Making WordPress.org


Ignore:
Timestamp:
03/22/2016 06:21:26 AM (9 years ago)
Author:
dd32
Message:

Plugin Directory: Introduce the Plugin Committer/Review & Admin roles. Use the capabilities throughout the core flows of the admin.
This also has a few hacks to make plugin committers/authors only see plugins which they can manage, although a few core bugs remain which cause non-owner committers not to be able to edit plugins properly.

See #1571

File:
1 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/class-plugin-directory.php

    r2735 r2777  
    2626        add_filter( 'the_content', array( $this, 'filter_post_content_to_correct_page' ), 1 );
    2727
     28        add_filter( 'map_meta_cap', array( __NAMESPACE__ . '\Capabilities', 'map_meta_cap' ), 10, 4 );
     29
    2830        // Load all Admin-specific items.
    29         add_action( 'admin_init', array( __NAMESPACE__ . '\Admin\Customizations', 'instance' ) );
     31        // Cannot be included on `admin_init` to allow access to menu hooks
     32        if ( defined( 'WP_ADMIN' ) && WP_ADMIN ) {
     33            Admin\Customizations::instance();
     34        }
    3035
    3136        register_activation_hook( PLUGIN_FILE, array( $this, 'activate' ) );
     
    6065            'rewrite'         => false,
    6166            'menu_icon'       => 'dashicons-admin-plugins',
    62             'capability_type' => array( 'post', 'posts' ), // TODO roles & capabilities
    63             'map_meta_cap'    => true,
    6467            'capabilities'    => array(
    65                 'create_posts' => 'do_not_allow'
     68                'edit_post'          => 'plugin_edit',
     69                'read_post'          => 'read',
     70                'edit_posts'         => 'plugin_dashboard_access',
     71                'edit_others_posts'  => 'plugin_edit_others',
     72                'read_private_posts' => 'do_not_allow',
     73                'delete_posts'       => 'do_not_allow',
     74                'create_posts'       => 'do_not_allow'
    6675            )
    6776        ) );
     
    7180            'query_var'         => 'plugin_category',
    7281            'rewrite'           => false,
    73             'public'            => true,
    74             'show_ui'           => true,
    75             'show_admin_column' => true,
     82            'public'            => false,
     83            'show_ui'           => current_user_can( 'plugin_set_category' ),
     84            'show_admin_column' => current_user_can( 'plugin_set_category' ),
    7685            'meta_box_cb'       => 'post_categories_meta_box',
    7786            'capabilities'      => array(
     
    102111            'show_admin_column' => true,
    103112            'meta_box_cb'       => array( __NAMESPACE__ . '\Admin\Metabox\Plugin_Tags', 'display' ),
    104             'capabilities'      => array()
     113            'capabilities'      => array(
     114                'assign_terms' => 'plugin_set_tags'
     115            )
    105116        ) );
    106117
     
    108119            'label'                     => _x( 'Pending', 'plugin status', 'wporg-plugins' ),
    109120            'public'                    => false,
    110             'show_in_admin_status_list' => true,
     121            'show_in_admin_status_list' => current_user_can( 'plugin_approve' ),
    111122            'label_count'               => _n_noop( 'Pending <span class="count">(%s)</span>', 'Pending <span class="count">(%s)</span>', 'wporg-plugins' ),
    112123        ) );
     
    114125            'label'                     => _x( 'Disabled', 'plugin status', 'wporg-plugins' ),
    115126            'public'                    => false,
    116             'show_in_admin_status_list' => true,
     127            'show_in_admin_status_list' => current_user_can( 'plugin_disable' ),
    117128            'label_count'               => _n_noop( 'Disabled <span class="count">(%s)</span>', 'Disabled <span class="count">(%s)</span>', 'wporg-plugins' ),
    118129        ) );
     
    120131            'label'                     => _x( 'Closed', 'plugin status', 'wporg-plugins' ),
    121132            'public'                    => false,
    122             'show_in_admin_status_list' => true,
     133            'show_in_admin_status_list' => current_user_can( 'plugin_close' ),
    123134            'label_count'               => _n_noop( 'Closed <span class="count">(%s)</span>', 'Closed <span class="count">(%s)</span>', 'wporg-plugins' ),
    124135        ) );
     
    126137            'label'                     => _x( 'Rejected', 'plugin status', 'wporg-plugins' ),
    127138            'public'                    => false,
    128             'show_in_admin_status_list' => true,
     139            'show_in_admin_status_list' => current_user_can( 'plugin_reject' ),
    129140            'label_count'               => _n_noop( 'Rejected <span class="count">(%s)</span>', 'Rejected <span class="count">(%s)</span>', 'wporg-plugins' ),
    130141        ) );
     
    141152        add_rewrite_endpoint( 'developers',   EP_PERMALINK );
    142153        add_rewrite_endpoint( 'other_notes',  EP_PERMALINK );
     154
     155        // If changing capabilities around, uncomment this.
     156        //Capabilities::add_roles();
    143157
    144158        // When this plugin is used in the context of a Rosetta site, handle it gracefully
     
    278292     */
    279293    public function use_plugins_in_query( $wp_query ) {
    280         if ( ! $wp_query->is_main_query() ) {
     294        if ( is_admin() || ! $wp_query->is_main_query() ) {
    281295            return;
    282296        }
    283297
    284         if ( empty( $wp_query->query_vars['pagename'] ) && ( empty( $wp_query->query_vars['post_type'] ) || 'posts' == $wp_query->query_vars['post_type'] ) ) {
     298        if ( empty( $wp_query->query_vars['pagename'] ) && ( empty( $wp_query->query_vars['post_type'] ) || 'post' == $wp_query->query_vars['post_type'] ) ) {
    285299            $wp_query->query_vars['post_type'] = array( 'plugin' );
    286300        }
Note: See TracChangeset for help on using the changeset viewer.