Advanced Access Manager - Version 5.11

Version Description

  • Officially announcing AAM 6.0.0 beta.1 release
Download this release

Release Info

Developer vasyltech
Plugin Icon 128x128 Advanced Access Manager
Version 5.11
Comparing to
See all releases

Code changes from version 6.0.0-beta.1 to 5.11

Files changed (162) hide show
  1. aam.php +110 -90
  2. application/Addon/Repository.php +0 -262
  3. application/Api/Manager.php +157 -0
  4. application/Api/Rest/Resource/Post.php +432 -0
  5. application/Api/Rest/Resource/Revision.php +66 -0
  6. application/Api/Rest/Resource/User.php +60 -38
  7. application/Backend/Authorization.php +104 -0
  8. application/Backend/Feature.php +65 -114
  9. application/Backend/Feature/Abstract.php +36 -100
  10. application/Backend/Feature/Extension/Manager.php +217 -0
  11. application/Backend/Feature/ISubjectAware.php +0 -19
  12. application/Backend/Feature/Main/404Redirect.php +48 -53
  13. application/Backend/Feature/Main/Capability.php +218 -192
  14. application/Backend/Feature/Main/{Welcome.php → GetStarted.php} +17 -21
  15. application/Backend/Feature/Main/Jwt.php +95 -145
  16. application/Backend/Feature/Main/LoginRedirect.php +80 -46
  17. application/Backend/Feature/Main/LogoutRedirect.php +81 -47
  18. application/Backend/Feature/Main/Menu.php +140 -142
  19. application/Backend/Feature/Main/Metabox.php +133 -150
  20. application/Backend/Feature/Main/Policy.php +138 -228
  21. application/Backend/Feature/Main/Post.php +414 -776
  22. application/Backend/Feature/Main/Redirect.php +90 -45
  23. application/Backend/Feature/Main/Route.php +93 -68
  24. application/Backend/Feature/Main/Toolbar.php +92 -88
  25. application/Backend/Feature/Main/Uri.php +106 -88
  26. application/Backend/Feature/Settings/ConfigPress.php +40 -38
  27. application/Backend/Feature/Settings/Content.php +42 -35
  28. application/Backend/Feature/Settings/Core.php +95 -46
  29. application/Backend/Feature/Settings/Manager.php +23 -45
  30. application/Backend/Feature/Settings/Security.php +47 -43
  31. application/Backend/Feature/Settings/Service.php +0 -75
  32. application/Backend/Feature/Subject/Role.php +147 -197
  33. application/Backend/Feature/Subject/User.php +335 -242
  34. application/Backend/Filter.php +274 -0
  35. application/Backend/Manager.php +898 -184
  36. application/Backend/Subject.php +125 -158
  37. application/Backend/View.php +148 -297
  38. application/Backend/View/Helper.php +49 -27
  39. application/Backend/View/Localization.php +19 -94
  40. application/Backend/View/PostOptionList.php +145 -69
  41. application/Backend/Widget/Login.php +32 -71
  42. application/Backend/phtml/extensions.phtml +165 -0
  43. application/Backend/phtml/index.phtml +447 -0
  44. application/Backend/phtml/main-panel.phtml +30 -0
  45. application/Backend/phtml/main/404redirect.phtml +65 -0
  46. application/Backend/{tmpl/service/capability.php → phtml/main/capability.phtml} +19 -15
  47. application/Backend/phtml/main/get-started.phtml +21 -0
  48. application/Backend/{tmpl/service/jwt.php → phtml/main/jwt.phtml} +12 -13
  49. application/Backend/{tmpl/service/login-redirect.php → phtml/main/login-redirect.phtml} +16 -18
  50. application/Backend/phtml/main/logout-redirect.phtml +69 -0
  51. application/Backend/{tmpl/service/menu.php → phtml/main/menu.phtml} +34 -79
  52. application/Backend/phtml/main/metabox.phtml +113 -0
  53. application/Backend/{tmpl/service/policy.php → phtml/main/policy.phtml} +2 -2
  54. application/Backend/phtml/main/post.phtml +91 -0
  55. application/Backend/{tmpl/service/redirect.php → phtml/main/redirect.phtml} +31 -35
  56. application/Backend/{tmpl/service/route.php → phtml/main/route.phtml} +6 -8
  57. application/Backend/phtml/main/toolbar.phtml +94 -0
  58. application/Backend/{tmpl/service/uri.php → phtml/main/uri.phtml} +34 -30
  59. application/Backend/phtml/metabox/metabox-content.phtml +178 -0
  60. application/Backend/phtml/metabox/policy-metabox.phtml +427 -0
  61. application/Backend/phtml/metabox/policy-principal-metabox.phtml +3 -0
  62. application/Backend/{tmpl/metabox/post-metabox.php → phtml/metabox/post-metabox.phtml} +1 -3
  63. application/Backend/phtml/metabox/term-metabox.phtml +16 -0
  64. application/Backend/phtml/partial/login-redirect.phtml +5 -0
  65. application/Backend/phtml/partial/post-access-form.phtml +127 -0
  66. application/Backend/phtml/partial/post-advanced-settings.phtml +181 -0
  67. application/Backend/phtml/partial/post-type.phtml +7 -0
  68. application/Backend/phtml/partial/redirect.phtml +5 -0
  69. application/Backend/{tmpl/partial/role-inheritance.php → phtml/partial/role-inheritance.phtml} +2 -4
  70. application/Backend/phtml/partial/term-type.phtml +7 -0
  71. application/Backend/{tmpl/settings/configpress.php → phtml/settings/configpress.phtml} +2 -4
  72. application/Backend/phtml/settings/content.phtml +21 -0
  73. application/Backend/{tmpl/settings/core.php → phtml/settings/core.phtml} +2 -4
  74. application/Backend/{tmpl/settings/security.php → phtml/settings/security.phtml} +3 -5
  75. application/Backend/phtml/system/export.phtml +67 -0
  76. application/Backend/phtml/user/multiple-roles.phtml +32 -0
  77. application/Backend/{tmpl/widget/login-backend.php → phtml/widget/login-backend.phtml} +0 -2
  78. application/Backend/phtml/widget/login-frontend.phtml +75 -0
  79. application/Backend/tmpl/index.php +0 -120
  80. application/Backend/tmpl/metabox/iframe-footer.php +0 -8
  81. application/Backend/tmpl/metabox/iframe-header.php +0 -22
  82. application/Backend/tmpl/metabox/policy-metabox.php +0 -59
  83. application/Backend/tmpl/metabox/policy-principal-metabox.php +0 -3
  84. application/Backend/tmpl/metabox/post-iframe.php +0 -19
  85. application/Backend/tmpl/metabox/principal-iframe.php +0 -12
  86. application/Backend/tmpl/metabox/term-metabox.php +0 -12
  87. application/Backend/tmpl/metabox/user-iframe.php +0 -21
  88. application/Backend/tmpl/metabox/user-metabox.php +0 -5
  89. application/Backend/tmpl/page/addon-panel.php +0 -110
  90. application/Backend/tmpl/page/current-subject.php +0 -9
  91. application/Backend/tmpl/page/main-panel.php +0 -36
  92. application/Backend/tmpl/page/subject-panel-advanced.php +0 -117
  93. application/Backend/tmpl/page/subject-panel.php +0 -84
  94. application/Backend/tmpl/partial/default-principal-subject-tab.php +0 -9
  95. application/Backend/tmpl/partial/default-subject-tab.php +0 -8
  96. application/Backend/tmpl/partial/jwt-login-url.php +0 -18
  97. application/Backend/tmpl/partial/loading-content.php +0 -7
  98. application/Backend/tmpl/partial/post-access-form.php +0 -213
  99. application/Backend/tmpl/partial/posts-terms-help-tips.php +0 -11
  100. application/Backend/tmpl/partial/taxonomy-access-form.php +0 -16
  101. application/Backend/tmpl/partial/term-access-form.php +0 -19
  102. application/Backend/tmpl/partial/type-access-form.php +0 -16
  103. application/Backend/tmpl/partial/visitor-principal-subject-tab.php +0 -17
  104. application/Backend/tmpl/partial/visitor-subject-tab.php +0 -8
  105. application/Backend/tmpl/policy/default-policy.php +0 -27
  106. application/Backend/tmpl/service/404redirect.php +0 -67
  107. application/Backend/tmpl/service/logout-redirect.php +0 -71
  108. application/Backend/tmpl/service/metabox.php +0 -153
  109. application/Backend/tmpl/service/post.php +0 -39
  110. application/Backend/tmpl/service/toolbar.php +0 -126
  111. application/Backend/tmpl/service/welcome.php +0 -23
  112. application/Backend/tmpl/settings/content.php +0 -29
  113. application/Backend/tmpl/settings/service.php +0 -18
  114. application/Backend/tmpl/user/multiple-roles.php +0 -41
  115. application/Backend/tmpl/widget/login-frontend.php +0 -111
  116. application/Core/API.php +284 -146
  117. application/Core/AccessSettings.php +0 -163
  118. application/Core/Api/Area.php +79 -0
  119. application/Core/Cache.php +65 -0
  120. application/Core/Compatibility.php +398 -0
  121. application/Core/Config.php +77 -82
  122. application/Core/ConfigPress.php +52 -61
  123. application/Core/ConfigPress/Evaluator.php +57 -87
  124. application/Core/ConfigPress/Reader.php +38 -77
  125. application/Core/Console.php +41 -40
  126. application/Core/Contract/MigrationInterface.php +0 -30
  127. application/Core/Contract/RequestTrait.php +0 -170
  128. application/Core/Contract/ServiceTrait.php +0 -63
  129. application/Core/Contract/SingletonTrait.php +0 -73
  130. application/Core/Exporter.php +328 -0
  131. application/Core/Gateway.php +199 -207
  132. application/Core/Importer.php +301 -0
  133. application/Core/Jwt/Auth.php +64 -0
  134. application/Core/Jwt/Issuer.php +84 -98
  135. application/Core/Jwt/Manager.php +463 -0
  136. application/Core/Login.php +355 -0
  137. application/Core/Media.php +218 -0
  138. application/Core/Migration.php +0 -150
  139. application/Core/Object.php +94 -299
  140. application/Core/Object/Cache.php +101 -0
  141. application/Core/Object/Capability.php +74 -0
  142. application/Core/Object/LoginRedirect.php +95 -22
  143. application/Core/Object/LogoutRedirect.php +91 -21
  144. application/Core/Object/Menu.php +245 -60
  145. application/Core/Object/Metabox.php +204 -29
  146. application/Core/Object/Policy.php +85 -28
  147. application/Core/Object/Post.php +263 -138
  148. application/Core/Object/Redirect.php +105 -30
  149. application/Core/Object/Route.php +82 -35
  150. application/Core/Object/Toolbar.php +99 -36
  151. application/Core/Object/Uri.php +160 -99
  152. application/Core/Object/Visibility.php +110 -101
  153. application/Core/Policy/Condition.php +181 -188
  154. application/Core/Policy/Factory.php +22 -40
  155. application/Core/Policy/Manager.php +295 -320
  156. application/Core/Policy/Resource.php +0 -89
  157. application/Core/Policy/Token.php +95 -109
  158. application/Core/Policy/Validator.php +62 -116
  159. application/Core/Redirect.php +0 -156
  160. application/Core/Request.php +15 -26
  161. application/Core/Server.php +116 -0
  162. application/Core/Subject.php +81 -114
aam.php CHANGED
@@ -3,7 +3,7 @@
3
  /**
4
  * Plugin Name: Advanced Access Manager
5
  * Description: Collection of features to manage your WordPress website authentication, authorization and monitoring
6
- * Version: 6.0.0-beta.1
7
  * Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  * Author URI: https://vasyltech.com
9
  * Text Domain: advanced-access-manager
@@ -20,10 +20,8 @@
20
  *
21
  * @package AAM
22
  * @author Vasyl Martyniuk <vasyl@vasyltech.com>
23
- * @version 6.0.0
24
  */
25
- class AAM
26
- {
27
 
28
  /**
29
  * Single instance of itself
@@ -31,7 +29,6 @@ class AAM
31
  * @var AAM
32
  *
33
  * @access private
34
- * @version 6.0.0
35
  */
36
  private static $_instance = null;
37
 
@@ -41,7 +38,6 @@ class AAM
41
  * @var AAM_Core_Subject_User|AAM_Core_Subject_Visitor
42
  *
43
  * @access private
44
- * @version 6.0.0
45
  */
46
  private $_user = null;
47
 
@@ -51,14 +47,14 @@ class AAM
51
  * @return void
52
  *
53
  * @access protected
54
- * @version 6.0.0
55
  */
56
- protected function __construct()
57
- {
58
- // Initialize current subject
59
- $this->changeUser();
60
-
61
- add_action('set_current_user', array($this, 'changeUser'));
 
62
  }
63
 
64
  /**
@@ -69,10 +65,8 @@ class AAM
69
  * @return void
70
  *
71
  * @access public
72
- * @version 6.0.0
73
  */
74
- public function setUser(AAM_Core_Subject $user)
75
- {
76
  $this->_user = $user;
77
  }
78
 
@@ -82,10 +76,9 @@ class AAM
82
  * @return AAM_Core_Gateway
83
  *
84
  * @access public
85
- * @version 6.0.0
86
  */
87
- public static function api()
88
- {
89
  return AAM_Core_Gateway::getInstance();
90
  }
91
 
@@ -95,47 +88,21 @@ class AAM
95
  * @return AAM_Core_Subject
96
  *
97
  * @access public
98
- * @version 6.0.0
99
  */
100
- public static function getUser()
101
- {
102
  return self::getInstance()->_user;
103
  }
104
 
105
- /**
106
- * Change current user
107
- *
108
- * This method is triggered if some process updates current user
109
- *
110
- * @return void
111
- *
112
- * @access public
113
- * @version 6.0.0
114
- */
115
- public function changeUser()
116
- {
117
- $id = get_current_user_id();
118
-
119
- // Change current user
120
- if ($id) {
121
- $this->setUser(self::api()->getUser($id));
122
- } else {
123
- $this->setUser(new AAM_Core_Subject_Visitor());
124
- }
125
- }
126
-
127
  /**
128
  * Make sure that AAM UI Page is used
129
  *
130
  * @return boolean
131
  *
132
  * @access public
133
- * @version 6.0.0
134
  */
135
- public static function isAAM()
136
- {
137
- $page = filter_input(INPUT_GET, 'page');
138
- $action = filter_input(INPUT_POST, 'action');
139
 
140
  $intersect = array_intersect(array('aam', 'aamc'), array($page, $action));
141
 
@@ -143,30 +110,37 @@ class AAM
143
  }
144
 
145
  /**
146
- * Bootstrap AAM when all plugins are loaded
147
  *
148
  * @return void
149
  *
150
  * @access public
151
- * @version 6.0.0
152
  */
153
- public static function onPluginsLoaded()
154
- {
155
- // Load AAM core config
156
  AAM_Core_Config::bootstrap();
157
 
158
- // Load the core service first
159
- require_once __DIR__ . '/application/Service/Core.php';
 
 
160
 
161
- // Load all the defined AAM services
162
- foreach (new DirectoryIterator(__DIR__ . '/application/Service') as $service) {
163
- if ($service->isFile()) {
164
- require_once $service->getPathname();
165
- }
166
  }
167
 
168
  // Load AAM
169
  AAM::getInstance();
 
 
 
 
 
 
 
 
170
  }
171
 
172
  /**
@@ -175,12 +149,14 @@ class AAM
175
  * @return void
176
  *
177
  * @access public
178
- * @version 6.0.0
179
  */
180
- public static function onInit()
181
- {
182
- if (is_admin()) {
183
  AAM_Backend_Manager::bootstrap();
 
 
184
  }
185
  }
186
 
@@ -190,78 +166,113 @@ class AAM
190
  * @return AAM
191
  *
192
  * @access public
193
- * @version 6.0.0
194
  */
195
- public static function getInstance()
196
- {
197
  if (is_null(self::$_instance)) {
198
  self::$_instance = new self;
199
 
200
- // Load AAM internationalization
201
- load_plugin_textdomain(AAM_KEY, false, 'advanced-access-manager/lang');
202
 
203
- // Validate logged in user status
204
- if (is_user_logged_in()) {
205
- AAM::getUser()->validateStatus();
 
 
 
 
 
 
206
  }
 
 
207
  }
208
 
209
  return self::$_instance;
210
  }
211
 
212
  /**
213
- * Activation hook
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
214
  *
215
  * @return void
216
  *
217
  * @access public
218
- * @version 6.0.0
219
  */
220
- public static function activate()
221
- {
222
  global $wp_version;
223
 
224
  //check PHP Version
225
- if (version_compare(PHP_VERSION, '5.6.40') === -1) {
226
- exit(__('PHP 5.6.40 or higher is required.', AAM_KEY));
227
- } elseif (version_compare($wp_version, '4.7.0') === -1) {
228
- exit(__('WP 4.7.0 or higher is required.', AAM_KEY));
229
  }
230
  }
231
 
232
  /**
233
- * Deactivate hook
234
  *
235
  * Remove all leftovers from AAM execution
236
  *
237
  * @return void
238
  *
239
  * @access public
240
- * @version 6.0.0
241
  */
242
- public static function uninstall()
243
- {
244
  //trigger any uninstall hook that is registered by any extension
245
  do_action('aam-uninstall-action');
246
 
 
 
 
 
 
 
247
  //clear all AAM settings
248
  AAM_Core_API::clearSettings();
 
 
 
249
  }
250
 
251
  }
252
 
253
  if (defined('ABSPATH')) {
254
  //define few common constants
255
- define('AAM_MEDIA', plugins_url('/media', __FILE__));
 
 
 
256
  define('AAM_KEY', 'advanced-access-manager');
257
- define('AAM_VERSION', '6.0.0');
258
- define('AAM_BASEDIR', __DIR__);
259
 
260
  //load vendor
261
- require __DIR__ . '/vendor/autoload.php';
262
 
263
  //register autoloader
264
- require(__DIR__ . '/autoloader.php');
265
  AAM_Autoloader::register();
266
 
267
  // Keep this as the lowest priority
@@ -271,6 +282,15 @@ if (defined('ABSPATH')) {
271
  //this is important to have to catch events like register core post types
272
  add_action('init', 'AAM::onInit', -1);
273
 
 
 
 
 
 
 
 
 
 
274
  //activation & deactivation hooks
275
  register_activation_hook(__FILE__, array('AAM', 'activate'));
276
  register_uninstall_hook(__FILE__, array('AAM', 'uninstall'));
3
  /**
4
  * Plugin Name: Advanced Access Manager
5
  * Description: Collection of features to manage your WordPress website authentication, authorization and monitoring
6
+ * Version: 5.11
7
  * Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  * Author URI: https://vasyltech.com
9
  * Text Domain: advanced-access-manager
20
  *
21
  * @package AAM
22
  * @author Vasyl Martyniuk <vasyl@vasyltech.com>
 
23
  */
24
+ class AAM {
 
25
 
26
  /**
27
  * Single instance of itself
29
  * @var AAM
30
  *
31
  * @access private
 
32
  */
33
  private static $_instance = null;
34
 
38
  * @var AAM_Core_Subject_User|AAM_Core_Subject_Visitor
39
  *
40
  * @access private
 
41
  */
42
  private $_user = null;
43
 
47
  * @return void
48
  *
49
  * @access protected
 
50
  */
51
+ protected function __construct() {
52
+ //initialize current subject
53
+ if (is_user_logged_in()) {
54
+ $this->setUser(new AAM_Core_Subject_User(get_current_user_id()));
55
+ } else {
56
+ $this->setUser(new AAM_Core_Subject_Visitor(''));
57
+ }
58
  }
59
 
60
  /**
65
  * @return void
66
  *
67
  * @access public
 
68
  */
69
+ public function setUser(AAM_Core_Subject $user) {
 
70
  $this->_user = $user;
71
  }
72
 
76
  * @return AAM_Core_Gateway
77
  *
78
  * @access public
79
+ * @static
80
  */
81
+ public static function api() {
 
82
  return AAM_Core_Gateway::getInstance();
83
  }
84
 
88
  * @return AAM_Core_Subject
89
  *
90
  * @access public
 
91
  */
92
+ public static function getUser() {
 
93
  return self::getInstance()->_user;
94
  }
95
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
96
  /**
97
  * Make sure that AAM UI Page is used
98
  *
99
  * @return boolean
100
  *
101
  * @access public
 
102
  */
103
+ public static function isAAM() {
104
+ $page = AAM_Core_Request::get('page');
105
+ $action = AAM_Core_Request::post('action');
 
106
 
107
  $intersect = array_intersect(array('aam', 'aamc'), array($page, $action));
108
 
110
  }
111
 
112
  /**
113
+ * Bootstrap AAM
114
  *
115
  * @return void
116
  *
117
  * @access public
118
+ * @static
119
  */
120
+ public static function onPluginsLoaded() {
121
+ //load AAM core config
 
122
  AAM_Core_Config::bootstrap();
123
 
124
+ //login control
125
+ if (AAM_Core_Config::get('core.settings.secureLogin', true)) {
126
+ AAM_Core_Login::bootstrap();
127
+ }
128
 
129
+ //JWT Authentication
130
+ if (AAM_Core_Config::get('core.settings.jwtAuthentication', true)) {
131
+ AAM_Core_Jwt_Manager::bootstrap();
 
 
132
  }
133
 
134
  // Load AAM
135
  AAM::getInstance();
136
+
137
+ //load all installed extension
138
+ if (AAM_Core_Config::get('core.settings.extensionSupport', true)) {
139
+ AAM_Extension_Repository::getInstance()->load();
140
+ }
141
+
142
+ //load WP Core hooks
143
+ AAM_Shared_Manager::bootstrap();
144
  }
145
 
146
  /**
149
  * @return void
150
  *
151
  * @access public
152
+ * @static
153
  */
154
+ public static function onInit() {
155
+ //bootstrap the correct interface
156
+ if (AAM_Core_Api_Area::isBackend()) {
157
  AAM_Backend_Manager::bootstrap();
158
+ } elseif (AAM_Core_Api_Area::isFrontend()) {
159
+ AAM_Frontend_Manager::bootstrap();
160
  }
161
  }
162
 
166
  * @return AAM
167
  *
168
  * @access public
169
+ * @static
170
  */
171
+ public static function getInstance() {
 
172
  if (is_null(self::$_instance)) {
173
  self::$_instance = new self;
174
 
175
+ // Get current user
176
+ $user = self::$_instance->getUser();
177
 
178
+ // Load user capabilities
179
+ $user->initialize();
180
+
181
+ // Logout user if he/she is blocked
182
+ $status = $user->getUserStatus();
183
+
184
+ // If user is not active, then perform rollback on user
185
+ if (!empty($status) && $status->status !== 'active') {
186
+ $user->restrainUserAccount($status);
187
  }
188
+
189
+ load_plugin_textdomain(AAM_KEY, false, 'advanced-access-manager/lang');
190
  }
191
 
192
  return self::$_instance;
193
  }
194
 
195
  /**
196
+ * Run daily routine
197
+ *
198
+ * Check server extension versions
199
+ *
200
+ * @return void
201
+ *
202
+ * @access public
203
+ */
204
+ public static function cron() {
205
+ $extensions = AAM_Core_API::getOption('aam-extensions', null, 'site');
206
+
207
+ if (!empty($extensions) && AAM_Core_Config::get('core.settings.cron', true)) {
208
+ //grab the server extension list
209
+ AAM_Core_API::updateOption(
210
+ 'aam-check', AAM_Core_Server::check(), 'site'
211
+ );
212
+ }
213
+ }
214
+
215
+ /**
216
+ * Create aam folder
217
  *
218
  * @return void
219
  *
220
  * @access public
 
221
  */
222
+ public static function activate() {
 
223
  global $wp_version;
224
 
225
  //check PHP Version
226
+ if (version_compare(PHP_VERSION, '5.3.0') === -1) {
227
+ exit(__('PHP 5.3.0 or higher is required.', AAM_KEY));
228
+ } elseif (version_compare($wp_version, '4.0') === -1) {
229
+ exit(__('WP 4.0 or higher is required.', AAM_KEY));
230
  }
231
  }
232
 
233
  /**
234
+ * De-install hook
235
  *
236
  * Remove all leftovers from AAM execution
237
  *
238
  * @return void
239
  *
240
  * @access public
 
241
  */
242
+ public static function uninstall() {
 
243
  //trigger any uninstall hook that is registered by any extension
244
  do_action('aam-uninstall-action');
245
 
246
+ //remove aam directory if exists
247
+ $dirname = WP_CONTENT_DIR . '/aam';
248
+ if (file_exists($dirname)) {
249
+ AAM_Core_API::removeDirectory($dirname);
250
+ }
251
+
252
  //clear all AAM settings
253
  AAM_Core_API::clearSettings();
254
+
255
+ //clear schedules
256
+ wp_clear_scheduled_hook('aam-cron');
257
  }
258
 
259
  }
260
 
261
  if (defined('ABSPATH')) {
262
  //define few common constants
263
+ define(
264
+ 'AAM_MEDIA',
265
+ preg_replace('/^http[s]?:/', '', plugins_url('/media', __FILE__))
266
+ );
267
  define('AAM_KEY', 'advanced-access-manager');
268
+ define('AAM_EXTENSION_BASE', WP_CONTENT_DIR . '/aam/extension');
269
+ define('AAM_BASEDIR', dirname(__FILE__));
270
 
271
  //load vendor
272
+ require AAM_BASEDIR . '/vendor/autoload.php';
273
 
274
  //register autoloader
275
+ require (dirname(__FILE__) . '/autoloader.php');
276
  AAM_Autoloader::register();
277
 
278
  // Keep this as the lowest priority
282
  //this is important to have to catch events like register core post types
283
  add_action('init', 'AAM::onInit', -1);
284
 
285
+ //register API manager is applicable
286
+ add_action('parse_request', 'AAM_Api_Manager::bootstrap', 1);
287
+
288
+ //schedule cron
289
+ if (!wp_next_scheduled('aam-cron')) {
290
+ wp_schedule_event(time(), 'daily', 'aam-cron');
291
+ }
292
+ add_action('aam-cron', 'AAM::cron');
293
+
294
  //activation & deactivation hooks
295
  register_activation_hook(__FILE__, array('AAM', 'activate'));
296
  register_uninstall_hook(__FILE__, array('AAM', 'uninstall'));
application/Addon/Repository.php DELETED
@@ -1,262 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- *
9
- * @version 6.0.0
10
- */
11
-
12
- /**
13
- * Addon repository
14
- *
15
- * @package AAM
16
- * @version 6.0.0
17
- */
18
- class AAM_Addon_Repository
19
- {
20
-
21
- use AAM_Core_Contract_SingletonTrait;
22
-
23
- /**
24
- * DB options name
25
- *
26
- * @version 6.0.0
27
- */
28
- const DB_OPTION = 'aam_addons';
29
-
30
- /**
31
- * Constructor
32
- *
33
- * @return void
34
- *
35
- * @access protected
36
- * @version 6.0.0
37
- */
38
- protected function __construct()
39
- {
40
- if (file_exists(ABSPATH . 'wp-admin/includes/plugin.php')) {
41
- require_once ABSPATH . 'wp-admin/includes/plugin.php';
42
- }
43
- }
44
-
45
- /**
46
- * Get license registry
47
- *
48
- * @return array
49
- *
50
- * @access public
51
- * @version 6.0.0
52
- */
53
- public function getRegistry()
54
- {
55
- return AAM_Core_API::getOption(self::DB_OPTION, array(), 'site');
56
- }
57
-
58
- /**
59
- * Check if there is at least one license registered
60
- *
61
- * @return boolean
62
- *
63
- * @access public
64
- * @version 6.0.0
65
- */
66
- public function hasRegistry()
67
- {
68
- return count($this->getRegistry()) > 0;
69
- }
70
-
71
- /**
72
- * Store the license key
73
- *
74
- * @param object $package
75
- * @param string $license
76
- *
77
- * @return void
78
- *
79
- * @access public
80
- * @version 6.0.0
81
- */
82
- public function storeLicense($package, $license)
83
- {
84
- $list = $this->getRegistry();
85
-
86
- $list[$package->id] = array(
87
- 'license' => $license, 'expire' => $package->expire
88
- );
89
-
90
- // Update the registry
91
- AAM_Core_API::updateOption(self::DB_OPTION, $list);
92
- }
93
-
94
- /**
95
- * Get list of all addons with detailed information about each
96
- *
97
- * @return array
98
- *
99
- * @access public
100
- * @version 6.0.0
101
- */
102
- public function getList()
103
- {
104
- return array(
105
- 'aam-plus-package' => $this->buildAddonObject(
106
- 'Plus Package',
107
- 'plus-package',
108
- __('Manage access to your WordPress website posts, pages, media, custom post types, categories, tags and custom taxonomies for any role, individual user, visitors or even define default access for everybody; and do this separately for frontend, backend or API levels.', AAM_KEY)
109
- ),
110
- 'aam-ip-check' => $this->buildAddonObject(
111
- 'IP Check',
112
- 'ip-check',
113
- __('Manage access to your WordPress website by users IP address or referred host and completely lock down the entire website if necessary. Define the unlimited number of whitelisted or blacklisted IPs or hosts.', AAM_KEY)
114
- ),
115
- 'aam-role-hierarchy' => $this->buildAddonObject(
116
- 'Role Hierarchy',
117
- 'role-hierarchy',
118
- __('Define and manage complex WordPress role hierarchy where all the access settings are propagated down the tree with the ability to override any settings for any specific role.', AAM_KEY)
119
- ),
120
- /**
121
- * TODO: Release this extension after AAM 6.0.0. Enhance it with
122
- * subscription functionality and possibly with email notification
123
- * integration
124
- 'aam-ecommerce' => $this->buildAddonObject(
125
- 'E-Commerce',
126
- 'ecommerce',
127
- __('Start monetizing access to your premium content. Restrict access to read any WordPress post, page or custom post type until user purchase access to it.', AAM_KEY)
128
- ),
129
- */
130
- 'aam-complete-package' => $this->buildAddonObject(
131
- 'Complete Package',
132
- 'complete-package',
133
- __('Get the complete list of all premium AAM addons in one package and all future premium addons will be included for now additional cost.', AAM_KEY)
134
- )
135
- );
136
- }
137
-
138
- /**
139
- * Build add-on data model
140
- *
141
- * @param string $title
142
- * @param string $slug
143
- * @param string $description
144
- *
145
- * @return array
146
- *
147
- * @access protected
148
- * @version 6.0.0
149
- */
150
- protected function buildAddonObject($title, $slug, $description)
151
- {
152
- return array(
153
- 'title' => $title,
154
- 'version' => $this->getPluginVersion("aam-{$slug}/bootstrap.php"),
155
- 'isActive' => $this->isPluginActive("aam-{$slug}/bootstrap.php"),
156
- 'expires' => $this->getExpirationDate("aam-{$slug}"),
157
- 'license' => $this->getPluginLicense("aam-{$slug}"),
158
- 'type' => 'commercial',
159
- 'description' => $description,
160
- 'url' => 'https://aamplugin.com/pricing/' . $slug
161
- );
162
- }
163
-
164
- /**
165
- * Get plugin version
166
- *
167
- * @param string $plugin
168
- *
169
- * @return string
170
- *
171
- * @access public
172
- * @version 6.0.0
173
- */
174
- public function getPluginVersion($plugin)
175
- {
176
- $data = $this->getPluginData($plugin);
177
- $version = (isset($data['Version']) ? $data['Version'] : null);
178
-
179
- return (!empty($version) ? $version : null);
180
- }
181
-
182
- /**
183
- * Get plugin details from the WP core
184
- *
185
- * @param string $plugin
186
- *
187
- * @return array|null
188
- *
189
- * @access protected
190
- * @version 6.0.0
191
- */
192
- protected function getPluginData($plugin)
193
- {
194
- $filename = WP_PLUGIN_DIR . '/' . $plugin;
195
-
196
- if (function_exists('get_plugin_data') && file_exists($filename)) {
197
- $data = get_plugin_data($filename);
198
- } else {
199
- $data = null;
200
- }
201
-
202
- return $data;
203
- }
204
-
205
- /**
206
- * Check if plugin is active
207
- *
208
- * @param string $plugin
209
- *
210
- * @return boolean
211
- *
212
- * @access protected
213
- * @version 6.0.0
214
- */
215
- protected function isPluginActive($plugin)
216
- {
217
- $data = self::getPluginData($plugin);
218
-
219
- if (!empty($data)) {
220
- $active = is_plugin_active($plugin);
221
- } else {
222
- $active = false;
223
- }
224
-
225
- return $active;
226
- }
227
-
228
- /**
229
- * Get license expiration date
230
- *
231
- * @param string $plugin
232
- *
233
- * @return string|null
234
- *
235
- * @access protected
236
- * @version 6.0.0
237
- */
238
- protected function getExpirationDate($plugin)
239
- {
240
- $registry = $this->getRegistry();
241
-
242
- return (isset($registry[$plugin]) ? $registry[$plugin]['expires'] : null);
243
- }
244
-
245
- /**
246
- * Get plugin license key
247
- *
248
- * @param string $plugin
249
- *
250
- * @return string|null
251
- *
252
- * @access protected
253
- * @version 6.0.0
254
- */
255
- protected function getPluginLicense($plugin)
256
- {
257
- $registry = $this->getRegistry();
258
-
259
- return (isset($registry[$plugin]) ? $registry[$plugin]['license'] : null);
260
- }
261
-
262
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Api/Manager.php ADDED
@@ -0,0 +1,157 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ */
9
+
10
+ /**
11
+ * AAM Api access manager
12
+ *
13
+ * @package AAM
14
+ * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
+ */
16
+ class AAM_Api_Manager {
17
+
18
+ /**
19
+ * Instance of itself
20
+ *
21
+ * @var AAM_Api_Manager
22
+ *
23
+ * @access private
24
+ */
25
+ private static $_instance = null;
26
+
27
+ /**
28
+ * Map of routes and resources
29
+ *
30
+ * @var array
31
+ *
32
+ * @access protected
33
+ */
34
+ protected $resources = array(
35
+ 'post' => array (
36
+ '/wp/v2/posts',
37
+ '/wp/v2/posts/(?P<id>[\d]+)',
38
+ '/wp/v2/pages',
39
+ '/wp/v2/pages/(?P<id>[\d]+)',
40
+ '/wp/v2/media',
41
+ '/wp/v2/media/(?P<id>[\d]+)',
42
+ ),
43
+ 'user' => array (
44
+ '/wp/v2/users'
45
+ ),
46
+ 'revision' => array (
47
+ '/wp/v2/posts/(?P<parent>[\d]+)/revisions/(?P<id>[\d]+)',
48
+ '/wp/v2/pages/(?P<parent>[\d]+)/revisions/(?P<id>[\d]+)'
49
+ )
50
+ );
51
+
52
+ /**
53
+ * Construct the manager
54
+ *
55
+ * @return void
56
+ *
57
+ * @access public
58
+ */
59
+ protected function __construct() {
60
+ if (AAM_Core_Config::get('core.settings.apiAccessControl', true)) {
61
+ // REST API action authorization. Triggered before call is dispatched
62
+ add_filter(
63
+ 'rest_request_before_callbacks', array($this, 'beforeDispatch'), 10, 3
64
+ );
65
+
66
+ // Manage access to the RESTful endpoints
67
+ add_filter('rest_pre_dispatch', array($this, 'authorizeRest'), 1, 3);
68
+
69
+ // Register any additional endpoints with ConfigPress
70
+ $additional = AAM_Core_Config::get('rest.manage.endpoint');
71
+
72
+ if (!empty($additional) && is_array($additional)) {
73
+ $this->resources = array_merge_recursive($this->resources, $additional);
74
+ }
75
+ }
76
+ }
77
+
78
+ /**
79
+ * Authorize RESTful action before it is dispatched by RESTful Server
80
+ *
81
+ * @param mixed $response
82
+ * @param object $handler
83
+ * @param object $request
84
+ *
85
+ * @return mixed
86
+ *
87
+ * @access public
88
+ */
89
+ public function beforeDispatch($response, $handler, $request) {
90
+ $result = null;
91
+
92
+ foreach($this->resources as $res => $routes) {
93
+ foreach($routes as $regex) {
94
+ // Route to work with single post
95
+ if(preg_match('#^' . $regex . '$#i', $request->get_route())) {
96
+ $classname = 'AAM_Api_Rest_Resource_' . ucfirst($res);
97
+ $result = $classname::getInstance()->authorize($request);
98
+ }
99
+ }
100
+ }
101
+
102
+ return (is_null($result) ? $response : $result);
103
+ }
104
+
105
+ /**
106
+ * Authorize REST request
107
+ *
108
+ * Based on the matched route, check if it is disabled for current user
109
+ *
110
+ * @param WP_Error|null $response
111
+ * @param WP_REST_Server $server
112
+ * @param WP_REST_Request $request
113
+ *
114
+ * @return WP_Error|null
115
+ *
116
+ * @access public
117
+ */
118
+ public function authorizeRest($response, $server, $request) {
119
+ $user = AAM::getUser();
120
+ $object = $user->getObject('route');
121
+ $matched = $request->get_route();
122
+ $method = $request->get_method();
123
+
124
+ foreach(array_keys($server->get_routes()) as $route) {
125
+ if ($route === $matched || preg_match("#^{$route}$#i", $matched)) {
126
+ if ($object->has('restful', $route, $method)) {
127
+ $response = new WP_Error(
128
+ 'rest_access_denied',
129
+ __('Access denied', AAM_KEY),
130
+ array('status' => 401)
131
+ );
132
+ break;
133
+ }
134
+ }
135
+ }
136
+
137
+ return $response;
138
+ }
139
+
140
+ /**
141
+ * Bootstrap the manager
142
+ *
143
+ * @return void
144
+ *
145
+ * @access public
146
+ */
147
+ public static function bootstrap() {
148
+ global $wp;
149
+
150
+ if (!empty($wp->query_vars['rest_route'])) {
151
+ if (is_null(self::$_instance)) {
152
+ self::$_instance = new self;
153
+ }
154
+ }
155
+ }
156
+
157
+ }
application/Api/Rest/Resource/Post.php ADDED
@@ -0,0 +1,432 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ */
9
+
10
+ /**
11
+ * AAM RESTful Posts Resource
12
+ *
13
+ * @package AAM
14
+ * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
+ * @todo Rethink about DRY approach to the post access control
16
+ */
17
+ class AAM_Api_Rest_Resource_Post {
18
+
19
+ /**
20
+ * Instance of itself
21
+ *
22
+ * @var AAM_Api_Rest_Resource_Post
23
+ *
24
+ * @access private
25
+ */
26
+ private static $_instance = null;
27
+
28
+ /**
29
+ * Authorize Post actions
30
+ *
31
+ * @param WP_REST_Request $request
32
+ *
33
+ * @return WP_Error|null
34
+ *
35
+ * @access public
36
+ */
37
+ public function authorize($request) {
38
+ $result = null;
39
+
40
+ if ($request['id']) {
41
+ $post = AAM::getUser()->getObject('post', $request['id']);
42
+
43
+ switch($request->get_method()) {
44
+ case 'GET':
45
+ $result = $this->authorizeRead($post, $request);
46
+ break;
47
+
48
+ case 'POST':
49
+ case 'PUT':
50
+ case 'PATCH':
51
+ if ($request['status'] === 'publish') {
52
+ $result = $this->authorizePublish($post);
53
+ } else {
54
+ $result = $this->authorizeUpdate($post);
55
+ }
56
+ break;
57
+
58
+ case 'DELETE':
59
+ $result = $this->authorizeDelete($post);
60
+ break;
61
+
62
+ default:
63
+ break;
64
+ }
65
+ }
66
+
67
+ return $result;
68
+ }
69
+
70
+ /**
71
+ * Check post access
72
+ *
73
+ * Based on the provided post object, check if current user has access to it.
74
+ * This method run multiple checks at-once
75
+ *
76
+ * @param AAM_Core_Object_Post $post
77
+ * @param WP_REST_Request $request
78
+ *
79
+ * @return void
80
+ *
81
+ * @access protected
82
+ */
83
+ protected function authorizeRead(AAM_Core_Object_Post $post, $request) {
84
+ $steps = array(
85
+ // Step #1. Check if access expired to the post
86
+ array($this, 'checkExpiration'),
87
+ // Step #2. Check if user has access to read the post
88
+ array($this, 'checkReadAccess'),
89
+ // Step #3. Check if counter exceeded max allowed views
90
+ array($this, 'checkCounter'),
91
+ // Step #4. Check if redirect is defined for the post
92
+ array($this, 'checkRedirect'),
93
+ // Step #5. Check if post is password protected
94
+ array($this, 'checkPassword')
95
+ );
96
+
97
+ return $this->processPipeline($steps, $post, $request);
98
+ }
99
+
100
+ /**
101
+ *
102
+ * @param AAM_Core_Object_Post $post
103
+ * @return type
104
+ */
105
+ protected function authorizePublish(AAM_Core_Object_Post $post) {
106
+ $steps = array(
107
+ // Step #1. Check if publish action is allowed
108
+ array($this, 'checkPublish'),
109
+ );
110
+
111
+ return $this->processPipeline($steps, $post);
112
+ }
113
+
114
+ /**
115
+ *
116
+ * @param AAM_Core_Object_Post $post
117
+ * @return type
118
+ */
119
+ protected function authorizeUpdate(AAM_Core_Object_Post $post) {
120
+ $steps = array(
121
+ // Step #1. Check if edit action is allowed
122
+ array($this, 'checkUpdate'),
123
+ );
124
+
125
+ return $this->processPipeline($steps, $post);
126
+ }
127
+
128
+ /**
129
+ *
130
+ * @param AAM_Core_Object_Post $post
131
+ * @return type
132
+ */
133
+ protected function authorizeDelete(AAM_Core_Object_Post $post) {
134
+ $steps = array(
135
+ // Step #1. Check if edit action is allowed
136
+ array($this, 'checkDelete'),
137
+ );
138
+
139
+ return $this->processPipeline($steps, $post);
140
+ }
141
+
142
+ /**
143
+ *
144
+ * @param array $pipeline
145
+ * @param type $post
146
+ * @param type $request
147
+ * @return type
148
+ */
149
+ protected function processPipeline(array $pipeline, $post, $request = null) {
150
+ foreach($pipeline as $callback) {
151
+ $result = call_user_func_array($callback, array($post, $request));
152
+
153
+ if (is_wp_error($result)) { break; }
154
+ }
155
+
156
+ return $result;
157
+ }
158
+
159
+ /**
160
+ * Check ACCESS_EXPIRATION option
161
+ *
162
+ * If access is expired, override the access settings based on the
163
+ * post.access.expired ConfigPress settings (default frontend.read)
164
+ *
165
+ * @param AAM_Core_Object_Post $post
166
+ *
167
+ * @return void
168
+ *
169
+ * @access protected
170
+ */
171
+ protected function checkExpiration($post) {
172
+ $expire = $post->has('api.expire');
173
+
174
+ if ($expire) {
175
+ $date = strtotime($post->get('api.expire_datetime'));
176
+ if ($date <= time()) {
177
+ $actions = AAM_Core_Config::get(
178
+ 'feature.api.postAccess.expired', 'api.read'
179
+ );
180
+
181
+ foreach(array_map('trim', explode(',', $actions)) as $action) {
182
+ $post->set($action, 1);
183
+ }
184
+ }
185
+ }
186
+ }
187
+
188
+ /**
189
+ * Check READ & READ_OTHERS options
190
+ *
191
+ * @param AAM_Core_Object_Post $post
192
+ *
193
+ * @return void
194
+ *
195
+ * @access protected
196
+ */
197
+ protected function checkReadAccess(AAM_Core_Object_Post $post) {
198
+ $result = null;
199
+
200
+ if (!$post->allowed('api.read')) {
201
+ $result = new WP_Error(
202
+ 'rest_post_cannot_read',
203
+ "User is unauthorized to read the post. Access denied.",
204
+ array(
205
+ 'action' => 'api.read',
206
+ 'status' => 401
207
+ )
208
+ );
209
+ }
210
+
211
+ return $result;
212
+ }
213
+
214
+ /**
215
+ * Check ACCESS_COUNTER option
216
+ *
217
+ * @param AAM_Core_Object_Post $post
218
+ *
219
+ * @return void
220
+ *
221
+ * @access protected
222
+ */
223
+ protected function checkCounter(AAM_Core_Object_Post $post) {
224
+ $result = null;
225
+ $user = get_current_user_id();
226
+
227
+ //check counter only for authenticated users and if ACCESS COUNTER is set
228
+ if ($user && $post->has('api.access_counter')) {
229
+ $option = 'aam-post-api-' . $post->ID . '-access-counter';
230
+ $counter = intval(get_user_meta($user, $option, true));
231
+
232
+ if ($counter >= $post->get('api.access_counter_limit')) {
233
+ $result = new WP_Error(
234
+ 'rest_post_cannot_read',
235
+ "User exceeded allowed read number. Access denied.",
236
+ array(
237
+ 'action' => 'api.access_counter',
238
+ 'status' => 401
239
+ )
240
+ );
241
+ } else {
242
+ update_user_meta($user, $option, ++$counter);
243
+ }
244
+ }
245
+
246
+ return $result;
247
+ }
248
+
249
+ /**
250
+ * Check REDIRECT option
251
+ *
252
+ * @param AAM_Core_Object_Post $post
253
+ *
254
+ * @return void
255
+ *
256
+ * @access protected
257
+ */
258
+ protected function checkRedirect(AAM_Core_Object_Post $post) {
259
+ $result = null;
260
+
261
+ if ($post->has('api.redirect')) {
262
+ $rule = explode('|', $post->get('api.location'));
263
+
264
+ if (count($rule) === 1) { // TODO: legacy. Remove in Jul 2020
265
+ $redirect = $rule[0];
266
+ } elseif ($rule[0] === 'page') {
267
+ $redirect = get_page_link($rule[1]);
268
+ } elseif ($rule[0] === 'url') {
269
+ $redirect = $rule[1];
270
+ } elseif (($rule[0] === 'callback') && is_callable($rule[1])) {
271
+ $redirect = call_user_func($rule[1], $post);
272
+ } else {
273
+ $redirect = null;
274
+ }
275
+
276
+ $result = new WP_Error(
277
+ 'rest_post_cannot_read',
278
+ "Direct access is not allowed. Follow the redirect link.",
279
+ array(
280
+ 'action' => 'api.redirect',
281
+ 'redirect' => $redirect,
282
+ 'status' => 307
283
+ )
284
+ );
285
+ }
286
+
287
+ return $result;
288
+ }
289
+
290
+ /**
291
+ * Check PASSWORD PROTECTED option
292
+ *
293
+ * @param AAM_Core_Object_Post $post
294
+ * @param WP_REST_Request $request
295
+ *
296
+ * @return null|WP_Error
297
+ *
298
+ * @access public
299
+ */
300
+ public function checkPassword(AAM_Core_Object_Post $post, $request) {
301
+ $result = null;
302
+
303
+ if ($post->has('api.protected')) {
304
+ $pass = $post->get('api.password');
305
+
306
+ if ($request['password'] !== $pass) {
307
+ $result = new WP_Error(
308
+ 'rest_post_cannot_read',
309
+ "The content is password protected. Provide valid password to read.",
310
+ array(
311
+ 'action' => 'api.protected',
312
+ 'status' => 401
313
+ )
314
+ );
315
+ }
316
+
317
+ // Very important! Unset password. Otherwise it will fall back to the
318
+ // default password verification and this will cause invalid password
319
+ // response
320
+ $request['password'] = null;
321
+ }
322
+
323
+ return $result;
324
+ }
325
+
326
+ /**
327
+ * Check PUBLISH & PUBLISH_BY_OTHERS options
328
+ *
329
+ * @param AAM_Core_Object_Post $post
330
+ *
331
+ * @return void
332
+ *
333
+ * @access protected
334
+ */
335
+ protected function checkPublish(AAM_Core_Object_Post $post) {
336
+ $result = null;
337
+
338
+ // Keep this compatible with older version of Publish (without Gutenberg)
339
+ if (!$post->allowed('api.publish') || !$post->allowed('backend.publish')) {
340
+ $result = new WP_Error(
341
+ 'rest_post_cannot_publish',
342
+ "User is unauthorized to publish the post. Access denied.",
343
+ array(
344
+ 'action' => 'api.publish',
345
+ 'status' => 401
346
+ )
347
+ );
348
+ }
349
+
350
+ return $result;
351
+ }
352
+
353
+ /**
354
+ * Check EDIT & EDIT_BY_OTHERS options
355
+ *
356
+ * @param AAM_Core_Object_Post $post
357
+ *
358
+ * @return void
359
+ *
360
+ * @access protected
361
+ */
362
+ protected function checkUpdate(AAM_Core_Object_Post $post) {
363
+ $result = null;
364
+
365
+ if (!$post->allowed('api.edit')) {
366
+ $result = new WP_Error(
367
+ 'rest_post_cannot_update',
368
+ "User is unauthorized to update the post. Access denied.",
369
+ array(
370
+ 'action' => 'api.edit',
371
+ 'status' => 401
372
+ )
373
+ );
374
+ }
375
+
376
+ return $result;
377
+ }
378
+
379
+ /**
380
+ * Check DELETE & DELETE_BY_OTHERS options
381
+ *
382
+ * @param AAM_Core_Object_Post $post
383
+ *
384
+ * @return void
385
+ *
386
+ * @access protected
387
+ */
388
+ protected function checkDelete(AAM_Core_Object_Post $post) {
389
+ $result = null;
390
+
391
+ if (!$post->allowed('api.delete')) {
392
+ $result = new WP_Error(
393
+ 'rest_post_cannot_delete',
394
+ "User is unauthorized to delete the post. Access denied.",
395
+ array(
396
+ 'action' => 'api.delete',
397
+ 'status' => 401
398
+ )
399
+ );
400
+ }
401
+
402
+ return $result;
403
+ }
404
+
405
+ /**
406
+ * Alias for the bootstrap
407
+ *
408
+ * @return AAM_Api_Rest_Resource_Post
409
+ *
410
+ * @access public
411
+ * @static
412
+ */
413
+ public static function getInstance() {
414
+ return self::bootstrap();
415
+ }
416
+
417
+ /**
418
+ * Bootstrap authorization layer
419
+ *
420
+ * @return AAM_Api_Rest_Resource_Post
421
+ *
422
+ * @access public
423
+ */
424
+ public static function bootstrap() {
425
+ if (is_null(self::$_instance)) {
426
+ self::$_instance = new self;
427
+ }
428
+
429
+ return self::$_instance;
430
+ }
431
+
432
+ }
application/Api/Rest/Resource/Revision.php ADDED
@@ -0,0 +1,66 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ */
9
+
10
+ /**
11
+ * AAM REST Revision Resource
12
+ *
13
+ * @package AAM
14
+ * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
+ */
16
+ class AAM_Api_Rest_Resource_Revision {
17
+
18
+ /**
19
+ * Instance of itself
20
+ *
21
+ * @var AAM_Api_Rest_Resource_Revision
22
+ *
23
+ * @access private
24
+ */
25
+ private static $_instance = null;
26
+
27
+ /**
28
+ * Authorize User actions
29
+ *
30
+ * @param WP_REST_Request $request
31
+ *
32
+ * @return WP_Error|null
33
+ *
34
+ * @access public
35
+ */
36
+ public function authorize($request) {
37
+ return null;
38
+ }
39
+
40
+ /**
41
+ * Alias for the bootstrap
42
+ *
43
+ * @return AAM_Api_Rest_Resource_Revision
44
+ *
45
+ * @access public
46
+ * @static
47
+ */
48
+ public static function getInstance() {
49
+ return self::bootstrap();
50
+ }
51
+
52
+ /**
53
+ * Bootstrap authorization layer
54
+ *
55
+ * @return AAM_Api_Rest_Resource_Revision
56
+ *
57
+ * @access public
58
+ */
59
+ public static function bootstrap() {
60
+ if (is_null(self::$_instance)) {
61
+ self::$_instance = new self;
62
+ }
63
+
64
+ return self::$_instance;
65
+ }
66
+ }
application/Api/Rest/Resource/User.php CHANGED
@@ -5,73 +5,95 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
13
- * AAM RESTful API Users Resource
14
- *
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
- class AAM_Api_Rest_Resource_User
19
- {
20
-
21
- use AAM_Core_Contract_SingletonTrait;
22
-
23
  /**
24
- * Constructor
25
- *
26
- * @return void
27
- *
28
- * @access protected
29
- * @version 6.0.0
30
  */
31
- protected function __construct()
32
- {
 
 
 
 
33
  add_filter('rest_user_query', array($this, 'userQuery'));
34
  }
35
-
36
  /**
37
- * Authorize user actions
38
- *
39
- * @return null
40
- *
 
 
41
  * @access public
42
- * @version 6.0.0
43
  */
44
- public function authorize()
45
- {
46
  return null;
47
  }
48
-
49
  /**
50
  * Alter user select query
51
- *
52
  * @param array $args
53
- *
54
  * @return array
55
- *
56
  * @access public
57
- * @version 6.0.0
58
  */
59
- public function userQuery($args)
60
- {
61
  //current user max level
62
  $max = AAM::getUser()->getMaxLevel();
63
  $exclude = isset($args['role__not_in']) ? $args['role__not_in'] : array();
64