Changeset 4212
- Timestamp:
- 10/11/2016 06:27:26 AM (8 years ago)
- Location:
- sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory
- Files:
-
- 1 deleted
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/admin/class-customizations.php
r3506 r4212 29 29 30 30 add_action( 'pre_get_posts', array( $this, 'pre_get_posts' ) ); 31 add_action( 'save_post_plugin', array( $this, 'save_plugin_post' ) );32 31 33 32 add_action( 'load-edit.php', array( $this, 'bulk_reject_plugins' ) ); … … 52 51 add_action( 'wp_ajax_plugin-author-lookup', array( __NAMESPACE__ . '\Metabox\Author', 'lookup_author' ) ); 53 52 54 // Page access within wp-admin.55 add_action( 'admin_menu', array( $this, 'admin_menu' ) );56 add_action( 'load-index.php', array( $this, 'disable_admin_page' ) );57 add_action( 'load-profile.php', array( $this, 'disable_admin_page' ) );58 53 } 59 54 … … 128 123 129 124 /** 130 * Customizes the admin menu according to the current user's privileges.131 */132 public function admin_menu() {133 134 /*135 * WordPress requires that the plugin post_type have at least one submenu accessible *other* than itself.136 * If it doesn't have at least one submenu then users who cannot also publish posts will not be able to access the post type.137 */138 add_submenu_page( 'edit.php?post_type=plugin', 'Plugin Handbook', 'Plugin Handbook', 'read', 'handbook', function() {} );139 140 $readme_validator = Validator::instance();141 add_submenu_page( 'edit.php?post_type=plugin', 'Readme Validator', 'Readme Validator', 'read', 'readme_validator', array( $readme_validator, 'display' ) );142 143 if ( ! current_user_can( 'manage_options' ) ) {144 remove_menu_page( 'index.php' );145 remove_menu_page( 'profile.php' );146 }147 }148 149 /**150 * Disables admin pages.151 */152 public function disable_admin_page() {153 if ( ! current_user_can( 'manage_options' ) ) {154 155 // Dashboard is plugin dashboard.156 if ( 'load-index.php' === current_action() ) {157 wp_safe_redirect( admin_url( 'edit.php?post_type=plugin' ) );158 exit;159 }160 161 wp_die( __( 'You do not have permission to access this page.', 'wporg-plugins' ), '', array(162 'back_link' => true,163 ) );164 }165 }166 167 /**168 125 * Filter the query in wp-admin to list only plugins relevant to the current user. 169 126 * … … 190 147 } 191 148 192 $user = wp_get_current_user();193 194 if ( ! current_user_can( 'plugin_approve' ) && empty( $query->query['post_status']) || ( isset( $query->query['author'] ) && $query->query['author'] == $user->ID ) ) {195 $query->query_vars['author'] = $user->ID;196 197 $plugins = Tools::get_users_write_access_plugins( $user );198 if ( $plugins ) {199 $query->query_vars['post_name__in'] = $plugins;200 $query->query_vars['post_status'] = 'any';201 202 add_filter( 'posts_where', array( $this, 'pre_get_posts_sql_name_or_user' ) );203 }204 }205 }206 207 /**208 * Custom callback for pre_get_posts to use an OR query between post_name & post_author209 *210 * @ignore211 *212 * @param string $where WHERE clause.213 * @return string214 */215 public function pre_get_posts_sql_name_or_user( $where ) {216 global $wpdb;217 218 remove_filter( 'posts_where', array( $this, 'pre_get_posts_sql_name_or_user' ) );219 220 // Replace `post_name IN(..) AND post_author IN (..)`221 // With `( post_name IN() OR post_author IN() )`222 $where = preg_replace( "!\s(\S+\.post_name IN .+?)\s*AND\s*(\s\S+\.post_author.+?)AND!i", ' ( $1 OR $2 ) AND', $where );223 224 // Allow reviewers to also see all pending plugins.225 if ( current_user_can( 'plugin_edit_pending' ) && ( ! isset( $_GET['author'] ) || ( isset( $_GET['post_status'] ) && in_array( $_GET['post_status'], array( 'draft', 'pending' ) ) ) ) ) {226 $where .= " OR {$wpdb->posts}.post_status IN ('draft', 'pending')";227 }228 229 return $where;230 149 } 231 150 … … 405 324 } 406 325 407 // Only plugin reviewers/admins need review-related meta boxes. 408 if ( current_user_can( 'plugin_approve' ) ) { 409 add_meta_box( 410 'internal-notes', 411 __( 'Internal Notes', 'wporg-plugins' ), 412 array( __NAMESPACE__ . '\Metabox\Internal_Notes', 'display' ), 413 'plugin', 'normal', 'high' 414 ); 415 416 add_meta_box( 417 'plugin-review', 418 __( 'Plugin Review Tools', 'wporg-plugins' ), 419 array( __NAMESPACE__ . '\Metabox\Review_Tools', 'display' ), 420 'plugin', 'normal', 'high' 421 ); 422 423 add_meta_box( 424 'plugin-author', 425 __( 'Author Card', 'wporg-plugins' ), 426 array( __NAMESPACE__ . '\Metabox\Author_Card', 'display' ), 427 'plugin', 'side' 428 ); 429 } 326 add_meta_box( 327 'internal-notes', 328 __( 'Internal Notes', 'wporg-plugins' ), 329 array( __NAMESPACE__ . '\Metabox\Internal_Notes', 'display' ), 330 'plugin', 'normal', 'high' 331 ); 332 333 add_meta_box( 334 'plugin-review', 335 __( 'Plugin Review Tools', 'wporg-plugins' ), 336 array( __NAMESPACE__ . '\Metabox\Review_Tools', 'display' ), 337 'plugin', 'normal', 'high' 338 ); 339 340 add_meta_box( 341 'plugin-author', 342 __( 'Author Card', 'wporg-plugins' ), 343 array( __NAMESPACE__ . '\Metabox\Author_Card', 'display' ), 344 'plugin', 'side' 345 ); 430 346 431 347 add_meta_box( … … 460 376 ); 461 377 462 if ( current_user_can( 'plugin_add_committer', $post ) ) { 463 add_meta_box( 464 'plugin-stats', 465 __( 'Plugin Stats', 'wporg-plugins' ), 466 array( __NAMESPACE__ . '\Metabox\Stats', 'display' ), 467 'plugin', 'normal' 468 ); 469 } 378 add_meta_box( 379 'plugin-stats', 380 __( 'Plugin Stats', 'wporg-plugins' ), 381 array( __NAMESPACE__ . '\Metabox\Stats', 'display' ), 382 'plugin', 'normal' 383 ); 470 384 } 471 385 … … 477 391 if ( ! in_array( $post->post_status, array( 'draft', 'pending' ) ) || ! current_user_can( 'plugin_approve', $post ) ) { 478 392 remove_meta_box( 'slugdiv', 'plugin', 'normal' ); 479 }480 }481 482 /**483 * Hook into the save process for the plugin post_type to save extra metadata.484 *485 * Currently saves the tested_with value.486 *487 * @param int $post_id The post_id being updated.488 */489 public function save_plugin_post( $post_id ) {490 // Save meta information491 if ( isset( $_POST['tested_with'] ) && isset( $_POST['hidden_tested_with'] ) && $_POST['tested_with'] != $_POST['hidden_tested_with'] ) {492 update_post_meta( $post_id, 'tested', wp_slash( wp_unslash( $_POST['tested_with'] ) ) );493 393 } 494 394 } -
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/admin/metabox/class-controls.php
r3782 r4212 87 87 $post = get_post(); 88 88 $tested_up_to = (string) get_post_meta( $post->ID, 'tested', true ); 89 $versions = self::get_tested_up_to_versions( $tested_up_to );90 $tested_up_to = $versions['tested_up_to'];91 89 $unknown_string = _x( 'Unknown', 'unknown version', 'wporg-plugins' ); 92 90 ?> … … 94 92 <label for="tested_with"><?php _e( 'Tested With:', 'wporg-plugins' ); ?></label> 95 93 <strong id="tested-with-display"><?php echo ( $tested_up_to ? sprintf( 'WordPress %s', $tested_up_to ) : $unknown_string ); ?></strong> 96 <button type="button" class="button-link edit-tested-with hide-if-no-js">97 <span aria-hidden="true"><?php _e( 'Edit', 'wporg-plugins' ); ?></span>98 <span class="screen-reader-text"><?php _e( 'Edit tested with version', 'wporg-plugins' ); ?></span>99 </button>100 101 <div id="tested-with-select" class="plugin-control-select hide-if-js">102 <input type="hidden" name="hidden_tested_with" id="hidden-tested-with" value="<?php echo esc_attr( $tested_up_to ); ?>">103 <label class="screen-reader-text" for="tested-with"><?php _e( 'Version of WordPress it was tested with', 'wporg-plugins' ); ?></label>104 <select name="tested_with" id="tested-with">105 <?php106 foreach ( $versions['versions'] as $ver ) {107 printf(108 '<option value="%s" %s>%s</option>',109 esc_attr( $ver ),110 selected( $tested_up_to, $ver, true ),111 esc_html( $ver ? sprintf( 'WordPress %s', $ver ) : $unknown_string )112 );113 }114 ?>115 </select>116 <button type="button" class="save-tested-with hide-if-no-js button"><?php _e( 'OK', 'wporg-plugins' ); ?></button>117 <button type="button" class="cancel-tested-with hide-if-no-js button-link"><?php _e( 'Cancel', 'wporg-plugins' ); ?></button>118 </div>119 94 120 95 </div><!-- .misc-pub-section --><?php 121 96 } 122 97 123 /**124 * Fetch all versions which an author can set their plugin as tested with.125 *126 * This returns the latest release in the previous 4 branches, trunk, and127 * the current version the plugin is marked as tested with.128 *129 * @global string $wp_version The WordPress version string.130 *131 * @param string $tested_up_to The version which the plugin is currently specified as compatible to.132 * @return array An array containing 'versions' an array of versions for display, and 'tested_up_to'133 * the sanitized/most recent version of the $tested_up_to parameter.134 */135 protected static function get_tested_up_to_versions( $tested_up_to ) {136 global $wp_version;137 138 // Fetch all "compatible" versions, this array is in the form of [ '4.4.2' => [ '4.4.1', '4.4' ], ...]139 if ( function_exists( 'wporg_get_version_equivalents' ) ) {140 141 // This function is a global WordPress.org function.142 $all_versions = wporg_get_version_equivalents();143 } else {144 $all_versions = array( (string)(float) $wp_version => array( $wp_version ) );145 }146 147 $versions = array_slice( array_keys( $all_versions ), 0, 4 );148 149 foreach( $versions as $version ) {150 if ( in_array( $tested_up_to, $all_versions[ $version ] ) ) {151 $tested_up_to = $version;152 break;153 }154 }155 156 // If the version specified isn't going to display, insert it into the list.157 if ( ! in_array( $tested_up_to, $versions ) ) {158 $versions[] = $tested_up_to;159 }160 161 // WordPress.org runs trunk, this keeps the highest version selectable as trunk.162 $versions[] = preg_replace( '!-\d{4,}$!', '', $wp_version );163 164 return compact( 'versions', 'tested_up_to' );165 }166 98 } -
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/class-capabilities.php
r3511 r4212 24 24 switch( $cap ) { 25 25 26 // TODO: Map these for the users 26 27 case 'plugin_edit': 27 28 case 'plugin_add_committer': … … 29 30 $required_caps = array(); 30 31 $post = get_post( $context[0] ); 31 if ( ! $post instanceof \WP_Post) {32 if ( ! $post ) { 32 33 $required_caps[] = 'do_not_allow'; 33 34 break; … … 81 82 */ 82 83 public static function add_roles() { 83 $committer = array( 84 'read' => true, 85 'plugin_dashboard_access' => true, 86 'plugin_edit_own' => true, 87 'plugin_set_category' => true, 88 'plugin_add_committer' => true, 89 'plugin_edit_others' => true, 84 85 $reviewer = array( 86 'read' => true, 87 'plugin_edit_own' => true, 88 'plugin_set_category' => true, 89 'plugin_add_committer' => true, 90 'plugin_edit_others' => true, 91 'moderate_comments' => true, 92 'plugin_edit_pending' => true, 93 'plugin_review' => true, 90 94 ); 91 92 $reviewer = array_merge( $committer, array(93 'moderate_comments' => true,94 'plugin_edit_pending' => true,95 'plugin_review' => true,96 ) );97 95 98 96 $admin = array_merge( $reviewer, array( … … 106 104 107 105 // Remove the roles first, incase we've changed the permission set. 108 remove_role( 'plugin_committer' ); 109 remove_role( 'plugin_reviewer' ); 110 remove_role( 'plugin_admin' ); 111 add_role( 'plugin_committer', 'Plugin Committer', $committer ); 112 add_role( 'plugin_reviewer', 'Plugin Reviewer', $reviewer ); 113 add_role( 'plugin_admin', 'Plugin Admin', $admin ); 106 remove_role( 'plugin_reviewer' ); 107 remove_role( 'plugin_admin' ); 108 add_role( 'plugin_reviewer', 'Plugin Reviewer', $reviewer ); 109 add_role( 'plugin_admin', 'Plugin Admin', $admin ); 114 110 115 foreach ( array( 'contributor', 'author', 'editor', 'administrator' ) as $role ) { 116 $wp_role = get_role( $role ); 117 118 if ( ! $wp_role ) { 119 continue; 120 } 121 122 foreach ( $committer as $committer_cap => $value ) { 123 $wp_role->add_cap( $committer_cap ); 124 } 125 126 if ( in_array( $role, array( 'editor', 'administrator' ) ) ) { 127 foreach ( $admin as $admin_cap => $value ) { 128 $wp_role->add_cap( $admin_cap ); 129 } 111 $wp_admin_role = get_role( 'administrator' ); 112 if ( $wp_admin_role ) { 113 foreach ( $admin as $admin_cap => $value ) { 114 $wp_admin_role->add_cap( $admin_cap ); 130 115 } 131 116 } 132 117 133 update_option( 'default_role', ' plugin_committer' );118 update_option( 'default_role', 'subscriber' ); 134 119 } 135 120 } -
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/class-plugin-directory.php
r4202 r4212 42 42 add_filter( 'post_type_link', array( $this, 'package_link' ), 10, 2 ); 43 43 add_filter( 'term_link', array( $this, 'term_link' ), 10, 2 ); 44 add_filter( 'pre_insert_term', array( $this, 'pre_insert_term_prevent' ), 10, 2 );45 add_filter( 'tax_input_pre', array( $this, 'filter_tax_input' ) );46 44 add_action( 'pre_get_posts', array( $this, 'use_plugins_in_query' ) ); 47 45 add_filter( 'rest_api_allowed_post_types', array( $this, 'filter_allowed_post_types' ) ); … … 129 127 'show_ui' => current_user_can( 'plugin_set_section' ), 130 128 'show_admin_column' => current_user_can( 'plugin_set_section' ), 131 'meta_box_cb' => false, // 'post_categories_meta_box',132 129 'capabilities' => array( 133 130 'assign_terms' => 'plugin_set_section', … … 159 156 'show_ui' => true, 160 157 'show_admin_column' => true, 161 'meta_box_cb' => array( __NAMESPACE__ . '\Admin\Metabox\Plugin_Categories', 'display' ),162 158 'capabilities' => array( 163 159 'assign_terms' => 'plugin_set_category', … … 175 171 'show_ui' => true, 176 172 'show_admin_column' => false, 177 'meta_box_cb' => false, // array( __NAMESPACE__ . '\Admin\Metabox\Plugin_Categories', 'display' ),173 'meta_box_cb' => false, 178 174 'capabilities' => array( 179 175 'assign_terms' => 'plugin_set_category', … … 191 187 'show_ui' => true, 192 188 'show_admin_column' => false, 193 'meta_box_cb' => false, // array( __NAMESPACE__ . '\Admin\Metabox\Plugin_Categories', 'display' ),189 'meta_box_cb' => false, 194 190 'capabilities' => array( 195 191 'assign_terms' => 'plugin_set_category', … … 454 450 } 455 451 if ( 'plugin_built_for' == $term->taxonomy ) { 456 457 452 // Term slug = Post Slug = /%postname%/ 458 453 return trailingslashit( home_url( $term->slug ) ); … … 460 455 461 456 return $term_link; 462 }463 464 /**465 * Checks if the current users is a super admin before allowing terms to be added.466 *467 * @param string $term The term to add or update.468 * @param string $taxonomy The taxonomy of the term.469 * @return string|\WP_Error The term to add or update or WP_Error on failure.470 */471 public function pre_insert_term_prevent( $term, $taxonomy ) {472 $allowed_taxonomies = array( 'plugin_tags', 'plugin_contributors' );473 474 if ( ! in_array( $taxonomy, $allowed_taxonomies ) && ! is_super_admin() ) {475 $term = new \WP_Error( 'not-allowed', __( 'You are not allowed to add terms.', 'wporg-plugins' ) );476 }477 478 return $term;479 457 } 480 458 … … 773 751 774 752 if ( 'tags' === $path[2] ) { 775 if ( isset( Tag_To_Category::$map[ $path[3] ] ) ) { 776 wp_safe_redirect( home_url( '/category/' . Tag_To_Category::$map[ $path[3] ] . '/' ) ); 777 die(); 778 } else if ( isset( $path[3] ) ) { 779 wp_safe_redirect( home_url( '/search/' . $path[3] . '/' ) ); 753 if ( isset( $path[3] ) ) { 754 wp_safe_redirect( home_url( '/search/' . urlencode( $path[3] ) . '/' ) ); 780 755 die(); 781 756 } else { … … 793 768 // Otherwise, handle a plugin redirect. 794 769 if ( $plugin = self::get_plugin_post( $path[2] ) ) { 795 $is_disabled = in_array( $plugin->post_status, array( 'disabled', 'closed' ), true ); 796 797 if ( $is_disabled && current_user_can( 'edit_post', $plugin ) ) { 798 wp_safe_redirect( add_query_arg( array( 799 'post' => $plugin->ID, 800 'action' => 'edit', 801 ), admin_url( 'post.php' ) ) ); 802 die(); 803 } else if ( ! $is_disabled ) { 804 wp_safe_redirect( get_permalink( $plugin->ID ) ); 770 $permalink = get_permalink( $plugin->ID ); 771 if ( parse_url( $permalink, PHP_URL_PATH ) != $_SERVER['REQUEST_URI'] ) { 772 wp_safe_redirect( $permalink ); 805 773 die(); 806 774 } … … 966 934 967 935 return $content_pages; 968 }969 970 /**971 * Filters the value of tax_inputs before saving.972 *973 * Used both in the admin and the uploader.974 *975 * @param array $tax_input Array of taxonomies with selected terms.976 * @return array977 */978 public function filter_tax_input( $tax_input ) {979 980 // Limit the amount of assignable categories to 3.981 if ( isset( $tax_input['plugin_category'] ) ) {982 $tax_input['plugin_category'] = array_slice( array_filter( $tax_input['plugin_category'] ), 0, 3 );983 }984 985 return $tax_input;986 936 } 987 937 -
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/cli/class-import.php
r4197 r4212 182 182 } 183 183 update_post_meta( $plugin->ID, 'assets_banners_color', wp_slash( $banner_average_color ) ); 184 185 // Give committers a role on this site.186 foreach ( Tools::get_plugin_committers( $plugin_slug ) as $committer ) {187 $user = get_user_by( 'login', $committer );188 189 if ( $user && ! user_can( $user, 'plugin_dashboard_access' ) ) {190 $user->add_role( 'plugin_committer' );191 }192 }193 184 194 185 $current_stable_tag = get_post_meta( $plugin->ID, 'stable_tag', true );
Note: See TracChangeset
for help on using the changeset viewer.