Changeset 2830
- Timestamp:
- 03/28/2016 07:06:41 PM (9 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/class-capabilities.php
r2777 r2830 9 9 class Capabilities { 10 10 11 /** 12 * Filters a user's capabilities depending on specific context and/or privilege. 13 * 14 * @param array $required_caps Returns the user's actual capabilities. 15 * @param string $cap Capability name. 16 * @param int $user_id The user ID. 17 * @param array $context Adds the context to the cap. Typically the object ID. 18 */ 11 19 public static function map_meta_cap( $required_caps, $cap, $user_id, $context ) { 12 20 switch( $cap ) { 13 21 22 case 'plugin_edit': 14 23 case 'plugin_add_committer': 15 24 case 'plugin_remove_committer': 16 case 'plugin_edit':17 25 $required_caps = array(); 18 $post = self::get_post_from_context( $context);19 if ( ! $post ) {26 $post = get_post( $context[0] ); 27 if ( ! $post instanceof \WP_Post ) { 20 28 $required_caps[] = 'do_not_allow'; 21 29 break; 22 30 } 23 31 24 $user = new \WP_User( $user_id );32 $user = new \WP_User( $user_id ); 25 33 $committers = Tools::get_plugin_committers( $post->post_name ); 26 34 27 if ( $post->post_author === $user_id ) {35 if ( $post->post_author === $user_id || in_array( $user->user_login, $committers, true ) ) { 28 36 $required_caps[] = 'plugin_edit_own'; 29 } elseif ( in_array( $user->user_login, $committers, true ) ) { 30 $required_caps[] = 'plugin_edit_own'; 37 31 38 } else { 32 39 if ( 'pending' == $post->post_status ) { 33 40 $required_caps[] = 'plugin_edit_pending'; 41 34 42 } else { 35 43 $required_caps[] = 'plugin_edit_others'; … … 38 46 break; 39 47 40 // Don't allow any users to alter the post meta for plugins 48 // Don't allow any users to alter the post meta for plugins. 41 49 case 'add_post_meta': 42 50 case 'edit_post_meta': … … 45 53 if ( $post && 'plugin' == $post->post_type ) { 46 54 $required_caps[] = 'do_not_allow'; 47 break;48 55 } 49 56 break; … … 63 70 } 64 71 65 protected static function get_post_from_context( $context ) {66 if ( ! $context ) {67 return false;68 }69 $context = $context[0];70 71 $post = false;72 if ( is_int( $context ) ) {73 $post = get_post( $context );74 } elseif ( $context instanceof \WP_Post ) {75 $post = $context;76 } elseif ( is_string( $context ) ) {77 $post = Plugin_Directory::get_plugin_post( $context );78 }79 if ( ! $post || 'plugin' != $post->post_type ) {80 return false;81 }82 return $post;83 }84 85 72 public static function add_roles() { 86 73 $committer = array( … … 92 79 ); 93 80 94 $reviewer = array( 95 'read' => true, 96 'plugin_dashboard_access' => true, 81 $reviewer = array_merge( $committer, array( 97 82 'plugin_edit_pending' => true, 98 83 'plugin_approve' => true, 99 84 'plugin_reject' => true, 100 ) ;85 ) ); 101 86 102 87 $admin = array_merge( $reviewer, array( … … 115 100 add_role( 'plugin_reviewer', 'Plugin Reviewer', $reviewer ); 116 101 add_role( 'plugin_admin', 'Plugin Admin', $admin ); 102 103 foreach( array( 'contributor', 'author', 'editor', 'administrator' ) as $role ) { 104 $wp_role = get_role( $role ); 105 106 foreach ( $committer as $committer_cap ) { 107 $wp_role->add_cap( $committer_cap ); 108 } 109 110 if ( in_array( $role, array( 'editor', 'administrator' ) ) ) { 111 foreach ( $admin as $admin_cap ) { 112 $wp_role->add_cap( $admin_cap ); 113 } 114 } 115 } 117 116 } 118 117 }
Note: See TracChangeset
for help on using the changeset viewer.