $user->ID ) || $this->filter_users_by_access( array( $user ) ) ) {
$link = VAA_API::get_vaa_action_link( array( $this->type => $user->ID ), $this->store->get_nonce( true ), $link );
} else {
$link = false;
}
if ( $link ) {
$icon = 'dashicons-visibility';
$icon_attr = array(
'style' => array(
'font-size: inherit;',
'line-height: inherit;',
'display: inline;',
'vertical-align: text-top;',
),
);
$title = VAA_View_Admin_As_Form::do_icon( $icon, $icon_attr ) . ' ' . esc_html__( 'View as', VIEW_ADMIN_AS_DOMAIN );
$actions['vaa_view'] = '<a href="' . $link . '">' . $title . '</a>';
}
return $actions;
}
/**
* Set the view type data.
*
* @since 1.8
* @access public
* @param mixed $val
* @param string $key (optional) The data key.
* @param bool $append (optional) Append if it doesn't exist?
*/
public function set_data( $val, $key = null, $append = true ) {
$this->store->set_users( $val, $key, $append );
}
/**
* Get the view type data.
*
* @since 1.8
* @access public
* @param string $key (optional) The data key.
* @return mixed
*/
public function get_data( $key = null ) {
return $this->store->get_users( $key );
}
/**
* Main Instance.
*
* Ensures only one instance of this class is loaded or can be loaded.
*
* @since 1.8
* @access public
* @static
* @param \VAA_View_Admin_As $caller The referrer class.
* @return \VAA_View_Admin_As_Users $this
*/
public static function get_instance( $caller = null ) {
if ( is_null( self::$_instance ) ) {
self::$_instance = new self( $caller );
}
return self::$_instance;
}
} // End class VAA_View_Admin_As_Users.

2
backend/wordpress/wp-content/plugins/view-admin-as/modules/index.php Executable file
View File

@@ -0,0 +1,2 @@
<?php
//Nothing to see here