Advanced Access Manager - Version 5.3.5

Version Description

  • Fixed bug with post LIST & LIST TO OTHERS when access is set to term in odd order
  • Fixed bug that potentially did not filter posts during search
  • Added notification to the UI that extension folder does not exist or is not writable
  • Added XML-RPC endpoint control
  • Added ability to filter list of users by roles on the Users/Roles Manager panel
Download this release

Release Info

Developer vasyl_m
Plugin Icon 128x128 Advanced Access Manager
Version 5.3.5
Comparing to
See all releases

Code changes from version 5.3.4 to 5.3.5

Files changed (30) hide show
  1. Application/Api/Rest/Resource/Post.php +3 -1
  2. Application/Backend/Feature/Extension/Manager.php +15 -0
  3. Application/Backend/Feature/Main/Post.php +0 -24
  4. Application/Backend/Feature/Main/Route.php +10 -0
  5. Application/Backend/Feature/Subject/User.php +5 -0
  6. Application/Backend/phtml/index.phtml +35 -0
  7. Application/Backend/phtml/main/menu.phtml +2 -2
  8. Application/Backend/phtml/main/metabox.phtml +1 -1
  9. Application/Backend/phtml/main/route.phtml +1 -1
  10. Application/Core/API.php +18 -24
  11. Application/Core/Contract/Api.php +0 -18
  12. Application/Core/Contract/Object.php +0 -18
  13. Application/Core/Contract/Subject.php +0 -18
  14. Application/Core/Gateway.php +9 -158
  15. Application/Core/Object.php +1 -1
  16. Application/Core/Object/Capability.php +40 -6
  17. Application/Core/Object/LoginRedirect.php +4 -1
  18. Application/Core/Object/Menu.php +26 -0
  19. Application/Core/Object/Metabox.php +29 -1
  20. Application/Core/Object/Post.php +58 -7
  21. Application/Core/Object/Visibility.php +14 -11
  22. Application/Core/Subject.php +1 -1
  23. Application/Extension/List.php +2 -2
  24. Application/Extension/Repository.php +12 -6
  25. Application/Frontend/Authorization.php +1 -1
  26. Application/Shared/Manager.php +34 -5
  27. aam.php +1 -1
  28. media/css/aam.css +11 -2
  29. media/js/aam.js +92 -10
  30. readme.txt +8 -1
Application/Api/Rest/Resource/Post.php CHANGED
@@ -156,7 +156,9 @@ class AAM_Api_Rest_Resource_Post {
156
  if ($expire) {
157
  $date = strtotime($post->get('api.expire_datetime'));
158
  if ($date <= time()) {
159
- $actions = AAM_Core_Config::get('post.access.expired', 'api.read');
 
 
160
 
161
  foreach(array_map('trim', explode(',', $actions)) as $action) {
162
  $post->set($action, 1);
156
  if ($expire) {
157
  $date = strtotime($post->get('api.expire_datetime'));
158
  if ($date <= time()) {
159
+ $actions = AAM_Core_Config::get(
160
+ 'feature.api.postAccess.expired', 'api.read'
161
+ );
162
 
163
  foreach(array_map('trim', explode(',', $actions)) as $action) {
164
  $post->set($action, 1);
Application/Backend/Feature/Extension/Manager.php CHANGED
@@ -139,6 +139,21 @@ class AAM_Backend_Feature_Extension_Manager extends AAM_Backend_Feature_Abstract
139
  return json_encode(array('status' => 'success'));
140
  }
141
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
142
  /**
143
  *
144
  * @param type $type
139
  return json_encode(array('status' => 'success'));
140
  }
141
 
142
+ /**
143
+ *
144
+ * @return type
145
+ */
146
+ public function fixDirectoryIssue() {
147
+ $dirname = AAM_Extension_Repository::getInstance()->getBasedir();
148
+ if (file_exists($dirname) === false) {
149
+ @mkdir($dirname, fileperms( ABSPATH ) & 0777 | 0755, true);
150
+ }
151
+
152
+ return json_encode(array(
153
+ 'status' => (AAM_Extension_Repository::getInstance()->isWriteableDirectory() ? 'success' : 'failed')
154
+ ));
155
+ }
156
+
157
  /**
158
  *
159
  * @param type $type
Application/Backend/Feature/Main/Post.php CHANGED
@@ -348,30 +348,6 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
348
  return json_encode($response);
349
  }
350
 
351
- /**
352
- *
353
- * @return type
354
- */
355
- public function autocomplete() {
356
- $res = array();
357
- $list = get_posts(array(
358
- 'post_type' => AAM_Core_Request::post('type'),
359
- 'category' => 0,
360
- 's' => AAM_Core_Request::post('s'),
361
- 'numberposts' => 10,
362
- 'post_status' => 'any',
363
- 'fields' => 'all'
364
- ));
365
-
366
- if (count($list)) {
367
- foreach($list as $post) {
368
- $res[] = "{$post->ID}|{$post->post_title}";
369
- }
370
- }
371
-
372
- return json_encode($res);
373
- }
374
-
375
  /**
376
  * Get Post or Term access
377
  *
348
  return json_encode($response);
349
  }
350
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
351
  /**
352
  * Get Post or Term access
353
  *
Application/Backend/Feature/Main/Route.php CHANGED
@@ -75,6 +75,16 @@ class AAM_Backend_Feature_Main_Route extends AAM_Backend_Feature_Abstract {
75
  }
76
  }
77
 
 
 
 
 
 
 
 
 
 
 
78
  return $response;
79
  }
80
 
75
  }
76
  }
77
 
78
+ // Build XML RPC routes
79
+ foreach(array_keys(AAM_Core_API::getXMLRPCServer()->methods) as $route) {
80
+ $response[] = array(
81
+ 'xmlrpc',
82
+ 'POST',
83
+ htmlspecialchars($route),
84
+ $object->has('xmlrpc', $route) ? 'checked' : 'unchecked'
85
+ );
86
+ }
87
+
88
  return $response;
89
  }
90
 
Application/Backend/Feature/Subject/User.php CHANGED
@@ -93,6 +93,7 @@ class AAM_Backend_Feature_Subject_User {
93
  */
94
  public function query() {
95
  $search = trim(AAM_Core_Request::request('search.value'));
 
96
 
97
  $args = array(
98
  'blog_id' => get_current_blog_id(),
@@ -106,6 +107,10 @@ class AAM_Backend_Feature_Subject_User {
106
  'orderby' => 'user_nicename',
107
  'order' => 'ASC'
108
  );
 
 
 
 
109
 
110
  return new WP_User_Query($args);
111
  }
93
  */
94
  public function query() {
95
  $search = trim(AAM_Core_Request::request('search.value'));
96
+ $role = trim(AAM_Core_Request::request('role'));
97
 
98
  $args = array(
99
  'blog_id' => get_current_blog_id(),
107
  'orderby' => 'user_nicename',
108
  'order' => 'ASC'
109
  );
110
+
111
+ if (!empty($role)) {
112
+ $args['role__in'] = $role;
113
+ }
114
 
115
  return new WP_User_Query($args);
116
  }
Application/Backend/phtml/index.phtml CHANGED
@@ -80,6 +80,41 @@
80
  </div>
81
  </div>
82
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
83
  <?php $licenses = AAM_Extension_Repository::getInstance()->getCommercialLicenses(); ?>
84
  <?php if (count($licenses)) { ?>
85
  <div class="metabox-holder extensions-metabox" style="display:none;">
80
  </div>
81
  </div>
82
 
83
+ <?php if (AAM_Extension_Repository::getInstance()->isWriteableDirectory() === false) { ?>
84
+ <?php $relativePath = AAM_Extension_Repository::getInstance()->getBasedir(true); ?>
85
+ <div class="metabox-holder extensions-metabox" id='extension-dir-warning' style="display:none;">
86
+ <div class="postbox">
87
+ <h3 class="hndle warning">
88
+ <span><?php echo __('Warning', AAM_KEY); ?></span>
89
+ </h3>
90
+ <div class="inside">
91
+ <div class="aam-postbox-inside text-center">
92
+ <p class='alert alert-warning text-larger highlighted-italic'>
93
+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('All AAM extension should be located in [%s] directory however it either does not exist or is not writable.', 'b'), $relativePath); ?>
94
+ </p>
95
+ <a href="#" class="btn btn-sm btn-success btn-block" id='fix-extension-dir-issue'><i class="icon-wrench"></i> <?php echo __('Click To Fix The Issue', AAM_KEY); ?></a>
96
+ </div>
97
+ </div>
98
+ </div>
99
+ </div>
100
+ <div class="modal fade" id="extension-dir-issue-modal" tabindex="-1" role="dialog">
101
+ <div class="modal-dialog" role="document">
102
+ <div class="modal-content">
103
+ <div class="modal-body">
104
+ <div class="form-group">
105
+ <p class="alert alert-warning text-larger">
106
+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Failed to create a [%s] directory for AAM extension. To create it manually, login to your website via FTP and create [%s] directory. [Please Note!] It is a relative directory path from your website root (where wp-config.php file is located).', 'b', 'b', 'b'), $relativePath, $relativePath); ?>
107
+ </p>
108
+ </div>
109
+ </div>
110
+ <div class="modal-footer">
111
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Ok', AAM_KEY); ?></button>
112
+ </div>
113
+ </div>
114
+ </div>
115
+ </div>
116
+ <?php } ?>
117
+
118
  <?php $licenses = AAM_Extension_Repository::getInstance()->getCommercialLicenses(); ?>
119
  <?php if (count($licenses)) { ?>
120
  <div class="metabox-holder extensions-metabox" style="display:none;">
Application/Backend/phtml/main/menu.phtml CHANGED
@@ -47,12 +47,12 @@
47
  <?php foreach ($menu['submenu'] as $j => $submenu) { ?>
48
  <?php if ($submenu['id'] == 'index.php') { ?>
49
  <div class="col-xs-12 col-md-6 aam-submenu-item">
50
- <label for="menu-item-<?php echo $i . $j; ?>"><?php echo $submenu['name']; ?> <small class="aam-menu-capability"><?php echo $submenu['capability']; ?></small></label>
51
  <a href="#dashboard-lockout-modal" data-toggle="modal"><i class="icon-help-circled"></i></a>
52
  </div>
53
  <?php } else { ?>
54
  <div class="col-xs-12 col-md-6 aam-submenu-item">
55
- <label for="menu-item-<?php echo $i . $j; ?>"><?php echo $submenu['name']; ?> <small class="aam-menu-capability"><?php echo $submenu['capability']; ?></small></label>
56
  <input type="checkbox" class="aam-checkbox-danger" id="menu-item-<?php echo $i . $j; ?>" data-menu-id="<?php echo $submenu['id']; ?>"<?php echo ($object->has($submenu['id']) ? ' checked="checked"' : ''); ?> />
57
  <label for="menu-item-<?php echo $i . $j; ?>" data-toggle="tooltip" title="<?php echo ($object->has($submenu['id']) ? __('Uncheck to allow', AAM_KEY) : __('Check to restrict', AAM_KEY)); ?>"></label>
58
  </div>
47
  <?php foreach ($menu['submenu'] as $j => $submenu) { ?>
48
  <?php if ($submenu['id'] == 'index.php') { ?>
49
  <div class="col-xs-12 col-md-6 aam-submenu-item">
50
+ <label for="menu-item-<?php echo $i . $j; ?>"><u><?php echo $submenu['name']; ?></u><small class="aam-menu-capability"><?php echo __('Cap:', AAM_KEY), ' <b>', $submenu['capability']; ?></b></small></label>
51
  <a href="#dashboard-lockout-modal" data-toggle="modal"><i class="icon-help-circled"></i></a>
52
  </div>
53
  <?php } else { ?>
54
  <div class="col-xs-12 col-md-6 aam-submenu-item">
55
+ <label for="menu-item-<?php echo $i . $j; ?>"><u><?php echo $submenu['name']; ?></u><small class="aam-menu-capability"><?php echo __('Cap:', AAM_KEY), ' <b>', $submenu['capability']; ?></b></small></label>
56
  <input type="checkbox" class="aam-checkbox-danger" id="menu-item-<?php echo $i . $j; ?>" data-menu-id="<?php echo $submenu['id']; ?>"<?php echo ($object->has($submenu['id']) ? ' checked="checked"' : ''); ?> />
57
  <label for="menu-item-<?php echo $i . $j; ?>" data-toggle="tooltip" title="<?php echo ($object->has($submenu['id']) ? __('Uncheck to allow', AAM_KEY) : __('Check to restrict', AAM_KEY)); ?>"></label>
58
  </div>
Application/Backend/phtml/main/metabox.phtml CHANGED
@@ -60,7 +60,7 @@
60
  <div class="row">
61
  <?php foreach ($metaboxes as $metabox) { ?>
62
  <div class="col-xs-12 col-md-6 aam-submenu-item">
63
- <label for="metabox-<?php echo $screen; ?>-<?php echo $metabox['id']; ?>"><?php echo $metabox['title']; ?></label>
64
  <input type="checkbox" class="aam-checkbox-danger" id="metabox-<?php echo $screen; ?>-<?php echo $metabox['id']; ?>" data-metabox="<?php echo $screen; ?>|<?php echo $metabox['id']; ?>"<?php echo ($object->has($screen, $metabox['id']) ? ' checked="checked"' : ''); ?> />
65
  <label for="metabox-<?php echo $screen; ?>-<?php echo $metabox['id']; ?>" data-toggle="tooltip" title="<?php echo ($object->has($screen, $metabox['id']) ? __('Uncheck to show', AAM_KEY) : __('Check to hide', AAM_KEY)); ?>"></label>
66
  </div>
60
  <div class="row">
61
  <?php foreach ($metaboxes as $metabox) { ?>
62
  <div class="col-xs-12 col-md-6 aam-submenu-item">
63
+ <label for="metabox-<?php echo $screen; ?>-<?php echo $metabox['id']; ?>"><u><?php echo $metabox['title']; ?></u><small class="aam-metabox-details"><?php echo __('Screen:', AAM_KEY) . ' <b>' . $screen; ?></b></small><small class="aam-metabox-details"><?php echo __('ID:', AAM_KEY) . ' <b>' . $metabox['id']; ?></b></small></label>
64
  <input type="checkbox" class="aam-checkbox-danger" id="metabox-<?php echo $screen; ?>-<?php echo $metabox['id']; ?>" data-metabox="<?php echo $screen; ?>|<?php echo $metabox['id']; ?>"<?php echo ($object->has($screen, $metabox['id']) ? ' checked="checked"' : ''); ?> />
65
  <label for="metabox-<?php echo $screen; ?>-<?php echo $metabox['id']; ?>" data-toggle="tooltip" title="<?php echo ($object->has($screen, $metabox['id']) ? __('Uncheck to show', AAM_KEY) : __('Check to hide', AAM_KEY)); ?>"></label>
66
  </div>
Application/Backend/phtml/main/route.phtml CHANGED
@@ -24,7 +24,7 @@
24
  <thead>
25
  <tr>
26
  <th>Type</th>
27
- <th width="10%">&nbsp;</th>
28
  <th width="80%"><?php echo __('Route', AAM_KEY); ?></th>
29
  <th><?php echo __('Deny', AAM_KEY); ?></th>
30
  </tr>
24
  <thead>
25
  <tr>
26
  <th>Type</th>
27
+ <th width="10%">Method</th>
28
  <th width="80%"><?php echo __('Route', AAM_KEY); ?></th>
29
  <th><?php echo __('Deny', AAM_KEY); ?></th>
30
  </tr>
Application/Core/API.php CHANGED
@@ -48,6 +48,24 @@ final class AAM_Core_API {
48
  return $response;
49
  }
50
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
51
  /**
52
  *
53
  * @param type $option
@@ -380,30 +398,6 @@ final class AAM_Core_API {
380
  return (!empty($version) ? $version : null);
381
  }
382
 
383
- /**
384
- * Get Query post type
385
- *
386
- * @param WP_Query $query
387
- *
388
- * @return string
389
- *
390
- * @access public
391
- */
392
- public static function getQueryPostType($query) {
393
- //get post type based on queired object
394
- if (!empty($query->query['post_type'])) {
395
- $type = $query->query['post_type'];
396
- } elseif (!empty($query->query_vars['post_type'])) {
397
- $type = $query->query_vars['post_type'];
398
- }
399
-
400
- if (empty($type) || !is_scalar($type)){
401
- $type = 'post';
402
- }
403
-
404
- return $type;
405
- }
406
-
407
  /**
408
  * Get current post
409
  *
48
  return $response;
49
  }
50
 
51
+ /**
52
+ *
53
+ * @staticvar type $xmlrpc
54
+ * @return \classname
55
+ */
56
+ public static function getXMLRPCServer() {
57
+ static $xmlrpc = null;
58
+
59
+ if (is_null($xmlrpc)) {
60
+ require_once(ABSPATH . WPINC . '/class-IXR.php');
61
+ require_once(ABSPATH . WPINC . '/class-wp-xmlrpc-server.php');
62
+ $classname = apply_filters('wp_xmlrpc_server_class', 'wp_xmlrpc_server');
63
+ $xmlrpc = new $classname;
64
+ }
65
+
66
+ return $xmlrpc;
67
+ }
68
+
69
  /**
70
  *
71
  * @param type $option
398
  return (!empty($version) ? $version : null);
399
  }
400
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
401
  /**
402
  * Get current post
403
  *
Application/Core/Contract/Api.php DELETED
@@ -1,18 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM core API interface
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- */
16
- interface AAM_Core_Contract_Api {
17
-
18
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Application/Core/Contract/Object.php DELETED
@@ -1,18 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM core object interface
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- */
16
- interface AAM_Core_Contract_Object {
17
-
18
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Application/Core/Contract/Subject.php DELETED
@@ -1,18 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM core subject interface
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- */
16
- interface AAM_Core_Contract_Subject {
17
-
18
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Application/Core/Gateway.php CHANGED
@@ -13,83 +13,8 @@
13
  * @package AAM
14
  * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- final class AAM_Core_Gateway implements AAM_Core_Contract_Api {
17
 
18
- /**
19
- * User subject slug
20
- */
21
- const SUBJECT_USER = 'user';
22
-
23
- /**
24
- * Role subject slug
25
- */
26
- const SUBJECT_ROLE = 'role';
27
-
28
- /**
29
- * Default subject slug
30
- */
31
- const SUBJECT_DEFAULT = 'default';
32
-
33
- /**
34
- * Visitor subject slug
35
- */
36
- const SUBJECT_VISITOR = 'visitor';
37
-
38
- /**
39
- * Cache object slug
40
- */
41
- const OBJECT_CACHE = 'cache';
42
-
43
- /**
44
- * Capability object slug
45
- */
46
- const OBJECT_CAPABILITY = 'capability';
47
-
48
- /**
49
- * Login Redirect object slug
50
- */
51
- const OBJECT_LOGIN_REDIRECT = 'loginRedirect';
52
-
53
- /**
54
- * Logout Redirect object slug
55
- */
56
- const OBJECT_LOGOUT_REDIRECT = 'logoutRedirect';
57
-
58
- /**
59
- * Backend Menu object slug
60
- */
61
- const OBJECT_BACKEND_MENU = 'menu';
62
-
63
- /**
64
- * Metabox & Widget object slug
65
- */
66
- const OBJECT_METABOX = 'metabox';
67
-
68
- /**
69
- * Post object slug
70
- */
71
- const OBJECT_POST = 'post';
72
-
73
- /**
74
- * Access Denied Redirect object slug
75
- */
76
- const OBJECT_ACCESS_DENIED_REDIRECT = 'redirect';
77
-
78
- /**
79
- * API Route object slug
80
- */
81
- const OBJECT_ROUTE = 'route';
82
-
83
- /**
84
- * Hierarchical Term object slug
85
- */
86
- const OBJECT_TERM = 'term';
87
-
88
- /**
89
- * Post Type object slug
90
- */
91
- const OBJECT_POST_TYPE = 'type';
92
-
93
  /**
94
  * Single instance of itself
95
  *
@@ -123,100 +48,24 @@ final class AAM_Core_Gateway implements AAM_Core_Contract_Api {
123
  *
124
  * If no $id specified, current user will be returned
125
  *
126
- * @param int $id
127
  *
128
- * @return AAM_Core_Subject_User
129
  *
130
  * @access public
131
- * @throws Exception If no $id is specified and user is not authenticated
132
  */
133
- public function getUserSubject($id = null) {
134
  if (!empty($id)) {
135
- if ($id == get_current_user_id()) {
136
- $user = AAM::getUser();
137
- } else {
138
- $user = new AAM_Core_Subject_User($id);
139
- }
140
  } elseif (get_current_user_id()) {
141
  $user = AAM::getUser();
142
  } else {
143
- throw new Exception('Current visitor is not authenticated');
144
  }
145
 
146
  return $user;
147
  }
148
 
149
- /**
150
- * Get role
151
- *
152
- * @param string $slug
153
- *
154
- * @return AAM_Core_Subject_Role
155
- *
156
- * @access public
157
- */
158
- public function getRoleSubject($slug) {
159
- return new AAM_Core_Subject_Role($slug);
160
- }
161
-
162
- /**
163
- * Get visitor
164
- *
165
- * @return AAM_Core_Subject_Visitor
166
- *
167
- * @access public
168
- */
169
- public function getVisitorSubject() {
170
- return new AAM_Core_Subject_Visitor();
171
- }
172
-
173
- /**
174
- * Get default subject
175
- *
176
- * @return AAM_Core_Subject_Default
177
- *
178
- * @access public
179
- */
180
- public function getDefaultSubject() {
181
- return new AAM_Core_Subject_Default();
182
- }
183
-
184
- /**
185
- * Get subject
186
- *
187
- * @param string $type Subject type (allowed user, role, visitor and default)
188
- * @param string|int $id Subject id (e.g. role slug or user ID)
189
- *
190
- * @return AAM_Core_Contract_Subject
191
- *
192
- * @access public
193
- * @throws Exception If subject type is not valid
194
- */
195
- public function getSubject($type, $id = null) {
196
- switch($type) {
197
- case self::SUBJECT_USER:
198
- $subject = $this->getUserSubject($id);
199
- break;
200
-
201
- case self::SUBJECT_ROLE:
202
- $subject = $this->getRoleSubject($id);
203
- break;
204
-
205
- case self::SUBJECT_VISITOR:
206
- $subject = $this->getVisitorSubject();
207
- break;
208
-
209
- case self::SUBJECT_DEFAULT:
210
- $subject = $this->getDefaultSubject();
211
- break;
212
-
213
- default:
214
- throw new Exception('Invalid subject type');
215
- }
216
-
217
- return $subject;
218
- }
219
-
220
  /**
221
  * Log any critical message
222
  *
@@ -232,11 +81,13 @@ final class AAM_Core_Gateway implements AAM_Core_Contract_Api {
232
  /**
233
  * Deny access for current HTTP request
234
  *
 
 
235
  * @return void
236
  *
237
  * @access public
238
  */
239
- public function denyAccess() {
240
  AAM_Core_API::reject();
241
  }
242
 
13
  * @package AAM
14
  * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
+ final class AAM_Core_Gateway {
17
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
18
  /**
19
  * Single instance of itself
20
  *
48
  *
49
  * If no $id specified, current user will be returned
50
  *
51
+ * @param int $id Optional user id
52
  *
53
+ * @return AAM_Core_Subject
54
  *
55
  * @access public
 
56
  */
57
+ public function getUser($id = null) {
58
  if (!empty($id)) {
59
+ $user = new AAM_Core_Subject_User($id);
 
 
 
 
60
  } elseif (get_current_user_id()) {
61
  $user = AAM::getUser();
62
  } else {
63
+ $user = new AAM_Core_Subject_Visitor();
64
  }
65
 
66
  return $user;
67
  }
68
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
69
  /**
70
  * Log any critical message
71
  *
81
  /**
82
  * Deny access for current HTTP request
83
  *
84
+ * @param mixed $params
85
+ *
86
  * @return void
87
  *
88
  * @access public
89
  */
90
+ public function denyAccess($params = null) {
91
  AAM_Core_API::reject();
92
  }
93
 
Application/Core/Object.php CHANGED
@@ -13,7 +13,7 @@
13
  * @package AAM
14
  * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- abstract class AAM_Core_Object implements AAM_Core_Contract_Object {
17
 
18
  /**
19
  * Subject
13
  * @package AAM
14
  * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
+ abstract class AAM_Core_Object {
17
 
18
  /**
19
  * Subject
Application/Core/Object/Capability.php CHANGED
@@ -41,9 +41,14 @@ class AAM_Core_Object_Capability extends AAM_Core_Object {
41
  }
42
 
43
  /**
 
44
  *
45
- * @param type $capability
46
- * @param type $granted
 
 
 
 
47
  */
48
  public function save($capability, $granted) {
49
  if (intval($granted)) {
@@ -54,14 +59,43 @@ class AAM_Core_Object_Capability extends AAM_Core_Object {
54
 
55
  return $result;
56
  }
57
-
58
  /**
59
- *
60
- * @param type $capability
61
- * @return type
 
 
 
 
62
  */
63
  public function has($capability) {
64
  return $this->getSubject()->hasCapability($capability);
65
  }
66
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
67
  }
41
  }
42
 
43
  /**
44
+ * Update subject's capability
45
  *
46
+ * @param string $capability
47
+ * @param bool $granted
48
+ *
49
+ * @return bool
50
+ *
51
+ * @access public
52
  */
53
  public function save($capability, $granted) {
54
  if (intval($granted)) {
59
 
60
  return $result;
61
  }
62
+
63
  /**
64
+ * Check if subject has specified capability
65
+ *
66
+ * @param string $capability
67
+ *
68
+ * @return bool
69
+ *
70
+ * @access public
71
  */
72
  public function has($capability) {
73
  return $this->getSubject()->hasCapability($capability);
74
  }
75
 
76
+ /**
77
+ * Assign capability to user
78
+ *
79
+ * @param string $capability
80
+ *
81
+ * @return boolean
82
+ *
83
+ * @access public
84
+ */
85
+ public function add($capability) {
86
+ return $this->save($capability, 1);
87
+ }
88
+
89
+ /**
90
+ * Remove capability from user
91
+ *
92
+ * @param string $capability
93
+ *
94
+ * @return boolean
95
+ *
96
+ * @access public
97
+ */
98
+ public function remove($capability) {
99
+ return $this->save($capability, 0);
100
+ }
101
  }
Application/Core/Object/LoginRedirect.php CHANGED
@@ -68,8 +68,11 @@ class AAM_Core_Object_LoginRedirect extends AAM_Core_Object {
68
  }
69
 
70
  /**
 
71
  *
72
- * @return type
 
 
73
  */
74
  public function reset() {
75
  return $this->getSubject()->deleteOption('loginredirect');
68
  }
69
 
70
  /**
71
+ * Reset settings to default
72
  *
73
+ * @return boolean
74
+ *
75
+ * @access public
76
  */
77
  public function reset() {
78
  return $this->getSubject()->deleteOption('loginredirect');
Application/Core/Object/Menu.php CHANGED
@@ -200,6 +200,32 @@ class AAM_Core_Object_Menu extends AAM_Core_Object {
200
 
201
  return $direct || $branch || $indirect;
202
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
203
 
204
  /**
205
  * Save menu option
200
 
201
  return $direct || $branch || $indirect;
202
  }
203
+
204
+ /**
205
+ * Allow access to a specific menu
206
+ *
207
+ * @param string $menu
208
+ *
209
+ * @return boolean
210
+ *
211
+ * @access public
212
+ */
213
+ public function allow($menu) {
214
+ return $this->save($menu, 0);
215
+ }
216
+
217
+ /**
218
+ * Deny access to a specific menu
219
+ *
220
+ * @param string $menu
221
+ *
222
+ * @return boolean
223
+ *
224
+ * @access public
225
+ */
226
+ public function deny($menu) {
227
+ return $this->save($menu, 1);
228
+ }
229
 
230
  /**
231
  * Save menu option
Application/Core/Object/Metabox.php CHANGED
@@ -85,7 +85,7 @@ class AAM_Core_Object_Metabox extends AAM_Core_Object {
85
  * @param type $screen
86
  */
87
  public function filterBackend($screen) {
88
- global $wp_meta_boxes, $wp_registered_widgets;
89
 
90
  if (is_array($wp_meta_boxes)) {
91
  foreach ($wp_meta_boxes as $screen_id => $zones) {
@@ -169,5 +169,33 @@ class AAM_Core_Object_Metabox extends AAM_Core_Object {
169
 
170
  return !empty($options[$screen][$metabox]);
171
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
172
 
173
  }
85
  * @param type $screen
86
  */
87
  public function filterBackend($screen) {
88
+ global $wp_meta_boxes;
89
 
90
  if (is_array($wp_meta_boxes)) {
91
  foreach ($wp_meta_boxes as $screen_id => $zones) {
169
 
170
  return !empty($options[$screen][$metabox]);
171
  }
172
+
173
+ /**
174
+ * Allow access to a specific metabox
175
+ *
176
+ * @param string $screen
177
+ * @param string $metabox
178
+ *
179
+ * @return boolean
180
+ *
181
+ * @access public
182
+ */
183
+ public function allow($screen, $metabox) {
184
+ $this->save("{$screen}|{$metabox}", 0);
185
+ }
186
+
187
+ /**
188
+ * Deny access to a specific metabox
189
+ *
190
+ * @param string $screen
191
+ * @param string $metabox
192
+ *
193
+ * @return boolean
194
+ *
195
+ * @access public
196
+ */
197
+ public function deny($screen, $metabox) {
198
+ return $this->save("{$screen}|{$metabox}", 1);
199
+ }
200
 
201
  }
Application/Core/Object/Post.php CHANGED
@@ -147,14 +147,17 @@ class AAM_Core_Object_Post extends AAM_Core_Object {
147
  /**
148
  * Save options
149
  *
 
 
 
150
  * @return boolean
151
  *
152
  * @access public
153
  */
154
- public function save($property, $checked) {
155
  $option = $this->getOption();
156
 
157
- $option[$property] = $checked;
158
 
159
  // Very specific WP case. According to the WP core, you are not allowed to
160
  // set meta for revision, so let's bypass this constrain.
@@ -231,19 +234,67 @@ class AAM_Core_Object_Post extends AAM_Core_Object {
231
  /**
232
  * Check if option is set
233
  *
234
- * @param string $area
235
- * @param string $action
236
  *
237
  * @return boolean
238
  *
239
  * @access public
240
  */
241
- public function has($action) {
242
  $option = $this->getOption();
243
 
244
- return (isset($option[$action]) && $option[$action]);
245
  }
246
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
247
  /**
248
  * Get option
249
  *
147
  /**
148
  * Save options
149
  *
150
+ * @param string $property
151
+ * @param mixed $value
152
+ *
153
  * @return boolean
154
  *
155
  * @access public
156
  */
157
+ public function save($property, $value) {
158
  $option = $this->getOption();
159
 
160
+ $option[$property] = $value;
161
 
162
  // Very specific WP case. According to the WP core, you are not allowed to
163
  // set meta for revision, so let's bypass this constrain.
234
  /**
235
  * Check if option is set
236
  *
237
+ * @param string $property
 
238
  *
239
  * @return boolean
240
  *
241
  * @access public
242
  */
243
+ public function has($property) {
244
  $option = $this->getOption();
245
 
246
+ return (array_key_exists($property, $option) && $option[$property]);
247
  }
248
+
249
+ /**
250
+ * Update property
251
+ *
252
+ * @param string $property
253
+ * @param mixed $value
254
+ *
255
+ * @return boolean
256
+ *
257
+ * @access public
258
+ */
259
+ public function update($property, $value) {
260
+ return $this->save($property, $value);
261
+ }
262
+
263
+ /**
264
+ * Remove property
265
+ *
266
+ * @param string $property
267
+ *
268
+ * @return boolean
269
+ *
270
+ * @access public
271
+ */
272
+ public function remove($property) {
273
+ $option = $this->getOption();
274
+
275
+ if (array_key_exists($option, $property)) {
276
+ unset($option[$property]);
277
+ }
278
+
279
+ // Very specific WP case. According to the WP core, you are not allowed to
280
+ // set meta for revision, so let's bypass this constrain.
281
+ if ($this->getPost()->post_type == 'revision') {
282
+ $result = update_metadata(
283
+ 'post', $this->getPost()->ID, $this->getOptionName(), $option
284
+ );
285
+ } else {
286
+ $result = update_post_meta(
287
+ $this->getPost()->ID, $this->getOptionName(), $option
288
+ );
289
+ }
290
+
291
+ if ($result) {
292
+ $this->setOption($option);
293
+ }
294
+
295
+ return $result;
296
+ }
297
+
298
  /**
299
  * Get option
300
  *
Application/Core/Object/Visibility.php CHANGED
@@ -74,9 +74,9 @@ class AAM_Core_Object_Visibility extends AAM_Core_Object {
74
  }
75
 
76
  if (in_array($subject::UID, array('user', 'visitor'))) {
77
- $subject->getObject('cache')->add(
78
- 'visibility', 0, empty($option) ? false : $option
79
- );
80
  }
81
  }
82
 
@@ -103,15 +103,18 @@ class AAM_Core_Object_Visibility extends AAM_Core_Object {
103
  }
104
  }
105
 
106
- if (!empty($filtered)) {
107
- $option = $this->getOption();
108
- if (isset($option[$object][$id])) {
109
- $option[$object][$id] = array_merge($option[$object][$id], $filtered);
110
- } else {
111
- $option[$object][$id] = $filtered;
112
- }
113
- $this->setOption($option);
 
 
114
  }
 
115
 
116
  return $filtered;
117
  }
74
  }
75
 
76
  if (in_array($subject::UID, array('user', 'visitor'))) {
77
+ // $subject->getObject('cache')->add(
78
+ // 'visibility', 0, empty($option) ? false : $option
79
+ // );
80
  }
81
  }
82
 
103
  }
104
  }
105
 
106
+ if (empty($filtered)) {
107
+ $filtered = array_combine(
108
+ $listOptions,
109
+ array_fill(0, count($listOptions), 0)
110
+ );
111
+ }
112
+
113
+ $option = $this->getOption();
114
+ if (!isset($option[$object][$id])) {
115
+ $option[$object][$id] = $filtered;
116
  }
117
+ $this->setOption($option);
118
 
119
  return $filtered;
120
  }
Application/Core/Subject.php CHANGED
@@ -13,7 +13,7 @@
13
  * @package AAM
14
  * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- abstract class AAM_Core_Subject implements AAM_Core_Contract_Subject {
17
 
18
  /**
19
  * Subject ID
13
  * @package AAM
14
  * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
+ abstract class AAM_Core_Subject {
17
 
18
  /**
19
  * Subject ID
Application/Extension/List.php CHANGED
@@ -22,7 +22,7 @@ class AAM_Extension_List {
22
  'description' => 'Get the complete list of all available premium extensions in one package. Any new premium extensions in the future will be available for no additional cost.',
23
  'url' => 'https://aamplugin.com/complete-package',
24
  'version' => (defined('AAM_COMPLETE_PACKAGE') ? constant('AAM_COMPLETE_PACKAGE') : null),
25
- 'latest' => '3.8'
26
  ),
27
  'AAM_PLUS_PACKAGE' => array(
28
  'title' => 'Plus Package',
@@ -31,7 +31,7 @@ class AAM_Extension_List {
31
  'description' => 'The best selling extension with the most advanced content management features for the WordPress CMS. Manage granular access to any post, page, custom post type, category, custom hierarchical taxonomy or define the default access to all your content for all users, roles and visitors.',
32
  'url' => 'https://aamplugin.com/extension/plus-package',
33
  'version' => (defined('AAM_PLUS_PACKAGE') ? constant('AAM_PLUS_PACKAGE') : null),
34
- 'latest' => '3.7.3'
35
  ),
36
  'AAM_IP_CHECK' => array(
37
  'title' => 'IP Check',
22
  'description' => 'Get the complete list of all available premium extensions in one package. Any new premium extensions in the future will be available for no additional cost.',
23
  'url' => 'https://aamplugin.com/complete-package',
24
  'version' => (defined('AAM_COMPLETE_PACKAGE') ? constant('AAM_COMPLETE_PACKAGE') : null),
25
+ 'latest' => '3.8.2'
26
  ),
27
  'AAM_PLUS_PACKAGE' => array(
28
  'title' => 'Plus Package',
31
  'description' => 'The best selling extension with the most advanced content management features for the WordPress CMS. Manage granular access to any post, page, custom post type, category, custom hierarchical taxonomy or define the default access to all your content for all users, roles and visitors.',
32
  'url' => 'https://aamplugin.com/extension/plus-package',
33
  'version' => (defined('AAM_PLUS_PACKAGE') ? constant('AAM_PLUS_PACKAGE') : null),
34
+ 'latest' => '3.7.5'
35
  ),
36
  'AAM_IP_CHECK' => array(
37
  'title' => 'IP Check',
Application/Extension/Repository.php CHANGED
@@ -380,14 +380,20 @@ class AAM_Extension_Repository {
380
  *
381
  * @access public
382
  */
383
- public function getBasedir() {
384
- $dirname = AAM_Core_Config::get('core.extention.directory', AAM_EXTENSION_BASE);
385
 
386
- if (file_exists($dirname) === false) {
387
- @mkdir($dirname, fileperms( ABSPATH ) & 0777 | 0755);
388
- }
 
 
 
 
 
 
389
 
390
- return $dirname;
391
  }
392
 
393
  /**
380
  *
381
  * @access public
382
  */
383
+ public function getBasedir($relative = false) {
384
+ $dir = AAM_Core_Config::get('core.extention.directory', AAM_EXTENSION_BASE);
385
 
386
+ return ($relative ? str_replace(ABSPATH, '', $dir) : $dir);
387
+ }
388
+
389
+ /**
390
+ *
391
+ * @return type
392
+ */
393
+ public function isWriteableDirectory() {
394
+ $directory = $this->getBasedir();
395
 
396
+ return file_exists($directory) && is_writeable($directory);
397
  }
398
 
399
  /**
Application/Frontend/Authorization.php CHANGED
@@ -75,7 +75,7 @@ class AAM_Frontend_Authorization {
75
  $date = strtotime($post->get('frontend.expire_datetime'));
76
  if ($date <= time()) {
77
  $actions = AAM_Core_Config::get(
78
- 'feature.post.access.expired', 'frontend.read'
79
  );
80
 
81
  foreach(array_map('trim', explode(',', $actions)) as $action) {
75
  $date = strtotime($post->get('frontend.expire_datetime'));
76
  if ($date <= time()) {
77
  $actions = AAM_Core_Config::get(
78
+ 'feature.frontend.postAccess.expired', 'frontend.read'
79
  );
80
 
81
  foreach(array_map('trim', explode(',', $actions)) as $action) {
Application/Shared/Manager.php CHANGED
@@ -47,6 +47,11 @@ class AAM_Shared_Manager {
47
  // Disable XML-RPC if needed
48
  if (!AAM_Core_Config::get('core.settings.xmlrpc', true)) {
49
  add_filter('xmlrpc_enabled', '__return_false');
 
 
 
 
 
50
  }
51
 
52
  // Disable RESTful API if needed
@@ -57,7 +62,7 @@ class AAM_Shared_Manager {
57
  1
58
  );
59
  }
60
-
61
  // Control post visibility
62
  //important to keep this option optional for optimization reasons
63
  if (AAM_Core_Config::get('core.settings.checkPostVisibility', true)) {
@@ -76,6 +81,21 @@ class AAM_Shared_Manager {
76
  return self::$_instance;
77
  }
78
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
79
  /**
80
  * After post SELECT query
81
  *
@@ -90,7 +110,7 @@ class AAM_Shared_Manager {
90
  public function filterPostQuery($clauses, $wpQuery) {
91
  if ($this->isPostFilterEnabled()) {
92
  $option = AAM::getUser()->getObject('visibility')->getOption();
93
-
94
  if (!empty($option['post'])) {
95
  $query = $this->preparePostQuery($option['post'], $wpQuery);
96
  } else {
@@ -149,7 +169,16 @@ class AAM_Shared_Manager {
149
  $postType = 'post';
150
  }
151
 
152
- return $postType;
 
 
 
 
 
 
 
 
 
153
  }
154
 
155
  /**
@@ -166,7 +195,7 @@ class AAM_Shared_Manager {
166
  protected function preparePostQuery($visibility, $wpQuery) {
167
  global $wpdb;
168
 
169
- $postType = $this->getQueryingPostType($wpQuery);
170
 
171
  $not = array();
172
  $area = AAM_Core_Api_Area::get();
@@ -174,7 +203,7 @@ class AAM_Shared_Manager {
174
  foreach($visibility as $id => $access) {
175
  $chunks = explode('|', $id);
176
 
177
- if ($postType == $chunks[1]) {
178
  if (!empty($access["{$area}.list"])) {
179
  $not[] = $chunks[0];
180
  }
47
  // Disable XML-RPC if needed
48
  if (!AAM_Core_Config::get('core.settings.xmlrpc', true)) {
49
  add_filter('xmlrpc_enabled', '__return_false');
50
+ } else {
51
+ add_action(
52
+ 'xmlrpc_call',
53
+ array(self::$_instance, 'authorizeXMLRPCRequest')
54
+ );
55
  }
56
 
57
  // Disable RESTful API if needed
62
  1
63
  );
64
  }
65
+
66
  // Control post visibility
67
  //important to keep this option optional for optimization reasons
68
  if (AAM_Core_Config::get('core.settings.checkPostVisibility', true)) {
81
  return self::$_instance;
82
  }
83
 
84
+ /**
85
+ *
86
+ * @param type $method
87
+ */
88
+ public function authorizeXMLRPCRequest($method) {
89
+ $object = AAM::api()->getUser(get_current_user_id())->getObject('route');
90
+
91
+ if ($object->has('xmlrpc', $method)) {
92
+ AAM_Core_API::getXMLRPCServer()->error(
93
+ 401,
94
+ 'Authorization Error. You are not authorized to perform this action'
95
+ );
96
+ }
97
+ }
98
+
99
  /**
100
  * After post SELECT query
101
  *
110
  public function filterPostQuery($clauses, $wpQuery) {
111
  if ($this->isPostFilterEnabled()) {
112
  $option = AAM::getUser()->getObject('visibility')->getOption();
113
+
114
  if (!empty($option['post'])) {
115
  $query = $this->preparePostQuery($option['post'], $wpQuery);
116
  } else {
169
  $postType = 'post';
170
  }
171
 
172
+ if ($postType == 'any') {
173
+ $postType = array_keys(
174
+ get_post_types(
175
+ array('public' => true, 'exclude_from_search' => false),
176
+ 'names'
177
+ )
178
+ );
179
+ }
180
+
181
+ return (array) $postType;
182
  }
183
 
184
  /**
195
  protected function preparePostQuery($visibility, $wpQuery) {
196
  global $wpdb;
197
 
198
+ $postTypes = $this->getQueryingPostType($wpQuery);
199
 
200
  $not = array();
201
  $area = AAM_Core_Api_Area::get();
203
  foreach($visibility as $id => $access) {
204
  $chunks = explode('|', $id);
205
 
206
+ if (in_array($chunks[1], $postTypes)) {
207
  if (!empty($access["{$area}.list"])) {
208
  $not[] = $chunks[0];
209
  }
aam.php CHANGED
@@ -3,7 +3,7 @@
3
  /**
4
  Plugin Name: Advanced Access Manager
5
  Description: All you need to manage access to your WordPress website
6
- Version: 5.3.4
7
  Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  Author URI: https://vasyltech.com
9
 
3
  /**
4
  Plugin Name: Advanced Access Manager
5
  Description: All you need to manage access to your WordPress website
6
+ Version: 5.3.5
7
  Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  Author URI: https://vasyltech.com
9
 
media/css/aam.css CHANGED
@@ -236,6 +236,11 @@ html, body {
236
  font-size: 1em;
237
  }
238
 
 
 
 
 
 
239
  /** BOOTSTRAP **/
240
  .row {
241
  position: relative;
@@ -478,6 +483,10 @@ table.table-bordered.dataTable tbody th, table.table-bordered.dataTable tbody td
478
  left: auto;
479
  }
480
 
 
 
 
 
481
  input[type=checkbox] { /* to hide the checkbox itself */
482
  display:none;
483
  }
@@ -754,7 +763,7 @@ input[type=radio]:checked + label:before {
754
  padding: 2px 15px 0px 15px;
755
  }
756
 
757
- .aam-submenu-item .aam-menu-capability {
758
  display: block;
759
  margin-top: -4px;
760
  }
@@ -995,7 +1004,7 @@ input[type=radio]:checked + label:before {
995
  margin-bottom: 0;
996
  }
997
 
998
- .aam-menu-capability {
999
  color: #777777;
1000
  font-weight: 400;
1001
  }
236
  font-size: 1em;
237
  }
238
 
239
+ .hndle.warning {
240
+ background-color: #f0ad4e !important;
241
+ color: #FFFFFF;
242
+ }
243
+
244
  /** BOOTSTRAP **/
245
  .row {
246
  position: relative;
483
  left: auto;
484
  }
485
 
486
+ .user-filter {
487
+ max-width: 40%;
488
+ }
489
+
490
  input[type=checkbox] { /* to hide the checkbox itself */
491
  display:none;
492
  }
763
  padding: 2px 15px 0px 15px;
764
  }
765
 
766
+ .aam-submenu-item .aam-menu-capability, .aam-metabox-details {
767
  display: block;
768
  margin-top: -4px;
769
  }
1004
  margin-bottom: 0;
1005
  }
1006
 
1007
+ .aam-menu-capability, .aam-metabox-details {
1008
  color: #777777;
1009
  font-weight: 400;
1010
  }
media/js/aam.js CHANGED
@@ -169,10 +169,15 @@
169
  var create = $('<a/>', {
170
  'href': '#',
171
  'class': 'btn btn-primary'
172
- }).html('<i class="icon-plus"></i> ' + aam.__('Create'))
 
173
  .bind('click', function () {
174
  resetForm('#add-role-modal .modal-body');
175
  $('#add-role-modal').modal('show');
 
 
 
 
176
  });
177
 
178
  $('.dataTables_filter', '#role-list_wrapper').append(create);
@@ -630,10 +635,13 @@
630
  url: aamLocal.ajaxurl,
631
  type: 'POST',
632
  dataType: 'json',
633
- data: {
634
- action: 'aam',
635
- sub_action: 'Subject_User.getTable',
636
- _ajax_nonce: aamLocal.nonce
 
 
 
637
  }
638
  },
639
  columnDefs: [
@@ -650,11 +658,48 @@
650
  var create = $('<a/>', {
651
  'href': '#',
652
  'class': 'btn btn-primary'
653
- }).html('<i class="icon-plus"></i> ' + aam.__('Create')).bind('click', function () {
 
 
654
  window.open(aamLocal.url.addUser, '_blank');
 
 
 
 
655
  });
656
 
657
  $('.dataTables_filter', '#user-list_wrapper').append(create);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
658
  }
659
  },
660
  createdRow: function (row, data) {
@@ -2446,8 +2491,8 @@
2446
  }
2447
  },
2448
  columnDefs: [
2449
- {visible: false, targets: [0]},
2450
- {className: 'text-center', targets: [1]}
2451
  ],
2452
  language: {
2453
  search: '_INPUT_',
@@ -2463,7 +2508,11 @@
2463
  'class': 'aam-api-method ' + data[1].toLowerCase()
2464
  }).text(data[1]);
2465
 
2466
- $('td:eq(0)', row).html(method);
 
 
 
 
2467
 
2468
  var actions = data[3].split(',');
2469
 
@@ -2490,7 +2539,7 @@
2490
  break;
2491
  }
2492
  });
2493
- $('td:eq(2)', row).html(container);
2494
  }
2495
  });
2496
 
@@ -2692,6 +2741,39 @@
2692
  });
2693
  });
2694
  });
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2695
 
2696
  //bind the download handler
2697
  $('#download-extension').bind('click', function () {
169
  var create = $('<a/>', {
170
  'href': '#',
171
  'class': 'btn btn-primary'
172
+ })
173
+ .html('<i class="icon-plus"></i>')
174
  .bind('click', function () {
175
  resetForm('#add-role-modal .modal-body');
176
  $('#add-role-modal').modal('show');
177
+ })
178
+ .attr({
179
+ 'data-toggle': "tooltip",
180
+ 'title': aam.__('Create New Role')
181
  });
182
 
183
  $('.dataTables_filter', '#role-list_wrapper').append(create);
635
  url: aamLocal.ajaxurl,
636
  type: 'POST',
637
  dataType: 'json',
638
+ data: function(params) {
639
+ params.action = 'aam';
640
+ params.sub_action = 'Subject_User.getTable';
641
+ params._ajax_nonce = aamLocal.nonce;
642
+ params.role = $('#user-list-filter').val();
643
+
644
+ return params;
645
  }
646
  },
647
  columnDefs: [
658
  var create = $('<a/>', {
659
  'href': '#',
660
  'class': 'btn btn-primary'
661
+ })
662
+ .html('<i class="icon-plus"></i> ')
663
+ .bind('click', function () {
664
  window.open(aamLocal.url.addUser, '_blank');
665
+ })
666
+ .attr({
667
+ 'data-toggle': "tooltip",
668
+ 'title': aam.__('Create New User')
669
  });
670
 
671
  $('.dataTables_filter', '#user-list_wrapper').append(create);
672
+
673
+ var filter = $('<select>').attr({
674
+ 'class': 'user-filter',
675
+ 'id': 'user-list-filter'
676
+ })
677
+ .html('<option value="">' + aam.__('Loading roles...') + '</option>')
678
+ .bind('change', function() {
679
+ $('#user-list').DataTable().ajax.reload();
680
+ });
681
+
682
+ $('.dataTables_filter', '#user-list_wrapper').append(filter);
683
+
684
+ $.ajax(aamLocal.ajaxurl, {
685
+ type: 'POST',
686
+ dataType: 'json',
687
+ data: {
688
+ action: 'aam',
689
+ sub_action: 'Subject_Role.getList',
690
+ _ajax_nonce: aamLocal.nonce
691
+ },
692
+ success: function (response) {
693
+ $('#user-list-filter').html(
694
+ '<option value="">' + aam.__('Select Role') + '</option>'
695
+ );
696
+ for (var i in response) {
697
+ $('#user-list-filter').append(
698
+ '<option value="' + i + '">' + response[i].name + '</option>'
699
+ );
700
+ }
701
+ }
702
+ });
703
  }
704
  },
705
  createdRow: function (row, data) {
2491
  }
2492
  },
2493
  columnDefs: [
2494
+ // {visible: false, targets: [0]},
2495
+ {className: 'text-center', targets: [0, 1]}
2496
  ],
2497
  language: {
2498
  search: '_INPUT_',
2508
  'class': 'aam-api-method ' + data[1].toLowerCase()
2509
  }).text(data[1]);
2510
 
2511
+ $('td:eq(0)', row).html(
2512
+ '<small>' + (data[0] === 'restful' ? 'JSON' : 'XML') + '</small>'
2513
+ );
2514
+
2515
+ $('td:eq(1)', row).html(method);
2516
 
2517
  var actions = data[3].split(',');
2518
 
2539
  break;
2540
  }
2541
  });
2542
+ $('td:eq(3)', row).html(container);
2543
  }
2544
  });
2545
 
2741
  });
2742
  });
2743
  });
2744
+
2745
+ $('#fix-extension-dir-issue').bind('click', function(event) {
2746
+ event.preventDefault();
2747
+
2748
+ $('i', this).attr('class', 'icon-spin4 animate-spin');
2749
+
2750
+ $.ajax(aamLocal.ajaxurl, {
2751
+ type: 'POST',
2752
+ dataType: 'json',
2753
+ data: {
2754
+ action: 'aam',
2755
+ sub_action: 'Extension_Manager.fixDirectoryIssue',
2756
+ _ajax_nonce: aamLocal.nonce
2757
+ },
2758
+ success: function(response) {
2759
+ if (response.status === 'success') {
2760
+ $('#extension-dir-warning').remove();
2761
+ aam.notification(
2762
+ 'success',
2763
+ aam.__('The issue has been resolved')
2764
+ );
2765
+ } else {
2766
+ $('#extension-dir-issue-modal').modal('show');
2767
+ }
2768
+ },
2769
+ error: function() {
2770
+ aam.notification('danger', aam.__('Application error'));
2771
+ },
2772
+ complete: function () {
2773
+ $('i', '#fix-extension-dir-issue').attr('class', 'icon-wrench');
2774
+ }
2775
+ });
2776
+ });
2777
 
2778
  //bind the download handler
2779
  $('#download-extension').bind('click', function () {
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: vasyltech
3
  Tags: access, role, user, capability, page access, post access, content access, comments, security, login redirect, membership, backend lockdown, wp-admin, 404, rest api, xml rpc
4
  Requires at least: 4.0
5
  Tested up to: 4.9.6
6
- Stable tag: 5.3.4
7
 
8
  The most powerful access management plugin for WordPress websites.
9
 
@@ -66,6 +66,13 @@ https://www.youtube.com/watch?v=yiOhjaacNJc
66
 
67
  == Changelog ==
68
 
 
 
 
 
 
 
 
69
  = 5.3.4 =
70
  * Fixed incompatibility issue with plugins that use "plugins_loaded" hook for post manipulations
71
  * Fixed the bug with AAM_Api_Rest_Resource_User
3
  Tags: access, role, user, capability, page access, post access, content access, comments, security, login redirect, membership, backend lockdown, wp-admin, 404, rest api, xml rpc
4
  Requires at least: 4.0
5
  Tested up to: 4.9.6
6
+ Stable tag: 5.3.5
7
 
8
  The most powerful access management plugin for WordPress websites.
9
 
66
 
67
  == Changelog ==
68
 
69
+ = 5.3.5 =
70
+ * Fixed bug with post LIST & LIST TO OTHERS when access is set to term in odd order
71
+ * Fixed bug that potentially did not filter posts during search
72
+ * Added notification to the UI that extension folder does not exist or is not writable
73
+ * Added XML-RPC endpoint control
74
+ * Added ability to filter list of users by roles on the Users/Roles Manager panel
75
+
76
  = 5.3.4 =
77
  * Fixed incompatibility issue with plugins that use "plugins_loaded" hook for post manipulations
78
  * Fixed the bug with AAM_Api_Rest_Resource_User