Advanced Access Manager

Version Description

Fixed the bug with publish pages not being managed correctly
Fixed the bug with getting correct post from the list of posts
Significantly enhanced AAM UI security
Added ability to toggle default term for any post type
Added ability to assign multiple roles per user

Release Info

Developer	vasyltech
Plugin	Advanced Access Manager
Version	5.9
Comparing to
See all releases

Code changes from version 5.8.3 to 5.9

Files changed (73) hide show

Application/Api/Rest/Resource/Post.php +4 -4
Application/Api/Rest/Resource/User.php +1 -1
Application/Backend/Feature.php +3 -3
Application/Backend/Feature/Abstract.php +1 -1
Application/Backend/Feature/Extension/Manager.php +8 -4
Application/Backend/Feature/Main/404Redirect.php +11 -0
Application/Backend/Feature/Main/Capability.php +35 -0
Application/Backend/Feature/Main/LoginRedirect.php +35 -0
Application/Backend/Feature/Main/LogoutRedirect.php +35 -0
Application/Backend/Feature/Main/Menu.php +19 -0
Application/Backend/Feature/Main/Metabox.php +39 -0
Application/Backend/Feature/Main/Policy.php +28 -9
Application/Backend/Feature/Main/Post.php +22 -6
Application/Backend/Feature/Main/Redirect.php +35 -0
Application/Backend/Feature/Main/Route.php +19 -0
Application/Backend/Feature/Main/Toolbar.php +19 -0
Application/Backend/Feature/Main/Uri.php +19 -0
Application/Backend/Feature/Settings/ConfigPress.php +12 -1
Application/Backend/Feature/Settings/Content.php +12 -1
Application/Backend/Feature/Settings/Core.php +13 -2
Application/Backend/Feature/Settings/Manager.php +21 -10
Application/Backend/Feature/Settings/Security.php +15 -4
Application/Backend/Feature/Subject/Role.php +48 -38
Application/Backend/Feature/Subject/User.php +71 -17
Application/Backend/Filter.php +2 -2
Application/Backend/Manager.php +58 -22
Application/Backend/Subject.php +13 -3
Application/Backend/View.php +64 -175
Application/Backend/View/PostOptionList.php +3 -3
Application/Backend/phtml/index.phtml +43 -31
Application/Backend/phtml/main-panel.phtml +2 -2
Application/Backend/phtml/main/capability.phtml +1 -1
Application/Backend/phtml/main/get-started.phtml +1 -1
Application/Backend/phtml/main/login-redirect.phtml +1 -1
Application/Backend/phtml/main/menu.phtml +4 -2
Application/Backend/phtml/main/metabox.phtml +1 -1
Application/Backend/phtml/main/policy.phtml +1 -1
Application/Backend/phtml/main/post.phtml +2 -2
Application/Backend/phtml/main/redirect.phtml +1 -1
Application/Backend/phtml/main/route.phtml +1 -1
Application/Backend/phtml/main/uri.phtml +1 -1
Application/Backend/phtml/metabox/metabox-content.phtml +6 -4
Application/Backend/phtml/metabox/policy-metabox.phtml +5 -5
Application/Backend/phtml/metabox/policy-principal-metabox.phtml +1 -1
Application/Backend/phtml/metabox/post-metabox.phtml +1 -1
Application/Backend/phtml/metabox/term-metabox.phtml +1 -1
Application/Backend/phtml/settings/configpress.phtml +1 -1
Application/Backend/phtml/user/multiple-roles.phtml +30 -0
Application/Backend/phtml/widget/login-backend.phtml +1 -1
Application/Backend/phtml/widget/login-frontend.phtml +1 -1
Application/Core/API.php +4 -2
Application/Core/ConfigPress/Evaluator.php +1 -1
Application/Core/Gateway.php +1 -1
Application/Core/Object/Menu.php +1 -1
Application/Core/Object/Policy.php +8 -3
Application/Core/Object/Post.php +1 -1
Application/Core/Policy/Condition.php +31 -31
Application/Core/Policy/Manager.php +31 -4
Application/Core/Policy/Token.php +15 -4
Application/Core/Policy/Validator.php +6 -6
Application/Core/Subject/Default.php +8 -0
Application/Core/Subject/User.php +3 -3
Application/Extension/List.php +3 -3
Application/Extension/Repository.php +15 -15
Application/Frontend/Authorization.php +1 -1
Application/Frontend/Filter.php +2 -2
Application/Frontend/Manager.php +1 -1
Application/Frontend/phtml/login.phtml +1 -1
Application/Shared/Manager.php +11 -14
aam.php +1 -1
media/css/aam.css +1 -0
media/js/{aam-5.8.js → aam-5.9.js} +284 -112
readme.txt +24 -17

Application/Api/Rest/Resource/Post.php CHANGED Viewed

	@@ -102,9 +102,9 @@ class AAM_Api_Rest_Resource_Post {
102	* @param AAM_Core_Object_Post $post
103	* @return type
104	*/
105	- protected function ~~authorizePUblish~~(AAM_Core_Object_Post $post) {
106	$steps = array(
107	- // Step #1. Check if publish action is ~~alloed~~
108	array($this, 'checkPublish'),
109	);
110
	@@ -118,7 +118,7 @@ class AAM_Api_Rest_Resource_Post {
118	*/
119	protected function authorizeUpdate(AAM_Core_Object_Post $post) {
120	$steps = array(
121	- // Step #1. Check if edit action is ~~alloed~~
122	array($this, 'checkUpdate'),
123	);
124
	@@ -132,7 +132,7 @@ class AAM_Api_Rest_Resource_Post {
132	*/
133	protected function authorizeDelete(AAM_Core_Object_Post $post) {
134	$steps = array(
135	- // Step #1. Check if edit action is ~~alloed~~
136	array($this, 'checkDelete'),
137	);
138


102	* @param AAM_Core_Object_Post $post
103	* @return type
104	*/
105	+ protected function authorizePublish(AAM_Core_Object_Post $post) {
106	$steps = array(
107	+ // Step #1. Check if publish action is allowed
108	array($this, 'checkPublish'),
109	);
110

118	*/
119	protected function authorizeUpdate(AAM_Core_Object_Post $post) {
120	$steps = array(
121	+ // Step #1. Check if edit action is allowed
122	array($this, 'checkUpdate'),
123	);
124

132	*/
133	protected function authorizeDelete(AAM_Core_Object_Post $post) {
134	$steps = array(
135	+ // Step #1. Check if edit action is allowed
136	array($this, 'checkDelete'),
137	);
138

Application/Api/Rest/Resource/User.php CHANGED Viewed

	@@ -73,7 +73,7 @@ class AAM_Api_Rest_Resource_User {
73	/**
74	* Alias for the bootstrap
75	*
76	- * @return ~~AAM_Api_Restf_Resource_User~~
77	*
78	* @access public
79	* @static


73	/**
74	* Alias for the bootstrap
75	*
76	+ * @return AAM_Api_Rest_Resource_User
77	*
78	* @access public
79	* @static

Application/Backend/Feature.php CHANGED Viewed

	@@ -51,8 +51,8 @@ class AAM_Backend_Feature {
51	} else {
52	$show = true;
53	}
54	-
55	- if ($show && ~~AAM::getUser~~(~~)->hasCapability(~~$cap)) {
56	self::$_features[] = $feature;
57	$response = true;
58	}
	@@ -112,7 +112,7 @@ class AAM_Backend_Feature {
112	* @access public
113	* @static
114	*/
115	- public static function ~~retriveList~~($type) {
116	$response = array();
117
118	$subject = AAM_Backend_Subject::getInstance()->getUID();


51	} else {
52	$show = true;
53	}
54	+
55	+ if ($show && current_user_can($cap)) {
56	self::$_features[] = $feature;
57	$response = true;
58	}

112	* @access public
113	* @static
114	*/
115	+ public static function retrieveList($type) {
116	$response = array();
117
118	$subject = AAM_Backend_Subject::getInstance()->getUID();

Application/Backend/Feature/Abstract.php CHANGED Viewed

	@@ -24,7 +24,7 @@ abstract class AAM_Backend_Feature_Abstract {
24	* @throws Exception
25	*/
26	public function __construct() {
27	- if (!~~AAM::getUser~~(~~)->hasCapability(~~'aam_manager')) {
28	AAM_Core_API::reject(
29	'backend', array('hook' => 'aam_manager')
30	);


24	* @throws Exception
25	*/
26	public function __construct() {
27	+ if (!current_user_can('aam_manager')) {
28	AAM_Core_API::reject(
29	'backend', array('hook' => 'aam_manager')
30	);

Application/Backend/Feature/Extension/Manager.php CHANGED Viewed

	@@ -28,7 +28,9 @@ class AAM_Backend_Feature_Extension_Manager extends AAM_Backend_Feature_Abstract
28	parent::__construct();
29
30	if (AAM_Core_Config::get('core.settings.extensionSupport', true) === false) {
31	- ~~AAM_Core_API~~::~~reject~~('~~backend~~');


32	}
33	}
34
	@@ -149,13 +151,15 @@ class AAM_Backend_Feature_Extension_Manager extends AAM_Backend_Feature_Abstract
149	* @return type
150	*/
151	public function fixDirectoryIssue() {
152	- $~~dirname~~ = AAM_Extension_Repository::getInstance()~~->getBasedir()~~;


153	if (file_exists($dirname) === false) {
154	- @mkdir($dirname, fileperms( ABSPATH ) & 0777 \| 0755, true);
155	}
156
157	return wp_json_encode(array(
158	- 'status' => (~~AAM_Extension_Repository::getInstance()~~->isWriteableDirectory() ? 'success' : 'failed')
159	));
160	}
161


28	parent::__construct();
29
30	if (AAM_Core_Config::get('core.settings.extensionSupport', true) === false) {
31	+ AAM::api()->denyAccess(array('reason' => 'core.settings.extensionSupport'));
32	+ } elseif (!current_user_can('aam_manage_extensions')) {
33	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_extensions'));
34	}
35	}
36

151	* @return type
152	*/
153	public function fixDirectoryIssue() {
154	+ $repo = AAM_Extension_Repository::getInstance();
155	+ $dirname = $repo->getBasedir();
156	+
157	if (file_exists($dirname) === false) {
158	+ @mkdir($dirname, fileperms(ABSPATH) & 0777 \| 0755, true);
159	}
160
161	return wp_json_encode(array(
162	+ 'status' => ($repo->isWriteableDirectory() ? 'success' : 'failed')
163	));
164	}
165

Application/Backend/Feature/Main/404Redirect.php CHANGED Viewed

@@ -15,6 +15,17 @@
              */
             class AAM_Backend_Feature_Main_404Redirect  extends AAM_Backend_Feature_Abstract {
                 /**
                  * @inheritdoc
                  */


15	*/
16	class AAM_Backend_Feature_Main_404Redirect extends AAM_Backend_Feature_Abstract {
17
18	+ /**
19	+ * Construct
20	+ */
21	+ public function __construct() {
22	+ parent::__construct();
23	+
24	+ if (!current_user_can('aam_manage_404_redirect')) {
25	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_404_redirect'));
26	+ }
27	+ }
28	+
29	/**
30	* @inheritdoc
31	*/

Application/Backend/Feature/Main/Capability.php CHANGED Viewed

@@ -59,6 +59,41 @@ class AAM_Backend_Feature_Main_Capability extends AAM_Backend_Feature_Abstract {
                         'aam_delete_policies', 'aam_edit_policies', 'aam_edit_other_policies', 'aam_publish_policies'
+                    )
                 );
                 /**
+                 *


59	'aam_delete_policies', 'aam_edit_policies', 'aam_edit_other_policies', 'aam_publish_policies'
60	)
61	);
62	+
63	+ /**
64	+ * Construct
65	+ */
66	+ public function __construct() {
67	+ parent::__construct();
68	+
69	+ if (!current_user_can('aam_manage_capabilities')) {
70	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_capabilities'));
71	+ }
72	+ }
73	+
74	+ /**
75	+ * Undocumented function
76	+ *
77	+ * @return void
78	+ */
79	+ public function save() {
80	+ $cap = AAM_Core_Request::post('capability');
81	+ $status = AAM_Core_Request::post('status');
82	+
83	+ $object = AAM_Backend_Subject::getInstance()->getObject('capability');
84	+
85	+ $object->save($cap, $status);
86	+
87	+ return wp_json_encode(array('status' => 'success'));
88	+ }
89	+
90	+ /**
91	+ *
92	+ * @return type
93	+ */
94	+ public function reset() {
95	+ return AAM_Backend_Subject::getInstance()->resetObject('capability');
96	+ }
97
98	/**
99	*

Application/Backend/Feature/Main/LoginRedirect.php CHANGED Viewed

@@ -15,6 +15,41 @@
              */
             class AAM_Backend_Feature_Main_LoginRedirect extends AAM_Backend_Feature_Abstract {
                 /**
+                 *
                  * @return type


15	*/
16	class AAM_Backend_Feature_Main_LoginRedirect extends AAM_Backend_Feature_Abstract {
17
18	+ /**
19	+ * Construct
20	+ */
21	+ public function __construct() {
22	+ parent::__construct();
23	+
24	+ if (!current_user_can('aam_manage_login_redirect')) {
25	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_login_redirect'));
26	+ }
27	+ }
28	+
29	+ /**
30	+ * Undocumented function
31	+ *
32	+ * @return void
33	+ */
34	+ public function save() {
35	+ $param = AAM_Core_Request::post('param');
36	+ $value = AAM_Core_Request::post('value');
37	+
38	+ $object = AAM_Backend_Subject::getInstance()->getObject('loginRedirect');
39	+
40	+ $object->save($param, $value);
41	+
42	+ return wp_json_encode(array('status' => 'success'));
43	+ }
44	+
45	+ /**
46	+ *
47	+ * @return type
48	+ */
49	+ public function reset() {
50	+ return AAM_Backend_Subject::getInstance()->resetObject('loginRedirect');
51	+ }
52	+
53	/**
54	*
55	* @return type

Application/Backend/Feature/Main/LogoutRedirect.php CHANGED Viewed

@@ -15,6 +15,41 @@
              */
             class AAM_Backend_Feature_Main_LogoutRedirect extends AAM_Backend_Feature_Abstract {
                 /**
+                 *
                  * @return type


15	*/
16	class AAM_Backend_Feature_Main_LogoutRedirect extends AAM_Backend_Feature_Abstract {
17
18	+ /**
19	+ * Construct
20	+ */
21	+ public function __construct() {
22	+ parent::__construct();
23	+
24	+ if (!current_user_can('aam_manage_logout_redirect')) {
25	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_logout_redirect'));
26	+ }
27	+ }
28	+
29	+ /**
30	+ * Undocumented function
31	+ *
32	+ * @return void
33	+ */
34	+ public function save() {
35	+ $param = AAM_Core_Request::post('param');
36	+ $value = AAM_Core_Request::post('value');
37	+
38	+ $object = AAM_Backend_Subject::getInstance()->getObject('logoutRedirect');
39	+
40	+ $object->save($param, $value);
41	+
42	+ return wp_json_encode(array('status' => 'success'));
43	+ }
44	+
45	+ /**
46	+ *
47	+ * @return type
48	+ */
49	+ public function reset() {
50	+ return AAM_Backend_Subject::getInstance()->resetObject('logoutRedirect');
51	+ }
52	+
53	/**
54	*
55	* @return type

Application/Backend/Feature/Main/Menu.php CHANGED Viewed

	@@ -14,6 +14,17 @@
14	* @author Vasyl Martyniuk <vasyl@vasyltech.com>
15	*/
16	class AAM_Backend_Feature_Main_Menu extends AAM_Backend_Feature_Abstract {











17
18	/**
19	* Undocumented function
	@@ -34,6 +45,14 @@ class AAM_Backend_Feature_Main_Menu extends AAM_Backend_Feature_Abstract {
34
35	return wp_json_encode(array('status' => 'success'));
36	}








37
38	/**
39	* Get subject's menu


14	* @author Vasyl Martyniuk <vasyl@vasyltech.com>
15	*/
16	class AAM_Backend_Feature_Main_Menu extends AAM_Backend_Feature_Abstract {
17	+
18	+ /**
19	+ * Construct
20	+ */
21	+ public function __construct() {
22	+ parent::__construct();
23	+
24	+ if (!current_user_can('aam_manage_admin_menu')) {
25	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_admin_menu'));
26	+ }
27	+ }
28
29	/**
30	* Undocumented function

45
46	return wp_json_encode(array('status' => 'success'));
47	}
48	+
49	+ /**
50	+ *
51	+ * @return type
52	+ */
53	+ public function reset() {
54	+ return AAM_Backend_Subject::getInstance()->resetObject('menu');
55	+ }
56
57	/**
58	* Get subject's menu

Application/Backend/Feature/Main/Metabox.php CHANGED Viewed

@@ -15,6 +15,45 @@
              */
             class AAM_Backend_Feature_Main_Metabox extends AAM_Backend_Feature_Abstract {
                 /**
                  * @inheritdoc
                  */


15	*/
16	class AAM_Backend_Feature_Main_Metabox extends AAM_Backend_Feature_Abstract {
17
18	+ /**
19	+ * Construct
20	+ */
21	+ public function __construct() {
22	+ parent::__construct();
23	+
24	+ if (!current_user_can('aam_manage_metaboxes')) {
25	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_metaboxes'));
26	+ }
27	+ }
28	+
29	+ /**
30	+ * Undocumented function
31	+ *
32	+ * @return void
33	+ */
34	+ public function save() {
35	+ $items = AAM_Core_Request::post('items', array());
36	+ $status = AAM_Core_Request::post('status');
37	+
38	+ $object = AAM_Backend_Subject::getInstance()->getObject('metabox');
39	+
40	+ foreach($items as $item) {
41	+ $object->updateOptionItem($item, $status);
42	+ }
43	+
44	+ $object->save();
45	+
46	+ return wp_json_encode(array('status' => 'success'));
47	+ }
48	+
49	+ /**
50	+ *
51	+ * @return type
52	+ */
53	+ public function reset() {
54	+ return AAM_Backend_Subject::getInstance()->resetObject('metabox');
55	+ }
56	+
57	/**
58	* @inheritdoc
59	*/

Application/Backend/Feature/Main/Policy.php CHANGED Viewed

	@@ -74,17 +74,32 @@ class AAM_Backend_Feature_Main_Policy extends AAM_Backend_Feature_Abstract {
74	$subject = AAM_Backend_Subject::getInstance();
75	$id = AAM_Core_Request::post('id');
76	$effect = AAM_Core_Request::post('effect');







77
78	- ~~//clear~~ ~~cache~~
79	- ~~AAM_Core_API::clearCache();~~
80	-
81	- ~~$result = $subject->save($id, $effect, 'policy');~~
82
83	return wp_json_encode(array(
84	'status' => ($result ? 'success' : 'failure')
85	));
86	}
87








88	/**
89	* @inheritdoc
90	*/
	@@ -186,12 +201,16 @@ class AAM_Backend_Feature_Main_Policy extends AAM_Backend_Feature_Abstract {
186	protected function buildActionList($record) {
187	//'assign,edit,clone,delete'
188	$subject = AAM_Backend_Subject::getInstance();
189	- $~~object~~ = $subject->getObject('policy');
190	- $~~actions~~ = ~~array~~();



191
192	- $actions[] = ~~$object->has~~(~~$record->ID) ? 'unassign' : 'assign';~~
193	- $~~actions[]~~ = ~~'edit';~~
194	- $~~actions[]~~ = '~~delete~~';

195
196	return implode(',', $actions);
197	}


74	$subject = AAM_Backend_Subject::getInstance();
75	$id = AAM_Core_Request::post('id');
76	$effect = AAM_Core_Request::post('effect');
77	+
78	+ $action = (!empty($effect) ? 'attach' : 'detach');
79	+
80	+ // Verify that current user can perform following action
81	+ if (AAM_Core_Policy_Factory::get()->canTogglePolicy($id, $action)) {
82	+ //clear cache
83	+ AAM_Core_API::clearCache();
84
85	+ $result = $subject->save($id, $effect, 'policy');
86	+ } else {
87	+ $result = false;
88	+ }
89
90	return wp_json_encode(array(
91	'status' => ($result ? 'success' : 'failure')
92	));
93	}
94
95	+ /**
96	+ *
97	+ * @return type
98	+ */
99	+ public function reset() {
100	+ return AAM_Backend_Subject::getInstance()->resetObject('policy');
101	+ }
102	+
103	/**
104	* @inheritdoc
105	*/

201	protected function buildActionList($record) {
202	//'assign,edit,clone,delete'
203	$subject = AAM_Backend_Subject::getInstance();
204	+ $policy = $subject->getObject('policy');
205	+ $post = $subject->getObject('post', $record->ID);
206	+
207	+ $action = $policy->has($record->ID) ? 'detach' : 'attach';
208	+ $prefix = AAM_Core_Policy_Factory::get()->canTogglePolicy($record->ID, $action) ? '' : 'no-';
209
210	+ $actions = array(
211	+ $policy->has($record->ID) ? "{$prefix}detach" : "{$prefix}attach",
212	+ $post->has('backend.edit') ? 'no-edit' : 'edit'
213	+ );
214
215	return implode(',', $actions);
216	}

Application/Backend/Feature/Main/Post.php CHANGED Viewed

	@@ -15,6 +15,17 @@
15	*/
16	class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
17











18	/**
19	* Get list for the table
20	*
	@@ -57,7 +68,12 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
57	$type->labels->name,
58	'drilldown,manage',
59	null,
60	- apply_filters(~~'aam-type-override-status', false, $type->name, AAM_Backend_Subject::getInstance())~~





61	);
62	}
63
	@@ -122,6 +138,7 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
122	*/
123	protected function retrieveTypeContent($type) {
124	$list = $this->prepareContentList($type);

125	$response = array(
126	'data' => array(),
127	'recordsTotal' => $list->total,
	@@ -158,21 +175,21 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
158	get_the_title($record),
159	'manage' . ($link ? ',edit' : ',no-edit'),
160	$parent,
161	- ~~AAM_Backend_Subject::getInstance()~~->getObject('post', $record->ID)->isOverwritten()
162	);
163	} else { //term
164	$response['data'][] = array(
165	- $record->term_id . '\|' . $record->taxonomy,
166	get_edit_term_link($record->term_id, $record->taxonomy),
167	'term',
168	$record->name,
169	- 'manage,edit',
170	rtrim($this->getParentTermList($record), '/'),
171	apply_filters(
172	'aam-term-override-status',
173	false,
174	$record->term_id . '\|' . $record->taxonomy,
175	- ~~AAM_Backend_Subject::getInstance()~~
176	)
177	);
178	}
	@@ -563,7 +580,6 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
563
564	/**
565	*
566	- * @staticvar type $list
567	* @param type $area
568	* @return type
569	*/


15	*/
16	class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
17
18	+ /**
19	+ * Construct
20	+ */
21	+ public function __construct() {
22	+ parent::__construct();
23	+
24	+ if (!current_user_can('aam_manage_posts')) {
25	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_posts'));
26	+ }
27	+ }
28	+
29	/**
30	* Get list for the table
31	*

68	$type->labels->name,
69	'drilldown,manage',
70	null,
71	+ apply_filters(
72	+ 'aam-type-override-status',
73	+ false,
74	+ $type->name,
75	+ AAM_Backend_Subject::getInstance()
76	+ )
77	);
78	}
79

138	*/
139	protected function retrieveTypeContent($type) {
140	$list = $this->prepareContentList($type);
141	+ $subject = AAM_Backend_Subject::getInstance();
142	$response = array(
143	'data' => array(),
144	'recordsTotal' => $list->total,

175	get_the_title($record),
176	'manage' . ($link ? ',edit' : ',no-edit'),
177	$parent,
178	+ $subject->getObject('post', $record->ID)->isOverwritten()
179	);
180	} else { //term
181	$response['data'][] = array(
182	+ $record->term_id . '\|' . $record->taxonomy . '\|' . $type,
183	get_edit_term_link($record->term_id, $record->taxonomy),
184	'term',
185	$record->name,
186	+ implode(',', apply_filters('aam-term-row-actions', array('manage', 'edit'), $subject, $record, $type)),
187	rtrim($this->getParentTermList($record), '/'),
188	apply_filters(
189	'aam-term-override-status',
190	false,
191	$record->term_id . '\|' . $record->taxonomy,
192	+ $subject
193	)
194	);
195	}

580
581	/**
582	*

583	* @param type $area
584	* @return type
585	*/

Application/Backend/Feature/Main/Redirect.php CHANGED Viewed

@@ -15,6 +15,41 @@
              */
             class AAM_Backend_Feature_Main_Redirect extends AAM_Backend_Feature_Abstract {
                 /**
+                 *
                  * @return type


15	*/
16	class AAM_Backend_Feature_Main_Redirect extends AAM_Backend_Feature_Abstract {
17
18	+ /**
19	+ * Construct
20	+ */
21	+ public function __construct() {
22	+ parent::__construct();
23	+
24	+ if (!current_user_can('aam_manage_access_denied_redirect')) {
25	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_access_denied_redirect'));
26	+ }
27	+ }
28	+
29	+ /**
30	+ * Undocumented function
31	+ *
32	+ * @return void
33	+ */
34	+ public function save() {
35	+ $param = AAM_Core_Request::post('param');
36	+ $value = AAM_Core_Request::post('value');
37	+
38	+ $object = AAM_Backend_Subject::getInstance()->getObject('redirect');
39	+
40	+ $object->save($param, $value);
41	+
42	+ return wp_json_encode(array('status' => 'success'));
43	+ }
44	+
45	+ /**
46	+ *
47	+ * @return type
48	+ */
49	+ public function reset() {
50	+ return AAM_Backend_Subject::getInstance()->resetObject('redirect');
51	+ }
52	+
53	/**
54	*
55	* @return type

Application/Backend/Feature/Main/Route.php CHANGED Viewed

	@@ -15,6 +15,17 @@
15	*/
16	class AAM_Backend_Feature_Main_Route extends AAM_Backend_Feature_Abstract {
17











18	/**
19	*
20	* @return type
	@@ -41,6 +52,14 @@ class AAM_Backend_Feature_Main_Route extends AAM_Backend_Feature_Abstract {
41
42	return wp_json_encode(array('status' => 'success'));
43	}








44
45	/**
46	* @inheritdoc


15	*/
16	class AAM_Backend_Feature_Main_Route extends AAM_Backend_Feature_Abstract {
17
18	+ /**
19	+ * Construct
20	+ */
21	+ public function __construct() {
22	+ parent::__construct();
23	+
24	+ if (!current_user_can('aam_manage_api_routes')) {
25	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_api_routes'));
26	+ }
27	+ }
28	+
29	/**
30	*
31	* @return type

52
53	return wp_json_encode(array('status' => 'success'));
54	}
55	+
56	+ /**
57	+ *
58	+ * @return type
59	+ */
60	+ public function reset() {
61	+ return AAM_Backend_Subject::getInstance()->resetObject('route');
62	+ }
63
64	/**
65	* @inheritdoc

Application/Backend/Feature/Main/Toolbar.php CHANGED Viewed

	@@ -14,6 +14,17 @@
14	* @author Vasyl Martyniuk <vasyl@vasyltech.com>
15	*/
16	class AAM_Backend_Feature_Main_Toolbar extends AAM_Backend_Feature_Abstract {











17
18	/**
19	* Undocumented function
	@@ -34,6 +45,14 @@ class AAM_Backend_Feature_Main_Toolbar extends AAM_Backend_Feature_Abstract {
34
35	return wp_json_encode(array('status' => 'success'));
36	}








37
38	/**
39	* Get subject's menu


14	* @author Vasyl Martyniuk <vasyl@vasyltech.com>
15	*/
16	class AAM_Backend_Feature_Main_Toolbar extends AAM_Backend_Feature_Abstract {
17	+
18	+ /**
19	+ * Construct
20	+ */
21	+ public function __construct() {
22	+ parent::__construct();
23	+
24	+ if (!current_user_can('aam_manage_admin_toolbar')) {
25	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_admin_toolbar'));
26	+ }
27	+ }
28
29	/**
30	* Undocumented function

45
46	return wp_json_encode(array('status' => 'success'));
47	}
48	+
49	+ /**
50	+ *
51	+ * @return type
52	+ */
53	+ public function reset() {
54	+ return AAM_Backend_Subject::getInstance()->resetObject('toolbar');
55	+ }
56
57	/**
58	* Get subject's menu

Application/Backend/Feature/Main/Uri.php CHANGED Viewed

	@@ -15,6 +15,17 @@
15	*/
16	class AAM_Backend_Feature_Main_Uri extends AAM_Backend_Feature_Abstract {
17











18	/**
19	*
20	* @return type
	@@ -44,6 +55,14 @@ class AAM_Backend_Feature_Main_Uri extends AAM_Backend_Feature_Abstract {
44	return wp_json_encode(array('status' => 'success'));
45	}
46








47	/**
48	*
49	* @return type


15	*/
16	class AAM_Backend_Feature_Main_Uri extends AAM_Backend_Feature_Abstract {
17
18	+ /**
19	+ * Construct
20	+ */
21	+ public function __construct() {
22	+ parent::__construct();
23	+
24	+ if (!current_user_can('aam_manage_uri')) {
25	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_uri'));
26	+ }
27	+ }
28	+
29	/**
30	*
31	* @return type

55	return wp_json_encode(array('status' => 'success'));
56	}
57
58	+ /**
59	+ *
60	+ * @return type
61	+ */
62	+ public function reset() {
63	+ return AAM_Backend_Subject::getInstance()->resetObject('uri');
64	+ }
65	+
66	/**
67	*
68	* @return type

Application/Backend/Feature/Settings/ConfigPress.php CHANGED Viewed

	@@ -15,6 +15,17 @@
15	*/
16	class AAM_Backend_Feature_Settings_ConfigPress extends AAM_Backend_Feature_Abstract {
17











18	/**
19	* @inheritdoc
20	*/
	@@ -51,7 +62,7 @@ class AAM_Backend_Feature_Settings_ConfigPress extends AAM_Backend_Feature_Abstr
51	'uid' => 'configpress',
52	'position' => 90,
53	'title' => __('ConfigPress', AAM_KEY),
54	- 'capability' => '~~aam_manage_configpress~~',
55	'type' => 'settings',
56	'subjects' => array(
57	AAM_Core_Subject_Role::UID,


15	*/
16	class AAM_Backend_Feature_Settings_ConfigPress extends AAM_Backend_Feature_Abstract {
17
18	+ /**
19	+ * Construct
20	+ */
21	+ public function __construct() {
22	+ parent::__construct();
23	+
24	+ if (!current_user_can('aam_manage_settings')) {
25	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_settings'));
26	+ }
27	+ }
28	+
29	/**
30	* @inheritdoc
31	*/

62	'uid' => 'configpress',
63	'position' => 90,
64	'title' => __('ConfigPress', AAM_KEY),
65	+ 'capability' => 'aam_manage_settings',
66	'type' => 'settings',
67	'subjects' => array(
68	AAM_Core_Subject_Role::UID,

Application/Backend/Feature/Settings/Content.php CHANGED Viewed

	@@ -15,6 +15,17 @@
15	*/
16	class AAM_Backend_Feature_Settings_Content extends AAM_Backend_Feature_Abstract {
17











18	/**
19	* @inheritdoc
20	*/
	@@ -30,7 +41,7 @@ class AAM_Backend_Feature_Settings_Content extends AAM_Backend_Feature_Abstract
30	$settings = array(
31	'core.settings.mediaAccessControl' => array(
32	'title' => __('Media Files Access Control', AAM_KEY),
33	- 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Allow AAM to manage a physically access to all media files located in the defined by the system [uploads] folder. [Note!] This feature requires additional steps as described in %sthis article%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/~~help~~/how-to-manage-wordpress-media-access" target="_blank">', '</a>'),
34	'value' => AAM_Core_Config::get('core.settings.mediaAccessControl', false)
35	),
36	'core.settings.manageHiddenPostTypes' => array(


15	*/
16	class AAM_Backend_Feature_Settings_Content extends AAM_Backend_Feature_Abstract {
17
18	+ /**
19	+ * Construct
20	+ */
21	+ public function __construct() {
22	+ parent::__construct();
23	+
24	+ if (!current_user_can('aam_manage_settings')) {
25	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_settings'));
26	+ }
27	+ }
28	+
29	/**
30	* @inheritdoc
31	*/

41	$settings = array(
42	'core.settings.mediaAccessControl' => array(
43	'title' => __('Media Files Access Control', AAM_KEY),
44	+ 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Allow AAM to manage a physically access to all media files located in the defined by the system [uploads] folder. [Note!] This feature requires additional steps as described in %sthis article%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/article/how-to-manage-wordpress-media-access" target="_blank">', '</a>'),
45	'value' => AAM_Core_Config::get('core.settings.mediaAccessControl', false)
46	),
47	'core.settings.manageHiddenPostTypes' => array(

Application/Backend/Feature/Settings/Core.php CHANGED Viewed

	@@ -15,6 +15,17 @@
15	*/
16	class AAM_Backend_Feature_Settings_Core extends AAM_Backend_Feature_Abstract {
17











18	/**
19	* @inheritdoc
20	*/
	@@ -80,12 +91,12 @@ class AAM_Backend_Feature_Settings_Core extends AAM_Backend_Feature_Abstract {
80	),
81	'core.settings.jwtAuthentication' => array(
82	'title' => __('JWT Authentication', AAM_KEY),
83	- 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('[Note!] PHP 5.4 or higher is required for this feature. Enable the ability to authenticate user with WordPress RESTful API and JWT token. For more information, check %sHow to authenticate WordPress user with JWT token%s article', 'b'), '<a href="https://aamplugin.com/~~help~~/how-to-authenticate-wordpress-user-with-jwt-token">', '</a>'),
84	'value' => AAM_Core_Config::get('core.settings.jwtAuthentication', false)
85	),
86	'core.settings.multiSubject' => array(
87	'title' => __('Multiple Roles Support', AAM_KEY),
88	- 'descr' => sprintf(__('Enable support for multiple roles per use. The final access settings or general settings will be computed based on the mergin preferences. For more information check %sWordPress access control for users with multiple roles%s article.', AAM_KEY), '<a href="https://aamplugin.com/~~help~~/wordpress-access-control-for-users-with-multiple-roles">', '</a>'),
89	'value' => AAM_Core_Config::get('core.settings.multiSubject', false)
90	),
91	'core.settings.extensionSupport' => array(


15	*/
16	class AAM_Backend_Feature_Settings_Core extends AAM_Backend_Feature_Abstract {
17
18	+ /**
19	+ * Construct
20	+ */
21	+ public function __construct() {
22	+ parent::__construct();
23	+
24	+ if (!current_user_can('aam_manage_settings')) {
25	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_settings'));
26	+ }
27	+ }
28	+
29	/**
30	* @inheritdoc
31	*/

91	),
92	'core.settings.jwtAuthentication' => array(
93	'title' => __('JWT Authentication', AAM_KEY),
94	+ 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('[Note!] PHP 5.4 or higher is required for this feature. Enable the ability to authenticate user with WordPress RESTful API and JWT token. For more information, check %sHow to authenticate WordPress user with JWT token%s article', 'b'), '<a href="https://aamplugin.com/article/how-to-authenticate-wordpress-user-with-jwt-token">', '</a>'),
95	'value' => AAM_Core_Config::get('core.settings.jwtAuthentication', false)
96	),
97	'core.settings.multiSubject' => array(
98	'title' => __('Multiple Roles Support', AAM_KEY),
99	+ 'descr' => sprintf(__('Enable support for multiple roles per use. The final access settings or general settings will be computed based on the mergin preferences. For more information check %sWordPress access control for users with multiple roles%s article.', AAM_KEY), '<a href="https://aamplugin.com/article/wordpress-access-control-for-users-with-multiple-roles">', '</a>'),
100	'value' => AAM_Core_Config::get('core.settings.multiSubject', false)
101	),
102	'core.settings.extensionSupport' => array(

Application/Backend/Feature/Settings/Manager.php CHANGED Viewed

	@@ -16,15 +16,15 @@
16	class AAM_Backend_Feature_Settings_Manager extends AAM_Backend_Feature_Abstract {
17
18	/**
19	- * Save AAM ~~utility options~~
20	*
21	* @return string
22	*
23	* @access public
24	*/
25	public function save() {
26	- $param = ~~AAM_Core_Request::post~~('param');
27	- $value = ~~stripslashes~~(~~AAM_Core_Request::post(~~'value'));
28
29	AAM_Core_Config::set($param, $value);
30
	@@ -32,17 +32,28 @@ class AAM_Backend_Feature_Settings_Manager extends AAM_Backend_Feature_Abstract
32	}
33
34	/**
35	- * ~~Delete~~ AAM ~~utility options~~
36	*
37	* @return string
38	- *
39	* @access public
40	*/
41	- public function ~~delete~~() {
42	- ~~$param = AAM_Core_Request~~::~~post~~(~~'param'~~);
43	-
44	- ~~AAM_Core_Config::delete~~(~~$param~~);
45	-











46	return wp_json_encode(array('status' => 'success'));
47	}
48


16	class AAM_Backend_Feature_Settings_Manager extends AAM_Backend_Feature_Abstract {
17
18	/**
19	+ * Save AAM option
20	*
21	* @return string
22	*
23	* @access public
24	*/
25	public function save() {
26	+ $param = filter_input(INPUT_POST, 'param');
27	+ $value = filter_input(INPUT_POST, 'value');
28
29	AAM_Core_Config::set($param, $value);
30

32	}
33
34	/**
35	+ * Clear all AAM settings
36	*
37	* @return string
38	+ *
39	* @access public
40	*/
41	+ public function clearSettings() {
42	+ AAM_Core_API::clearSettings();
43	+
44	+ return wp_json_encode(array('status' => 'success'));
45	+ }
46	+
47	+ /**
48	+ * Clear AAM cache manually
49	+ *
50	+ * @return string
51	+ *
52	+ * @access public
53	+ */
54	+ public function clearCache() {
55	+ AAM_Core_API::clearCache();
56	+
57	return wp_json_encode(array('status' => 'success'));
58	}
59

Application/Backend/Feature/Settings/Security.php CHANGED Viewed

	@@ -15,6 +15,17 @@
15	*/
16	class AAM_Backend_Feature_Settings_Security extends AAM_Backend_Feature_Abstract {
17











18	/**
19	* @inheritdoc
20	*/
	@@ -30,22 +41,22 @@ class AAM_Backend_Feature_Settings_Security extends AAM_Backend_Feature_Abstract
30	$settings = array(
31	'core.settings.loginTimeout' => array(
32	'title' => __('Login Timeout', AAM_KEY),
33	- 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Delay the login process for 1 second (the value is configurable) to significantly reduce the chance for brute force or dictionary attack. For more information about this option please refer to %sHow does AAM Secure Login works%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/~~help~~/how-does-aam-secure-login-works" target="_blank">', '</a>'),
34	'value' => AAM_Core_Config::get('core.settings.loginTimeout', false)
35	),
36	'core.settings.loginTimeout' => array(
37	'title' => __('Login Timeout', AAM_KEY),
38	- 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Delay the login process for 1 second (the value is configurable) to significantly reduce the chance for brute force or dictionary attack. For more information about this option please refer to %sHow does AAM Secure Login works%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/~~help~~/how-does-aam-secure-login-works" target="_blank">', '</a>'),
39	'value' => AAM_Core_Config::get('core.settings.loginTimeout', false)
40	),
41	'core.settings.singleSession' => array(
42	'title' => __('One Session Per User', AAM_KEY),
43	- 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Automatically destroy all other sessions for a user if he/she tries to login from different location. For more information about this option please refer to %sHow does AAM Secure Login works%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/~~help~~/how-does-aam-secure-login-works" target="_blank">', '</a>'),
44	'value' => AAM_Core_Config::get('core.settings.singleSession', false)
45	),
46	'core.settings.bruteForceLockout' => array(
47	'title' => __('Brute Force Lockout', AAM_KEY),
48	- 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Automatically reject login attempts if number of unsuccessful login attempts is more than 20 over the period of 2 minutes (both values are configurable). For more information about this option please refer to %sHow does AAM Secure Login works%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/~~help~~/how-does-aam-secure-login-works" target="_blank">', '</a>'),
49	'value' => AAM_Core_Config::get('core.settings.bruteForceLockout', false)
50	),
51	);


15	*/
16	class AAM_Backend_Feature_Settings_Security extends AAM_Backend_Feature_Abstract {
17
18	+ /**
19	+ * Construct
20	+ */
21	+ public function __construct() {
22	+ parent::__construct();
23	+
24	+ if (!current_user_can('aam_manage_settings')) {
25	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_settings'));
26	+ }
27	+ }
28	+
29	/**
30	* @inheritdoc
31	*/

41	$settings = array(
42	'core.settings.loginTimeout' => array(
43	'title' => __('Login Timeout', AAM_KEY),
44	+ 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Delay the login process for 1 second (the value is configurable) to significantly reduce the chance for brute force or dictionary attack. For more information about this option please refer to %sHow does AAM Secure Login works%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/article/how-does-aam-secure-login-works" target="_blank">', '</a>'),
45	'value' => AAM_Core_Config::get('core.settings.loginTimeout', false)
46	),
47	'core.settings.loginTimeout' => array(
48	'title' => __('Login Timeout', AAM_KEY),
49	+ 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Delay the login process for 1 second (the value is configurable) to significantly reduce the chance for brute force or dictionary attack. For more information about this option please refer to %sHow does AAM Secure Login works%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/article/how-does-aam-secure-login-works" target="_blank">', '</a>'),
50	'value' => AAM_Core_Config::get('core.settings.loginTimeout', false)
51	),
52	'core.settings.singleSession' => array(
53	'title' => __('One Session Per User', AAM_KEY),
54	+ 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Automatically destroy all other sessions for a user if he/she tries to login from different location. For more information about this option please refer to %sHow does AAM Secure Login works%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/article/how-does-aam-secure-login-works" target="_blank">', '</a>'),
55	'value' => AAM_Core_Config::get('core.settings.singleSession', false)
56	),
57	'core.settings.bruteForceLockout' => array(
58	'title' => __('Brute Force Lockout', AAM_KEY),
59	+ 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Automatically reject login attempts if number of unsuccessful login attempts is more than 20 over the period of 2 minutes (both values are configurable). For more information about this option please refer to %sHow does AAM Secure Login works%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/article/how-does-aam-secure-login-works" target="_blank">', '</a>'),
60	'value' => AAM_Core_Config::get('core.settings.bruteForceLockout', false)
61	),
62	);

Application/Backend/Feature/Subject/Role.php CHANGED Viewed

	@@ -15,6 +15,15 @@
15	*/
16	class AAM_Backend_Feature_Subject_Role {
17









18	/**
19	* Get role list
20	*
	@@ -25,43 +34,33 @@ class AAM_Backend_Feature_Subject_Role {
25	* @access public
26	*/
27	public function getTable() {
28	- // ~~TODO:~~ ~~The~~ ~~aam_list_roles is legacy and can be removed in Oct 2021~~
29	- if ~~(current_user_can('aam_manage_roles')~~ ~~\|\| current_user_can~~(~~'aam_list_roles'~~)~~) {~~
30	- ~~//retrieve~~ ~~list~~ ~~of users~~
31	- $count = count_users();
32	- $stats = $count['avail_roles'];
33
34	- $filtered = $this->fetchRoleList();
35
36	- $response = array(
37	- 'recordsTotal' => count(get_editable_roles()),
38	- 'recordsFiltered' => count($filtered),
39	- 'draw' => AAM_Core_Request::request('draw'),
40	- 'data' => array(),
41	- );
42
43	- foreach ($filtered as $id => $data) {
44	- $uc = (isset($stats[$id]) ? $stats[$id] : 0);
45	-
46	- $response['data'][] = array(
47	- $id,
48	- $uc,
49	- translate_user_role($data['name']),
50	- apply_filters(
51	- 'aam-role-row-actions-filter',
52	- implode(',', $this->prepareRowActions($uc, $id)),
53	- $data
54	- ),
55	- AAM_Core_API::maxLevel($data['capabilities']),
56	- AAM_Core_API::getOption("aam-role-{$id}-expiration", '')
57	- );
58	- }
59	- } else {
60	- $response = array(
61	- 'recordsTotal' => 0,
62	- 'recordsFiltered' => 0,
63	- 'draw' => AAM_Core_Request::request('draw'),
64	- 'data' => array(),
65	);
66	}
67
	@@ -69,9 +68,14 @@ class AAM_Backend_Feature_Subject_Role {
69	}
70
71	/**

72	*
73	- * @param ~~type~~ $count
74	- * @~~return~~ string




75	*/
76	protected function prepareRowActions($count, $roleId) {
77	$ui = AAM_Core_Request::post('ui', 'main');
	@@ -79,9 +83,15 @@ class AAM_Backend_Feature_Subject_Role {
79
80	if ($ui === 'principal') {
81	$subject = new AAM_Core_Subject_Role($roleId);

82	$object = $subject->getObject('policy');





83
84	- $actions = array(($~~object->has($id)~~ ? ~~'detach' : 'attach'~~));
85	} else {
86	$actions = array('manage');
87
	@@ -112,7 +122,7 @@ class AAM_Backend_Feature_Subject_Role {
112	*/
113	public function getList(){
114	return wp_json_encode(
115	- apply_filters('aam-get-role-list-filter', $this->fetchRoleList())
116	);
117	}
118


15	*/
16	class AAM_Backend_Feature_Subject_Role {
17
18	+ /**
19	+ * Construct
20	+ */
21	+ public function __construct() {
22	+ if (!current_user_can('aam_manage_roles')) {
23	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_roles'));
24	+ }
25	+ }
26	+
27	/**
28	* Get role list
29	*

34	* @access public
35	*/
36	public function getTable() {
37	+ //retrieve list of users
38	+ $count = count_users();
39	+ $stats = $count['avail_roles'];


40
41	+ $filtered = $this->fetchRoleList();
42
43	+ $response = array(
44	+ 'recordsTotal' => count(get_editable_roles()),
45	+ 'recordsFiltered' => count($filtered),
46	+ 'draw' => AAM_Core_Request::request('draw'),
47	+ 'data' => array(),
48	+ );
49
50	+ foreach ($filtered as $id => $data) {
51	+ $uc = (isset($stats[$id]) ? $stats[$id] : 0);
52	+
53	+ $response['data'][] = array(
54	+ $id,
55	+ $uc,
56	+ translate_user_role($data['name']),
57	+ apply_filters(
58	+ 'aam-role-row-actions-filter',
59	+ implode(',', $this->prepareRowActions($uc, $id)),
60	+ $data
61	+ ),
62	+ AAM_Core_API::maxLevel($data['capabilities']),
63	+ AAM_Core_API::getOption("aam-role-{$id}-expiration", '')








64	);
65	}
66

68	}
69
70	/**
71	+ * Prepare the list of role actions
72	*
73	+ * @param int $count Number of users in role
74	+ * @param string $roleId Role slug
75	+ *
76	+ * @return array
77	+ *
78	+ * @access protected
79	*/
80	protected function prepareRowActions($count, $roleId) {
81	$ui = AAM_Core_Request::post('ui', 'main');

83
84	if ($ui === 'principal') {
85	$subject = new AAM_Core_Subject_Role($roleId);
86	+
87	$object = $subject->getObject('policy');
88	+ $action = ($object->has($id) ? 'detach' : 'attach');
89	+ $manager = AAM_Core_Policy_Factory::get();
90	+
91	+ // Verify that current user can perform following action
92	+ $prefix = ($manager->canTogglePolicy($id, $action) ? '' : 'no-');
93
94	+ $actions = array($prefix . $action);
95	} else {
96	$actions = array('manage');
97

122	*/
123	public function getList(){
124	return wp_json_encode(
125	+ apply_filters('aam-get-role-list-filter', $this->fetchRoleList())
126	);
127	}
128

Application/Backend/Feature/Subject/User.php CHANGED Viewed

@@ -15,6 +15,15 @@
              */
             class AAM_Backend_Feature_Subject_User {
                 /**
                  * Retrieve list of users
+                 *
@@ -26,26 +35,21 @@ class AAM_Backend_Feature_Subject_User {
                  */
                 public function getTable() {
                     $response = array(
-            -
                        'recordsTotal'    => 0,
-            -
                        'recordsFiltered' => 0,
-            -
                        'draw'            => AAM_Core_Request::request('draw'),
-            -
                        'data'            => array(),
                     );
-            -
                    // TODO: The list_users is legacy and can be removed in Oct 2021
-            -
                    if (current_user_can('aam_manage_users') || current_user_can('list_users')) {
-            -
                        //get total number of users
-            -
                        $total  = count_users();
-            -
                        $result = $this->query();
-            -
-            -
                        $response['recordsTotal']    = $total['total_users'];
-            -
                        $response['recordsFiltered'] = $result->get_total();
-            -
                        foreach ($result->get_results() as $row) {
-            -
                            $user = new AAM_Core_Subject_User($row->ID);
-            -
                            $user->initialize(true);
-            -
                            $response['data'][] = $this->prepareRow($user);
-            -
                        }
+                    }
                     return wp_json_encode($response);
@@ -83,6 +87,56 @@ class AAM_Backend_Feature_Subject_User {
                     return wp_json_encode($response);
+                }
                 /**
+                 *
                  * @return type


15	*/
16	class AAM_Backend_Feature_Subject_User {
17
18	+ /**
19	+ * Construct
20	+ */
21	+ public function __construct() {
22	+ if (!current_user_can('aam_manage_users')) {
23	+ AAM::api()->denyAccess(array('reason' => 'aam_manage_users'));
24	+ }
25	+ }
26	+
27	/**
28	* Retrieve list of users
29	*

35	*/
36	public function getTable() {
37	$response = array(
38	+ 'draw' => AAM_Core_Request::request('draw'),
39	+ 'data' => array()


40	);
41
42	+ //get total number of users
43	+ $total = count_users();
44	+ $result = $this->query();





45
46	+ $response['recordsTotal'] = $total['total_users'];
47	+ $response['recordsFiltered'] = $result->get_total();
48	+
49	+ foreach ($result->get_results() as $row) {
50	+ $user = new AAM_Core_Subject_User($row->ID);
51	+ $user->initialize(true);
52	+ $response['data'][] = $this->prepareRow($user);
53	}
54
55	return wp_json_encode($response);

87	return wp_json_encode($response);
88	}
89
90	+ /**
91	+ *
92	+ * @return type
93	+ */
94	+ public function switchToUser() {
95	+ $response = array(
96	+ 'status' => 'failure',
97	+ 'reason' => 'You are not allowed to switch to this user'
98	+ );
99	+
100	+ if (current_user_can('aam_switch_users')) {
101	+ $user = new WP_User(AAM_Core_Request::post('user'));
102	+ $max = AAM::getUser()->getMaxLevel();
103	+
104	+ if ($max >= AAM_Core_API::maxLevel($user->allcaps)) {
105	+ AAM_Core_API::updateOption(
106	+ 'aam-user-switch-' . $user->ID, get_current_user_id()
107	+ );
108	+
109	+ // Making sure that user that we are switching too is not logged in
110	+ // already. Reported by https://github.com/KenAer
111	+ $sessions = WP_Session_Tokens::get_instance($user->ID);
112	+ if (count($sessions->get_all()) > 1) {
113	+ $sessions->destroy_all();
114	+ }
115	+
116	+ // If there is jwt token in cookie, make sure it is deleted otherwise
117	+ // user technically will never be switched
118	+ if (AAM_Core_Request::cookie('aam-jwt')) {
119	+ setcookie(
120	+ 'aam-jwt',
121	+ '',
122	+ time() - YEAR_IN_SECONDS,
123	+ '/',
124	+ parse_url(get_bloginfo('url'), PHP_URL_HOST),
125	+ is_ssl()
126	+ );
127	+ }
128	+
129	+ wp_clear_auth_cookie();
130	+ wp_set_auth_cookie( $user->ID, true );
131	+ wp_set_current_user( $user->ID );
132	+
133	+ $response = array('status' => 'success', 'redirect' => admin_url());
134	+ }
135	+ }
136	+
137	+ return wp_json_encode($response);
138	+ }
139	+
140	/**
141	*
142	* @return type

Application/Backend/Filter.php CHANGED Viewed

	@@ -114,7 +114,7 @@ class AAM_Backend_Filter {
114	*/
115	public function adminNotices() {
116	if (AAM_Core_API::capabilityExists('show_admin_notices')) {
117	- if (!~~AAM::getUser~~(~~)->hasCapability(~~'show_admin_notices')) {
118	remove_all_actions('admin_notices');
119	remove_all_actions('network_admin_notices');
120	remove_all_actions('user_admin_notices');
	@@ -218,7 +218,7 @@ class AAM_Backend_Filter {
218	$response = false;
219
220	if (AAM_Core_API::capabilityExists('manage_same_user_level')) {
221	- $response = !~~AAM::getUser~~(~~)->hasCapability(~~'manage_same_user_level');
222	}
223
224	return $response;


114	*/
115	public function adminNotices() {
116	if (AAM_Core_API::capabilityExists('show_admin_notices')) {
117	+ if (!current_user_can('show_admin_notices')) {
118	remove_all_actions('admin_notices');
119	remove_all_actions('network_admin_notices');
120	remove_all_actions('user_admin_notices');

218	$response = false;
219
220	if (AAM_Core_API::capabilityExists('manage_same_user_level')) {
221	+ $response = !current_user_can('manage_same_user_level');
222	}
223
224	return $response;

Application/Backend/Manager.php CHANGED Viewed

	@@ -51,6 +51,12 @@ class AAM_Backend_Manager {
51
52	//user profile update action
53	add_action('profile_update', array($this, 'profileUpdate'), 10, 2);






54
55	//post title decorator
56	add_filter('the_title', array($this, 'theTitle'), 999, 2);
	@@ -146,6 +152,21 @@ class AAM_Backend_Manager {
146	);
147	}
148	}















149
150	/**
151	*
	@@ -168,11 +189,11 @@ class AAM_Backend_Manager {
168	$isProfile = $user->ID === get_current_user_id();
169	if ($isProfile) {
170	if (AAM_Core_API::capabilityExists('change_own_password')
171	- && !~~AAM::getUser~~(~~)->hasCapability(~~'change_own_password')) {
172	$result = false;
173	}
174	} elseif (AAM_Core_API::capabilityExists('change_passwords')
175	- && !~~AAM::getUser~~(~~)->hasCapability(~~'change_passwords')) {
176	$result = false;
177	}
178
	@@ -190,11 +211,11 @@ class AAM_Backend_Manager {
190
191	if ($isProfile) {
192	if (AAM_Core_API::capabilityExists('change_own_password')
193	- && !~~AAM::getUser~~(~~)->hasCapability(~~'change_own_password')) {
194	$password = $password2 = null;
195	}
196	} elseif (AAM_Core_API::capabilityExists('change_passwords')
197	- && !~~AAM::getUser~~(~~)->hasCapability(~~'change_passwords')) {
198	$password = $password2 = null;
199	}
200	}
	@@ -204,7 +225,7 @@ class AAM_Backend_Manager {
204	* @param type $data
205	* @return type
206	*/
207	- public function filterPostData($data~~, $postarr~~) {
208	if (isset($data['post_type']) && ($data['post_type'] === 'aam_policy')) {
209	$content = trim(filter_input(INPUT_POST, 'aam-policy'));
210
	@@ -281,14 +302,14 @@ class AAM_Backend_Manager {
281	'aam',
282	'AAM Access Settings',
283	'Advanced Access Manager access settings and configurations',
284	- array($this, '~~renderImporer~~')
285	);
286	}
287
288	/**
289	*
290	*/
291	- public function ~~renderImporer~~() {
292	$importer = new AAM_Core_Importer();
293	$importer->dispatch();
294	}
	@@ -316,7 +337,7 @@ class AAM_Backend_Manager {
316	*/
317	public function getPermalinkHtml($html) {
318	if (AAM_Core_API::capabilityExists('edit_permalink')
319	- && !~~AAM::getUser~~(~~)->hasCapability(~~'edit_permalink')) {
320	$html = '';
321	}
322
	@@ -337,12 +358,28 @@ class AAM_Backend_Manager {
337	*/
338	public function profileUpdate($id, $old) {
339	$user = get_user_by('ID', $id);
















340
341	//role changed?
342	if (implode('', $user->roles) !== implode('', $old->roles)) {
343	AAM_Core_API::clearCache(new AAM_Core_Subject_User($id));
344
345	- //check if role has expiration data set
346	// TODO: This supports only the first role and NOT the multi-roles
347	if (is_array($user->roles)) {
348	$roles = array_values($user->roles);
	@@ -382,7 +419,7 @@ class AAM_Backend_Manager {
382	*/
383	public function screenOptions($flag) {
384	if (AAM_Core_API::capabilityExists('show_screen_options')) {
385	- $flag = ~~AAM::getUser~~(~~)->hasCapability(~~'show_screen_options');
386	}
387
388	if (AAM::isAAM()) {
	@@ -401,7 +438,7 @@ class AAM_Backend_Manager {
401	*/
402	public function helpOptions($help, $id, $screen) {
403	if (AAM_Core_API::capabilityExists('show_help_tabs')) {
404	- if (!~~AAM::getUser~~(~~)->hasCapability(~~'show_help_tabs')) {
405	$screen->remove_help_tabs();
406	$help = array();
407	}
	@@ -429,10 +466,9 @@ class AAM_Backend_Manager {
429	*
430	*/
431	public function adminInit() {
432	- $user = AAM::getUser();
433	$frame = AAM_Core_Request::get('aamframe');
434
435	- if ($frame && ~~$user->hasCapability~~('aam_manage_posts')) {
436	echo AAM_Backend_View::getInstance()->renderAccessFrame();
437	exit;
438	}
	@@ -549,12 +585,12 @@ class AAM_Backend_Manager {
549	$api = AAM_Core_Config::get('core.settings.apiAccessControl', true);
550
551	$needAC = ($frontend \|\| $backend \|\| $api);
552	- $allowed = ~~AAM::getUser~~(~~)->hasCapability(~~'aam_manage_posts');
553	$notASP = (!is_a($post, 'WP_Post') \|\| ($post->post_type !== 'aam_policy'));
554
555	if ($needAC && $allowed && $notASP) {
556	add_meta_box(
557	- 'aam-~~acceess~~-manager',
558	__('Access Manager', AAM_KEY) . ' <small style="color:#999999;">by AAM plugin</small>',
559	array($this, 'renderPostMetabox'),
560	null,
	@@ -668,14 +704,14 @@ class AAM_Backend_Manager {
668	$backend = AAM_Core_Config::get('core.settings.backendAccessControl', true);
669	$api = AAM_Core_Config::get('core.settings.apiAccessControl', true);
670
671	- if (($frontend \|\| $backend \|\| $api) && ~~AAM::getUser~~(~~)->hasCapability(~~'aam_manage_posts')) {
672	echo AAM_Backend_View::getInstance()->renderTermMetabox($term);
673	}
674	}
675	}
676
677	/**
678	- * ~~Hanlde~~ Metabox initialization process
679	*
680	* @return void
681	*
	@@ -781,8 +817,8 @@ class AAM_Backend_Manager {
781	$frontend = AAM_Core_Config::get('core.settings.frontendAccessControl', true);
782	$backend = AAM_Core_Config::get('core.settings.backendAccessControl', true);
783	$api = AAM_Core_Config::get('core.settings.apiAccessControl', true);
784	- $aamManager = ~~AAM::getUser~~(~~)->hasCapability(~~'aam_manager');
785	- $featureManager = ~~AAM::getUser~~(~~)->hasCapability(~~$cap);
786
787	return ($frontend \|\| $backend \|\| $api) && $aamManager && $featureManager;
788	}
	@@ -797,7 +833,7 @@ class AAM_Backend_Manager {
797	public function printJavascript() {
798	if (AAM::isAAM()) {
799	wp_enqueue_script('aam-vendor', AAM_MEDIA . '/js/vendor.js');
800	- wp_enqueue_script('aam-main', AAM_MEDIA . '/js/aam-5.8.js');
801
802	//add plugin localization
803	$this->printLocalization('aam-main');
	@@ -949,7 +985,7 @@ class AAM_Backend_Manager {
949	// flush any output buffer
950	@ob_clean();
951
952	- if (~~AAM::getUser~~(~~)->hasCapability(~~'aam_manager')) {
953	$response = AAM_Backend_View::getInstance()->renderContent(
954	AAM_Core_Request::post('uiType', 'main')
955	);
	@@ -994,7 +1030,7 @@ class AAM_Backend_Manager {
994	while (@ob_end_clean()){}
995
996	//process ajax request
997	- if (~~AAM::getUser~~(~~)->hasCapability(~~'aam_manager')) {
998	echo AAM_Backend_View::getInstance()->processAjax();
999	} else {
1000	echo __('Access Denied', AAM_KEY);


51
52	//user profile update action
53	add_action('profile_update', array($this, 'profileUpdate'), 10, 2);
54	+
55	+ //alter user edit screen with support for multiple roles
56	+ if (AAM::api()->getConfig('core.settings.multiSubject', false)) {
57	+ add_action('show_user_profile', array($this, 'userEditPage'));
58	+ add_action('edit_user_profile', array($this, 'userEditPage'));
59	+ }
60
61	//post title decorator
62	add_filter('the_title', array($this, 'theTitle'), 999, 2);

152	);
153	}
154	}
155	+
156	+ /**
157	+ * Undocumented function
158	+ *
159	+ * @param [type] $user
160	+ * @return void
161	+ */
162	+ public function userEditPage($user) {
163	+ ob_start();
164	+ require_once dirname(__FILE__) . '/phtml/user/multiple-roles.phtml';
165	+ $content = ob_get_contents();
166	+ ob_end_clean();
167	+
168	+ echo $content;
169	+ }
170
171	/**
172	*

189	$isProfile = $user->ID === get_current_user_id();
190	if ($isProfile) {
191	if (AAM_Core_API::capabilityExists('change_own_password')
192	+ && !current_user_can('change_own_password')) {
193	$result = false;
194	}
195	} elseif (AAM_Core_API::capabilityExists('change_passwords')
196	+ && !current_user_can('change_passwords')) {
197	$result = false;
198	}
199

211
212	if ($isProfile) {
213	if (AAM_Core_API::capabilityExists('change_own_password')
214	+ && !current_user_can('change_own_password')) {
215	$password = $password2 = null;
216	}
217	} elseif (AAM_Core_API::capabilityExists('change_passwords')
218	+ && !current_user_can('change_passwords')) {
219	$password = $password2 = null;
220	}
221	}

225	* @param type $data
226	* @return type
227	*/
228	+ public function filterPostData($data) {
229	if (isset($data['post_type']) && ($data['post_type'] === 'aam_policy')) {
230	$content = trim(filter_input(INPUT_POST, 'aam-policy'));
231

302	'aam',
303	'AAM Access Settings',
304	'Advanced Access Manager access settings and configurations',
305	+ array($this, 'renderImporter')
306	);
307	}
308
309	/**
310	*
311	*/
312	+ public function renderImporter() {
313	$importer = new AAM_Core_Importer();
314	$importer->dispatch();
315	}

337	*/
338	public function getPermalinkHtml($html) {
339	if (AAM_Core_API::capabilityExists('edit_permalink')
340	+ && !current_user_can('edit_permalink')) {
341	$html = '';
342	}
343

358	*/
359	public function profileUpdate($id, $old) {
360	$user = get_user_by('ID', $id);
361	+
362	+ //save selected user roles
363	+ if (AAM::api()->getConfig('core.settings.multiSubject', false)) {
364	+ $roles = filter_input(INPUT_POST, 'aam_user_roles', FILTER_DEFAULT , FILTER_REQUIRE_ARRAY);
365	+
366	+ // prepare the final list of roles that needs to be set
367	+ $newRoles = array_intersect($roles, array_keys(get_editable_roles()));
368	+
369	+ if (!empty($newRoles)) {
370	+ //remove all current roles and then set new
371	+ $user->set_role($role);
372	+ foreach($newRoles as $role) {
373	+ $user->add_role($role);
374	+ }
375	+ }
376	+ }
377
378	//role changed?
379	if (implode('', $user->roles) !== implode('', $old->roles)) {
380	AAM_Core_API::clearCache(new AAM_Core_Subject_User($id));
381
382	+ // check if role has expiration data set
383	// TODO: This supports only the first role and NOT the multi-roles
384	if (is_array($user->roles)) {
385	$roles = array_values($user->roles);

419	*/
420	public function screenOptions($flag) {
421	if (AAM_Core_API::capabilityExists('show_screen_options')) {
422	+ $flag = current_user_can('show_screen_options');
423	}
424
425	if (AAM::isAAM()) {

438	*/
439	public function helpOptions($help, $id, $screen) {
440	if (AAM_Core_API::capabilityExists('show_help_tabs')) {
441	+ if (!current_user_can('show_help_tabs')) {
442	$screen->remove_help_tabs();
443	$help = array();
444	}

466	*
467	*/
468	public function adminInit() {

469	$frame = AAM_Core_Request::get('aamframe');
470
471	+ if ($frame && current_user_can('aam_manage_posts')) {
472	echo AAM_Backend_View::getInstance()->renderAccessFrame();
473	exit;
474	}

585	$api = AAM_Core_Config::get('core.settings.apiAccessControl', true);
586
587	$needAC = ($frontend \|\| $backend \|\| $api);
588	+ $allowed = current_user_can('aam_manage_posts');
589	$notASP = (!is_a($post, 'WP_Post') \|\| ($post->post_type !== 'aam_policy'));
590
591	if ($needAC && $allowed && $notASP) {
592	add_meta_box(
593	+ 'aam-access-manager',
594	__('Access Manager', AAM_KEY) . ' <small style="color:#999999;">by AAM plugin</small>',
595	array($this, 'renderPostMetabox'),
596	null,

704	$backend = AAM_Core_Config::get('core.settings.backendAccessControl', true);
705	$api = AAM_Core_Config::get('core.settings.apiAccessControl', true);
706
707	+ if (($frontend \|\| $backend \|\| $api) && current_user_can('aam_manage_posts')) {
708	echo AAM_Backend_View::getInstance()->renderTermMetabox($term);
709	}
710	}
711	}
712
713	/**
714	+ * Handle Metabox initialization process
715	*
716	* @return void
717	*

817	$frontend = AAM_Core_Config::get('core.settings.frontendAccessControl', true);
818	$backend = AAM_Core_Config::get('core.settings.backendAccessControl', true);
819	$api = AAM_Core_Config::get('core.settings.apiAccessControl', true);
820	+ $aamManager = current_user_can('aam_manager');
821	+ $featureManager = current_user_can($cap);
822
823	return ($frontend \|\| $backend \|\| $api) && $aamManager && $featureManager;
824	}

833	public function printJavascript() {
834	if (AAM::isAAM()) {
835	wp_enqueue_script('aam-vendor', AAM_MEDIA . '/js/vendor.js');
836	+ wp_enqueue_script('aam-main', AAM_MEDIA . '/js/aam-5.9.js');
837
838	//add plugin localization
839	$this->printLocalization('aam-main');

985	// flush any output buffer
986	@ob_clean();
987
988	+ if (current_user_can('aam_manager')) {
989	$response = AAM_Backend_View::getInstance()->renderContent(
990	AAM_Core_Request::post('uiType', 'main')
991	);

1030	while (@ob_end_clean()){}
1031
1032	//process ajax request
1033	+ if (current_user_can('aam_manager')) {
1034	echo AAM_Backend_View::getInstance()->processAjax();
1035	} else {
1036	echo __('Access Denied', AAM_KEY);

Application/Backend/Subject.php CHANGED Viewed

	@@ -48,9 +48,15 @@ class AAM_Backend_Subject {
48	$subject = AAM_Core_Request::request('subject');
49
50	if ($subject) {
51	- $this->initRequestedSubject(
52	- $subject, AAM_Core_Request::request('subjectId')
53	);






54	} else {
55	$this->initDefaultSubject();
56	}
	@@ -74,7 +80,11 @@ class AAM_Backend_Subject {
74	$subject->initialize();
75
76	$this->setSubject($subject);


77	}


78	}
79
80	/**
	@@ -137,7 +147,7 @@ class AAM_Backend_Subject {
137	* @param string $name
138	* @param array $args
139	*
140	- * @return ~~mized~~
141	*
142	* @access public
143	*/


48	$subject = AAM_Core_Request::request('subject');
49
50	if ($subject) {
51	+ $instance = $this->initRequestedSubject(
52	+ $subject, AAM_Core_Request::request('subjectId')
53	);
54	+
55	+ $max = AAM::getUser()->getMaxLevel();
56	+
57	+ if ($max < AAM_Core_API::maxLevel($instance->getMaxLevel())) {
58	+ AAM::api()->denyAccess(array('reason' => 'User Level is too low'));
59	+ }
60	} else {
61	$this->initDefaultSubject();
62	}

80	$subject->initialize();
81
82	$this->setSubject($subject);
83	+ } else {
84	+ wp_die('Invalid subject type'); exit;
85	}
86	+
87	+ return $subject;
88	}
89
90	/**

147	* @param string $name
148	* @param array $args
149	*
150	+ * @return mixed
151	*
152	* @access public
153	*/

Application/Backend/View.php CHANGED Viewed

@@ -11,7 +11,7 @@
              * Backend view manager
+             *
              * @package AAM
-            -
             * @author Vasyl Martyniuk <vasyl@vasyltech.com>
              */
             class AAM_Backend_View {
@@ -57,30 +57,37 @@ class AAM_Backend_View {
+                }
                 /**
-            -
                 * Clear all AAM settings
-            -
                 *
-            -
                 * @global wpdb $wpdb
-            -
                 *
                  * @return string
-            -
                 *
                  * @access public
                  */
-            -
                public function clearSettings() {
-            -
                    AAM_Core_API::clearSettings();
-            -
-            -
                    return wp_json_encode(array('status' => 'success'));
-            -
                }
-            -
-            -
                /**
-            -
                 *
-            -
                 * @return type
-            -
                 */
-            -
                public function clearCache() {
-            -
                    AAM_Core_API::clearCache();
-            -
-            -
                    return wp_json_encode(array('status' => 'success'));
+                }
-            -
                 /**
                  * Run the Manager
+                 *
@@ -89,12 +96,7 @@ class AAM_Backend_View {
                  * @access public
                  */
                 public function renderPage() {
-            -
                    ob_start();
-            -
                    require_once dirname(__FILE__) . '/phtml/index.phtml';
-            -
                    $content = ob_get_contents();
-            -
                    ob_end_clean();
-            -
-            -
                    return $content;
+                }
                 /**
@@ -105,12 +107,9 @@ class AAM_Backend_View {
                  * @access public
                  */
                 public function renderAccessFrame() {
-            -
                    ob_start();
-            -
                    require_once dirname(__FILE__) . '/phtml/metabox/metabox-content.phtml';
-            -
                    $content = ob_get_contents();
-            -
                    ob_end_clean();
-            -
-            -
                    return $content;
+                }
                 /**
@@ -119,12 +118,10 @@ class AAM_Backend_View {
                  * @return type
                  */
                 public function renderPostMetabox($post) {
-            -
                    ob_start();
-            -
                    require_once dirname(__FILE__) . '/phtml/metabox/post-metabox.phtml';
-            -
                    $content = ob_get_contents();
-            -
                    ob_end_clean();
-            -
-            -
                    return $content;
+                }
                 /**
@@ -133,12 +130,10 @@ class AAM_Backend_View {
                  * @return type
                  */
                 public function renderPolicyMetabox($post) {
-            -
                    ob_start();
-            -
                    require_once dirname(__FILE__) . '/phtml/metabox/policy-metabox.phtml';
-            -
                    $content = ob_get_contents();
-            -
                    ob_end_clean();
-            -
-            -
                    return $content;
+                }
                 /**
@@ -147,12 +142,10 @@ class AAM_Backend_View {
                  * @return type
                  */
                 public function renderPolicyPrincipalMetabox($post) {
-            -
                    ob_start();
-            -
                    require_once dirname(__FILE__) . '/phtml/metabox/policy-principal-metabox.phtml';
-            -
                    $content = ob_get_contents();
-            -
                    ob_end_clean();
-            -
-            -
                    return $content;
+                }
                 /**
@@ -161,48 +154,12 @@ class AAM_Backend_View {
                  * @return type
                  */
                 public function renderTermMetabox($term) {
-            -
                    ob_start();
-            -
                    require_once dirname(__FILE__) . '/phtml/metabox/term-metabox.phtml';
-            -
                    $content = ob_get_contents();
-            -
                    ob_end_clean();
-            -
-            -
                    return $content;
-            -
                }
-            -
-            -
                /**
-            -
                 * Process the ajax call
-            -
                 *
-            -
                 * @return string
-            -
                 *
-            -
                 * @access public
-            -
                 */
-            -
                public function processAjax() {
-            -
                    $response = null;
-            -
-            -
                    $action = AAM_Core_Request::request('sub_action');
-            -
                    $parts  = explode('.', $action);
-            -
-            -
                    if (method_exists($this, $parts[0])) {
-            -
                        $response = call_user_func(array($this, $parts[0]));
-            -
                    } elseif (count($parts) === 2) { //cover the Model.method pattern
-            -
                        try {
-            -
                            $classname = 'AAM_Backend_Feature_' . $parts[0];
-            -
                            if (class_exists($classname)) {
-            -
                                $response  = call_user_func(array(new $classname, $parts[1]));
-            -
                            }
-            -
                        } catch (Exception $e) {
-            -
                            $response = $e->getMessage();
-            -
                        }
-            -
                    }
-            -
-            -
                    return apply_filters(
-            -
                            'aam-ajax-filter',
-            -
                            $response,
-            -
                            AAM_Backend_Subject::getInstance()->get(),
-            -
                            $action
                     );
+                }
-            -
                 /**
                  * Render the Main Control Area
+                 *
@@ -215,11 +172,11 @@ class AAM_Backend_View {
                 public function renderContent($type = 'main') {
                     $content = apply_filters('aam-ui-content-filter', null, $type);
-            -
                    if (is_null($content)) {
                         ob_start();
-            -
                        if ($type === 'extensions') {
                             AAM_Backend_Feature_Extension_Manager::getInstance()->render();
-            -
                        } elseif ($type === 'postform') {
                             echo AAM_Backend_Feature_Main_Post::renderAccessForm();
                         } else {
                             require_once dirname(__FILE__) . '/phtml/main-panel.phtml';
@@ -237,97 +194,29 @@ class AAM_Backend_View {
                  * @return type
                  */
                 public function loadPartial($partial) {
-            -
                    ob_start();
-            -
                    require_once dirname(__FILE__) . '/phtml/partial/' . $partial;
-            -
                    $content = ob_get_contents();
-            -
                    ob_end_clean();
-            -
-            -
                    return $content;
+                }
-            -
                 /**
-            -
                 * Save AAM options
+                 *
-            -
                 * Important notice! This function excepts "value" to be only boolean value
-            -
                 *
                  * @return string
-            -
                 *
-            -
                 * @access public
                  */
-            -
                public function save() {
-            -
                    $object   = trim(AAM_Core_Request::post('object'));
-            -
                    $objectId = intval(AAM_Core_Request::post('objectId', 0));
-            -
                    $param = AAM_Core_Request::post('param');
-            -
                    $value = filter_input(INPUT_POST, 'value');
-            -
                    $result = AAM_Backend_Subject::getInstance()->save(
-            -
                            $param, $value, $object, $objectId
-            -
                    );
-            -
-            -
                    return wp_json_encode(array('status' => ($result ? 'success' : 'failure')));
-            -
                }
-            -
                /**
-            -
                 *
-            -
                 * @return type
-            -
                 */
-            -
                public function reset() {
-            -
                    return AAM_Backend_Subject::getInstance()->resetObject(
-            -
                            AAM_Core_Request::post('object')
-            -
                    );
+                }
-            -
-            -
                /**
-            -
                 *
-            -
                 * @return type
-            -
                 */
-            -
                public function switchToUser() {
-            -
                    $response = array(
-            -
                            'status' => 'failure',
-            -
                            'reason' => 'You are not allowed to switch to this user'
-            -
                    );
-            -
-            -
                    if (current_user_can('aam_switch_users')) {
-            -
                        $user  = new WP_User(AAM_Core_Request::post('user'));
-            -
                        $max   = AAM::getUser()->getMaxLevel();
-            -
                        if ($max >= AAM_Core_API::maxLevel($user->allcaps)) {
-            -
                            AAM_Core_API::updateOption(
-            -
                                    'aam-user-switch-' . $user->ID, get_current_user_id()
-            -
                            );
-            -
-            -
                            // Making sure that user that we are switching too is not logged in
-            -
                            // already. Reported by https://github.com/KenAer
-            -
                            $sessions = WP_Session_Tokens::get_instance($user->ID);
-            -
                            if (count($sessions->get_all()) > 1) {
-            -
                                $sessions->destroy_all();
-            -
                            }
-            -
-            -
                            // If there is jwt token in cookie, make sure it is deleted otherwise
-            -
                            // user technically will never be switched
-            -
                            if (AAM_Core_Request::cookie('aam-jwt')) {
-            -
                                setcookie(
-            -
                                    'aam-jwt',
-            -
                                    '',
-            -
                                    time() - YEAR_IN_SECONDS,
-            -
                                    '/',
-            -
                                    parse_url(get_bloginfo('url'), PHP_URL_HOST),
-            -
                                    is_ssl()
-            -
                                );
-            -
                            }
-            -
-            -
                            wp_clear_auth_cookie();
-            -
                            wp_set_auth_cookie( $user->ID, true );
-            -
                            wp_set_current_user( $user->ID );
-            -
-            -
                            $response = array('status' => 'success', 'redirect' => admin_url());
-            -
                        }
-            -
                    }
-            -
-            -
                    return wp_json_encode($response);
-            -
                }
-            -
                 /**
                  * Get instance of itself
+                 *


11	* Backend view manager
12	*
13	* @package AAM
14	+ * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15	*/
16	class AAM_Backend_View {
17

57	}
58
59	/**
60	+ * Process the ajax call
61	+ *


62	* @return string
63	+ *
64	* @access public
65	*/
66	+ public function processAjax() {
67	+ $response = null;
68	+
69	+ $action = AAM_Core_Request::request('sub_action');
70	+ $parts = explode('.', $action);
71	+
72	+ if (count($parts) === 2) {
73	+ try {
74	+ $classname = 'AAM_Backend_Feature_' . $parts[0];
75	+ if (class_exists($classname)) {
76	+ $response = call_user_func(array(new $classname, $parts[1]));
77	+ }
78	+ } catch (Exception $e) {
79	+ $response = $e->getMessage();
80	+ }
81	+ }
82	+
83	+ return apply_filters(
84	+ 'aam-ajax-filter',
85	+ $response,
86	+ AAM_Backend_Subject::getInstance()->get(),
87	+ $action
88	+ );
89	}
90	+
91	/**
92	* Run the Manager
93	*

96	* @access public
97	*/
98	public function renderPage() {
99	+ return $this->loadTemplate(dirname(__FILE__) . '/phtml/index.phtml');





100	}
101
102	/**

107	* @access public
108	*/
109	public function renderAccessFrame() {
110	+ return $this->loadTemplate(
111	+ dirname(__FILE__) . '/phtml/metabox/metabox-content.phtml'
112	+ );



113	}
114
115	/**

118	* @return type
119	*/
120	public function renderPostMetabox($post) {
121	+ return $this->loadTemplate(
122	+ dirname(__FILE__) . '/phtml/metabox/post-metabox.phtml',
123	+ (object) array('post' => $post)
124	+ );


125	}
126
127	/**

130	* @return type
131	*/
132	public function renderPolicyMetabox($post) {
133	+ return $this->loadTemplate(
134	+ dirname(__FILE__) . '/phtml/metabox/policy-metabox.phtml',
135	+ (object) array('post' => $post)
136	+ );


137	}
138
139	/**

142	* @return type
143	*/
144	public function renderPolicyPrincipalMetabox($post) {
145	+ return $this->loadTemplate(
146	+ dirname(__FILE__) . '/phtml/metabox/policy-principal-metabox.phtml',
147	+ (object) array('post' => $post)
148	+ );


149	}
150
151	/**

154	* @return type
155	*/
156	public function renderTermMetabox($term) {
157	+ return $this->loadTemplate(
158	+ dirname(__FILE__) . '/phtml/metabox/term-metabox.phtml',
159	+ (object) array('term' => $term)




































160	);
161	}
162	+
163	/**
164	* Render the Main Control Area
165	*

172	public function renderContent($type = 'main') {
173	$content = apply_filters('aam-ui-content-filter', null, $type);
174
175	+ if (is_null($content) && current_user_can('aam_manager')) {
176	ob_start();
177	+ if ($type === 'extensions' && current_user_can('aam_manage_settings')) {
178	AAM_Backend_Feature_Extension_Manager::getInstance()->render();
179	+ } elseif ($type === 'postform' && current_user_can('aam_manage_posts')) {
180	echo AAM_Backend_Feature_Main_Post::renderAccessForm();
181	} else {
182	require_once dirname(__FILE__) . '/phtml/main-panel.phtml';

194	* @return type
195	*/
196	public function loadPartial($partial) {
197	+ return $this->loadTemplate(dirname(__FILE__) . '/phtml/partial/' . $partial);





198	}
199	+
200	/**
201	+ * Load template
202	+ *
203	+ * @param string $filepath
204	*


205	* @return string
206	+ *
207	+ * @access protected
208	*/
209	+ protected function loadTemplate($filepath, $args = null) {
210	+ ob_start();

211
212	+ require_once $filepath;
213	+ $content = ob_get_contents();
214
215	+ ob_end_clean();





216
217	+ return $content;







218	}














219




































220	/**
221	* Get instance of itself
222	*

Application/Backend/View/PostOptionList.php CHANGED Viewed

	@@ -73,7 +73,7 @@ class AAM_Backend_View_PostOptionList {
73	'option' => 'frontend.expire_datetime',
74	'preview' => 'frontend-expire_datetime-preview',
75	'modal' => 'modal-access-expires',
76	- 'descr' => __('Define when access will expire for %s.', AAM_KEY) . sprintf(__('After expiration, the access to %s will be denied and redirected based on the Access Denied Redirect rule. For more information %scheck this article%s or ', AAM_KEY), '%s', "<a href='https://aamplugin.com/~~help~~/how-to-set-expiration-date-for-any-wordpress-content' target='_blank'>", '</a>') . sprintf(__(' %ssee in action.%s', AAM_KEY), "<a href='https://youtu.be/IgtgVoWs35w' target='_blank'>", '</a>')
77	),
78	'monetize' => array(
79	'title' => __('Monetized Access', AAM_KEY),
	@@ -82,7 +82,7 @@ class AAM_Backend_View_PostOptionList {
82	'preview' => 'frontend-eproduct-preview',
83	'modal' => 'modal-eproduct',
84	'exclude' => array(AAM_Core_Subject_Visitor::UID),
85	- 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('[Premium feature!] Start selling access to %s. Access will be granted to open %s only if selected E-Product had been purchased. For more information %scheck this article%s.', 'b'), '%s', '%s', "<a href='https://aamplugin.com/~~help~~/how-to-monetize-access-to-the-wordpress-content' target='_blank'>", '</a>')
86	)
87	),
88	'backend' => array(
	@@ -151,7 +151,7 @@ class AAM_Backend_View_PostOptionList {
151	'option' => 'api.expire_datetime',
152	'preview' => 'api-expire_datetime-preview',
153	'modal' => 'modal-access-expires',
154	- 'descr' => __('Define when access expires to %s.', AAM_KEY) . sprintf(__('After expiration, the access to %s will be denied. For more information %scheck this article%s or ', AAM_KEY), '%s', "<a href='https://aamplugin.com/~~help~~/how-to-set-expiration-date-for-any-wordpress-content' target='_blank'>", '</a>')
155	),
156	'edit' => array(
157	'title' => __('Update', AAM_KEY),


73	'option' => 'frontend.expire_datetime',
74	'preview' => 'frontend-expire_datetime-preview',
75	'modal' => 'modal-access-expires',
76	+ 'descr' => __('Define when access will expire for %s.', AAM_KEY) . sprintf(__('After expiration, the access to %s will be denied and redirected based on the Access Denied Redirect rule. For more information %scheck this article%s or ', AAM_KEY), '%s', "<a href='https://aamplugin.com/article/how-to-set-expiration-date-for-any-wordpress-content' target='_blank'>", '</a>') . sprintf(__(' %ssee in action.%s', AAM_KEY), "<a href='https://youtu.be/IgtgVoWs35w' target='_blank'>", '</a>')
77	),
78	'monetize' => array(
79	'title' => __('Monetized Access', AAM_KEY),

82	'preview' => 'frontend-eproduct-preview',
83	'modal' => 'modal-eproduct',
84	'exclude' => array(AAM_Core_Subject_Visitor::UID),
85	+ 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('[Premium feature!] Start selling access to %s. Access will be granted to open %s only if selected E-Product had been purchased. For more information %scheck this article%s.', 'b'), '%s', '%s', "<a href='https://aamplugin.com/article/how-to-monetize-access-to-the-wordpress-content' target='_blank'>", '</a>')
86	)
87	),
88	'backend' => array(

151	'option' => 'api.expire_datetime',
152	'preview' => 'api-expire_datetime-preview',
153	'modal' => 'modal-access-expires',
154	+ 'descr' => __('Define when access expires to %s.', AAM_KEY) . sprintf(__('After expiration, the access to %s will be denied. For more information %scheck this article%s or ', AAM_KEY), '%s', "<a href='https://aamplugin.com/article/how-to-set-expiration-date-for-any-wordpress-content' target='_blank'>", '</a>')
155	),
156	'edit' => array(
157	'title' => __('Update', AAM_KEY),

Application/Backend/phtml/index.phtml CHANGED Viewed

	@@ -21,6 +21,8 @@
21	</div>
22	</div>
23	</div>


24
25	<div class="col-xs-12 col-md-4 aam-sidebar">
26	<?php if (AAM_Core_Console::count() && current_user_can('aam_show_notifications')) { ?>
	@@ -56,14 +58,14 @@
56	<span>Settings</span>
57	</a>
58	<?php } ?>
59	- <?php if (~~AAM_Core_Config::get('core.settings.extensionSupport', true~~) ~~&& current_user_can('aam_manage_extensions'))~~ { ?>
60	<a href="#" title="Extensions" data-type="extensions" class="aam-area">
61	<i class="icon-cubes"></i>
62	<span>Extensions</span>
63	</a>
64	<?php } ?>
65	<?php if (current_user_can('aam_view_help_btn')) { ?>
66	- <a href="https://aamplugin.com/~~help~~" title="Help" target="_blank">
67	<i class="icon-help-circled"></i>
68	<span>Help</span>
69	</a>
	@@ -73,40 +75,42 @@
73	</div>
74	</div>
75
76	- ~~<div~~ ~~class="metabox-holder~~ ~~settings-metabox"~~ ~~style="display:none;">~~
77	- <div class="~~postbox~~">
78	- <div class="~~inside~~">
79	- <div class="~~row~~">
80	- <div class="~~col-xs-12 col-md-6~~">
81	- <a ~~href="#"~~ class="~~btn btn~~-~~primary btn~~-~~block"~~ ~~id="clear~~-~~cache~~"~~><?php echo __('Clear AAM Cache', AAM_KEY); ?></a~~>
82	- ~~</div~~>
83	- <div ~~class="col-xs-12 col-md-6"~~>
84	- <a ~~href~~="~~#clear~~-~~settings~~-~~modal"~~ ~~data~~-~~toggle="modal" class="btn btn~~-~~danger btn-block~~"~~><?php echo __('Reset AAM Settings', AAM_KEY); ?></a~~>


85	</div>
86	</div>
87	</div>
88	- ~~</div>~~
89	-
90	- <div class="modal ~~fade" id="clear-settings-~~modal~~" tabindex="~~-1" role="~~dialog~~">
91	- <div class="modal-~~dialog modal-sm~~" ~~role="document"~~>
92	- <div class="modal-~~content~~">
93	- <~~div~~ class="modal-~~header~~">
94	- <~~button~~ ~~type="button"~~ class="~~close" data-dismiss="~~modal~~" aria~~-~~label=~~"<?php echo __('~~Close~~', AAM_KEY); ~~?>"><span aria-hidden="true">×</span></button~~>
95	- ~~<h4 class="modal-title"><?php echo __('Clear all settings', AAM_KEY); ?></h4~~>
96	- </div>
97	- <~~div~~ class="~~modal~~-~~body~~">
98	- ~~<p class="text-center alert alert-danger text-larger"><?php echo __('All AAM settings will be removed.', AAM_KEY); ?></p~~>
99	- </div>
100	- <~~div~~ class="~~modal~~-~~footer~~">
101	- <button type="button" class="btn btn-~~danger~~" id="~~clear-settings~~"><?php echo __('~~Clear~~', AAM_KEY); ?></button>
102	- ~~<button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Cancel', AAM_KEY); ?></button~~>
103	</div>
104	</div>
105	</div>
106	</div>
107	- ~~</div>~~
108
109	- <?php if (AAM_Extension_Repository::getInstance()->isWriteableDirectory() === false) { ?>
110	<?php $relativePath = AAM_Extension_Repository::getInstance()->getBasedir(true); ?>
111	<div class="metabox-holder extensions-metabox" id='extension-dir-warning' style="display:none;">
112	<div class="postbox">
	@@ -143,7 +147,7 @@
143	<?php } ?>
144
145	<?php $licenses = AAM_Extension_Repository::getInstance()->getCommercialLicenses(); ?>
146	- <?php if (count($licenses)) { ?>
147	<div class="metabox-holder extensions-metabox" style="display:none;">
148	<div class="postbox">
149	<h3 class="hndle">
	@@ -228,6 +232,9 @@
228	<?php if (current_user_can('aam_manage_default')) { ?>
229	<li role="presentation" class="<?php echo (!$active++ ? 'active ' : ''); ?>text-center"><a href="#default" aria-controls="default" role="tab" data-toggle="tab" class="text-danger"><i class="icon-asterisk"></i><br/><?php echo __('Default', AAM_KEY); ?></a></li>
230	<?php } ?>



231	</ul>
232	<div class="tab-content">
233	<?php $active = 0; ?>
	@@ -260,7 +267,7 @@
260	<input type="text" class="form-control" name="name" placeholder="<?php echo __('Enter Role Name', AAM_KEY); ?>" />
261	</div>
262	<div class="form-group">
263	- <label><?php echo __('Role Expiration', AAM_KEY); ?> <a href="https://aamplugin.com/~~help~~/how-to-manage-wordpress-roles" target="_blank" data-toggle="tooltip" title="For how long user can have this role. Click to learn more."><i class="icon-help-circled"></i></a></label>
264	<input type="text" class="form-control" name="expire" placeholder="<?php echo __('Enter Expiration Rule', AAM_KEY); ?>" />
265	</div>
266	<?php /* TODO: Rethink this filter */ do_action('aam-add-role-ui-action'); ?>
	@@ -287,7 +294,7 @@
287	<input type="text" class="form-control" id="edit-role-name" placeholder="<?php echo __('Enter Role Name', AAM_KEY); ?>" name="name" />
288	</div>
289	<div class="form-group">
290	- <label><?php echo __('Role Expiration', AAM_KEY); ?> <a href="https://aamplugin.com/~~help~~/how-to-manage-wordpress-roles" target="_blank" data-toggle="tooltip" title="For how long user can have this role. Click to learn more."><i class="icon-help-circled"></i></a></label>
291	<input type="text" class="form-control" name="expire" id="edit-role-expiration" placeholder="<?php echo __('Enter Expiration Rule', AAM_KEY); ?>" />
292	</div>
293	<?php /* TODO: Rethink this filter */ do_action('aam-edit-role-ui-action'); ?>
	@@ -424,6 +431,11 @@
424	</div>
425	</div>
426	<?php } ?>





427	</div>
428	</div>
429	<div class="aam-help-context">


21	</div>
22	</div>
23	</div>
24	+
25	+ <?php $manageExtensions = AAM_Core_Config::get('core.settings.extensionSupport', true) && current_user_can('aam_manage_extensions'); ?>
26
27	<div class="col-xs-12 col-md-4 aam-sidebar">
28	<?php if (AAM_Core_Console::count() && current_user_can('aam_show_notifications')) { ?>

58	<span>Settings</span>
59	</a>
60	<?php } ?>
61	+ <?php if ($manageExtensions) { ?>
62	<a href="#" title="Extensions" data-type="extensions" class="aam-area">
63	<i class="icon-cubes"></i>
64	<span>Extensions</span>
65	</a>
66	<?php } ?>
67	<?php if (current_user_can('aam_view_help_btn')) { ?>
68	+ <a href="https://aamplugin.com/support" title="Help" target="_blank">
69	<i class="icon-help-circled"></i>
70	<span>Help</span>
71	</a>

75	</div>
76	</div>
77
78	+ <?php if (current_user_can('aam_manage_settings')) { ?>
79	+ <div class="metabox-holder settings-metabox" style="display:none;">
80	+ <div class="postbox">
81	+ <div class="inside">
82	+ <div class="row">
83	+ <div class="col-xs-12 col-md-6">
84	+ <a href="#" class="btn btn-primary btn-block" id="clear-cache"><?php echo __('Clear AAM Cache', AAM_KEY); ?></a>
85	+ </div>
86	+ <div class="col-xs-12 col-md-6">
87	+ <a href="#clear-settings-modal" data-toggle="modal" class="btn btn-danger btn-block"><?php echo __('Reset AAM Settings', AAM_KEY); ?></a>
88	+ </div>
89	</div>
90	</div>
91	</div>
92	+
93	+ <div class="modal fade" id="clear-settings-modal" tabindex="-1" role="dialog">
94	+ <div class="modal-dialog modal-sm" role="document">
95	+ <div class="modal-content">
96	+ <div class="modal-header">
97	+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">×</span></button>
98	+ <h4 class="modal-title"><?php echo __('Clear all settings', AAM_KEY); ?></h4>
99	+ </div>
100	+ <div class="modal-body">
101	+ <p class="text-center alert alert-danger text-larger"><?php echo __('All AAM settings will be removed.', AAM_KEY); ?></p>
102	+ </div>
103	+ <div class="modal-footer">
104	+ <button type="button" class="btn btn-danger" id="clear-settings"><?php echo __('Clear', AAM_KEY); ?></button>
105	+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Cancel', AAM_KEY); ?></button>
106	+ </div>
107	</div>
108	</div>
109	</div>
110	</div>
111	+ <?php } ?>
112
113	+ <?php if (AAM_Extension_Repository::getInstance()->isWriteableDirectory() === false && $manageExtensions) { ?>
114	<?php $relativePath = AAM_Extension_Repository::getInstance()->getBasedir(true); ?>
115	<div class="metabox-holder extensions-metabox" id='extension-dir-warning' style="display:none;">
116	<div class="postbox">

147	<?php } ?>
148
149	<?php $licenses = AAM_Extension_Repository::getInstance()->getCommercialLicenses(); ?>
150	+ <?php if (count($licenses) && $manageExtensions) { ?>
151	<div class="metabox-holder extensions-metabox" style="display:none;">
152	<div class="postbox">
153	<h3 class="hndle">

232	<?php if (current_user_can('aam_manage_default')) { ?>
233	<li role="presentation" class="<?php echo (!$active++ ? 'active ' : ''); ?>text-center"><a href="#default" aria-controls="default" role="tab" data-toggle="tab" class="text-danger"><i class="icon-asterisk"></i><br/><?php echo __('Default', AAM_KEY); ?></a></li>
234	<?php } ?>
235	+ <?php if ($active === 0) { ?>
236	+ <li role="presentation" class="active text-center"><a href="#none" aria-controls="none" role="tab" data-toggle="tab" class="text-muted"><i class="icon-asterisk"></i><br/><?php echo __('None', AAM_KEY); ?></a></li>
237	+ <?php } ?>
238	</ul>
239	<div class="tab-content">
240	<?php $active = 0; ?>

267	<input type="text" class="form-control" name="name" placeholder="<?php echo __('Enter Role Name', AAM_KEY); ?>" />
268	</div>
269	<div class="form-group">
270	+ <label><?php echo __('Role Expiration', AAM_KEY); ?> <a href="https://aamplugin.com/article/how-to-manage-wordpress-roles" target="_blank" data-toggle="tooltip" title="For how long user can have this role. Click to learn more."><i class="icon-help-circled"></i></a></label>
271	<input type="text" class="form-control" name="expire" placeholder="<?php echo __('Enter Expiration Rule', AAM_KEY); ?>" />
272	</div>
273	<?php /* TODO: Rethink this filter */ do_action('aam-add-role-ui-action'); ?>

294	<input type="text" class="form-control" id="edit-role-name" placeholder="<?php echo __('Enter Role Name', AAM_KEY); ?>" name="name" />
295	</div>
296	<div class="form-group">
297	+ <label><?php echo __('Role Expiration', AAM_KEY); ?> <a href="https://aamplugin.com/article/how-to-manage-wordpress-roles" target="_blank" data-toggle="tooltip" title="For how long user can have this role. Click to learn more."><i class="icon-help-circled"></i></a></label>
298	<input type="text" class="form-control" name="expire" id="edit-role-expiration" placeholder="<?php echo __('Enter Expiration Rule', AAM_KEY); ?>" />
299	</div>
300	<?php /* TODO: Rethink this filter */ do_action('aam-edit-role-ui-action'); ?>

431	</div>
432	</div>
433	<?php } ?>
434	+ <?php if ($active === 0) { ?>
435	+ <div role="tabpanel" class="tab-pane active" id="none">
436	+ <p class="alert alert-warning"><?php echo __('You are not allowed to manage any of the existing users, roles, visitors or default access settings for all.', AAM_KEY); ?></p>
437	+ </div>
438	+ <?php } ?>
439	</div>
440	</div>
441	<div class="aam-help-context">

Application/Backend/phtml/main-panel.phtml CHANGED Viewed

	@@ -1,5 +1,5 @@
1	<?php if (defined('AAM_KEY')) { ?>
2	- <?php $features = AAM_Backend_Feature::~~retriveList~~($type); ?>
3	<div class="row">
4	<?php if (count($features)) { ?>
5	<div class="col-xs-12 col-md-4">
	@@ -23,7 +23,7 @@
23	</div>
24	<?php } else { ?>
25	<div class="col-xs-12">
26	- <p class="aam-notification text-center"><?php echo __('You are not allowed to manage any of the existing features.', 'AAM_KEY'); ?></p>
27	</div>
28	<?php } ?>
29	</div>


1	<?php if (defined('AAM_KEY')) { ?>
2	+ <?php $features = AAM_Backend_Feature::retrieveList($type); ?>
3	<div class="row">
4	<?php if (count($features)) { ?>
5	<div class="col-xs-12 col-md-4">

23	</div>
24	<?php } else { ?>
25	<div class="col-xs-12">
26	+ <p class="aam-notification text-larger text-center"><?php echo __('You are not allowed to manage any of the existing features.', 'AAM_KEY'); ?></p>
27	</div>
28	<?php } ?>
29	</div>

Application/Backend/phtml/main/capability.phtml CHANGED Viewed

	@@ -5,7 +5,7 @@
5	<div class="row">
6	<div class="col-xs-12">
7	<p class="aam-notification">
8	- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('[Be careful!] Manage capabilities for [%s]. For more information about the concept of capabilities check %sWhat is a WordPress capability%s article.', 'b', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/~~help~~/what-is-a-wordpress-capability" target="_blank">', '</a>'); ?>
9	</p>
10	</div>
11	</div>


5	<div class="row">
6	<div class="col-xs-12">
7	<p class="aam-notification">
8	+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('[Be careful!] Manage capabilities for [%s]. For more information about the concept of capabilities check %sWhat is a WordPress capability%s article.', 'b', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/what-is-a-wordpress-capability" target="_blank">', '</a>'); ?>
9	</p>
10	</div>
11	</div>

Application/Backend/phtml/main/get-started.phtml CHANGED Viewed

	@@ -5,7 +5,7 @@
5	<div class="panel panel-default">
6	<div class="panel-body">
7	<p class="text-larger"><?php echo __('Appreciate your interest in Advanced Access Manager (aka AAM). With strong knowledge and experience in WordPress, AAM becomes a very powerful tool to manage access to your frontend, backend and RESTful/XML-PRC APIs.', AAM_KEY); ?></p>
8	- <p class="text-larger"><span class="aam-highlight"><?php echo __('Please Note!', AAM_KEY); ?></span> <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Power comes with responsibility. Make sure you have good understanding of %sWordPress Roles & Capabilities%s because AAM is very closely integrated with WordPress core. It is also recommended to have a backup of your database before you start working with AAM. There is no need to backup your files; AAM does not modify any physical files on your server and never did.'), '<a href="https://aamplugin.com/~~help~~/wordpress-roles-and-capabilities" target="_blank">', '</a>'); ?></p>
9	<p class="text-larger"><?php echo sprintf(__('AAM was thoroughly tested on the fresh installation of WordPress and in the latest versions of Chrome, Safari, IE and Firefox. If you have any issues, the most typical case is a conflict with other plugins or themes. In this case please do not hesitate to contact us directly on our website %saamplugin.com%s', AAM_KEY), '<a href="https://aamplugin.com" target="_blank">', '</a>'); ?></p>
10	<p class="text-larger"><?php echo sprintf(__('If you are not sure where to start, please check our %s"Get Started"%s page to learn more about core concepts that will definitely help you to manage access to your WordPress website more effectively.', AAM_KEY), '<a href="https://aamplugin.com/get-started" target="_blank">', '</a>'); ?></p>
11	<p class="text-center">


5	<div class="panel panel-default">
6	<div class="panel-body">
7	<p class="text-larger"><?php echo __('Appreciate your interest in Advanced Access Manager (aka AAM). With strong knowledge and experience in WordPress, AAM becomes a very powerful tool to manage access to your frontend, backend and RESTful/XML-PRC APIs.', AAM_KEY); ?></p>
8	+ <p class="text-larger"><span class="aam-highlight"><?php echo __('Please Note!', AAM_KEY); ?></span> <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Power comes with responsibility. Make sure you have good understanding of %sWordPress Roles & Capabilities%s because AAM is very closely integrated with WordPress core. It is also recommended to have a backup of your database before you start working with AAM. There is no need to backup your files; AAM does not modify any physical files on your server and never did.'), '<a href="https://aamplugin.com/article/wordpress-roles-and-capabilities" target="_blank">', '</a>'); ?></p>
9	<p class="text-larger"><?php echo sprintf(__('AAM was thoroughly tested on the fresh installation of WordPress and in the latest versions of Chrome, Safari, IE and Firefox. If you have any issues, the most typical case is a conflict with other plugins or themes. In this case please do not hesitate to contact us directly on our website %saamplugin.com%s', AAM_KEY), '<a href="https://aamplugin.com" target="_blank">', '</a>'); ?></p>
10	<p class="text-larger"><?php echo sprintf(__('If you are not sure where to start, please check our %s"Get Started"%s page to learn more about core concepts that will definitely help you to manage access to your WordPress website more effectively.', AAM_KEY), '<a href="https://aamplugin.com/get-started" target="_blank">', '</a>'); ?></p>
11	<p class="text-center">

Application/Backend/phtml/main/login-redirect.phtml CHANGED Viewed

	@@ -8,7 +8,7 @@
8	</p>
9	<?php } else { ?>
10	<p class="aam-info">
11	- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Customize login redirect for [%s] when the authentication is completed successfully. [Please note!] Login redirect works with default WordPress login form or %sAAM Secure Login widget%s. It may [not] work with any other login solutions.', 'strong', 'strong', 'strong'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/~~help~~/how-does-aam-secure-login-works" target="_blank">', '</a>'); ?>
12	</p>
13	<?php } ?>
14	<div class="aam-overwrite" id="aam-login-redirect-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">


8	</p>
9	<?php } else { ?>
10	<p class="aam-info">
11	+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Customize login redirect for [%s] when the authentication is completed successfully. [Please note!] Login redirect works with default WordPress login form or %sAAM Secure Login widget%s. It may [not] work with any other login solutions.', 'strong', 'strong', 'strong'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/how-does-aam-secure-login-works" target="_blank">', '</a>'); ?>
12	</p>
13	<?php } ?>
14	<div class="aam-overwrite" id="aam-login-redirect-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">

Application/Backend/phtml/main/menu.phtml CHANGED Viewed

	@@ -3,7 +3,7 @@
3	<div class="row">
4	<div class="col-xs-12">
5	<p class="aam-info">
6	- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Protect your backend area. The list of menus and submenus is based on capabilities [%s] has. For more information please check %sHow to manage WordPress backend menu%s.', 'b', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/~~help~~/how-to-manage-wordpress-backend-menu" target="_blank">', '</a>'); ?>
7	</p>
8	</div>
9	</div>
	@@ -90,6 +90,8 @@
90	<?php } ?>
91	</div>
92	</div>


93	<?php } ?>
94	</div>
95	</div>
	@@ -116,7 +118,7 @@
116	<div class="modal-body">
117	<p class="text-center alert alert-warning text-larger">
118	<strong><?php echo __('You cannot restrict access to Dashboard home page.', AAM_KEY); ?></strong><br/>
119	- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('The [Home] is the default page every user is redirected after login. To restrict access to the entire backend, please check %sHow to lockdown WordPress backend%s article.', 'b'), '<a href="https://aamplugin.com/~~help~~/how-to-lockdown-wordpress-backend" target="_blank">', '</a>'); ?>
120	</p>
121	</div>
122	<div class="modal-footer">


3	<div class="row">
4	<div class="col-xs-12">
5	<p class="aam-info">
6	+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Protect your backend area. The list of menus and submenus is based on capabilities [%s] has. For more information please check %sHow to manage WordPress backend menu%s.', 'b', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/how-to-manage-wordpress-backend-menu" target="_blank">', '</a>'); ?>
7	</p>
8	</div>
9	</div>

90	<?php } ?>
91	</div>
92	</div>
93	+ <?php } else { ?>
94	+ <p class="aam-info"><?php echo __('Dashboard menu cannot be restricted because it is the default page users are redirected after login. You can restrict only Dashboard submenus if any.', AAM_KEY); ?></p>
95	<?php } ?>
96	</div>
97	</div>

118	<div class="modal-body">
119	<p class="text-center alert alert-warning text-larger">
120	<strong><?php echo __('You cannot restrict access to Dashboard home page.', AAM_KEY); ?></strong><br/>
121	+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('The [Home] is the default page every user is redirected after login. To restrict access to the entire backend, please check %sHow to lockdown WordPress backend%s article.', 'b'), '<a href="https://aamplugin.com/article/how-to-lockdown-wordpress-backend" target="_blank">', '</a>'); ?>
122	</p>
123	</div>
124	<div class="modal-footer">

Application/Backend/phtml/main/metabox.phtml CHANGED Viewed

	@@ -3,7 +3,7 @@
3	<div class="row">
4	<div class="col-xs-12">
5	<p class="aam-info">
6	- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Hide unnecessary or restricted metaboxes and widgets for [%s]. For more information please check %sHow to hide WordPress metaboxes and widgets%s.', 'b', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/~~help~~/how-to-hide-wordpress-metaboxes-and-widgets" target="_blank">', '</a>'); ?>
7	</p>
8	</div>
9	</div>


3	<div class="row">
4	<div class="col-xs-12">
5	<p class="aam-info">
6	+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Hide unnecessary or restricted metaboxes and widgets for [%s]. For more information please check %sHow to hide WordPress metaboxes and widgets%s.', 'b', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/how-to-hide-wordpress-metaboxes-and-widgets" target="_blank">', '</a>'); ?>
7	</p>
8	</div>
9	</div>

Application/Backend/phtml/main/policy.phtml CHANGED Viewed

	@@ -4,7 +4,7 @@
4	<div class="row">
5	<div class="col-xs-12">
6	<p class="aam-info">
7	- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Manage access and security policies for [%s]. For more information check %sAccess & Security Policy%s page.', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/~~access-and-security-~~policy" target="_blank">', '</a>'); ?>
8	</p>
9	</div>
10	</div>


4	<div class="row">
5	<div class="col-xs-12">
6	<p class="aam-info">
7	+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Manage access and security policies for [%s]. For more information check %sAccess & Security Policy%s page.', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/reference/policy" target="_blank">', '</a>'); ?>
8	</p>
9	</div>
10	</div>

Application/Backend/phtml/main/post.phtml CHANGED Viewed

	@@ -4,7 +4,7 @@
4	<div class="row">
5	<div class="col-xs-12">
6	<p class="aam-notification">
7	- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('You are allowed to manage access to unlimited number of posts, pages or custom post types but only for any role, user or visitor. Consider to purchase %s[AAM Plus Package]%s extension to have the ability to also manage access to categories and custom taxonomies or to define the default access to all posts, pages or custom post types. For more information about this functionality check %sHow to manage access to the WordPress content%s.', 'b'), '<a href="https://aamplugin.com/~~help~~/~~aam-~~plus-package~~-extension~~" target="_blank">', '</a>', '<a href="https://aamplugin.com/~~help~~/manage-access-to-the-wordpress-posts-and-terms" target="_blank">', '</a>'); ?>
8	</p>
9	</div>
10	</div>
	@@ -12,7 +12,7 @@
12	<div class="row">
13	<div class="col-xs-12">
14	<p class="aam-info">
15	- <?php echo sprintf(__('Manage access to posts, pages, custom post types, categories or custom hierarchical taxonomies. For more information about this functionality check %sManage access to the WordPress Posts and Terms%s article.'), '<a href="https://aamplugin.com/~~help~~/manage-access-to-the-wordpress-posts-and-terms" target="_blank">', '</a>'); ?>
16	</p>
17	</div>
18	</div>


4	<div class="row">
5	<div class="col-xs-12">
6	<p class="aam-notification">
7	+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('You are allowed to manage access to unlimited number of posts, pages or custom post types but only for any role, user or visitor. Consider to purchase %s[AAM Plus Package]%s extension to have the ability to also manage access to categories and custom taxonomies or to define the default access to all posts, pages or custom post types. For more information about this functionality check %sHow to manage access to the WordPress content%s.', 'b'), '<a href="https://aamplugin.com/extension/plus-package" target="_blank">', '</a>', '<a href="https://aamplugin.com/article/manage-access-to-the-wordpress-posts-and-terms" target="_blank">', '</a>'); ?>
8	</p>
9	</div>
10	</div>

12	<div class="row">
13	<div class="col-xs-12">
14	<p class="aam-info">
15	+ <?php echo sprintf(__('Manage access to posts, pages, custom post types, categories or custom hierarchical taxonomies. For more information about this functionality check %sManage access to the WordPress Posts and Terms%s article.'), '<a href="https://aamplugin.com/article/manage-access-to-the-wordpress-posts-and-terms" target="_blank">', '</a>'); ?>
16	</p>
17	</div>
18	</div>

Application/Backend/phtml/main/redirect.phtml CHANGED Viewed

	@@ -8,7 +8,7 @@
8	</p>
9	<?php } else { ?>
10	<p class="aam-info">
11	- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Customize redirect for %s when access is denied to restricted resources like posts, categories, menus, etc. For more information about this feature, please check %sHow to redirect WordPress user when access is denied%s.'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/~~help~~/how-to-redirect-wordpress-user-when-access-is-denied" target="_blank">', '</a>'); ?>
12	</p>
13	<?php } ?>
14	<div class="aam-overwrite" id="aam-redirect-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">


8	</p>
9	<?php } else { ?>
10	<p class="aam-info">
11	+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Customize redirect for %s when access is denied to restricted resources like posts, categories, menus, etc. For more information about this feature, please check %sHow to redirect WordPress user when access is denied%s.'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/how-to-redirect-wordpress-user-when-access-is-denied" target="_blank">', '</a>'); ?>
12	</p>
13	<?php } ?>
14	<div class="aam-overwrite" id="aam-redirect-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">

Application/Backend/phtml/main/route.phtml CHANGED Viewed

	@@ -5,7 +5,7 @@
5	<div class="row">
6	<div class="col-xs-12">
7	<p class="aam-info">
8	- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Manage access to the website API routes for [%s]. For full RESTful API experience, you might want to use %sJWT authentication%s that is already available in AAM.', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/~~help~~/how-to-authenticate-wordpress-user-with-jwt-token" target="_blank">', '</a>'); ?>
9	</p>
10	</div>
11	</div>


5	<div class="row">
6	<div class="col-xs-12">
7	<p class="aam-info">
8	+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Manage access to the website API routes for [%s]. For full RESTful API experience, you might want to use %sJWT authentication%s that is already available in AAM.', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/how-to-authenticate-wordpress-user-with-jwt-token" target="_blank">', '</a>'); ?>
9	</p>
10	</div>
11	</div>

Application/Backend/phtml/main/uri.phtml CHANGED Viewed

	@@ -5,7 +5,7 @@
5	<div class="row">
6	<div class="col-xs-12">
7	<p class="aam-info">
8	- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Manage access to the website URL(s) for the [%s]. However, note! All entered URLs have to belong to this particular website and processed by the WordPress core. For more information check %sHow to restrict access to any WordPress website URL%s.', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/~~help~~/how-to-restrict-access-to-any-wordpress-website-url" target="_blank">', '</a>'); ?>
9	</p>
10	</div>
11	</div>


5	<div class="row">
6	<div class="col-xs-12">
7	<p class="aam-info">
8	+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Manage access to the website URL(s) for the [%s]. However, note! All entered URLs have to belong to this particular website and processed by the WordPress core. For more information check %sHow to restrict access to any WordPress website URL%s.', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/how-to-restrict-access-to-any-wordpress-website-url" target="_blank">', '</a>'); ?>
9	</p>
10	</div>
11	</div>

Application/Backend/phtml/metabox/metabox-content.phtml CHANGED Viewed

	@@ -81,11 +81,12 @@
81	<?php
82	$visitor = new AAM_Core_Subject_Visitor();
83	$hasPolicy = $visitor->getObject('policy')->has($object->id);

84	?>
85	<?php if ($hasPolicy) { ?>
86	- <button class="btn btn-primary btn-block" id="attach-policy-visitor" data-has="1"~~><?~~php echo __('Detach Policy From Visitors', AAM_KEY); ?></button>
87	<?php } else { ?>
88	- <button class="btn btn-primary btn-block" id="attach-policy-visitor" data-has="0"~~><?~~php echo __('Attach Policy To Visitors', AAM_KEY); ?></button>
89	<?php } ?>
90	<?php } ?>
91	</div>
	@@ -106,11 +107,12 @@
106	<?php
107	$default = new AAM_Core_Subject_Default();
108	$hasPolicy = $default->getObject('policy')->has($object->id);

109	?>
110	<?php if ($hasPolicy) { ?>
111	- <button class="btn btn-danger btn-block" id="attach-policy-default" data-has="1"~~><?~~php echo __('Detach Policy From Everybody', AAM_KEY); ?></button>
112	<?php } else { ?>
113	- <button class="btn btn-danger btn-block" id="attach-policy-default" data-has="0"~~><?~~php echo __('Attach Policy To Everybody', AAM_KEY); ?></button>
114	<?php } ?>
115	<?php } ?>
116	<?php } else { ?>


81	<?php
82	$visitor = new AAM_Core_Subject_Visitor();
83	$hasPolicy = $visitor->getObject('policy')->has($object->id);
84	+ $btnStatus = AAM_Core_Policy_Factory::get()->canTogglePolicy($object->id, ($hasPolicy ? 'detach' : 'attach'));
85	?>
86	<?php if ($hasPolicy) { ?>
87	+ <button class="btn btn-primary btn-block" id="attach-policy-visitor" data-has="1"<?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Detach Policy From Visitors', AAM_KEY); ?></button>
88	<?php } else { ?>
89	+ <button class="btn btn-primary btn-block" id="attach-policy-visitor" data-has="0"<?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Attach Policy To Visitors', AAM_KEY); ?></button>
90	<?php } ?>
91	<?php } ?>
92	</div>

107	<?php
108	$default = new AAM_Core_Subject_Default();
109	$hasPolicy = $default->getObject('policy')->has($object->id);
110	+ $btnStatus = AAM_Core_Policy_Factory::get()->canTogglePolicy($object->id, ($hasPolicy ? 'detach' : 'attach'));
111	?>
112	<?php if ($hasPolicy) { ?>
113	+ <button class="btn btn-danger btn-block" id="attach-policy-default" data-has="1"<?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Detach Policy From Everybody', AAM_KEY); ?></button>
114	<?php } else { ?>
115	+ <button class="btn btn-danger btn-block" id="attach-policy-default" data-has="0"<?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Attach Policy To Everybody', AAM_KEY); ?></button>
116	<?php } ?>
117	<?php } ?>
118	<?php } else { ?>

Application/Backend/phtml/metabox/policy-metabox.phtml CHANGED Viewed

	@@ -369,12 +369,12 @@
369	</style>
370
371	<?php
372	- if (!empty($post->post_content)) {
373	// Validate the policy
374	- $validator = new AAM_Core_Policy_Validator(htmlspecialchars_decode($post->post_content));
375	$errors = $validator->validate();
376	} else {
377	- $post->post_content = AAM_Backend_View_Helper::getDefaultPolicy();
378	$errors = array();
379	}
380	?>
	@@ -383,10 +383,10 @@
383	<?php echo implode('<br/>', $errors); ?>
384	</div>
385
386	- <textarea id="aam-policy-editor" name="aam-policy" class="policy-editor" rows="10"><?php echo $post->post_content; ?></textarea>
387
388	<p class="aam-infobox">
389	- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('To learn more about Access & Security policy document, please check [%sAccess & Security Policy%s] page.', 'b'), '<a href="https://aamplugin.com/~~access-and-security-~~policy" target="_blank">', '</a>'); ?>
390	</p>
391
392	<script type='text/javascript' src="<?php echo AAM_MEDIA . '/js/vendor.js'; ?>"></script>


369	</style>
370
371	<?php
372	+ if (!empty($args->post->post_content)) {
373	// Validate the policy
374	+ $validator = new AAM_Core_Policy_Validator(htmlspecialchars_decode($args->post->post_content));
375	$errors = $validator->validate();
376	} else {
377	+ $args->post->post_content = AAM_Backend_View_Helper::getDefaultPolicy();
378	$errors = array();
379	}
380	?>

383	<?php echo implode('<br/>', $errors); ?>
384	</div>
385
386	+ <textarea id="aam-policy-editor" name="aam-policy" class="policy-editor" rows="10"><?php echo $args->post->post_content; ?></textarea>
387
388	<p class="aam-infobox">
389	+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('To learn more about Access & Security policy document, please check [%sAccess & Security Policy%s] page.', 'b'), '<a href="https://aamplugin.com/reference/policy" target="_blank">', '</a>'); ?>
390	</p>
391
392	<script type='text/javascript' src="<?php echo AAM_MEDIA . '/js/vendor.js'; ?>"></script>

Application/Backend/phtml/metabox/policy-principal-metabox.phtml CHANGED Viewed

	@@ -1,3 +1,3 @@
1	<?php if (defined('AAM_KEY')) { ?>
2	- <iframe src="<?php echo admin_url('admin.php?page=aam&aamframe=principal&oid=' . $post->ID . '&otype=post'); ?>" width="100%" height="450" style="border: 0; margin-top:0;" id="policy-principal"></iframe>
3	<?php }


1	<?php if (defined('AAM_KEY')) { ?>
2	+ <iframe src="<?php echo admin_url('admin.php?page=aam&aamframe=principal&oid=' . $args->post->ID . '&otype=post'); ?>" width="100%" height="450" style="border: 0; margin-top:0;" id="policy-principal"></iframe>
3	<?php }

Application/Backend/phtml/metabox/post-metabox.phtml CHANGED Viewed

	@@ -1,3 +1,3 @@
1	<?php if (defined('AAM_KEY')) { ?>
2	- <iframe src="<?php echo admin_url('admin.php?page=aam&aamframe=post&oid=' . $post->ID . '&otype=post'); ?>" width="100%" height="450" style="border-bottom: 1px solid #e5e5e5; margin-top:10px;"></iframe>
3	<?php }


1	<?php if (defined('AAM_KEY')) { ?>
2	+ <iframe src="<?php echo admin_url('admin.php?page=aam&aamframe=post&oid=' . $args->post->ID . '&otype=post'); ?>" width="100%" height="450" style="border-bottom: 1px solid #e5e5e5; margin-top:10px;"></iframe>
3	<?php }

Application/Backend/phtml/metabox/term-metabox.phtml CHANGED Viewed

	@@ -4,7 +4,7 @@
4	<td>
5	<?php if (defined('AAM_PLUS_PACKAGE')) { ?>
6	<div style="padding: 0px 10px; box-sizing: border-box; background-color: #FFFFFF; width: 95%;">
7	- <iframe src="<?php echo admin_url('admin.php?page=aam&aamframe=post&oid=' . $term->term_id . '\|' . $term->taxonomy . '&otype=term'); ?>" width="100%" height="450" style="border-bottom: 1px solid #e5e5e5; margin-top:10px;"></iframe>
8	</div>
9	<?php } else { ?>
10	<div style="border-left: 4px solid #ffb900; background-color: #FFF1CC; padding: 10px; font-size: 1em; margin: 10px 0px;">


4	<td>
5	<?php if (defined('AAM_PLUS_PACKAGE')) { ?>
6	<div style="padding: 0px 10px; box-sizing: border-box; background-color: #FFFFFF; width: 95%;">
7	+ <iframe src="<?php echo admin_url('admin.php?page=aam&aamframe=post&oid=' . $args->term->term_id . '\|' . $args->term->taxonomy . '&otype=term'); ?>" width="100%" height="450" style="border-bottom: 1px solid #e5e5e5; margin-top:10px;"></iframe>
8	</div>
9	<?php } else { ?>
10	<div style="border-left: 4px solid #ffb900; background-color: #FFF1CC; padding: 10px; font-size: 1em; margin: 10px 0px;">

Application/Backend/phtml/settings/configpress.phtml CHANGED Viewed

	@@ -3,7 +3,7 @@
3	<div class="row">
4	<div class="col-xs-12">
5	<p class="aam-info">
6	- Fore more information about AAM configurations check <a href="https://aamplugin.com/~~help~~/aam-configurations">this article</a>
7	</p>
8	</div>
9	</div>


3	<div class="row">
4	<div class="col-xs-12">
5	<p class="aam-info">
6	+ Fore more information about AAM configurations check <a href="https://aamplugin.com/article/aam-configurations">this article</a>
7	</p>
8	</div>
9	</div>

Application/Backend/phtml/user/multiple-roles.phtml ADDED Viewed

	@@ -0,0 +1,30 @@


1	+ <?php if (defined('AAM_KEY')) { ?>
2	+ <table class="form-table">
3	+ <tr>
4	+ <th><?php echo esc_html('User Roles', AAM_KEY); ?></th>
5	+ <td>
6	+ <div class="wp-tab-panel">
7	+ <ul>
8	+ <?php foreach (get_editable_roles() as $id => $role) { ?>
9	+ <li>
10	+ <label>
11	+ <input type="checkbox" name="aam_user_roles[]" value="<?php echo esc_attr($id); ?>" <?php checked(in_array($id, $user->roles)); ?> />
12	+ <?php echo esc_html(translate_user_role($role['name'])); ?>
13	+ </label>
14	+ </li>
15	+ <?php } ?>
16	+ </ul>
17	+ </div>
18	+ </td>
19	+ </tr>
20	+ </table>
21	+
22	+ <!-- Remove standard WordPress roles selector-->
23	+ <script>
24	+ (function($) {
25	+ $(document).ready(function(){
26	+ $('.user-role-wrap').remove();
27	+ });
28	+ })(jQuery);
29	+ </script>
30	+ <?php } ?>

Application/Backend/phtml/widget/login-backend.phtml CHANGED Viewed

	@@ -10,6 +10,6 @@
10	</p>
11
12	<p style="background-color: #fafafa; border-left: 3px solid #337ab7; font-size: 1em; line-height: 1.35em; margin-bottom: 1em; padding: 10px; font-size: 0.8em;">
13	- <?php echo sprintf(__('For more advanced setup like login/logout redirects, security enhancement or custom styling, please refer to %sHow does AAM Secure Login works%s article.', AAM_KEY), '<a href="https://aamplugin.com/~~help~~/how-does-aam-secure-login-works" target="_blank">', '</a>'); ?>
14	</p>
15	<?php }


10	</p>
11
12	<p style="background-color: #fafafa; border-left: 3px solid #337ab7; font-size: 1em; line-height: 1.35em; margin-bottom: 1em; padding: 10px; font-size: 0.8em;">
13	+ <?php echo sprintf(__('For more advanced setup like login/logout redirects, security enhancement or custom styling, please refer to %sHow does AAM Secure Login works%s article.', AAM_KEY), '<a href="https://aamplugin.com/article/how-does-aam-secure-login-works" target="_blank">', '</a>'); ?>
14	</p>
15	<?php }

Application/Backend/phtml/widget/login-frontend.phtml CHANGED Viewed

	@@ -61,7 +61,7 @@
61	<?php echo get_avatar(AAM::getUser()->ID, "50"); ?>
62	</div>
63	<div style="display:table-cell;">
64	- <?php $allowAdmin = !AAM_Core_API::capabilityExists('access_dashboard') \|\| ~~AAM::getUser~~(~~)->hasCapability(~~'access_dashboard'); ?>
65	<?php if ($allowAdmin) { ?>
66	<a href="<?php echo esc_url(get_admin_url()); ?>"><?php echo __('Dashboard', AAM_KEY); ?></a><br/>
67	<a href="<?php echo esc_url(get_admin_url(null, 'profile.php')); ?>"><?php echo __('Edit My Profile', AAM_KEY); ?></a><br/>


61	<?php echo get_avatar(AAM::getUser()->ID, "50"); ?>
62	</div>
63	<div style="display:table-cell;">
64	+ <?php $allowAdmin = !AAM_Core_API::capabilityExists('access_dashboard') \|\| current_user_can('access_dashboard'); ?>
65	<?php if ($allowAdmin) { ?>
66	<a href="<?php echo esc_url(get_admin_url()); ?>"><?php echo __('Dashboard', AAM_KEY); ?></a><br/>
67	<a href="<?php echo esc_url(get_admin_url(null, 'profile.php')); ?>"><?php echo __('Edit My Profile', AAM_KEY); ?></a><br/>

Application/Core/API.php CHANGED Viewed

	@@ -197,7 +197,7 @@ final class AAM_Core_API {
197
198	if (is_array($caps)) { //WP Error Fix bug report
199	foreach($caps as $cap => $granted) {
200	- if ($granted && preg_match('/^level_([0-9]+)$/', $cap, $match)) {
201	$max = ($max < $match[1] ? $match[1] : $max);
202	}
203	}
	@@ -428,7 +428,9 @@ final class AAM_Core_API {
428
429	$res = $post;
430
431	- if (~~!empty~~(~~$wp_query->queried_object~~)) {


432	$res = $wp_query->queried_object;
433	} elseif (!empty($wp_query->post)) {
434	$res = $wp_query->post;


197
198	if (is_array($caps)) { //WP Error Fix bug report
199	foreach($caps as $cap => $granted) {
200	+ if (!empty($granted) && preg_match('/^level_([0-9]+)$/', $cap, $match)) {
201	$max = ($max < $match[1] ? $match[1] : $max);
202	}
203	}

428
429	$res = $post;
430
431	+ if (get_the_ID()) {
432	+ $res = get_post(get_the_ID());
433	+ } elseif (!empty($wp_query->queried_object)) {
434	$res = $wp_query->queried_object;
435	} elseif (!empty($wp_query->post)) {
436	$res = $wp_query->post;

Application/Core/ConfigPress/Evaluator.php CHANGED Viewed

	@@ -188,7 +188,7 @@ class AAM_Core_ConfigPress_Evaluator {
188	* @access protected
189	*/
190	protected function computeQueue($queue) {
191	- $value = $queue[0]; //~~defaule~~ value
192
193	foreach ($this->_operators as $operators) {
194	$i = 0;


188	* @access protected
189	*/
190	protected function computeQueue($queue) {
191	+ $value = $queue[0]; //default value
192
193	foreach ($this->_operators as $operators) {
194	$i = 0;

Application/Core/Gateway.php CHANGED Viewed

	@@ -30,7 +30,7 @@ final class AAM_Core_Gateway {
30	protected function __construct() {}
31
32	/**
33	- * Prevent from ~~fatals~~
34	*
35	* @param string $name
36	* @param array $arguments


30	protected function __construct() {}
31
32	/**
33	+ * Prevent from fatal errors
34	*
35	* @param string $name
36	* @param array $arguments

Application/Core/Object/Menu.php CHANGED Viewed

	@@ -26,7 +26,7 @@ class AAM_Core_Object_Menu extends AAM_Core_Object {
26	*/
27	public function __construct(AAM_Core_Subject $subject) {
28	parent::__construct($subject);
29	-
30	$option = $this->getSubject()->readOption('menu');
31
32	if (!empty($option)) {


26	*/
27	public function __construct(AAM_Core_Subject $subject) {
28	parent::__construct($subject);
29	+
30	$option = $this->getSubject()->readOption('menu');
31
32	if (!empty($option)) {

Application/Core/Object/Policy.php CHANGED Viewed

	@@ -70,15 +70,20 @@ class AAM_Core_Object_Policy extends AAM_Core_Object {
70	public function save($id, $effect) {
71	$option = $this->getOption();
72	$option[$id] = intval($effect);
73	-
74	$this->setOption($option);
75	-
76	return $this->getSubject()->updateOption($this->getOption(), 'policy');
77	}
78
79	/**

80	*
81	- * @param ~~type~~ $id




82	*/
83	public function has($id) {
84	$option = $this->getOption();


70	public function save($id, $effect) {
71	$option = $this->getOption();
72	$option[$id] = intval($effect);
73	+
74	$this->setOption($option);
75	+
76	return $this->getSubject()->updateOption($this->getOption(), 'policy');
77	}
78
79	/**
80	+ * Check if policy attached
81	*
82	+ * @param int $id
83	+ *
84	+ * @return boolean
85	+ *
86	+ * @access public
87	*/
88	public function has($id) {
89	$option = $this->getOption();

Application/Core/Object/Post.php CHANGED Viewed

	@@ -124,7 +124,7 @@ class AAM_Core_Object_Post extends AAM_Core_Object {
124	}
125
126	// Do not perform finalization if this is user level subject unless it
127	- // is ~~overriten~~. This is critical to avoid overloading database with too
128	// much cache
129	if ($this->allowCache($subject) \|\| $this->isOverwritten()) {
130	$this->finalizeOption($post, $subject, $option);


124	}
125
126	// Do not perform finalization if this is user level subject unless it
127	+ // is overwritten. This is critical to avoid overloading database with too
128	// much cache
129	if ($this->allowCache($subject) \|\| $this->isOverwritten()) {
130	$this->finalizeOption($post, $subject, $option);

Application/Core/Policy/Condition.php CHANGED Viewed

	@@ -98,12 +98,12 @@ final class AAM_Core_Policy_Condition {
98	protected function evaluateBetweenConditions($conditions, $args) {
99	$result = false;
100
101	- foreach($this->prepareConditions($conditions, $args) as $~~left => $right~~) {
102	- foreach((array)$right as $subset) {
103	$min = (is_array($subset) ? array_shift($subset) : $subset);
104	$max = (is_array($subset) ? end($subset) : $subset);
105
106	- $result = $result \|\| ($left >= $min && $left <= $max);
107	}
108	}
109
	@@ -125,8 +125,8 @@ final class AAM_Core_Policy_Condition {
125	protected function evaluateEqualsConditions($conditions, $args) {
126	$result = false;
127
128	- foreach($this->prepareConditions($conditions, $args) as $~~left => $right~~) {
129	- $result = $result \|\| ($left === $right);
130	}
131
132	return $result;
	@@ -159,8 +159,8 @@ final class AAM_Core_Policy_Condition {
159	protected function evaluateGreaterConditions($conditions, $args) {
160	$result = false;
161
162	- foreach($this->prepareConditions($conditions, $args) as $~~left => $right~~) {
163	- $result = $result \|\| ($left > $right);
164	}
165
166	return $result;
	@@ -179,8 +179,8 @@ final class AAM_Core_Policy_Condition {
179	protected function evaluateLessConditions($conditions, $args) {
180	$result = false;
181
182	- foreach($this->prepareConditions($conditions, $args) as $~~left => $right~~) {
183	- $result = $result \|\| ($left < $right);
184	}
185
186	return $result;
	@@ -199,8 +199,8 @@ final class AAM_Core_Policy_Condition {
199	protected function evaluateGreaterOrEqualsConditions($conditions, $args) {
200	$result = false;
201
202	- foreach($this->prepareConditions($conditions, $args) as $~~left => $right~~) {
203	- $result = $result \|\| ($left >= $right);
204	}
205
206	return $result;
	@@ -219,8 +219,8 @@ final class AAM_Core_Policy_Condition {
219	protected function evaluateLessOrEqualsConditions($conditions, $args) {
220	$result = false;
221
222	- foreach($this->prepareConditions($conditions, $args) as $~~left => $right~~) {
223	- $result = $result \|\| ($left <= $right);
224	}
225
226	return $result;
	@@ -238,9 +238,9 @@ final class AAM_Core_Policy_Condition {
238	*/
239	protected function evaluateInConditions($conditions, $args) {
240	$result = false;
241	-
242	- foreach($this->prepareConditions($conditions, $args) as $~~left => $right~~) {
243	- $result = $result \|\| in_array($left, (array) $right, true);
244	}
245
246	return $result;
	@@ -273,10 +273,10 @@ final class AAM_Core_Policy_Condition {
273	protected function evaluateLikeConditions($conditions, $args) {
274	$result = false;
275
276	- foreach($this->prepareConditions($conditions, $args) as $~~left => $right~~) {
277	- foreach((array)$right as $el) {
278	$sub = str_replace('\', '.', preg_quote($el));
279	- $result = $result \|\| preg_match('@^' . $sub . '$@', $left);
280	}
281	}
282
	@@ -310,8 +310,8 @@ final class AAM_Core_Policy_Condition {
310	protected function evaluateRegexConditions($conditions, $args) {
311	$result = false;
312
313	- foreach($this->prepareConditions($conditions, $args) as $~~left => $right~~) {
314	- $result = $result \|\| preg_match($right, $left);
315	}
316
317	return $result;
	@@ -332,12 +332,10 @@ final class AAM_Core_Policy_Condition {
332
333	if (is_array($conditions)) {
334	foreach($conditions as $left => $right) {
335	- $~~left~~ = ~~$this->parseExpression~~(~~$left, $args);~~
336	- ~~$right~~ = $this->parseExpression($~~right~~, $args);
337	-
338	- ~~if ($left !== false~~) ~~{ // Do not include any failed conditions~~
339	- $result[$left] = $right;
340	- }
341	}
342	}
343
	@@ -360,10 +358,8 @@ final class AAM_Core_Policy_Condition {
360	$exp = AAM_Core_Policy_Token::evaluate($exp, $match[1], $args);
361	}
362	// If there is type scaling, perform it too
363	- if (preg_match('/^$\(string\|ip\|int\|boolean\|bool)$(.)/i', $exp, $scale)) {
364	- $exp = ~~str_replace~~(
365	- "(*{$scale[1]}", '', $this->scaleValue($scale[2], $scale[1])
366	- );
367	}
368	} elseif (is_array($exp) \|\| is_object($exp)) {
369	foreach($exp as &$value) {
	@@ -404,6 +400,10 @@ final class AAM_Core_Policy_Condition {
404	case 'bool':
405	$value = (bool)$value;
406	break;




407	}
408
409	return $value;


98	protected function evaluateBetweenConditions($conditions, $args) {
99	$result = false;
100
101	+ foreach($this->prepareConditions($conditions, $args) as $condition) {
102	+ foreach((array)$condition['right'] as $subset) {
103	$min = (is_array($subset) ? array_shift($subset) : $subset);
104	$max = (is_array($subset) ? end($subset) : $subset);
105
106	+ $result = $result \|\| ($condition['left'] >= $min && $condition['left'] <= $max);
107	}
108	}
109

125	protected function evaluateEqualsConditions($conditions, $args) {
126	$result = false;
127
128	+ foreach($this->prepareConditions($conditions, $args) as $condition) {
129	+ $result = $result \|\| ($condition['left'] === $condition['right']);
130	}
131
132	return $result;

159	protected function evaluateGreaterConditions($conditions, $args) {
160	$result = false;
161
162	+ foreach($this->prepareConditions($conditions, $args) as $condition) {
163	+ $result = $result \|\| ($condition['left'] > $condition['right']);
164	}
165
166	return $result;

179	protected function evaluateLessConditions($conditions, $args) {
180	$result = false;
181
182	+ foreach($this->prepareConditions($conditions, $args) as $condition) {
183	+ $result = $result \|\| ($condition['left'] < $condition['right']);
184	}
185
186	return $result;

199	protected function evaluateGreaterOrEqualsConditions($conditions, $args) {
200	$result = false;
201
202	+ foreach($this->prepareConditions($conditions, $args) as $condition) {
203	+ $result = $result \|\| ($condition['left'] >= $condition['right']);
204	}
205
206	return $result;

219	protected function evaluateLessOrEqualsConditions($conditions, $args) {
220	$result = false;
221
222	+ foreach($this->prepareConditions($conditions, $args) as $condition) {
223	+ $result = $result \|\| ($condition['left'] <= $condition['right']);
224	}
225
226	return $result;

238	*/
239	protected function evaluateInConditions($conditions, $args) {
240	$result = false;
241	+
242	+ foreach($this->prepareConditions($conditions, $args) as $condition) {
243	+ $result = $result \|\| in_array($condition['left'], (array)$condition['right'], true);
244	}
245
246	return $result;

273	protected function evaluateLikeConditions($conditions, $args) {
274	$result = false;
275
276	+ foreach($this->prepareConditions($conditions, $args) as $condition) {
277	+ foreach((array)$condition['right'] as $el) {
278	$sub = str_replace('\', '.', preg_quote($el));
279	+ $result = $result \|\| preg_match('@^' . $sub . '$@', $condition['left']);
280	}
281	}
282

310	protected function evaluateRegexConditions($conditions, $args) {
311	$result = false;
312
313	+ foreach($this->prepareConditions($conditions, $args) as $condition) {
314	+ $result = $result \|\| preg_match($condition['right'], $condition['left']);
315	}
316
317	return $result;

332
333	if (is_array($conditions)) {
334	foreach($conditions as $left => $right) {
335	+ $result[] = array(
336	+ 'left' => $this->parseExpression($left, $args),
337	+ 'right' => $this->parseExpression($right, $args)
338	+ );


339	}
340	}
341

358	$exp = AAM_Core_Policy_Token::evaluate($exp, $match[1], $args);
359	}
360	// If there is type scaling, perform it too
361	+ if (preg_match('/^$\(string\|ip\|int\|boolean\|bool\|array)$(.)/i', $exp, $scale)) {
362	+ $exp = $this->scaleValue($scale[2], $scale[1]);


363	}
364	} elseif (is_array($exp) \|\| is_object($exp)) {
365	foreach($exp as &$value) {

400	case 'bool':
401	$value = (bool)$value;
402	break;
403	+
404	+ case 'array':
405	+ $value = json_decode($value, true);
406	+ break;
407	}
408
409	return $value;

Application/Core/Policy/Manager.php CHANGED Viewed

	@@ -78,14 +78,15 @@ final class AAM_Core_Policy_Manager {
78	/**
79	* Find all the matching policies
80	*
81	- * @param string $s RegEx
82	- * @param array $args Inline arguments

83	*
84	* @return array
85	*
86	* @access public
87	*/
88	- public function find($s, $args = array()) {
89	$statements = array();
90	$tree = $this->preparePolicyTree();
91
	@@ -95,7 +96,7 @@ final class AAM_Core_Policy_Manager {
95	}
96	}
97
98	- return $statements;
99	}
100
101	/**
	@@ -152,6 +153,32 @@ final class AAM_Core_Policy_Manager {
152	return $value;
153	}
154


























155	/**
156	* Check if policy block is applicable
157	*


78	/**
79	* Find all the matching policies
80	*
81	+ * @param string $s RegEx
82	+ * @param array $args Inline arguments
83	+ * @param bool $single Single record only - the last record
84	*
85	* @return array
86	*
87	* @access public
88	*/
89	+ public function find($s, $args = array(), $single = false) {
90	$statements = array();
91	$tree = $this->preparePolicyTree();
92

96	}
97	}
98
99	+ return ($single ? end($statements) : $statements);
100	}
101
102	/**

153	return $value;
154	}
155
156	+ /**
157	+ * Check if current subject can toggle specific policy
158	+ *
159	+ * Verify that policy can be attached/detached
160	+ *
161	+ * @param int $id Policy ID
162	+ * @param string $action Either "attach" or "detach"
163	+ *
164	+ * @return bool
165	+ *
166	+ * @access public
167	+ * @since v5.9
168	+ */
169	+ public function canTogglePolicy($id, $action) {
170	+ $post = get_post($id);
171	+
172	+ // Verify that current user can perform following action
173	+ $stm = $this->find(
174	+ "/^post:{$post->post_type}:({$post->post_name}\|{$post->ID}):{$action}/i",
175	+ array('post' => $post),
176	+ true
177	+ );
178	+
179	+ return (empty($stm['Effect']) \|\| $stm['Effect'] === 'allow');
180	+ }
181	+
182	/**
183	* Check if policy block is applicable
184	*

Application/Core/Policy/Token.php CHANGED Viewed

	@@ -47,12 +47,14 @@ final class AAM_Core_Policy_Token {
47	*/
48	public static function evaluate($part, array $tokens, array $args = array()) {
49	foreach($tokens as $token) {





50	$part = str_replace(
51	$token,
52	- ~~self::getValue~~(
53	- preg_replace('/^\$\{([^}]+)\}$/', '${1}', $token),
54	- $args
55	- ),
56	$part
57	);
58	}
	@@ -105,6 +107,15 @@ final class AAM_Core_Policy_Token {
105	case 'authenticated':
106	$value = $user->isVisitor() ? false : true;
107	break;









108
109	default:
110	$value = $user->{$prop};


47	*/
48	public static function evaluate($part, array $tokens, array $args = array()) {
49	foreach($tokens as $token) {
50	+ $val = self::getValue(
51	+ preg_replace('/^\$\{([^}]+)\}$/', '${1}', $token),
52	+ $args
53	+ );
54	+
55	$part = str_replace(
56	$token,
57	+ (is_scalar($val) ? $val : json_encode($val)),



58	$part
59	);
60	}

107	case 'authenticated':
108	$value = $user->isVisitor() ? false : true;
109	break;
110	+
111	+ case 'capabilities':
112	+ $value = array();
113	+ foreach($user->allcaps as $cap => $effect) {
114	+ if (!empty($effect)) {
115	+ $value[] = $cap;
116	+ }
117	+ }
118	+ break;
119
120	default:
121	$value = $user->{$prop};

Application/Core/Policy/Validator.php CHANGED Viewed

	@@ -66,9 +66,9 @@ class AAM_Core_Policy_Validator {
66	*/
67	public function validate() {
68	$steps = array(
69	- 'isJSON', // #1. Check if policy is valid JSON
70	- 'isNotEmpty', // #2. Check if policy is not empty
71	- '~~isValidDepenency~~', // #3. Check if all dependencies are defined properly
72	);
73
74	foreach($steps as $step) {
	@@ -114,14 +114,14 @@ class AAM_Core_Policy_Validator {
114	return $result;
115	}
116
117	- public function ~~isValidDepenency~~() {
118	if (!empty($this->json['Dependency'])) {
119	foreach($this->json['Dependency'] as $app => $constraints) {
120	try {
121	- $~~satifies~~ = Semver::satisfies(
122	$this->getAppVersion(strtolower($app)), $constraints
123	);
124	- if ($~~satifies~~ === false) {
125	throw new Exception(
126	AAM_Backend_View_Helper::preparePhrase(
127	"The dependency [{$app}] does not satisfy version requirement by the policy",


66	*/
67	public function validate() {
68	$steps = array(
69	+ 'isJSON', // #1. Check if policy is valid JSON
70	+ 'isNotEmpty', // #2. Check if policy is not empty
71	+ 'isValidDependency', // #3. Check if all dependencies are defined properly
72	);
73
74	foreach($steps as $step) {

114	return $result;
115	}
116
117	+ public function isValidDependency() {
118	if (!empty($this->json['Dependency'])) {
119	foreach($this->json['Dependency'] as $app => $constraints) {
120	try {
121	+ $satisfies = Semver::satisfies(
122	$this->getAppVersion(strtolower($app)), $constraints
123	);
124	+ if ($satisfies === false) {
125	throw new Exception(
126	AAM_Backend_View_Helper::preparePhrase(
127	"The dependency [{$app}] does not satisfy version requirement by the policy",

Application/Core/Subject/Default.php CHANGED Viewed

	@@ -86,6 +86,14 @@ class AAM_Core_Subject_Default extends AAM_Core_Subject {
86	return true;
87	}
88








89	/**
90	*
91	* @return type


86	return true;
87	}
88
89	+ /**
90	+ *
91	+ * @return type
92	+ */
93	+ public function getMaxLevel() {
94	+ return AAM_Core_API::maxLevel(AAM_Core_API::getAllCapabilities());
95	+ }
96	+
97	/**
98	*
99	* @return type

Application/Core/Subject/User.php CHANGED Viewed

	@@ -109,7 +109,7 @@ class AAM_Core_Subject_User extends AAM_Core_Subject {
109	$roles[] = $chunks[1];
110	}
111	} elseif (in_array($chunks[1], $roles, true)) {
112	- // Make sure that we delete all ~~instanses~~ of the role
113	foreach($roles as $i => $role){
114	if ($role === $chunks[1]) {
115	unset($roles[$i]);
	@@ -137,7 +137,7 @@ class AAM_Core_Subject_User extends AAM_Core_Subject {
137	//check if user is expired
138	$expired = get_user_meta($this->ID, 'aam_user_expiration', true);
139	if (!empty($expired)) {
140	- $parts = explode('\|', $expired);
141
142	// Set time
143	// TODO: Remove in Jan 2020
	@@ -151,7 +151,7 @@ class AAM_Core_Subject_User extends AAM_Core_Subject {
151	//TODO - PHP Warning: DateTime::setTimezone(): Can only do this for zones with ID for now in
152	@$compare->setTimezone($expires->getTimezone());
153
154	- if ($expires <= $compare) {
155	$this->triggerExpiredUserAction($parts);
156	}
157	}


109	$roles[] = $chunks[1];
110	}
111	} elseif (in_array($chunks[1], $roles, true)) {
112	+ // Make sure that we delete all instances of the role
113	foreach($roles as $i => $role){
114	if ($role === $chunks[1]) {
115	unset($roles[$i]);

137	//check if user is expired
138	$expired = get_user_meta($this->ID, 'aam_user_expiration', true);
139	if (!empty($expired)) {
140	+ $parts = explode('\|', $expired);
141
142	// Set time
143	// TODO: Remove in Jan 2020

151	//TODO - PHP Warning: DateTime::setTimezone(): Can only do this for zones with ID for now in
152	@$compare->setTimezone($expires->getTimezone());
153
154	+ if ($expires->getTimestamp() <= $compare->getTimestamp()) {
155	$this->triggerExpiredUserAction($parts);
156	}
157	}

Application/Extension/List.php CHANGED Viewed

	@@ -31,7 +31,7 @@ class AAM_Extension_List {
31	'description' => 'Manage access to your WordPress website posts, pages, media, custom post types, categories and hierarchical taxonomies for any role, individual user, visitors or even define default access for everybody; and do this separately for frontend, backend or API levels. As the bonus, define more granular access to how comments can be managed on the backend by other users.',
32	'url' => 'https://aamplugin.com/extension/plus-package',
33	'version' => (defined('AAM_PLUS_PACKAGE') ? constant('AAM_PLUS_PACKAGE') : null),
34	- 'latest' => '3.9.2'
35	),
36	'AAM_IP_CHECK' => array(
37	'title' => 'IP Check',
	@@ -75,7 +75,7 @@ class AAM_Extension_List {
75	'id' => 'AAM_USER_ACTIVITY',
76	'type' => 'GNU',
77	'license' => 'AAMUSERACTIVITY',
78	- 'description' => 'Track any kind of user or visitor activity on your website. <a href="https://aamplugin.com/~~help~~/how-to-track-any-wordpress-user-activity" target="_blank">Read more.</a> This is the open source solution and you can find it on the <a href="https://github.com/aamplugin/user-activity-extension" target="_blank">Github here</a>.',
79	'version' => (defined('AAM_USER_ACTIVITY') ? constant('AAM_USER_ACTIVITY') : null),
80	'latest' => '1.4.2'
81	),
	@@ -85,7 +85,7 @@ class AAM_Extension_List {
85	'type' => 'GNU',
86	'tag' => 'ALPHA',
87	'license' => 'AAMSOCIALLOGIN',
88	- 'description' => 'Login to your website with social networks like Facebook, Twitter, Instagram etc. <a href="https://aamplugin.com/~~help~~/how-does-aam-social-login-works" target="_blank">Read more.</a> This is the open source solution and you can find it on the <a href="https://github.com/aamplugin/social-login-extension" target="_blank">Github here</a>.',
89	'version' => (defined('AAM_SOCIAL_LOGIN') ? constant('AAM_SOCIAL_LOGIN') : null),
90	'latest' => '0.2.1'
91	),


31	'description' => 'Manage access to your WordPress website posts, pages, media, custom post types, categories and hierarchical taxonomies for any role, individual user, visitors or even define default access for everybody; and do this separately for frontend, backend or API levels. As the bonus, define more granular access to how comments can be managed on the backend by other users.',
32	'url' => 'https://aamplugin.com/extension/plus-package',
33	'version' => (defined('AAM_PLUS_PACKAGE') ? constant('AAM_PLUS_PACKAGE') : null),
34	+ 'latest' => '3.9.4'
35	),
36	'AAM_IP_CHECK' => array(
37	'title' => 'IP Check',

75	'id' => 'AAM_USER_ACTIVITY',
76	'type' => 'GNU',
77	'license' => 'AAMUSERACTIVITY',
78	+ 'description' => 'Track any kind of user or visitor activity on your website. <a href="https://aamplugin.com/article/how-to-track-any-wordpress-user-activity" target="_blank">Read more.</a> This is the open source solution and you can find it on the <a href="https://github.com/aamplugin/user-activity-extension" target="_blank">Github here</a>.',
79	'version' => (defined('AAM_USER_ACTIVITY') ? constant('AAM_USER_ACTIVITY') : null),
80	'latest' => '1.4.2'
81	),

85	'type' => 'GNU',
86	'tag' => 'ALPHA',
87	'license' => 'AAMSOCIALLOGIN',
88	+ 'description' => 'Login to your website with social networks like Facebook, Twitter, Instagram etc. <a href="https://aamplugin.com/article/how-does-aam-social-login-works" target="_blank">Read more.</a> This is the open source solution and you can find it on the <a href="https://github.com/aamplugin/social-login-extension" target="_blank">Github here</a>.',
89	'version' => (defined('AAM_SOCIAL_LOGIN') ? constant('AAM_SOCIAL_LOGIN') : null),
90	'latest' => '0.2.1'
91	),

Application/Extension/Repository.php CHANGED Viewed

	@@ -61,7 +61,7 @@ class AAM_Extension_Repository {
61	*
62	* @access protected
63	*/
64	- protected $~~depectedExtensions~~ = array();
65
66	/**
67	* Extension list
	@@ -91,7 +91,7 @@ class AAM_Extension_Repository {
91	public function load($dir = null) {
92	$basedir = (is_null($dir) ? $this->getBasedir() : $dir);
93
94	- //since release 3.4 some extensions get ~~intergreated~~ into core
95	AAM_Core_Compatibility::initExtensions();
96
97	if (file_exists($basedir)) {
	@@ -102,8 +102,8 @@ class AAM_Extension_Repository {
102	}
103	}
104	// TODO: Rethink this hook
105	- //Very important hook for cases when there is extensions ~~dependancy~~.
106	- //For example AAM Plus Package depends on AAM ~~Utitlities~~ properties
107	do_action('aam-post-extensions-load');
108	}
109	}
	@@ -132,12 +132,12 @@ class AAM_Extension_Repository {
132	if (file_exists($config)) {
133	$conf = require $config;
134
135	- $this->~~depectedExtensions~~[$conf['id']] = $conf['version'];
136
137	- // ~~determin~~ if extension needs to be loaded based on the status
138	$status = empty($cache[$conf['id']]['status']) \|\| ($cache[$conf['id']]['status'] !== self::STATUS_INACTIVE);
139
140	- // ~~determin~~ if extension meets minimum required AAM version
141	$list = AAM_Extension_List::get();
142	$issue = !empty($conf['requires']['aam']) && (version_compare(AAM_Core_API::version(), $conf['requires']['aam']) === -1);
143	$load = $status && !$issue;
	@@ -158,7 +158,7 @@ class AAM_Extension_Repository {
158	sprintf(
159	__('The [%s] does not appear to be a valid AAM extension. %sRead more.%s', AAM_KEY),
160	str_replace(AAM_EXTENSION_BASE . '/', '', $config),
161	- '<a href="https://aamplugin.com/~~help~~/how-to-fix-the-config-php-file-is-missing-notification" target="_blank">',
162	'</a>'
163	),
164	'b'
	@@ -273,7 +273,7 @@ class AAM_Extension_Repository {
273	* @access public
274	*/
275	public function getVersion($id) {
276	- return (isset($this->~~depectedExtensions~~[$id]) ? $this->~~depectedExtensions~~[$id] : null);
277	}
278
279	/**
	@@ -323,10 +323,10 @@ class AAM_Extension_Repository {
323	if (is_null($status)) {
324	$status = AAM_Extension_Repository::STATUS_DOWNLOAD;
325
326	- if (isset($this->~~depectedExtensions~~[$id])) {
327	$status = AAM_Extension_Repository::STATUS_INSTALLED;
328
329	- if ($this->isOutdatedVersion($item, $retrieved, $this->~~depectedExtensions~~[$id])) {
330	$status = AAM_Extension_Repository::STATUS_UPDATE;
331	AAM_Core_Console::add(
332	AAM_Backend_View_Helper::preparePhrase(sprintf(
	@@ -337,9 +337,9 @@ class AAM_Extension_Repository {
337	}
338	}
339	} elseif ($status === AAM_Extension_Repository::STATUS_INSTALLED) {
340	- if (!isset($this->~~depectedExtensions~~[$id])) {
341	$status = AAM_Extension_Repository::STATUS_DOWNLOAD;
342	- } elseif ($this->isOutdatedVersion($item, $retrieved, $this->~~depectedExtensions~~[$id])) {
343	$status = AAM_Extension_Repository::STATUS_UPDATE;
344	}
345	}
	@@ -370,7 +370,7 @@ class AAM_Extension_Repository {
370	/**
371	* Check extension directory
372	*
373	- * @return boolean\|~~sstring~~
374	*
375	* @access public
376	*
	@@ -401,7 +401,7 @@ class AAM_Extension_Repository {
401	* @access public
402	*/
403	public function getBasedir($relative = false) {
404	- $dir = AAM_Core_Config::get('core.~~extention~~.directory', AAM_EXTENSION_BASE);
405
406	return ($relative ? str_replace(ABSPATH, '', $dir) : $dir);
407	}


61	*
62	* @access protected
63	*/
64	+ protected $detectedExtensions = array();
65
66	/**
67	* Extension list

91	public function load($dir = null) {
92	$basedir = (is_null($dir) ? $this->getBasedir() : $dir);
93
94	+ //since release 3.4 some extensions get integrated into core
95	AAM_Core_Compatibility::initExtensions();
96
97	if (file_exists($basedir)) {

102	}
103	}
104	// TODO: Rethink this hook
105	+ //Very important hook for cases when there is extensions dependency.
106	+ //For example AAM Plus Package depends on AAM Utilities properties
107	do_action('aam-post-extensions-load');
108	}
109	}

132	if (file_exists($config)) {
133	$conf = require $config;
134
135	+ $this->detectedExtensions[$conf['id']] = $conf['version'];
136
137	+ // determine if extension needs to be loaded based on the status
138	$status = empty($cache[$conf['id']]['status']) \|\| ($cache[$conf['id']]['status'] !== self::STATUS_INACTIVE);
139
140	+ // determine if extension meets minimum required AAM version
141	$list = AAM_Extension_List::get();
142	$issue = !empty($conf['requires']['aam']) && (version_compare(AAM_Core_API::version(), $conf['requires']['aam']) === -1);
143	$load = $status && !$issue;

158	sprintf(
159	__('The [%s] does not appear to be a valid AAM extension. %sRead more.%s', AAM_KEY),
160	str_replace(AAM_EXTENSION_BASE . '/', '', $config),
161	+ '<a href="https://aamplugin.com/article/how-to-fix-the-config-php-file-is-missing-notification" target="_blank">',
162	'</a>'
163	),
164	'b'

273	* @access public
274	*/
275	public function getVersion($id) {
276	+ return (isset($this->detectedExtensions[$id]) ? $this->detectedExtensions[$id] : null);
277	}
278
279	/**

323	if (is_null($status)) {
324	$status = AAM_Extension_Repository::STATUS_DOWNLOAD;
325
326	+ if (isset($this->detectedExtensions[$id])) {
327	$status = AAM_Extension_Repository::STATUS_INSTALLED;
328
329	+ if ($this->isOutdatedVersion($item, $retrieved, $this->detectedExtensions[$id])) {
330	$status = AAM_Extension_Repository::STATUS_UPDATE;
331	AAM_Core_Console::add(
332	AAM_Backend_View_Helper::preparePhrase(sprintf(

337	}
338	}
339	} elseif ($status === AAM_Extension_Repository::STATUS_INSTALLED) {
340	+ if (!isset($this->detectedExtensions[$id])) {
341	$status = AAM_Extension_Repository::STATUS_DOWNLOAD;
342	+ } elseif ($this->isOutdatedVersion($item, $retrieved, $this->detectedExtensions[$id])) {
343	$status = AAM_Extension_Repository::STATUS_UPDATE;
344	}
345	}

370	/**
371	* Check extension directory
372	*
373	+ * @return boolean\|string
374	*
375	* @access public
376	*

401	* @access public
402	*/
403	public function getBasedir($relative = false) {
404	+ $dir = AAM_Core_Config::get('core.extension.directory', AAM_EXTENSION_BASE);
405
406	return ($relative ? str_replace(ABSPATH, '', $dir) : $dir);
407	}

Application/Frontend/Authorization.php CHANGED Viewed

	@@ -36,7 +36,7 @@ class AAM_Frontend_Authorization {
36	*
37	* @access public
38	*/
39	- public function ~~chechReadAuth~~(AAM_Core_Object_Post $post) {
40	// pre post access hook
41	do_action('aam-pre-post-authorization-action', $post);
42


36	*
37	* @access public
38	*/
39	+ public function checkReadAuth(AAM_Core_Object_Post $post) {
40	// pre post access hook
41	do_action('aam-pre-post-authorization-action', $post);
42

Application/Frontend/Filter.php CHANGED Viewed

	@@ -81,7 +81,7 @@ class AAM_Frontend_Filter {
81	$post = AAM_Core_API::getCurrentPost();
82
83	if ($post) {
84	- AAM_Frontend_Authorization::getInstance()->~~chechReadAuth~~($post);
85	}
86	}
87	}
	@@ -105,7 +105,7 @@ class AAM_Frontend_Filter {
105	$post = AAM_Core_API::getCurrentPost();
106
107	if ($post) {
108	- AAM_Frontend_Authorization::getInstance()->~~chechReadAuth~~($post);
109	}
110
111	return $template;


81	$post = AAM_Core_API::getCurrentPost();
82
83	if ($post) {
84	+ AAM_Frontend_Authorization::getInstance()->checkReadAuth($post);
85	}
86	}
87	}

105	$post = AAM_Core_API::getCurrentPost();
106
107	if ($post) {
108	+ AAM_Frontend_Authorization::getInstance()->checkReadAuth($post);
109	}
110
111	return $template;

Application/Frontend/Manager.php CHANGED Viewed

	@@ -84,7 +84,7 @@ class AAM_Frontend_Manager {
84	*/
85	public function checkAdminBar() {
86	if (AAM_Core_API::capabilityExists('show_admin_bar')) {
87	- if (!~~AAM::getUser~~(~~)->hasCapability(~~'show_admin_bar')) {
88	add_filter('show_admin_bar', '__return_false', PHP_INT_MAX );
89	}
90	}


84	*/
85	public function checkAdminBar() {
86	if (AAM_Core_API::capabilityExists('show_admin_bar')) {
87	+ if (!current_user_can('show_admin_bar')) {
88	add_filter('show_admin_bar', '__return_false', PHP_INT_MAX );
89	}
90	}

Application/Frontend/phtml/login.phtml CHANGED Viewed

	@@ -48,7 +48,7 @@
48	<?php echo get_avatar(AAM::getUser()->ID, "200"); ?>
49	</div>
50	<div>
51	- <?php $allowAdmin = !AAM_Core_API::capabilityExists('access_dashboard') \|\| ~~AAM::getUser~~(~~)->hasCapability(~~'access_dashboard'); ?>
52	<?php if ($allowAdmin) { ?>
53	<a href="<?php echo esc_url(get_admin_url()); ?>"><?php echo __('Dashboard', AAM_KEY); ?></a> \|
54	<a href="<?php echo esc_url(get_admin_url(null, 'profile.php')); ?>"><?php echo __('Edit My Profile', AAM_KEY); ?></a> \|


48	<?php echo get_avatar(AAM::getUser()->ID, "200"); ?>
49	</div>
50	<div>
51	+ <?php $allowAdmin = !AAM_Core_API::capabilityExists('access_dashboard') \|\| current_user_can('access_dashboard'); ?>
52	<?php if ($allowAdmin) { ?>
53	<a href="<?php echo esc_url(get_admin_url()); ?>"><?php echo __('Dashboard', AAM_KEY); ?></a> \|
54	<a href="<?php echo esc_url(get_admin_url(null, 'profile.php')); ?>"><?php echo __('Edit My Profile', AAM_KEY); ?></a> \|

Application/Shared/Manager.php CHANGED Viewed

	@@ -267,7 +267,6 @@ class AAM_Shared_Manager {
267	* @return array
268	*
269	* @access public
270	- * @global WPDB $wpdb
271	*/
272	public function filterPostQuery($clauses, $wpQuery) {
273	if (!$wpQuery->is_singular && $this->isPostFilterEnabled()) {
	@@ -476,6 +475,7 @@ class AAM_Shared_Manager {
476	break;
477
478	case 'publish_posts':

479	case 'aam_publish_policies':
480	// There is a bug in WP core that instead of checking if user has
481	// ability to publish_post, it checks for edit_post
	@@ -618,9 +618,8 @@ class AAM_Shared_Manager {
618	/**
619	* Check if current user is allowed to manager specified user
620	*
621	- * @param ~~int~~ $id
622	- * @param ~~array~~ $~~allcaps~~
623	- * @param array $metacaps
624	*
625	* @return array
626	*
	@@ -644,9 +643,8 @@ class AAM_Shared_Manager {
644	/**
645	* Check if current user is allowed to edit post
646	*
647	- * @param ~~int~~ $id
648	- * @param ~~array~~ $~~allcaps~~
649	- * @param array $metacaps
650	*
651	* @return array
652	*
	@@ -667,9 +665,8 @@ class AAM_Shared_Manager {
667	/**
668	* Check if current user is allowed to delete post
669	*
670	- * @param ~~int~~ $id
671	- * @param ~~array~~ $~~allcaps~~
672	- * @param array $metacaps
673	*
674	* @return array
675	*
	@@ -689,8 +686,8 @@ class AAM_Shared_Manager {
689	/**
690	* Check if user is allowed to publish post
691	*
692	- * @param array $~~allcaps~~
693	- * @param ~~array~~ $~~metacaps~~
694	*
695	* @return array
696	*
	@@ -711,8 +708,8 @@ class AAM_Shared_Manager {
711	/**
712	* Check if user is allowed to publish post
713	*
714	- * @param array $~~allcaps~~
715	- * @param ~~array~~ $~~metacaps~~
716	*
717	* @return array
718	*


267	* @return array
268	*
269	* @access public

270	*/
271	public function filterPostQuery($clauses, $wpQuery) {
272	if (!$wpQuery->is_singular && $this->isPostFilterEnabled()) {

475	break;
476
477	case 'publish_posts':
478	+ case 'publish_pages':
479	case 'aam_publish_policies':
480	// There is a bug in WP core that instead of checking if user has
481	// ability to publish_post, it checks for edit_post

618	/**
619	* Check if current user is allowed to manager specified user
620	*
621	+ * @param array $caps
622	+ * @param int $userId

623	*
624	* @return array
625	*

643	/**
644	* Check if current user is allowed to edit post
645	*
646	+ * @param array $caps
647	+ * @param int $id

648	*
649	* @return array
650	*

665	/**
666	* Check if current user is allowed to delete post
667	*
668	+ * @param array $caps
669	+ * @param int $id

670	*
671	* @return array
672	*

686	/**
687	* Check if user is allowed to publish post
688	*
689	+ * @param array $caps
690	+ * @param int $id
691	*
692	* @return array
693	*

708	/**
709	* Check if user is allowed to publish post
710	*
711	+ * @param array $caps
712	+ * @param int $id
713	*
714	* @return array
715	*

aam.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	/**
4	Plugin Name: Advanced Access Manager
5	Description: All you need to manage access to your WordPress website
6	- Version: 5.~~8.3~~
7	Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8	Author URI: https://vasyltech.com
9


3	/**
4	Plugin Name: Advanced Access Manager
5	Description: All you need to manage access to your WordPress website
6	+ Version: 5.9
7	Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8	Author URI: https://vasyltech.com
9

media/css/aam.css CHANGED Viewed

	@@ -52,6 +52,7 @@
52	.icon-angle-left:before { content: '\f104' !important; } /* 'ï' */
53	.icon-angle-right:before { content: '\f105' !important; } /* 'ï' */
54	.icon-angle-up:before { content: '\f106' !important; } /* 'ï' */

55	.icon-angle-down:before { content: '\f107' !important; } /* 'ï' */
56	.icon-asterisk:before { content: '\e801' !important; } /* 'î ' */
57	.icon-spin4:before { content: '\e802' !important; } /* 'î ' */


52	.icon-angle-left:before { content: '\f104' !important; } /* 'ï' */
53	.icon-angle-right:before { content: '\f105' !important; } /* 'ï' */
54	.icon-angle-up:before { content: '\f106' !important; } /* 'ï' */
55	+ .icon-pin:before { content: '\e81a' !important; } /* 'î ' */
56	.icon-angle-down:before { content: '\f107' !important; } /* 'ï' */
57	.icon-asterisk:before { content: '\e801' !important; } /* 'î ' */
58	.icon-spin4:before { content: '\e802' !important; } /* 'î ' */

media/js/{aam-5.8.js → aam-5.9.js} RENAMED Viewed

	@@ -25,7 +25,7 @@
25	dataType: 'json',
26	data: {
27	action: 'aam',
28	- sub_action: 'switchToUser',
29	_ajax_nonce: getLocal().nonce,
30	user: id
31	},
	@@ -413,6 +413,14 @@
413	}
414	break;
415








416	case 'detach':
417	if (getAAM().isUI('principal')) {
418	$(container).append($('<i/>', {
	@@ -430,6 +438,14 @@
430	}));
431	}
432	break;








433
434	default:
435	if (getAAM().isUI('main')) {
	@@ -1433,7 +1449,7 @@
1433	if ($(container).length) {
1434	//reset button
1435	$('#policy-reset').bind('click', function () {
1436	- getAAM().reset('~~policy~~', $(this));
1437	});
1438
1439	$('#download-policy').bind('click', function() {
	@@ -1508,7 +1524,7 @@
1508	var container = $('<div/>', {'class': 'aam-row-actions'});
1509	$.each(actions, function (i, action) {
1510	switch (action) {
1511	- case '~~assign~~':
1512	$(container).append($('<i/>', {
1513	'class': 'aam-row-action text-muted icon-check-empty'
1514	}).bind('click', function () {
	@@ -1521,8 +1537,14 @@
1521	'title': getAAM().__('Apply Policy')
1522	}));
1523	break;






1524
1525	- case '~~unassign~~':
1526	$(container).append($('<i/>', {
1527	'class': 'aam-row-action text-success icon-check'
1528	}).bind('click', function () {
	@@ -1536,6 +1558,12 @@
1536	}));
1537	break;
1538






1539	case 'edit':
1540	$(container).append($('<i/>', {
1541	'class': 'aam-row-action icon-pencil text-warning'
	@@ -1546,6 +1574,12 @@
1546	'title': getAAM().__('Edit Policy')
1547	}));
1548	break;






1549
1550	default:
1551	break;
	@@ -1660,12 +1694,9 @@
1660	$('input[type="checkbox"]', '#admin-menu').each(function () {
1661	$(this).bind('click', function () {
1662	var _this = $(this);
1663	-
1664	- ~~getAAM~~()~~.save(~~
1665	- _this.data('menu-id'),
1666	_this.attr('checked') ? 1 : 0,
1667	- 'menu',
1668	- null,
1669	function(result) {
1670	if (result.status === 'success') {
1671	$('#aam-menu-overwrite').show();
	@@ -1682,7 +1713,7 @@
1682
1683	//reset button
1684	$('#menu-reset').bind('click', function () {
1685	- getAAM().reset('~~menu~~', $(this));
1686	});
1687	}
1688	}
	@@ -1786,17 +1817,15 @@
1786
1787	//reset button
1788	$('#toolbar-reset').bind('click', function () {
1789	- getAAM().reset('~~toolbar~~', $(this));
1790	});
1791
1792	$('input[type="checkbox"]', '#toolbar-list').each(function () {
1793	$(this).bind('click', function () {
1794	var _this = $(this);
1795	- ~~getAAM().~~save(
1796	- $(this).data('toolbar'),
1797	$(this).attr('checked') ? 1 : 0,
1798	- 'toolbar',
1799	- null,
1800	function(result) {
1801	if (result.status === 'success') {
1802	$('#aam-toolbar-overwrite').show();
	@@ -1827,6 +1856,39 @@
1827	* @returns {void}
1828	*/
1829	(function ($) {

































1830
1831	/**
1832	*
	@@ -1942,17 +2004,15 @@
1942
1943	//reset button
1944	$('#metabox-reset').bind('click', function () {
1945	- getAAM().reset('~~metabox~~', $(this));
1946	});
1947
1948	$('input[type="checkbox"]', '#metabox-list').each(function () {
1949	$(this).bind('click', function () {
1950	var _this = $(this);
1951	- ~~getAAM().~~save(
1952	- $(this).data('metabox'),
1953	$(this).attr('checked') ? 1 : 0,
1954	- 'metabox',
1955	- null,
1956	function(result) {
1957	if (result.status === 'success') {
1958	$('#aam-metabox-overwrite').show();
	@@ -1995,25 +2055,45 @@
1995
1996	//show indicator
1997	$(btn).attr('class', 'aam-row-action icon-spin4 animate-spin');
1998	-
1999	- getAAM().~~save~~(~~capability, granted, 'capability', null,~~ function(~~result~~) {
2000	- if (~~result~~.~~status~~ ~~=== 'success')~~ {
2001	- if ~~(granted) {~~
2002	- ~~$(btn).attr(~~'~~class~~', ~~'aam-row-action text-success icon-check');~~
2003	- } ~~else~~ {
2004	- ~~$(btn).attr('class',~~ 'aam~~-row-action text-muted icon-check-empty~~');
2005	- }
2006	- } ~~else {~~
2007	- if (~~granted~~) {
























2008	getAAM().notification(
2009	- 'danger',
2010	- getAAM().__('WordPress core does not allow to grant this capability')
2011	);
2012	- $(btn).attr('class', 'aam-row-action text-muted icon-check-empty');
2013	- } else {
2014	- $(btn).attr('class', 'aam-row-action text-success icon-check');
2015	}
2016	- }
2017	});
2018	}
2019
	@@ -2280,7 +2360,7 @@
2280
2281	//reset button
2282	$('#capability-reset').bind('click', function () {
2283	- getAAM().reset('~~capability~~', $(this));
2284	});
2285	}
2286	}
	@@ -2719,6 +2799,48 @@
2719	'class': 'aam-row-action text-muted icon-pencil'
2720	}));
2721	break;










































2722
2723	default:
2724	getAAM().triggerHook('post-action', {
	@@ -2902,6 +3024,39 @@
2902	* @returns {void}
2903	*/
2904	(function ($) {

































2905
2906	/**
2907	*
	@@ -2920,11 +3075,9 @@
2920	$($(this).data('action')).show();
2921
2922	//save redirect type
2923	- ~~getAAM().~~save(
2924	$(this).attr('name'),
2925	$(this).val(),
2926	- 'redirect',
2927	- null,
2928	function(result) {
2929	if (result.status === 'success') {
2930	$('#aam-redirect-overwrite').show();
	@@ -2937,11 +3090,9 @@
2937	$('input[type="text"],select,textarea', container).each(function () {
2938	$(this).bind('change', function () {
2939	//save redirect type
2940	- ~~getAAM().~~save(
2941	$(this).attr('name'),
2942	$(this).val(),
2943	- 'redirect',
2944	- null,
2945	function(result) {
2946	if (result.status === 'success') {
2947	$('#aam-redirect-overwrite').show();
	@@ -2952,7 +3103,7 @@
2952	});
2953
2954	$('#redirect-reset').bind('click', function () {
2955	- getAAM().reset('~~redirect~~', $(this));
2956	});
2957	}
2958	}
	@@ -2969,6 +3120,39 @@
2969	* @returns {void}
2970	*/
2971	(function ($) {

































2972
2973	/**
2974	*
	@@ -2987,11 +3171,9 @@
2987	$($(this).data('action')).show();
2988
2989	//save redirect type
2990	- ~~getAAM().~~save(
2991	$(this).attr('name'),
2992	$(this).val(),
2993	- 'loginRedirect',
2994	- null,
2995	function(result) {
2996	if (result.status === 'success') {
2997	$('#aam-login-redirect-overwrite').show();
	@@ -3010,11 +3192,9 @@
3010	}
3011
3012	//save redirect type
3013	- ~~getAAM().~~save(
3014	$(this).attr('name'),
3015	val,
3016	- 'loginRedirect',
3017	- null,
3018	function(result) {
3019	if (result.status === 'success') {
3020	$('#aam-login-redirect-overwrite').show();
	@@ -3025,7 +3205,7 @@
3025	});
3026
3027	$('#login-redirect-reset').bind('click', function () {
3028	- getAAM().reset('~~loginRedirect~~', $(this));
3029	});
3030	}
3031	}
	@@ -3042,6 +3222,39 @@
3042	* @returns {void}
3043	*/
3044	(function ($) {

































3045
3046	/**
3047	*
	@@ -3060,11 +3273,9 @@
3060	$($(this).data('action')).show();
3061
3062	//save redirect type
3063	- ~~getAAM().~~save(
3064	$(this).attr('name'),
3065	$(this).val(),
3066	- 'logoutRedirect',
3067	- null,
3068	function(result) {
3069	if (result.status === 'success') {
3070	$('#aam-logout-redirect-overwrite').show();
	@@ -3077,11 +3288,9 @@
3077	$('input[type="text"],select,textarea', container).each(function () {
3078	$(this).bind('change', function () {
3079	//save redirect type
3080	- ~~getAAM().~~save(
3081	$(this).attr('name'),
3082	$(this).val(),
3083	- 'logoutRedirect',
3084	- null,
3085	function(result) {
3086	if (result.status === 'success') {
3087	$('#aam-logout-redirect-overwrite').show();
	@@ -3092,7 +3301,7 @@
3092	});
3093
3094	$('#logout-redirect-reset').bind('click', function () {
3095	- getAAM().reset('~~logoutRedirect~~', $(this));
3096	});
3097	}
3098	}
	@@ -3323,7 +3532,7 @@
3323
3324	//reset button
3325	$('#route-reset').bind('click', function () {
3326	- getAAM().reset('~~route~~', $(this));
3327	});
3328	}
3329	}
	@@ -3355,7 +3564,7 @@
3355
3356	//reset button
3357	$('#uri-reset').bind('click', function () {
3358	- getAAM().reset('~~uri~~', $(this));
3359	});
3360
3361	$('#uri-save-btn').bind('click', function(event) {
	@@ -3924,7 +4133,7 @@
3924	dataType: 'json',
3925	data: {
3926	action: 'aam',
3927	- sub_action: 'clearSettings',
3928	_ajax_nonce: getLocal().nonce
3929	},
3930	beforeSend: function() {
	@@ -3958,7 +4167,7 @@
3958	dataType: 'json',
3959	data: {
3960	action: 'aam',
3961	- sub_action: 'clearCache',
3962	_ajax_nonce: getLocal().nonce
3963	},
3964	beforeSend: function() {
	@@ -4283,12 +4492,16 @@
4283	*/
4284	AAM.prototype.initialize = function () {
4285	//read default subject and set it for AAM object
4286	- ~~this~~.~~setSubject(~~
4287	- ~~getLocal~~(~~).subject.type,~~
4288	- getLocal().subject.id,
4289	- getLocal().subject.~~name~~,
4290	- getLocal().subject.~~level~~
4291	- );




4292
4293	//load the UI javascript support
4294	UI();
	@@ -4312,7 +4525,7 @@
4312	}
4313	});
4314
4315	- //help ~~tooltips~~
4316	$('body').delegate('[data-toggle="tooltip"]', 'hover', function (event) {
4317	event.preventDefault();
4318	$(this).tooltip({
	@@ -4379,7 +4592,6 @@
4379	'<i data-toggle="tooltip" title="Switch To User" data-placement="right" class="icon-exchange aam-switch-user"></i>'
4380	);
4381	}
4382	-
4383	//highlight screen if the same level
4384	if (parseInt(level) >= getLocal().level \|\| type === 'default') {
4385	$('.aam-current-subject').addClass('danger');
	@@ -4417,62 +4629,22 @@
4417	}, 9000);
4418	};
4419
4420	- /**
4421	- *
4422	- * @param {type} param
4423	- * @param {type} value
4424	- * @param {type} object
4425	- * @param {type} object_id
4426	- * @param {type} callback
4427	- * @returns {undefined}
4428	- */
4429	- AAM.prototype.save = function(param, value, object, object_id, callback) {
4430	- getAAM().queueRequest(function() {
4431	- $.ajax(getLocal().ajaxurl, {
4432	- type: 'POST',
4433	- dataType: 'json',
4434	- data: {
4435	- action: 'aam',
4436	- sub_action: 'save',
4437	- _ajax_nonce: getLocal().nonce,
4438	- subject: this.getSubject().type,
4439	- subjectId: this.getSubject().id,
4440	- param: param,
4441	- value: value,
4442	- object: object,
4443	- objectId: object_id
4444	- },
4445	- success: function (response) {
4446	- if (typeof callback === 'function') {
4447	- callback(response);
4448	- }
4449	- },
4450	- error: function () {
4451	- getAAM().notification(
4452	- 'danger', getAAM().__('Application error')
4453	- );
4454	- }
4455	- });
4456	- });
4457	- };
4458	-
4459	/**
4460	*
4461	* @param {type} object
4462	* @param {type} btn
4463	* @returns {undefined}
4464	*/
4465	- AAM.prototype.reset = function(~~object~~, btn) {
4466	getAAM().queueRequest(function() {
4467	$.ajax(getLocal().ajaxurl, {
4468	type: 'POST',
4469	data: {
4470	action: 'aam',
4471	- sub_action: ~~'reset'~~,
4472	_ajax_nonce: getLocal().nonce,
4473	subject: this.getSubject().type,
4474	subjectId: this.getSubject().id,
4475	- object: object
4476	},
4477	beforeSend: function() {
4478	var label = btn.text();


25	dataType: 'json',
26	data: {
27	action: 'aam',
28	+ sub_action: 'Subject_User.switchToUser',
29	_ajax_nonce: getLocal().nonce,
30	user: id
31	},

413	}
414	break;
415
416	+ case 'no-attach':
417	+ if (getAAM().isUI('principal')) {
418	+ $(container).append($('<i/>', {
419	+ 'class': 'aam-row-action icon-check-empty text-muted'
420	+ }));
421	+ }
422	+ break;
423	+
424	case 'detach':
425	if (getAAM().isUI('principal')) {
426	$(container).append($('<i/>', {

438	}));
439	}
440	break;
441	+
442	+ case 'no-detach':
443	+ if (getAAM().isUI('principal')) {
444	+ $(container).append($('<i/>', {
445	+ 'class': 'aam-row-action icon-check text-muted'
446	+ }));
447	+ }
448	+ break;
449
450	default:
451	if (getAAM().isUI('main')) {

1449	if ($(container).length) {
1450	//reset button
1451	$('#policy-reset').bind('click', function () {
1452	+ getAAM().reset('Main_Policy.reset', $(this));
1453	});
1454
1455	$('#download-policy').bind('click', function() {

1524	var container = $('<div/>', {'class': 'aam-row-actions'});
1525	$.each(actions, function (i, action) {
1526	switch (action) {
1527	+ case 'attach':
1528	$(container).append($('<i/>', {
1529	'class': 'aam-row-action text-muted icon-check-empty'
1530	}).bind('click', function () {

1537	'title': getAAM().__('Apply Policy')
1538	}));
1539	break;
1540	+
1541	+ case 'no-attach':
1542	+ $(container).append($('<i/>', {
1543	+ 'class': 'aam-row-action text-muted icon-check-empty'
1544	+ }));
1545	+ break;
1546
1547	+ case 'detach':
1548	$(container).append($('<i/>', {
1549	'class': 'aam-row-action text-success icon-check'
1550	}).bind('click', function () {

1558	}));
1559	break;
1560
1561	+ case 'no-detach':
1562	+ $(container).append($('<i/>', {
1563	+ 'class': 'aam-row-action text-muted icon-check'
1564	+ }));
1565	+ break;
1566	+
1567	case 'edit':
1568	$(container).append($('<i/>', {
1569	'class': 'aam-row-action icon-pencil text-warning'

1574	'title': getAAM().__('Edit Policy')
1575	}));
1576	break;
1577	+
1578	+ case 'no-edit':
1579	+ $(container).append($('<i/>', {
1580	+ 'class': 'aam-row-action text-muted icon-pencil'
1581	+ }));
1582	+ break;
1583
1584	default:
1585	break;

1694	$('input[type="checkbox"]', '#admin-menu').each(function () {
1695	$(this).bind('click', function () {
1696	var _this = $(this);
1697	+ save(
1698	+ [_this.data('menu-id')],

1699	_this.attr('checked') ? 1 : 0,


1700	function(result) {
1701	if (result.status === 'success') {
1702	$('#aam-menu-overwrite').show();

1713
1714	//reset button
1715	$('#menu-reset').bind('click', function () {
1716	+ getAAM().reset('Main_Menu.reset', $(this));
1717	});
1718	}
1719	}

1817
1818	//reset button
1819	$('#toolbar-reset').bind('click', function () {
1820	+ getAAM().reset('Main_Toolbar.reset', $(this));
1821	});
1822
1823	$('input[type="checkbox"]', '#toolbar-list').each(function () {
1824	$(this).bind('click', function () {
1825	var _this = $(this);
1826	+ save(
1827	+ [$(this).data('toolbar')],
1828	$(this).attr('checked') ? 1 : 0,


1829	function(result) {
1830	if (result.status === 'success') {
1831	$('#aam-toolbar-overwrite').show();

1856	* @returns {void}
1857	*/
1858	(function ($) {
1859	+
1860	+ /**
1861	+ *
1862	+ * @param {type} items
1863	+ * @param {type} status
1864	+ * @param {type} successCallback
1865	+ * @returns {undefined}
1866	+ */
1867	+ function save(items, status, successCallback) {
1868	+ getAAM().queueRequest(function() {
1869	+ $.ajax(getLocal().ajaxurl, {
1870	+ type: 'POST',
1871	+ dataType: 'json',
1872	+ data: {
1873	+ action: 'aam',
1874	+ sub_action: 'Main_Metabox.save',
1875	+ subject: getAAM().getSubject().type,
1876	+ subjectId: getAAM().getSubject().id,
1877	+ _ajax_nonce: getLocal().nonce,
1878	+ items: items,
1879	+ status: status
1880	+ },
1881	+ success: function(response) {
1882	+ successCallback(response);
1883	+ },
1884	+ error: function () {
1885	+ getAAM().notification(
1886	+ 'danger', getAAM().__('Application Error')
1887	+ );
1888	+ }
1889	+ });
1890	+ });
1891	+ }
1892
1893	/**
1894	*

2004
2005	//reset button
2006	$('#metabox-reset').bind('click', function () {
2007	+ getAAM().reset('Main_Metabox.reset', $(this));
2008	});
2009
2010	$('input[type="checkbox"]', '#metabox-list').each(function () {
2011	$(this).bind('click', function () {
2012	var _this = $(this);
2013	+ save(
2014	+ [$(this).data('metabox')],
2015	$(this).attr('checked') ? 1 : 0,


2016	function(result) {
2017	if (result.status === 'success') {
2018	$('#aam-metabox-overwrite').show();

2055
2056	//show indicator
2057	$(btn).attr('class', 'aam-row-action icon-spin4 animate-spin');
2058	+
2059	+ getAAM().queueRequest(function() {
2060	+ $.ajax(getLocal().ajaxurl, {
2061	+ type: 'POST',
2062	+ dataType: 'json',
2063	+ data: {
2064	+ action: 'aam',
2065	+ sub_action: 'Main_Capability.save',
2066	+ subject: getAAM().getSubject().type,
2067	+ subjectId: getAAM().getSubject().id,
2068	+ _ajax_nonce: getLocal().nonce,
2069	+ capability: capability,
2070	+ status: granted
2071	+ },
2072	+ success: function(result) {
2073	+ if (result.status === 'success') {
2074	+ if (granted) {
2075	+ $(btn).attr('class', 'aam-row-action text-success icon-check');
2076	+ } else {
2077	+ $(btn).attr('class', 'aam-row-action text-muted icon-check-empty');
2078	+ }
2079	+ } else {
2080	+ if (granted) {
2081	+ getAAM().notification(
2082	+ 'danger',
2083	+ getAAM().__('WordPress core does not allow to grant this capability')
2084	+ );
2085	+ $(btn).attr('class', 'aam-row-action text-muted icon-check-empty');
2086	+ } else {
2087	+ $(btn).attr('class', 'aam-row-action text-success icon-check');
2088	+ }
2089	+ }
2090	+ },
2091	+ error: function () {
2092	getAAM().notification(
2093	+ 'danger', getAAM().__('Application Error')

2094	);



2095	}
2096	+ });
2097	});
2098	}
2099

2360
2361	//reset button
2362	$('#capability-reset').bind('click', function () {
2363	+ getAAM().reset('Main_Capability.reset', $(this));
2364	});
2365	}
2366	}

2799	'class': 'aam-row-action text-muted icon-pencil'
2800	}));
2801	break;
2802	+
2803	+ case 'pin' :
2804	+ $(container).append($('<i/>', {
2805	+ 'class': 'aam-row-action text-muted icon-pin'
2806	+ }).bind('click', function () {
2807	+ var _btn = $(this);
2808	+ $.ajax(getLocal().ajaxurl, {
2809	+ type: 'POST',
2810	+ dataType: 'json',
2811	+ data: {
2812	+ action: 'aam',
2813	+ sub_action: 'PlusPackage.setDefaultTerm',
2814	+ _ajax_nonce: getLocal().nonce,
2815	+ id: data[0],
2816	+ subject: getAAM().getSubject().type,
2817	+ subjectId: getAAM().getSubject().id
2818	+ },
2819	+ beforeSend: function () {
2820	+ $(_btn).attr('class', 'aam-row-action icon-spin4 animate-spin');
2821	+ },
2822	+ error: function () {
2823	+ getAAM().notification('danger', getAAM().__('Application error'));
2824	+ },
2825	+ complete: function () {
2826	+ $('#post-list').DataTable().ajax.reload();
2827	+ }
2828	+ });
2829	+ }).attr({
2830	+ 'data-toggle': "tooltip",
2831	+ 'title': getAAM().__('Mark As Default')
2832	+ }));
2833	+ break;
2834	+
2835	+ case 'pinned' :
2836	+ $(container).append($('<i/>', {
2837	+ 'class': 'aam-row-action text-danger icon-pin'
2838	+ }).attr({
2839	+ 'data-toggle': "tooltip",
2840	+ 'title': getAAM().__('Is Default Category')
2841	+ }));
2842	+ break;
2843	+
2844
2845	default:
2846	getAAM().triggerHook('post-action', {

3024	* @returns {void}
3025	*/
3026	(function ($) {
3027	+
3028	+ /**
3029	+ *
3030	+ * @param {type} items
3031	+ * @param {type} status
3032	+ * @param {type} successCallback
3033	+ * @returns {undefined}
3034	+ */
3035	+ function save(param, value, successCallback) {
3036	+ getAAM().queueRequest(function() {
3037	+ $.ajax(getLocal().ajaxurl, {
3038	+ type: 'POST',
3039	+ dataType: 'json',
3040	+ data: {
3041	+ action: 'aam',
3042	+ sub_action: 'Main_Redirect.save',
3043	+ subject: getAAM().getSubject().type,
3044	+ subjectId: getAAM().getSubject().id,
3045	+ _ajax_nonce: getLocal().nonce,
3046	+ param: param,
3047	+ value: value
3048	+ },
3049	+ success: function(response) {
3050	+ successCallback(response);
3051	+ },
3052	+ error: function () {
3053	+ getAAM().notification(
3054	+ 'danger', getAAM().__('Application Error')
3055	+ );
3056	+ }
3057	+ });
3058	+ });
3059	+ }
3060
3061	/**
3062	*

3075	$($(this).data('action')).show();
3076
3077	//save redirect type
3078	+ save(
3079	$(this).attr('name'),
3080	$(this).val(),


3081	function(result) {
3082	if (result.status === 'success') {
3083	$('#aam-redirect-overwrite').show();

3090	$('input[type="text"],select,textarea', container).each(function () {
3091	$(this).bind('change', function () {
3092	//save redirect type
3093	+ save(
3094	$(this).attr('name'),
3095	$(this).val(),


3096	function(result) {
3097	if (result.status === 'success') {
3098	$('#aam-redirect-overwrite').show();

3103	});
3104
3105	$('#redirect-reset').bind('click', function () {
3106	+ getAAM().reset('Main_Redirect.reset', $(this));
3107	});
3108	}
3109	}

3120	* @returns {void}
3121	*/
3122	(function ($) {
3123	+
3124	+ /**
3125	+ *
3126	+ * @param {type} items
3127	+ * @param {type} status
3128	+ * @param {type} successCallback
3129	+ * @returns {undefined}
3130	+ */
3131	+ function save(param, value, successCallback) {
3132	+ getAAM().queueRequest(function() {
3133	+ $.ajax(getLocal().ajaxurl, {
3134	+ type: 'POST',
3135	+ dataType: 'json',
3136	+ data: {
3137	+ action: 'aam',
3138	+ sub_action: 'Main_LoginRedirect.save',
3139	+ subject: getAAM().getSubject().type,
3140	+ subjectId: getAAM().getSubject().id,
3141	+ _ajax_nonce: getLocal().nonce,
3142	+ param: param,
3143	+ value: value
3144	+ },
3145	+ success: function(response) {
3146	+ successCallback(response);
3147	+ },
3148	+ error: function () {
3149	+ getAAM().notification(
3150	+ 'danger', getAAM().__('Application Error')
3151	+ );
3152	+ }
3153	+ });
3154	+ });
3155	+ }
3156
3157	/**
3158	*

3171	$($(this).data('action')).show();
3172
3173	//save redirect type
3174	+ save(
3175	$(this).attr('name'),
3176	$(this).val(),


3177	function(result) {
3178	if (result.status === 'success') {
3179	$('#aam-login-redirect-overwrite').show();

3192	}
3193
3194	//save redirect type
3195	+ save(
3196	$(this).attr('name'),
3197	val,


3198	function(result) {
3199	if (result.status === 'success') {
3200	$('#aam-login-redirect-overwrite').show();

3205	});
3206
3207	$('#login-redirect-reset').bind('click', function () {
3208	+ getAAM().reset('Main_LoginRedirect.reset', $(this));
3209	});
3210	}
3211	}

3222	* @returns {void}
3223	*/
3224	(function ($) {
3225	+
3226	+ /**
3227	+ *
3228	+ * @param {type} items
3229	+ * @param {type} status
3230	+ * @param {type} successCallback
3231	+ * @returns {undefined}
3232	+ */
3233	+ function save(param, value, successCallback) {
3234	+ getAAM().queueRequest(function() {
3235	+ $.ajax(getLocal().ajaxurl, {
3236	+ type: 'POST',
3237	+ dataType: 'json',
3238	+ data: {
3239	+ action: 'aam',
3240	+ sub_action: 'Main_LogoutRedirect.save',
3241	+ subject: getAAM().getSubject().type,
3242	+ subjectId: getAAM().getSubject().id,
3243	+ _ajax_nonce: getLocal().nonce,
3244	+ param: param,
3245	+ value: value
3246	+ },
3247	+ success: function(response) {
3248	+ successCallback(response);
3249	+ },
3250	+ error: function () {
3251	+ getAAM().notification(
3252	+ 'danger', getAAM().__('Application Error')
3253	+ );
3254	+ }
3255	+ });
3256	+ });
3257	+ }
3258
3259	/**
3260	*

3273	$($(this).data('action')).show();
3274
3275	//save redirect type
3276	+ save(
3277	$(this).attr('name'),
3278	$(this).val(),


3279	function(result) {
3280	if (result.status === 'success') {
3281	$('#aam-logout-redirect-overwrite').show();

3288	$('input[type="text"],select,textarea', container).each(function () {
3289	$(this).bind('change', function () {
3290	//save redirect type
3291	+ save(
3292	$(this).attr('name'),
3293	$(this).val(),


3294	function(result) {
3295	if (result.status === 'success') {
3296	$('#aam-logout-redirect-overwrite').show();

3301	});
3302
3303	$('#logout-redirect-reset').bind('click', function () {
3304	+ getAAM().reset('Main_LogoutRedirect.reset', $(this));
3305	});
3306	}
3307	}

3532
3533	//reset button
3534	$('#route-reset').bind('click', function () {
3535	+ getAAM().reset('Main_Route.reset', $(this));
3536	});
3537	}
3538	}

3564
3565	//reset button
3566	$('#uri-reset').bind('click', function () {
3567	+ getAAM().reset('Main_Uri.reset', $(this));
3568	});
3569
3570	$('#uri-save-btn').bind('click', function(event) {

4133	dataType: 'json',
4134	data: {
4135	action: 'aam',
4136	+ sub_action: 'Settings_Manager.clearSettings',
4137	_ajax_nonce: getLocal().nonce
4138	},
4139	beforeSend: function() {

4167	dataType: 'json',
4168	data: {
4169	action: 'aam',
4170	+ sub_action: 'Settings_Manager.clearCache',
4171	_ajax_nonce: getLocal().nonce
4172	},
4173	beforeSend: function() {

4492	*/
4493	AAM.prototype.initialize = function () {
4494	//read default subject and set it for AAM object
4495	+ if (getLocal().subject.type) {
4496	+ this.setSubject(
4497	+ getLocal().subject.type,
4498	+ getLocal().subject.id,
4499	+ getLocal().subject.name,
4500	+ getLocal().subject.level
4501	+ );
4502	+ } else {
4503	+ $('#aam-subject-banner').addClass('hidden');
4504	+ }
4505
4506	//load the UI javascript support
4507	UI();

4525	}
4526	});
4527
4528	+ //help tooltip
4529	$('body').delegate('[data-toggle="tooltip"]', 'hover', function (event) {
4530	event.preventDefault();
4531	$(this).tooltip({

4592	'<i data-toggle="tooltip" title="Switch To User" data-placement="right" class="icon-exchange aam-switch-user"></i>'
4593	);
4594	}

4595	//highlight screen if the same level
4596	if (parseInt(level) >= getLocal().level \|\| type === 'default') {
4597	$('.aam-current-subject').addClass('danger');

4629	}, 9000);
4630	};
4631







































4632	/**
4633	*
4634	* @param {type} object
4635	* @param {type} btn
4636	* @returns {undefined}
4637	*/
4638	+ AAM.prototype.reset = function(sub_action, btn) {
4639	getAAM().queueRequest(function() {
4640	$.ajax(getLocal().ajaxurl, {
4641	type: 'POST',
4642	data: {
4643	action: 'aam',
4644	+ sub_action: sub_action,
4645	_ajax_nonce: getLocal().nonce,
4646	subject: this.getSubject().type,
4647	subjectId: this.getSubject().id,

4648	},
4649	beforeSend: function() {
4650	var label = btn.text();

readme.txt CHANGED Viewed

	@@ -2,8 +2,8 @@
2	Contributors: vasyltech
3	Tags: access control, membership, backend menu, user role, restricted content, security, jwt
4	Requires at least: 4.0
5	- Tested up to: 5.~~0.3~~
6	- Stable tag: 5.~~8.3~~
7
8	All you need to manage access to you WordPress websites on frontend, backend and API levels for any role, user or visitors.
9
	@@ -16,7 +16,7 @@ https://www.youtube.com/watch?v=mj5Xa_Wc16Y
16	= Few Quick Facts =
17
18	* The only plugin that gives you absolute freedom to define the most granular access to any aspect of your website and most of the feature are free;
19	- * Bullet-proven plugin that is used on over 90,000 websites where all features are well-tested and [documented](https://aamplugin.com/~~help~~). Very low amount of support tickets speaks for quality;
20	* It is the only plugin that gives you the ability to manage access to your website content for any role, individual user and visitors or even define the default access to all posts, pages, custom post types, categories and custom hierarchical taxonomies;
21	* AAM is [developer oriented plugin](https://aamplugin.com/developers). It has dozens of hooks and configurations. It is integrated with WordPress RESTful and XML-RPC APIs and has numerous abstract layers to simplify coding;
22	* No ads or other promotional crap. The UI is clean and well crafted so you can focus only on what matters;
	@@ -25,7 +25,7 @@ https://www.youtube.com/watch?v=mj5Xa_Wc16Y
25
26	= Main Areas Of Focus =
27
28	- * [Access & Security Policy](https://aamplugin.com/~~access-and-security-~~policy) allows you to define who, when, how and under what conditions your website resources can be accessed;
29	* Content access control on frontend, backend and API sides to posts, pages, custom post types, categories, custom hierarchical taxonomies and CPTs for any role, user and visitors;
30	* Roles & capabilities management with ability to create new roles and capabilities, edit, clone or delete existing;
31	* Access control to backend area including backend menu, toolbar, metaboxes & widgets;
	@@ -35,28 +35,28 @@ https://www.youtube.com/watch?v=mj5Xa_Wc16Y
35
36	= The Most Popular Features =
37
38	- * [free] Manage Backend Menu. Manage access to the backend menu for any user or role. Find out more from [How to manage WordPress backend menu](https://aamplugin.com/~~help~~/how-to-manage-wordpress-backend-menu) article;
39	* [free] Manage Roles & Capabilities. Manage all your WordPress role and capabilities.
40	- * [free] Create temporary user accounts. Create and manage temporary user accounts. Find out more from [How to create temporary WordPress user account](https://aamplugin.com/~~help~~/how-to-create-temporary-wordpress-user-account);
41	- * [limited] Content access. Very granular access to unlimited number of post, page or custom post type ([19 different options](https://aamplugin.com/~~help~~#posts-~~and-~~terms)). With premium [Plus Package](https://aamplugin.com/extension/plus-package) extension also manage access to hierarchical taxonomies or setup the default access to all post types and taxonomies. Find out more from [How to manage access to the WordPress content](https://aamplugin.com/~~help~~/how-to-manage-access-to-the-wordpress-content) article;
42	* [free] Manage Admin Toolbar. Filter out unnecessary items from the top admin toolbar for any role or user.
43	- * [free] Backend Lockdown. Restrict access to your website backend side for any user or role. Find out more from [How to lockdown WordPress backend](https://aamplugin.com/~~help~~/how-to-lockdown-wordpress-backend) article;
44	- * [free] Secure Login Widget & Shortcode. Drop AJAX login widget or shortcode anywhere on your website. Find out more from [How does AAM Secure Login works](https://aamplugin.com/~~help~~/how-does-aam-secure-login-works) article;
45	* [free] Ability to enable/disable RESTful and XML-RPC APIs.
46	* [limited] URI Access. Allow or deny access to any page of you website by the page URL as well as how to redirect user when access is denied;
47	* [free] Manage access to RESTful or XML-RPC individual endpoints for any role, user or visitors.
48	- * [free] JWT authentication. Authenticate user with WordPress RESTful API and use received JWT token for further requests. Fid out more from [Hot to authenticate WordPress user with JWT token](https://aamplugin.com/~~help~~/how-to-authenticate-wordpress-user-with-jwt-token)
49	* [free] Login with URL. For more information check [WordPress: Temporary User Account, Login With URL & JWT Token](https://aamplugin.com/article/wordpress-temporary-user-account-login-with-url-jwt-token) article.
50	- * [free] Content Filter. Filter or replace parts of your content with AAM shortcodes. Find out more from [How to filter WordPress post content](https://aamplugin.com/~~help~~/how-to-filter-wordpress-post-content) article;
51	* [free] Login/Logout Redirects. Define custom login and logout redirect for any user or role;
52	- * [free] 404 Redirect. Redefine where user should be redirected when page does not exist. Find out more from [How to redirect on WordPress 404 error](https://aamplugin.com/~~help~~/how-to-redirect-on-wordpress-404-error);
53	* [free] Access Denied Redirect. Define custom redirect for any role, user or visitors when access is denied for restricted area on your website;
54	- * [free] Manage Metaboxes & Widgets. Filter out restricted or unnecessary metaboxes and widgets on both frontend and backend for any user, role or visitors. Find out more from [How to hide WordPress metaboxes & widgets](https://aamplugin.com/~~help~~/how-to-hide-wordpress-metaboxes-and-widgets) article;
55	- * [paid] Manage access based on IP address or referred domain. Manage access to your website for all visitors based on referred host or IP address. Find out more from [How to manage access to WordPress website by IP address](https://aamplugin.com/~~help~~/how-to-manage-access-to-wordpress-website-by-ip-address) article;
56	- * [paid] Monetize access to you content. Start selling access to your website content with premium [E-Commerce](https://aamplugin.com/extension/ecommerce) extension. Find out more from [How to monetize access to the WordPress content](https://aamplugin.com/~~help~~/how-to-monetize-access-to-the-wordpress-content) article;
57	- * [free] Multisite support. Sync access settings across your network or even restrict none-members from accessing one of your sites. Find out more from [AAM and WordPress Multisite support](https://aamplugin.com/~~help~~/aam-and-wordpress-multisite-support);
58	* [free] Multiple role support. Finally AAM supports multiple roles per user [WordPress access control for users with multiple roles](https://aamplugin.com/article/wordpress-access-control-for-users-with-multiple-roles)
59	- * [and even more...] Check our [help page](https://aamplugin.com/~~help~~) to learn more about AAM
60
61	== Installation ==
62
	@@ -79,6 +79,13 @@ https://www.youtube.com/watch?v=mj5Xa_Wc16Y
79
80	== Changelog ==
81







82	= 5.8.3 =
83	* Fixed the bug with multi-lingual support
84	* Fixed the bug with LIMIT option that escaped quotes in the message


2	Contributors: vasyltech
3	Tags: access control, membership, backend menu, user role, restricted content, security, jwt
4	Requires at least: 4.0
5	+ Tested up to: 5.1
6	+ Stable tag: 5.9
7
8	All you need to manage access to you WordPress websites on frontend, backend and API levels for any role, user or visitors.
9

16	= Few Quick Facts =
17
18	* The only plugin that gives you absolute freedom to define the most granular access to any aspect of your website and most of the feature are free;
19	+ * Bullet-proven plugin that is used on over 100,000 websites where all features are well-tested and [documented](https://aamplugin.com/support). Very low amount of support tickets speaks for quality;
20	* It is the only plugin that gives you the ability to manage access to your website content for any role, individual user and visitors or even define the default access to all posts, pages, custom post types, categories and custom hierarchical taxonomies;
21	* AAM is [developer oriented plugin](https://aamplugin.com/developers). It has dozens of hooks and configurations. It is integrated with WordPress RESTful and XML-RPC APIs and has numerous abstract layers to simplify coding;
22	* No ads or other promotional crap. The UI is clean and well crafted so you can focus only on what matters;

25
26	= Main Areas Of Focus =
27
28	+ * [Access & Security Policy](https://aamplugin.com/reference/policy) allows you to define who, when, how and under what conditions your website resources can be accessed;
29	* Content access control on frontend, backend and API sides to posts, pages, custom post types, categories, custom hierarchical taxonomies and CPTs for any role, user and visitors;
30	* Roles & capabilities management with ability to create new roles and capabilities, edit, clone or delete existing;
31	* Access control to backend area including backend menu, toolbar, metaboxes & widgets;

35
36	= The Most Popular Features =
37
38	+ * [free] Manage Backend Menu. Manage access to the backend menu for any user or role. Find out more from [How to manage WordPress backend menu](https://aamplugin.com/article/how-to-manage-wordpress-backend-menu) article;
39	* [free] Manage Roles & Capabilities. Manage all your WordPress role and capabilities.
40	+ * [free] Create temporary user accounts. Create and manage temporary user accounts. Find out more from [How to create temporary WordPress user account](https://aamplugin.com/article/how-to-create-temporary-wordpress-user-account);
41	+ * [limited] Content access. Very granular access to unlimited number of post, page or custom post type ([19 different options](https://aamplugin.com/reference/plugin#posts-terms)). With premium [Plus Package](https://aamplugin.com/extension/plus-package) extension also manage access to hierarchical taxonomies or setup the default access to all post types and taxonomies. Find out more from [How to manage access to the WordPress content](https://aamplugin.com/article/how-to-manage-access-to-the-wordpress-content) article;
42	* [free] Manage Admin Toolbar. Filter out unnecessary items from the top admin toolbar for any role or user.
43	+ * [free] Backend Lockdown. Restrict access to your website backend side for any user or role. Find out more from [How to lockdown WordPress backend](https://aamplugin.com/article/how-to-lockdown-wordpress-backend) article;
44	+ * [free] Secure Login Widget & Shortcode. Drop AJAX login widget or shortcode anywhere on your website. Find out more from [How does AAM Secure Login works](https://aamplugin.com/article/how-does-aam-secure-login-works) article;
45	* [free] Ability to enable/disable RESTful and XML-RPC APIs.
46	* [limited] URI Access. Allow or deny access to any page of you website by the page URL as well as how to redirect user when access is denied;
47	* [free] Manage access to RESTful or XML-RPC individual endpoints for any role, user or visitors.
48	+ * [free] JWT authentication. Authenticate user with WordPress RESTful API and use received JWT token for further requests. Fid out more from [Hot to authenticate WordPress user with JWT token](https://aamplugin.com/article/how-to-authenticate-wordpress-user-with-jwt-token)
49	* [free] Login with URL. For more information check [WordPress: Temporary User Account, Login With URL & JWT Token](https://aamplugin.com/article/wordpress-temporary-user-account-login-with-url-jwt-token) article.
50	+ * [free] Content Filter. Filter or replace parts of your content with AAM shortcodes. Find out more from [How to filter WordPress post content](https://aamplugin.com/article/how-to-filter-wordpress-post-content) article;
51	* [free] Login/Logout Redirects. Define custom login and logout redirect for any user or role;
52	+ * [free] 404 Redirect. Redefine where user should be redirected when page does not exist. Find out more from [How to redirect on WordPress 404 error](https://aamplugin.com/article/how-to-redirect-on-wordpress-404-error);
53	* [free] Access Denied Redirect. Define custom redirect for any role, user or visitors when access is denied for restricted area on your website;
54	+ * [free] Manage Metaboxes & Widgets. Filter out restricted or unnecessary metaboxes and widgets on both frontend and backend for any user, role or visitors. Find out more from [How to hide WordPress metaboxes & widgets](https://aamplugin.com/article/how-to-hide-wordpress-metaboxes-and-widgets) article;
55	+ * [paid] Manage access based on IP address or referred domain. Manage access to your website for all visitors based on referred host or IP address. Find out more from [How to manage access to WordPress website by IP address](https://aamplugin.com/article/how-to-manage-access-to-wordpress-website-by-ip-address) article;
56	+ * [paid] Monetize access to you content. Start selling access to your website content with premium [E-Commerce](https://aamplugin.com/extension/ecommerce) extension. Find out more from [How to monetize access to the WordPress content](https://aamplugin.com/article/how-to-monetize-access-to-the-wordpress-content) article;
57	+ * [free] Multisite support. Sync access settings across your network or even restrict none-members from accessing one of your sites. Find out more from [AAM and WordPress Multisite support](https://aamplugin.com/article/aam-and-wordpress-multisite-support);
58	* [free] Multiple role support. Finally AAM supports multiple roles per user [WordPress access control for users with multiple roles](https://aamplugin.com/article/wordpress-access-control-for-users-with-multiple-roles)
59	+ * [and even more...] Check our [help page](https://aamplugin.com/support) to learn more about AAM
60
61	== Installation ==
62

79
80	== Changelog ==
81
82	+ = 5.9 =
83	+ * Fixed the bug with publish pages not being managed correctly
84	+ * Fixed the bug with getting correct post from the list of posts
85	+ * Significantly enhanced AAM UI security
86	+ * Added ability to toggle default term for any post type
87	+ * Added ability to assign multiple roles per user
88	+
89	= 5.8.3 =
90	* Fixed the bug with multi-lingual support
91	* Fixed the bug with LIMIT option that escaped quotes in the message

Advanced Access Manager - Version 5.9

Version Description

Release Info

Code changes from version 5.8.3 to 5.9