Making WordPress.org

source: sites/trunk/wordcamp.org/public_html/wp-content/mu-plugins/trusted-deputy-capabilities.php @ 1673

Last change on this file since 1673 was 1673, checked in by iandunn, 7 years ago

Trusted Deputy Capabilities: Pull deputy user IDs from global configuration.

This is more consistent with how other user-specific capabilities are defined across the WordPress.org network.

File size: 3.8 KB
Line 
1<?php
2
3namespace WordCamp\Trusted_Deputy_Capabilities;
4
5/*
6 * Allow trusted WordCamp Deputies to perform limited Super Admin functions
7 *
8 * They should be able to:
9 *  - Perform administrator-level functions on all sites
10 *  - Create new sites
11 *  - Connect Jetpack to WordPress.com for all sites
12 *  - Use the Payments dashboard
13 *
14 * They should not be able to network-activate plugins, modify users, write unfiltered_html, or any other
15 * capability that isn't explicitly granted.
16 */
17
18
19/**
20 * Give extra capabilities to trusted Deputies
21 *
22 * @param array  $required_capabilities The primitive capabilities that are required to perform the requested meta capability
23 * @param string $requested_capability  The requested meta capability
24 * @param int    $user_id               The user ID.
25 * @param array  $args                  Adds the context to the cap. Typically the object ID.
26 *
27 * @return array
28 */
29function allow_trusted_deputy_capabilities( $required_capabilities, $requested_capability, $user_id, $args ) {
30        global $trusted_deputies;
31        $allow_capability = true;
32
33        if ( ! in_array( $user_id, $trusted_deputies ) ) {
34                $allow_capability = false;
35        } else if ( in_array( 'do_not_allow', $required_capabilities ) ) {
36                $allow_capability = false;
37        } else if ( ! is_allowed_capability( $requested_capability, $required_capabilities ) ) {
38                $allow_capability = false;
39        }
40
41        if ( $allow_capability ) {
42                $required_capabilities = array();
43        }
44
45        return $required_capabilities;
46}
47add_filter( 'map_meta_cap', __NAMESPACE__ . '\allow_trusted_deputy_capabilities', 10, 4 );
48
49/**
50 * Determine if the given capability should be allowed for trusted Deputies
51 *
52 * @param string $capability
53 * @param array  $dependent_capabilities
54 *
55 * @return bool
56 */
57function is_allowed_capability( $capability, $dependent_capabilities ) {
58        $allowed = false;
59        $deputy_capabilities = get_trusted_deputy_capabilities();
60       
61        if ( array_key_exists( $capability, $deputy_capabilities ) ) {
62                $allowed = true;
63        } else {
64                foreach ( $dependent_capabilities as $dependent_capability ) {
65                        if ( array_key_exists( $dependent_capability, $deputy_capabilities ) ) {
66                                $allowed = true;
67                                break;
68                        }
69                }
70        }
71
72        return $allowed;
73}
74
75/**
76 * Get the capabilities that trusted Deputies should have
77 *
78 * @return array
79 */
80function get_trusted_deputy_capabilities() {
81        $administrator_role = get_role( 'administrator' );
82
83        $capabilities = array_merge(
84                $administrator_role->capabilities,
85                array(
86                        'manage_network' => true,
87                        'manage_sites'   => true,
88                )
89        );
90
91        return $capabilities;
92}
93
94/**
95 * Automated tests for allow_trusted_deputy_capabilities()
96 *
97 * To use, uncomment the callback registration, and login as a trusted Deputy.
98 *
99 * Note: wporg_remove_super_caps() denies `import` to non-Super Admins if the domain isn't wordcamp.org, which
100 * results in a false-negative on sandboxes with alternate domain names.
101 */
102function test_allow_trusted_deputy_capabilities() {
103        $capabilities = array(
104                'manage_network'     => true,
105                'manage_sites'       => true,
106                'activate_plugins'   => true,
107                'export'             => true,
108                'import'             => true,
109                'edit_theme_options' => true,
110
111                'manage_network_users'   => false,
112                'manage_network_plugins' => false,
113                'manage_network_themes'  => false,
114                'manage_network_options' => false,
115                'create_users'           => false,
116                'delete_plugins'         => false,
117                'delete_themes'          => false,
118                'delete_users'           => false,
119                'edit_files'             => false,
120                'edit_plugins'           => false,
121                'edit_themes'            => false,
122                'edit_users'             => false,
123        );
124
125        foreach ( $capabilities as $capability => $allowed ) {
126                printf(
127                        "<li>%s should be %s and was %s</li>",
128                        $capability,
129                        $allowed ? 'granted' : 'denied',
130                        current_user_can( $capability ) ? 'granted' : 'denied'
131                );
132        }
133
134        wp_die();
135}
136//add_action( 'init', __NAMESPACE__ . '\test_allow_trusted_deputy_capabilities' );
Note: See TracBrowser for help on using the repository browser.