Advanced Access Manager - Version 5.9.6.3

Version Description

  • Fixed the bug with merging access settings for multiple roles
  • Improved the way capabilities are managed internally by AAM
  • Fixed PHP notice reported by jaerlo https://forum.aamplugin.com/d/207-indirect-modification-of-overloaded-property-aam-core-subject-user-roles
  • Fixed PHP fatal error reported by kevinagar https://wordpress.org/support/topic/fatal-error-3199/
  • Fixed the bug with Backend Menu feature where all the menu items that require "administrator" capability where not shown
Download this release

Release Info

Developer vasyltech
Plugin Icon 128x128 Advanced Access Manager
Version 5.9.6.3
Comparing to
See all releases

Code changes from version 5.9.6.2 to 5.9.6.3

Files changed (12) hide show
  1. aam.php +1 -1
  2. application/Backend/Feature/Main/Capability.php +5 -1
  3. application/Backend/Feature/Main/Menu.php +4 -1
  4. application/Backend/Manager.php +6 -3
  5. application/Backend/phtml/metabox/metabox-content.phtml +154 -145
  6. application/Backend/phtml/metabox/policy-metabox.phtml +419 -417
  7. application/Core/Gateway.php +9 -3
  8. application/Core/Object/Capability.php +4 -7
  9. application/Core/Subject/Role.php +10 -4
  10. application/Core/Subject/User.php +4 -3
  11. application/Shortcode/Strategy/Content.php +4 -8
  12. readme.txt +9 -2
aam.php CHANGED
@@ -3,7 +3,7 @@
3
  /**
4
  * Plugin Name: Advanced Access Manager
5
  * Description: Collection of features to manage your WordPress website authentication, authorization and monitoring
6
- * Version: 5.9.6.2
7
  * Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  * Author URI: https://vasyltech.com
9
  * Text Domain: advanced-access-manager
3
  /**
4
  * Plugin Name: Advanced Access Manager
5
  * Description: Collection of features to manage your WordPress website authentication, authorization and monitoring
6
+ * Version: 5.9.6.3
7
  * Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  * Author URI: https://vasyltech.com
9
  * Text Domain: advanced-access-manager
application/Backend/Feature/Main/Capability.php CHANGED
@@ -315,8 +315,12 @@ class AAM_Backend_Feature_Main_Capability extends AAM_Backend_Feature_Abstract {
315
  'message' => __('Permission denied to update this capability', AAM_KEY)
316
  );
317
  } else {
 
 
 
318
  if ($subject->removeCapability($capability)) {
319
- $result = $subject->addCapability($updated);
 
320
  }
321
 
322
  $response = array('status' => (!empty($result) ? 'success' : 'failure'));
315
  'message' => __('Permission denied to update this capability', AAM_KEY)
316
  );
317
  } else {
318
+ // First we need to get the current grant status for updating capability
319
+ $status = $subject->hasCapability($capability);
320
+ // Remove updating capability
321
  if ($subject->removeCapability($capability)) {
322
+ // Add new capability with the original grant status
323
+ $result = $subject->addCapability($updated, $status);
324
  }
325
 
326
  $response = array('status' => (!empty($result) ? 'success' : 'failure'));
application/Backend/Feature/Main/Menu.php CHANGED
@@ -173,7 +173,10 @@ class AAM_Backend_Feature_Main_Menu extends AAM_Backend_Feature_Abstract {
173
  * @access protected
174
  */
175
  protected function filterMenuName($name) {
176
- $filtered = trim(wp_strip_all_tags($name));
 
 
 
177
 
178
  return preg_replace('/([\d]+)$/', '', $filtered);
179
  }
173
  * @access protected
174
  */
175
  protected function filterMenuName($name) {
176
+ $filtered = trim(wp_strip_all_tags(
177
+ preg_replace('@<(span)[^>]*?>.*?</\\1>@si', '', $name),
178
+ true
179
+ ));
180
 
181
  return preg_replace('/([\d]+)$/', '', $filtered);
182
  }
application/Backend/Manager.php CHANGED
@@ -817,7 +817,7 @@ class AAM_Backend_Manager {
817
  */
818
  public function printFooterJavascript() {
819
  global $menu, $submenu;
820
-
821
  if (AAM::isAAM()) {
822
  $script = '<script type="text/javascript">';
823
  $script .= 'var aamEnvData = ' . wp_json_encode(array(
@@ -912,7 +912,7 @@ class AAM_Backend_Manager {
912
  add_menu_page(
913
  'AAM',
914
  'AAM' . $counter,
915
- 'aam_manager',
916
  'aam',
917
  array($this, 'renderPage'),
918
  AAM_MEDIA . '/active-menu.svg'
@@ -923,7 +923,10 @@ class AAM_Backend_Manager {
923
  'aam',
924
  'Access Policies',
925
  'Access Policies',
926
- AAM_Core_Config::get('policy.capability', 'aam_manage_policy'),
 
 
 
927
  'edit.php?post_type=aam_policy'
928
  );
929
 
817
  */
818
  public function printFooterJavascript() {
819
  global $menu, $submenu;
820
+
821
  if (AAM::isAAM()) {
822
  $script = '<script type="text/javascript">';
823
  $script .= 'var aamEnvData = ' . wp_json_encode(array(
912
  add_menu_page(
913
  'AAM',
914
  'AAM' . $counter,
915
+ (AAM_Core_API::capabilityExists('aam_manager') ? 'aam_manager' : 'administrator'),
916
  'aam',
917
  array($this, 'renderPage'),
918
  AAM_MEDIA . '/active-menu.svg'
923
  'aam',
924
  'Access Policies',
925
  'Access Policies',
926
+ AAM_Core_Config::get(
927
+ 'policy.capability',
928
+ (AAM_Core_API::capabilityExists('aam_manage_policy') ? 'aam_manage_policy' : 'administrator')
929
+ ),
930
  'edit.php?post_type=aam_policy'
931
  );
932
 
application/Backend/phtml/metabox/metabox-content.phtml CHANGED
@@ -1,169 +1,178 @@
1
- <!DOCTYPE html>
2
- <html xmlns="https://www.w3.org/1999/xhtml" lang="en-US">
3
- <head>
4
- <title>Post Access</title>
5
 
6
- <meta charset="UTF-8" />
7
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
8
- <meta name="viewport" content="width=device-width, initial-scale=1.0" />
9
 
10
- <link rel='stylesheet' href='<?php echo AAM_MEDIA; ?>/css/bootstrap.min.css' type='text/css' media='all' />
11
- <link rel='stylesheet' href='<?php echo AAM_MEDIA; ?>/css/datatables.min.css' type='text/css' media='all' />
12
- <link rel='stylesheet' href='<?php echo AAM_MEDIA; ?>/css/aam.css' type='text/css' media='all' />
 
 
 
13
 
14
- <?php do_action( 'admin_print_scripts' ); ?>
15
-
16
- <?php $object = AAM_Backend_Feature_Main_Post::getCurrentObject(); ?>
17
- </head>
18
 
19
- <body id="aam-container">
20
- <div class="row" style="margin: 10px 0 0 0;">
21
- <div class="col-sm-4" style="padding: 0;">
22
- <div class="panel panel-default" style="border-radius:0;">
23
- <div class="panel-body">
24
- <ul class="nav nav-tabs" role="tablist">
25
- <?php $active = 0; ?>
26
- <?php if (current_user_can('aam_manage_roles') || current_user_can('aam_list_roles')) { ?>
27
- <li role="presentation"<?php echo (!$active++ ? ' class="active"' : ''); ?>><a href="#roles" aria-controls="roles" role="tab" data-toggle="tab"><i class="icon-users" data-toggle="tooltip" data-placement="top" title="Roles"></i></a></li>
28
- <?php } ?>
29
- <?php if (current_user_can('aam_manage_users')) { ?>
30
- <li role="presentation"<?php echo (!$active++ ? ' class="active"' : ''); ?>><a href="#users" aria-controls="users" role="tab" data-toggle="tab"><i class="icon-user" data-toggle="tooltip" data-placement="top" title="Users"></i></a></li>
31
- <?php } ?>
32
- <?php if (current_user_can('aam_manage_visitors')) { ?>
33
- <li role="presentation"<?php echo (!$active++ ? ' class="active"' : ''); ?>><a href="#visitor" aria-controls="visitor" role="tab" data-toggle="tab"><i class="icon-user-secret" data-toggle="tooltip" data-placement="top" title="Visitor"></i></a></li>
34
- <?php } ?>
35
- <?php if (current_user_can('aam_manage_default')) { ?>
36
- <li role="presentation"<?php echo (!$active++ ? ' class="active"' : ''); ?>><a href="#default" aria-controls="default" role="tab" data-toggle="tab" class="text-danger"><i class="icon-asterisk" data-toggle="tooltip" data-placement="top" title="Default"></i></a></li>
37
- <?php } ?>
38
- </ul>
39
- <div class="tab-content">
40
- <?php $active = 0; ?>
41
- <?php if (current_user_can('aam_manage_roles') || current_user_can('aam_list_roles')) { ?>
42
- <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="roles">
43
- <table id="role-list" class="table table-striped table-bordered">
44
- <thead>
45
- <tr>
46
- <th>ID</th>
47
- <th>Users</th>
48
- <th width="80%"><?php echo __('Role', AAM_KEY); ?></th>
49
- <th>&nbsp;</th>
50
- <th>Level</th>
51
- </tr>
52
- </thead>
53
- <tbody></tbody>
54
- </table>
55
- </div>
56
- <?php } ?>
57
- <?php if (current_user_can('aam_manage_users') || current_user_can('list_users')) { ?>
58
- <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="users">
59
- <table id="user-list" class="table table-striped table-bordered">
60
- <thead>
61
- <tr>
62
- <th>ID</th>
63
- <th>Roles</th>
64
- <th width="80%"><?php echo __('Username', AAM_KEY); ?></th>
65
- <th>&nbsp;</th>
66
- <th>Level</th>
67
- </tr>
68
- </thead>
69
- <tbody></tbody>
70
- </table>
71
- </div>
72
- <?php } ?>
73
- <?php if (current_user_can('aam_manage_visitors')) { ?>
74
- <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="visitor">
75
- <div class="visitor-message">
76
- <?php if (AAM_Core_Request::get('aamframe') !== 'principal') { ?>
77
- <span class="aam-bordered"><?php echo sprintf(__('Manage access to %s for visitors (any user that is not authenticated)', AAM_KEY), '<b>' . ($object->type == 'post' ? $object->post->post_title : $object->term->name) . '</b>'); ?>.</span>
78
- <button class="btn btn-primary btn-block" id="manage-visitor"><i class="icon-cog"></i> <?php echo __('Manage Visitors', AAM_KEY); ?></button>
79
- <?php } else { ?>
80
- <span class="aam-bordered"><?php echo __('Attach current access &amp; security policy to visitors (any user that is not authenticated)', AAM_KEY); ?>.</span>
81
- <?php
82
- $visitor = new AAM_Core_Subject_Visitor();
83
- $hasPolicy = $visitor->getObject('policy')->has($object->id);
84
- $btnStatus = AAM_Core_Policy_Factory::get()->canTogglePolicy($object->id, ($hasPolicy ? 'detach' : 'attach'));
85
- ?>
86
- <?php if ($hasPolicy) { ?>
87
- <button class="btn btn-primary btn-block" id="attach-policy-visitor" data-has="1"<?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Detach Policy From Visitors', AAM_KEY); ?></button>
88
- <?php } else { ?>
89
- <button class="btn btn-primary btn-block" id="attach-policy-visitor" data-has="0"<?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Attach Policy To Visitors', AAM_KEY); ?></button>
90
- <?php } ?>
91
- <?php } ?>
92
  </div>
93
- </div>
94
- <?php } ?>
95
- <?php if (current_user_can('aam_manage_default')) { ?>
96
- <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="default">
97
- <div class="visitor-message">
98
- <?php if (AAM_Core_Request::get('aamframe') !== 'principal') { ?>
99
- <span class="aam-bordered"><?php echo sprintf(__('Manage default access to %s for all users, roles and visitor. This includes Administrator role and yourself', AAM_KEY), '<b>' . ($object->type == 'post' ? $object->post->post_title : $object->term->name) . '</b>'); ?>.</span>
100
- <?php } else { ?>
101
- <span class="aam-bordered"><?php echo __('Attach current access &amp; security policy to all users, roles and visitors. This includes Administrator role and yourself', AAM_KEY); ?>.</span>
102
- <?php } ?>
103
- <?php if (defined('AAM_PLUS_PACKAGE')) { ?>
 
 
 
 
 
 
 
 
 
104
  <?php if (AAM_Core_Request::get('aamframe') !== 'principal') { ?>
105
- <button class="btn btn-danger btn-block" id="manage-default"><i class="icon-cog"></i> <?php echo __('Manage Default Access', AAM_KEY); ?></button>
 
106
  <?php } else { ?>
 
107
  <?php
108
- $default = new AAM_Core_Subject_Default();
109
- $hasPolicy = $default->getObject('policy')->has($object->id);
110
  $btnStatus = AAM_Core_Policy_Factory::get()->canTogglePolicy($object->id, ($hasPolicy ? 'detach' : 'attach'));
111
  ?>
112
  <?php if ($hasPolicy) { ?>
113
- <button class="btn btn-danger btn-block" id="attach-policy-default" data-has="1"<?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Detach Policy From Everybody', AAM_KEY); ?></button>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
114
  <?php } else { ?>
115
- <button class="btn btn-danger btn-block" id="attach-policy-default" data-has="0"<?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Attach Policy To Everybody', AAM_KEY); ?></button>
 
 
 
 
 
 
 
 
 
116
  <?php } ?>
 
 
 
 
117
  <?php } ?>
118
- <?php } else { ?>
119
- <p class="aam-notification">
120
- <?php echo AAM_Backend_View_Helper::preparePhrase('This feature is allowed only with [AAM Plus Package] extension.', 'b'); ?>
121
- </p>
122
- <?php } ?>
123
  </div>
 
124
  </div>
125
- <?php } ?>
126
  </div>
127
  </div>
128
  </div>
129
- </div>
130
-
131
- <?php if (AAM_Core_Request::get('aamframe') !== 'principal') { ?>
132
- <div class="col-sm-8" id="post-content">
133
- <div class="aam-overwrite hidden" id="post-overwritten">
134
- <span><i class="icon-check"></i> <?php echo __('Settings are customized', AAM_KEY); ?></span>
135
- <span><a href="#" id="post-reset" class="btn btn-xs btn-primary" style="margin-top: -4px;"><?php echo __('Reset To Default', AAM_KEY); ?></a></span>
136
- </div>
137
-
138
- <?php if ($object->id) { ?>
139
- <input type="hidden" id="load-post-object" value="<?php echo ($object->type == 'post' ? $object->post->ID : $object->term->term_id . '|' . $object->term->taxonomy); ?>" />
140
- <input type="hidden" id="load-post-object-type" value="<?php echo $object->type; ?>" />
141
- <input type="hidden" id="load-post-object-title" value="<?php echo ($object->type == 'post' ? $object->post->post_title : $object->term->name); ?>" />
142
- <?php } ?>
143
 
144
- <div class="aam-access-form" data-type="<?php echo $object->type; ?>">
145
- <div id="metabox-post-access-form">
146
- <?php if ($object->type == 'post') { ?>
147
- <?php echo AAM_Backend_Feature_Main_Post::renderAccessForm(); ?>
148
- <?php } else {
149
- /* TODO: Rethink this filter */ echo apply_filters('aam-term-type-ui-filter', AAM_Backend_View::getInstance()->loadPartial('term-type.phtml'));
150
- } ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
151
  </div>
152
- <div class="aam-overlay"></div>
 
153
  </div>
154
-
155
- <?php require AAM_BASEDIR . '/application/Backend/phtml/partial/post-advanced-settings.phtml'; ?>
156
  </div>
 
 
 
 
 
157
  <?php } ?>
158
- </div>
159
-
160
- <?php if (AAM_Core_Request::get('aamframe') !== 'principal') { ?>
161
- <p style="margin: 5px; text-align: left; font-size: 0.9em;">
162
- <b>Please help us</b> and submit your review <a href="https://wordpress.org/support/plugin/advanced-access-manager/reviews/" target="_blank"><i class="icon-star"></i><i class="icon-star"></i><i class="icon-star"></i><i class="icon-star"></i><i class="icon-star"></i></a>
163
- </p>
164
- <?php } ?>
165
-
166
- <input type="hidden" id="object-id" value="<?php echo $object->id; ?>" />
167
-
168
- </body>
169
- </html>
1
+ <?php
 
 
 
2
 
3
+ if (get_current_screen() === null) {
4
+ set_current_screen();
5
+ }
6
 
7
+ if (defined('AAM_KEY')) {
8
+ ?>
9
+ <!DOCTYPE html>
10
+ <html xmlns="https://www.w3.org/1999/xhtml" lang="en-US">
11
+ <head>
12
+ <title>Post Access</title>
13
 
14
+ <meta charset="UTF-8" />
15
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
16
+ <meta name="viewport" content="width=device-width, initial-scale=1.0" />
 
17
 
18
+ <link rel='stylesheet' href='<?php echo AAM_MEDIA; ?>/css/bootstrap.min.css' type='text/css' media='all' />
19
+ <link rel='stylesheet' href='<?php echo AAM_MEDIA; ?>/css/datatables.min.css' type='text/css' media='all' />
20
+ <link rel='stylesheet' href='<?php echo AAM_MEDIA; ?>/css/aam.css' type='text/css' media='all' />
21
+
22
+ <?php do_action('admin_print_scripts'); ?>
23
+
24
+ <?php $object = AAM_Backend_Feature_Main_Post::getCurrentObject(); ?>
25
+ </head>
26
+
27
+ <body id="aam-container">
28
+ <div class="row" style="margin: 10px 0 0 0;">
29
+ <div class="col-sm-4" style="padding: 0;">
30
+ <div class="panel panel-default" style="border-radius:0;">
31
+ <div class="panel-body">
32
+ <ul class="nav nav-tabs" role="tablist">
33
+ <?php $active = 0; ?>
34
+ <?php if (current_user_can('aam_manage_roles') || current_user_can('aam_list_roles')) { ?>
35
+ <li role="presentation"<?php echo (!$active++ ? ' class="active"' : ''); ?>><a href="#roles" aria-controls="roles" role="tab" data-toggle="tab"><i class="icon-users" data-toggle="tooltip" data-placement="top" title="Roles"></i></a></li>
36
+ <?php } ?>
37
+ <?php if (current_user_can('aam_manage_users')) { ?>
38
+ <li role="presentation"<?php echo (!$active++ ? ' class="active"' : ''); ?>><a href="#users" aria-controls="users" role="tab" data-toggle="tab"><i class="icon-user" data-toggle="tooltip" data-placement="top" title="Users"></i></a></li>
39
+ <?php } ?>
40
+ <?php if (current_user_can('aam_manage_visitors')) { ?>
41
+ <li role="presentation"<?php echo (!$active++ ? ' class="active"' : ''); ?>><a href="#visitor" aria-controls="visitor" role="tab" data-toggle="tab"><i class="icon-user-secret" data-toggle="tooltip" data-placement="top" title="Visitor"></i></a></li>
42
+ <?php } ?>
43
+ <?php if (current_user_can('aam_manage_default')) { ?>
44
+ <li role="presentation"<?php echo (!$active++ ? ' class="active"' : ''); ?>><a href="#default" aria-controls="default" role="tab" data-toggle="tab" class="text-danger"><i class="icon-asterisk" data-toggle="tooltip" data-placement="top" title="Default"></i></a></li>
45
+ <?php } ?>
46
+ </ul>
47
+ <div class="tab-content">
48
+ <?php $active = 0; ?>
49
+ <?php if (current_user_can('aam_manage_roles') || current_user_can('aam_list_roles')) { ?>
50
+ <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="roles">
51
+ <table id="role-list" class="table table-striped table-bordered">
52
+ <thead>
53
+ <tr>
54
+ <th>ID</th>
55
+ <th>Users</th>
56
+ <th width="80%"><?php echo __('Role', AAM_KEY); ?></th>
57
+ <th>&nbsp;</th>
58
+ <th>Level</th>
59
+ </tr>
60
+ </thead>
61
+ <tbody></tbody>
62
+ </table>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
63
  </div>
64
+ <?php } ?>
65
+ <?php if (current_user_can('aam_manage_users') || current_user_can('list_users')) { ?>
66
+ <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="users">
67
+ <table id="user-list" class="table table-striped table-bordered">
68
+ <thead>
69
+ <tr>
70
+ <th>ID</th>
71
+ <th>Roles</th>
72
+ <th width="80%"><?php echo __('Username', AAM_KEY); ?></th>
73
+ <th>&nbsp;</th>
74
+ <th>Level</th>
75
+ </tr>
76
+ </thead>
77
+ <tbody></tbody>
78
+ </table>
79
+ </div>
80
+ <?php } ?>
81
+ <?php if (current_user_can('aam_manage_visitors')) { ?>
82
+ <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="visitor">
83
+ <div class="visitor-message">
84
  <?php if (AAM_Core_Request::get('aamframe') !== 'principal') { ?>
85
+ <span class="aam-bordered"><?php echo sprintf(__('Manage access to %s for visitors (any user that is not authenticated)', AAM_KEY), '<b>' . ($object->type == 'post' ? $object->post->post_title : $object->term->name) . '</b>'); ?>.</span>
86
+ <button class="btn btn-primary btn-block" id="manage-visitor"><i class="icon-cog"></i> <?php echo __('Manage Visitors', AAM_KEY); ?></button>
87
  <?php } else { ?>
88
+ <span class="aam-bordered"><?php echo __('Attach current access &amp; security policy to visitors (any user that is not authenticated)', AAM_KEY); ?>.</span>
89
  <?php
90
+ $visitor = new AAM_Core_Subject_Visitor();
91
+ $hasPolicy = $visitor->getObject('policy')->has($object->id);
92
  $btnStatus = AAM_Core_Policy_Factory::get()->canTogglePolicy($object->id, ($hasPolicy ? 'detach' : 'attach'));
93
  ?>
94
  <?php if ($hasPolicy) { ?>
95
+ <button class="btn btn-primary btn-block" id="attach-policy-visitor" data-has="1"<?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Detach Policy From Visitors', AAM_KEY); ?></button>
96
+ <?php } else { ?>
97
+ <button class="btn btn-primary btn-block" id="attach-policy-visitor" data-has="0"<?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Attach Policy To Visitors', AAM_KEY); ?></button>
98
+ <?php } ?>
99
+ <?php } ?>
100
+ </div>
101
+ </div>
102
+ <?php } ?>
103
+ <?php if (current_user_can('aam_manage_default')) { ?>
104
+ <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="default">
105
+ <div class="visitor-message">
106
+ <?php if (AAM_Core_Request::get('aamframe') !== 'principal') { ?>
107
+ <span class="aam-bordered"><?php echo sprintf(__('Manage default access to %s for all users, roles and visitor. This includes Administrator role and yourself', AAM_KEY), '<b>' . ($object->type == 'post' ? $object->post->post_title : $object->term->name) . '</b>'); ?>.</span>
108
+ <?php } else { ?>
109
+ <span class="aam-bordered"><?php echo __('Attach current access &amp; security policy to all users, roles and visitors. This includes Administrator role and yourself', AAM_KEY); ?>.</span>
110
+ <?php } ?>
111
+ <?php if (defined('AAM_PLUS_PACKAGE')) { ?>
112
+ <?php if (AAM_Core_Request::get('aamframe') !== 'principal') { ?>
113
+ <button class="btn btn-danger btn-block" id="manage-default"><i class="icon-cog"></i> <?php echo __('Manage Default Access', AAM_KEY); ?></button>
114
  <?php } else { ?>
115
+ <?php
116
+ $default = new AAM_Core_Subject_Default();
117
+ $hasPolicy = $default->getObject('policy')->has($object->id);
118
+ $btnStatus = AAM_Core_Policy_Factory::get()->canTogglePolicy($object->id, ($hasPolicy ? 'detach' : 'attach'));
119
+ ?>
120
+ <?php if ($hasPolicy) { ?>
121
+ <button class="btn btn-danger btn-block" id="attach-policy-default" data-has="1"<?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Detach Policy From Everybody', AAM_KEY); ?></button>
122
+ <?php } else { ?>
123
+ <button class="btn btn-danger btn-block" id="attach-policy-default" data-has="0"<?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Attach Policy To Everybody', AAM_KEY); ?></button>
124
+ <?php } ?>
125
  <?php } ?>
126
+ <?php } else { ?>
127
+ <p class="aam-notification">
128
+ <?php echo AAM_Backend_View_Helper::preparePhrase('This feature is allowed only with [AAM Plus Package] extension.', 'b'); ?>
129
+ </p>
130
  <?php } ?>
131
+ </div>
 
 
 
 
132
  </div>
133
+ <?php } ?>
134
  </div>
 
135
  </div>
136
  </div>
137
  </div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
138
 
139
+ <?php if (AAM_Core_Request::get('aamframe') !== 'principal') { ?>
140
+ <div class="col-sm-8" id="post-content">
141
+ <div class="aam-overwrite hidden" id="post-overwritten">
142
+ <span><i class="icon-check"></i> <?php echo __('Settings are customized', AAM_KEY); ?></span>
143
+ <span><a href="#" id="post-reset" class="btn btn-xs btn-primary" style="margin-top: -4px;"><?php echo __('Reset To Default', AAM_KEY); ?></a></span>
144
+ </div>
145
+
146
+ <?php if ($object->id) { ?>
147
+ <input type="hidden" id="load-post-object" value="<?php echo ($object->type == 'post' ? $object->post->ID : $object->term->term_id . '|' . $object->term->taxonomy); ?>" />
148
+ <input type="hidden" id="load-post-object-type" value="<?php echo $object->type; ?>" />
149
+ <input type="hidden" id="load-post-object-title" value="<?php echo ($object->type == 'post' ? $object->post->post_title : $object->term->name); ?>" />
150
+ <?php } ?>
151
+
152
+ <div class="aam-access-form" data-type="<?php echo $object->type; ?>">
153
+ <div id="metabox-post-access-form">
154
+ <?php if ($object->type == 'post') { ?>
155
+ <?php echo AAM_Backend_Feature_Main_Post::renderAccessForm(); ?>
156
+ <?php } else {
157
+ /* TODO: Rethink this filter */ echo apply_filters('aam-term-type-ui-filter', AAM_Backend_View::getInstance()->loadPartial('term-type.phtml'));
158
+ } ?>
159
+ </div>
160
+ <div class="aam-overlay"></div>
161
  </div>
162
+
163
+ <?php require AAM_BASEDIR . '/application/Backend/phtml/partial/post-advanced-settings.phtml'; ?>
164
  </div>
165
+ <?php } ?>
 
166
  </div>
167
+
168
+ <?php if (AAM_Core_Request::get('aamframe') !== 'principal') { ?>
169
+ <p style="margin: 5px; text-align: left; font-size: 0.9em;">
170
+ <b>Please help us</b> and submit your review <a href="https://wordpress.org/support/plugin/advanced-access-manager/reviews/" target="_blank"><i class="icon-star"></i><i class="icon-star"></i><i class="icon-star"></i><i class="icon-star"></i><i class="icon-star"></i></a>
171
+ </p>
172
  <?php } ?>
173
+
174
+ <input type="hidden" id="object-id" value="<?php echo $object->id; ?>" />
175
+
176
+ </body>
177
+ </html>
178
+ <?php }
 
 
 
 
 
 
application/Backend/phtml/metabox/policy-metabox.phtml CHANGED
@@ -1,425 +1,427 @@
1
- <div>
2
- <style type="text/css">
3
- /* CODEMIRROR CSS RULES */
4
- /* BASICS */
5
-
6
- .CodeMirror {
7
- /* Set height, width, borders, and global font properties here */
8
- font-family: monospace;
9
- height: 300px;
10
- color: black;
11
- direction: ltr;
12
- border: 1px solid #EEEEEE;
13
- padding: 5px;
14
- }
15
-
16
- /* PADDING */
17
-
18
- .CodeMirror-lines {
19
- padding: 4px 0; /* Vertical padding around content */
20
- }
21
- .CodeMirror pre {
22
- padding: 0 4px; /* Horizontal padding of content */
23
- }
24
-
25
- .CodeMirror-scrollbar-filler, .CodeMirror-gutter-filler {
26
- background-color: white; /* The little square between H and V scrollbars */
27
- }
28
-
29
- /* GUTTER */
30
-
31
- .CodeMirror-gutters {
32
- white-space: nowrap;
33
- }
34
- .CodeMirror-linenumbers {}
35
- .CodeMirror-linenumber {
36
- padding: 0 3px 0 0px;
37
- min-width: 15px;
38
- text-align: right;
39
- color: #999;
40
- white-space: nowrap;
41
- }
42
-
43
- .CodeMirror-guttermarker { color: black; }
44
- .CodeMirror-guttermarker-subtle { color: #999; }
45
-
46
- /* CURSOR */
47
-
48
- .CodeMirror-cursor {
49
- border-left: 1px solid black;
50
- border-right: none;
51
- width: 0;
52
- }
53
- /* Shown when moving in bi-directional text */
54
- .CodeMirror div.CodeMirror-secondarycursor {
55
- border-left: 1px solid silver;
56
- }
57
- .cm-fat-cursor .CodeMirror-cursor {
58
- width: auto;
59
- border: 0 !important;
60
- background: #7e7;
61
- }
62
- .cm-fat-cursor div.CodeMirror-cursors {
63
- z-index: 1;
64
- }
65
- .cm-fat-cursor-mark {
66
- background-color: rgba(20, 255, 20, 0.5);
67
- -webkit-animation: blink 1.06s steps(1) infinite;
68
- -moz-animation: blink 1.06s steps(1) infinite;
69
- animation: blink 1.06s steps(1) infinite;
70
- }
71
- .cm-animate-fat-cursor {
72
- width: auto;
73
- border: 0;
74
- -webkit-animation: blink 1.06s steps(1) infinite;
75
- -moz-animation: blink 1.06s steps(1) infinite;
76
- animation: blink 1.06s steps(1) infinite;
77
- background-color: #7e7;
78
- }
79
- @-moz-keyframes blink {
80
- 0% {}
81
- 50% { background-color: transparent; }
82
- 100% {}
83
- }
84
- @-webkit-keyframes blink {
85
- 0% {}
86
- 50% { background-color: transparent; }
87
- 100% {}
88
- }
89
- @keyframes blink {
90
- 0% {}
91
- 50% { background-color: transparent; }
92
- 100% {}
93
- }
94
-
95
- /* Can style cursor different in overwrite (non-insert) mode */
96
- .CodeMirror-overwrite .CodeMirror-cursor {}
97
-
98
- .cm-tab { display: inline-block; text-decoration: inherit; }
99
-
100
- .CodeMirror-rulers {
101
- position: absolute;
102
- left: 0; right: 0; top: -50px; bottom: -20px;
103
- overflow: hidden;
104
- }
105
- .CodeMirror-ruler {
106
- border-left: 1px solid #ccc;
107
- top: 0; bottom: 0;
108
- position: absolute;
109
- }
110
-
111
- /* DEFAULT THEME */
112
-
113
- .cm-s-default .cm-header {color: blue;}
114
- .cm-s-default .cm-quote {color: #090;}
115
- .cm-negative {color: #d44;}
116
- .cm-positive {color: #292;}
117
- .cm-header, .cm-strong {font-weight: bold;}
118
- .cm-em {font-style: italic;}
119
- .cm-link {text-decoration: underline;}
120
- .cm-strikethrough {text-decoration: line-through;}
121
-
122
- .cm-s-default .cm-keyword {color: #708;}
123
- .cm-s-default .cm-atom {color: #219;}
124
- .cm-s-default .cm-number {color: #164;}
125
- .cm-s-default .cm-def {color: #00f;}
126
- .cm-s-default .cm-variable,
127
- .cm-s-default .cm-punctuation,
128
- .cm-s-default .cm-property,
129
- .cm-s-default .cm-operator {}
130
- .cm-s-default .cm-variable-2 {color: #05a;}
131
- .cm-s-default .cm-variable-3, .cm-s-default .cm-type {color: #085;}
132
- .cm-s-default .cm-comment {color: #a50;}
133
- .cm-s-default .cm-string {color: #a11;}
134
- .cm-s-default .cm-string-2 {color: #f50;}
135
- .cm-s-default .cm-meta {color: #555;}
136
- .cm-s-default .cm-qualifier {color: #555;}
137
- .cm-s-default .cm-builtin {color: #30a;}
138
- .cm-s-default .cm-bracket {color: #997;}
139
- .cm-s-default .cm-tag {color: #170;}
140
- .cm-s-default .cm-attribute {color: #00c;}
141
- .cm-s-default .cm-hr {color: #999;}
142
- .cm-s-default .cm-link {color: #00c;}
143
-
144
- .cm-s-default .cm-error {color: #f00;}
145
- .cm-invalidchar {color: #f00;}
146
-
147
- .CodeMirror-composing { border-bottom: 2px solid; }
148
-
149
- /* Default styles for common addons */
150
-
151
- div.CodeMirror span.CodeMirror-matchingbracket {color: #0b0;}
152
- div.CodeMirror span.CodeMirror-nonmatchingbracket {color: #a22;}
153
- .CodeMirror-matchingtag { background: rgba(255, 150, 0, .3); }
154
- .CodeMirror-activeline-background {background: #e8f2ff;}
155
-
156
- /* STOP */
157
-
158
- /* The rest of this file contains styles related to the mechanics of
159
- the editor. You probably shouldn't touch them. */
160
-
161
- .CodeMirror {
162
- position: relative;
163
- overflow: hidden;
164
- background: white;
165
- }
166
-
167
- .CodeMirror-scroll {
168
- overflow: scroll !important; /* Things will break if this is overridden */
169
- /* 30px is the magic margin used to hide the element's real scrollbars */
170
- /* See overflow: hidden in .CodeMirror */
171
- margin-bottom: -30px; margin-right: -30px;
172
- padding-bottom: 30px;
173
- height: 100%;
174
- outline: none; /* Prevent dragging from highlighting the element */
175
- position: relative;
176
- }
177
- .CodeMirror-sizer {
178
- position: relative;
179
- border-right: 30px solid transparent;
180
- }
181
-
182
- /* The fake, visible scrollbars. Used to force redraw during scrolling
183
- before actual scrolling happens, thus preventing shaking and
184
- flickering artifacts. */
185
- .CodeMirror-vscrollbar, .CodeMirror-hscrollbar, .CodeMirror-scrollbar-filler, .CodeMirror-gutter-filler {
186
- position: absolute;
187
- z-index: 6;
188
- display: none;
189
- }
190
- .CodeMirror-vscrollbar {
191
- right: 0; top: 0;
192
- overflow-x: hidden;
193
- overflow-y: scroll;
194
- }
195
- .CodeMirror-hscrollbar {
196
- bottom: 0; left: 0;
197
- overflow-y: hidden;
198
- overflow-x: scroll;
199
- }
200
- .CodeMirror-scrollbar-filler {
201
- right: 0; bottom: 0;
202
- }
203
- .CodeMirror-gutter-filler {
204
- left: 0; bottom: 0;
205
- }
206
-
207
- .CodeMirror-gutters {
208
- position: absolute; left: 0; top: 0;
209
- min-height: 100%;
210
- z-index: 3;
211
- }
212
- .CodeMirror-gutter {
213
- white-space: normal;
214
- height: 100%;
215
- display: inline-block;
216
- vertical-align: top;
217
- margin-bottom: -30px;
218
- }
219
- .CodeMirror-gutter-wrapper {
220
- position: absolute;
221
- z-index: 4;
222
- background: none !important;
223
- border: none !important;
224
- }
225
- .CodeMirror-gutter-background {
226
- position: absolute;
227
- top: 0; bottom: 0;
228
- z-index: 4;
229
- }
230
- .CodeMirror-gutter-elt {
231
- position: absolute;
232
- cursor: default;
233
- z-index: 4;
234
- }
235
- .CodeMirror-gutter-wrapper ::selection { background-color: transparent }
236
- .CodeMirror-gutter-wrapper ::-moz-selection { background-color: transparent }
237
-
238
- .CodeMirror-lines {
239
- cursor: text;
240
- min-height: 1px; /* prevents collapsing before first draw */
241
- }
242
- .CodeMirror pre {
243
- /* Reset some styles that the rest of the page might have set */
244
- -moz-border-radius: 0; -webkit-border-radius: 0; border-radius: 0;
245
- border-width: 0;
246
- background: transparent;
247
- font-family: inherit;
248
- font-size: inherit;
249
- margin: 0;
250
- white-space: pre;
251
- word-wrap: normal;
252
- line-height: inherit;
253
- color: inherit;
254
- z-index: 2;
255
- position: relative;
256
- overflow: visible;
257
- -webkit-tap-highlight-color: transparent;
258
- -webkit-font-variant-ligatures: contextual;
259
- font-variant-ligatures: contextual;
260
- }
261
- #policy-model .CodeMirror pre {
262
- padding-left: 20px;
263
- }
264
- .CodeMirror-wrap pre {
265
- word-wrap: break-word;
266
- white-space: pre-wrap;
267
- word-break: normal;
268
- }
269
-
270
- .CodeMirror-linebackground {
271
- position: absolute;
272
- left: 0; right: 0; top: 0; bottom: 0;
273
- z-index: 0;
274
- }
275
-
276
- .CodeMirror-linewidget {
277
- position: relative;
278
- z-index: 2;
279
- padding: 0.1px; /* Force widget margins to stay inside of the container */
280
- }
281
-
282
- .CodeMirror-widget {}
283
-
284
- .CodeMirror-rtl pre { direction: rtl; }
285
-
286
- .CodeMirror-code {
287
- outline: none;
288
- }
289
-
290
- /* Force content-box sizing for the elements where we expect it */
291
- .CodeMirror-scroll,
292
- .CodeMirror-sizer,
293
- .CodeMirror-gutter,
294
- .CodeMirror-gutters,
295
- .CodeMirror-linenumber {
296
- -moz-box-sizing: content-box;
297
- box-sizing: content-box;
298
- }
299
-
300
- .CodeMirror-measure {
301
- position: absolute;
302
- width: 100%;
303
- height: 0;
304
- overflow: hidden;
305
- visibility: hidden;
306
- }
307
-
308
- .CodeMirror-cursor {
309
- position: absolute;
310
- pointer-events: none;
311
- }
312
- .CodeMirror-measure pre { position: static; }
313
-
314
- div.CodeMirror-cursors {
315
- visibility: hidden;
316
- position: relative;
317
- z-index: 3;
318
- }
319
- div.CodeMirror-dragcursors {
320
- visibility: visible;
321
- }
322
-
323
- .CodeMirror-focused div.CodeMirror-cursors {
324
- visibility: visible;
325
- }
326
-
327
- .CodeMirror-selected { background: #d9d9d9; }
328
- .CodeMirror-focused .CodeMirror-selected { background: #d7d4f0; }
329
- .CodeMirror-crosshair { cursor: crosshair; }
330
- .CodeMirror-line::selection, .CodeMirror-line > span::selection, .CodeMirror-line > span > span::selection { background: #d7d4f0; }
331
- .CodeMirror-line::-moz-selection, .CodeMirror-line > span::-moz-selection, .CodeMirror-line > span > span::-moz-selection { background: #d7d4f0; }
332
-
333
- .cm-searching {
334
- background-color: #ffa;
335
- background-color: rgba(255, 255, 0, .4);
336
- }
337
-
338
- /* Used to force a border model for a node */
339
- .cm-force-border { padding-right: .1px; }
340
-
341
- @media print {
342
- /* Hide the cursor when printing */
343
- .CodeMirror div.CodeMirror-cursors {
344
  visibility: hidden;
345
  }
346
- }
347
 
348
- /* See issue #2901 */
349
- .cm-tab-wrap-hack:after { content: ''; }
 
 
 
350
 
351
- /* Help users use markselection to safely style text background */
352
- span.CodeMirror-selectedtext { background: none; }
353
-
354
- .aam-alert-danger{
355
- border-radius: 0;
356
- margin: 10px 0;
357
- color: #a94442;
358
- background-color: #f2dede;
359
- border-color: #ebccd1;
360
- padding: 15px;
361
- border: 1px solid transparent;
362
- }
363
- .aam-infobox {
364
- border-left: 5px solid #257fad;
365
- padding: 20px;
366
- background-color: #d9edf7;
367
- margin-bottom: 0;
368
- }
369
- </style>
370
-
371
- <?php
372
- if (!empty($args->post->post_content)) {
373
- // Validate the policy
374
- $validator = new AAM_Core_Policy_Validator(htmlspecialchars_decode($args->post->post_content));
375
- $errors = $validator->validate();
376
- } else {
377
- $args->post->post_content = AAM_Backend_View_Helper::getDefaultPolicy();
378
- $errors = array();
379
- }
380
- ?>
381
-
382
- <div class="aam-alert-danger<?php echo (empty($errors) ? ' hidden' : ''); ?>" id="policy-parsing-error">
383
- <?php echo implode('<br/>', $errors); ?>
384
- </div>
385
-
386
- <textarea id="aam-policy-editor" name="aam-policy" class="policy-editor" rows="10"><?php echo stripslashes($args->post->post_content); ?></textarea>
387
-
388
- <p class="aam-infobox">
389
- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('To learn more about Access &amp; Security policy document, please check [%sAccess &amp; Security Policy%s] page.', 'b'), '<a href="https://aamplugin.com/reference/policy" target="_blank">', '</a>'); ?>
390
- </p>
391
-
392
- <script type='text/javascript' src="<?php echo AAM_MEDIA . '/js/vendor.js'; ?>"></script>
393
-
394
- <script type='text/javascript'>
395
- (function($){
396
- var editor = CodeMirror.fromTextArea(
397
- document.getElementById("aam-policy-editor"),
398
- {
399
- mode: "application/json",
400
- lineNumbers: true
401
  }
402
- );
403
 
404
- $(document).ready(function () {
405
- $('form[name="post"]').bind('submit', function(event) {
406
- var json = editor.getValue();
407
-
408
- $('#policy-parsing-error').addClass('hidden');
409
-
410
- try {
411
- JSON.parse(json);
412
-
413
- $('#aam-policy-editor').val(json);
414
- } catch (e) {
415
- event.preventDefault();
416
-
417
- $('#policy-parsing-error').removeClass('hidden').html(
418
- '<b><?php echo __('Syntax Error', AAM_KEY); ?></b>: ' + e.message.replace('JSON.parse:', '')
419
- );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
420
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
421
  });
422
- });
423
- }(jQuery));
424
- </script>
425
- </div>
1
+ <?php if (defined('AAM_KEY')) { ?>
2
+ <div>
3
+ <style type="text/css">
4
+ /* CODEMIRROR CSS RULES */
5
+ /* BASICS */
6
+
7
+ .CodeMirror {
8
+ /* Set height, width, borders, and global font properties here */
9
+ font-family: monospace;
10
+ height: 300px;
11
+ color: black;
12
+ direction: ltr;
13
+ border: 1px solid #EEEEEE;
14
+ padding: 5px;
15
+ }
16
+
17
+ /* PADDING */
18
+
19
+ .CodeMirror-lines {
20
+ padding: 4px 0; /* Vertical padding around content */
21
+ }
22
+ .CodeMirror pre {
23
+ padding: 0 4px; /* Horizontal padding of content */
24
+ }
25
+
26
+ .CodeMirror-scrollbar-filler, .CodeMirror-gutter-filler {
27
+ background-color: white; /* The little square between H and V scrollbars */
28
+ }
29
+
30
+ /* GUTTER */
31
+
32
+ .CodeMirror-gutters {
33
+ white-space: nowrap;
34
+ }
35
+ .CodeMirror-linenumbers {}
36
+ .CodeMirror-linenumber {
37
+ padding: 0 3px 0 0px;
38
+ min-width: 15px;
39
+ text-align: right;
40
+ color: #999;
41
+ white-space: nowrap;
42
+ }
43
+
44
+ .CodeMirror-guttermarker { color: black; }
45
+ .CodeMirror-guttermarker-subtle { color: #999; }
46
+
47
+ /* CURSOR */
48
+
49
+ .CodeMirror-cursor {
50
+ border-left: 1px solid black;
51
+ border-right: none;
52
+ width: 0;
53
+ }
54
+ /* Shown when moving in bi-directional text */
55
+ .CodeMirror div.CodeMirror-secondarycursor {
56
+ border-left: 1px solid silver;
57
+ }
58
+ .cm-fat-cursor .CodeMirror-cursor {
59
+ width: auto;
60
+ border: 0 !important;
61
+ background: #7e7;
62
+ }
63
+ .cm-fat-cursor div.CodeMirror-cursors {
64
+ z-index: 1;
65
+ }
66
+ .cm-fat-cursor-mark {
67
+ background-color: rgba(20, 255, 20, 0.5);
68
+ -webkit-animation: blink 1.06s steps(1) infinite;
69
+ -moz-animation: blink 1.06s steps(1) infinite;
70
+ animation: blink 1.06s steps(1) infinite;
71
+ }
72
+ .cm-animate-fat-cursor {
73
+ width: auto;
74
+ border: 0;
75
+ -webkit-animation: blink 1.06s steps(1) infinite;
76
+ -moz-animation: blink 1.06s steps(1) infinite;
77
+ animation: blink 1.06s steps(1) infinite;
78
+ background-color: #7e7;
79
+ }
80
+ @-moz-keyframes blink {
81
+ 0% {}
82
+ 50% { background-color: transparent; }
83
+ 100% {}
84
+ }
85
+ @-webkit-keyframes blink {
86
+ 0% {}
87
+ 50% { background-color: transparent; }
88
+ 100% {}
89
+ }
90
+ @keyframes blink {
91
+ 0% {}
92
+ 50% { background-color: transparent; }
93
+ 100% {}
94
+ }
95
+
96
+ /* Can style cursor different in overwrite (non-insert) mode */
97
+ .CodeMirror-overwrite .CodeMirror-cursor {}
98
+
99
+ .cm-tab { display: inline-block; text-decoration: inherit; }
100
+
101
+ .CodeMirror-rulers {
102
+ position: absolute;
103
+ left: 0; right: 0; top: -50px; bottom: -20px;
104
+ overflow: hidden;
105
+ }
106
+ .CodeMirror-ruler {
107
+ border-left: 1px solid #ccc;
108
+ top: 0; bottom: 0;
109
+ position: absolute;
110
+ }
111
+
112
+ /* DEFAULT THEME */
113
+
114
+ .cm-s-default .cm-header {color: blue;}
115
+ .cm-s-default .cm-quote {color: #090;}
116
+ .cm-negative {color: #d44;}
117
+ .cm-positive {color: #292;}
118
+ .cm-header, .cm-strong {font-weight: bold;}
119
+ .cm-em {font-style: italic;}
120
+ .cm-link {text-decoration: underline;}
121
+ .cm-strikethrough {text-decoration: line-through;}
122
+
123
+ .cm-s-default .cm-keyword {color: #708;}
124
+ .cm-s-default .cm-atom {color: #219;}
125
+ .cm-s-default .cm-number {color: #164;}
126
+ .cm-s-default .cm-def {color: #00f;}
127
+ .cm-s-default .cm-variable,
128
+ .cm-s-default .cm-punctuation,
129
+ .cm-s-default .cm-property,
130
+ .cm-s-default .cm-operator {}
131
+ .cm-s-default .cm-variable-2 {color: #05a;}
132
+ .cm-s-default .cm-variable-3, .cm-s-default .cm-type {color: #085;}
133
+ .cm-s-default .cm-comment {color: #a50;}
134
+ .cm-s-default .cm-string {color: #a11;}
135
+ .cm-s-default .cm-string-2 {color: #f50;}
136
+ .cm-s-default .cm-meta {color: #555;}
137
+ .cm-s-default .cm-qualifier {color: #555;}
138
+ .cm-s-default .cm-builtin {color: #30a;}
139
+ .cm-s-default .cm-bracket {color: #997;}
140
+ .cm-s-default .cm-tag {color: #170;}
141
+ .cm-s-default .cm-attribute {color: #00c;}
142
+ .cm-s-default .cm-hr {color: #999;}
143
+ .cm-s-default .cm-link {color: #00c;}
144
+
145
+ .cm-s-default .cm-error {color: #f00;}
146
+ .cm-invalidchar {color: #f00;}
147
+
148
+ .CodeMirror-composing { border-bottom: 2px solid; }
149
+
150
+ /* Default styles for common addons */
151
+
152
+ div.CodeMirror span.CodeMirror-matchingbracket {color: #0b0;}
153
+ div.CodeMirror span.CodeMirror-nonmatchingbracket {color: #a22;}
154
+ .CodeMirror-matchingtag { background: rgba(255, 150, 0, .3); }
155
+ .CodeMirror-activeline-background {background: #e8f2ff;}
156
+
157
+ /* STOP */
158
+
159
+ /* The rest of this file contains styles related to the mechanics of
160
+ the editor. You probably shouldn't touch them. */
161
+
162
+ .CodeMirror {
163
+ position: relative;
164
+ overflow: hidden;
165
+ background: white;
166
+ }
167
+
168
+ .CodeMirror-scroll {
169
+ overflow: scroll !important; /* Things will break if this is overridden */
170
+ /* 30px is the magic margin used to hide the element's real scrollbars */
171
+ /* See overflow: hidden in .CodeMirror */
172
+ margin-bottom: -30px; margin-right: -30px;
173
+ padding-bottom: 30px;
174
+ height: 100%;
175
+ outline: none; /* Prevent dragging from highlighting the element */
176
+ position: relative;
177
+ }
178
+ .CodeMirror-sizer {
179
+ position: relative;
180
+ border-right: 30px solid transparent;
181
+ }
182
+
183
+ /* The fake, visible scrollbars. Used to force redraw during scrolling
184
+ before actual scrolling happens, thus preventing shaking and
185
+ flickering artifacts. */
186
+ .CodeMirror-vscrollbar, .CodeMirror-hscrollbar, .CodeMirror-scrollbar-filler, .CodeMirror-gutter-filler {
187
+ position: absolute;
188
+ z-index: 6;
189
+ display: none;
190
+ }
191
+ .CodeMirror-vscrollbar {
192
+ right: 0; top: 0;
193
+ overflow-x: hidden;
194
+ overflow-y: scroll;
195
+ }
196
+ .CodeMirror-hscrollbar {
197
+ bottom: 0; left: 0;
198
+ overflow-y: hidden;
199
+ overflow-x: scroll;
200
+ }
201
+ .CodeMirror-scrollbar-filler {
202
+ right: 0; bottom: 0;
203
+ }
204
+ .CodeMirror-gutter-filler {
205
+ left: 0; bottom: 0;
206
+ }
207
+
208
+ .CodeMirror-gutters {
209
+ position: absolute; left: 0; top: 0;
210
+ min-height: 100%;
211
+ z-index: 3;
212
+ }
213
+ .CodeMirror-gutter {
214
+ white-space: normal;
215
+ height: 100%;
216
+ display: inline-block;
217
+ vertical-align: top;
218
+ margin-bottom: -30px;
219
+ }
220
+ .CodeMirror-gutter-wrapper {
221
+ position: absolute;
222
+ z-index: 4;
223
+ background: none !important;
224
+ border: none !important;
225
+ }
226
+ .CodeMirror-gutter-background {
227
+ position: absolute;
228
+ top: 0; bottom: 0;
229
+ z-index: 4;
230
+ }
231
+ .CodeMirror-gutter-elt {
232
+ position: absolute;
233
+ cursor: default;
234
+ z-index: 4;
235
+ }
236
+ .CodeMirror-gutter-wrapper ::selection { background-color: transparent }
237
+ .CodeMirror-gutter-wrapper ::-moz-selection { background-color: transparent }
238
+
239
+ .CodeMirror-lines {
240
+ cursor: text;
241
+ min-height: 1px; /* prevents collapsing before first draw */
242
+ }
243
+ .CodeMirror pre {
244
+ /* Reset some styles that the rest of the page might have set */
245
+ -moz-border-radius: 0; -webkit-border-radius: 0; border-radius: 0;
246
+ border-width: 0;
247
+ background: transparent;
248
+ font-family: inherit;
249
+ font-size: inherit;
250
+ margin: 0;
251
+ white-space: pre;
252
+ word-wrap: normal;
253
+ line-height: inherit;
254
+ color: inherit;
255
+ z-index: 2;
256
+ position: relative;
257
+ overflow: visible;
258
+ -webkit-tap-highlight-color: transparent;
259
+ -webkit-font-variant-ligatures: contextual;
260
+ font-variant-ligatures: contextual;
261
+ }
262
+ #policy-model .CodeMirror pre {
263
+ padding-left: 20px;
264
+ }
265
+ .CodeMirror-wrap pre {
266
+ word-wrap: break-word;
267
+ white-space: pre-wrap;
268
+ word-break: normal;
269
+ }
270
+
271
+ .CodeMirror-linebackground {
272
+ position: absolute;
273
+ left: 0; right: 0; top: 0; bottom: 0;
274
+ z-index: 0;
275
+ }
276
+
277
+ .CodeMirror-linewidget {
278
+ position: relative;
279
+ z-index: 2;
280
+ padding: 0.1px; /* Force widget margins to stay inside of the container */
281
+ }
282
+
283
+ .CodeMirror-widget {}
284
+
285
+ .CodeMirror-rtl pre { direction: rtl; }
286
+
287
+ .CodeMirror-code {
288
+ outline: none;
289
+ }
290
+
291
+ /* Force content-box sizing for the elements where we expect it */
292
+ .CodeMirror-scroll,
293
+ .CodeMirror-sizer,
294
+ .CodeMirror-gutter,
295
+ .CodeMirror-gutters,
296
+ .CodeMirror-linenumber {
297
+ -moz-box-sizing: content-box;
298
+ box-sizing: content-box;
299
+ }
300
+
301
+ .CodeMirror-measure {
302
+ position: absolute;
303
+ width: 100%;
304
+ height: 0;
305
+ overflow: hidden;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
306
  visibility: hidden;
307
  }
 
308
 
309
+ .CodeMirror-cursor {
310
+ position: absolute;
311
+ pointer-events: none;
312
+ }
313
+ .CodeMirror-measure pre { position: static; }
314
 
315
+ div.CodeMirror-cursors {
316
+ visibility: hidden;
317
+ position: relative;
318
+ z-index: 3;
319
+ }
320
+ div.CodeMirror-dragcursors {
321
+ visibility: visible;
322
+ }
323
+
324
+ .CodeMirror-focused div.CodeMirror-cursors {
325
+ visibility: visible;
326
+ }
327
+
328
+ .CodeMirror-selected { background: #d9d9d9; }
329
+ .CodeMirror-focused .CodeMirror-selected { background: #d7d4f0; }
330
+ .CodeMirror-crosshair { cursor: crosshair; }
331
+ .CodeMirror-line::selection, .CodeMirror-line > span::selection, .CodeMirror-line > span > span::selection { background: #d7d4f0; }
332
+ .CodeMirror-line::-moz-selection, .CodeMirror-line > span::-moz-selection, .CodeMirror-line > span > span::-moz-selection { background: #d7d4f0; }
333
+
334
+ .cm-searching {
335
+ background-color: #ffa;
336
+ background-color: rgba(255, 255, 0, .4);
337
+ }
338
+
339
+ /* Used to force a border model for a node */
340
+ .cm-force-border { padding-right: .1px; }
341
+
342
+ @media print {
343
+ /* Hide the cursor when printing */
344
+ .CodeMirror div.CodeMirror-cursors {
345
+ visibility: hidden;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
346
  }
347
+ }
348
 
349
+ /* See issue #2901 */
350
+ .cm-tab-wrap-hack:after { content: ''; }
351
+
352
+ /* Help users use markselection to safely style text background */
353
+ span.CodeMirror-selectedtext { background: none; }
354
+
355
+ .aam-alert-danger{
356
+ border-radius: 0;
357
+ margin: 10px 0;
358
+ color: #a94442;
359
+ background-color: #f2dede;
360
+ border-color: #ebccd1;
361
+ padding: 15px;
362
+ border: 1px solid transparent;
363
+ }
364
+ .aam-infobox {
365
+ border-left: 5px solid #257fad;
366
+ padding: 20px;
367
+ background-color: #d9edf7;
368
+ margin-bottom: 0;
369
+ }
370
+ </style>
371
+
372
+ <?php
373
+ if (!empty($args->post->post_content)) {
374
+ // Validate the policy
375
+ $validator = new AAM_Core_Policy_Validator(htmlspecialchars_decode($args->post->post_content));
376
+ $errors = $validator->validate();
377
+ } else {
378
+ $args->post->post_content = AAM_Backend_View_Helper::getDefaultPolicy();
379
+ $errors = array();
380
+ }
381
+ ?>
382
+
383
+ <div class="aam-alert-danger<?php echo (empty($errors) ? ' hidden' : ''); ?>" id="policy-parsing-error">
384
+ <?php echo implode('<br/>', $errors); ?>
385
+ </div>
386
+
387
+ <textarea id="aam-policy-editor" name="aam-policy" class="policy-editor" rows="10"><?php echo stripslashes($args->post->post_content); ?></textarea>
388
+
389
+ <p class="aam-infobox">
390
+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('To learn more about Access &amp; Security policy document, please check [%sAccess &amp; Security Policy%s] page.', 'b'), '<a href="https://aamplugin.com/reference/policy" target="_blank">', '</a>'); ?>
391
+ </p>
392
+
393
+ <script type='text/javascript' src="<?php echo AAM_MEDIA . '/js/vendor.js'; ?>"></script>
394
+
395
+ <script type='text/javascript'>
396
+ (function($){
397
+ var editor = CodeMirror.fromTextArea(
398
+ document.getElementById("aam-policy-editor"),
399
+ {
400
+ mode: "application/json",
401
+ lineNumbers: true
402
  }
403
+ );
404
+
405
+ $(document).ready(function () {
406
+ $('form[name="post"]').bind('submit', function(event) {
407
+ var json = editor.getValue();
408
+
409
+ $('#policy-parsing-error').addClass('hidden');
410
+
411
+ try {
412
+ JSON.parse(json);
413
+
414
+ $('#aam-policy-editor').val(json);
415
+ } catch (e) {
416
+ event.preventDefault();
417
+
418
+ $('#policy-parsing-error').removeClass('hidden').html(
419
+ '<b><?php echo __('Syntax Error', AAM_KEY); ?></b>: ' + e.message.replace('JSON.parse:', '')
420
+ );
421
+ }
422
+ });
423
  });
424
+ }(jQuery));
425
+ </script>
426
+ </div>
427
+ <?php }
application/Core/Gateway.php CHANGED
@@ -227,7 +227,7 @@ final class AAM_Core_Gateway {
227
  public function mergeSettings($set1, $set2, $objectType, $preference = null) {
228
  $combined = array($set1, $set2);
229
  $merged = array();
230
-
231
  if (is_null($preference)) {
232
  $preference = $this->getConfig(
233
  "core.settings.{$objectType}.merge.preference", 'deny'
@@ -235,8 +235,14 @@ final class AAM_Core_Gateway {
235
  }
236
 
237
  // first get the complete list of unique keys
238
- $keys = array_keys(call_user_func_array('array_merge', $combined));
239
-
 
 
 
 
 
 
240
  foreach($keys as $key) {
241
  foreach($combined as $options) {
242
  // If merging preference is "deny" and at least one of the access
227
  public function mergeSettings($set1, $set2, $objectType, $preference = null) {
228
  $combined = array($set1, $set2);
229
  $merged = array();
230
+
231
  if (is_null($preference)) {
232
  $preference = $this->getConfig(
233
  "core.settings.{$objectType}.merge.preference", 'deny'
235
  }
236
 
237
  // first get the complete list of unique keys
238
+ $keys = array_keys($set1);
239
+
240
+ foreach(array_keys($set2) as $key) {
241
+ if (!in_array($key, $keys, true)) {
242
+ $keys[] = $key;
243
+ }
244
+ }
245
+
246
  foreach($keys as $key) {
247
  foreach($combined as $options) {
248
  // If merging preference is "deny" and at least one of the access
application/Core/Object/Capability.php CHANGED
@@ -26,13 +26,10 @@ class AAM_Core_Object_Capability extends AAM_Core_Object {
26
  * @access public
27
  */
28
  public function save($capability, $granted) {
29
- if (intval($granted)) {
30
- $result = $this->getSubject()->addCapability($capability);
31
- } else {
32
- $result = $this->getSubject()->removeCapability($capability);
33
- }
34
-
35
- return $result;
36
  }
37
 
38
  /**
26
  * @access public
27
  */
28
  public function save($capability, $granted) {
29
+ return $this->getSubject()->addCapability(
30
+ $capability,
31
+ intval($granted) ? true : false
32
+ );
 
 
 
33
  }
34
 
35
  /**
application/Core/Subject/Role.php CHANGED
@@ -113,14 +113,15 @@ class AAM_Core_Subject_Role extends AAM_Core_Subject {
113
  *
114
  * Keep compatible with WordPress core
115
  *
116
- * @param string $capability
 
117
  *
118
  * @return boolean
119
  *
120
  * @access public
121
  */
122
- public function addCapability($capability) {
123
- $this->getSubject()->add_cap($capability, true);
124
 
125
  return true;
126
  }
@@ -146,7 +147,12 @@ class AAM_Core_Subject_Role extends AAM_Core_Subject {
146
  * @access public
147
  */
148
  public function hasCapability($cap) {
149
- $has = $this->getSubject()->has_cap($cap);
 
 
 
 
 
150
 
151
  // Override by policy if is set
152
  $manager = AAM::api()->getPolicyManager($this);
113
  *
114
  * Keep compatible with WordPress core
115
  *
116
+ * @param string $capability
117
+ * @param boolean $grant
118
  *
119
  * @return boolean
120
  *
121
  * @access public
122
  */
123
+ public function addCapability($capability, $grant = true) {
124
+ $this->getSubject()->add_cap($capability, $grant);
125
 
126
  return true;
127
  }
147
  * @access public
148
  */
149
  public function hasCapability($cap) {
150
+ // If capability is the same as role ID, then capability exists
151
+ if ($cap === $this->getId()) {
152
+ $has = true;
153
+ } else {
154
+ $has = $this->getSubject()->has_cap($cap);
155
+ }
156
 
157
  // Override by policy if is set
158
  $manager = AAM::api()->getPolicyManager($this);
application/Core/Subject/User.php CHANGED
@@ -107,7 +107,7 @@ class AAM_Core_Subject_User extends AAM_Core_Subject {
107
  $chunks = explode(':', $key);
108
  $policyCaps[$chunks[1]] = ($stm['Effect'] === 'allow' ? 1 : 0);
109
  }
110
-
111
  // Load Roles from the policy
112
  $roles = (array) $subject->roles;
113
  $allRoles = AAM_Core_API::getRoles();
@@ -456,13 +456,14 @@ class AAM_Core_Subject_User extends AAM_Core_Subject {
456
  * Add capability
457
  *
458
  * @param string $capability
 
459
  *
460
  * @return boolean
461
  *
462
  * @access public
463
  */
464
- public function addCapability($capability) {
465
- $this->getSubject()->add_cap($capability);
466
 
467
  return true;
468
  }
107
  $chunks = explode(':', $key);
108
  $policyCaps[$chunks[1]] = ($stm['Effect'] === 'allow' ? 1 : 0);
109
  }
110
+
111
  // Load Roles from the policy
112
  $roles = (array) $subject->roles;
113
  $allRoles = AAM_Core_API::getRoles();
456
  * Add capability
457
  *
458
  * @param string $capability
459
+ * @param bool $grant
460
  *
461
  * @return boolean
462
  *
463
  * @access public
464
  */
465
+ public function addCapability($capability, $grant = true) {
466
+ $this->getSubject()->add_cap($capability, $grant);
467
 
468
  return true;
469
  }
application/Shortcode/Strategy/Content.php CHANGED
@@ -57,16 +57,12 @@ class AAM_Shortcode_Strategy_Content implements AAM_Shortcode_Strategy_Interface
57
  public function run() {
58
  //prepare user
59
  if (get_current_user_id()) {
 
 
60
  if (AAM::api()->getConfig('core.settings.multiSubject', false)) {
61
- $parts = array_merge(
62
- array((string)AAM::getUser()->ID),
63
- AAM::getUser()->roles
64
- );
65
  } else {
66
- $parts = array(
67
- (string)AAM::getUser()->ID,
68
- reset(AAM::getUser()->roles)
69
- );
70
  }
71
  } else {
72
  $parts = array('visitor');
57
  public function run() {
58
  //prepare user
59
  if (get_current_user_id()) {
60
+ $roles = reset(AAM::getUser()->roles);
61
+
62
  if (AAM::api()->getConfig('core.settings.multiSubject', false)) {
63
+ $parts = array_merge(array((string)AAM::getUser()->ID), $roles);
 
 
 
64
  } else {
65
+ $parts = array((string)AAM::getUser()->ID, array_shift($roles));
 
 
 
66
  }
67
  } else {
68
  $parts = array('visitor');
readme.txt CHANGED
@@ -2,8 +2,8 @@
2
  Contributors: vasyltech
3
  Tags: access control, membership, backend menu, user role, restricted content, security, jwt
4
  Requires at least: 4.0
5
- Tested up to: 5.1.1
6
- Stable tag: 5.9.6.2
7
 
8
  All you need to manage access to you WordPress websites on frontend, backend and API levels for any role, user or visitors.
9
 
@@ -80,6 +80,13 @@ https://www.youtube.com/watch?v=mj5Xa_Wc16Y
80
 
81
  == Changelog ==
82
 
 
 
 
 
 
 
 
83
  = 5.9.6.2 =
84
  * Fixed the bug added slashes to the Access Policy JSON document
85
  * Fixed the bug with Metaboxes & Widgets to prevent PHP warning for widgets that registered with Closure callback
2
  Contributors: vasyltech
3
  Tags: access control, membership, backend menu, user role, restricted content, security, jwt
4
  Requires at least: 4.0
5
+ Tested up to: 5.2
6
+ Stable tag: 5.9.6.3
7
 
8
  All you need to manage access to you WordPress websites on frontend, backend and API levels for any role, user or visitors.
9
 
80
 
81
  == Changelog ==
82
 
83
+ = 5.9.6.3 =
84
+ * Fixed the bug with merging access settings for multiple roles
85
+ * Improved the way capabilities are managed internally by AAM
86
+ * Fixed PHP notice reported by jaerlo https://forum.aamplugin.com/d/207-indirect-modification-of-overloaded-property-aam-core-subject-user-roles
87
+ * Fixed PHP fatal error reported by kevinagar https://wordpress.org/support/topic/fatal-error-3199/
88
+ * Fixed the bug with Backend Menu feature where all the menu items that require "administrator" capability where not shown
89
+
90
  = 5.9.6.2 =
91
  * Fixed the bug added slashes to the Access Policy JSON document
92
  * Fixed the bug with Metaboxes & Widgets to prevent PHP warning for widgets that registered with Closure callback