Changeset 4260
- Timestamp:
- 10/19/2016 02:30:54 AM (8 years ago)
- Location:
- sites/trunk/wordpress.org/public_html/wp-content
- Files:
-
- 1 deleted
- 6 edited
- 1 moved
Legend:
- Unmodified
- Added
- Removed
-
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/admin/class-customizations.php
r4212 r4260 376 376 ); 377 377 378 add_meta_box(379 'plugin-stats',380 __( 'Plugin Stats', 'wporg-plugins' ),381 array( __NAMESPACE__ . '\Metabox\Stats', 'display' ),382 'plugin', 'normal'383 );384 378 } 385 379 -
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/class-capabilities.php
r4212 r4260 22 22 */ 23 23 public static function map_meta_cap( $required_caps, $cap, $user_id, $context ) { 24 $plugin_edit_cap = false; 24 25 switch( $cap ) { 25 26 // TODO: Map these for the users 27 case 'plugin_edit': 26 case 'plugin_admin_edit': 28 27 case 'plugin_add_committer': 29 28 case 'plugin_remove_committer': 29 $plugin_edit_cap = true; 30 // Fall through 31 32 case 'plugin_admin_view': 33 // Committers + Contributors. 34 // If no committers, post_author. 30 35 $required_caps = array(); 31 36 $post = get_post( $context[0] ); 37 32 38 if ( ! $post ) { 33 39 $required_caps[] = 'do_not_allow'; … … 35 41 } 36 42 37 $user = new \WP_User( $user_id ); 43 $user = new \WP_User( $user_id ); 44 if ( $user->has_cap( 'plugin_review' ) ) { 45 $required_caps[] = 'plugin_review'; 46 break; 47 } 48 49 // Committers 38 50 $committers = Tools::get_plugin_committers( $post->post_name ); 51 if ( ! $committers && 'publish' === $post->post_status ) { 52 // post_author in the event no committers exist (yet?) 53 $committers = array( get_user_by( 'ID', $post->post_author )->user_login ); 54 } 39 55 40 if ( (int) $post->post_author === $user_id || in_array( $user->user_login, $committers, true ) ) { 41 $required_caps[] = 'plugin_edit_own'; 56 if ( in_array( $user->user_login, $committers ) ) { 57 $required_caps[] = 'exist'; // All users are allowed to exist, even when they have no role. 58 break; 59 } 42 60 43 } else { 44 45 if ( in_array( $post->post_status, array( 'draft', 'pending' ) ) ) { 46 $required_caps[] = 'plugin_review'; 47 48 } else { 49 $required_caps[] = 'plugin_approve'; 61 if ( ! $plugin_edit_cap ) { 62 // Contributors can view, but not edit. 63 $contributors = (array) wp_list_pluck( get_the_terms( $post, 'plugin_contributors' ), 'name' ); 64 if ( in_array( $user->user_nicename, $contributors, true ) ) { 65 $required_caps[] = 'exist'; // All users are allowed to exist, even when they have no role. 66 break; 50 67 } 51 68 } 52 break;53 69 54 // Don't allow any users to alter the post meta for plugins. 55 case 'add_post_meta': 56 case 'edit_post_meta': 57 case 'delete_post_meta': 58 $post = get_post( $context ); 59 if ( $post && 'plugin' == $post->post_type ) { 60 $required_caps[] = 'do_not_allow'; 61 } 70 // Else; 71 $required_caps[] = 'do_not_allow'; 62 72 break; 63 73 … … 85 95 $reviewer = array( 86 96 'read' => true, 87 'plugin_edit_own' => true,88 97 'plugin_set_category' => true, 89 'plugin_add_committer' => true,90 'plugin_edit_others' => true,91 98 'moderate_comments' => true, 92 99 'plugin_edit_pending' => true, -
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/class-plugin-directory.php
r4259 r4260 244 244 ), 245 245 'public' => true, 246 'show_ui' => is_super_admin(),246 'show_ui' => true, 247 247 'show_admin_column' => false, 248 248 'meta_box_cb' => false, … … 286 286 add_rewrite_tag( '%browse%', '(featured|popular|beta|new|favorites)' ); 287 287 add_permastruct( 'browse', 'browse/%browse%' ); 288 289 // /browse/ should be the popular archive view.290 add_rewrite_rule( '^browse$', 'index.php?browse=popular', 'top' );291 288 292 289 // Create an archive for a users favorites too. … … 570 567 } 571 568 572 // TODO: Make plugins owned by `post_author = $current_user_id` show up here when they're not-publish?573 574 569 $wp_query->query_vars['orderby'] = 'post_title'; 575 570 $wp_query->query_vars['order'] = 'ASC'; … … 592 587 } 593 588 594 // TODO: Switch this to the capabilities systems589 // Only the 'publish' cap shouldn't be affected by cap checks. 595 590 $restricted_access_statii = array_diff( $wp_query->query_vars['post_status'], array( 'publish' ) ); 596 591 foreach ( $posts as $i => $post ) { … … 600 595 } 601 596 602 // Plugin Reviewers can see all sorts of plugins603 if ( current_user_can( 'plugin_ review') ) {597 // If the current user can view the plugin admin, show it 598 if ( current_user_can( 'plugin_admin_view', $post ) ) { 604 599 continue; 605 600 } 606 601 607 // Original submitter can always see 608 if ( $post->post_author == get_current_user_id() ) { 609 continue; 610 } 611 612 // Committers (user_login) can always see 613 if ( in_array( wp_get_current_user()->user_login, (array) Tools::get_plugin_committers( $post->post_name ), true ) ) { 614 continue; 615 } 616 617 // Contributors (user_nicename) can always see 618 if ( in_array( wp_get_current_user()->user_nicename, (array) wp_list_pluck( get_the_terms( $post, 'plugin_contributors' ), 'slug' ), true ) ) { 619 continue; 620 } 621 622 // everyone else can't. 602 // Else hide it. 623 603 unset( $posts[ $i ] ); 624 604 } … … 802 782 case 'plugin_contributors': 803 783 case 'plugin_committers': 804 $user = get_user_by( 'slug', $term-> slug);784 $user = get_user_by( 'slug', $term->name ); 805 785 $name = $user->display_name; 806 786 break; … … 888 868 } 889 869 890 // TODO: Switch this to the capabilities systems, check if post_author should access891 870 // Filter access to the plugin administration area. Only certain users are allowed access. 892 if ( get_query_var( 'plugin_admin' ) && ! current_user_can( 'plugin_review' ) ) { 893 $post = Plugin_Directory::get_plugin_post( get_query_var( 'name' ) ); 894 if ( 895 // Logged out users can't access plugin admin 896 ! is_user_logged_in() || 897 // Allow access to Committers OR Contributors. 898 ! ( 899 // Committers can access plugin admin 900 in_array( wp_get_current_user()->user_login, (array) Tools::get_plugin_committers( $post->post_name ), true ) || 901 // Contributors can access plugin admin (but will have a more limited access) 902 in_array( wp_get_current_user()->user_nicename, (array) wp_list_pluck( get_the_terms( $post, 'plugin_contributors' ), 'slug' ), true ) 903 ) 904 ) { 905 wp_safe_redirect( get_permalink( $post ) ); 906 die(); 907 } 871 if ( get_query_var( 'plugin_admin' ) && 872 ! current_user_can( 873 'plugin_admin_view', 874 $post = Plugin_Directory::get_plugin_post( get_query_var( 'name' ) ) 875 ) 876 ) { 877 wp_safe_redirect( get_permalink( $post ) ); 878 die(); 908 879 } 909 880 } -
sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-plugins/functions.php
r3834 r4260 83 83 ) ); 84 84 85 if ( get_query_var( 'plugin_admin' ) ) { 86 wp_enqueue_script( 'google-jsapi', 'https://www.google.com/jsapi', array(), false, true ); 87 wp_enqueue_script( 'wporg-plugins-stats', get_template_directory_uri() . '/js/stats.js', array( 'jquery', 'google-jsapi' ), '20161019', true ); 88 89 90 wp_localize_script( 'wporg-plugins-stats', 'pluginStats', array( 91 'slug' => is_singular( 'plugin' ) ? get_queried_object()->post_name : '', 92 'l10n' => array( 93 'date' => __( 'Date', 'wporg-plugins' ), 94 'downloads' => __( 'Downloads', 'wporg-plugins' ), 95 'noData' => __( 'No data yet', 'wporg-plugins' ), 96 'today' => __( 'Today', 'wporg-plugins' ), 97 'yesterday' => __( 'Yesterday', 'wporg-plugins' ), 98 'last_week' => __( 'Last Week', 'wporg-plugins' ), 99 'all_time' => __( 'All Time', 'wporg-plugins' ), 100 ), 101 ) ); 102 103 } 104 85 105 if ( isset( $_REQUEST['react'] ) ) { 86 106 wp_enqueue_script( 'wporg-plugins-client', get_template_directory_uri() . '/js/theme.js', array(), false, true ); -
sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-plugins/js/stats.js
r4258 r4260 3 3 ( function( $, settings ) { 4 4 $( function () { 5 jQuery.getJSON('https://api.wordpress.org/stats/plugin/1.0/downloads.php?slug=' + settings.slug + '&limit=267&callback=?', function( downloads ) {5 $.getJSON('https://api.wordpress.org/stats/plugin/1.0/downloads.php?slug=' + settings.slug + '&limit=267&callback=?', function( downloads ) { 6 6 var data = new google.visualization.DataTable(), 7 7 count = 0, … … 45 45 curveType: 'function' 46 46 } ); 47 } ); 48 49 $.getJSON('https://api.wordpress.org/stats/plugin/1.0/downloads.php?slug=' + settings.slug + '&historical_summary=1&callback=?', function( summary ) { 50 var $tbody = $('table#plugin-download-history-stats tbody:last-child'); 51 52 for ( var summary_field in summary ) { 53 if ( ! summary.hasOwnProperty( summary_field ) ) { 54 continue; 55 } 56 57 var text = settings.l10n[summary_field]; 58 var count = parseInt(summary[ summary_field ]).toLocaleString(); 59 60 $newrow = $("<tr><th scope='row'></th><td>0</td></tr>"); 61 $newrow.find( 'th' ).text( text ); 62 $newrow.find( 'td' ).text( count ); 63 $tbody.append( $newrow ); 64 } 47 65 } ); 48 66 -
sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-plugins/template-parts/plugin-single.php
r4224 r4260 89 89 <div> 90 90 <a class="plugin-download button download-button button-large" href="<?php echo esc_url( Template::download_link() ); ?>" itemprop="downloadUrl"><?php _e( 'Download', 'wporg-plugins' ); ?></a> 91 <?php if ( true /* TODO: Logic on when to show the edit link */) : ?>91 <?php if ( current_user_can( 'plugin_admin_view', get_post() ) ) : ?> 92 92 <br> 93 <a class="plugin-edit" href="<?php echo esc_url( get_permalink() . 'admin/' ); ?>"><?php _e( 'Edit Plugin', 'wporg-plugins' ); ?></a> 93 <a class="plugin-edit" href="<?php echo esc_url( get_permalink() . 'admin/' ); ?>"><?php _e( 'Edit Plugin', 'wporg-plugins' ); ?></a> 94 94 <?php endif; ?> 95 95 </div> -
sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-plugins/template-parts/section-admin.php
r4224 r4260 1 <?php 2 /** 3 * Template part for displaying the plugin administration sections. 4 * 5 * @link https://codex.wordpress.org/Template_Hierarchy 6 * 7 * @package WordPressdotorg\Plugin_Directory\Theme 8 */ 9 10 namespace WordPressdotorg\Plugin_Directory\Theme; 11 use WordPressdotorg\Plugin_Directory\Plugin_Directory; 12 use WordPressdotorg\Plugin_Directory\Template; 13 ?> 1 14 <div id="admin"> 2 <h2><?php _e( 'Plugin Admin', 'wporg-plugins' ); ?></h2> 15 <h2><?php _e( 'Plugin Stats', 'wporg-plugins' ); ?></h2> 16 17 <h3><?php _e( 'Active versions', 'wporg-plugins' ); ?></h3> 18 <div id="plugin-version-stats" class="chart"></div> 19 20 <h3><?php _e( 'Downloads Per Day', 'wporg-plugins' ); ?></h3> 21 <div id="plugin-download-stats" class="chart"></div> 22 23 <h4><?php _e( 'Downloads history', 'wporg-plugins' ); ?></h4> 24 <table id="plugin-download-history-stats"><tbody></tbody></table> 25 26 3 27 </div>
Note: See TracChangeset
for help on using the changeset viewer.