Changeset 4260 for sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/class-capabilities.php
- Timestamp:
- 10/19/2016 02:30:54 AM (9 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/class-capabilities.php
r4212 r4260 22 22 */ 23 23 public static function map_meta_cap( $required_caps, $cap, $user_id, $context ) { 24 $plugin_edit_cap = false; 24 25 switch( $cap ) { 25 26 // TODO: Map these for the users 27 case 'plugin_edit': 26 case 'plugin_admin_edit': 28 27 case 'plugin_add_committer': 29 28 case 'plugin_remove_committer': 29 $plugin_edit_cap = true; 30 // Fall through 31 32 case 'plugin_admin_view': 33 // Committers + Contributors. 34 // If no committers, post_author. 30 35 $required_caps = array(); 31 36 $post = get_post( $context[0] ); 37 32 38 if ( ! $post ) { 33 39 $required_caps[] = 'do_not_allow'; … … 35 41 } 36 42 37 $user = new \WP_User( $user_id ); 43 $user = new \WP_User( $user_id ); 44 if ( $user->has_cap( 'plugin_review' ) ) { 45 $required_caps[] = 'plugin_review'; 46 break; 47 } 48 49 // Committers 38 50 $committers = Tools::get_plugin_committers( $post->post_name ); 51 if ( ! $committers && 'publish' === $post->post_status ) { 52 // post_author in the event no committers exist (yet?) 53 $committers = array( get_user_by( 'ID', $post->post_author )->user_login ); 54 } 39 55 40 if ( (int) $post->post_author === $user_id || in_array( $user->user_login, $committers, true ) ) { 41 $required_caps[] = 'plugin_edit_own'; 56 if ( in_array( $user->user_login, $committers ) ) { 57 $required_caps[] = 'exist'; // All users are allowed to exist, even when they have no role. 58 break; 59 } 42 60 43 } else { 44 45 if ( in_array( $post->post_status, array( 'draft', 'pending' ) ) ) { 46 $required_caps[] = 'plugin_review'; 47 48 } else { 49 $required_caps[] = 'plugin_approve'; 61 if ( ! $plugin_edit_cap ) { 62 // Contributors can view, but not edit. 63 $contributors = (array) wp_list_pluck( get_the_terms( $post, 'plugin_contributors' ), 'name' ); 64 if ( in_array( $user->user_nicename, $contributors, true ) ) { 65 $required_caps[] = 'exist'; // All users are allowed to exist, even when they have no role. 66 break; 50 67 } 51 68 } 52 break;53 69 54 // Don't allow any users to alter the post meta for plugins. 55 case 'add_post_meta': 56 case 'edit_post_meta': 57 case 'delete_post_meta': 58 $post = get_post( $context ); 59 if ( $post && 'plugin' == $post->post_type ) { 60 $required_caps[] = 'do_not_allow'; 61 } 70 // Else; 71 $required_caps[] = 'do_not_allow'; 62 72 break; 63 73 … … 85 95 $reviewer = array( 86 96 'read' => true, 87 'plugin_edit_own' => true,88 97 'plugin_set_category' => true, 89 'plugin_add_committer' => true,90 'plugin_edit_others' => true,91 98 'moderate_comments' => true, 92 99 'plugin_edit_pending' => true,
Note: See TracChangeset
for help on using the changeset viewer.