Advanced Access Manager - Version 5.9.6

Version Description

  • Fixed the bug with URI Access feature for URIs with trailing forward slash "/"
  • Fixed the bug with Access Policy where incorrect default value was propagated
  • Fixed the bug with API Routes not merged properly with multiple-roles support
  • Added HTTP Redirect Code to URI Access, Posts & Terms features
  • Added new Access Policy marker type QUERY that is alias for the GET
  • Added support for the null data type for Access Policy data type casting
  • Improved the way password-protected feature works; enhanced Access Policy to support it https://aamplugin.com/reference/policy#post
  • Deprecated and removed internal AAM cache by optimizing AAM performance. Cache became major constrain for the dynamic Access Policy conditions
Download this release

Release Info

Developer vasyltech
Plugin Icon 128x128 Advanced Access Manager
Version 5.9.6
Comparing to
See all releases

Code changes from version 5.9.5 to 5.9.6

Files changed (45) hide show
  1. Application/Api/Rest/Resource/Post.php +2 -7
  2. Application/Backend/Feature/Main/Capability.php +6 -0
  3. Application/Backend/Feature/Main/Policy.php +0 -5
  4. Application/Backend/Feature/Main/Post.php +0 -5
  5. Application/Backend/Feature/Main/Uri.php +3 -1
  6. Application/Backend/Feature/Settings/Manager.php +0 -2
  7. Application/Backend/Filter.php +0 -22
  8. Application/Backend/Manager.php +27 -17
  9. Application/Backend/phtml/index.phtml +1 -4
  10. Application/Backend/phtml/main/404redirect.phtml +2 -2
  11. Application/Backend/phtml/main/capability.phtml +14 -5
  12. Application/Backend/phtml/main/login-redirect.phtml +2 -2
  13. Application/Backend/phtml/main/logout-redirect.phtml +2 -2
  14. Application/Backend/phtml/main/redirect.phtml +5 -5
  15. Application/Backend/phtml/main/uri.phtml +16 -1
  16. Application/Backend/phtml/metabox/metabox-content.phtml +1 -1
  17. Application/Backend/phtml/partial/post-advanced-settings.phtml +16 -2
  18. Application/Core/API.php +13 -2
  19. Application/Core/Cache.php +1 -1
  20. Application/Core/Compatibility.php +97 -9
  21. Application/Core/Gateway.php +11 -10
  22. Application/Core/Object/Cache.php +2 -35
  23. Application/Core/Object/Post.php +35 -85
  24. Application/Core/Object/Route.php +9 -0
  25. Application/Core/Object/Uri.php +54 -19
  26. Application/Core/Object/Visibility.php +39 -52
  27. Application/Core/Policy/Condition.php +10 -5
  28. Application/Core/Policy/Factory.php +1 -1
  29. Application/Core/Policy/Manager.php +52 -35
  30. Application/Core/Policy/Token.php +28 -7
  31. Application/Core/Request.php +2 -2
  32. Application/Core/Subject.php +0 -2
  33. Application/Frontend/Authorization.php +3 -3
  34. Application/Frontend/Filter.php +1 -0
  35. Application/Frontend/Manager.php +3 -8
  36. Application/Shared/Manager.php +7 -28
  37. aam.php +2 -2
  38. license.txt +1 -1
  39. media/css/aam.css +1 -1
  40. media/css/bootstrap.min.css +1 -1
  41. media/font/fontello.svg +2 -2
  42. media/js/{aam-5.9.5.js → aam-5.9.6.js} +38 -43
  43. media/js/vendor.js +4 -4
  44. readme.txt +12 -2
  45. vendor/firebase/JWT.php +1 -1
Application/Api/Rest/Resource/Post.php CHANGED
@@ -301,14 +301,9 @@ class AAM_Api_Rest_Resource_Post {
301
  $result = null;
302
 
303
  if ($post->has('api.protected')) {
304
- $pass = $post->get('api.password');
305
 
306
- // initialize hasher
307
- require_once( ABSPATH . 'wp-includes/class-phpass.php' );
308
- $hasher = new PasswordHash(8, true);
309
-
310
- if ($pass !== $request['password']
311
- && !$hasher->CheckPassword($pass, $request['password'])) {
312
  $result = new WP_Error(
313
  'rest_post_cannot_read',
314
  "The content is password protected. Provide valid password to read.",
301
  $result = null;
302
 
303
  if ($post->has('api.protected')) {
304
+ $pass = $post->get('api.password');
305
 
306
+ if ($request['password'] !== $pass) {
 
 
 
 
 
307
  $result = new WP_Error(
308
  'rest_post_cannot_read',
309
  "The content is password protected. Provide valid password to read.",
Application/Backend/Feature/Main/Capability.php CHANGED
@@ -279,8 +279,14 @@ class AAM_Backend_Feature_Main_Capability extends AAM_Backend_Feature_Abstract {
279
  */
280
  public function add() {
281
  $capability = sanitize_text_field(AAM_Core_Request::post('capability'));
 
282
 
283
  if ($capability) {
 
 
 
 
 
284
  $result = AAM_Backend_Subject::getInstance()->addCapability($capability);
285
 
286
  $response = array('status' => ($result ? 'success' : 'failure'));
279
  */
280
  public function add() {
281
  $capability = sanitize_text_field(AAM_Core_Request::post('capability'));
282
+ $assign = filter_input(INPUT_POST, 'assign', FILTER_VALIDATE_INT);
283
 
284
  if ($capability) {
285
+ // Add capability to current user if checkbox checked
286
+ if ($assign === 1) {
287
+ AAM::api()->getUser()->addCapability($capability);
288
+ }
289
+
290
  $result = AAM_Backend_Subject::getInstance()->addCapability($capability);
291
 
292
  $response = array('status' => ($result ? 'success' : 'failure'));
Application/Backend/Feature/Main/Policy.php CHANGED
@@ -91,9 +91,6 @@ class AAM_Backend_Feature_Main_Policy extends AAM_Backend_Feature_Abstract {
91
 
92
  // Verify that current user can perform following action
93
  if (AAM_Core_Policy_Factory::get()->canTogglePolicy($id, $action)) {
94
- //clear cache
95
- AAM_Core_API::clearCache();
96
-
97
  $result = $subject->save($id, $effect, 'policy');
98
  } else {
99
  $result = false;
@@ -139,8 +136,6 @@ class AAM_Backend_Feature_Main_Policy extends AAM_Backend_Feature_Abstract {
139
  * @return type
140
  */
141
  protected function retrievePolicies() {
142
- $search = trim(AAM_Core_Request::request('search.value'));
143
-
144
  $list = get_posts(array(
145
  'post_type' => 'aam_policy',
146
  'numberposts' => -1,
91
 
92
  // Verify that current user can perform following action
93
  if (AAM_Core_Policy_Factory::get()->canTogglePolicy($id, $action)) {
 
 
 
94
  $result = $subject->save($id, $effect, 'policy');
95
  } else {
96
  $result = false;
136
  * @return type
137
  */
138
  protected function retrievePolicies() {
 
 
139
  $list = get_posts(array(
140
  'post_type' => 'aam_policy',
141
  'numberposts' => -1,
Application/Backend/Feature/Main/Post.php CHANGED
@@ -524,9 +524,6 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
524
  $param = AAM_Core_Request::post('param');
525
  $value = filter_input(INPUT_POST, 'value');
526
 
527
- //clear cache
528
- AAM_Core_API::clearCache();
529
-
530
  $result = $subject->save($param, $value, $object, $id);
531
 
532
  return wp_json_encode(array(
@@ -550,8 +547,6 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
550
  $object = AAM_Backend_Subject::getInstance()->getObject($type, $id);
551
  if ($object instanceof AAM_Core_Object) {
552
  $result = $object->reset();
553
- //clear cache
554
- AAM_Core_API::clearCache();
555
  } else {
556
  $result = false;
557
  }
524
  $param = AAM_Core_Request::post('param');
525
  $value = filter_input(INPUT_POST, 'value');
526
 
 
 
 
527
  $result = $subject->save($param, $value, $object, $id);
528
 
529
  return wp_json_encode(array(
547
  $object = AAM_Backend_Subject::getInstance()->getObject($type, $id);
548
  if ($object instanceof AAM_Core_Object) {
549
  $result = $object->reset();
 
 
550
  } else {
551
  $result = false;
552
  }
Application/Backend/Feature/Main/Uri.php CHANGED
@@ -44,6 +44,7 @@ class AAM_Backend_Feature_Main_Uri extends AAM_Backend_Feature_Abstract {
44
  $id = filter_input(INPUT_POST, 'id');
45
  $type = filter_input(INPUT_POST, 'type');
46
  $value = filter_input(INPUT_POST, 'value');
 
47
 
48
  $object = AAM_Backend_Subject::getInstance()->getObject('uri');
49
 
@@ -51,7 +52,7 @@ class AAM_Backend_Feature_Main_Uri extends AAM_Backend_Feature_Abstract {
51
  $id = uniqid();
52
  }
53
 
54
- $object->save($id, str_replace(site_url(), '', $uri), $type, $value);
55
 
56
  return wp_json_encode(array('status' => 'success'));
57
  }
@@ -114,6 +115,7 @@ class AAM_Backend_Feature_Main_Uri extends AAM_Backend_Feature_Abstract {
114
  $rule['uri'],
115
  $rule['type'],
116
  $rule['action'],
 
117
  'edit,delete'
118
  );
119
  }
44
  $id = filter_input(INPUT_POST, 'id');
45
  $type = filter_input(INPUT_POST, 'type');
46
  $value = filter_input(INPUT_POST, 'value');
47
+ $code = filter_input(INPUT_POST, 'code');
48
 
49
  $object = AAM_Backend_Subject::getInstance()->getObject('uri');
50
 
52
  $id = uniqid();
53
  }
54
 
55
+ $object->save($id, str_replace(site_url(), '', $uri), $type, $value, $code);
56
 
57
  return wp_json_encode(array('status' => 'success'));
58
  }
115
  $rule['uri'],
116
  $rule['type'],
117
  $rule['action'],
118
+ isset($rule['code']) ? $rule['code'] : 307,
119
  'edit,delete'
120
  );
121
  }
Application/Backend/Feature/Settings/Manager.php CHANGED
@@ -52,8 +52,6 @@ class AAM_Backend_Feature_Settings_Manager extends AAM_Backend_Feature_Abstract
52
  * @access public
53
  */
54
  public function clearCache() {
55
- AAM_Core_API::clearCache();
56
-
57
  return wp_json_encode(array('status' => 'success'));
58
  }
59
 
52
  * @access public
53
  */
54
  public function clearCache() {
 
 
55
  return wp_json_encode(array('status' => 'success'));
56
  }
57
 
Application/Backend/Filter.php CHANGED
@@ -50,8 +50,6 @@ class AAM_Backend_Filter {
50
  add_filter('page_row_actions', array($this, 'postRowActions'), 10, 2);
51
  add_filter('post_row_actions', array($this, 'postRowActions'), 10, 2);
52
 
53
- add_action('pre_post_update', array($this, 'prePostUpdate'), 10, 2);
54
-
55
  //user/role filters
56
  if (!is_multisite() || !is_super_admin()) {
57
  add_filter('editable_roles', array($this, 'filterRoles'));
@@ -161,26 +159,6 @@ class AAM_Backend_Filter {
161
  return $actions;
162
  }
163
 
164
- /**
165
- * Post update hook
166
- *
167
- * Clear cache if post owner changed
168
- *
169
- * @param int $id
170
- * @param array $data
171
- *
172
- * @return void
173
- *
174
- * @access public
175
- */
176
- public function prePostUpdate($id, $data) {
177
- $post = get_post($id);
178
-
179
- if (intval($post->post_author) !== intval($data['post_author'])) {
180
- AAM_Core_API::clearCache();
181
- }
182
- }
183
-
184
  /**
185
  * Filter roles
186
  *
50
  add_filter('page_row_actions', array($this, 'postRowActions'), 10, 2);
51
  add_filter('post_row_actions', array($this, 'postRowActions'), 10, 2);
52
 
 
 
53
  //user/role filters
54
  if (!is_multisite() || !is_super_admin()) {
55
  add_filter('editable_roles', array($this, 'filterRoles'));
159
  return $actions;
160
  }
161
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
162
  /**
163
  * Filter roles
164
  *
Application/Backend/Manager.php CHANGED
@@ -38,9 +38,6 @@ class AAM_Backend_Manager {
38
  //check if user switch is required
39
  $this->checkUserSwitch();
40
 
41
- //cache clearing hook
42
- add_action('aam-clear-cache-action', 'AAM_Core_API::clearCache');
43
-
44
  //print required JS & CSS
45
  add_action('admin_print_scripts', array($this, 'printJavascript'));
46
  add_action('admin_print_footer_scripts', array($this, 'printFooterJavascript'));
@@ -226,20 +223,38 @@ class AAM_Backend_Manager {
226
  public function filterPostData($data) {
227
  if (isset($data['post_type']) && ($data['post_type'] === 'aam_policy')) {
228
  $content = trim(filter_input(INPUT_POST, 'aam-policy'));
229
-
230
- if (!empty($content)) { // Edit form was submitted
231
- $data['post_content'] = addslashes($content);
232
- }
233
-
234
  if (empty($data['post_content'])) {
235
- $data['post_content'] = AAM_Backend_View_Helper::getDefaultPolicy();
236
  }
237
-
238
- AAM_Core_API::clearCache();
 
 
 
 
 
 
239
  }
240
 
241
  return $data;
242
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
243
 
244
  /**
245
  *
@@ -357,11 +372,6 @@ class AAM_Backend_Manager {
357
  }
358
  }
359
  }
360
-
361
- //role changed?
362
- if (implode('', $user->roles) !== implode('', $old->roles)) {
363
- AAM_Core_API::clearCache(new AAM_Core_Subject_User($id));
364
- }
365
  }
366
 
367
  /**
@@ -798,7 +808,7 @@ class AAM_Backend_Manager {
798
  public function printJavascript() {
799
  if (AAM::isAAM()) {
800
  wp_enqueue_script('aam-vendor', AAM_MEDIA . '/js/vendor.js');
801
- wp_enqueue_script('aam-main', AAM_MEDIA . '/js/aam-5.9.5.js');
802
 
803
  //add plugin localization
804
  $this->printLocalization('aam-main');
38
  //check if user switch is required
39
  $this->checkUserSwitch();
40
 
 
 
 
41
  //print required JS & CSS
42
  add_action('admin_print_scripts', array($this, 'printJavascript'));
43
  add_action('admin_print_footer_scripts', array($this, 'printFooterJavascript'));
223
  public function filterPostData($data) {
224
  if (isset($data['post_type']) && ($data['post_type'] === 'aam_policy')) {
225
  $content = trim(filter_input(INPUT_POST, 'aam-policy'));
226
+
 
 
 
 
227
  if (empty($data['post_content'])) {
228
+ $content = AAM_Backend_View_Helper::getDefaultPolicy();
229
  }
230
+
231
+ $content = $this->formatPolicy($content);
232
+
233
+ if (!empty($content)) { // Edit form was submitted
234
+ $content = addslashes($content);
235
+ }
236
+
237
+ $data['post_content'] = $content;
238
  }
239
 
240
  return $data;
241
  }
242
+
243
+ /**
244
+ * Undocumented function
245
+ *
246
+ * @param [type] $content
247
+ * @return void
248
+ */
249
+ protected function formatPolicy($content) {
250
+ $json = json_decode($content);
251
+
252
+ if (!empty($json)) {
253
+ $content = wp_json_encode($json, JSON_PRETTY_PRINT);
254
+ }
255
+
256
+ return $content;
257
+ }
258
 
259
  /**
260
  *
372
  }
373
  }
374
  }
 
 
 
 
 
375
  }
376
 
377
  /**
808
  public function printJavascript() {
809
  if (AAM::isAAM()) {
810
  wp_enqueue_script('aam-vendor', AAM_MEDIA . '/js/vendor.js');
811
+ wp_enqueue_script('aam-main', AAM_MEDIA . '/js/aam-5.9.6.js');
812
 
813
  //add plugin localization
814
  $this->printLocalization('aam-main');
Application/Backend/phtml/index.phtml CHANGED
@@ -80,10 +80,7 @@
80
  <div class="postbox">
81
  <div class="inside">
82
  <div class="row">
83
- <div class="col-xs-12 col-md-6">
84
- <a href="#" class="btn btn-primary btn-block" id="clear-cache"><?php echo __('Clear AAM Cache', AAM_KEY); ?></a>
85
- </div>
86
- <div class="col-xs-12 col-md-6">
87
  <a href="#clear-settings-modal" data-toggle="modal" class="btn btn-danger btn-block"><?php echo __('Reset AAM Settings', AAM_KEY); ?></a>
88
  </div>
89
  </div>
80
  <div class="postbox">
81
  <div class="inside">
82
  <div class="row">
83
+ <div class="col-xs-12 col-md-12">
 
 
 
84
  <a href="#clear-settings-modal" data-toggle="modal" class="btn btn-danger btn-block"><?php echo __('Reset AAM Settings', AAM_KEY); ?></a>
85
  </div>
86
  </div>
Application/Backend/phtml/main/404redirect.phtml CHANGED
@@ -29,7 +29,7 @@
29
  </div>
30
  <div class="radio">
31
  <input type="radio" name="frontend.404redirect.type" id="frontend-404redirect-callback" data-action="#404redirect-callback-action" value="callback"<?php echo ($type == 'callback' ? ' checked' : ''); ?> />
32
- <label for="frontend-404redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="http://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
33
  </div>
34
 
35
  <div class="form-group aam-404redirect-action" id="404redirect-page-action" style="display: <?php echo ($type == 'page' ? 'block' : 'none'); ?>;">
@@ -49,7 +49,7 @@
49
 
50
  <div class="form-group aam-404redirect-action" id="404redirect-url-action" style="display: <?php echo ($type == 'url' ? 'block' : 'none'); ?>;">
51
  <label for="frontend-url"><?php echo __('The URL', AAM_KEY); ?></label>
52
- <input type="text" class="form-control" name="frontend.404redirect.url" placeholder="http://" value="<?php echo AAM_Core_Config::get('frontend.404redirect.url'); ?>" />
53
  </div>
54
 
55
  <div class="form-group aam-404redirect-action" id="404redirect-callback-action" style="display: <?php echo ($type == 'callback' ? 'block' : 'none'); ?>;">
29
  </div>
30
  <div class="radio">
31
  <input type="radio" name="frontend.404redirect.type" id="frontend-404redirect-callback" data-action="#404redirect-callback-action" value="callback"<?php echo ($type == 'callback' ? ' checked' : ''); ?> />
32
+ <label for="frontend-404redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="https://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
33
  </div>
34
 
35
  <div class="form-group aam-404redirect-action" id="404redirect-page-action" style="display: <?php echo ($type == 'page' ? 'block' : 'none'); ?>;">
49
 
50
  <div class="form-group aam-404redirect-action" id="404redirect-url-action" style="display: <?php echo ($type == 'url' ? 'block' : 'none'); ?>;">
51
  <label for="frontend-url"><?php echo __('The URL', AAM_KEY); ?></label>
52
+ <input type="text" class="form-control" name="frontend.404redirect.url" placeholder="https://" value="<?php echo AAM_Core_Config::get('frontend.404redirect.url'); ?>" />
53
  </div>
54
 
55
  <div class="form-group aam-404redirect-action" id="404redirect-callback-action" style="display: <?php echo ($type == 'callback' ? 'block' : 'none'); ?>;">
Application/Backend/phtml/main/capability.phtml CHANGED
@@ -1,7 +1,7 @@
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <div class="aam-feature" id="capability-content">
3
  <?php $subject = AAM_Backend_Subject::getInstance(); ?>
4
-
5
  <div class="row">
6
  <div class="col-xs-12">
7
  <p class="aam-notification">
@@ -9,7 +9,7 @@
9
  </p>
10
  </div>
11
  </div>
12
-
13
  <div class="aam-feature-top-actions text-right">
14
  <div class="btn-group">
15
  <a href="#" class="btn btn-xs btn-primary dropdown-toggle" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" id="capability-filter">
@@ -25,7 +25,7 @@
25
  </div>
26
  <a href="#" class="btn btn-xs btn-primary" id="add-capability"><i class="icon-plus"></i> <?php echo __('Create', AAM_KEY); ?></a>
27
  </div>
28
-
29
  <div class="row">
30
  <div class="col-xs-12">
31
  <div class="aam-overwrite" id="aam-capability-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
@@ -59,6 +59,11 @@
59
  <label for="new-capability-name"><?php echo __('Capability', AAM_KEY); ?><span class="aam-asterix">*</span></label>
60
  <input type="text" class="form-control" id="new-capability-name" placeholder="<?php echo __('Enter Capability', AAM_KEY); ?>" />
61
  </div>
 
 
 
 
 
62
  </div>
63
  <div class="modal-footer">
64
  <button type="button" class="btn btn-success" id="add-capability-btn"><?php echo __('Create', AAM_KEY); ?></button>
@@ -80,7 +85,11 @@
80
  <label for="capability-id"><?php echo __('Capability', AAM_KEY); ?><span class="aam-asterix">*</span></label>
81
  <input type="text" class="form-control" id="capability-id" placeholder="<?php echo __('Enter Capability', AAM_KEY); ?>" />
82
  </div>
83
- <p class="aam-info aam-hint"><?php echo AAM_Backend_View_Helper::preparePhrase('[Please note!] Capability will be updated for all roles. Any functionality that depends on this capability may not work properly.', 'strong'); ?></p>
 
 
 
 
84
  </div>
85
  <div class="modal-footer">
86
  <button type="button" class="btn btn-warning" id="update-capability-btn"><?php echo __('Update', AAM_KEY); ?></button>
@@ -108,4 +117,4 @@
108
  </div>
109
  </div>
110
  </div>
111
- <?php }
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <div class="aam-feature" id="capability-content">
3
  <?php $subject = AAM_Backend_Subject::getInstance(); ?>
4
+
5
  <div class="row">
6
  <div class="col-xs-12">
7
  <p class="aam-notification">
9
  </p>
10
  </div>
11
  </div>
12
+
13
  <div class="aam-feature-top-actions text-right">
14
  <div class="btn-group">
15
  <a href="#" class="btn btn-xs btn-primary dropdown-toggle" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" id="capability-filter">
25
  </div>
26
  <a href="#" class="btn btn-xs btn-primary" id="add-capability"><i class="icon-plus"></i> <?php echo __('Create', AAM_KEY); ?></a>
27
  </div>
28
+
29
  <div class="row">
30
  <div class="col-xs-12">
31
  <div class="aam-overwrite" id="aam-capability-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
59
  <label for="new-capability-name"><?php echo __('Capability', AAM_KEY); ?><span class="aam-asterix">*</span></label>
60
  <input type="text" class="form-control" id="new-capability-name" placeholder="<?php echo __('Enter Capability', AAM_KEY); ?>" />
61
  </div>
62
+ <div class="checkbox">
63
+ <label>
64
+ <input type="checkbox" id="assign-new-capability" value="1" /> <?php echo __('Also assign this capability to me', AAM_KEY); ?>
65
+ </label>
66
+ </div>
67
  </div>
68
  <div class="modal-footer">
69
  <button type="button" class="btn btn-success" id="add-capability-btn"><?php echo __('Create', AAM_KEY); ?></button>
85
  <label for="capability-id"><?php echo __('Capability', AAM_KEY); ?><span class="aam-asterix">*</span></label>
86
  <input type="text" class="form-control" id="capability-id" placeholder="<?php echo __('Enter Capability', AAM_KEY); ?>" />
87
  </div>
88
+ <div class="checkbox">
89
+ <label>
90
+ <input type="checkbox" id="update-capability" value="1" /> <?php echo __('Update this capability for me too', AAM_KEY); ?>
91
+ </label>
92
+ </div>
93
  </div>
94
  <div class="modal-footer">
95
  <button type="button" class="btn btn-warning" id="update-capability-btn"><?php echo __('Update', AAM_KEY); ?></button>
117
  </div>
118
  </div>
119
  </div>
120
+ <?php }
Application/Backend/phtml/main/login-redirect.phtml CHANGED
@@ -36,7 +36,7 @@
36
  </div>
37
  <div class="radio">
38
  <input type="radio" name="login.redirect.type" id="login-redirect-callback" data-action="#callback-login-redirect-action" value="callback"<?php echo ($type == 'callback' ? ' checked' : ''); ?> />
39
- <label for="login-redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="http://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
40
  </div>
41
 
42
  <div class="form-group login-redirect-action" id="page-login-redirect-action" style="display: <?php echo ($type == 'page' ? 'block' : 'none'); ?>;">
@@ -56,7 +56,7 @@
56
 
57
  <div class="form-group login-redirect-action" id="url-login-redirect-action" style="display: <?php echo ($type == 'url' ? 'block' : 'none'); ?>;">
58
  <label><?php echo __('The URL', AAM_KEY); ?></label>
59
- <input type="text" class="form-control" name="login.redirect.url" placeholder="http://" value="<?php echo $this->getOption('login.redirect.url'); ?>" />
60
  </div>
61
 
62
  <div class="form-group login-redirect-action" id="callback-login-redirect-action" style="display: <?php echo ($type == 'callback' ? 'block' : 'none'); ?>;">
36
  </div>
37
  <div class="radio">
38
  <input type="radio" name="login.redirect.type" id="login-redirect-callback" data-action="#callback-login-redirect-action" value="callback"<?php echo ($type == 'callback' ? ' checked' : ''); ?> />
39
+ <label for="login-redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="https://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
40
  </div>
41
 
42
  <div class="form-group login-redirect-action" id="page-login-redirect-action" style="display: <?php echo ($type == 'page' ? 'block' : 'none'); ?>;">
56
 
57
  <div class="form-group login-redirect-action" id="url-login-redirect-action" style="display: <?php echo ($type == 'url' ? 'block' : 'none'); ?>;">
58
  <label><?php echo __('The URL', AAM_KEY); ?></label>
59
+ <input type="text" class="form-control" name="login.redirect.url" placeholder="https://" value="<?php echo $this->getOption('login.redirect.url'); ?>" />
60
  </div>
61
 
62
  <div class="form-group login-redirect-action" id="callback-login-redirect-action" style="display: <?php echo ($type == 'callback' ? 'block' : 'none'); ?>;">
Application/Backend/phtml/main/logout-redirect.phtml CHANGED
@@ -36,7 +36,7 @@
36
  </div>
37
  <div class="radio">
38
  <input type="radio" name="logout.redirect.type" id="logout-redirect-callback" data-action="#callback-logout-redirect-action" value="callback"<?php echo ($type == 'callback' ? ' checked' : ''); ?> />
39
- <label for="logout-redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="http://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
40
  </div>
41
 
42
  <div class="form-group logout-redirect-action" id="page-logout-redirect-action" style="display: <?php echo ($type == 'page' ? 'block' : 'none'); ?>;">
@@ -56,7 +56,7 @@
56
 
57
  <div class="form-group logout-redirect-action" id="url-logout-redirect-action" style="display: <?php echo ($type == 'url' ? 'block' : 'none'); ?>;">
58
  <label><?php echo __('The URL', AAM_KEY); ?></label>
59
- <input type="text" class="form-control" name="logout.redirect.url" placeholder="http://" value="<?php echo $this->getOption('logout.redirect.url'); ?>" />
60
  </div>
61
 
62
  <div class="form-group logout-redirect-action" id="callback-logout-redirect-action" style="display: <?php echo ($type == 'callback' ? 'block' : 'none'); ?>;">
36
  </div>
37
  <div class="radio">
38
  <input type="radio" name="logout.redirect.type" id="logout-redirect-callback" data-action="#callback-logout-redirect-action" value="callback"<?php echo ($type == 'callback' ? ' checked' : ''); ?> />
39
+ <label for="logout-redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="https://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
40
  </div>
41
 
42
  <div class="form-group logout-redirect-action" id="page-logout-redirect-action" style="display: <?php echo ($type == 'page' ? 'block' : 'none'); ?>;">
56
 
57
  <div class="form-group logout-redirect-action" id="url-logout-redirect-action" style="display: <?php echo ($type == 'url' ? 'block' : 'none'); ?>;">
58
  <label><?php echo __('The URL', AAM_KEY); ?></label>
59
+ <input type="text" class="form-control" name="logout.redirect.url" placeholder="https://" value="<?php echo $this->getOption('logout.redirect.url'); ?>" />
60
  </div>
61
 
62
  <div class="form-group logout-redirect-action" id="callback-logout-redirect-action" style="display: <?php echo ($type == 'callback' ? 'block' : 'none'); ?>;">
Application/Backend/phtml/main/redirect.phtml CHANGED
@@ -55,7 +55,7 @@
55
  </div>
56
  <div class="radio">
57
  <input type="radio" name="frontend.redirect.type" id="frontend-redirect-callback" data-action="#frontend-callback-action" value="callback" data-group="frontend-redirect"<?php echo ($frontendType == 'callback' ? ' checked' : ''); ?> />
58
- <label for="frontend-redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="http://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
59
  </div>
60
 
61
  <div class="form-group aam-redirect-action frontend-redirect" id="frontend-message-action" style="display: <?php echo ($frontendType == 'message' ? 'block' : 'none'); ?>;">
@@ -80,7 +80,7 @@
80
 
81
  <div class="form-group aam-redirect-action frontend-redirect" id="frontend-url-action" style="display: <?php echo ($frontendType == 'url' ? 'block' : 'none'); ?>;">
82
  <label for="frontend-url"><?php echo __('The URL', AAM_KEY); ?></label>
83
- <input type="text" class="form-control" name="frontend.redirect.url" placeholder="http://" value="<?php echo $this->getOption('frontend.redirect.url'); ?>" />
84
  </div>
85
 
86
  <div class="form-group aam-redirect-action frontend-redirect" id="frontend-callback-action" style="display: <?php echo ($frontendType == 'callback' ? 'block' : 'none'); ?>;">
@@ -107,7 +107,7 @@
107
  </div>
108
  <div class="radio">
109
  <input type="radio" name="backend.redirect.type" id="backend-redirect-callback" data-action="#backend-callback-action" value="callback" data-group="backend-redirect"<?php echo ($backendType == 'callback' ? ' checked' : ''); ?> />
110
- <label for="backend-redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="http://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
111
  </div>
112
 
113
  <div class="form-group aam-redirect-action backend-redirect" id="backend-message" style="display: <?php echo ($backendType == 'message' ? 'block' : 'none'); ?>;">
@@ -132,9 +132,9 @@
132
 
133
  <div class="form-group aam-redirect-action backend-redirect" id="backend-url" style="display: <?php echo ($backendType == 'url' ? 'block' : 'none'); ?>;">
134
  <label for="backend-url"><?php echo __('The URL', AAM_KEY); ?></label>
135
- <input type="text" class="form-control" placeholder="http://" name="backend.redirect.url" value="<?php echo $this->getOption('backend.redirect.url'); ?>" />
136
  </div>
137
-
138
  <div class="form-group aam-redirect-action backend-redirect" id="backend-callback-action" style="display: <?php echo ($backendType == 'callback' ? 'block' : 'none'); ?>;">
139
  <label for="frontend-url"><?php echo __('PHP Callback Function', AAM_KEY); ?></label>
140
  <input type="text" class="form-control" placeholder="Enter valid callback" name="backend.redirect.callback" value="<?php echo $this->getOption('backend.redirect.callback'); ?>" />
55
  </div>
56
  <div class="radio">
57
  <input type="radio" name="frontend.redirect.type" id="frontend-redirect-callback" data-action="#frontend-callback-action" value="callback" data-group="frontend-redirect"<?php echo ($frontendType == 'callback' ? ' checked' : ''); ?> />
58
+ <label for="frontend-redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="https://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
59
  </div>
60
 
61
  <div class="form-group aam-redirect-action frontend-redirect" id="frontend-message-action" style="display: <?php echo ($frontendType == 'message' ? 'block' : 'none'); ?>;">
80
 
81
  <div class="form-group aam-redirect-action frontend-redirect" id="frontend-url-action" style="display: <?php echo ($frontendType == 'url' ? 'block' : 'none'); ?>;">
82
  <label for="frontend-url"><?php echo __('The URL', AAM_KEY); ?></label>
83
+ <input type="text" class="form-control" name="frontend.redirect.url" placeholder="https://" value="<?php echo $this->getOption('frontend.redirect.url'); ?>" />
84
  </div>
85
 
86
  <div class="form-group aam-redirect-action frontend-redirect" id="frontend-callback-action" style="display: <?php echo ($frontendType == 'callback' ? 'block' : 'none'); ?>;">
107
  </div>
108
  <div class="radio">
109
  <input type="radio" name="backend.redirect.type" id="backend-redirect-callback" data-action="#backend-callback-action" value="callback" data-group="backend-redirect"<?php echo ($backendType == 'callback' ? ' checked' : ''); ?> />
110
+ <label for="backend-redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="https://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
111
  </div>
112
 
113
  <div class="form-group aam-redirect-action backend-redirect" id="backend-message" style="display: <?php echo ($backendType == 'message' ? 'block' : 'none'); ?>;">
132
 
133
  <div class="form-group aam-redirect-action backend-redirect" id="backend-url" style="display: <?php echo ($backendType == 'url' ? 'block' : 'none'); ?>;">
134
  <label for="backend-url"><?php echo __('The URL', AAM_KEY); ?></label>
135
+ <input type="text" class="form-control" placeholder="https://" name="backend.redirect.url" value="<?php echo $this->getOption('backend.redirect.url'); ?>" />
136
  </div>
137
+
138
  <div class="form-group aam-redirect-action backend-redirect" id="backend-callback-action" style="display: <?php echo ($backendType == 'callback' ? 'block' : 'none'); ?>;">
139
  <label for="frontend-url"><?php echo __('PHP Callback Function', AAM_KEY); ?></label>
140
  <input type="text" class="form-control" placeholder="Enter valid callback" name="backend.redirect.callback" value="<?php echo $this->getOption('backend.redirect.callback'); ?>" />
Application/Backend/phtml/main/uri.phtml CHANGED
@@ -62,7 +62,7 @@
62
  </div>
63
  <div class="radio">
64
  <input type="radio" name="uri.access.type" id="uri-access-deny-callback" data-action="#uri-access-deny-callback-action" value="callback" />
65
- <label for="uri-access-deny-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="http://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
66
  </div>
67
 
68
  <div class="form-group aam-uri-access-action" id="uri-access-deny-message-action" style="display: none;">
@@ -88,6 +88,20 @@
88
  <input type="text" class="form-control form-clearable" placeholder="https://" id="uri-access-deny-url-value" />
89
  </div>
90
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
91
  <div class="form-group aam-uri-access-action" id="uri-access-deny-callback-action" style="display: none;">
92
  <label><?php echo __('PHP Callback Function', AAM_KEY); ?></label>
93
  <input type="text" class="form-control form-clearable" placeholder="Enter valid callback" id="uri-access-deny-callback-value" />
@@ -132,6 +146,7 @@
132
  <th width="80%"><?php echo __('URI', AAM_KEY); ?></th>
133
  <th><?php echo __('Type', AAM_KEY); ?></th>
134
  <th><?php echo __('Action', AAM_KEY); ?></th>
 
135
  <th><?php echo __('Actions', AAM_KEY); ?></th>
136
  </tr>
137
  </thead>
62
  </div>
63
  <div class="radio">
64
  <input type="radio" name="uri.access.type" id="uri-access-deny-callback" data-action="#uri-access-deny-callback-action" value="callback" />
65
+ <label for="uri-access-deny-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="https://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
66
  </div>
67
 
68
  <div class="form-group aam-uri-access-action" id="uri-access-deny-message-action" style="display: none;">
88
  <input type="text" class="form-control form-clearable" placeholder="https://" id="uri-access-deny-url-value" />
89
  </div>
90
 
91
+ <div class="form-group aam-uri-access-action" id="uri-access-deny-redirect-code" style="display: none;">
92
+ <label><?php echo __('HTTP Redirect Code', AAM_KEY); ?></label>
93
+ <select class="form-control form-clearable" id="uri-access-deny-redirect-code-value">
94
+ <option value=""><?php echo __('HTTP Code (Default 307)', AAM_KEY); ?></option>
95
+ <option value="301"><?php echo __('301 - Moved Permanently', AAM_KEY); ?></option>
96
+ <option value="302"><?php echo __('302 - Found', AAM_KEY); ?></option>
97
+ <option value="303"><?php echo __('303 - See Other', AAM_KEY); ?></option>
98
+ <option value="307"><?php echo __('307 - Temporary Redirect', AAM_KEY); ?></option>
99
+ <option value="401"><?php echo __('401 - Unauthorized', AAM_KEY); ?></option>
100
+ <option value="403"><?php echo __('403 - Forbidden', AAM_KEY); ?></option>
101
+ <option value="410"><?php echo __('410 - Gone', AAM_KEY); ?></option>
102
+ </select>
103
+ </div>
104
+
105
  <div class="form-group aam-uri-access-action" id="uri-access-deny-callback-action" style="display: none;">
106
  <label><?php echo __('PHP Callback Function', AAM_KEY); ?></label>
107
  <input type="text" class="form-control form-clearable" placeholder="Enter valid callback" id="uri-access-deny-callback-value" />
146
  <th width="80%"><?php echo __('URI', AAM_KEY); ?></th>
147
  <th><?php echo __('Type', AAM_KEY); ?></th>
148
  <th><?php echo __('Action', AAM_KEY); ?></th>
149
+ <th>HTTP Code</th>
150
  <th><?php echo __('Actions', AAM_KEY); ?></th>
151
  </tr>
152
  </thead>
Application/Backend/phtml/metabox/metabox-content.phtml CHANGED
@@ -1,5 +1,5 @@
1
  <!DOCTYPE html>
2
- <html xmlns="http://www.w3.org/1999/xhtml" lang="en-US">
3
  <head>
4
  <title>Post Access</title>
5
 
1
  <!DOCTYPE html>
2
+ <html xmlns="https://www.w3.org/1999/xhtml" lang="en-US">
3
  <head>
4
  <title>Post Access</title>
5
 
Application/Backend/phtml/partial/post-advanced-settings.phtml CHANGED
@@ -86,7 +86,7 @@
86
  </div>
87
  <div class="radio">
88
  <input type="radio" id="post-redirect-callback" name="post-redirect-type" class="post-redirect-type" data-action="#post-redirect-callback-action" value="callback" />
89
- <label for="post-redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="http://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
90
  </div>
91
 
92
  <div class="form-group post-redirect-action" id="post-redirect-page-action" style="display: none;">
@@ -104,7 +104,21 @@
104
 
105
  <div class="form-group post-redirect-action" id="post-redirect-url-action" style="display: none;">
106
  <label><?php echo __('The URL', AAM_KEY); ?></label>
107
- <input type="text" class="form-control post-redirect-value" id="post-redirect-url-value" placeholder="http://" value="" />
 
 
 
 
 
 
 
 
 
 
 
 
 
 
108
  </div>
109
 
110
  <div class="form-group post-redirect-action" id="post-redirect-callback-action" style="display: none;">
86
  </div>
87
  <div class="radio">
88
  <input type="radio" id="post-redirect-callback" name="post-redirect-type" class="post-redirect-type" data-action="#post-redirect-callback-action" value="callback" />
89
+ <label for="post-redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="https://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
90
  </div>
91
 
92
  <div class="form-group post-redirect-action" id="post-redirect-page-action" style="display: none;">
104
 
105
  <div class="form-group post-redirect-action" id="post-redirect-url-action" style="display: none;">
106
  <label><?php echo __('The URL', AAM_KEY); ?></label>
107
+ <input type="text" class="form-control post-redirect-value" id="post-redirect-url-value" placeholder="https://" value="" />
108
+ </div>
109
+
110
+ <div class="form-group post-redirect-action" id="post-redirect-code" style="display: none;">
111
+ <label><?php echo __('HTTP Redirect Code', AAM_KEY); ?></label>
112
+ <select class="form-control post-redirect-value" id="post-redirect-code-value">
113
+ <option value=""><?php echo __('HTTP Code (Default 307)', AAM_KEY); ?></option>
114
+ <option value="301"><?php echo __('301 - Moved Permanently', AAM_KEY); ?></option>
115
+ <option value="302"><?php echo __('302 - Found', AAM_KEY); ?></option>
116
+ <option value="303"><?php echo __('303 - See Other', AAM_KEY); ?></option>
117
+ <option value="307"><?php echo __('307 - Temporary Redirect', AAM_KEY); ?></option>
118
+ <option value="401"><?php echo __('401 - Unauthorized', AAM_KEY); ?></option>
119
+ <option value="403"><?php echo __('403 - Forbidden', AAM_KEY); ?></option>
120
+ <option value="410"><?php echo __('410 - Gone', AAM_KEY); ?></option>
121
+ </select>
122
  </div>
123
 
124
  <div class="form-group post-redirect-action" id="post-redirect-callback-action" style="display: none;">
Application/Core/API.php CHANGED
@@ -421,7 +421,7 @@ final class AAM_Core_API {
421
  *
422
  * @global type $wp_query
423
  *
424
- * @return WP_Post|null
425
  */
426
  public static function getCurrentPost() {
427
  global $wp_query, $post;
@@ -458,5 +458,16 @@ final class AAM_Core_API {
458
 
459
  return (is_a($res, 'WP_Post') ? $user->getObject('post', $res->ID) : null);
460
  }
461
-
 
 
 
 
 
 
 
 
 
 
 
462
  }
421
  *
422
  * @global type $wp_query
423
  *
424
+ * @return AAM_Core_Object_Post|null
425
  */
426
  public static function getCurrentPost() {
427
  global $wp_query, $post;
458
 
459
  return (is_a($res, 'WP_Post') ? $user->getObject('post', $res->ID) : null);
460
  }
461
+
462
+ /**
463
+ * Undocumented function
464
+ *
465
+ * @return PasswordHash
466
+ */
467
+ public static function prepareHasher() {
468
+ require_once ABSPATH . WPINC . '/class-phpass.php';
469
+
470
+ return new PasswordHash( 8, true );
471
+ }
472
+
473
  }
Application/Core/Cache.php CHANGED
@@ -12,7 +12,7 @@
12
  *
13
  * @package AAM
14
  * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- * @todo - Remove May 2019
16
  */
17
  class AAM_Core_Cache {
18
 
12
  *
13
  * @package AAM
14
  * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
+ * @todo - Remove with v6.0
16
  */
17
  class AAM_Core_Cache {
18
 
Application/Core/Compatibility.php CHANGED
@@ -25,19 +25,107 @@ class AAM_Core_Compatibility {
25
  /**
26
  * Compatibility between post actions and policy actions
27
  *
28
- * @param [type] $action
29
- * @param [type] $effect
 
 
 
30
  *
31
  * @return array
32
  */
33
- public static function convertPolicyAction($action, $effect, $prefix = '') {
34
- $action = apply_filters('aam-policy-post-resource-action-filter', $action);
35
 
36
- return array(
37
- "{$prefix}frontend.{$action}" => $effect,
38
- "{$prefix}backend.{$action}" => $effect,
39
- "{$prefix}api.{$action}" => $effect
40
- );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
41
  }
42
 
43
  /**
25
  /**
26
  * Compatibility between post actions and policy actions
27
  *
28
+ * @param string $action
29
+ * @param bool|int $effect
30
+ * @param string $prefix
31
+ * @param array $meta
32
+ * @param array $args
33
  *
34
  * @return array
35
  */
36
+ public static function convertPolicyAction($action, $effect, $prefix = '', $meta = array(), $args = array()) {
37
+ $result = array();
38
 
39
+ if (!empty($meta['Password']['Value'])) {
40
+ $result = array(
41
+ "{$prefix}frontend.password" => $meta['Password']['Value'],
42
+ "{$prefix}api.password" => $meta['Password']['Value'],
43
+ "{$prefix}frontend.protected" => true,
44
+ "{$prefix}api.protected" => true
45
+ );
46
+ }
47
+
48
+ if (!empty($meta['Teaser']['Value'])) {
49
+ if (preg_match_all('/(\$\{[^}]+\})/', $meta['Teaser']['Value'], $match)) {
50
+ $res = AAM_Core_Policy_Token::evaluate($meta['Teaser']['Value'], $match[1], $args);
51
+ } else {
52
+ $res = $meta['Teaser']['Value'];
53
+ }
54
+
55
+ $result = array_merge($result, array(
56
+ "{$prefix}frontend.teaser" => $res,
57
+ "{$prefix}api.teaser" => $res,
58
+ "{$prefix}frontend.limit" => true,
59
+ "{$prefix}api.limit" => true
60
+ ));
61
+ }
62
+
63
+ if (!empty($meta['Redirect'])) {
64
+ // Build the redirect location
65
+ $type = (isset($meta['Redirect']['Type']) ? $meta['Redirect']['Type'] : 'message');
66
+ switch($type) {
67
+ case 'page':
68
+ if (isset($meta['Redirect']['Id'])) {
69
+ $destination = intval($meta['Redirect']['Id']);
70
+ } elseif (isset($meta['Redirect']['Slug'])) {
71
+ $page = get_page_by_path(
72
+ $meta['Redirect']['Slug'], OBJECT
73
+ );
74
+ $destination = (is_a($page, 'WP_Post') ? $page->ID : 0);
75
+ }
76
+ if (isset($meta['Redirect']['Code'])) {
77
+ $destination .= "|{$meta['Redirect']['Code']}";
78
+ } else {
79
+ $destination .= "|307";
80
+ }
81
+ break;
82
+
83
+ case 'url':
84
+ $destination = filter_var(
85
+ $meta['Redirect']['URL'],
86
+ FILTER_VALIDATE_URL
87
+ );
88
+ if (empty($destination)) {
89
+ $type = 'message';
90
+ $destination = "Invalid URL: [{$meta['Redirect']['URL']}]";
91
+ }
92
+ if (isset($meta['Redirect']['Code'])) {
93
+ $destination .= "|{$meta['Redirect']['Code']}";
94
+ } else {
95
+ $destination .= "|307";
96
+ }
97
+ break;
98
+
99
+ case 'callback':
100
+ $destination = $meta['Redirect']['Callback'];
101
+ break;
102
+
103
+ case 'login':
104
+ $destination = null;
105
+ break;
106
+
107
+ default:
108
+ $destination = $meta['Redirect']['Message'];
109
+ break;
110
+ }
111
+
112
+ $result = array_merge($result, array(
113
+ "{$prefix}frontend.redirect" => true,
114
+ "{$prefix}frontend.location" => $type . (!empty($destination) ? "|{$destination}" : '')
115
+ ));
116
+ }
117
+
118
+ if (empty($meta)){
119
+ $action = apply_filters('aam-policy-post-resource-action-filter', $action);
120
+
121
+ $result = array_merge($result, array(
122
+ "{$prefix}frontend.{$action}" => $effect,
123
+ "{$prefix}backend.{$action}" => $effect,
124
+ "{$prefix}api.{$action}" => $effect
125
+ ));
126
+ }
127
+
128
+ return $result;
129
  }
130
 
131
  /**
Application/Core/Gateway.php CHANGED
@@ -136,13 +136,14 @@ final class AAM_Core_Gateway {
136
  * Redirect request
137
  *
138
  * @param string $type
139
- * @param mixed $arg
 
140
  *
141
  * @return void
142
  *
143
  * @access public
144
  */
145
- public function redirect($type, $arg = null) {
146
  $area = AAM_Core_Api_Area::get();
147
 
148
  switch($type) {
@@ -150,29 +151,29 @@ final class AAM_Core_Gateway {
150
  wp_redirect(add_query_arg(
151
  array('reason' => 'restricted'),
152
  wp_login_url(AAM_Core_Request::server('REQUEST_URI'))
153
- ), 307);
154
  break;
155
 
156
  case 'page':
157
  $page = AAM_Core_API::getCurrentPost();
158
- if(empty($page) || ($page->ID !== intval($arg))) {
159
- wp_safe_redirect(get_page_link($arg), 307);
160
  }
161
  break;
162
 
163
  case 'message':
164
- wp_die($arg);
165
  break;
166
 
167
  case 'url':
168
- if (stripos($arg, AAM_Core_Request::server('REQUEST_URI')) === false) {
169
- wp_redirect($arg, 307);
170
  }
171
  break;
172
 
173
  case 'callback':
174
- if (is_callable($arg)) {
175
- call_user_func($arg);
176
  }
177
  break;
178
 
136
  * Redirect request
137
  *
138
  * @param string $type
139
+ * @param mixed $location
140
+ * @param int $code
141
  *
142
  * @return void
143
  *
144
  * @access public
145
  */
146
+ public function redirect($type, $location = null, $code = 307) {
147
  $area = AAM_Core_Api_Area::get();
148
 
149
  switch($type) {
151
  wp_redirect(add_query_arg(
152
  array('reason' => 'restricted'),
153
  wp_login_url(AAM_Core_Request::server('REQUEST_URI'))
154
+ ), $code);
155
  break;
156
 
157
  case 'page':
158
  $page = AAM_Core_API::getCurrentPost();
159
+ if(empty($page) || ($page->ID !== intval($location))) {
160
+ wp_safe_redirect(get_page_link($location), $code);
161
  }
162
  break;
163
 
164
  case 'message':
165
+ wp_die($location);
166
  break;
167
 
168
  case 'url':
169
+ if (stripos($location, AAM_Core_Request::server('REQUEST_URI')) === false) {
170
+ wp_redirect($location, $code);
171
  }
172
  break;
173
 
174
  case 'callback':
175
+ if (is_callable($location)) {
176
+ call_user_func($location);
177
  }
178
  break;
179
 
Application/Core/Object/Cache.php CHANGED
@@ -15,15 +15,6 @@
15
  */
16
  class AAM_Core_Object_Cache extends AAM_Core_Object {
17
 
18
- /**
19
- * Cache updated flag
20
- *
21
- * @var boolean
22
- *
23
- * @access protected
24
- */
25
- protected $updated = false;
26
-
27
  /**
28
  * Is cache enabled?
29
  *
@@ -46,29 +37,11 @@ class AAM_Core_Object_Cache extends AAM_Core_Object {
46
  parent::__construct($subject);
47
 
48
  // Determine if cache is enabled
49
- $action = AAM_Core_Request::request('action');
50
- $triggers = array('edit', 'editpost');
51
- $status = AAM_Core_Config::get('core.cache.status', 'enabled');
52
 
53
- if (AAM::isAAM() || ($status !== 'enabled') || in_array($action, $triggers, true)) {
54
  $this->enabled = false;
55
  }
56
-
57
- if ($this->enabled) {
58
- // Register shutdown hook
59
- register_shutdown_function(array($this, 'save'));
60
-
61
- $this->reload();
62
- }
63
- }
64
-
65
- /**
66
- *
67
- */
68
- public function reload() {
69
- // Just get the cache from current subject level. Do not trigger
70
- // inheritance chain!
71
- $this->setOption($this->getSubject()->readOption('cache'));
72
  }
73
 
74
  /**
@@ -87,8 +60,6 @@ class AAM_Core_Object_Cache extends AAM_Core_Object {
87
 
88
  $option[$type][$id] = $value;
89
  $this->setOption($option);
90
-
91
- $this->updated = true;
92
  }
93
 
94
  /**
@@ -116,10 +87,6 @@ class AAM_Core_Object_Cache extends AAM_Core_Object {
116
  * @access public
117
  */
118
  public function save() {
119
- if ($this->enabled && $this->updated) {
120
- $this->getSubject()->updateOption($this->getOption(), 'cache');
121
- }
122
-
123
  return true;
124
  }
125
 
15
  */
16
  class AAM_Core_Object_Cache extends AAM_Core_Object {
17
 
 
 
 
 
 
 
 
 
 
18
  /**
19
  * Is cache enabled?
20
  *
37
  parent::__construct($subject);
38
 
39
  // Determine if cache is enabled
40
+ $status = AAM_Core_Config::get('core.cache.status', 'enabled');
 
 
41
 
42
+ if (AAM::isAAM() || ($status !== 'enabled')) {
43
  $this->enabled = false;
44
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
45
  }
46
 
47
  /**
60
 
61
  $option[$type][$id] = $value;
62
  $this->setOption($option);
 
 
63
  }
64
 
65
  /**
87
  * @access public
88
  */
89
  public function save() {
 
 
 
 
90
  return true;
91
  }
92
 
Application/Core/Object/Post.php CHANGED
@@ -45,8 +45,7 @@ class AAM_Core_Object_Post extends AAM_Core_Object {
45
  $this->setPost(get_post($post));
46
  }
47
 
48
- //var_dump($settings);
49
- // Determine if we need to skip inheritance change from the parent subject
50
  // This is done to eliminate constrains related to Inherit From Parent Post
51
  if (is_array($param)) {
52
  $void = !empty($param['voidInheritance']);
@@ -94,94 +93,47 @@ class AAM_Core_Object_Post extends AAM_Core_Object {
94
  $subject = $this->getSubject();
95
  $post = $this->getPost();
96
 
97
- // Read cache first
98
- $option = $subject->getObject('cache')->get('post', $post->ID);
99
 
100
- if ($option === false) { //if false, then the cache is empty but exist
 
 
 
 
 
 
101
  $option = array();
102
- } elseif (empty($option)) {
103
- $option = get_post_meta($post->ID, $this->getOptionName(), true);
104
- $this->setOverwritten(!empty($option));
105
-
106
- // Read settings from access policy
107
- if (empty($option)) {
108
- $stms = AAM_Core_Policy_Factory::get($subject)->find(
109
- "/^post:{$post->post_type}:({$post->post_name}|{$post->ID}):/",
110
- array('post' => $post)
111
- );
112
- $option = array();
113
-
114
- foreach($stms as $key => $stm) {
115
- // TODO: Prepare better conversion from policy Action to AAM
116
- // post & term action. For example listToOthers -> list_others
117
- $chunks = explode(':', $key);
118
 
119
- $option = array_merge(
120
- $option,
121
- AAM_Core_Compatibility::convertPolicyAction(
122
- (isset($chunks[3]) ? $chunks[3] : 'read'),
123
- $stm['Effect'] === 'deny'
124
- )
125
- );
126
- }
127
- }
128
 
129
- // Inherit from terms or default settings - AAM Plus Package
130
- if (empty($option)) {
131
- $option = apply_filters('aam-post-access-filter', $option, $this);
132
- }
133
-
134
- // Cache result but only if it is not empty
135
- if (!empty($option)) {
136
- $subject->getObject('cache')->add('post', $post->ID, $option);
137
- } elseif ($voidInheritance === false) { // No settings for a post. Try to inherit from the parent
138
- $option = $subject->inheritFromParent('post', $post->ID, $post);
139
- }
140
-
141
- // Do not perform finalization if this is user level subject unless it
142
- // is overwritten. This is critical to avoid overloading database with too
143
- // much cache
144
- if ($this->allowCache($subject) || $this->isOverwritten()) {
145
- $this->finalizeOption($post, $subject, $option);
146
  }
147
  }
148
-
149
- $this->setOption($option);
150
- }
151
-
152
- /**
153
- *
154
- * @param type $subject
155
- * @return type
156
- * @todo This does not belong here
157
- */
158
- protected function allowCache($subject) {
159
- $config = AAM_Core_Config::get(
160
- 'core.cache.post.levels', array('role', 'visitor', 'user')
161
- );
162
-
163
- return is_array($config) && in_array($subject::UID, $config, true);
164
- }
165
-
166
- /**
167
- * Finalize post options
168
- *
169
- * @param WP_Post $post
170
- * @param AAM_Core_Subject $subject
171
- * @param array &$option
172
- *
173
- * @return void
174
- *
175
- * @access protected
176
- */
177
- protected function finalizeOption($post, $subject, &$option) {
178
- // If result is empty, simply cache the false to speed-up but do not
179
- // do it on the use level to avoid overloading database with too much cache
180
  if (empty($option)) {
181
- $subject->getObject('cache')->add('post', $post->ID, false);
182
- } else {
183
- $subject->getObject('cache')->add('post', $post->ID, $option);
 
 
 
184
  }
 
 
185
  }
186
 
187
  /**
@@ -226,8 +178,6 @@ class AAM_Core_Object_Post extends AAM_Core_Object {
226
  * @access public
227
  */
228
  public function reset() {
229
- AAM_Core_API::clearCache();
230
-
231
  // Very specific WP case. According to the WP core, you are not allowed to
232
  // set meta for revision, so let's bypass this constrain.
233
  if ($this->getPost()->post_type === 'revision') {
@@ -331,7 +281,7 @@ class AAM_Core_Object_Post extends AAM_Core_Object {
331
  public function remove($property) {
332
  $option = $this->getOption();
333
 
334
- if (array_key_exists($option, $property)) {
335
  unset($option[$property]);
336
  }
337
 
45
  $this->setPost(get_post($post));
46
  }
47
 
48
+ // Determine if we need to skip inheritance chain from the parent subject
 
49
  // This is done to eliminate constrains related to Inherit From Parent Post
50
  if (is_array($param)) {
51
  $void = !empty($param['voidInheritance']);
93
  $subject = $this->getSubject();
94
  $post = $this->getPost();
95
 
96
+ $option = get_post_meta($post->ID, $this->getOptionName(), true);
97
+ $this->setOverwritten(!empty($option));
98
 
99
+ // Read settings from access policy
100
+ if (empty($option)) {
101
+ $stms = AAM_Core_Policy_Factory::get($subject)->find(
102
+ "/^post:{$post->post_type}:({$post->post_name}|{$post->ID}):/",
103
+ array('post' => $post)
104
+ );
105
+
106
  $option = array();
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
107
 
108
+ foreach($stms as $key => $stm) {
109
+ $chunks = explode(':', $key);
110
+ $action = (isset($chunks[3]) ? $chunks[3] : 'read');
111
+ $meta = (isset($stm['Metadata']) ? $stm['Metadata'] : array());
 
 
 
 
 
112
 
113
+ $option = array_merge(
114
+ $option,
115
+ AAM_Core_Compatibility::convertPolicyAction(
116
+ $action,
117
+ $stm['Effect'] === 'deny',
118
+ '',
119
+ ($action === 'read' ? $meta : array()),
120
+ array($post)
121
+ )
122
+ );
 
 
 
 
 
 
 
123
  }
124
  }
125
+
126
+ // Inherit from terms or default settings - AAM Plus Package
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
127
  if (empty($option)) {
128
+ $option = apply_filters('aam-post-access-filter', $option, $this);
129
+ }
130
+
131
+ // No settings for a post. Try to inherit from the parent
132
+ if (empty($option) && ($voidInheritance === false)) {
133
+ $option = $subject->inheritFromParent('post', $post->ID, $post);
134
  }
135
+
136
+ $this->setOption($option);
137
  }
138
 
139
  /**
178
  * @access public
179
  */
180
  public function reset() {
 
 
181
  // Very specific WP case. According to the WP core, you are not allowed to
182
  // set meta for revision, so let's bypass this constrain.
183
  if ($this->getPost()->post_type === 'revision') {
281
  public function remove($property) {
282
  $option = $this->getOption();
283
 
284
+ if (array_key_exists($property, $option)) {
285
  unset($option[$property]);
286
  }
287
 
Application/Core/Object/Route.php CHANGED
@@ -102,4 +102,13 @@ class AAM_Core_Object_Route extends AAM_Core_Object {
102
  return $this->getSubject()->deleteOption('route');
103
  }
104
 
 
 
 
 
 
 
 
 
 
105
  }
102
  return $this->getSubject()->deleteOption('route');
103
  }
104
 
105
+ /**
106
+ *
107
+ * @param type $external
108
+ * @return type
109
+ */
110
+ public function mergeOption($external) {
111
+ return AAM::api()->mergeSettings($external, $this->getOption(), 'route');
112
+ }
113
+
114
  }
Application/Core/Object/Uri.php CHANGED
@@ -41,39 +41,40 @@ class AAM_Core_Object_Uri extends AAM_Core_Object {
41
  $effect = ($stm['Effect'] === 'deny' ? 1 : 0);
42
  $type = $stm['Effect'];
43
  $destination = null;
 
44
 
45
  if ($effect === 1 && !empty($stm['Metadata']['Redirect'])) {
46
- $type = strtolower($stm['Metadata']['Redirect']['Type']);
 
 
47
 
48
  switch($type) {
49
  case 'message':
50
- $destination = $stm['Metadata']['Redirect']['Message'];
51
  break;
52
-
53
  case 'page':
54
- if (isset($stm['Metadata']['Redirect']['Id'])) {
55
- $destination = intval($stm['Metadata']['Redirect']['Id']);
56
- } elseif (isset($stm['Metadata']['Redirect']['Slug'])) {
57
- $page = $post = get_page_by_path(
58
- $stm['Metadata']['Redirect']['Slug'], OBJECT
59
- );
60
  $destination = (is_a($page, 'WP_Post') ? $page->ID : 0);
61
  }
62
  break;
63
-
64
  case 'url':
65
  $destination = filter_var(
66
- $stm['Metadata']['Redirect']['URL'],
67
- FILTER_VALIDATE_URL
68
  );
69
  if (empty($destination)) {
70
  $type = 'message';
71
- $destination = "Invalid URL: [{$stm['Metadata']['Redirect']['URL']}]";
72
  }
73
  break;
74
 
75
  case 'callback':
76
- $destination = $stm['Metadata']['Redirect']['Callback'];
77
  break;
78
  }
79
  }
@@ -81,7 +82,8 @@ class AAM_Core_Object_Uri extends AAM_Core_Object {
81
  $option[crc32($chunks[1] . $type. $destination)] = array(
82
  'uri' => $chunks[1],
83
  'type' => $type,
84
- 'action' => $destination
 
85
  );
86
  }
87
  }
@@ -111,6 +113,10 @@ class AAM_Core_Object_Uri extends AAM_Core_Object {
111
  if (!empty($uri['query'])) {
112
  parse_str($uri['query'], $out);
113
  }
 
 
 
 
114
 
115
  $regex = '@^' . preg_quote($uri['path']) . '$@';
116
 
@@ -131,12 +137,13 @@ class AAM_Core_Object_Uri extends AAM_Core_Object {
131
  *
132
  * @access public
133
  */
134
- public function save($id, $uri, $type, $action = null) {
135
  $option = $this->getOption();
136
  $option[$id] = array(
137
  'uri' => $uri,
138
  'type' => $type,
139
- 'action' => $action
 
140
  );
141
  $this->setOption($option);
142
 
@@ -172,11 +179,39 @@ class AAM_Core_Object_Uri extends AAM_Core_Object {
172
 
173
  /**
174
  *
175
- * @param type $external
 
176
  * @return type
177
  */
178
  public function mergeOption($external) {
179
- return array_merge($external, $this->getOption());
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
180
  }
181
 
182
  }
41
  $effect = ($stm['Effect'] === 'deny' ? 1 : 0);
42
  $type = $stm['Effect'];
43
  $destination = null;
44
+ $code = null;
45
 
46
  if ($effect === 1 && !empty($stm['Metadata']['Redirect'])) {
47
+ $redirect = $stm['Metadata']['Redirect'];
48
+ $type = strtolower($redirect['Type']);
49
+ $code = isset($redirect['Code']) ? $redirect['Code'] : 307;
50
 
51
  switch($type) {
52
  case 'message':
53
+ $destination = $redirect['Message'];
54
  break;
55
+
56
  case 'page':
57
+ if (isset($redirect['Id'])) {
58
+ $destination = intval($redirect['Id']);
59
+ } elseif (isset($redirect['Slug'])) {
60
+ $page = get_page_by_path($redirect['Slug'], OBJECT);
 
 
61
  $destination = (is_a($page, 'WP_Post') ? $page->ID : 0);
62
  }
63
  break;
64
+
65
  case 'url':
66
  $destination = filter_var(
67
+ $redirect['URL'],
68
+ FILTER_VALIDATE_URL
69
  );
70
  if (empty($destination)) {
71
  $type = 'message';
72
+ $destination = "Invalid URL: [{$redirect['URL']}]";
73
  }
74
  break;
75
 
76
  case 'callback':
77
+ $destination = $redirect['Callback'];
78
  break;
79
  }
80
  }
82
  $option[crc32($chunks[1] . $type. $destination)] = array(
83
  'uri' => $chunks[1],
84
  'type' => $type,
85
+ 'action' => $destination,
86
+ 'code' => $code
87
  );
88
  }
89
  }
113
  if (!empty($uri['query'])) {
114
  parse_str($uri['query'], $out);
115
  }
116
+
117
+ // normalize the search and target URIs
118
+ $s = rtrim($s, '/');
119
+ $uri['path'] = rtrim((isset($uri['path']) ? $uri['path'] : ''), '/');
120
 
121
  $regex = '@^' . preg_quote($uri['path']) . '$@';
122
 
137
  *
138
  * @access public
139
  */
140
+ public function save($id, $uri, $type, $action = null, $code = 307) {
141
  $option = $this->getOption();
142
  $option[$id] = array(
143
  'uri' => $uri,
144
  'type' => $type,
145
+ 'action' => $action,
146
+ 'code' => $code
147
  );
148
  $this->setOption($option);
149
 
179
 
180
  /**
181
  *
182
+ * @param array $external
183
+ *
184
  * @return type
185
  */
186
  public function mergeOption($external) {
187
+ $combined = array_merge($external, $this->getOption());
188
+ $merged = array();
189
+
190
+ $preference = $this->getConfig(
191
+ "core.settings.uri.merge.preference", 'deny'
192
+ );
193
+
194
+ // first get the complete list of unique keys
195
+ $keys = array_keys(call_user_func_array('array_merge', $combined));
196
+
197
+ foreach($combined as $key => $options) {
198
+ // If merging preference is "deny" and at least one of the access
199
+ // settings is checked, then final merged array will have it set
200
+ // to checked
201
+ if (!isset($merged[$options['uri']])) {
202
+ $merged[$key] = $options;
203
+ } else {
204
+ if (($preference === 'deny') && ($options['type'] !== 'allow')) {
205
+ $merged[$key] = $options;
206
+ break;
207
+ } elseif ($preference === 'allow' && ($options['type'] === 'allow')) {
208
+ $merged[$key] = $options;
209
+ break;
210
+ }
211
+ }
212
+ }
213
+
214
+ return $merged;
215
  }
216
 
217
  }
Application/Core/Object/Visibility.php CHANGED
@@ -39,68 +39,55 @@ class AAM_Core_Object_Visibility extends AAM_Core_Object {
39
 
40
  $subject = $this->getSubject();
41
 
42
- // Read cache first
43
- $option = $subject->getObject('cache')->get('visibility', 0);
 
 
44
 
45
- if ($option === false) { //if false, then the cache is empty but exists
46
- $option = array();
47
- } elseif (empty($option)) {
48
- $query = "SELECT pm.`post_id`, pm.`meta_value`, p.`post_type` ";
49
- $query .= "FROM {$wpdb->postmeta} AS pm ";
50
- $query .= "LEFT JOIN {$wpdb->posts} AS p ON (pm.`post_id` = p.ID) ";
51
- $query .= "WHERE pm.`meta_key` = %s";
52
-
53
- if ($wpdb->query($wpdb->prepare($query, $this->getOptionName('post')))) {
54
- foreach($wpdb->last_result as $row) {
55
- $settings = maybe_unserialize($row->meta_value);
56
- $this->pushOptions('post', $row->post_id . '|' . $row->post_type, $settings);
57
- }
58
  }
 
59
 
60
- // Read all the settings from the Access & Security Policies
61
- $area = AAM_Core_Api_Area::get();
62
- $stms = AAM_Core_Policy_Factory::get($subject)->find("/^post:(.*):list$/");
63
-
64
- foreach($stms as $key => $stm) {
65
- $chunks = explode(':', $key);
66
 
67
- if (is_numeric($chunks[2])) {
68
- $postId = $chunks[2];
69
- } else {
70
- $post = get_page_by_path(
71
- $chunks[2], OBJECT, $chunks[1]
72
- );
73
- $postId = (is_a($post, 'WP_Post') ? $post->ID : 0);
74
- }
75
 
76
- // Cover the case when unknown slug is used
77
- if (!empty($postId)) {
78
- $this->pushOptions(
79
- 'post',
80
- "{$postId}|{$chunks[1]}",
81
- array(
82
- "{$area}.list" => ($stm['Effect'] === 'deny' ? 1 : 0)
83
- )
84
- );
85
- }
86
- }
87
-
88
- do_action('aam-visibility-initialize-action', $this);
89
-
90
- // inherit settings from parent
91
- $option = $subject->inheritFromParent('visibility', 0);
92
- if (!empty($option)) {
93
- $option = array_replace_recursive($option, $this->getOption());
94
  } else {
95
- $option = $this->getOption();
 
 
 
96
  }
97
-
98
- if (in_array($subject::UID, array('user', 'visitor'), true)) {
99
- $subject->getObject('cache')->add(
100
- 'visibility', 0, empty($option) ? false : $option
 
 
 
 
 
101
  );
102
  }
103
  }
 
 
 
 
 
 
 
 
 
 
104
 
105
  $this->setOption($option);
106
  }
39
 
40
  $subject = $this->getSubject();
41
 
42
+ $query = "SELECT pm.`post_id`, pm.`meta_value`, p.`post_type` ";
43
+ $query .= "FROM {$wpdb->postmeta} AS pm ";
44
+ $query .= "LEFT JOIN {$wpdb->posts} AS p ON (pm.`post_id` = p.ID) ";
45
+ $query .= "WHERE pm.`meta_key` = %s";
46
 
47
+ if ($wpdb->query($wpdb->prepare($query, $this->getOptionName('post')))) {
48
+ foreach($wpdb->last_result as $row) {
49
+ $settings = maybe_unserialize($row->meta_value);
50
+ $this->pushOptions('post', $row->post_id . '|' . $row->post_type, $settings);
 
 
 
 
 
 
 
 
 
51
  }
52
+ }
53
 
54
+ // Read all the settings from the Access & Security Policies
55
+ $area = AAM_Core_Api_Area::get();
56
+ $stms = AAM_Core_Policy_Factory::get($subject)->find("/^post:(.*):list$/");
 
 
 
57
 
58
+ foreach($stms as $key => $stm) {
59
+ $chunks = explode(':', $key);
 
 
 
 
 
 
60
 
61
+ if (is_numeric($chunks[2])) {
62
+ $postId = $chunks[2];
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
63
  } else {
64
+ $post = get_page_by_path(
65
+ $chunks[2], OBJECT, $chunks[1]
66
+ );
67
+ $postId = (is_a($post, 'WP_Post') ? $post->ID : 0);
68
  }
69
+
70
+ // Cover the case when unknown slug is used
71
+ if (!empty($postId)) {
72
+ $this->pushOptions(
73
+ 'post',
74
+ "{$postId}|{$chunks[1]}",
75
+ array(
76
+ "{$area}.list" => ($stm['Effect'] === 'deny' ? 1 : 0)
77
+ )
78
  );
79
  }
80
  }
81
+
82
+ do_action('aam-visibility-initialize-action', $this);
83
+
84
+ // inherit settings from parent
85
+ $option = $subject->inheritFromParent('visibility', 0);
86
+ if (!empty($option)) {
87
+ $option = array_replace_recursive($option, $this->getOption());
88
+ } else {
89
+ $option = $this->getOption();
90
+ }
91
 
92
  $this->setOption($option);
93
  }
Application/Core/Policy/Condition.php CHANGED
@@ -106,7 +106,7 @@ final class AAM_Core_Policy_Condition {
106
  */
107
  protected function evaluateBetweenConditions($conditions, $args) {
108
  $result = false;
109
-
110
  foreach($this->prepareConditions($conditions, $args) as $condition) {
111
  // Convert the right condition into the array of array to cover more
112
  // complex between conditions like [[0,8],[13,15]]
@@ -122,7 +122,7 @@ final class AAM_Core_Policy_Condition {
122
  $result = $result || ($condition['left'] >= $min && $condition['left'] <= $max);
123
  }
124
  }
125
-
126
  return $result;
127
  }
128
 
@@ -140,7 +140,7 @@ final class AAM_Core_Policy_Condition {
140
  */
141
  protected function evaluateEqualsConditions($conditions, $args) {
142
  $result = false;
143
-
144
  foreach($this->prepareConditions($conditions, $args) as $condition) {
145
  $result = $result || ($condition['left'] === $condition['right']);
146
  }
@@ -373,15 +373,16 @@ final class AAM_Core_Policy_Condition {
373
  if (preg_match_all('/(\$\{[^}]+\})/', $exp, $match)) {
374
  $exp = AAM_Core_Policy_Token::evaluate($exp, $match[1], $args);
375
  }
 
376
  // If there is type scaling, perform it too
377
- if (preg_match('/^\(\*(string|ip|int|boolean|bool|array)\)(.*)/i', $exp, $scale)) {
378
  $exp = $this->scaleValue($scale[2], $scale[1]);
379
  }
380
  } elseif (is_array($exp) || is_object($exp)) {
381
  foreach($exp as &$value) {
382
  $value = $this->parseExpression($value, $args);
383
  }
384
- } else {
385
  $exp = false;
386
  }
387
 
@@ -420,6 +421,10 @@ final class AAM_Core_Policy_Condition {
420
  case 'array':
421
  $value = json_decode($value, true);
422
  break;
 
 
 
 
423
  }
424
 
425
  return $value;
106
  */
107
  protected function evaluateBetweenConditions($conditions, $args) {
108
  $result = false;
109
+
110
  foreach($this->prepareConditions($conditions, $args) as $condition) {
111
  // Convert the right condition into the array of array to cover more
112
  // complex between conditions like [[0,8],[13,15]]
122
  $result = $result || ($condition['left'] >= $min && $condition['left'] <= $max);
123
  }
124
  }
125
+
126
  return $result;
127
  }
128
 
140
  */
141
  protected function evaluateEqualsConditions($conditions, $args) {
142
  $result = false;
143
+
144
  foreach($this->prepareConditions($conditions, $args) as $condition) {
145
  $result = $result || ($condition['left'] === $condition['right']);
146
  }
373
  if (preg_match_all('/(\$\{[^}]+\})/', $exp, $match)) {
374
  $exp = AAM_Core_Policy_Token::evaluate($exp, $match[1], $args);
375
  }
376
+
377
  // If there is type scaling, perform it too
378
+ if (preg_match('/^\(\*(string|ip|int|boolean|bool|array|null)\)(.*)/i', $exp, $scale)) {
379
  $exp = $this->scaleValue($scale[2], $scale[1]);
380
  }
381
  } elseif (is_array($exp) || is_object($exp)) {
382
  foreach($exp as &$value) {
383
  $value = $this->parseExpression($value, $args);
384
  }
385
+ } elseif (is_null($exp) === false) {
386
  $exp = false;
387
  }
388
 
421
  case 'array':
422
  $value = json_decode($value, true);
423
  break;
424
+
425
+ case 'null':
426
+ $value = ($value === '' ? null : $value);
427
+ break;
428
  }
429
 
430
  return $value;
Application/Core/Policy/Factory.php CHANGED
@@ -43,7 +43,7 @@ final class AAM_Core_Policy_Factory {
43
 
44
  $id = $subject->getId();
45
  $sid = $subject->getUID() . (empty($id) ? '' : '_' . $id);
46
-
47
  if (!isset(self::$_instances[$sid])) {
48
  self::$_instances[$sid] = new AAM_Core_Policy_Manager($subject);
49
  }
43
 
44
  $id = $subject->getId();
45
  $sid = $subject->getUID() . (empty($id) ? '' : '_' . $id);
46
+
47
  if (!isset(self::$_instances[$sid])) {
48
  self::$_instances[$sid] = new AAM_Core_Policy_Manager($subject);
49
  }
Application/Core/Policy/Manager.php CHANGED
@@ -242,7 +242,7 @@ final class AAM_Core_Policy_Manager {
242
  *
243
  * @access protected
244
  */
245
- protected function isApplicable($block, $args) {
246
  $result = true;
247
 
248
  if (!empty($block['Condition']) && !is_scalar($block['Condition'])) {
@@ -266,25 +266,30 @@ final class AAM_Core_Policy_Manager {
266
  */
267
  protected function preparePolicyTree() {
268
  if (is_null($this->tree)) {
269
- $cache = $this->subject->getObject('cache')->get('policyTree');
270
-
271
- if (empty($cache)) {
272
- $this->tree = array(
273
- 'Statement' => array(),
274
- 'Param' => array()
275
- );
276
 
277
- foreach($this->policyObject->getOption() as $id => $effect) {
278
- if (!empty($effect)) { // Load policy only if it is attached
279
- $this->extendTree(
280
- $this->tree, $this->parsePolicy(get_post($id))
281
- );
282
- }
 
 
 
 
 
 
 
 
 
 
 
 
283
  }
284
-
285
- $this->subject->getObject('cache')->add('policyTree', 0, $this->tree);
286
- } else {
287
- $this->tree = $cache;
288
  }
289
  }
290
 
@@ -294,25 +299,23 @@ final class AAM_Core_Policy_Manager {
294
  /**
295
  * Parse policy post and extract Statements and Params
296
  *
297
- * @param WP_Post $policy
298
  *
299
  * @return array
300
  *
301
  * @access protected
302
  */
303
  protected function parsePolicy($policy) {
304
- $tree = array('Statement' => array(), 'Param' => array());
305
- // Only parse if policy is valid WP post and is published (active)
306
- if (is_a($policy, 'WP_Post') && ($policy->post_status === 'publish')) {
307
- $val = json_decode($policy->post_content, true);
308
-
309
- // Do not load the policy if any errors
310
- if (json_last_error() === JSON_ERROR_NONE) {
311
- $tree = array(
312
- 'Statement' => isset($val['Statement']) ? (array) $val['Statement'] : array(),
313
- 'Param' => isset($val['Param']) ? (array) $val['Param'] : array(),
314
- );
315
- }
316
  }
317
 
318
  return $tree;
@@ -353,10 +356,24 @@ final class AAM_Core_Policy_Manager {
353
 
354
  // Step #2. If there are any params, let's index them and insert into the list
355
  foreach($addition['Param'] as $param) {
356
- $id = (isset($param['Key']) ? $param['Key'] : '__none');
357
-
358
- if (!isset($tree['Param'][$id]) || empty($tree['Param'][$id]['Enforce'])) {
359
- $tree['Param'][$id] = $this->removeKeys($param, array('Key'));
 
 
 
 
 
 
 
 
 
 
 
 
 
 
360
  }
361
  }
362
  }
242
  *
243
  * @access protected
244
  */
245
+ protected function isApplicable($block, $args = array()) {
246
  $result = true;
247
 
248
  if (!empty($block['Condition']) && !is_scalar($block['Condition'])) {
266
  */
267
  protected function preparePolicyTree() {
268
  if (is_null($this->tree)) {
269
+ $this->tree = array(
270
+ 'Statement' => array(),
271
+ 'Param' => array()
272
+ );
 
 
 
273
 
274
+ $ids = array_filter(
275
+ $this->policyObject->getOption(),
276
+ function($state) {
277
+ return !empty($state);
278
+ }
279
+ );
280
+
281
+ if (count($ids)) {
282
+ $policies = get_posts(array(
283
+ 'include' => array_keys($ids),
284
+ 'post_status' => 'publish',
285
+ 'post_type' => 'aam_policy'
286
+ ));
287
+
288
+ foreach($policies as $policy) {
289
+ $this->extendTree(
290
+ $this->tree, $this->parsePolicy($policy->post_content)
291
+ );
292
  }
 
 
 
 
293
  }
294
  }
295
 
299
  /**
300
  * Parse policy post and extract Statements and Params
301
  *
302
+ * @param string $policy
303
  *
304
  * @return array
305
  *
306
  * @access protected
307
  */
308
  protected function parsePolicy($policy) {
309
+ $val = json_decode($policy, true);
310
+
311
+ // Do not load the policy if any errors
312
+ if (json_last_error() === JSON_ERROR_NONE) {
313
+ $tree = array(
314
+ 'Statement' => isset($val['Statement']) ? (array) $val['Statement'] : array(),
315
+ 'Param' => isset($val['Param']) ? (array) $val['Param'] : array(),
316
+ );
317
+ } else {
318
+ $tree = array('Statement' => array(), 'Param' => array());
 
 
319
  }
320
 
321
  return $tree;
356
 
357
  // Step #2. If there are any params, let's index them and insert into the list
358
  foreach($addition['Param'] as $param) {
359
+ if (!empty($param['Key'])) {
360
+ $id = $param['Key'];
361
+
362
+ if (!isset($tree['Param'][$id]) || empty($tree['Param'][$id]['Enforce'])) {
363
+ $tree['Param'][$id] = $this->removeKeys($param, array('Key'));
364
+
365
+ if (strpos($id, 'option:') === 0) {
366
+ add_filter("pre_option_" . substr($id, 7), function($res, $option) {
367
+ $param = $this->tree['Param']["option:{$option}"];
368
+
369
+ if ($this->isApplicable($param)) {
370
+ $res = $param['Value'];
371
+ }
372
+
373
+ return $res;
374
+ }, 1, 2);
375
+ }
376
+ }
377
  }
378
  }
379
  }
Application/Core/Policy/Token.php CHANGED
@@ -29,10 +29,12 @@ final class AAM_Core_Policy_Token {
29
  'USERMETA' => 'AAM_Core_Policy_Token::getUserMetaValue',
30
  'DATETIME' => 'AAM_Core_Policy_Token::getDateTimeValue',
31
  'GET' => 'AAM_Core_Request::get',
 
32
  'POST' => 'AAM_Core_Request::post',
33
  'COOKIE' => 'AAM_Core_Request::cookie',
34
  'SERVER' => 'AAM_Core_Request::server',
35
- 'ARGS' => 'AAM_Core_Policy_Token::getArgValue'
 
36
  );
37
 
38
  /**
@@ -55,11 +57,11 @@ final class AAM_Core_Policy_Token {
55
 
56
  $part = str_replace(
57
  $token,
58
- (is_scalar($val) ? $val : json_encode($val)),
59
  $part
60
  );
61
  }
62
-
63
  return $part;
64
  }
65
 
@@ -75,14 +77,19 @@ final class AAM_Core_Policy_Token {
75
  * @static
76
  */
77
  protected static function getValue($token, $args) {
 
78
  $parts = explode('.', $token);
79
 
80
  if (isset(self::$map[$parts[0]])) {
81
- $value = call_user_func(self::$map[$parts[0]], $parts[1], $args);
82
- } elseif ($parts[0] === 'CALLBACK' && is_callable($parts[1])) {
83
- $value = call_user_func($parts[1], $args);
 
 
 
 
84
  }
85
-
86
  return $value;
87
  }
88
 
@@ -186,4 +193,18 @@ final class AAM_Core_Policy_Token {
186
  return date($prop);
187
  }
188
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
189
  }
29
  'USERMETA' => 'AAM_Core_Policy_Token::getUserMetaValue',
30
  'DATETIME' => 'AAM_Core_Policy_Token::getDateTimeValue',
31
  'GET' => 'AAM_Core_Request::get',
32
+ 'QUERY' => 'AAM_Core_Request::get',
33
  'POST' => 'AAM_Core_Request::post',
34
  'COOKIE' => 'AAM_Core_Request::cookie',
35
  'SERVER' => 'AAM_Core_Request::server',
36
+ 'ARGS' => 'AAM_Core_Policy_Token::getArgValue',
37
+ 'CONST' => 'AAM_Core_Policy_Token::defined'
38
  );
39
 
40
  /**
57
 
58
  $part = str_replace(
59
  $token,
60
+ (is_scalar($val) || is_null($val) ? $val : json_encode($val)),
61
  $part
62
  );
63
  }
64
+
65
  return $part;
66
  }
67
 
77
  * @static
78
  */
79
  protected static function getValue($token, $args) {
80
+ $value = null;
81
  $parts = explode('.', $token);
82
 
83
  if (isset(self::$map[$parts[0]])) {
84
+ if ($parts[0] === 'ARG') {
85
+ $value = call_user_func(self::$map[$parts[0]], $parts[1], $args);
86
+ } else {
87
+ $value = call_user_func(self::$map[$parts[0]], $parts[1]);
88
+ }
89
+ } elseif ($parts[0] === 'CALLBACK') {
90
+ $value = is_callable($parts[1]) ? call_user_func($parts[1], $args) : null;
91
  }
92
+
93
  return $value;
94
  }
95
 
193
  return date($prop);
194
  }
195
 
196
+ /**
197
+ * Get a value for the defined constant
198
+ *
199
+ * @param string $const
200
+ *
201
+ * @return mixed
202
+ *
203
+ * @access protected
204
+ * @static
205
+ */
206
+ protected static function defined($const) {
207
+ return (defined($const) ? constant($const) : null);
208
+ }
209
+
210
  }
Application/Core/Request.php CHANGED
@@ -92,7 +92,7 @@ class AAM_Core_Request {
92
  * Check array for specified parameter and return the it's value or
93
  * default one
94
  *
95
- * @param array &$array Global array _GET, _POST etc
96
  * @param string $param Array Parameter
97
  * @param mixed $default Default value
98
  *
@@ -101,7 +101,7 @@ class AAM_Core_Request {
101
  * @access protected
102
  * @static
103
  */
104
- protected static function readArray(&$array, $param, $default) {
105
  $value = $default;
106
  if (is_null($param)) {
107
  $value = $array;
92
  * Check array for specified parameter and return the it's value or
93
  * default one
94
  *
95
+ * @param array $array Global array _GET, _POST etc
96
  * @param string $param Array Parameter
97
  * @param mixed $default Default value
98
  *
101
  * @access protected
102
  * @static
103
  */
104
+ protected static function readArray($array, $param, $default) {
105
  $value = $default;
106
  if (is_null($param)) {
107
  $value = $array;
Application/Core/Subject.php CHANGED
@@ -303,8 +303,6 @@ abstract class AAM_Core_Subject {
303
  * @access public
304
  */
305
  public function resetObject($object) {
306
- AAM_Core_API::clearCache();
307
-
308
  return $this->deleteOption($object);
309
  }
310
 
303
  * @access public
304
  */
305
  public function resetObject($object) {
 
 
306
  return $this->deleteOption($object);
307
  }
308
 
Application/Frontend/Authorization.php CHANGED
@@ -39,7 +39,7 @@ class AAM_Frontend_Authorization {
39
  public function checkReadAuth(AAM_Core_Object_Post $post) {
40
  // pre post access hook
41
  do_action('aam-pre-post-authorization-action', $post);
42
-
43
  // Step #1. Check if access expired to the post
44
  $this->checkExpiration($post);
45
 
@@ -140,8 +140,8 @@ class AAM_Frontend_Authorization {
140
  protected function checkRedirect(AAM_Core_Object_Post $post) {
141
  if ($post->has(AAM_Core_Api_Area::get() . '.redirect')) {
142
  $rule = explode('|', $post->get(AAM_Core_Api_Area::get() . '.location'));
143
- $code = apply_filters('aam-post-redirect-http-code-filter', 307);
144
-
145
  if (count($rule) === 1) { // TODO: legacy. Remove in Jul 2020
146
  if ($rule[0] === 'login') {
147
  AAM::api()->redirect('login');
39
  public function checkReadAuth(AAM_Core_Object_Post $post) {
40
  // pre post access hook
41
  do_action('aam-pre-post-authorization-action', $post);
42
+
43
  // Step #1. Check if access expired to the post
44
  $this->checkExpiration($post);
45
 
140
  protected function checkRedirect(AAM_Core_Object_Post $post) {
141
  if ($post->has(AAM_Core_Api_Area::get() . '.redirect')) {
142
  $rule = explode('|', $post->get(AAM_Core_Api_Area::get() . '.location'));
143
+ $code = (!empty($rule[2]) ? $rule[2] : 307);
144
+
145
  if (count($rule) === 1) { // TODO: legacy. Remove in Jul 2020
146
  if ($rule[0] === 'login') {
147
  AAM::api()->redirect('login');
Application/Frontend/Filter.php CHANGED
@@ -43,6 +43,7 @@ class AAM_Frontend_Filter {
43
  // object instead
44
  //filter navigation pages & taxonomies
45
  add_filter('wp_get_nav_menu_items', array($this, 'getNavigationMenu'), 999);
 
46
  // filter navigation pages & taxonomies
47
  add_filter('get_pages', array($this, 'filterPages'), 999);
48
 
43
  // object instead
44
  //filter navigation pages & taxonomies
45
  add_filter('wp_get_nav_menu_items', array($this, 'getNavigationMenu'), 999);
46
+
47
  // filter navigation pages & taxonomies
48
  add_filter('get_pages', array($this, 'filterPages'), 999);
49
 
Application/Frontend/Manager.php CHANGED
@@ -41,9 +41,6 @@ class AAM_Frontend_Manager {
41
  add_shortcode('aam', array($this, 'processShortcode'));
42
  }
43
 
44
- //cache clearing hook
45
- add_action('aam-clear-cache-action', 'AAM_Core_API::clearCache');
46
-
47
  //admin bar
48
  $this->checkAdminBar();
49
 
@@ -143,14 +140,12 @@ class AAM_Frontend_Manager {
143
  $object = AAM::getUser()->getObject('post', $post->ID);
144
 
145
  if ($object->has('frontend.protected')) {
146
- require_once( ABSPATH . 'wp-includes/class-phpass.php' );
147
- $hasher = new PasswordHash( 8, true );
148
- $pass = $object->get('frontend.password');
149
- $hash = wp_unslash(
150
  AAM_Core_Request::cookie('wp-postpass_' . COOKIEHASH)
151
  );
152
 
153
- $res = empty($hash) ? true : !$hasher->CheckPassword($pass, $hash);
154
  }
155
  }
156
 
41
  add_shortcode('aam', array($this, 'processShortcode'));
42
  }
43
 
 
 
 
44
  //admin bar
45
  $this->checkAdminBar();
46
 
140
  $object = AAM::getUser()->getObject('post', $post->ID);
141
 
142
  if ($object->has('frontend.protected')) {
143
+ $pass = $object->get('frontend.password');
144
+ $hash = wp_unslash(
 
 
145
  AAM_Core_Request::cookie('wp-postpass_' . COOKIEHASH)
146
  );
147
 
148
+ $res = empty($hash) ? true : !AAM_Core_API::prepareHasher()->CheckPassword($pass, $hash);
149
  }
150
  }
151
 
Application/Shared/Manager.php CHANGED
@@ -111,11 +111,6 @@ class AAM_Shared_Manager {
111
 
112
  //get control over commenting stuff
113
  add_filter('comments_open', array(self::$_instance, 'commentOpen'), 10, 2);
114
-
115
- // Role Manager. Tracking user role changes and if there is expiration
116
- // set, then trigger hooks
117
- add_action('add_user_role', array(self::$_instance, 'userRoleAdded'), 10, 2);
118
- add_action('remove_user_role', array(self::$_instance, 'userRoleRemoved'), 10, 2);
119
  }
120
 
121
  return self::$_instance;
@@ -200,33 +195,17 @@ class AAM_Shared_Manager {
200
  parse_str($uri['query'], $params);
201
  }
202
 
203
- if ($match = $object->findMatch(rtrim($uri['path'], '/'), $params)) {
204
  if ($match['type'] !== 'allow') {
205
- AAM::api()->redirect($match['type'], $match['action']);
 
 
 
 
206
  }
207
  }
208
  }
209
 
210
- /**
211
- *
212
- * @param type $userId
213
- * @param type $role
214
- */
215
- public function userRoleAdded($userId, $role) {
216
- $user = new AAM_Core_Subject_User($userId);
217
- AAM_Core_API::clearCache($user);
218
- }
219
-
220
- /**
221
- *
222
- * @param type $userId
223
- * @param type $role
224
- */
225
- public function userRoleRemoved($userId, $role) {
226
- $user = new AAM_Core_Subject_User($userId);
227
- AAM_Core_API::clearCache($user);
228
- }
229
-
230
  /**
231
  *
232
  * @param type $translation
@@ -704,7 +683,7 @@ class AAM_Shared_Manager {
704
  public function filterPostContent($content) {
705
  $post = AAM_Core_API::getCurrentPost();
706
  $area = AAM_Core_Api_Area::get();
707
-
708
  if ($post && $post->has($area . '.limit')) {
709
  if ($post->has($area . '.teaser')) {
710
  $message = $post->get($area . '.teaser');
111
 
112
  //get control over commenting stuff
113
  add_filter('comments_open', array(self::$_instance, 'commentOpen'), 10, 2);
 
 
 
 
 
114
  }
115
 
116
  return self::$_instance;
195
  parse_str($uri['query'], $params);
196
  }
197
 
198
+ if ($match = $object->findMatch($uri['path'], $params)) {
199
  if ($match['type'] !== 'allow') {
200
+ AAM::api()->redirect(
201
+ $match['type'],
202
+ $match['action'],
203
+ (!empty($match['code']) ? $match['code'] : 307)
204
+ );
205
  }
206
  }
207
  }
208
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
209
  /**
210
  *
211
  * @param type $translation
683
  public function filterPostContent($content) {
684
  $post = AAM_Core_API::getCurrentPost();
685
  $area = AAM_Core_Api_Area::get();
686
+
687
  if ($post && $post->has($area . '.limit')) {
688
  if ($post->has($area . '.teaser')) {
689
  $message = $post->get($area . '.teaser');
aam.php CHANGED
@@ -2,8 +2,8 @@
2
 
3
  /**
4
  * Plugin Name: Advanced Access Manager
5
- * Description: All you need to manage access to your WordPress website
6
- * Version: 5.9.5
7
  * Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  * Author URI: https://vasyltech.com
9
  *
2
 
3
  /**
4
  * Plugin Name: Advanced Access Manager
5
+ * Description: Collection of features to manage your WordPress website authentication, authorization and monitoring
6
+ * Version: 5.9.6
7
  * Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  * Author URI: https://vasyltech.com
9
  *
license.txt CHANGED
@@ -11,4 +11,4 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11
  GNU General Public License for more details.
12
 
13
  You should have received a copy of the GNU General Public License
14
- along with this program. If not, see <http://www.gnu.org/licenses/>.
11
  GNU General Public License for more details.
12
 
13
  You should have received a copy of the GNU General Public License
14
+ along with this program. If not, see <https://www.gnu.org/licenses/>.
media/css/aam.css CHANGED
@@ -1131,7 +1131,7 @@ input[type=radio]:checked + label:before {
1131
 
1132
  /*! ========================================================================
1133
  * Bootstrap Toggle: bootstrap-toggle.css v2.2.0
1134
- * http://www.bootstraptoggle.com
1135
  * ========================================================================
1136
  * Copyright 2014 Min Hur, The New York Times Company
1137
  * Licensed under MIT
1131
 
1132
  /*! ========================================================================
1133
  * Bootstrap Toggle: bootstrap-toggle.css v2.2.0
1134
+ * https://www.bootstraptoggle.com
1135
  * ========================================================================
1136
  * Copyright 2014 Min Hur, The New York Times Company
1137
  * Licensed under MIT
media/css/bootstrap.min.css CHANGED
@@ -1,5 +1,5 @@
1
  /*!
2
- * Bootstrap v3.3.5 (http://getbootstrap.com)
3
  * Copyright 2011-2015 Twitter, Inc.
4
  * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
5
  *//*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css */
1
  /*!
2
+ * Bootstrap v3.3.5 (https://getbootstrap.com)
3
  * Copyright 2011-2015 Twitter, Inc.
4
  * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
5
  *//*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css */
media/font/fontello.svg CHANGED
@@ -1,6 +1,6 @@
1
  <?xml version="1.0" standalone="no"?>
2
- <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
3
- <svg xmlns="http://www.w3.org/2000/svg">
4
  <metadata>Copyright (C) 2019 by original authors @ fontello.com</metadata>
5
  <defs>
6
  <font id="fontello" horiz-adv-x="1000" >
1
  <?xml version="1.0" standalone="no"?>
2
+ <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "https://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
3
+ <svg xmlns="https://www.w3.org/2000/svg">
4
  <metadata>Copyright (C) 2019 by original authors @ fontello.com</metadata>
5
  <defs>
6
  <font id="fontello" horiz-adv-x="1000" >
media/js/{aam-5.9.5.js → aam-5.9.6.js} RENAMED
@@ -2235,6 +2235,8 @@
2235
 
2236
  $('#add-capability-modal').on('shown.bs.modal', function (e) {
2237
  $('#new-capability-name').val('');
 
 
2238
  });
2239
 
2240
  $('#add-capability').bind('click', function () {
@@ -2246,7 +2248,7 @@
2246
 
2247
  var capability = $.trim($('#new-capability-name').val());
2248
  $('#new-capability-name').parent().removeClass('has-error');
2249
-
2250
  if (capability) {
2251
  $.ajax(getLocal().ajaxurl, {
2252
  type: 'POST',
@@ -2256,6 +2258,7 @@
2256
  sub_action: 'Main_Capability.add',
2257
  _ajax_nonce: getLocal().nonce,
2258
  capability: capability,
 
2259
  subject: getAAM().getSubject().type,
2260
  subjectId: getAAM().getSubject().id
2261
  },
@@ -2284,14 +2287,10 @@
2284
  }
2285
  });
2286
 
2287
- $('#add-capability-modal').on('shown.bs.modal', function (e) {
2288
- $('#new-capability-name').focus();
2289
- });
2290
-
2291
  $('#update-capability-btn').bind('click', function () {
2292
  var btn = this;
2293
  var cap = $.trim($('#capability-id').val());
2294
-
2295
  if (cap) {
2296
  $.ajax(getLocal().ajaxurl, {
2297
  type: 'POST',
@@ -3004,6 +3003,14 @@
3004
  $('.post-redirect-type[value="' + rule[0] + '"]').prop('checked', true);
3005
  $('#post-redirect-' + rule[0] + '-action').show();
3006
  $('#post-redirect-' + rule[0] + '-value').val(rule[1]);
 
 
 
 
 
 
 
 
3007
  }
3008
  });
3009
 
@@ -3012,6 +3019,11 @@
3012
  $('#post-redirect-rule').val($(this).val());
3013
  $('.post-redirect-action').hide();
3014
  $('#post-redirect-' + $(this).val() + '-action').show();
 
 
 
 
 
3015
  });
3016
  });
3017
 
@@ -3019,6 +3031,12 @@
3019
  $(this).bind('change', function() {
3020
  var val = $('#post-redirect-rule').val().split('|');
3021
  val[1] = $(this).val();
 
 
 
 
 
 
3022
  $('#post-redirect-rule').val(val.join('|'));
3023
  });
3024
  });
@@ -3590,9 +3608,16 @@
3590
  if ($(container).length) {
3591
  $('input[type="radio"]', container).each(function () {
3592
  $(this).bind('click', function () {
 
 
3593
  $('.aam-uri-access-action').hide();
3594
- if ($(this).data('action')) {
3595
- $($(this).data('action')).show();
 
 
 
 
 
3596
  }
3597
  });
3598
  });
@@ -3608,6 +3633,7 @@
3608
  var uri = $('#uri-rule').val();
3609
  var type = $('input[name="uri.access.type"]:checked').val();
3610
  var val = $('#uri-access-deny-' + type + '-value').val();
 
3611
 
3612
  if (uri && type) {
3613
  $.ajax(getLocal().ajaxurl, {
@@ -3622,6 +3648,7 @@
3622
  uri: uri,
3623
  type: type,
3624
  value: val,
 
3625
  id: $('#uri-save-btn').attr('data-id')
3626
  },
3627
  beforeSend: function () {
@@ -3708,7 +3735,7 @@
3708
  infoFiltered: ''
3709
  },
3710
  columnDefs: [
3711
- {visible: false, targets: [0,2,3]}
3712
  ],
3713
  initComplete: function () {
3714
  var create = $('<a/>', {
@@ -3726,7 +3753,7 @@
3726
  $('.dataTables_filter', '#uri-list_wrapper').append(create);
3727
  },
3728
  createdRow: function (row, data) {
3729
- var actions = data[4].split(',');
3730
 
3731
  var container = $('<div/>', {'class': 'aam-row-actions'});
3732
  $.each(actions, function (i, action) {
@@ -3740,6 +3767,7 @@
3740
  $('#uri-rule').val(data[1]);
3741
  $('input[value="' + data[2] + '"]', '#uri-model').prop('checked', true).trigger('click');
3742
  $('#uri-access-deny-' + data[2] + '-value').val(data[3]);
 
3743
  $('#uri-save-btn').attr('data-id', data[0]);
3744
  $('#uri-model').modal('show');
3745
  }).attr({
@@ -4450,39 +4478,6 @@
4450
  }
4451
  });
4452
  });
4453
-
4454
- $('#clear-cache').bind('click', function () {
4455
- $.ajax(getLocal().ajaxurl, {
4456
- type: 'POST',
4457
- dataType: 'json',
4458
- data: {
4459
- action: 'aam',
4460
- sub_action: 'Settings_Manager.clearCache',
4461
- _ajax_nonce: getLocal().nonce
4462
- },
4463
- beforeSend: function() {
4464
- $('#clear-cache').prop('disabled', true);
4465
- $('#clear-cache').text(getAAM().__('Wait...'));
4466
- },
4467
- success: function(response) {
4468
- if (response.status === 'success') {
4469
- getAAM().notification(
4470
- 'success',
4471
- getAAM().__('The cache has been cleared successfully')
4472
- );
4473
- } else {
4474
- getAAM().notification('danger', response.reason);
4475
- }
4476
- },
4477
- error: function () {
4478
- getAAM().notification('danger');
4479
- },
4480
- complete: function() {
4481
- $('#clear-cache').prop('disabled', false);
4482
- $('#clear-cache').text(getAAM().__('Clear'));
4483
- }
4484
- });
4485
- });
4486
  }
4487
  }
4488
 
2235
 
2236
  $('#add-capability-modal').on('shown.bs.modal', function (e) {
2237
  $('#new-capability-name').val('');
2238
+ $('#assign-new-capability').attr('checked', true);
2239
+ $('#new-capability-name').focus();
2240
  });
2241
 
2242
  $('#add-capability').bind('click', function () {
2248
 
2249
  var capability = $.trim($('#new-capability-name').val());
2250
  $('#new-capability-name').parent().removeClass('has-error');
2251
+ var assign = $('#assign-new-capability').is(':checked') ? 1 : 0
2252
  if (capability) {
2253
  $.ajax(getLocal().ajaxurl, {
2254
  type: 'POST',
2258
  sub_action: 'Main_Capability.add',
2259
  _ajax_nonce: getLocal().nonce,
2260
  capability: capability,
2261
+ assign: assign,
2262
  subject: getAAM().getSubject().type,
2263
  subjectId: getAAM().getSubject().id
2264
  },
2287
  }
2288
  });
2289
 
 
 
 
 
2290
  $('#update-capability-btn').bind('click', function () {
2291
  var btn = this;
2292
  var cap = $.trim($('#capability-id').val());
2293
+
2294
  if (cap) {
2295
  $.ajax(getLocal().ajaxurl, {
2296
  type: 'POST',
3003
  $('.post-redirect-type[value="' + rule[0] + '"]').prop('checked', true);
3004
  $('#post-redirect-' + rule[0] + '-action').show();
3005
  $('#post-redirect-' + rule[0] + '-value').val(rule[1]);
3006
+
3007
+ // If Page or URL, also show the HTTP Redirect Code
3008
+ if (rule[0] === 'page' || rule[0] === 'url') {
3009
+ $('#post-redirect-code').show();
3010
+ if (rule.length === 3) {
3011
+ $('#post-redirect-code-value').val(rule[2]);
3012
+ }
3013
+ }
3014
  }
3015
  });
3016
 
3019
  $('#post-redirect-rule').val($(this).val());
3020
  $('.post-redirect-action').hide();
3021
  $('#post-redirect-' + $(this).val() + '-action').show();
3022
+
3023
+ // If Page or URL, also show the HTTP Redirect Code
3024
+ if ($(this).val() === 'page' || $(this).val() === 'url') {
3025
+ $('#post-redirect-code').show();
3026
+ }
3027
  });
3028
  });
3029
 
3031
  $(this).bind('change', function() {
3032
  var val = $('#post-redirect-rule').val().split('|');
3033
  val[1] = $(this).val();
3034
+
3035
+ // If Page or URL, also add the HTTP Redirect Code
3036
+ if (val[0] === 'page' || val[0] === 'url') {
3037
+ val[2] = $('#post-redirect-code-value').val();
3038
+ }
3039
+
3040
  $('#post-redirect-rule').val(val.join('|'));
3041
  });
3042
  });
3608
  if ($(container).length) {
3609
  $('input[type="radio"]', container).each(function () {
3610
  $(this).bind('click', function () {
3611
+ var action = $(this).data('action');
3612
+
3613
  $('.aam-uri-access-action').hide();
3614
+
3615
+ if (action) {
3616
+ $(action).show();
3617
+ }
3618
+
3619
+ if ($(this).val() === 'page' || $(this).val() === 'url') {
3620
+ $('#uri-access-deny-redirect-code').show();
3621
  }
3622
  });
3623
  });
3633
  var uri = $('#uri-rule').val();
3634
  var type = $('input[name="uri.access.type"]:checked').val();
3635
  var val = $('#uri-access-deny-' + type + '-value').val();
3636
+ var code = $('#uri-access-deny-redirect-code-value').val();
3637
 
3638
  if (uri && type) {
3639
  $.ajax(getLocal().ajaxurl, {
3648
  uri: uri,
3649
  type: type,
3650
  value: val,
3651
+ code: code,
3652
  id: $('#uri-save-btn').attr('data-id')
3653
  },
3654
  beforeSend: function () {
3735
  infoFiltered: ''
3736
  },
3737
  columnDefs: [
3738
+ {visible: false, targets: [0, 2, 3, 4]}
3739
  ],
3740
  initComplete: function () {
3741
  var create = $('<a/>', {
3753
  $('.dataTables_filter', '#uri-list_wrapper').append(create);
3754
  },
3755
  createdRow: function (row, data) {
3756
+ var actions = data[5].split(',');
3757
 
3758
  var container = $('<div/>', {'class': 'aam-row-actions'});
3759
  $.each(actions, function (i, action) {
3767
  $('#uri-rule').val(data[1]);
3768
  $('input[value="' + data[2] + '"]', '#uri-model').prop('checked', true).trigger('click');
3769
  $('#uri-access-deny-' + data[2] + '-value').val(data[3]);
3770
+ $('#uri-access-deny-redirect-code-value').val(data[4]);
3771
  $('#uri-save-btn').attr('data-id', data[0]);
3772
  $('#uri-model').modal('show');
3773
  }).attr({
4478
  }
4479
  });
4480
  });
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
4481
  }
4482
  }
4483
 
media/js/vendor.js CHANGED
@@ -1,5 +1,5 @@
1
  /*!
2
- * Bootstrap v3.3.7 (http://getbootstrap.com)
3
  * Copyright 2011-2016 Twitter, Inc.
4
  * Licensed under the MIT license
5
  */
@@ -89,7 +89,7 @@ e[0]._idx=b):(e.length=0,e.push([b,f[0]]),e[0]._idx=0);R(a);"function"==typeof d
89
  for(f=d.length;e<f;e++)g=d[e].src,h(D(a.aoData,"anCells",g)).addClass(c+(2>e?e+1:3))}a.aLastSort=d}function Ib(a,b){var c=a.aoColumns[b],d=m.ext.order[c.sSortDataType],e;d&&(e=d.call(a.oInstance,a,b,ba(a,b)));for(var f,g=m.ext.type.order[c.sType+"-pre"],i=0,h=a.aoData.length;i<h;i++)if(c=a.aoData[i],c._aSortData||(c._aSortData=[]),!c._aSortData[b]||d)f=d?e[i]:B(a,i,b,"sort"),c._aSortData[b]=g?g(f):f}function ya(a){if(a.oFeatures.bStateSave&&!a.bDestroying){var b={time:+new Date,start:a._iDisplayStart,
90
  length:a._iDisplayLength,order:h.extend(!0,[],a.aaSorting),search:Ab(a.oPreviousSearch),columns:h.map(a.aoColumns,function(b,d){return{visible:b.bVisible,search:Ab(a.aoPreSearchCols[d])}})};w(a,"aoStateSaveParams","stateSaveParams",[a,b]);a.oSavedState=b;a.fnStateSaveCallback.call(a.oInstance,a,b)}}function Kb(a){var b,c,d=a.aoColumns;if(a.oFeatures.bStateSave){var e=a.fnStateLoadCallback.call(a.oInstance,a);if(e&&e.time&&(b=w(a,"aoStateLoadParams","stateLoadParams",[a,e]),-1===h.inArray(!1,b)&&(b=
91
  a.iStateDuration,!(0<b&&e.time<+new Date-1E3*b)&&d.length===e.columns.length))){a.oLoadedState=h.extend(!0,{},e);e.start!==k&&(a._iDisplayStart=e.start,a.iInitDisplayStart=e.start);e.length!==k&&(a._iDisplayLength=e.length);e.order!==k&&(a.aaSorting=[],h.each(e.order,function(b,c){a.aaSorting.push(c[0]>=d.length?[0,c[1]]:c)}));e.search!==k&&h.extend(a.oPreviousSearch,Bb(e.search));b=0;for(c=e.columns.length;b<c;b++){var f=e.columns[b];f.visible!==k&&(d[b].bVisible=f.visible);f.search!==k&&h.extend(a.aoPreSearchCols[b],
92
- Bb(f.search))}w(a,"aoStateLoaded","stateLoaded",[a,e])}}}function za(a){var b=m.settings,a=h.inArray(a,D(b,"nTable"));return-1!==a?b[a]:null}function J(a,b,c,d){c="DataTables warning: "+(a?"table id="+a.sTableId+" - ":"")+c;d&&(c+=". For more information about this error, please see http://datatables.net/tn/"+d);if(b)Fa.console&&console.log&&console.log(c);else if(b=m.ext,b=b.sErrMode||b.errMode,a&&w(a,null,"error",[a,d,c]),"alert"==b)alert(c);else{if("throw"==b)throw Error(c);"function"==typeof b&&
93
  b(a,d,c)}}function F(a,b,c,d){h.isArray(c)?h.each(c,function(c,d){h.isArray(d)?F(a,b,d[0],d[1]):F(a,b,d)}):(d===k&&(d=c),b[c]!==k&&(a[d]=b[c]))}function Lb(a,b,c){var d,e;for(e in b)b.hasOwnProperty(e)&&(d=b[e],h.isPlainObject(d)?(h.isPlainObject(a[e])||(a[e]={}),h.extend(!0,a[e],d)):a[e]=c&&"data"!==e&&"aaData"!==e&&h.isArray(d)?d.slice():d);return a}function Va(a,b,c){h(a).bind("click.DT",b,function(b){a.blur();c(b)}).bind("keypress.DT",b,function(a){13===a.which&&(a.preventDefault(),c(a))}).bind("selectstart.DT",
94
  function(){return!1})}function z(a,b,c,d){c&&a[b].push({fn:c,sName:d})}function w(a,b,c,d){var e=[];b&&(e=h.map(a[b].slice().reverse(),function(b){return b.fn.apply(a.oInstance,d)}));null!==c&&(b=h.Event(c+".dt"),h(a.nTable).trigger(b,d),e.push(b.result));return e}function Sa(a){var b=a._iDisplayStart,c=a.fnDisplayEnd(),d=a._iDisplayLength;b>=c&&(b=c-d);b-=b%d;if(-1===d||0>b)b=0;a._iDisplayStart=b}function Pa(a,b){var c=a.renderer,d=m.ext.renderer[b];return h.isPlainObject(c)&&c[b]?d[c[b]]||d._:"string"===
95
  typeof c?d[c]||d._:d._}function y(a){return a.oFeatures.bServerSide?"ssp":a.ajax||a.sAjaxSource?"ajax":"dom"}function Aa(a,b){var c=[],c=Mb.numbers_length,d=Math.floor(c/2);b<=c?c=W(0,b):a<=d?(c=W(0,c-2),c.push("ellipsis"),c.push(b-1)):(a>=b-1-d?c=W(b-(c-2),b):(c=W(a-d+2,a+d-1),c.push("ellipsis"),c.push(b-1)),c.splice(0,0,"ellipsis"),c.splice(0,0,0));c.DT_el="span";return c}function cb(a){h.each({num:function(b){return Ba(b,a)},"num-fmt":function(b){return Ba(b,a,Wa)},"html-num":function(b){return Ba(b,
@@ -215,12 +215,12 @@ type:"inline"}};var m=e.fn.dataTable.Api;m.register("responsive()",function(){re
215
  h.version="1.0.7";e.fn.dataTable.Responsive=h;e.fn.DataTable.Responsive=h;e(p).on("init.dt.dtr",function(d,a){if("dt"===d.namespace&&(e(a.nTable).hasClass("responsive")||e(a.nTable).hasClass("dt-responsive")||a.oInit.responsive||k.defaults.responsive)){var c=a.oInit.responsive;!1!==c&&new h(a,e.isPlainObject(c)?c:{})}});return h};"function"===typeof define&&define.amd?define(["jquery","datatables"],o):"object"===typeof exports?o(require("jquery"),require("datatables")):jQuery&&!jQuery.fn.dataTable.Responsive&&
216
  o(jQuery,jQuery.fn.dataTable)})(window,document);
217
 
218
- //download.js v4.2, by dandavis; 2008-2017. [MIT] see http://danml.com/download.html for tests/usage
219
  ;(function(r,l){"function"==typeof define&&define.amd?define([],l):"object"==typeof exports?module.exports=l():r.download=l()})(this,function(){return function l(a,e,k){function q(a){var h=a.split(/[:;,]/);a=h[1];var h=("base64"==h[2]?atob:decodeURIComponent)(h.pop()),d=h.length,b=0,c=new Uint8Array(d);for(b;b<d;++b)c[b]=h.charCodeAt(b);return new f([c],{type:a})}function m(a,b){if("download"in d)return d.href=a,d.setAttribute("download",n),d.className="download-js-link",d.innerHTML="downloading...",d.style.display="none",document.body.appendChild(d),setTimeout(function(){d.click(),document.body.removeChild(d),!0===b&&setTimeout(function(){g.URL.revokeObjectURL(d.href)},250)},66),!0;if(/(Version)\/(\d+)\.(\d+)(?:\.(\d+))?.*Safari\//.test(navigator.userAgent))return/^data:/.test(a)&&(a="data:"+a.replace(/^data:([\w\/\-\+]+)/,"application/octet-stream")),!window.open(a)&&confirm("Displaying New Document\n\nUse Save As... to download, then click back to return to this page.")&&(location.href=a),!0;var c=document.createElement("iframe");document.body.appendChild(c),!b&&/^data:/.test(a)&&(a="data:"+a.replace(/^data:([\w\/\-\+]+)/,"application/octet-stream")),c.src=a,setTimeout(function(){document.body.removeChild(c)},333)}var g=window,b=k||"application/octet-stream",c=!e&&!k&&a,d=document.createElement("a");k=function(a){return String(a)};var f=g.Blob||g.MozBlob||g.WebKitBlob||k,n=e||"download",f=f.call?f.bind(g):Blob;"true"===String(this)&&(a=[a,b],b=a[0],a=a[1]);if(c&&2048>c.length&&(n=c.split("/").pop().split("?")[0],d.href=c,-1!==d.href.indexOf(c))){var p=new XMLHttpRequest;return p.open("GET",c,!0),p.responseType="blob",p.onload=function(a){l(a.target.response,n,"application/octet-stream")},setTimeout(function(){p.send()},0),p}if(/^data:([\w+-]+\/[\w+.-]+)?[,;]/.test(a)){if(!(2096103.424<a.length&&f!==k))return navigator.msSaveBlob?navigator.msSaveBlob(q(a),n):m(a);a=q(a),b=a.type||"application/octet-stream"}else if(/([\x80-\xff])/.test(a)){e=0;var c=new Uint8Array(a.length),t=c.length;for(e;e<t;++e)c[e]=a.charCodeAt(e);a=new f([c],{type:b})}a=a instanceof f?a:new f([a],{type:b});if(navigator.msSaveBlob)return navigator.msSaveBlob(a,n);if(g.URL)m(g.URL.createObjectURL(a),!0);else{if("string"==typeof a||a.constructor===k)try{return m("data:"+b+";base64,"+g.btoa(a))}catch(h){return m("data:"+b+","+encodeURIComponent(a))}b=new FileReader,b.onload=function(a){m(this.result)},b.readAsDataURL(a)}return!0}});
220
 
221
  /*! ========================================================================
222
  * Bootstrap Toggle: bootstrap-toggle.js v2.2.0
223
- * http://www.bootstraptoggle.com
224
  * ========================================================================
225
  * Copyright 2014 Min Hur, The New York Times Company
226
  * Licensed under MIT
1
  /*!
2
+ * Bootstrap v3.3.7 (https://getbootstrap.com)
3
  * Copyright 2011-2016 Twitter, Inc.
4
  * Licensed under the MIT license
5
  */
89
  for(f=d.length;e<f;e++)g=d[e].src,h(D(a.aoData,"anCells",g)).addClass(c+(2>e?e+1:3))}a.aLastSort=d}function Ib(a,b){var c=a.aoColumns[b],d=m.ext.order[c.sSortDataType],e;d&&(e=d.call(a.oInstance,a,b,ba(a,b)));for(var f,g=m.ext.type.order[c.sType+"-pre"],i=0,h=a.aoData.length;i<h;i++)if(c=a.aoData[i],c._aSortData||(c._aSortData=[]),!c._aSortData[b]||d)f=d?e[i]:B(a,i,b,"sort"),c._aSortData[b]=g?g(f):f}function ya(a){if(a.oFeatures.bStateSave&&!a.bDestroying){var b={time:+new Date,start:a._iDisplayStart,
90
  length:a._iDisplayLength,order:h.extend(!0,[],a.aaSorting),search:Ab(a.oPreviousSearch),columns:h.map(a.aoColumns,function(b,d){return{visible:b.bVisible,search:Ab(a.aoPreSearchCols[d])}})};w(a,"aoStateSaveParams","stateSaveParams",[a,b]);a.oSavedState=b;a.fnStateSaveCallback.call(a.oInstance,a,b)}}function Kb(a){var b,c,d=a.aoColumns;if(a.oFeatures.bStateSave){var e=a.fnStateLoadCallback.call(a.oInstance,a);if(e&&e.time&&(b=w(a,"aoStateLoadParams","stateLoadParams",[a,e]),-1===h.inArray(!1,b)&&(b=
91
  a.iStateDuration,!(0<b&&e.time<+new Date-1E3*b)&&d.length===e.columns.length))){a.oLoadedState=h.extend(!0,{},e);e.start!==k&&(a._iDisplayStart=e.start,a.iInitDisplayStart=e.start);e.length!==k&&(a._iDisplayLength=e.length);e.order!==k&&(a.aaSorting=[],h.each(e.order,function(b,c){a.aaSorting.push(c[0]>=d.length?[0,c[1]]:c)}));e.search!==k&&h.extend(a.oPreviousSearch,Bb(e.search));b=0;for(c=e.columns.length;b<c;b++){var f=e.columns[b];f.visible!==k&&(d[b].bVisible=f.visible);f.search!==k&&h.extend(a.aoPreSearchCols[b],
92
+ Bb(f.search))}w(a,"aoStateLoaded","stateLoaded",[a,e])}}}function za(a){var b=m.settings,a=h.inArray(a,D(b,"nTable"));return-1!==a?b[a]:null}function J(a,b,c,d){c="DataTables warning: "+(a?"table id="+a.sTableId+" - ":"")+c;d&&(c+=". For more information about this error, please see https://datatables.net/tn/"+d);if(b)Fa.console&&console.log&&console.log(c);else if(b=m.ext,b=b.sErrMode||b.errMode,a&&w(a,null,"error",[a,d,c]),"alert"==b)alert(c);else{if("throw"==b)throw Error(c);"function"==typeof b&&
93
  b(a,d,c)}}function F(a,b,c,d){h.isArray(c)?h.each(c,function(c,d){h.isArray(d)?F(a,b,d[0],d[1]):F(a,b,d)}):(d===k&&(d=c),b[c]!==k&&(a[d]=b[c]))}function Lb(a,b,c){var d,e;for(e in b)b.hasOwnProperty(e)&&(d=b[e],h.isPlainObject(d)?(h.isPlainObject(a[e])||(a[e]={}),h.extend(!0,a[e],d)):a[e]=c&&"data"!==e&&"aaData"!==e&&h.isArray(d)?d.slice():d);return a}function Va(a,b,c){h(a).bind("click.DT",b,function(b){a.blur();c(b)}).bind("keypress.DT",b,function(a){13===a.which&&(a.preventDefault(),c(a))}).bind("selectstart.DT",
94
  function(){return!1})}function z(a,b,c,d){c&&a[b].push({fn:c,sName:d})}function w(a,b,c,d){var e=[];b&&(e=h.map(a[b].slice().reverse(),function(b){return b.fn.apply(a.oInstance,d)}));null!==c&&(b=h.Event(c+".dt"),h(a.nTable).trigger(b,d),e.push(b.result));return e}function Sa(a){var b=a._iDisplayStart,c=a.fnDisplayEnd(),d=a._iDisplayLength;b>=c&&(b=c-d);b-=b%d;if(-1===d||0>b)b=0;a._iDisplayStart=b}function Pa(a,b){var c=a.renderer,d=m.ext.renderer[b];return h.isPlainObject(c)&&c[b]?d[c[b]]||d._:"string"===
95
  typeof c?d[c]||d._:d._}function y(a){return a.oFeatures.bServerSide?"ssp":a.ajax||a.sAjaxSource?"ajax":"dom"}function Aa(a,b){var c=[],c=Mb.numbers_length,d=Math.floor(c/2);b<=c?c=W(0,b):a<=d?(c=W(0,c-2),c.push("ellipsis"),c.push(b-1)):(a>=b-1-d?c=W(b-(c-2),b):(c=W(a-d+2,a+d-1),c.push("ellipsis"),c.push(b-1)),c.splice(0,0,"ellipsis"),c.splice(0,0,0));c.DT_el="span";return c}function cb(a){h.each({num:function(b){return Ba(b,a)},"num-fmt":function(b){return Ba(b,a,Wa)},"html-num":function(b){return Ba(b,
215
  h.version="1.0.7";e.fn.dataTable.Responsive=h;e.fn.DataTable.Responsive=h;e(p).on("init.dt.dtr",function(d,a){if("dt"===d.namespace&&(e(a.nTable).hasClass("responsive")||e(a.nTable).hasClass("dt-responsive")||a.oInit.responsive||k.defaults.responsive)){var c=a.oInit.responsive;!1!==c&&new h(a,e.isPlainObject(c)?c:{})}});return h};"function"===typeof define&&define.amd?define(["jquery","datatables"],o):"object"===typeof exports?o(require("jquery"),require("datatables")):jQuery&&!jQuery.fn.dataTable.Responsive&&
216
  o(jQuery,jQuery.fn.dataTable)})(window,document);
217
 
218
+ //download.js v4.2, by dandavis; 2008-2017. [MIT] see https://danml.com/download.html for tests/usage
219
  ;(function(r,l){"function"==typeof define&&define.amd?define([],l):"object"==typeof exports?module.exports=l():r.download=l()})(this,function(){return function l(a,e,k){function q(a){var h=a.split(/[:;,]/);a=h[1];var h=("base64"==h[2]?atob:decodeURIComponent)(h.pop()),d=h.length,b=0,c=new Uint8Array(d);for(b;b<d;++b)c[b]=h.charCodeAt(b);return new f([c],{type:a})}function m(a,b){if("download"in d)return d.href=a,d.setAttribute("download",n),d.className="download-js-link",d.innerHTML="downloading...",d.style.display="none",document.body.appendChild(d),setTimeout(function(){d.click(),document.body.removeChild(d),!0===b&&setTimeout(function(){g.URL.revokeObjectURL(d.href)},250)},66),!0;if(/(Version)\/(\d+)\.(\d+)(?:\.(\d+))?.*Safari\//.test(navigator.userAgent))return/^data:/.test(a)&&(a="data:"+a.replace(/^data:([\w\/\-\+]+)/,"application/octet-stream")),!window.open(a)&&confirm("Displaying New Document\n\nUse Save As... to download, then click back to return to this page.")&&(location.href=a),!0;var c=document.createElement("iframe");document.body.appendChild(c),!b&&/^data:/.test(a)&&(a="data:"+a.replace(/^data:([\w\/\-\+]+)/,"application/octet-stream")),c.src=a,setTimeout(function(){document.body.removeChild(c)},333)}var g=window,b=k||"application/octet-stream",c=!e&&!k&&a,d=document.createElement("a");k=function(a){return String(a)};var f=g.Blob||g.MozBlob||g.WebKitBlob||k,n=e||"download",f=f.call?f.bind(g):Blob;"true"===String(this)&&(a=[a,b],b=a[0],a=a[1]);if(c&&2048>c.length&&(n=c.split("/").pop().split("?")[0],d.href=c,-1!==d.href.indexOf(c))){var p=new XMLHttpRequest;return p.open("GET",c,!0),p.responseType="blob",p.onload=function(a){l(a.target.response,n,"application/octet-stream")},setTimeout(function(){p.send()},0),p}if(/^data:([\w+-]+\/[\w+.-]+)?[,;]/.test(a)){if(!(2096103.424<a.length&&f!==k))return navigator.msSaveBlob?navigator.msSaveBlob(q(a),n):m(a);a=q(a),b=a.type||"application/octet-stream"}else if(/([\x80-\xff])/.test(a)){e=0;var c=new Uint8Array(a.length),t=c.length;for(e;e<t;++e)c[e]=a.charCodeAt(e);a=new f([c],{type:b})}a=a instanceof f?a:new f([a],{type:b});if(navigator.msSaveBlob)return navigator.msSaveBlob(a,n);if(g.URL)m(g.URL.createObjectURL(a),!0);else{if("string"==typeof a||a.constructor===k)try{return m("data:"+b+";base64,"+g.btoa(a))}catch(h){return m("data:"+b+","+encodeURIComponent(a))}b=new FileReader,b.onload=function(a){m(this.result)},b.readAsDataURL(a)}return!0}});
220
 
221
  /*! ========================================================================
222
  * Bootstrap Toggle: bootstrap-toggle.js v2.2.0
223
+ * https://www.bootstraptoggle.com
224
  * ========================================================================
225
  * Copyright 2014 Min Hur, The New York Times Company
226
  * Licensed under MIT
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: vasyltech
3
  Tags: access control, membership, backend menu, user role, restricted content, security, jwt
4
  Requires at least: 4.0
5
  Tested up to: 5.1
6
- Stable tag: 5.9.5
7
 
8
  All you need to manage access to you WordPress websites on frontend, backend and API levels for any role, user or visitors.
9
 
@@ -80,6 +80,16 @@ https://www.youtube.com/watch?v=mj5Xa_Wc16Y
80
 
81
  == Changelog ==
82
 
 
 
 
 
 
 
 
 
 
 
83
  = 5.9.5 =
84
  * Fixed the bug with Access Policy `Param` value that was not evaluating embedded markers
85
  * Fixed the bug that was causing PHP Warning for users that have none-existing role assigned
@@ -1001,7 +1011,7 @@ https://www.youtube.com/watch?v=mj5Xa_Wc16Y
1001
  * Added Post Delete feature
1002
  * Added Post's Restore Default Restrictions feature
1003
  * Added ConfigPress Extension turn on/off setting
1004
- * Russian translation by (Maxim Kernozhitskiy http://aeromultimedia.com)
1005
  * Removed Migration possibility
1006
  * Refactored AAM Core Console model
1007
  * Increased the number of saved restriction for basic version
3
  Tags: access control, membership, backend menu, user role, restricted content, security, jwt
4
  Requires at least: 4.0
5
  Tested up to: 5.1
6
+ Stable tag: 5.9.6
7
 
8
  All you need to manage access to you WordPress websites on frontend, backend and API levels for any role, user or visitors.
9
 
80
 
81
  == Changelog ==
82
 
83
+ = 5.9.6 =
84
+ * Fixed the bug with URI Access feature for URIs with trailing forward slash "/"
85
+ * Fixed the bug with Access Policy where incorrect default value was propagated
86
+ * Fixed the bug with API Routes not merged properly with multiple-roles support
87
+ * Added HTTP Redirect Code to URI Access, Posts & Terms features
88
+ * Added new Access Policy marker type QUERY that is alias for the GET
89
+ * Added support for the null data type for Access Policy data type casting
90
+ * Improved the way password-protected feature works; enhanced Access Policy to support it https://aamplugin.com/reference/policy#post
91
+ * Deprecated and removed internal AAM cache by optimizing AAM performance. Cache became major constrain for the dynamic Access Policy conditions
92
+
93
  = 5.9.5 =
94
  * Fixed the bug with Access Policy `Param` value that was not evaluating embedded markers
95
  * Fixed the bug that was causing PHP Warning for users that have none-existing role assigned
1011
  * Added Post Delete feature
1012
  * Added Post's Restore Default Restrictions feature
1013
  * Added ConfigPress Extension turn on/off setting
1014
+ * Russian translation by (Maxim Kernozhitskiy https://aeromultimedia.com)
1015
  * Removed Migration possibility
1016
  * Refactored AAM Core Console model
1017
  * Increased the number of saved restriction for basic version
vendor/firebase/JWT.php CHANGED
@@ -16,7 +16,7 @@ use \DateTime;
16
  * @package Authentication_JWT
17
  * @author Neuman Vong <neuman@twilio.com>
18
  * @author Anant Narayanan <anant@php.net>
19
- * @license http://opensource.org/licenses/BSD-3-Clause 3-clause BSD
20
  * @link https://github.com/firebase/php-jwt
21
  */
22
  class JWT
16
  * @package Authentication_JWT
17
  * @author Neuman Vong <neuman@twilio.com>
18
  * @author Anant Narayanan <anant@php.net>
19
+ * @license https://opensource.org/licenses/BSD-3-Clause 3-clause BSD
20
  * @link https://github.com/firebase/php-jwt
21
  */
22
  class JWT