| [ Index ] |
PHP Cross Reference of Wordpress MU 2.7 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * WordPress Roles and Capabilities. 4 * 5 * @package WordPress 6 * @subpackage User 7 */ 8 9 /** 10 * WordPress User Roles. 11 * 12 * The role option is simple, the structure is organized by role name that store 13 * the name in value of the 'name' key. The capabilities are stored as an array 14 * in the value of the 'capability' key. 15 * 16 * <code> 17 * array ( 18 * 'rolename' => array ( 19 * 'name' => 'rolename', 20 * 'capabilities' => array() 21 * ) 22 * ) 23 * </code> 24 * 25 * @since 2.0.0 26 * @package WordPress 27 * @subpackage User 28 */ 29 class WP_Roles { 30 /** 31 * List of roles and capabilities. 32 * 33 * @since 2.0.0 34 * @access public 35 * @var array 36 */ 37 var $roles; 38 39 /** 40 * List of the role objects. 41 * 42 * @since 2.0.0 43 * @access public 44 * @var array 45 */ 46 var $role_objects = array(); 47 48 /** 49 * List of role names. 50 * 51 * @since 2.0.0 52 * @access public 53 * @var array 54 */ 55 var $role_names = array(); 56 57 /** 58 * Option name for storing role list. 59 * 60 * @since 2.0.0 61 * @access public 62 * @var string 63 */ 64 var $role_key; 65 66 /** 67 * Whether to use the database for retrieval and storage. 68 * 69 * @since 2.1.0 70 * @access public 71 * @var bool 72 */ 73 var $use_db = true; 74 75 /** 76 * PHP4 Constructor - Call {@link WP_Roles::_init()} method. 77 * 78 * @since 2.0.0 79 * @access public 80 * 81 * @return WP_Roles 82 */ 83 function WP_Roles() { 84 $this->_init(); 85 } 86 87 /** 88 * Setup the object properties. 89 * 90 * The role key is set to the current prefix for the $wpdb object with 91 * 'user_roles' appended. If the $wp_user_roles global is set, then it will 92 * be used and the role option will not be updated or used. 93 * 94 * @since 2.1.0 95 * @access protected 96 * @uses $wpdb Used to get the database prefix. 97 * @global array $wp_user_roles Used to set the 'roles' property value. 98 */ 99 function _init () { 100 global $wpdb; 101 global $wp_user_roles; 102 $this->role_key = $wpdb->prefix . 'user_roles'; 103 if ( ! empty( $wp_user_roles ) ) { 104 $this->roles = $wp_user_roles; 105 $this->use_db = false; 106 } else { 107 $this->roles = get_option( $this->role_key ); 108 } 109 110 if ( empty( $this->roles ) ) 111 return; 112 113 $this->role_objects = array(); 114 $this->role_names = array(); 115 foreach ( (array) $this->roles as $role => $data ) { 116 $this->role_objects[$role] = new WP_Role( $role, $this->roles[$role]['capabilities'] ); 117 $this->role_names[$role] = $this->roles[$role]['name']; 118 } 119 } 120 121 /** 122 * Add role name with capabilities to list. 123 * 124 * Updates the list of roles, if the role doesn't already exist. 125 * 126 * @since 2.0.0 127 * @access public 128 * 129 * @param string $role Role name. 130 * @param string $display_name Role display name. 131 * @param array $capabilities List of role capabilities. 132 * @return null|WP_Role WP_Role object if role is added, null if already exists. 133 */ 134 function add_role( $role, $display_name, $capabilities = array() ) { 135 if ( isset( $this->roles[$role] ) ) 136 return; 137 138 $this->roles[$role] = array( 139 'name' => $display_name, 140 'capabilities' => $capabilities 141 ); 142 if ( $this->use_db ) 143 update_option( $this->role_key, $this->roles ); 144 $this->role_objects[$role] = new WP_Role( $role, $capabilities ); 145 $this->role_names[$role] = $display_name; 146 return $this->role_objects[$role]; 147 } 148 149 /** 150 * Remove role by name. 151 * 152 * @since 2.0.0 153 * @access public 154 * 155 * @param string $role Role name. 156 */ 157 function remove_role( $role ) { 158 if ( ! isset( $this->role_objects[$role] ) ) 159 return; 160 161 unset( $this->role_objects[$role] ); 162 unset( $this->role_names[$role] ); 163 unset( $this->roles[$role] ); 164 165 if ( $this->use_db ) 166 update_option( $this->role_key, $this->roles ); 167 } 168 169 /** 170 * Add capability to role. 171 * 172 * @since 2.0.0 173 * @access public 174 * 175 * @param string $role Role name. 176 * @param string $cap Capability name. 177 * @param bool $grant Optional, default is true. Whether role is capable of preforming capability. 178 */ 179 function add_cap( $role, $cap, $grant = true ) { 180 $this->roles[$role]['capabilities'][$cap] = $grant; 181 if ( $this->use_db ) 182 update_option( $this->role_key, $this->roles ); 183 } 184 185 /** 186 * Remove capability from role. 187 * 188 * @since 2.0.0 189 * @access public 190 * 191 * @param string $role Role name. 192 * @param string $cap Capability name. 193 */ 194 function remove_cap( $role, $cap ) { 195 unset( $this->roles[$role]['capabilities'][$cap] ); 196 if ( $this->use_db ) 197 update_option( $this->role_key, $this->roles ); 198 } 199 200 /** 201 * Retrieve role object by name. 202 * 203 * @since 2.0.0 204 * @access public 205 * 206 * @param string $role Role name. 207 * @return object|null Null, if role does not exist. WP_Role object, if found. 208 */ 209 function &get_role( $role ) { 210 if ( isset( $this->role_objects[$role] ) ) 211 return $this->role_objects[$role]; 212 else 213 return null; 214 } 215 216 /** 217 * Retrieve list of role names. 218 * 219 * @since 2.0.0 220 * @access public 221 * 222 * @return array List of role names. 223 */ 224 function get_names() { 225 return $this->role_names; 226 } 227 228 /** 229 * Whether role name is currently in the list of available roles. 230 * 231 * @since 2.0.0 232 * @access public 233 * 234 * @param string $role Role name to look up. 235 * @return bool 236 */ 237 function is_role( $role ) 238 { 239 return isset( $this->role_names[$role] ); 240 } 241 } 242 243 /** 244 * WordPress Role class. 245 * 246 * @since 2.0.0 247 * @package WordPress 248 * @subpackage User 249 */ 250 class WP_Role { 251 /** 252 * Role name. 253 * 254 * @since 2.0.0 255 * @access public 256 * @var string 257 */ 258 var $name; 259 260 /** 261 * List of capabilities the role contains. 262 * 263 * @since 2.0.0 264 * @access public 265 * @var array 266 */ 267 var $capabilities; 268 269 /** 270 * PHP4 Constructor - Setup object properties. 271 * 272 * The list of capabilities, must have the key as the name of the capability 273 * and the value a boolean of whether it is granted to the role or not. 274 * 275 * @since 2.0.0 276 * @access public 277 * 278 * @param string $role Role name. 279 * @param array $capabilities List of capabilities. 280 * @return WP_Role 281 */ 282 function WP_Role( $role, $capabilities ) { 283 $this->name = $role; 284 $this->capabilities = $capabilities; 285 } 286 287 /** 288 * Assign role a capability. 289 * 290 * @see WP_Roles::add_cap() Method uses implementation for role. 291 * @since 2.0.0 292 * @access public 293 * 294 * @param string $cap Capability name. 295 * @param bool $grant Whether role has capability privilege. 296 */ 297 function add_cap( $cap, $grant = true ) { 298 global $wp_roles; 299 300 if ( ! isset( $wp_roles ) ) 301 $wp_roles = new WP_Roles(); 302 303 $this->capabilities[$cap] = $grant; 304 $wp_roles->add_cap( $this->name, $cap, $grant ); 305 } 306 307 /** 308 * Remove capability from role. 309 * 310 * This is a container for {@link WP_Roles::remove_cap()} to remove the 311 * capability from the role. That is to say, that {@link 312 * WP_Roles::remove_cap()} implements the functionality, but it also makes 313 * sense to use this class, because you don't need to enter the role name. 314 * 315 * @since 2.0.0 316 * @access public 317 * 318 * @param string $cap Capability name. 319 */ 320 function remove_cap( $cap ) { 321 global $wp_roles; 322 323 if ( ! isset( $wp_roles ) ) 324 $wp_roles = new WP_Roles(); 325 326 unset( $this->capabilities[$cap] ); 327 $wp_roles->remove_cap( $this->name, $cap ); 328 } 329 330 /** 331 * Whether role has capability. 332 * 333 * The capabilities is passed through the 'role_has_cap' filter. The first 334 * parameter for the hook is the list of capabilities the class has 335 * assigned. The second parameter is the capability name to look for. The 336 * third and final parameter for the hook is the role name. 337 * 338 * @since 2.0.0 339 * @access public 340 * 341 * @param string $cap Capability name. 342 * @return bool True, if user has capability. False, if doesn't have capability. 343 */ 344 function has_cap( $cap ) { 345 $capabilities = apply_filters( 'role_has_cap', $this->capabilities, $cap, $this->name ); 346 if ( !empty( $capabilities[$cap] ) ) 347 return $capabilities[$cap]; 348 else 349 return false; 350 } 351 352 } 353 354 /** 355 * WordPress User class. 356 * 357 * @since 2.0.0 358 * @package WordPress 359 * @subpackage User 360 */ 361 class WP_User { 362 /** 363 * User data container. 364 * 365 * This will be set as properties of the object. 366 * 367 * @since 2.0.0 368 * @access private 369 * @var array 370 */ 371 var $data; 372 373 /** 374 * The user's ID. 375 * 376 * @since 2.1.0 377 * @access public 378 * @var int 379 */ 380 var $ID = 0; 381 382 /** 383 * The deprecated user's ID. 384 * 385 * @since 2.0.0 386 * @access public 387 * @deprecated Use WP_User::$ID 388 * @see WP_User::$ID 389 * @var int 390 */ 391 var $id = 0; 392 393 /** 394 * The individual capabilities the user has been given. 395 * 396 * @since 2.0.0 397 * @access public 398 * @var array 399 */ 400 var $caps = array(); 401 402 /** 403 * User metadata option name. 404 * 405 * @since 2.0.0 406 * @access public 407 * @var string 408 */ 409 var $cap_key; 410 411 /** 412 * The roles the user is part of. 413 * 414 * @since 2.0.0 415 * @access public 416 * @var array 417 */ 418 var $roles = array(); 419 420 /** 421 * All capabilities the user has, including individual and role based. 422 * 423 * @since 2.0.0 424 * @access public 425 * @var array 426 */ 427 var $allcaps = array(); 428 429 /** 430 * First name of the user. 431 * 432 * Created to prevent notices. 433 * 434 * @since 2.7.0 435 * @access public 436 * @var string 437 */ 438 var $first_name = ''; 439 440 /** 441 * Last name of the user. 442 * 443 * Created to prevent notices. 444 * 445 * @since 2.7.0 446 * @access public 447 * @var string 448 */ 449 var $last_name = ''; 450 451 /** 452 * PHP4 Constructor - Sets up the object properties. 453 * 454 * Retrieves the userdata and then assigns all of the data keys to direct 455 * properties of the object. Calls {@link WP_User::_init_caps()} after 456 * setting up the object's user data properties. 457 * 458 * @since 2.0.0 459 * @access public 460 * 461 * @param int|string $id User's ID or username 462 * @param int $name Optional. User's username 463 * @return WP_User 464 */ 465 function WP_User( $id, $name = '' ) { 466 467 if ( empty( $id ) && empty( $name ) ) 468 return; 469 470 if ( ! is_numeric( $id ) ) { 471 $name = $id; 472 $id = 0; 473 } 474 475 if ( ! empty( $id ) ) 476 $this->data = get_userdata( $id ); 477 else 478 $this->data = get_userdatabylogin( $name ); 479 480 if ( empty( $this->data->ID ) ) 481 return; 482 483 foreach ( get_object_vars( $this->data ) as $key => $value ) { 484 $this->{$key} = $value; 485 } 486 487 $this->id = $this->ID; 488 $this->_init_caps(); 489 } 490 491 /** 492 * Setup capability object properties. 493 * 494 * Will set the value for the 'cap_key' property to current database table 495 * prefix, followed by 'capabilities'. Will then check to see if the 496 * property matching the 'cap_key' exists and is an array. If so, it will be 497 * used. 498 * 499 * @since 2.1.0 500 * @access protected 501 */ 502 function _init_caps() { 503 global $wpdb; 504 $this->cap_key = $wpdb->prefix . 'capabilities'; 505 $this->caps = &$this->{$this->cap_key}; 506 if ( ! is_array( $this->caps ) ) 507 $this->caps = array(); 508 $this->get_role_caps(); 509 } 510 511 /** 512 * Retrieve all of the role capabilities and merge with individual capabilities. 513 * 514 * All of the capabilities of the roles the user belongs to are merged with 515 * the users individual roles. This also means that the user can be denied 516 * specific roles that their role might have, but the specific user isn't 517 * granted permission to. 518 * 519 * @since 2.0.0 520 * @uses $wp_roles 521 * @access public 522 */ 523 function get_role_caps() { 524 global $wp_roles; 525 526 if ( ! isset( $wp_roles ) ) 527 $wp_roles = new WP_Roles(); 528 529 //Filter out caps that are not role names and assign to $this->roles 530 if ( is_array( $this->caps ) ) 531 $this->roles = array_filter( array_keys( $this->caps ), array( &$wp_roles, 'is_role' ) ); 532 533 //Build $allcaps from role caps, overlay user's $caps 534 $this->allcaps = array(); 535 foreach ( (array) $this->roles as $role ) { 536 $role = $wp_roles->get_role( $role ); 537 $this->allcaps = array_merge( $this->allcaps, $role->capabilities ); 538 } 539 $this->allcaps = array_merge( $this->allcaps, $this->caps ); 540 } 541 542 /** 543 * Add role to user. 544 * 545 * Updates the user's meta data option with capabilities and roles. 546 * 547 * @since 2.0.0 548 * @access public 549 * 550 * @param string $role Role name. 551 */ 552 function add_role( $role ) { 553 $this->caps[$role] = true; 554 update_usermeta( $this->ID, $this->cap_key, $this->caps ); 555 $this->get_role_caps(); 556 $this->update_user_level_from_caps(); 557 } 558 559 /** 560 * Remove role from user. 561 * 562 * @since 2.0.0 563 * @access public 564 * 565 * @param string $role Role name. 566 */ 567 function remove_role( $role ) { 568 if ( empty( $this->roles[$role] ) || ( count( $this->roles ) <= 1 ) ) 569 return; 570 unset( $this->caps[$role] ); 571 update_usermeta( $this->ID, $this->cap_key, $this->caps ); 572 $this->get_role_caps(); 573 } 574 575 /** 576 * Set the role of the user. 577 * 578 * This will remove the previous roles of the user and assign the user the 579 * new one. You can set the role to an empty string and it will remove all 580 * of the roles from the user. 581 * 582 * @since 2.0.0 583 * @access public 584 * 585 * @param string $role Role name. 586 */ 587 function set_role( $role ) { 588 foreach ( (array) $this->roles as $oldrole ) 589 unset( $this->caps[$oldrole] ); 590 if ( !empty( $role ) ) { 591 $this->caps[$role] = true; 592 $this->roles = array( $role => true ); 593 } else { 594 $this->roles = false; 595 } 596 update_usermeta( $this->ID, $this->cap_key, $this->caps ); 597 $this->get_role_caps(); 598 $this->update_user_level_from_caps(); 599 } 600 601 /** 602 * Choose the maximum level the user has. 603 * 604 * Will compare the level from the $item parameter against the $max 605 * parameter. If the item is incorrect, then just the $max parameter value 606 * will be returned. 607 * 608 * Used to get the max level based on the capabilities the user has. This 609 * is also based on roles, so if the user is assigned the Administrator role 610 * then the capability 'level_10' will exist and the user will get that 611 * value. 612 * 613 * @since 2.0.0 614 * @access public 615 * 616 * @param int $max Max level of user. 617 * @param string $item Level capability name. 618 * @return int Max Level. 619 */ 620 function level_reduction( $max, $item ) { 621 if ( preg_match( '/^level_(10|[0-9])$/i', $item, $matches ) ) { 622 $level = intval( $matches[1] ); 623 return max( $max, $level ); 624 } else { 625 return $max; 626 } 627 } 628 629 /** 630 * Update the maximum user level for the user. 631 * 632 * Updates the 'user_level' user metadata (includes prefix that is the 633 * database table prefix) with the maximum user level. Gets the value from 634 * the all of the capabilities that the user has. 635 * 636 * @since 2.0.0 637 * @access public 638 */ 639 function update_user_level_from_caps() { 640 global $wpdb; 641 $this->user_level = array_reduce( array_keys( $this->allcaps ), array( &$this, 'level_reduction' ), 0 ); 642 update_usermeta( $this->ID, $wpdb->prefix.'user_level', $this->user_level ); 643 } 644 645 /** 646 * Add capability and grant or deny access to capability. 647 * 648 * @since 2.0.0 649 * @access public 650 * 651 * @param string $cap Capability name. 652 * @param bool $grant Whether to grant capability to user. 653 */ 654 function add_cap( $cap, $grant = true ) { 655 $this->caps[$cap] = $grant; 656 update_usermeta( $this->ID, $this->cap_key, $this->caps ); 657 } 658 659 /** 660 * Remove capability from user. 661 * 662 * @since 2.0.0 663 * @access public 664 * 665 * @param string $cap Capability name. 666 */ 667 function remove_cap( $cap ) { 668 if ( empty( $this->caps[$cap] ) ) return; 669 unset( $this->caps[$cap] ); 670 update_usermeta( $this->ID, $this->cap_key, $this->caps ); 671 } 672 673 /** 674 * Remove all of the capabilities of the user. 675 * 676 * @since 2.1.0 677 * @access public 678 */ 679 function remove_all_caps() { 680 global $wpdb; 681 $this->caps = array(); 682 update_usermeta( $this->ID, $this->cap_key, '' ); 683 update_usermeta( $this->ID, $wpdb->prefix.'user_level', '' ); 684 $this->get_role_caps(); 685 } 686 687 /** 688 * Whether user has capability or role name. 689 * 690 * This is useful for looking up whether the user has a specific role 691 * assigned to the user. The second optional parameter can also be used to 692 * check for capabilities against a specfic post. 693 * 694 * @since 2.0.0 695 * @access public 696 * 697 * @param string|int $cap Capability or role name to search. 698 * @param int $post_id Optional. Post ID to check capability against specific post. 699 * @return bool True, if user has capability; false, if user does not have capability. 700 */ 701 function has_cap( $cap ) { 702 if ( is_numeric( $cap ) ) 703 $cap = $this->translate_level_to_cap( $cap ); 704 705 $args = array_slice( func_get_args(), 1 ); 706 $args = array_merge( array( $cap, $this->ID ), $args ); 707 $caps = call_user_func_array( 'map_meta_cap', $args ); 708 // Must have ALL requested caps 709 $capabilities = apply_filters( 'user_has_cap', $this->allcaps, $caps, $args ); 710 foreach ( (array) $caps as $cap ) { 711 //echo "Checking cap $cap<br />"; 712 if ( empty( $capabilities[$cap] ) || !$capabilities[$cap] ) 713 return false; 714 } 715 716 return true; 717 } 718 719 /** 720 * Convert numeric level to level capability name. 721 * 722 * Prepends 'level_' to level number. 723 * 724 * @since 2.0.0 725 * @access public 726 * 727 * @param int $level Level number, 1 to 10. 728 * @return string 729 */ 730 function translate_level_to_cap( $level ) { 731 return 'level_' . $level; 732 } 733 734 } 735 736 /** 737 * Map meta capabilities to primitive capabilities. 738 * 739 * This does not actually compare whether the user ID has the actual capability, 740 * just what the capability or capabilities are. Meta capability list value can 741 * be 'delete_user', 'edit_user', 'delete_post', 'delete_page', 'edit_post', 742 * 'edit_page', 'read_post', or 'read_page'. 743 * 744 * @since 2.0.0 745 * 746 * @param string $cap Capability name. 747 * @param int $user_id User ID. 748 * @return array Actual capabilities for meta capability. 749 */ 750 function map_meta_cap( $cap, $user_id ) { 751 $args = array_slice( func_get_args(), 2 ); 752 $caps = array(); 753 754 switch ( $cap ) { 755 case 'delete_user': 756 $caps[] = 'delete_users'; 757 break; 758 case 'edit_user': 759 if ( !isset( $args[0] ) || $user_id != $args[0] ) { 760 $caps[] = 'edit_users'; 761 } 762 break; 763 case 'delete_post': 764 $author_data = get_userdata( $user_id ); 765 //echo "post ID: {$args[0]}<br />"; 766 $post = get_post( $args[0] ); 767 if ( 'page' == $post->post_type ) { 768 $args = array_merge( array( 'delete_page', $user_id ), $args ); 769 return call_user_func_array( 'map_meta_cap', $args ); 770 } 771 $post_author_data = get_userdata( $post->post_author ); 772 //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br />"; 773 // If the user is the author... 774 if ( $user_id == $post_author_data->ID ) { 775 // If the post is published... 776 if ( 'publish' == $post->post_status ) 777 $caps[] = 'delete_published_posts'; 778 else 779 // If the post is draft... 780 $caps[] = 'delete_posts'; 781 } else { 782 // The user is trying to edit someone else's post. 783 $caps[] = 'delete_others_posts'; 784 // The post is published, extra cap required. 785 if ( 'publish' == $post->post_status ) 786 $caps[] = 'delete_published_posts'; 787 elseif ( 'private' == $post->post_status ) 788 $caps[] = 'delete_private_posts'; 789 } 790 break; 791 case 'delete_page': 792 $author_data = get_userdata( $user_id ); 793 //echo "post ID: {$args[0]}<br />"; 794 $page = get_page( $args[0] ); 795 $page_author_data = get_userdata( $page->post_author ); 796 //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />"; 797 // If the user is the author... 798 if ( $user_id == $page_author_data->ID ) { 799 // If the page is published... 800 if ( $page->post_status == 'publish' ) 801 $caps[] = 'delete_published_pages'; 802 else 803 // If the page is draft... 804 $caps[] = 'delete_pages'; 805 } else { 806 // The user is trying to edit someone else's page. 807 $caps[] = 'delete_others_pages'; 808 // The page is published, extra cap required. 809 if ( $page->post_status == 'publish' ) 810 $caps[] = 'delete_published_pages'; 811 elseif ( $page->post_status == 'private' ) 812 $caps[] = 'delete_private_pages'; 813 } 814 break; 815 // edit_post breaks down to edit_posts, edit_published_posts, or 816 // edit_others_posts 817 case 'edit_post': 818 $author_data = get_userdata( $user_id ); 819 //echo "post ID: {$args[0]}<br />"; 820 $post = get_post( $args[0] ); 821 if ( 'page' == $post->post_type ) { 822 $args = array_merge( array( 'edit_page', $user_id ), $args ); 823 return call_user_func_array( 'map_meta_cap', $args ); 824 } 825 $post_author_data = get_userdata( $post->post_author ); 826 //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br />"; 827 // If the user is the author... 828 if ( $user_id == $post_author_data->ID ) { 829 // If the post is published... 830 if ( 'publish' == $post->post_status ) 831 $caps[] = 'edit_published_posts'; 832 else 833 // If the post is draft... 834 $caps[] = 'edit_posts'; 835 } else { 836 // The user is trying to edit someone else's post. 837 $caps[] = 'edit_others_posts'; 838 // The post is published, extra cap required. 839 if ( 'publish' == $post->post_status ) 840 $caps[] = 'edit_published_posts'; 841 elseif ( 'private' == $post->post_status ) 842 $caps[] = 'edit_private_posts'; 843 } 844 break; 845 case 'edit_page': 846 $author_data = get_userdata( $user_id ); 847 //echo "post ID: {$args[0]}<br />"; 848 $page = get_page( $args[0] ); 849 $page_author_data = get_userdata( $page->post_author ); 850 //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />"; 851 // If the user is the author... 852 if ( $user_id == $page_author_data->ID ) { 853 // If the page is published... 854 if ( 'publish' == $page->post_status ) 855 $caps[] = 'edit_published_pages'; 856 else 857 // If the page is draft... 858 $caps[] = 'edit_pages'; 859 } else { 860 // The user is trying to edit someone else's page. 861 $caps[] = 'edit_others_pages'; 862 // The page is published, extra cap required. 863 if ( 'publish' == $page->post_status ) 864 $caps[] = 'edit_published_pages'; 865 elseif ( 'private' == $page->post_status ) 866 $caps[] = 'edit_private_pages'; 867 } 868 break; 869 case 'read_post': 870 $post = get_post( $args[0] ); 871 if ( 'page' == $post->post_type ) { 872 $args = array_merge( array( 'read_page', $user_id ), $args ); 873 return call_user_func_array( 'map_meta_cap', $args ); 874 } 875 876 if ( 'private' != $post->post_status ) { 877 $caps[] = 'read'; 878 break; 879 } 880 881 $author_data = get_userdata( $user_id ); 882 $post_author_data = get_userdata( $post->post_author ); 883 if ( $user_id == $post_author_data->ID ) 884 $caps[] = 'read'; 885 else 886 $caps[] = 'read_private_posts'; 887 break; 888 case 'read_page': 889 $page = get_page( $args[0] ); 890 891 if ( 'private' != $page->post_status ) { 892 $caps[] = 'read'; 893 break; 894 } 895 896 $author_data = get_userdata( $user_id ); 897 $page_author_data = get_userdata( $page->post_author ); 898 if ( $user_id == $page_author_data->ID ) 899 $caps[] = 'read'; 900 else 901 $caps[] = 'read_private_pages'; 902 break; 903 default: 904 // If no meta caps match, return the original cap. 905 $caps[] = $cap; 906 } 907 908 return $caps; 909 } 910 911 /** 912 * Whether current user has capability or role. 913 * 914 * @since 2.0.0 915 * 916 * @param string $capability Capability or role name. 917 * @return bool 918 */ 919 function current_user_can( $capability ) { 920 $current_user = wp_get_current_user(); 921 922 if( is_site_admin() ) 923 return true; 924 if ( empty( $current_user ) ) 925 return false; 926 927 $args = array_slice( func_get_args(), 1 ); 928 $args = array_merge( array( $capability ), $args ); 929 930 return call_user_func_array( array( &$current_user, 'has_cap' ), $args ); 931 } 932 933 /** 934 * Retrieve role object. 935 * 936 * @see WP_Roles::get_role() Uses method to retrieve role object. 937 * @since 2.0.0 938 * 939 * @param string $role Role name. 940 * @return object 941 */ 942 function get_role( $role ) { 943 global $wp_roles; 944 945 if ( ! isset( $wp_roles ) ) 946 $wp_roles = new WP_Roles(); 947 948 return $wp_roles->get_role( $role ); 949 } 950 951 /** 952 * Add role, if it does not exist. 953 * 954 * @see WP_Roles::add_role() Uses method to add role. 955 * @since 2.0.0 956 * 957 * @param string $role Role name. 958 * @param string $display_name Display name for role. 959 * @param array $capabilities List of capabilities. 960 * @return null|WP_Role WP_Role object if role is added, null if already exists. 961 */ 962 function add_role( $role, $display_name, $capabilities = array() ) { 963 global $wp_roles; 964 965 if ( ! isset( $wp_roles ) ) 966 $wp_roles = new WP_Roles(); 967 968 return $wp_roles->add_role( $role, $display_name, $capabilities ); 969 } 970 971 /** 972 * Remove role, if it exists. 973 * 974 * @see WP_Roles::remove_role() Uses method to remove role. 975 * @since 2.0.0 976 * 977 * @param string $role Role name. 978 * @return null 979 */ 980 function remove_role( $role ) { 981 global $wp_roles; 982 983 if ( ! isset( $wp_roles ) ) 984 $wp_roles = new WP_Roles(); 985 986 return $wp_roles->remove_role( $role ); 987 } 988 989 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Thu Mar 5 12:05:07 2009 | Cross-referenced by PHPXref 0.7 |