Advanced Access Manager - Version 5.2.5

Version Description

Fixed the bug with JWT authentication
Added the ability to enable/disable XML-RPC
Added the ability to enable/disable REST API
Added the ability to manage access to the individual REST API endpoints

Release Info

Developer	vasyl_m
Plugin	Advanced Access Manager
Version	5.2.5
Comparing to
See all releases

Code changes from version 5.2.1 to 5.2.5

Files changed (12) hide show

Application/Backend/Feature/Main/Capability.php +1 -1
Application/Backend/Feature/Main/Route.php +113 -0
Application/Backend/Feature/Settings/Core.php +10 -0
Application/Backend/View.php +1 -0
Application/Backend/phtml/main/route.phtml +35 -0
Application/Core/JwtAuth.php +2 -2
Application/Core/Object/Route.php +84 -0
Application/Core/Wp.php +80 -0
aam.php +4 -1
media/css/aam.css +23 -0
media/js/aam.js +149 -0
readme.txt +13 -4

Application/Backend/Feature/Main/Capability.php CHANGED Viewed

	@@ -54,7 +54,7 @@ class AAM_Backend_Feature_Main_Capability extends AAM_Backend_Feature_Abstract {
54	'aam_manage_404_redirect', 'aam_manage_ip_check',
55	'aam_manage_default', 'aam_manage_visitors', 'aam_list_roles',
56	'aam_edit_roles', 'aam_delete_roles', 'aam_toggle_users', 'aam_switch_users',
57	- 'aam_manage_configpress'
58	)
59	);
60


54	'aam_manage_404_redirect', 'aam_manage_ip_check',
55	'aam_manage_default', 'aam_manage_visitors', 'aam_list_roles',
56	'aam_edit_roles', 'aam_delete_roles', 'aam_toggle_users', 'aam_switch_users',
57	+ 'aam_manage_configpress', 'aam_manage_api_routes'
58	)
59	);
60

Application/Backend/Feature/Main/Route.php ADDED Viewed

	@@ -0,0 +1,113 @@


1	+ <?php
2	+
3	+ /**
4	+ * ======================================================================
5	+ * LICENSE: This file is subject to the terms and conditions defined in *
6	+ * file 'license.txt', which is part of this source code package. *
7	+ * ======================================================================
8	+ */
9	+
10	+ /**
11	+ * WordPress API manager
12	+ *
13	+ * @package AAM
14	+ * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15	+ */
16	+ class AAM_Backend_Feature_Main_Route extends AAM_Backend_Feature_Abstract {
17	+
18	+ public function getTable() {
19	+ $response = array('data' => $this->retrieveAllRoutes());
20	+
21	+ return json_encode($response);
22	+ }
23	+
24	+ public function save() {
25	+ $type = filter_input(INPUT_POST, 'type');
26	+ $route = filter_input(INPUT_POST, 'route');
27	+ $method = filter_input(INPUT_POST, 'method');
28	+ $value = filter_input(INPUT_POST, 'value');
29	+
30	+ $object = AAM_Backend_Subject::getInstance()->getObject('route');
31	+
32	+ $object->save($type, $route, $method, $value);
33	+
34	+ return json_encode(array('status' => 'success'));
35	+ }
36	+
37	+ /**
38	+ * @inheritdoc
39	+ */
40	+ public static function getTemplate() {
41	+ return 'main/route.phtml';
42	+ }
43	+
44	+ /**
45	+ *
46	+ * @return type
47	+ */
48	+ protected function retrieveAllRoutes() {
49	+ $response = array();
50	+ $object = AAM_Backend_Subject::getInstance()->getObject('route');
51	+ $routes = rest_get_server()->get_routes();
52	+
53	+ //build all RESful routes
54	+ foreach ($routes as $route => $handlers) {
55	+ $methods = array();
56	+ foreach($handlers as $handler) {
57	+ $methods = array_merge($methods, array_keys($handler['methods']));
58	+ }
59	+
60	+ foreach(array_unique($methods) as $method) {
61	+ $response[] = array(
62	+ 'restful',
63	+ $method,
64	+ $route,
65	+ $object->has('restful', $route, $method) ? 'checked' : 'unchecked'
66	+ );
67	+ }
68	+ }
69	+
70	+ return $response;
71	+ }
72	+
73	+ /**
74	+ * Check inheritance status
75	+ *
76	+ * Check if menu settings are overwritten
77	+ *
78	+ * @return boolean
79	+ *
80	+ * @access protected
81	+ */
82	+ protected function isOverwritten() {
83	+ $object = AAM_Backend_Subject::getInstance()->getObject('route');
84	+
85	+ return $object->isOverwritten();
86	+ }
87	+
88	+ /**
89	+ * Register Menu feature
90	+ *
91	+ * @return void
92	+ *
93	+ * @access public
94	+ */
95	+ public static function register() {
96	+ AAM_Backend_Feature::registerFeature((object) array(
97	+ 'uid' => 'route',
98	+ 'position' => 50,
99	+ 'title' => __('API Routes', AAM_KEY) . ' <span class="badge">NEW</span>',
100	+ 'capability' => 'aam_manage_api_routes',
101	+ 'type' => 'main',
102	+ 'subjects' => array(
103	+ AAM_Core_Subject_Role::UID,
104	+ AAM_Core_Subject_User::UID,
105	+ AAM_Core_Subject_Visitor::UID,
106	+ AAM_Core_Subject_Default::UID
107	+ ),
108	+ 'option' => 'core.restful',
109	+ 'view' => __CLASS__
110	+ ));
111	+ }
112	+
113	+ }

Application/Backend/Feature/Settings/Core.php CHANGED Viewed

	@@ -58,6 +58,16 @@ class AAM_Backend_Feature_Settings_Core extends AAM_Backend_Feature_Abstract {
58	'descr' => __('AAM comes with its own user login handler. With this feature you can add AJAX login widget to your frontend page that significantly enhance your website security.', AAM_KEY),
59	'value' => AAM_Core_Config::get('secure-login', true)
60	),










61	'jwt-authentication' => array(
62	'title' => __('JWT Authentication', AAM_KEY),
63	'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('[Note!] PHP 5.4 or higher is required for this feature. Enable the ability to authenticate user with WordPress RESTfull API and JWT token. For more information, check %sHow to authenticate WordPress user with JWT token%s article', 'b'), '<a href="https://aamplugin.com/help/how-to-authenticate-wordpress-user-with-jwt-token">', '</a>'),


58	'descr' => __('AAM comes with its own user login handler. With this feature you can add AJAX login widget to your frontend page that significantly enhance your website security.', AAM_KEY),
59	'value' => AAM_Core_Config::get('secure-login', true)
60	),
61	+ 'core.xmlrpc' => array(
62	+ 'title' => __('XML-RPC WordPress API', AAM_KEY),
63	+ 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Remote procedure call (RPC) interface is used to manage WordPress website content and features. For more information check %sXML-RPC Support%s article.', 'b'), '<a href="https://codex.wordpress.org/XML-RPC_Support">', '</a>'),
64	+ 'value' => AAM_Core_Config::get('core.xmlrpc', true)
65	+ ),
66	+ 'core.restful' => array(
67	+ 'title' => __('WordPress RESTful API', AAM_KEY),
68	+ 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('RESTful interface that is used to manage WordPress website content and features. For more information check %sREST API handbook%s.', 'b'), '<a href="https://developer.wordpress.org/rest-api/">', '</a>'),
69	+ 'value' => AAM_Core_Config::get('core.restful', true)
70	+ ),
71	'jwt-authentication' => array(
72	'title' => __('JWT Authentication', AAM_KEY),
73	'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('[Note!] PHP 5.4 or higher is required for this feature. Enable the ability to authenticate user with WordPress RESTfull API and JWT token. For more information, check %sHow to authenticate WordPress user with JWT token%s article', 'b'), '<a href="https://aamplugin.com/help/how-to-authenticate-wordpress-user-with-jwt-token">', '</a>'),

Application/Backend/View.php CHANGED Viewed

	@@ -36,6 +36,7 @@ class AAM_Backend_View {
36	AAM_Backend_Feature_Main_Menu::register();
37	AAM_Backend_Feature_Main_Metabox::register();
38	AAM_Backend_Feature_Main_Capability::register();

39	AAM_Backend_Feature_Main_Post::register();
40	AAM_Backend_Feature_Main_Redirect::register();
41	AAM_Backend_Feature_Main_LoginRedirect::register();


36	AAM_Backend_Feature_Main_Menu::register();
37	AAM_Backend_Feature_Main_Metabox::register();
38	AAM_Backend_Feature_Main_Capability::register();
39	+ AAM_Backend_Feature_Main_Route::register();
40	AAM_Backend_Feature_Main_Post::register();
41	AAM_Backend_Feature_Main_Redirect::register();
42	AAM_Backend_Feature_Main_LoginRedirect::register();

Application/Backend/phtml/main/route.phtml ADDED Viewed

	@@ -0,0 +1,35 @@


1	+ <?php if (defined('AAM_KEY')) { ?>
2	+ <div class="aam-feature" id="route-content">
3	+ <?php $subject = AAM_Backend_Subject::getInstance(); ?>
4	+
5	+ <div class="row">
6	+ <div class="col-xs-12">
7	+ <p class="aam-info">
8	+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Manage access to the website API routes for [%s]. For full RESTful API experience, you might want to use %sJWT authentication%s that is already available in AAM.', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/help/how-to-authenticate-wordpress-user-with-jwt-token" target="_blank">', '</a>'); ?><br/><br/>
9	+ <?php echo AAM_Backend_View_Helper::preparePhrase('[Please note!] It is the initial version of this feature. It can be significantly enhanced with a lot of useful functionality. Your feedback and suggestions are highly appreciated!', 'b'); ?>
10	+ </p>
11	+ </div>
12	+ </div>
13	+
14	+ <div class="row">
15	+ <div class="col-xs-12">
16	+ <div class="aam-overwrite<?php echo ($this->isOverwritten() ? '' : ' hidden'); ?>" id="aam-route-overwrite">
17	+ <span><i class="icon-check"></i> <?php echo __('Routes are customized', AAM_KEY); ?></span>
18	+ <span><a href="#" id="route-reset" class="btn btn-xs btn-primary"><?php echo __('Reset To Default', AAM_KEY); ?></a>
19	+ </div>
20	+ </div>
21	+ </div>
22	+
23	+ <table id="route-list" class="table table-striped table-bordered">
24	+ <thead>
25	+ <tr>
26	+ <th>Type</th>
27	+ <th width="10%"> </th>
28	+ <th width="80%"><?php echo __('Route', AAM_KEY); ?></th>
29	+ <th><?php echo __('Deny', AAM_KEY); ?></th>
30	+ </tr>
31	+ </thead>
32	+ <tbody></tbody>
33	+ </table>
34	+ </div>
35	+ <?php }

Application/Core/JwtAuth.php CHANGED Viewed

	@@ -37,7 +37,7 @@ class AAM_Core_JwtAuth {
37	add_action('rest_api_init', array($this, 'registerAPI'));
38
39	//register authentication hook
40	- add_filter('determine_current_user', array($this, 'determineCurrentUser'), 1);
41
42	//load firebase vendor
43	require AAM_BASEDIR . '/vendor/autoload.php';
	@@ -151,7 +151,7 @@ class AAM_Core_JwtAuth {
151	$claims = Firebase\JWT\JWT::decode(
152	$token, $key, array_keys(Firebase\JWT\JWT::$supported_algs)
153	);
154	-
155	if (isset($claims->userId)) {
156	$result = $claims->userId;
157	}


37	add_action('rest_api_init', array($this, 'registerAPI'));
38
39	//register authentication hook
40	+ add_filter('determine_current_user', array($this, 'determineCurrentUser'), 999);
41
42	//load firebase vendor
43	require AAM_BASEDIR . '/vendor/autoload.php';

151	$claims = Firebase\JWT\JWT::decode(
152	$token, $key, array_keys(Firebase\JWT\JWT::$supported_algs)
153	);
154	+
155	if (isset($claims->userId)) {
156	$result = $claims->userId;
157	}

Application/Core/Object/Route.php ADDED Viewed

	@@ -0,0 +1,84 @@


1	+ <?php
2	+
3	+ /**
4	+ * ======================================================================
5	+ * LICENSE: This file is subject to the terms and conditions defined in *
6	+ * file 'license.txt', which is part of this source code package. *
7	+ * ======================================================================
8	+ */
9	+
10	+ /**
11	+ * API route object
12	+ *
13	+ * @package AAM
14	+ * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15	+ */
16	+ class AAM_Core_Object_Route extends AAM_Core_Object {
17	+
18	+ /**
19	+ * Constructor
20	+ *
21	+ * @param AAM_Core_Subject $subject
22	+ *
23	+ * @return void
24	+ *
25	+ * @access public
26	+ */
27	+ public function __construct(AAM_Core_Subject $subject) {
28	+ parent::__construct($subject);
29	+
30	+ $option = $this->getSubject()->readOption('route');
31	+
32	+ if (empty($option)) {
33	+ $option = $this->getSubject()->inheritFromParent('route');
34	+ } else {
35	+ $this->setOverwritten(true);
36	+ }
37	+
38	+ $this->setOption($option);
39	+ }
40	+
41	+ /**
42	+ * Check if route is denied
43	+ *
44	+ * @param string $type REST or XMLRPC
45	+ * @param string $route
46	+ * @param string $method
47	+ *
48	+ * @return boolean
49	+ *
50	+ * @access public
51	+ */
52	+ public function has($type, $route, $method = 'POST') {
53	+ $options = $this->getOption();
54	+
55	+ return !empty($options[$type][$route][$method]);
56	+ }
57	+
58	+ /**
59	+ * Save menu option
60	+ *
61	+ * @return bool
62	+ *
63	+ * @access public
64	+ */
65	+ public function save($type, $route, $method, $value) {
66	+ $option = $this->getOption();
67	+ $option[$type][$route][$method] = $value;
68	+ $this->setOption($option);
69	+
70	+ return $this->getSubject()->updateOption($this->getOption(), 'route');
71	+ }
72	+
73	+ /**
74	+ * Reset default settings
75	+ *
76	+ * @return bool
77	+ *
78	+ * @access public
79	+ */
80	+ public function reset() {
81	+ return $this->getSubject()->deleteOption('route');
82	+ }
83	+
84	+ }

Application/Core/Wp.php ADDED Viewed

	@@ -0,0 +1,80 @@


1	+ <?php
2	+
3	+ /**
4	+ * ======================================================================
5	+ * LICENSE: This file is subject to the terms and conditions defined in *
6	+ * file 'license.txt', which is part of this source code package. *
7	+ * ======================================================================
8	+ */
9	+
10	+ /**
11	+ * AAM WordPress core hooks
12	+ *
13	+ * @package AAM
14	+ * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15	+ */
16	+ class AAM_Core_Wp {
17	+
18	+ /**
19	+ * Initialize core hooks
20	+ *
21	+ * @return void
22	+ *
23	+ * @access public
24	+ */
25	+ public static function bootstrap() {
26	+ // Disable XML-RPC if needed
27	+ if (!AAM_Core_Config::get('core.xmlrpc', true)) {
28	+ add_filter('xmlrpc_enabled', '__return_false');
29	+ }
30	+
31	+ // Disable RESTfull API if needed
32	+ if (!AAM_Core_Config::get('core.restfull', true)) {
33	+ add_filter(
34	+ 'rest_authentication_errors', 'AAM_Core_Wp::disableRestful', 1
35	+ );
36	+ }
37	+
38	+ // Manage access to the RESTful endpoints
39	+ add_filter('rest_pre_dispatch', 'AAM_Core_Wp::restAuth', 1, 3);
40	+ }
41	+
42	+ /**
43	+ *
44	+ * @param WP_Error\|null\|bool $response
45	+ *
46	+ * @return \WP_Error
47	+ */
48	+ public static function disableRestful($response) {
49	+ if (!is_wp_error($response)) {
50	+ $response = new WP_Error(403, 'RESTfull API is disabled');
51	+ }
52	+
53	+ return $response;
54	+ }
55	+
56	+ /**
57	+ *
58	+ * @param WP_Error $response
59	+ * @param type $server
60	+ * @param type $request
61	+ * @return \WP_Error
62	+ */
63	+ public static function restAuth($response, $server, $request) {
64	+ $user = AAM::getUser();
65	+ $object = $user->getObject('route');
66	+ $matched = $request->get_route();
67	+ $method = $request->get_method();
68	+
69	+ foreach(array_keys($server->get_routes()) as $route) {
70	+ if ($route == $matched \|\| preg_match("#^{$route}$#", $matched)) {
71	+ if ($object->has('restful', $route, $method)) {
72	+ $response = new WP_Error(403, __('Access denied', AAM_KEY));
73	+ break;
74	+ }
75	+ }
76	+ }
77	+
78	+ return $response;
79	+ }
80	+ }

aam.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	/**
4	Plugin Name: Advanced Access Manager
5	Description: All you need to manage access to your WordPress website
6	- Version: 5.2.1
7	Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8	Author URI: https://vasyltech.com
9
	@@ -108,6 +108,9 @@ class AAM {
108	//load AAM core config
109	AAM_Core_Config::bootstrap();
110



111	//login control
112	if (AAM_Core_Config::get('secure-login', true)) {
113	AAM_Core_Login::bootstrap();


3	/**
4	Plugin Name: Advanced Access Manager
5	Description: All you need to manage access to your WordPress website
6	+ Version: 5.2.5
7	Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8	Author URI: https://vasyltech.com
9

108	//load AAM core config
109	AAM_Core_Config::bootstrap();
110
111	+ //load WP Core hooks
112	+ AAM_Core_Wp::bootstrap();
113	+
114	//login control
115	if (AAM_Core_Config::get('secure-login', true)) {
116	AAM_Core_Login::bootstrap();

media/css/aam.css CHANGED Viewed

@@ -391,6 +391,28 @@ a.btn:focus, a.btn:active {
                 font-size: 8px;
+            }
             /** DATATABLES **/
             .dataTables_info {
                 float: left;
@@ -411,6 +433,7 @@ div.dataTables_wrapper div.dataTables_filter {
+            }
             #capability-list_wrapper div.dataTables_filter,
             #post-list_wrapper div.dataTables_filter {
                 text-align: right;
+            }


391	font-size: 8px;
392	}
393
394	+ .aam-api-method {
395	+ font-size: 8px;
396	+ font-weight: bold;
397	+ color: #808080;
398	+ }
399	+
400	+ .aam-api-method.get {
401	+ color: #3c763d;
402	+ }
403	+
404	+ .aam-api-method.post {
405	+ color: #F5AA2E;
406	+ }
407	+
408	+ .aam-api-method.put {
409	+ color: #286090;
410	+ }
411	+
412	+ .aam-api-method.delete {
413	+ color: #a94442;
414	+ }
415	+
416	/ DATATABLES /
417	.dataTables_info {
418	float: left;

433	}
434
435	#capability-list_wrapper div.dataTables_filter,
436	+ #route-list_wrapper div.dataTables_filter,
437	#post-list_wrapper div.dataTables_filter {
438	text-align: right;
439	}

media/js/aam.js CHANGED Viewed

@@ -2202,6 +2202,155 @@
                         aam.addHook('init', initialize);
                     })(jQuery);
                     /**
                      * Extensions Interface


2202	aam.addHook('init', initialize);
2203
2204	})(jQuery);
2205	+
2206	+ /**
2207	+ * API Routes Interface
2208	+ *
2209	+ * @param {jQuery} $
2210	+ *
2211	+ * @returns {void}
2212	+ */
2213	+ (function ($) {
2214	+
2215	+ /**
2216	+ *
2217	+ * @param {type} type
2218	+ * @param {type} route
2219	+ * @param {type} method
2220	+ * @param {type} value
2221	+ * @param {type} btn
2222	+ * @returns {undefined}
2223	+ */
2224	+ function save(type, route, method, value, btn) {
2225	+ //show indicator
2226	+ $(btn).attr('class', 'aam-row-action icon-spin4 animate-spin');
2227	+
2228	+ $.ajax(aamLocal.ajaxurl, {
2229	+ type: 'POST',
2230	+ dataType: 'json',
2231	+ data: {
2232	+ action: 'aam',
2233	+ sub_action: 'Main_Route.save',
2234	+ _ajax_nonce: aamLocal.nonce,
2235	+ subject: aam.getSubject().type,
2236	+ subjectId: aam.getSubject().id,
2237	+ type: type,
2238	+ route: route,
2239	+ method: method,
2240	+ value: value
2241	+ },
2242	+ success: function (response) {
2243	+ if (response.status === 'failure') {
2244	+ aam.notification('danger', response.error);
2245	+ updateBtn(btn, value ? 0 : 1);
2246	+ } else {
2247	+ $('#aam-route-overwrite').removeClass('hidden');
2248	+ updateBtn(btn, value);
2249	+ }
2250	+ },
2251	+ error: function () {
2252	+ updateBtn(btn, value ? 0 : 1);
2253	+ aam.notification('danger', aam.__('Application error'));
2254	+ }
2255	+ });
2256	+ }
2257	+
2258	+ /**
2259	+ *
2260	+ * @param {type} btn
2261	+ * @param {type} value
2262	+ * @returns {undefined}
2263	+ */
2264	+ function updateBtn(btn, value) {
2265	+ if (value) {
2266	+ $(btn).attr('class', 'aam-row-action text-danger icon-check');
2267	+ } else {
2268	+ $(btn).attr('class', 'aam-row-action text-muted icon-check-empty');
2269	+ }
2270	+ }
2271	+
2272	+ /**
2273	+ *
2274	+ * @returns {undefined}
2275	+ */
2276	+ function initialize() {
2277	+ if ($('#route-content').length) {
2278	+ //initialize the role list table
2279	+ $('#route-list').DataTable({
2280	+ autoWidth: false,
2281	+ ordering: false,
2282	+ pagingType: 'simple',
2283	+ serverSide: false,
2284	+ ajax: {
2285	+ url: aamLocal.ajaxurl,
2286	+ type: 'POST',
2287	+ data: {
2288	+ action: 'aam',
2289	+ sub_action: 'Main_Route.getTable',
2290	+ _ajax_nonce: aamLocal.nonce,
2291	+ subject: aam.getSubject().type,
2292	+ subjectId: aam.getSubject().id
2293	+ }
2294	+ },
2295	+ columnDefs: [
2296	+ {visible: false, targets: [0]},
2297	+ {className: 'text-center', targets: [1]}
2298	+ ],
2299	+ language: {
2300	+ search: '_INPUT_',
2301	+ searchPlaceholder: aam.__('Search Route'),
2302	+ info: aam.__('_TOTAL_ route(s)'),
2303	+ infoFiltered: '',
2304	+ infoEmpty: aam.__('Nothing to show'),
2305	+ lengthMenu: '_MENU_'
2306	+ },
2307	+ createdRow: function (row, data) {
2308	+ // decorate the method
2309	+ var method = $('<span/>', {
2310	+ 'class': 'aam-api-method ' + data[1].toLowerCase()
2311	+ }).text(data[1]);
2312	+
2313	+ $('td:eq(0)', row).html(method);
2314	+
2315	+ var actions = data[3].split(',');
2316	+
2317	+ var container = $('<div/>', {'class': 'aam-row-actions'});
2318	+ $.each(actions, function (i, action) {
2319	+ switch (action) {
2320	+ case 'unchecked':
2321	+ $(container).append($('<i/>', {
2322	+ 'class': 'aam-row-action text-muted icon-check-empty'
2323	+ }).bind('click', function () {
2324	+ save(data[0], data[2], data[1], 1, this);
2325	+ }));
2326	+ break;
2327	+
2328	+ case 'checked':
2329	+ $(container).append($('<i/>', {
2330	+ 'class': 'aam-row-action text-danger icon-check'
2331	+ }).bind('click', function () {
2332	+ save(data[0], data[2], data[1], 0, this);
2333	+ }));
2334	+ break;
2335	+
2336	+ default:
2337	+ break;
2338	+ }
2339	+ });
2340	+ $('td:eq(2)', row).html(container);
2341	+ }
2342	+ });
2343	+
2344	+ //reset button
2345	+ $('#route-reset').bind('click', function () {
2346	+ aam.reset('route');
2347	+ });
2348	+ }
2349	+ }
2350	+
2351	+ aam.addHook('init', initialize);
2352	+
2353	+ })(jQuery);
2354
2355	/**
2356	* Extensions Interface

readme.txt CHANGED Viewed

	@@ -1,9 +1,9 @@
1	=== Advanced Access Manager ===
2	Contributors: vasyltech
3	- Tags: access, role, user, capability, page access, post access, comments, security, login redirect, ~~brute force attack, double authentication,~~ membership, backend lockdown, wp-admin, 404, ~~activity~~ ~~tracking~~
4	Requires at least: 3.8
5	Tested up to: 4.9.4
6	- Stable tag: 5.2.1
7
8	The most powerful access management plugin for WordPress websites.
9
	@@ -16,8 +16,9 @@ https://www.youtube.com/watch?v=yiOhjaacNJc
16	= Few Quick Facts =
17
18	* Bullet-proven plugin with over a 1 million downloads where all features are well-tested and [documented](https://aamplugin.com/help). Very low amount of support tickets in comparison to similar plugins;
19	- * AAM contains the most powerful and flexible set of features to manage access to your WordPress website;
20	- * No ~~ads~~ or ~~other~~ ~~promotional~~ ~~crap.~~ ~~The~~ UI is ~~clean~~ and ~~well~~ ~~crafted~~ so ~~you~~ ~~can~~ ~~focus~~ ~~only~~ on ~~what~~ is ~~important~~;

21	* Some features are limited or available only with [premium extensions](https://aamplugin.com/store). AAM functionality is transparent and you will absolute know when you need to purchase our premium features;
22	* No need to be a "paid" customer to get help. Request support via email or start chat with Google Hangout;
23	* YES, we have some bad reviews however most of them where posted years ago and are unrelated to current AAM version. AAM is very powerful tool that can lock you out if mistake made.
	@@ -29,6 +30,8 @@ https://www.youtube.com/watch?v=yiOhjaacNJc
29	* [free] Manage temporary user accounts. Create and manage temporary user accounts. Find out more from [How to create temporary WordPress user account](https://aamplugin.com/help/how-to-create-temporary-wordpress-user-account);
30	* [free] Backend Lockdown. Restrict access to your website backend side for any user or role. Find out more from [How to lockdown WordPress backend](https://aamplugin.com/help/how-to-lockdown-wordpress-backend) article;
31	* [free] Secure Login Widget & Shortcode. Drop AJAX login widget or shortcode anywhere on your website. Find out more from [How does AAM Secure Login works](https://aamplugin.com/help/how-does-aam-secure-login-works) article;


32	* [free] JWT Authentication. Authenticate user through WordPress API and use received JWT token for further requests. Fid out more from [Hot to authenticate WordPress user with JWT token](https://aamplugin.com/help/how-to-authenticate-wordpress-user-with-jwt-token)
33	* [limited] Content Access. Very granular access to unlimited number of post, page or custom post type ([19 different options](https://aamplugin.com/help#posts-and-pages)). With premium [Plus Package](https://aamplugin.com/extension/plus-package) extension also manage access to hierarchical taxonomies or setup the default access to all post types and taxonomies. Find out more from [How to manage access to the WordPress content](https://aamplugin.com/help/how-to-manage-access-to-the-wordpress-content) article;
34	* [free] Content Filter. Filter or replace parts of your content with AAM shortcodes. Find out more from [How to filter WordPress post content](https://aamplugin.com/help/how-to-filter-wordpress-post-content) article;
	@@ -62,6 +65,12 @@ https://www.youtube.com/watch?v=yiOhjaacNJc
62
63	== Changelog ==
64






65	= 5.2.1 =
66	* Fixed bug with Linux incompatibility
67


1	=== Advanced Access Manager ===
2	Contributors: vasyltech
3	+ Tags: access, role, user, capability, page access, post access, content access, comments, security, login redirect, membership, backend lockdown, wp-admin, 404, rest api, xml rpc
4	Requires at least: 3.8
5	Tested up to: 4.9.4
6	+ Stable tag: 5.2.5
7
8	The most powerful access management plugin for WordPress websites.
9

16	= Few Quick Facts =
17
18	* Bullet-proven plugin with over a 1 million downloads where all features are well-tested and [documented](https://aamplugin.com/help). Very low amount of support tickets in comparison to similar plugins;
19	+ * AAM contains the most powerful and flexible set of features to manage access to your WordPress website and most of them are absolutely free;
20	+ * It is the only plugin in the world that gives you the ability to manage access to your website content for any role, individual user and visitors or even define the default access to all posts, pages, custom post types, categories and custom taxonomies;
21	+ * No ads or other promotional crap. The UI is clean and well crafted so you can focus only on what matters;
22	* Some features are limited or available only with [premium extensions](https://aamplugin.com/store). AAM functionality is transparent and you will absolute know when you need to purchase our premium features;
23	* No need to be a "paid" customer to get help. Request support via email or start chat with Google Hangout;
24	* YES, we have some bad reviews however most of them where posted years ago and are unrelated to current AAM version. AAM is very powerful tool that can lock you out if mistake made.

30	* [free] Manage temporary user accounts. Create and manage temporary user accounts. Find out more from [How to create temporary WordPress user account](https://aamplugin.com/help/how-to-create-temporary-wordpress-user-account);
31	* [free] Backend Lockdown. Restrict access to your website backend side for any user or role. Find out more from [How to lockdown WordPress backend](https://aamplugin.com/help/how-to-lockdown-wordpress-backend) article;
32	* [free] Secure Login Widget & Shortcode. Drop AJAX login widget or shortcode anywhere on your website. Find out more from [How does AAM Secure Login works](https://aamplugin.com/help/how-does-aam-secure-login-works) article;
33	+ * [free] Ability to enable/disable REST API and XML-RPC.
34	+ * [free] Manage access to REST API individual endpoints for any role, user or visitor.
35	* [free] JWT Authentication. Authenticate user through WordPress API and use received JWT token for further requests. Fid out more from [Hot to authenticate WordPress user with JWT token](https://aamplugin.com/help/how-to-authenticate-wordpress-user-with-jwt-token)
36	* [limited] Content Access. Very granular access to unlimited number of post, page or custom post type ([19 different options](https://aamplugin.com/help#posts-and-pages)). With premium [Plus Package](https://aamplugin.com/extension/plus-package) extension also manage access to hierarchical taxonomies or setup the default access to all post types and taxonomies. Find out more from [How to manage access to the WordPress content](https://aamplugin.com/help/how-to-manage-access-to-the-wordpress-content) article;
37	* [free] Content Filter. Filter or replace parts of your content with AAM shortcodes. Find out more from [How to filter WordPress post content](https://aamplugin.com/help/how-to-filter-wordpress-post-content) article;

65
66	== Changelog ==
67
68	+ = 5.2.5 =
69	+ * Fixed the bug with JWT authentication
70	+ * Added the ability to enable/disable XML-RPC
71	+ * Added the ability to enable/disable REST API
72	+ * Added the ability to manage access to the individual REST API endpoints
73	+
74	= 5.2.1 =
75	* Fixed bug with Linux incompatibility
76