Advanced Access Manager - Version 6.0.0-beta.2

Version Description

Download this release

Release Info

Developer vasyltech
Plugin Icon 128x128 Advanced Access Manager
Version 6.0.0-beta.2
Comparing to
See all releases

Code changes from version 5.11 to 6.0.0-beta.2

Files changed (163) hide show
  1. aam.php +92 -110
  2. application/Addon/Repository.php +262 -0
  3. application/Api/Manager.php +0 -157
  4. application/Api/Rest/Resource/Post.php +0 -432
  5. application/Api/Rest/Resource/Revision.php +0 -66
  6. application/Api/Rest/Resource/User.php +0 -99
  7. application/Backend/Authorization.php +0 -104
  8. application/Backend/Feature.php +114 -65
  9. application/Backend/Feature/Abstract.php +100 -36
  10. application/Backend/Feature/Extension/Manager.php +0 -217
  11. application/Backend/Feature/ISubjectAware.php +19 -0
  12. application/Backend/Feature/Main/404Redirect.php +53 -48
  13. application/Backend/Feature/Main/Capability.php +192 -218
  14. application/Backend/Feature/Main/Jwt.php +145 -95
  15. application/Backend/Feature/Main/LoginRedirect.php +46 -80
  16. application/Backend/Feature/Main/LogoutRedirect.php +47 -81
  17. application/Backend/Feature/Main/Menu.php +142 -140
  18. application/Backend/Feature/Main/Metabox.php +150 -133
  19. application/Backend/Feature/Main/Policy.php +228 -138
  20. application/Backend/Feature/Main/Post.php +776 -414
  21. application/Backend/Feature/Main/Redirect.php +45 -90
  22. application/Backend/Feature/Main/Route.php +68 -93
  23. application/Backend/Feature/Main/Toolbar.php +89 -93
  24. application/Backend/Feature/Main/Uri.php +88 -106
  25. application/Backend/Feature/Main/{GetStarted.php → Welcome.php} +21 -17
  26. application/Backend/Feature/Settings/ConfigPress.php +38 -40
  27. application/Backend/Feature/Settings/Content.php +35 -42
  28. application/Backend/Feature/Settings/Core.php +46 -95
  29. application/Backend/Feature/Settings/Manager.php +45 -23
  30. application/Backend/Feature/Settings/Security.php +43 -47
  31. application/Backend/Feature/Settings/Service.php +75 -0
  32. application/Backend/Feature/Subject/Role.php +197 -147
  33. application/Backend/Feature/Subject/User.php +241 -336
  34. application/Backend/Filter.php +0 -274
  35. application/Backend/Manager.php +184 -898
  36. application/Backend/Subject.php +158 -125
  37. application/Backend/View.php +299 -151
  38. application/Backend/View/Helper.php +27 -49
  39. application/Backend/View/Localization.php +94 -19
  40. application/Backend/View/PostOptionList.php +69 -145
  41. application/Backend/Widget/Login.php +71 -32
  42. application/Backend/phtml/extensions.phtml +0 -165
  43. application/Backend/phtml/index.phtml +0 -447
  44. application/Backend/phtml/main-panel.phtml +0 -30
  45. application/Backend/phtml/main/404redirect.phtml +0 -65
  46. application/Backend/phtml/main/get-started.phtml +0 -21
  47. application/Backend/phtml/main/logout-redirect.phtml +0 -69
  48. application/Backend/phtml/main/metabox.phtml +0 -113
  49. application/Backend/phtml/main/post.phtml +0 -91
  50. application/Backend/phtml/main/toolbar.phtml +0 -94
  51. application/Backend/phtml/metabox/metabox-content.phtml +0 -178
  52. application/Backend/phtml/metabox/policy-metabox.phtml +0 -427
  53. application/Backend/phtml/metabox/policy-principal-metabox.phtml +0 -3
  54. application/Backend/phtml/metabox/term-metabox.phtml +0 -16
  55. application/Backend/phtml/partial/login-redirect.phtml +0 -5
  56. application/Backend/phtml/partial/post-access-form.phtml +0 -127
  57. application/Backend/phtml/partial/post-advanced-settings.phtml +0 -181
  58. application/Backend/phtml/partial/post-type.phtml +0 -7
  59. application/Backend/phtml/partial/redirect.phtml +0 -5
  60. application/Backend/phtml/partial/term-type.phtml +0 -7
  61. application/Backend/phtml/settings/content.phtml +0 -21
  62. application/Backend/phtml/system/export.phtml +0 -67
  63. application/Backend/phtml/user/multiple-roles.phtml +0 -32
  64. application/Backend/phtml/widget/login-frontend.phtml +0 -75
  65. application/Backend/tmpl/index.php +120 -0
  66. application/Backend/tmpl/metabox/iframe-footer.php +8 -0
  67. application/Backend/tmpl/metabox/iframe-header.php +22 -0
  68. application/Backend/tmpl/metabox/policy-metabox.php +59 -0
  69. application/Backend/tmpl/metabox/policy-principal-metabox.php +3 -0
  70. application/Backend/tmpl/metabox/post-iframe.php +19 -0
  71. application/Backend/{phtml/metabox/post-metabox.phtml → tmpl/metabox/post-metabox.php} +3 -1
  72. application/Backend/tmpl/metabox/principal-iframe.php +12 -0
  73. application/Backend/tmpl/metabox/term-metabox.php +12 -0
  74. application/Backend/tmpl/metabox/user-iframe.php +21 -0
  75. application/Backend/tmpl/metabox/user-metabox.php +5 -0
  76. application/Backend/tmpl/page/addon-panel.php +110 -0
  77. application/Backend/tmpl/page/current-subject.php +9 -0
  78. application/Backend/tmpl/page/main-panel.php +36 -0
  79. application/Backend/tmpl/page/subject-panel-advanced.php +117 -0
  80. application/Backend/tmpl/page/subject-panel.php +84 -0
  81. application/Backend/tmpl/partial/default-principal-subject-tab.php +9 -0
  82. application/Backend/tmpl/partial/default-subject-tab.php +8 -0
  83. application/Backend/tmpl/partial/jwt-login-url.php +18 -0
  84. application/Backend/tmpl/partial/loading-content.php +7 -0
  85. application/Backend/tmpl/partial/post-access-form.php +214 -0
  86. application/Backend/tmpl/partial/posts-terms-help-tips.php +11 -0
  87. application/Backend/{phtml/partial/role-inheritance.phtml → tmpl/partial/role-inheritance.php} +4 -2
  88. application/Backend/tmpl/partial/taxonomy-access-form.php +16 -0
  89. application/Backend/tmpl/partial/term-access-form.php +19 -0
  90. application/Backend/tmpl/partial/type-access-form.php +16 -0
  91. application/Backend/tmpl/partial/visitor-principal-subject-tab.php +17 -0
  92. application/Backend/tmpl/partial/visitor-subject-tab.php +8 -0
  93. application/Backend/tmpl/policy/default-policy.php +27 -0
  94. application/Backend/tmpl/service/404redirect.php +67 -0
  95. application/Backend/{phtml/main/capability.phtml → tmpl/service/capability.php} +15 -19
  96. application/Backend/{phtml/main/jwt.phtml → tmpl/service/jwt.php} +13 -12
  97. application/Backend/{phtml/main/login-redirect.phtml → tmpl/service/login-redirect.php} +18 -16
  98. application/Backend/tmpl/service/logout-redirect.php +71 -0
  99. application/Backend/{phtml/main/menu.phtml → tmpl/service/menu.php} +79 -34
  100. application/Backend/tmpl/service/metabox.php +153 -0
  101. application/Backend/{phtml/main/policy.phtml → tmpl/service/policy.php} +2 -2
  102. application/Backend/tmpl/service/post.php +39 -0
  103. application/Backend/{phtml/main/redirect.phtml → tmpl/service/redirect.php} +35 -31
  104. application/Backend/{phtml/main/route.phtml → tmpl/service/route.php} +8 -6
  105. application/Backend/tmpl/service/toolbar.php +126 -0
  106. application/Backend/{phtml/main/uri.phtml → tmpl/service/uri.php} +30 -34
  107. application/Backend/tmpl/service/welcome.php +23 -0
  108. application/Backend/{phtml/settings/configpress.phtml → tmpl/settings/configpress.php} +4 -2
  109. application/Backend/tmpl/settings/content.php +29 -0
  110. application/Backend/{phtml/settings/core.phtml → tmpl/settings/core.php} +4 -2
  111. application/Backend/{phtml/settings/security.phtml → tmpl/settings/security.php} +5 -3
  112. application/Backend/tmpl/settings/service.php +18 -0
  113. application/Backend/tmpl/user/multiple-roles.php +41 -0
  114. application/Backend/{phtml/widget/login-backend.phtml → tmpl/widget/login-backend.php} +2 -0
  115. application/Backend/tmpl/widget/login-frontend.php +110 -0
  116. application/Core/API.php +156 -279
  117. application/Core/AccessSettings.php +163 -0
  118. application/Core/Api/Area.php +0 -79
  119. application/Core/Cache.php +0 -65
  120. application/Core/Compatibility.php +0 -398
  121. application/Core/Config.php +82 -77
  122. application/Core/ConfigPress.php +61 -52
  123. application/Core/ConfigPress/Evaluator.php +87 -57
  124. application/Core/ConfigPress/Reader.php +77 -38
  125. application/Core/Console.php +40 -41
  126. application/Core/Contract/MigrationInterface.php +30 -0
  127. application/Core/Contract/RequestTrait.php +170 -0
  128. application/Core/Contract/ServiceTrait.php +63 -0
  129. application/{Shortcode/Strategy/Interface.php → Core/Contract/ShortcodeInterface.php} +23 -10
  130. application/Core/Contract/SingletonTrait.php +73 -0
  131. application/Core/Exporter.php +0 -328
  132. application/Core/Gateway.php +207 -199
  133. application/Core/Importer.php +0 -301
  134. application/Core/Jwt/Auth.php +0 -64
  135. application/Core/Jwt/Issuer.php +96 -88
  136. application/Core/Jwt/Manager.php +0 -463
  137. application/Core/Login.php +0 -355
  138. application/Core/Media.php +0 -218
  139. application/Core/Migration.php +150 -0
  140. application/Core/Object.php +299 -94
  141. application/Core/Object/Cache.php +0 -101
  142. application/Core/Object/Capability.php +0 -74
  143. application/Core/Object/LoginRedirect.php +22 -95
  144. application/Core/Object/LogoutRedirect.php +21 -91
  145. application/Core/Object/Menu.php +60 -245
  146. application/Core/Object/Metabox.php +29 -204
  147. application/Core/Object/Policy.php +28 -85
  148. application/Core/Object/Post.php +138 -263
  149. application/Core/Object/Redirect.php +30 -105
  150. application/Core/Object/Route.php +35 -82
  151. application/Core/Object/Toolbar.php +36 -99
  152. application/Core/Object/Uri.php +99 -160
  153. application/Core/Object/Visibility.php +101 -110
  154. application/Core/Policy/Condition.php +191 -182
  155. application/Core/Policy/Factory.php +40 -22
  156. application/Core/Policy/Manager.php +320 -295
  157. application/Core/Policy/Resource.php +89 -0
  158. application/Core/Policy/Token.php +109 -95
  159. application/Core/Policy/Validator.php +116 -62
  160. application/Core/Redirect.php +156 -0
  161. application/Core/Request.php +26 -15
  162. application/Core/Server.php +0 -116
  163. application/Core/Subject.php +205 -143
aam.php CHANGED
@@ -3,7 +3,7 @@
3
  /**
4
  * Plugin Name: Advanced Access Manager
5
  * Description: Collection of features to manage your WordPress website authentication, authorization and monitoring
6
- * Version: 5.11
7
  * Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  * Author URI: https://vasyltech.com
9
  * Text Domain: advanced-access-manager
@@ -20,8 +20,10 @@
20
  *
21
  * @package AAM
22
  * @author Vasyl Martyniuk <vasyl@vasyltech.com>
 
23
  */
24
- class AAM {
 
25
 
26
  /**
27
  * Single instance of itself
@@ -29,6 +31,7 @@ class AAM {
29
  * @var AAM
30
  *
31
  * @access private
 
32
  */
33
  private static $_instance = null;
34
 
@@ -38,6 +41,7 @@ class AAM {
38
  * @var AAM_Core_Subject_User|AAM_Core_Subject_Visitor
39
  *
40
  * @access private
 
41
  */
42
  private $_user = null;
43
 
@@ -47,14 +51,15 @@ class AAM {
47
  * @return void
48
  *
49
  * @access protected
 
50
  */
51
- protected function __construct() {
52
- //initialize current subject
53
- if (is_user_logged_in()) {
54
- $this->setUser(new AAM_Core_Subject_User(get_current_user_id()));
55
- } else {
56
- $this->setUser(new AAM_Core_Subject_Visitor(''));
57
- }
58
  }
59
 
60
  /**
@@ -65,8 +70,10 @@ class AAM {
65
  * @return void
66
  *
67
  * @access public
 
68
  */
69
- public function setUser(AAM_Core_Subject $user) {
 
70
  $this->_user = $user;
71
  }
72
 
@@ -76,9 +83,10 @@ class AAM {
76
  * @return AAM_Core_Gateway
77
  *
78
  * @access public
79
- * @static
80
  */
81
- public static function api() {
 
82
  return AAM_Core_Gateway::getInstance();
83
  }
84
 
@@ -88,21 +96,47 @@ class AAM {
88
  * @return AAM_Core_Subject
89
  *
90
  * @access public
 
91
  */
92
- public static function getUser() {
 
93
  return self::getInstance()->_user;
94
  }
95
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
96
  /**
97
  * Make sure that AAM UI Page is used
98
  *
99
  * @return boolean
100
  *
101
  * @access public
 
102
  */
103
- public static function isAAM() {
104
- $page = AAM_Core_Request::get('page');
105
- $action = AAM_Core_Request::post('action');
 
106
 
107
  $intersect = array_intersect(array('aam', 'aamc'), array($page, $action));
108
 
@@ -110,37 +144,30 @@ class AAM {
110
  }
111
 
112
  /**
113
- * Bootstrap AAM
114
  *
115
  * @return void
116
  *
117
  * @access public
118
- * @static
119
  */
120
- public static function onPluginsLoaded() {
121
- //load AAM core config
 
122
  AAM_Core_Config::bootstrap();
123
 
124
- //login control
125
- if (AAM_Core_Config::get('core.settings.secureLogin', true)) {
126
- AAM_Core_Login::bootstrap();
127
- }
128
 
129
- //JWT Authentication
130
- if (AAM_Core_Config::get('core.settings.jwtAuthentication', true)) {
131
- AAM_Core_Jwt_Manager::bootstrap();
 
 
132
  }
133
 
134
  // Load AAM
135
  AAM::getInstance();
136
-
137
- //load all installed extension
138
- if (AAM_Core_Config::get('core.settings.extensionSupport', true)) {
139
- AAM_Extension_Repository::getInstance()->load();
140
- }
141
-
142
- //load WP Core hooks
143
- AAM_Shared_Manager::bootstrap();
144
  }
145
 
146
  /**
@@ -149,14 +176,12 @@ class AAM {
149
  * @return void
150
  *
151
  * @access public
152
- * @static
153
  */
154
- public static function onInit() {
155
- //bootstrap the correct interface
156
- if (AAM_Core_Api_Area::isBackend()) {
157
  AAM_Backend_Manager::bootstrap();
158
- } elseif (AAM_Core_Api_Area::isFrontend()) {
159
- AAM_Frontend_Manager::bootstrap();
160
  }
161
  }
162
 
@@ -166,113 +191,79 @@ class AAM {
166
  * @return AAM
167
  *
168
  * @access public
169
- * @static
170
  */
171
- public static function getInstance() {
 
172
  if (is_null(self::$_instance)) {
173
  self::$_instance = new self;
174
 
175
- // Get current user
176
- $user = self::$_instance->getUser();
177
-
178
- // Load user capabilities
179
- $user->initialize();
180
-
181
- // Logout user if he/she is blocked
182
- $status = $user->getUserStatus();
183
 
184
- // If user is not active, then perform rollback on user
185
- if (!empty($status) && $status->status !== 'active') {
186
- $user->restrainUserAccount($status);
 
187
  }
188
-
189
- load_plugin_textdomain(AAM_KEY, false, 'advanced-access-manager/lang');
190
  }
191
 
192
  return self::$_instance;
193
  }
194
 
195
  /**
196
- * Run daily routine
197
- *
198
- * Check server extension versions
199
- *
200
- * @return void
201
- *
202
- * @access public
203
- */
204
- public static function cron() {
205
- $extensions = AAM_Core_API::getOption('aam-extensions', null, 'site');
206
-
207
- if (!empty($extensions) && AAM_Core_Config::get('core.settings.cron', true)) {
208
- //grab the server extension list
209
- AAM_Core_API::updateOption(
210
- 'aam-check', AAM_Core_Server::check(), 'site'
211
- );
212
- }
213
- }
214
-
215
- /**
216
- * Create aam folder
217
  *
218
  * @return void
219
  *
220
  * @access public
 
221
  */
222
- public static function activate() {
 
223
  global $wp_version;
224
 
225
  //check PHP Version
226
- if (version_compare(PHP_VERSION, '5.3.0') === -1) {
227
- exit(__('PHP 5.3.0 or higher is required.', AAM_KEY));
228
- } elseif (version_compare($wp_version, '4.0') === -1) {
229
- exit(__('WP 4.0 or higher is required.', AAM_KEY));
230
  }
231
  }
232
 
233
  /**
234
- * De-install hook
235
  *
236
  * Remove all leftovers from AAM execution
237
  *
238
  * @return void
239
  *
240
  * @access public
 
241
  */
242
- public static function uninstall() {
 
243
  //trigger any uninstall hook that is registered by any extension
244
  do_action('aam-uninstall-action');
245
 
246
- //remove aam directory if exists
247
- $dirname = WP_CONTENT_DIR . '/aam';
248
- if (file_exists($dirname)) {
249
- AAM_Core_API::removeDirectory($dirname);
250
- }
251
-
252
  //clear all AAM settings
253
  AAM_Core_API::clearSettings();
254
-
255
- //clear schedules
256
- wp_clear_scheduled_hook('aam-cron');
257
  }
258
 
259
  }
260
 
261
  if (defined('ABSPATH')) {
262
  //define few common constants
263
- define(
264
- 'AAM_MEDIA',
265
- preg_replace('/^http[s]?:/', '', plugins_url('/media', __FILE__))
266
- );
267
  define('AAM_KEY', 'advanced-access-manager');
268
- define('AAM_EXTENSION_BASE', WP_CONTENT_DIR . '/aam/extension');
269
- define('AAM_BASEDIR', dirname(__FILE__));
270
 
271
  //load vendor
272
- require AAM_BASEDIR . '/vendor/autoload.php';
273
 
274
  //register autoloader
275
- require (dirname(__FILE__) . '/autoloader.php');
276
  AAM_Autoloader::register();
277
 
278
  // Keep this as the lowest priority
@@ -282,15 +273,6 @@ if (defined('ABSPATH')) {
282
  //this is important to have to catch events like register core post types
283
  add_action('init', 'AAM::onInit', -1);
284
 
285
- //register API manager is applicable
286
- add_action('parse_request', 'AAM_Api_Manager::bootstrap', 1);
287
-
288
- //schedule cron
289
- if (!wp_next_scheduled('aam-cron')) {
290
- wp_schedule_event(time(), 'daily', 'aam-cron');
291
- }
292
- add_action('aam-cron', 'AAM::cron');
293
-
294
  //activation & deactivation hooks
295
  register_activation_hook(__FILE__, array('AAM', 'activate'));
296
  register_uninstall_hook(__FILE__, array('AAM', 'uninstall'));
3
  /**
4
  * Plugin Name: Advanced Access Manager
5
  * Description: Collection of features to manage your WordPress website authentication, authorization and monitoring
6
+ * Version: 6.0.0-beta.2
7
  * Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  * Author URI: https://vasyltech.com
9
  * Text Domain: advanced-access-manager
20
  *
21
  * @package AAM
22
  * @author Vasyl Martyniuk <vasyl@vasyltech.com>
23
+ * @version 6.0.0
24
  */
25
+ class AAM
26
+ {
27
 
28
  /**
29
  * Single instance of itself
31
  * @var AAM
32
  *
33
  * @access private
34
+ * @version 6.0.0
35
  */
36
  private static $_instance = null;
37
 
41
  * @var AAM_Core_Subject_User|AAM_Core_Subject_Visitor
42
  *
43
  * @access private
44
+ * @version 6.0.0
45
  */
46
  private $_user = null;
47
 
51
  * @return void
52
  *
53
  * @access protected
54
+ * @version 6.0.0
55
  */
56
+ protected function __construct()
57
+ {
58
+ // Initialize current user
59
+ $this->initializeUser();
60
+
61
+ // Make sure if user is changed dynamically, AAM adjusts accordingly
62
+ add_action('set_current_user', array($this, 'initializeUser'));
63
  }
64
 
65
  /**
70
  * @return void
71
  *
72
  * @access public
73
+ * @version 6.0.0
74
  */
75
+ public function setUser(AAM_Core_Subject $user)
76
+ {
77
  $this->_user = $user;
78
  }
79
 
83
  * @return AAM_Core_Gateway
84
  *
85
  * @access public
86
+ * @version 6.0.0
87
  */
88
+ public static function api()
89
+ {
90
  return AAM_Core_Gateway::getInstance();
91
  }
92
 
96
  * @return AAM_Core_Subject
97
  *
98
  * @access public
99
+ * @version 6.0.0
100
  */
101
+ public static function getUser()
102
+ {
103
  return self::getInstance()->_user;
104
  }
105
 
106
+ /**
107
+ * Change current user
108
+ *
109
+ * This method is triggered if some process updates current user
110
+ *
111
+ * @return void
112
+ *
113
+ * @access public
114
+ * @version 6.0.0
115
+ */
116
+ public function initializeUser()
117
+ {
118
+ $id = get_current_user_id();
119
+
120
+ // Change current user
121
+ if ($id) {
122
+ $this->setUser(new AAM_Core_Subject_User($id));
123
+ } else {
124
+ $this->setUser(new AAM_Core_Subject_Visitor());
125
+ }
126
+ }
127
+
128
  /**
129
  * Make sure that AAM UI Page is used
130
  *
131
  * @return boolean
132
  *
133
  * @access public
134
+ * @version 6.0.0
135
  */
136
+ public static function isAAM()
137
+ {
138
+ $page = filter_input(INPUT_GET, 'page');
139
+ $action = filter_input(INPUT_POST, 'action');
140
 
141
  $intersect = array_intersect(array('aam', 'aamc'), array($page, $action));
142
 
144
  }
145
 
146
  /**
147
+ * Bootstrap AAM when all plugins are loaded
148
  *
149
  * @return void
150
  *
151
  * @access public
152
+ * @version 6.0.0
153
  */
154
+ public static function onPluginsLoaded()
155
+ {
156
+ // Load AAM core config
157
  AAM_Core_Config::bootstrap();
158
 
159
+ // Load the core service first
160
+ require_once __DIR__ . '/application/Service/Core.php';
 
 
161
 
162
+ // Load all the defined AAM services
163
+ foreach (new DirectoryIterator(__DIR__ . '/application/Service') as $service) {
164
+ if ($service->isFile()) {
165
+ require_once $service->getPathname();
166
+ }
167
  }
168
 
169
  // Load AAM
170
  AAM::getInstance();
 
 
 
 
 
 
 
 
171
  }
172
 
173
  /**
176
  * @return void
177
  *
178
  * @access public
179
+ * @version 6.0.0
180
  */
181
+ public static function onInit()
182
+ {
183
+ if (is_admin()) {
184
  AAM_Backend_Manager::bootstrap();
 
 
185
  }
186
  }
187
 
191
  * @return AAM
192
  *
193
  * @access public
194
+ * @version 6.0.0
195
  */
196
+ public static function getInstance()
197
+ {
198
  if (is_null(self::$_instance)) {
199
  self::$_instance = new self;
200
 
201
+ // Load AAM internationalization
202
+ load_plugin_textdomain(AAM_KEY, false, 'advanced-access-manager/lang');
 
 
 
 
 
 
203
 
204
+ // Validate logged in user status
205
+ if (is_user_logged_in()) {
206
+ AAM::getUser()->initialize();
207
+ AAM::getUser()->validateStatus();
208
  }
 
 
209
  }
210
 
211
  return self::$_instance;
212
  }
213
 
214
  /**
215
+ * Activation hook
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
216
  *
217
  * @return void
218
  *
219
  * @access public
220
+ * @version 6.0.0
221
  */
222
+ public static function activate()
223
+ {
224
  global $wp_version;
225
 
226
  //check PHP Version
227
+ if (version_compare(PHP_VERSION, '5.6.40') === -1) {
228
+ exit(__('PHP 5.6.40 or higher is required.', AAM_KEY));
229
+ } elseif (version_compare($wp_version, '4.7.0') === -1) {
230
+ exit(__('WP 4.7.0 or higher is required.', AAM_KEY));
231
  }
232
  }
233
 
234
  /**
235
+ * Deactivate hook
236
  *
237
  * Remove all leftovers from AAM execution
238
  *
239
  * @return void
240
  *
241
  * @access public
242
+ * @version 6.0.0
243
  */
244
+ public static function uninstall()
245
+ {
246
  //trigger any uninstall hook that is registered by any extension
247
  do_action('aam-uninstall-action');
248
 
 
 
 
 
 
 
249
  //clear all AAM settings
250
  AAM_Core_API::clearSettings();
 
 
 
251
  }
252
 
253
  }
254
 
255
  if (defined('ABSPATH')) {
256
  //define few common constants
257
+ define('AAM_MEDIA', plugins_url('/media', __FILE__));
 
 
 
258
  define('AAM_KEY', 'advanced-access-manager');
259
+ define('AAM_VERSION', '6.0.0');
260
+ define('AAM_BASEDIR', __DIR__);
261
 
262
  //load vendor
263
+ require __DIR__ . '/vendor/autoload.php';
264
 
265
  //register autoloader
266
+ require(__DIR__ . '/autoloader.php');
267
  AAM_Autoloader::register();
268
 
269
  // Keep this as the lowest priority
273
  //this is important to have to catch events like register core post types
274
  add_action('init', 'AAM::onInit', -1);
275
 
 
 
 
 
 
 
 
 
 
276
  //activation & deactivation hooks
277
  register_activation_hook(__FILE__, array('AAM', 'activate'));
278
  register_uninstall_hook(__FILE__, array('AAM', 'uninstall'));
application/Addon/Repository.php ADDED
@@ -0,0 +1,262 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
+ */
11
+
12
+ /**
13
+ * Addon repository
14
+ *
15
+ * @package AAM
16
+ * @version 6.0.0
17
+ */
18
+ class AAM_Addon_Repository
19
+ {
20
+
21
+ use AAM_Core_Contract_SingletonTrait;
22
+
23
+ /**
24
+ * DB options name
25
+ *
26
+ * @version 6.0.0
27
+ */
28
+ const DB_OPTION = 'aam_addons';
29
+
30
+ /**
31
+ * Constructor
32
+ *
33
+ * @return void
34
+ *
35
+ * @access protected
36
+ * @version 6.0.0
37
+ */
38
+ protected function __construct()
39
+ {
40
+ if (file_exists(ABSPATH . 'wp-admin/includes/plugin.php')) {
41
+ require_once ABSPATH . 'wp-admin/includes/plugin.php';
42
+ }
43
+ }
44
+
45
+ /**
46
+ * Get license registry
47
+ *
48
+ * @return array
49
+ *
50
+ * @access public
51
+ * @version 6.0.0
52
+ */
53
+ public function getRegistry()
54
+ {
55
+ return AAM_Core_API::getOption(self::DB_OPTION, array(), 'site');
56
+ }
57
+
58
+ /**
59
+ * Check if there is at least one license registered
60
+ *
61
+ * @return boolean
62
+ *
63
+ * @access public
64
+ * @version 6.0.0
65
+ */
66
+ public function hasRegistry()
67
+ {
68
+ return count($this->getRegistry()) > 0;
69
+ }
70
+
71
+ /**
72
+ * Store the license key
73
+ *
74
+ * @param object $package
75
+ * @param string $license
76
+ *
77
+ * @return void
78
+ *
79
+ * @access public
80
+ * @version 6.0.0
81
+ */
82
+ public function storeLicense($package, $license)
83
+ {
84
+ $list = $this->getRegistry();
85
+
86
+ $list[$package->id] = array(
87
+ 'license' => $license, 'expire' => $package->expire
88
+ );
89
+
90
+ // Update the registry
91
+ AAM_Core_API::updateOption(self::DB_OPTION, $list);
92
+ }
93
+
94
+ /**
95
+ * Get list of all addons with detailed information about each
96
+ *
97
+ * @return array
98
+ *
99
+ * @access public
100
+ * @version 6.0.0
101
+ */
102
+ public function getList()
103
+ {
104
+ return array(
105
+ 'aam-plus-package' => $this->buildAddonObject(
106
+ 'Plus Package',
107
+ 'plus-package',
108
+ __('Manage access to your WordPress website posts, pages, media, custom post types, categories, tags and custom taxonomies for any role, individual user, visitors or even define default access for everybody; and do this separately for frontend, backend or API levels.', AAM_KEY)
109
+ ),
110
+ 'aam-ip-check' => $this->buildAddonObject(
111
+ 'IP Check',
112
+ 'ip-check',
113
+ __('Manage access to your WordPress website by users IP address or referred host and completely lock down the entire website if necessary. Define the unlimited number of whitelisted or blacklisted IPs or hosts.', AAM_KEY)
114
+ ),
115
+ 'aam-role-hierarchy' => $this->buildAddonObject(
116
+ 'Role Hierarchy',
117
+ 'role-hierarchy',
118
+ __('Define and manage complex WordPress role hierarchy where all the access settings are propagated down the tree with the ability to override any settings for any specific role.', AAM_KEY)
119
+ ),
120
+ /**
121
+ * TODO: Release this extension after AAM 6.0.0. Enhance it with
122
+ * subscription functionality and possibly with email notification
123
+ * integration
124
+ 'aam-ecommerce' => $this->buildAddonObject(
125
+ 'E-Commerce',
126
+ 'ecommerce',
127
+ __('Start monetizing access to your premium content. Restrict access to read any WordPress post, page or custom post type until user purchase access to it.', AAM_KEY)
128
+ ),
129
+ */
130
+ 'aam-complete-package' => $this->buildAddonObject(
131
+ 'Complete Package',
132
+ 'complete-package',
133
+ __('Get the complete list of all premium AAM addons in one package and all future premium addons will be included for now additional cost.', AAM_KEY)
134
+ )
135
+ );
136
+ }
137
+
138
+ /**
139
+ * Build add-on data model
140
+ *
141
+ * @param string $title
142
+ * @param string $slug
143
+ * @param string $description
144
+ *
145
+ * @return array
146
+ *
147
+ * @access protected
148
+ * @version 6.0.0
149
+ */
150
+ protected function buildAddonObject($title, $slug, $description)
151
+ {
152
+ return array(
153
+ 'title' => $title,
154
+ 'version' => $this->getPluginVersion("aam-{$slug}/bootstrap.php"),
155
+ 'isActive' => $this->isPluginActive("aam-{$slug}/bootstrap.php"),
156
+ 'expires' => $this->getExpirationDate("aam-{$slug}"),
157
+ 'license' => $this->getPluginLicense("aam-{$slug}"),
158
+ 'type' => 'commercial',
159
+ 'description' => $description,
160
+ 'url' => 'https://aamplugin.com/pricing/' . $slug
161
+ );
162
+ }
163
+
164
+ /**
165
+ * Get plugin version
166
+ *
167
+ * @param string $plugin
168
+ *
169
+ * @return string
170
+ *
171
+ * @access public
172
+ * @version 6.0.0
173
+ */
174
+ public function getPluginVersion($plugin)
175
+ {
176
+ $data = $this->getPluginData($plugin);
177
+ $version = (isset($data['Version']) ? $data['Version'] : null);
178
+
179
+ return (!empty($version) ? $version : null);
180
+ }
181
+
182
+ /**
183
+ * Get plugin details from the WP core
184
+ *
185
+ * @param string $plugin
186
+ *
187
+ * @return array|null
188
+ *
189
+ * @access protected
190
+ * @version 6.0.0
191
+ */
192
+ protected function getPluginData($plugin)
193
+ {
194
+ $filename = WP_PLUGIN_DIR . '/' . $plugin;
195
+
196
+ if (function_exists('get_plugin_data') && file_exists($filename)) {
197
+ $data = get_plugin_data($filename);
198
+ } else {
199
+ $data = null;
200
+ }
201
+
202
+ return $data;
203
+ }
204
+
205
+ /**
206
+ * Check if plugin is active
207
+ *
208
+ * @param string $plugin
209
+ *
210
+ * @return boolean
211
+ *
212
+ * @access protected
213
+ * @version 6.0.0
214
+ */
215
+ protected function isPluginActive($plugin)
216
+ {
217
+ $data = self::getPluginData($plugin);
218
+
219
+ if (!empty($data)) {
220
+ $active = is_plugin_active($plugin);
221
+ } else {
222
+ $active = false;
223
+ }
224
+
225
+ return $active;
226
+ }
227
+
228
+ /**
229
+ * Get license expiration date
230
+ *
231
+ * @param string $plugin
232
+ *
233
+ * @return string|null
234
+ *
235
+ * @access protected
236
+ * @version 6.0.0
237
+ */
238
+ protected function getExpirationDate($plugin)
239
+ {
240
+ $registry = $this->getRegistry();
241
+
242
+ return (isset($registry[$plugin]) ? $registry[$plugin]['expires'] : null);
243
+ }
244
+
245
+ /**
246
+ * Get plugin license key
247
+ *
248
+ * @param string $plugin
249
+ *
250
+ * @return string|null
251
+ *
252
+ * @access protected
253
+ * @version 6.0.0
254
+ */
255
+ protected function getPluginLicense($plugin)
256
+ {
257
+ $registry = $this->getRegistry();
258
+
259
+ return (isset($registry[$plugin]) ? $registry[$plugin]['license'] : null);
260
+ }
261
+
262
+ }
application/Api/Manager.php DELETED
@@ -1,157 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM Api access manager
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- */
16
- class AAM_Api_Manager {
17
-
18
- /**
19
- * Instance of itself
20
- *
21
- * @var AAM_Api_Manager
22
- *
23
- * @access private
24
- */
25
- private static $_instance = null;
26
-
27
- /**
28
- * Map of routes and resources
29
- *
30
- * @var array
31
- *
32
- * @access protected
33
- */
34
- protected $resources = array(
35
- 'post' => array (
36
- '/wp/v2/posts',
37
- '/wp/v2/posts/(?P<id>[\d]+)',
38
- '/wp/v2/pages',
39
- '/wp/v2/pages/(?P<id>[\d]+)',
40
- '/wp/v2/media',
41
- '/wp/v2/media/(?P<id>[\d]+)',
42
- ),
43
- 'user' => array (
44
- '/wp/v2/users'
45
- ),
46
- 'revision' => array (
47
- '/wp/v2/posts/(?P<parent>[\d]+)/revisions/(?P<id>[\d]+)',
48
- '/wp/v2/pages/(?P<parent>[\d]+)/revisions/(?P<id>[\d]+)'
49
- )
50
- );
51
-
52
- /**
53
- * Construct the manager
54
- *
55
- * @return void
56
- *
57
- * @access public
58
- */
59
- protected function __construct() {
60
- if (AAM_Core_Config::get('core.settings.apiAccessControl', true)) {
61
- // REST API action authorization. Triggered before call is dispatched
62
- add_filter(
63
- 'rest_request_before_callbacks', array($this, 'beforeDispatch'), 10, 3
64
- );
65
-
66
- // Manage access to the RESTful endpoints
67
- add_filter('rest_pre_dispatch', array($this, 'authorizeRest'), 1, 3);
68
-
69
- // Register any additional endpoints with ConfigPress
70
- $additional = AAM_Core_Config::get('rest.manage.endpoint');
71
-
72
- if (!empty($additional) && is_array($additional)) {
73
- $this->resources = array_merge_recursive($this->resources, $additional);
74
- }
75
- }
76
- }
77
-
78
- /**
79
- * Authorize RESTful action before it is dispatched by RESTful Server
80
- *
81
- * @param mixed $response
82
- * @param object $handler
83
- * @param object $request
84
- *
85
- * @return mixed
86
- *
87
- * @access public
88
- */
89
- public function beforeDispatch($response, $handler, $request) {
90
- $result = null;
91
-
92
- foreach($this->resources as $res => $routes) {
93
- foreach($routes as $regex) {
94
- // Route to work with single post
95
- if(preg_match('#^' . $regex . '$#i', $request->get_route())) {
96
- $classname = 'AAM_Api_Rest_Resource_' . ucfirst($res);
97
- $result = $classname::getInstance()->authorize($request);
98
- }
99
- }
100
- }
101
-
102
- return (is_null($result) ? $response : $result);
103
- }
104
-
105
- /**
106
- * Authorize REST request
107
- *
108
- * Based on the matched route, check if it is disabled for current user
109
- *
110
- * @param WP_Error|null $response
111
- * @param WP_REST_Server $server
112
- * @param WP_REST_Request $request
113
- *
114
- * @return WP_Error|null
115
- *
116
- * @access public
117
- */
118
- public function authorizeRest($response, $server, $request) {
119
- $user = AAM::getUser();
120
- $object = $user->getObject('route');
121
- $matched = $request->get_route();
122
- $method = $request->get_method();
123
-
124
- foreach(array_keys($server->get_routes()) as $route) {
125
- if ($route === $matched || preg_match("#^{$route}$#i", $matched)) {
126
- if ($object->has('restful', $route, $method)) {
127
- $response = new WP_Error(
128
- 'rest_access_denied',
129
- __('Access denied', AAM_KEY),
130
- array('status' => 401)
131
- );
132
- break;
133
- }
134
- }
135
- }
136
-
137
- return $response;
138
- }
139
-
140
- /**
141
- * Bootstrap the manager
142
- *
143
- * @return void
144
- *
145
- * @access public
146
- */
147
- public static function bootstrap() {
148
- global $wp;
149
-
150
- if (!empty($wp->query_vars['rest_route'])) {
151
- if (is_null(self::$_instance)) {
152
- self::$_instance = new self;
153
- }
154
- }
155
- }
156
-
157
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Api/Rest/Resource/Post.php DELETED
@@ -1,432 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM RESTful Posts Resource
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- * @todo Rethink about DRY approach to the post access control
16
- */
17
- class AAM_Api_Rest_Resource_Post {
18
-
19
- /**
20
- * Instance of itself
21
- *
22
- * @var AAM_Api_Rest_Resource_Post
23
- *
24
- * @access private
25
- */
26
- private static $_instance = null;
27
-
28
- /**
29
- * Authorize Post actions
30
- *
31
- * @param WP_REST_Request $request
32
- *
33
- * @return WP_Error|null
34
- *
35
- * @access public
36
- */
37
- public function authorize($request) {
38
- $result = null;
39
-
40
- if ($request['id']) {
41
- $post = AAM::getUser()->getObject('post', $request['id']);
42
-
43
- switch($request->get_method()) {
44
- case 'GET':
45
- $result = $this->authorizeRead($post, $request);
46
- break;
47
-
48
- case 'POST':
49
- case 'PUT':
50
- case 'PATCH':
51
- if ($request['status'] === 'publish') {
52
- $result = $this->authorizePublish($post);
53
- } else {
54
- $result = $this->authorizeUpdate($post);
55
- }
56
- break;
57
-
58
- case 'DELETE':
59
- $result = $this->authorizeDelete($post);
60
- break;
61
-
62
- default:
63
- break;
64
- }
65
- }
66
-
67
- return $result;
68
- }
69
-
70
- /**
71
- * Check post access
72
- *
73
- * Based on the provided post object, check if current user has access to it.
74
- * This method run multiple checks at-once
75
- *
76
- * @param AAM_Core_Object_Post $post
77
- * @param WP_REST_Request $request
78
- *
79
- * @return void
80
- *
81
- * @access protected
82
- */
83
- protected function authorizeRead(AAM_Core_Object_Post $post, $request) {
84
- $steps = array(
85
- // Step #1. Check if access expired to the post
86
- array($this, 'checkExpiration'),
87
- // Step #2. Check if user has access to read the post
88
- array($this, 'checkReadAccess'),
89
- // Step #3. Check if counter exceeded max allowed views
90
- array($this, 'checkCounter'),
91
- // Step #4. Check if redirect is defined for the post
92
- array($this, 'checkRedirect'),
93
- // Step #5. Check if post is password protected
94
- array($this, 'checkPassword')
95
- );
96
-
97
- return $this->processPipeline($steps, $post, $request);
98
- }
99
-
100
- /**
101
- *
102
- * @param AAM_Core_Object_Post $post
103
- * @return type
104
- */
105
- protected function authorizePublish(AAM_Core_Object_Post $post) {
106
- $steps = array(
107
- // Step #1. Check if publish action is allowed
108
- array($this, 'checkPublish'),
109
- );
110
-
111
- return $this->processPipeline($steps, $post);
112
- }
113
-
114
- /**
115
- *
116
- * @param AAM_Core_Object_Post $post
117
- * @return type
118
- */
119
- protected function authorizeUpdate(AAM_Core_Object_Post $post) {
120
- $steps = array(
121
- // Step #1. Check if edit action is allowed
122
- array($this, 'checkUpdate'),
123
- );
124
-
125
- return $this->processPipeline($steps, $post);
126
- }
127
-
128
- /**
129
- *
130
- * @param AAM_Core_Object_Post $post
131
- * @return type
132
- */
133
- protected function authorizeDelete(AAM_Core_Object_Post $post) {
134
- $steps = array(
135
- // Step #1. Check if edit action is allowed
136
- array($this, 'checkDelete'),
137
- );
138
-
139
- return $this->processPipeline($steps, $post);
140
- }
141
-
142
- /**
143
- *
144
- * @param array $pipeline
145
- * @param type $post
146
- * @param type $request
147
- * @return type
148
- */
149
- protected function processPipeline(array $pipeline, $post, $request = null) {
150
- foreach($pipeline as $callback) {
151
- $result = call_user_func_array($callback, array($post, $request));
152
-
153
- if (is_wp_error($result)) { break; }
154
- }
155
-
156
- return $result;
157
- }
158
-
159
- /**
160
- * Check ACCESS_EXPIRATION option
161
- *
162
- * If access is expired, override the access settings based on the
163
- * post.access.expired ConfigPress settings (default frontend.read)
164
- *
165
- * @param AAM_Core_Object_Post $post
166
- *
167
- * @return void
168
- *
169
- * @access protected
170
- */
171
- protected function checkExpiration($post) {
172
- $expire = $post->has('api.expire');
173
-
174
- if ($expire) {
175
- $date = strtotime($post->get('api.expire_datetime'));
176
- if ($date <= time()) {
177
- $actions = AAM_Core_Config::get(
178
- 'feature.api.postAccess.expired', 'api.read'
179
- );
180
-
181
- foreach(array_map('trim', explode(',', $actions)) as $action) {
182
- $post->set($action, 1);
183
- }
184
- }
185
- }
186
- }
187
-
188
- /**
189
- * Check READ & READ_OTHERS options
190
- *
191
- * @param AAM_Core_Object_Post $post
192
- *
193
- * @return void
194
- *
195
- * @access protected
196
- */
197
- protected function checkReadAccess(AAM_Core_Object_Post $post) {
198
- $result = null;
199
-
200
- if (!$post->allowed('api.read')) {
201
- $result = new WP_Error(
202
- 'rest_post_cannot_read',
203
- "User is unauthorized to read the post. Access denied.",
204
- array(
205
- 'action' => 'api.read',
206
- 'status' => 401
207
- )
208
- );
209
- }
210
-
211
- return $result;
212
- }
213
-
214
- /**
215
- * Check ACCESS_COUNTER option
216
- *
217
- * @param AAM_Core_Object_Post $post
218
- *
219
- * @return void
220
- *
221
- * @access protected
222
- */
223
- protected function checkCounter(AAM_Core_Object_Post $post) {
224
- $result = null;
225
- $user = get_current_user_id();
226
-
227
- //check counter only for authenticated users and if ACCESS COUNTER is set
228
- if ($user && $post->has('api.access_counter')) {
229
- $option = 'aam-post-api-' . $post->ID . '-access-counter';
230
- $counter = intval(get_user_meta($user, $option, true));
231
-
232
- if ($counter >= $post->get('api.access_counter_limit')) {
233
- $result = new WP_Error(
234
- 'rest_post_cannot_read',
235
- "User exceeded allowed read number. Access denied.",
236
- array(
237
- 'action' => 'api.access_counter',
238
- 'status' => 401
239
- )
240
- );
241
- } else {
242
- update_user_meta($user, $option, ++$counter);
243
- }
244
- }
245
-
246
- return $result;
247
- }
248
-
249
- /**
250
- * Check REDIRECT option
251
- *
252
- * @param AAM_Core_Object_Post $post
253
- *
254
- * @return void
255
- *
256
- * @access protected
257
- */
258
- protected function checkRedirect(AAM_Core_Object_Post $post) {
259
- $result = null;
260
-
261
- if ($post->has('api.redirect')) {
262
- $rule = explode('|', $post->get('api.location'));
263
-
264
- if (count($rule) === 1) { // TODO: legacy. Remove in Jul 2020
265
- $redirect = $rule[0];
266
- } elseif ($rule[0] === 'page') {
267
- $redirect = get_page_link($rule[1]);
268
- } elseif ($rule[0] === 'url') {
269
- $redirect = $rule[1];
270
- } elseif (($rule[0] === 'callback') && is_callable($rule[1])) {
271
- $redirect = call_user_func($rule[1], $post);
272
- } else {
273
- $redirect = null;
274
- }
275
-
276
- $result = new WP_Error(
277
- 'rest_post_cannot_read',
278
- "Direct access is not allowed. Follow the redirect link.",
279
- array(
280
- 'action' => 'api.redirect',
281
- 'redirect' => $redirect,
282
- 'status' => 307
283
- )
284
- );
285
- }
286
-
287
- return $result;
288
- }
289
-
290
- /**
291
- * Check PASSWORD PROTECTED option
292
- *
293
- * @param AAM_Core_Object_Post $post
294
- * @param WP_REST_Request $request
295
- *
296
- * @return null|WP_Error
297
- *
298
- * @access public
299
- */
300
- public function checkPassword(AAM_Core_Object_Post $post, $request) {
301
- $result = null;
302
-
303
- if ($post->has('api.protected')) {
304
- $pass = $post->get('api.password');
305
-
306
- if ($request['password'] !== $pass) {
307
- $result = new WP_Error(
308
- 'rest_post_cannot_read',
309
- "The content is password protected. Provide valid password to read.",
310
- array(
311
- 'action' => 'api.protected',
312
- 'status' => 401
313
- )
314
- );
315
- }
316
-
317
- // Very important! Unset password. Otherwise it will fall back to the
318
- // default password verification and this will cause invalid password
319
- // response
320
- $request['password'] = null;
321
- }
322
-
323
- return $result;
324
- }
325
-
326
- /**
327
- * Check PUBLISH & PUBLISH_BY_OTHERS options
328
- *
329
- * @param AAM_Core_Object_Post $post
330
- *
331
- * @return void
332
- *
333
- * @access protected
334
- */
335
- protected function checkPublish(AAM_Core_Object_Post $post) {
336
- $result = null;
337
-
338
- // Keep this compatible with older version of Publish (without Gutenberg)
339
- if (!$post->allowed('api.publish') || !$post->allowed('backend.publish')) {
340
- $result = new WP_Error(
341
- 'rest_post_cannot_publish',
342
- "User is unauthorized to publish the post. Access denied.",
343
- array(
344
- 'action' => 'api.publish',
345
- 'status' => 401
346
- )
347
- );
348
- }
349
-
350
- return $result;
351
- }
352
-
353
- /**
354
- * Check EDIT & EDIT_BY_OTHERS options
355
- *
356
- * @param AAM_Core_Object_Post $post
357
- *
358
- * @return void
359
- *
360
- * @access protected
361
- */
362
- protected function checkUpdate(AAM_Core_Object_Post $post) {
363
- $result = null;
364
-
365
- if (!$post->allowed('api.edit')) {
366
- $result = new WP_Error(
367
- 'rest_post_cannot_update',
368
- "User is unauthorized to update the post. Access denied.",
369
- array(
370
- 'action' => 'api.edit',
371
- 'status' => 401
372
- )
373
- );
374
- }
375
-
376
- return $result;
377
- }
378
-
379
- /**
380
- * Check DELETE & DELETE_BY_OTHERS options
381
- *
382
- * @param AAM_Core_Object_Post $post
383
- *
384
- * @return void
385
- *
386
- * @access protected
387
- */
388
- protected function checkDelete(AAM_Core_Object_Post $post) {
389
- $result = null;
390
-
391
- if (!$post->allowed('api.delete')) {
392
- $result = new WP_Error(
393
- 'rest_post_cannot_delete',
394
- "User is unauthorized to delete the post. Access denied.",
395
- array(
396
- 'action' => 'api.delete',
397
- 'status' => 401
398
- )
399
- );
400
- }
401
-
402
- return $result;
403
- }
404
-
405
- /**
406
- * Alias for the bootstrap
407
- *
408
- * @return AAM_Api_Rest_Resource_Post
409
- *
410
- * @access public
411
- * @static
412
- */
413
- public static function getInstance() {
414
- return self::bootstrap();
415
- }
416
-
417
- /**
418
- * Bootstrap authorization layer
419
- *
420
- * @return AAM_Api_Rest_Resource_Post
421
- *
422
- * @access public
423
- */
424
- public static function bootstrap() {
425
- if (is_null(self::$_instance)) {
426
- self::$_instance = new self;
427
- }
428
-
429
- return self::$_instance;
430
- }
431
-
432
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Api/Rest/Resource/Revision.php DELETED
@@ -1,66 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM REST Revision Resource
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- */
16
- class AAM_Api_Rest_Resource_Revision {
17
-
18
- /**
19
- * Instance of itself
20
- *
21
- * @var AAM_Api_Rest_Resource_Revision
22
- *
23
- * @access private
24
- */
25
- private static $_instance = null;
26
-
27
- /**
28
- * Authorize User actions
29
- *
30
- * @param WP_REST_Request $request
31
- *
32
- * @return WP_Error|null
33
- *
34
- * @access public
35
- */
36
- public function authorize($request) {
37
- return null;
38
- }
39
-
40
- /**
41
- * Alias for the bootstrap
42
- *
43
- * @return AAM_Api_Rest_Resource_Revision
44
- *
45
- * @access public
46
- * @static
47
- */
48
- public static function getInstance() {
49
- return self::bootstrap();
50
- }
51
-
52
- /**
53
- * Bootstrap authorization layer
54
- *
55
- * @return AAM_Api_Rest_Resource_Revision
56
- *
57
- * @access public
58
- */
59
- public static function bootstrap() {
60
- if (is_null(self::$_instance)) {
61
- self::$_instance = new self;
62
- }
63
-
64
- return self::$_instance;
65
- }
66
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Api/Rest/Resource/User.php DELETED
@@ -1,99 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM RESTful Users Resource
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- */
16
- class AAM_Api_Rest_Resource_User {
17
-
18
- /**
19
- * Instance of itself
20
- *
21
- * @var AAM_Api_Rest_Resource_User
22
- *
23
- * @access private
24
- */
25
- private static $_instance = null;
26
-
27
- /**
28
- *
29
- */
30
- protected function __construct() {
31
- add_filter('rest_user_query', array($this, 'userQuery'));
32
- }
33
-
34
- /**
35
- * Authorize User actions
36
- *
37
- * @param WP_REST_Request $request
38
- *
39
- * @return WP_Error|null
40
- *
41
- * @access public
42
- */
43
- public function authorize($request) {
44
- return null;
45
- }
46
-
47
- /**
48
- * Alter user select query
49
- *
50
- * @param array $args
51
- *
52
- * @return array
53
- *
54
- * @access public
55
- */
56
- public function userQuery($args) {
57
- //current user max level
58
- $max = AAM::getUser()->getMaxLevel();
59
- $exclude = isset($args['role__not_in']) ? $args['role__not_in'] : array();
60
- $roles = AAM_Core_API::getRoles();
61
-
62
- foreach($roles->role_objects as $id => $role) {
63
- if (AAM_Core_API::maxLevel($role->capabilities) > $max) {
64
- $exclude[] = $id;
65
- }
66
- }
67
-
68
- $args['role__not_in'] = $exclude;
69
-
70
- return $args;
71
- }
72
-
73
- /**
74
- * Alias for the bootstrap
75
- *
76
- * @return AAM_Api_Rest_Resource_User
77
- *
78
- * @access public
79
- * @static
80
- */
81
- public static function getInstance() {
82
- return self::bootstrap();
83
- }
84
-
85
- /**
86
- * Bootstrap authorization layer
87
- *
88
- * @return AAM_Api_Rest_Resource_User
89
- *
90
- * @access public
91
- */
92
- public static function bootstrap() {
93
- if (is_null(self::$_instance)) {
94
- self::$_instance = new self;
95
- }
96
-
97
- return self::$_instance;
98
- }
99
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/Authorization.php DELETED
@@ -1,104 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * Backend authorization
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- */
16
- class AAM_Backend_Authorization {
17
-
18
- /**
19
- * Instance of itself
20
- *
21
- * @var AAM_Backend_Authorization
22
- *
23
- * @access private
24
- */
25
- private static $_instance = null;
26
-
27
- /**
28
- * Constructor
29
- *
30
- * @return void
31
- *
32
- * @access protected
33
- */
34
- protected function __construct() {
35
- //control admin area
36
- if (!defined( 'DOING_AJAX' ) || !DOING_AJAX) {
37
- add_action('admin_init', array($this, 'checkScreenAccess'));
38
- }
39
- }
40
-
41
- /**
42
- * Check screen access
43
- *
44
- * @return void
45
- *
46
- * @access public
47
- * @global string $plugin_page
48
- */
49
- public function checkScreenAccess() {
50
- global $plugin_page;
51
-
52
- //compile menu
53
- $menu = $plugin_page;
54
-
55
- if (empty($menu)){
56
- $menu = basename(AAM_Core_Request::server('SCRIPT_NAME'));
57
- $taxonomy = AAM_Core_Request::get('taxonomy');
58
- $postType = AAM_Core_Request::get('post_type');
59
- $page = AAM_Core_Request::get('page');
60
-
61
- if (!empty($taxonomy)) {
62
- $menu .= '?taxonomy=' . $taxonomy;
63
- } elseif (!empty($postType) && ($postType !== 'post')) {
64
- $menu .= '?post_type=' . $postType;
65
- } elseif (!empty($page)) {
66
- $menu .= '?page=' . $page;
67
- }
68
- }
69
-
70
- if (AAM::getUser()->getObject('menu')->has($menu, true)) {
71
- AAM_Core_API::reject(
72
- 'backend', array('hook' => 'access_backend_menu', 'id' => $menu)
73
- );
74
- }
75
- }
76
-
77
- /**
78
- * Alias for the bootstrap
79
- *
80
- * @return AAM_Backend_Authorization
81
- *
82
- * @access public
83
- * @static
84
- */
85
- public static function getInstance() {
86
- return self::bootstrap();
87
- }
88
-
89
- /**
90
- * Bootstrap authorization layer
91
- *
92
- * @return AAM_Backend_Authorization
93
- *
94
- * @access public
95
- */
96
- public static function bootstrap() {
97
- if (is_null(self::$_instance)) {
98
- self::$_instance = new self;
99
- }
100
-
101
- return self::$_instance;
102
- }
103
-
104
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/Feature.php CHANGED
@@ -5,17 +5,21 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * AAM Backend Feature
12
- *
13
  * This class is used to hold the list of all registered UI features with few neat
14
  * methods to manipulate it.
15
- *
16
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
 
17
  */
18
- class AAM_Backend_Feature {
 
19
 
20
  /**
21
  * Collection of features
@@ -23,30 +27,32 @@ class AAM_Backend_Feature {
23
  * @var array
24
  *
25
  * @access private
26
- * @static
27
  */
28
  static private $_features = array();
29
 
30
  /**
31
  * Register UI Feature
32
  *
33
- * @param stdClass $feature
34
  *
35
  * @return boolean
36
  *
37
  * @access public
38
- * @static
39
  */
40
- public static function registerFeature(stdClass $feature) {
 
41
  $response = false;
 
42
 
43
  // Determine correct AAM UI capability
44
- if (empty($feature->capability)){
45
  $cap = 'aam_manager';
46
  } else {
47
  $cap = $feature->capability;
48
  }
49
-
50
  // Determine if minimum required options are enabled
51
  if (isset($feature->option)) {
52
  $show = self::isVisible($feature->option);
@@ -54,108 +60,151 @@ class AAM_Backend_Feature {
54
  $show = true;
55
  }
56
 
57
- // Determine that current user has enough level to manage requested subject
58
- $allowed = AAM_Backend_Subject::getInstance()->isAllowedToManage();
59
-
 
 
 
 
 
 
 
 
60
  if ($show && $allowed && current_user_can($cap)) {
61
- self::$_features[] = $feature;
 
 
 
 
 
 
 
62
  $response = true;
63
  }
64
 
65
  return $response;
66
  }
67
-
68
  /**
69
- * Check if feature is visible
70
- *
71
- * There is a way to show/hide feature based on the option. For example some
72
- * features should be visible only when Backend Access options is enabled.
73
- *
74
- * @param string $options
75
- *
76
- * @return boolean
77
- *
78
- * @access protected
79
  */
80
- protected static function isVisible($options) {
81
- $count = 0;
82
-
83
- foreach(explode(',', $options) as $option) {
84
- $count += AAM_Core_Config::get($option, true);
 
85
  }
86
-
87
- return ($count > 0);
88
  }
89
 
90
  /**
91
- * Initiate the Controller
92
  *
93
- * @param stdClass $feature
94
  *
95
- * @return stdClass
96
  *
97
  * @access public
98
- * @static
99
  */
100
- public static function initView(stdClass $feature){
101
- if (is_string($feature->view)){
102
- $feature->view = new $feature->view(AAM_Backend_Subject::getInstance());
103
- }
104
-
105
- return $feature;
106
  }
107
 
108
  /**
109
  * Retrieve list of features
110
  *
111
  * Retrieve sorted list of featured based on current subject
112
- *
113
  * @param string $type
114
  *
115
  * @return array
116
  *
117
  * @access public
118
- * @static
119
  */
120
- public static function retrieveList($type) {
 
121
  $response = array();
122
-
123
- $subject = AAM_Backend_Subject::getInstance()->getUID();
124
  foreach (self::$_features as $feature) {
125
- $ftype = (!empty($feature->type) ? $feature->type : 'main'); //TODO - legacy Nov 2018
126
- if ($ftype === $type
127
- && (empty($feature->subjects) || in_array($subject, $feature->subjects, true))) {
 
128
  $response[] = self::initView($feature);
129
  }
130
  }
131
- usort($response, 'AAM_Backend_Feature::reorder');
 
 
 
 
 
 
 
 
 
 
 
 
132
 
133
  return $response;
134
  }
135
 
136
  /**
137
- * Order list of features
138
  *
139
- * Reorganize the list based on "position" attribute
 
140
  *
141
- * @param array $features
142
  *
143
- * @return array
144
  *
145
- * @access public
146
- * @static
147
  */
148
- public static function reorder($feature_a, $feature_b){
149
- $pos_a = (empty($feature_a->position) ? 9999 : $feature_a->position);
150
- $pos_b = (empty($feature_b->position) ? 9999 : $feature_b->position);
151
 
152
- if ($pos_a === $pos_b){
153
- $response = 0;
154
- } else {
155
- $response = ($pos_a < $pos_b ? -1 : 1);
156
  }
157
 
158
- return $response;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
159
  }
160
 
161
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * AAM Backend Feature
14
+ *
15
  * This class is used to hold the list of all registered UI features with few neat
16
  * methods to manipulate it.
17
+ *
18
+ * @package AAM
19
+ * @version 6.0.0
20
  */
21
+ class AAM_Backend_Feature
22
+ {
23
 
24
  /**
25
  * Collection of features
27
  * @var array
28
  *
29
  * @access private
30
+ * @version 6.0.0
31
  */
32
  static private $_features = array();
33
 
34
  /**
35
  * Register UI Feature
36
  *
37
+ * @param object $feature
38
  *
39
  * @return boolean
40
  *
41
  * @access public
42
+ * @version 6.0.0
43
  */
44
+ public static function registerFeature($feature)
45
+ {
46
  $response = false;
47
+ $subject = AAM_Backend_Subject::getInstance();
48
 
49
  // Determine correct AAM UI capability
50
+ if (empty($feature->capability)) {
51
  $cap = 'aam_manager';
52
  } else {
53
  $cap = $feature->capability;
54
  }
55
+
56
  // Determine if minimum required options are enabled
57
  if (isset($feature->option)) {
58
  $show = self::isVisible($feature->option);
60
  $show = true;
61
  }
62
 
63
+ // Determine that current user has enough user level to manage
64
+ // requested subject but only if it is manages settings for individual
65
+ // subjects
66
+ if (!empty($feature->subjects)) {
67
+ $allowed = apply_filters(
68
+ 'aam_user_can_manage_level_filter', true, $subject->getSubject()->getMaxLevel()
69
+ );
70
+ } else { // Other allow because access to the feature is managed with cap
71
+ $allowed = true;
72
+ }
73
+
74
  if ($show && $allowed && current_user_can($cap)) {
75
+ if (is_object($feature->view)) {
76
+ self::$_features[get_class($feature->view)] = $feature;
77
+ } else {
78
+ self::$_features[$feature->view] = $feature;
79
+ // Initialize view manage so it can register any necessary hooks
80
+ $feature->view = new $feature->view($subject);
81
+ }
82
+
83
  $response = true;
84
  }
85
 
86
  return $response;
87
  }
88
+
89
  /**
90
+ * Get feature view manager
91
+ *
92
+ * @param string $id
93
+ *
94
+ * @return object
95
+ *
96
+ * @access public
97
+ * @version 6.0.0
 
 
98
  */
99
+ public static function getFeatureView($id)
100
+ {
101
+ if (self::isFeatureRegistered($id)) {
102
+ $view = self::$_features[$id]->view;
103
+ } else {
104
+ $view = null;
105
  }
106
+
107
+ return $view;
108
  }
109
 
110
  /**
111
+ * Check if feature is registered
112
  *
113
+ * @param string $id
114
  *
115
+ * @return boolean
116
  *
117
  * @access public
118
+ * @version 6.0.0
119
  */
120
+ public static function isFeatureRegistered($id)
121
+ {
122
+ return array_key_exists($id, self::$_features);
 
 
 
123
  }
124
 
125
  /**
126
  * Retrieve list of features
127
  *
128
  * Retrieve sorted list of featured based on current subject
129
+ *
130
  * @param string $type
131
  *
132
  * @return array
133
  *
134
  * @access public
135
+ * @version 6.0.0
136
  */
137
+ public static function retrieveList($type)
138
+ {
139
  $response = array();
140
+ $subject = AAM_Backend_Subject::getInstance()->getSubjectType();
141
+
142
  foreach (self::$_features as $feature) {
143
+ if (
144
+ $feature->type === $type
145
+ && (empty($feature->subjects) || in_array($subject, $feature->subjects, true))
146
+ ) {
147
  $response[] = self::initView($feature);
148
  }
149
  }
150
+
151
+ usort($response, function($feature_a, $feature_b) {
152
+ $pos_a = (empty($feature_a->position) ? 9999 : $feature_a->position);
153
+ $pos_b = (empty($feature_b->position) ? 9999 : $feature_b->position);
154
+
155
+ if ($pos_a === $pos_b) {
156
+ $response = 0;
157
+ } else {
158
+ $response = ($pos_a < $pos_b ? -1 : 1);
159
+ }
160
+
161
+ return $response;
162
+ });
163
 
164
  return $response;
165
  }
166
 
167
  /**
168
+ * Check if feature is visible
169
  *
170
+ * There is a way to show/hide feature based on the option. For example some
171
+ * features should be visible only when Backend Access options is enabled.
172
  *
173
+ * @param string $options
174
  *
175
+ * @return boolean
176
  *
177
+ * @access protected
178
+ * @version 6.0.0
179
  */
180
+ protected static function isVisible($options)
181
+ {
182
+ $count = 0;
183
 
184
+ foreach (explode(',', $options) as $option) {
185
+ $count += AAM_Core_Config::get($option, true);
 
 
186
  }
187
 
188
+ return ($count > 0);
189
+ }
190
+
191
+ /**
192
+ * Initiate the view controller
193
+ *
194
+ * @param object $feature
195
+ *
196
+ * @return array
197
+ *
198
+ * @access protected
199
+ * @version 6.0.0
200
+ */
201
+ protected static function initView($feature)
202
+ {
203
+ if (is_string($feature->view)) {
204
+ $feature->view = new $feature->view(AAM_Backend_Subject::getInstance());
205
+ }
206
+
207
+ return $feature;
208
  }
209
 
210
  }
application/Backend/Feature/Abstract.php CHANGED
@@ -5,69 +5,133 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
- * Backend feature abstract
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- abstract class AAM_Backend_Feature_Abstract {
17
-
 
 
 
18
  /**
19
- * Constructor
20
- *
21
- * @return void
22
- *
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
23
  * @access public
24
- * @throws Exception
25
  */
26
- public function __construct() {
27
- if (!current_user_can('aam_manager')) {
28
- AAM_Core_API::reject(
29
- 'backend', array('hook' => 'aam_manager')
30
- );
31
- }
 
 
 
 
32
  }
33
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
34
  /**
35
  * Get HTML content
36
- *
37
  * @return string
38
- *
39
  * @access public
 
40
  */
41
- public function getContent() {
 
42
  ob_start();
43
- require_once(dirname(__FILE__) . '/../phtml/' . $this->getTemplate());
44
  $content = ob_get_contents();
45
  ob_end_clean();
46
 
47
  return $content;
48
  }
49
-
50
  /**
51
- * Get template filename
52
- *
53
- * This function exists only to support implementation for PHP 5.2 cause later
54
- * static binding has been introduced only in PHP 5.3.0
55
- *
56
- * @return string
57
- *
58
  * @access public
 
59
  */
60
- public static function getTemplate() {
61
- return '';
 
62
  }
63
-
64
  /**
65
  * Register feature
66
- *
67
  * @return void
68
- *
69
  * @access public
 
70
  */
71
- public static function register() { }
72
-
73
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
+ * Abstract class for each backend UI feature
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ abstract class AAM_Backend_Feature_Abstract
19
+ {
20
+
21
+ use AAM_Core_Contract_RequestTrait;
22
+
23
  /**
24
+ * Default access capability to the service
25
+ *
26
+ * @version 6.0.0
27
+ */
28
+ const ACCESS_CAPABILITY = 'aam_manager';
29
+
30
+ /**
31
+ * Type of AAM core object
32
+ *
33
+ * @version 6.0.0
34
+ */
35
+ const OBJECT_TYPE = null;
36
+
37
+ /**
38
+ * HTML template to render
39
+ *
40
+ * @version 6.0.0
41
+ */
42
+ const TEMPLATE = null;
43
+
44
+ /**
45
+ * Save access settings for the specific object
46
+ *
47
+ * @return string
48
+ *
49
  * @access public
50
+ * @version 6.0.0
51
  */
52
+ public function save()
53
+ {
54
+ $param = $this->getFromPost('param');
55
+ $value = $this->getFromPost('value');
56
+
57
+ $object = $this->getSubject()->getObject(static::OBJECT_TYPE, null, true);
58
+
59
+ $object->updateOptionItem($param, $value)->save();
60
+
61
+ return wp_json_encode(array('status' => 'success'));
62
  }
63
+
64
+ /**
65
+ * Rest access settings for the specific object
66
+ *
67
+ * @return string
68
+ *
69
+ * @access public
70
+ * @version 6.0.0
71
+ */
72
+ public function reset()
73
+ {
74
+ $result = $this->getSubject()->getObject(static::OBJECT_TYPE)->reset();
75
+
76
+ return wp_json_encode(array('status' => ($result ? 'success' : 'failure')));
77
+ }
78
+
79
+ /**
80
+ * Check inheritance status
81
+ *
82
+ * Check if access settings are overwritten
83
+ *
84
+ * @return boolean
85
+ *
86
+ * @access protected
87
+ * @version 6.0.0
88
+ */
89
+ protected function isOverwritten()
90
+ {
91
+ $object = $this->getSubject()->getObject(static::OBJECT_TYPE);
92
+
93
+ return $object->isOverwritten();
94
+ }
95
+
96
  /**
97
  * Get HTML content
98
+ *
99
  * @return string
100
+ *
101
  * @access public
102
+ * @version 6.0.0
103
  */
104
+ public function getContent()
105
+ {
106
  ob_start();
107
+ require_once(dirname(__DIR__) . '/tmpl/' . static::TEMPLATE);
108
  $content = ob_get_contents();
109
  ob_end_clean();
110
 
111
  return $content;
112
  }
113
+
114
  /**
115
+ * Get currently managed subject
116
+ *
117
+ * @return AAM_Backend_Subject
118
+ *
 
 
 
119
  * @access public
120
+ * @version 6.0.0
121
  */
122
+ public function getSubject()
123
+ {
124
+ return AAM_Backend_Subject::getInstance();
125
  }
126
+
127
  /**
128
  * Register feature
129
+ *
130
  * @return void
131
+ *
132
  * @access public
133
+ * @version 6.0.0
134
  */
135
+ public static function register() {}
136
+
137
  }
application/Backend/Feature/Extension/Manager.php DELETED
@@ -1,217 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * Backend extension manager
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- */
16
- class AAM_Backend_Feature_Extension_Manager extends AAM_Backend_Feature_Abstract {
17
-
18
- /**
19
- *
20
- * @var type
21
- */
22
- protected static $instance = null;
23
-
24
- /**
25
- *
26
- */
27
- public function __construct() {
28
- parent::__construct();
29
-
30
- if (AAM_Core_Config::get('core.settings.extensionSupport', true) === false) {
31
- AAM::api()->denyAccess(array('reason' => 'core.settings.extensionSupport'));
32
- } elseif (!current_user_can('aam_manage_extensions')) {
33
- AAM::api()->denyAccess(array('reason' => 'aam_manage_extensions'));
34
- }
35
- }
36
-
37
- /**
38
- *
39
- */
40
- public function render() {
41
- require_once dirname(__FILE__) . '/../../phtml/extensions.phtml';
42
- }
43
-
44
- /**
45
- * Undocumented function
46
- *
47
- * @return void
48
- */
49
- public function check() {
50
- AAM::cron();
51
-
52
- return wp_json_encode(array('status' => 'success'));
53
- }
54
-
55
- /**
56
- * Install an extension
57
- *
58
- * @param string $storedLicense
59
- *
60
- * @return string
61
- *
62
- * @access public
63
- */
64
- public function install($storedLicense = null) {
65
- $repo = AAM_Extension_Repository::getInstance();
66
- $license = AAM_Core_Request::post('license', $storedLicense);
67
- $package = (object) AAM_Core_Request::post('package');
68
-
69
- $error = $repo->checkDirectory();
70
-
71
- if ($error) {
72
- $response = $this->installFailureResponse($error, $package);
73
- $repo->storeLicense($package, $license);
74
- } elseif (empty($package->content)) { //any unpredictable scenario
75
- $response = array(
76
- 'status' => 'failure',
77
- 'error' => __('Download failure. Try again or contact us.', AAM_KEY)
78
- );
79
- } else { //otherwise install the extension
80
- $result = $repo->add(base64_decode($package->content));
81
- if (is_wp_error($result)) {
82
- $response = $this->installFailureResponse(
83
- $result->get_error_message(), $package
84
- );
85
- } else {
86
- $response = array('status' => 'success');
87
- }
88
- $repo->storeLicense($package, $license);
89
- }
90
-
91
- return json_encode($response);
92
- }
93
-
94
- /**
95
- * Update the extension
96
- *
97
- * @return string
98
- *
99
- * @access public
100
- */
101
- public function update() {
102
- $id = AAM_Core_Request::post('extension');
103
- $licenses = AAM_Core_Compatibility::getLicenseList();
104
-
105
- if (!empty($licenses[$id]['license'])) {
106
- $response = $this->install($licenses[$id]['license']);
107
- } else {
108
- //fallback compatibility
109
- $list = AAM_Extension_Repository::getInstance()->getList();
110
- if (!empty($list[$id]['license'])) {
111
- $response = $this->install($list[$id]['license']);
112
- } else {
113
- $response = wp_json_encode(array(
114
- 'status' => 'failure',
115
- 'error' => __('No valid license key was found.', AAM_KEY)
116
- ));
117
- }
118
- }
119
-
120
- return $response;
121
- }
122
-
123
- /**
124
- *
125
- * @return type
126
- */
127
- public function deactivate() {
128
- AAM_Extension_Repository::getInstance()->updateStatus(
129
- AAM_Core_Request::post('extension'),
130
- AAM_Extension_Repository::STATUS_INACTIVE
131
- );
132
-
133
- return wp_json_encode(array('status' => 'success'));
134
- }
135
-
136
- /**
137
- *
138
- * @return type
139
- */
140
- public function activate() {
141
- AAM_Extension_Repository::getInstance()->updateStatus(
142
- AAM_Core_Request::post('extension'),
143
- AAM_Extension_Repository::STATUS_INSTALLED
144
- );
145
-
146
- return wp_json_encode(array('status' => 'success'));
147
- }
148
-
149
- /**
150
- *
151
- * @return type
152
- */
153
- public function fixDirectoryIssue() {
154
- $repo = AAM_Extension_Repository::getInstance();
155
- $dirname = $repo->getBasedir();
156
-
157
- if (file_exists($dirname) === false) {
158
- @mkdir($dirname, fileperms(ABSPATH) & 0777 | 0755, true);
159
- }
160
-
161
- return wp_json_encode(array(
162
- 'status' => ($repo->isWriteableDirectory() ? 'success' : 'failed')
163
- ));
164
- }
165
-
166
- /**
167
- *
168
- * @param type $type
169
- * @return type
170
- */
171
- public function getList($type) {
172
- $response = array();
173
-
174
- foreach(AAM_Extension_Repository::getInstance()->getList() as $item) {
175
- if ($item['type'] === $type) {
176
- $response[] = $item;
177
- }
178
- }
179
-
180
- return $response;
181
- }
182
-
183
- /**
184
- * Install extension failure response
185
- *
186
- * In case the file system fails, AAM allows to download the extension for
187
- * manual installation
188
- *
189
- * @param string $error
190
- * @param stdClass $package
191
- *
192
- * @return array
193
- *
194
- * @access protected
195
- */
196
- protected function installFailureResponse($error, $package) {
197
- return array(
198
- 'status' => 'failure',
199
- 'error' => $error,
200
- 'title' => $package->title,
201
- 'content' => $package->content
202
- );
203
- }
204
-
205
- /**
206
- *
207
- * @return AAM_Backend_Feature_Extension_Manager
208
- */
209
- public static function getInstance() {
210
- if (is_null(self::$instance)) {
211
- self::$instance = new self;
212
- }
213
-
214
- return self::$instance;
215
- }
216
-
217
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/Feature/ISubjectAware.php ADDED
@@ -0,0 +1,19 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
+ */
11
+
12
+ /**
13
+ * Backend feature that is customizable per subject
14
+ *
15
+ * @package AAM
16
+ * @version 6.0.0
17
+ */
18
+ interface AAM_Backend_Feature_ISubjectAware
19
+ { }
application/Backend/Feature/Main/404Redirect.php CHANGED
@@ -5,75 +5,80 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Backend 404 redirect manager
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Main_404Redirect extends AAM_Backend_Feature_Abstract {
17
-
 
 
 
 
18
  /**
19
- * Construct
 
 
20
  */
21
- public function __construct() {
22
- parent::__construct();
23
-
24
- $allowed = AAM_Backend_Subject::getInstance()->isAllowedToManage();
25
- if (!$allowed || !current_user_can('aam_manage_404_redirect')) {
26
- AAM::api()->denyAccess(array('reason' => 'aam_manage_404_redirect'));
27
- }
28
- }
29
-
30
  /**
31
- * @inheritdoc
 
 
32
  */
33
- public static function getTemplate() {
34
- return 'main/404redirect.phtml';
35
- }
36
-
37
  /**
38
- * Save AAM utility options
39
- *
40
  * @return string
41
  *
42
  * @access public
 
43
  */
44
- public function save() {
45
- $param = AAM_Core_Request::post('param');
46
- $value = stripslashes(AAM_Core_Request::post('value'));
47
-
48
- AAM_Core_Config::set($param, $value);
49
-
50
- return wp_json_encode(array('status' => 'success'));
 
 
 
51
  }
52
-
53
  /**
54
  * Register 404 redirect feature
55
- *
56
  * @return void
57
- *
58
  * @access public
 
59
  */
60
- public static function register() {
61
- if (is_main_site()) {
62
- AAM_Backend_Feature::registerFeature((object) array(
63
- 'uid' => '404redirect',
64
- 'position' => 50,
65
- 'title' => __('404 Redirect', AAM_KEY),
66
- 'capability' => 'aam_manage_404_redirect',
67
- 'type' => 'main',
68
- 'subjects' => array(
69
- AAM_Core_Subject_Default::UID,
70
- AAM_Core_Subject_Role::UID,
71
- AAM_Core_Subject_User::UID,
72
- AAM_Core_Subject_Visitor::UID
73
- ),
74
- 'view' => __CLASS__
75
- ));
76
- }
77
  }
78
 
79
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Backend 404 redirect manager
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Main_404Redirect
19
+ extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAware
20
+ {
21
+
22
+ use AAM_Core_Contract_RequestTrait;
23
+
24
  /**
25
+ * Default access capability to the service
26
+ *
27
+ * @version 6.0.0
28
  */
29
+ const ACCESS_CAPABILITY = 'aam_manage_404_redirect';
30
+
 
 
 
 
 
 
 
31
  /**
32
+ * HTML template to render
33
+ *
34
+ * @version 6.0.0
35
  */
36
+ const TEMPLATE = 'service/404redirect.php';
37
+
 
 
38
  /**
39
+ * Save 404 redirect options
40
+ *
41
  * @return string
42
  *
43
  * @access public
44
+ * @version 6.0.0
45
  */
46
+ public function save()
47
+ {
48
+ $param = AAM_Core_Request::post('param');
49
+ $value = $this->getFromPost('value');
50
+
51
+ $result = AAM_Core_Config::set($param, $value);
52
+
53
+ return wp_json_encode(
54
+ array('status' => $result ? 'success' : 'failure')
55
+ );
56
  }
57
+
58
  /**
59
  * Register 404 redirect feature
60
+ *
61
  * @return void
62
+ *
63
  * @access public
64
+ * @version 6.0.0
65
  */
66
+ public static function register()
67
+ {
68
+ AAM_Backend_Feature::registerFeature((object)array(
69
+ 'uid' => '404redirect',
70
+ 'position' => 50,
71
+ 'title' => __('404 Redirect', AAM_KEY),
72
+ 'capability' => self::ACCESS_CAPABILITY,
73
+ 'type' => 'main',
74
+ 'subjects' => array(
75
+ AAM_Core_Subject_Default::UID,
76
+ AAM_Core_Subject_Role::UID,
77
+ AAM_Core_Subject_User::UID,
78
+ AAM_Core_Subject_Visitor::UID
79
+ ),
80
+ 'view' => __CLASS__
81
+ ));
 
82
  }
83
 
84
  }
application/Backend/Feature/Main/Capability.php CHANGED
@@ -5,22 +5,41 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Backend capability manager
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Main_Capability extends AAM_Backend_Feature_Abstract {
17
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
18
  /**
19
  * Capability groups
20
- *
21
  * @var array
22
- *
23
- * @access private
 
24
  */
25
  public static $groups = array(
26
  'system' => array(
@@ -44,89 +63,130 @@ class AAM_Backend_Feature_Main_Capability extends AAM_Backend_Feature_Abstract {
44
  'manage_options', 'manage_links', 'manage_categories', 'customize',
45
  'unfiltered_html', 'unfiltered_upload', 'update_themes',
46
  'update_core', 'upload_files', 'delete_plugins', 'remove_users',
47
- 'switch_themes', 'list_users', 'promote_users', 'create_users', 'delete_site'
48
- ),
49
- 'aam' => array(
50
- 'aam_manage_admin_menu', 'aam_manage_metaboxes', 'aam_manage_capabilities',
51
- 'aam_manage_posts', 'aam_manage_access_denied_redirect', 'aam_create_roles',
52
- 'aam_manage_login_redirect', 'aam_manage_logout_redirect', 'aam_manager',
53
- 'aam_manage_settings', 'aam_manage_extensions', 'aam_show_notifications',
54
- 'aam_manage_404_redirect', 'aam_manage_ip_check', 'aam_manage_admin_toolbar',
55
- 'aam_manage_default', 'aam_manage_visitors', 'aam_manage_roles', 'aam_manage_users',
56
- 'aam_edit_roles', 'aam_delete_roles', 'aam_toggle_users', 'aam_switch_users',
57
- 'aam_manage_configpress', 'aam_manage_api_routes', 'aam_manage_uri', 'aam_manage_policy',
58
- 'aam_view_help_btn', 'aam_edit_policy', 'aam_read_policy', 'aam_delete_policy',
59
- 'aam_delete_policies', 'aam_edit_policies', 'aam_edit_others_policies', 'aam_publish_policies',
60
- 'aam_manage_jwt'
61
  )
62
  );
63
-
64
  /**
65
- * Construct
 
 
 
 
 
66
  */
67
- public function __construct() {
68
- parent::__construct();
69
-
70
- $allowed = AAM_Backend_Subject::getInstance()->isAllowedToManage();
71
- if (!$allowed || !current_user_can('aam_manage_capabilities')) {
72
- AAM::api()->denyAccess(array('reason' => 'aam_manage_capabilities'));
 
 
 
 
 
 
 
 
73
  }
 
 
 
 
74
  }
75
-
76
  /**
77
- * Save capability status
78
  *
79
  * @return string
80
- *
81
  * @access public
 
82
  */
83
- public function save() {
84
- $cap = AAM_Core_Request::post('capability');
85
- $status = AAM_Core_Request::post('status');
 
 
86
 
87
- $object = AAM_Backend_Subject::getInstance()->getObject('capability');
88
- $result = $object->save($cap, $status);
 
 
 
 
 
 
 
 
 
 
 
89
 
90
- return wp_json_encode(array(
91
- 'status' => ($result ? 'success' : 'failure')
92
- ));
 
93
  }
94
-
95
  /**
96
- * Reset capabilities
97
- *
 
 
 
98
  * @return string
99
- *
100
  * @access public
 
101
  */
102
- public function reset() {
103
- $result = AAM_Backend_Subject::getInstance()->resetObject('capability');
 
 
104
 
105
- return wp_json_encode(array(
106
- 'status' => ($result ? 'success' : 'failure')
107
- ));
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
108
  }
109
 
110
  /**
111
  * Get list of capabilities for table view
112
- *
113
  * @return string
114
- *
115
  * @access public
 
116
  */
117
- public function getTable() {
118
- $data = array();
119
- $subject = AAM_Backend_Subject::getInstance();
120
- $manager = AAM::api()->getPolicyManager();
121
 
122
  // Compile the complete list of capabilities
123
  $caps = AAM_Core_API::getAllCapabilities();
124
 
125
  // Add also subject specific capabilities
126
- $caps = array_merge($caps, $subject->getCapabilities());
127
 
128
  foreach (array_keys($caps) as $cap) {
129
- if ($manager->isAllowed("Capability:{$cap}:AAM:list") !== false) {
130
  $data[] = array(
131
  $cap,
132
  $this->getGroup($cap),
@@ -138,40 +198,33 @@ class AAM_Backend_Feature_Main_Capability extends AAM_Backend_Feature_Abstract {
138
 
139
  return wp_json_encode(array('data' => $data));
140
  }
141
-
142
- /**
143
- * @inheritdoc
144
- */
145
- public static function getTemplate() {
146
- return 'main/capability.phtml';
147
- }
148
-
149
  /**
150
  * Prepare row actions
151
- *
152
  * Based on current user permissions and subject's capability ownership, prepare
153
  * the correct list of actions
154
- *
155
  * @param string $cap
156
- *
157
  * @return string
158
- *
159
  * @access protected
 
160
  */
161
- protected function prepareActionList($cap) {
162
- $subject = AAM_Backend_Subject::getInstance();
163
  $actions = array();
164
-
 
165
  $toggle = ($subject->hasCapability($cap) ? 'checked' : 'unchecked');
166
- $manager = AAM::api()->getPolicyManager();
167
 
168
- if ($manager->isAllowed("Capability:{$cap}:AAM:toggle") === false) {
169
  $toggle = 'no-' . $toggle;
170
  }
171
-
172
  $actions[] = $toggle;
173
-
174
- //allow to delete or update capability only for roles!
175
  $edit = 'edit';
176
  $delete = 'delete';
177
 
@@ -185,83 +238,100 @@ class AAM_Backend_Feature_Main_Capability extends AAM_Backend_Feature_Abstract {
185
 
186
  $actions[] = $edit;
187
  $actions[] = $delete;
188
-
189
  return implode(',', $actions);
190
  }
191
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
192
  /**
193
  * Check if current user can edit capability
194
- *
195
  * @param string $cap
196
- *
197
  * @return boolean
198
- *
199
  * @access protected
 
200
  */
201
- protected function isAllowedToEdit($cap) {
 
202
  $allowed = false;
203
-
204
  if (AAM_Core_Config::get('core.settings.editCapabilities', true)) {
205
  $allowed = true;
206
  }
207
 
208
  // Access & Security policy has higher priority
209
- $manager = AAM::api()->getPolicyManager();
210
- if ($manager->isAllowed("Capability:{$cap}:AAM:update") === false) {
211
  $allowed = false;
212
  }
213
 
214
  // Check if current subject contains the capability and if so, allow to
215
  // edit it
216
- $subject = AAM_Backend_Subject::getInstance();
217
  if ($allowed) {
218
- $allowed = array_key_exists($cap, $subject->getCapabilities());
219
- }
220
-
221
  return $allowed;
222
  }
223
-
224
  /**
225
  * Check if current user can delete capability
226
- *
227
  * @param string $cap
228
- *
229
  * @return boolean
230
- *
231
  * @access protected
 
232
  */
233
- protected function isAllowedToDelete($cap) {
 
234
  $allowed = false;
235
-
236
  if (AAM_Core_Config::get('core.settings.editCapabilities', true)) {
237
  $allowed = true;
238
  }
239
 
240
  // Access & Security policy has higher priority
241
- $manager = AAM::api()->getPolicyManager();
242
- if ($manager->isAllowed("Capability:{$cap}:AAM:delete") === false) {
243
  $allowed = false;
244
  }
245
 
246
  // Check if current subject contains the capability and if so, allow to
247
  // delete it
248
- $subject = AAM_Backend_Subject::getInstance();
249
  if ($allowed) {
250
- $allowed = array_key_exists($cap, $subject->getCapabilities());
251
- }
252
-
253
  return $allowed;
254
  }
255
 
256
  /**
257
  * Get capability group list
258
- *
259
  * @return array
260
- *
261
  * @access public
 
262
  */
263
- public function getGroupList() {
264
- return apply_filters('aam-capability-groups-filter', array(
 
265
  __('System', AAM_KEY),
266
  __('Posts & Pages', AAM_KEY),
267
  __('Backend', AAM_KEY),
@@ -270,147 +340,51 @@ class AAM_Backend_Feature_Main_Capability extends AAM_Backend_Feature_Abstract {
270
  ));
271
  }
272
 
273
- /**
274
- * Add new capability
275
- *
276
- * @return string
277
- *
278
- * @access public
279
- */
280
- public function add() {
281
- $capability = sanitize_text_field(AAM_Core_Request::post('capability'));
282
- $assign = filter_input(INPUT_POST, 'assign', FILTER_VALIDATE_INT);
283
-
284
- if ($capability) {
285
- // Add capability to current user if checkbox checked
286
- if ($assign === 1) {
287
- AAM::api()->getUser()->addCapability($capability);
288
- }
289
-
290
- $result = AAM_Backend_Subject::getInstance()->addCapability($capability);
291
-
292
- $response = array('status' => ($result ? 'success' : 'failure'));
293
- } else {
294
- $response = array('status' => 'failure');
295
- }
296
-
297
- return wp_json_encode($response);
298
- }
299
-
300
- /**
301
- * Update capability tag
302
- *
303
- * @return string
304
- *
305
- * @access public
306
- */
307
- public function update() {
308
- $capability = AAM_Core_Request::post('capability');
309
- $updated = AAM_Core_Request::post('updated');
310
- $subject = AAM_Backend_Subject::getInstance();
311
-
312
- if ($this->isAllowedToEdit($capability) === false) {
313
- $response = array(
314
- 'status' => 'failure',
315
- 'message' => __('Permission denied to update this capability', AAM_KEY)
316
- );
317
- } else {
318
- // First we need to get the current grant status for updating capability
319
- $status = $subject->hasCapability($capability);
320
- // Remove updating capability
321
- if ($subject->removeCapability($capability)) {
322
- // Add new capability with the original grant status
323
- $result = $subject->addCapability($updated, $status);
324
- }
325
-
326
- $response = array('status' => (!empty($result) ? 'success' : 'failure'));
327
- }
328
-
329
- return wp_json_encode($response);
330
- }
331
-
332
- /**
333
- * Delete capability
334
- *
335
- * This function delete capability in all roles.
336
- *
337
- * @return string
338
- *
339
- * @access public
340
- */
341
- public function delete() {
342
- $capability = AAM_Core_Request::post('capability');
343
- $subject = AAM_Backend_Subject::getInstance();
344
-
345
- if ($this->isAllowedToDelete($capability) === false) {
346
- $response = array(
347
- 'status' => 'failure',
348
- 'message' => __('Permission denied to delete this capability', AAM_KEY)
349
- );
350
- } else {
351
- $result = $subject->removeCapability($capability);
352
- $response = array('status' => ($result ? 'success' : 'failure'));
353
- }
354
-
355
- return wp_json_encode($response);
356
- }
357
-
358
  /**
359
  * Get capability group name
360
- *
361
  * @param string $capability
362
- *
363
  * @return string
364
- *
365
  * @access protected
 
366
  */
367
- protected function getGroup($capability) {
 
368
  if (in_array($capability, self::$groups['system'], true)) {
369
  $response = __('System', AAM_KEY);
370
  } elseif (in_array($capability, self::$groups['post'], true)) {
371
  $response = __('Posts & Pages', AAM_KEY);
372
  } elseif (in_array($capability, self::$groups['backend'], true)) {
373
  $response = __('Backend', AAM_KEY);
374
- } elseif (in_array($capability, self::$groups['aam'], true)) {
375
  $response = __('AAM Interface', AAM_KEY);
376
  } else {
377
  $response = __('Miscellaneous', AAM_KEY);
378
  }
379
 
380
- return apply_filters(
381
- 'aam-capability-group-filter', $response, $capability
382
- );
383
- }
384
-
385
- /**
386
- * Check overwritten status
387
- *
388
- * @return boolean
389
- *
390
- * @access protected
391
- */
392
- protected function isOverwritten() {
393
- $object = AAM_Backend_Subject::getInstance()->getObject('capability');
394
-
395
- return $object->isOverwritten();
396
  }
397
-
398
  /**
399
- * Register capability feature
400
- *
401
  * @return void
402
- *
403
  * @access public
 
404
  */
405
- public static function register() {
 
406
  AAM_Backend_Feature::registerFeature((object) array(
407
  'uid' => 'capability',
408
  'position' => 15,
409
  'title' => __('Capabilities', AAM_KEY),
410
- 'capability' => 'aam_manage_capabilities',
411
  'type' => 'main',
412
  'subjects' => array(
413
- AAM_Core_Subject_Role::UID,
414
  AAM_Core_Subject_User::UID
415
  ),
416
  'view' => __CLASS__
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Backend capability manager
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Main_Capability
19
+ extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAware
20
+ {
21
+
22
+ /**
23
+ * Default access capability to the service
24
+ *
25
+ * @version 6.0.0
26
+ */
27
+ const ACCESS_CAPABILITY = 'aam_manage_capabilities';
28
+
29
+ /**
30
+ * HTML template to render
31
+ *
32
+ * @version 6.0.0
33
+ */
34
+ const TEMPLATE = 'service/capability.php';
35
+
36
  /**
37
  * Capability groups
38
+ *
39
  * @var array
40
+ *
41
+ * @access public
42
+ * @version 6.0.0
43
  */
44
  public static $groups = array(
45
  'system' => array(
63
  'manage_options', 'manage_links', 'manage_categories', 'customize',
64
  'unfiltered_html', 'unfiltered_upload', 'update_themes',
65
  'update_core', 'upload_files', 'delete_plugins', 'remove_users',
66
+ 'switch_themes', 'list_users', 'promote_users', 'create_users',
67
+ 'delete_site'
 
 
 
 
 
 
 
 
 
 
 
 
68
  )
69
  );
70
+
71
  /**
72
+ * Save capability status
73
+ *
74
+ * @return string
75
+ *
76
+ * @access public
77
+ * @version 6.0.0
78
  */
79
+ public function save()
80
+ {
81
+ $result = false;
82
+ $cap = sanitize_text_field($this->getFromPost('capability'));
83
+ $effect = $this->getFromPost('effect', FILTER_VALIDATE_BOOLEAN);
84
+ $assign = $this->getFromPost('assignToMe', FILTER_VALIDATE_BOOLEAN);
85
+
86
+ if ($cap && $this->isAllowedToToggle($cap)) {
87
+ // Add capability to current user if checkbox checked
88
+ if ($assign === true) {
89
+ AAM::getUser()->addCapability($cap);
90
+ }
91
+
92
+ $result = $this->getSubject()->addCapability($cap, $effect);
93
  }
94
+
95
+ return wp_json_encode(array(
96
+ 'status' => ($result ? 'success' : 'failure')
97
+ ));
98
  }
99
+
100
  /**
101
+ * Update capability slug
102
  *
103
  * @return string
104
+ *
105
  * @access public
106
+ * @version 6.0.0
107
  */
108
+ public function update()
109
+ {
110
+ $capability = $this->getFromPost('capability');
111
+ $updated = sanitize_text_field($this->getFromPost('updated'));
112
+ $subject = $this->getSubject();
113
 
114
+ if ($this->isAllowedToEdit($capability) === false) {
115
+ $response = array(
116
+ 'status' => 'failure',
117
+ 'message' => __('Permission denied to update this capability', AAM_KEY)
118
+ );
119
+ } else {
120
+ // First we need to get the current grant status for updating capability
121
+ $status = $subject->hasCapability($capability);
122
+ // Remove updating capability
123
+ if ($subject->removeCapability($capability)) {
124
+ // Add new capability with the original grant status
125
+ $result = $subject->addCapability($updated, $status);
126
+ }
127
 
128
+ $response = array('status' => (!empty($result) ? 'success' : 'failure'));
129
+ }
130
+
131
+ return wp_json_encode($response);
132
  }
133
+
134
  /**
135
+ * Delete capability
136
+ *
137
+ * This function delete capability in all roles or only for very specific subject.
138
+ * It all depends on the "subjectOnly" POST param.
139
+ *
140
  * @return string
141
+ *
142
  * @access public
143
+ * @version 6.0.0
144
  */
145
+ public function delete()
146
+ {
147
+ $capability = $this->getFromPost('capability');
148
+ $subjectOnly = $this->getFromPost('subjectOnly', FILTER_VALIDATE_BOOLEAN);
149
 
150
+ if ($this->isAllowedToDelete($capability) === false) {
151
+ $response = array(
152
+ 'status' => 'failure',
153
+ 'message' => __('Permission denied to delete this capability', AAM_KEY)
154
+ );
155
+ } else {
156
+ if ($subjectOnly === true) {
157
+ $this->getSubject()->removeCapability($capability);
158
+ } else {
159
+ $roles = AAM_Core_API::getRoles();
160
+ foreach (array_keys($roles->roles) as $roleId) {
161
+ $roles->remove_cap($roleId, $capability);
162
+ }
163
+ }
164
+ $response = array('status' => 'success');
165
+ }
166
+
167
+ return wp_json_encode($response);
168
  }
169
 
170
  /**
171
  * Get list of capabilities for table view
172
+ *
173
  * @return string
174
+ *
175
  * @access public
176
+ * @version 6.0.0
177
  */
178
+ public function getTable()
179
+ {
180
+ $data = array();
 
181
 
182
  // Compile the complete list of capabilities
183
  $caps = AAM_Core_API::getAllCapabilities();
184
 
185
  // Add also subject specific capabilities
186
+ $caps = array_merge($caps, $this->getSubject()->getCapabilities());
187
 
188
  foreach (array_keys($caps) as $cap) {
189
+ if (apply_filters('aam_cap_can_filter', true, $cap, 'list') !== false) {
190
  $data[] = array(
191
  $cap,
192
  $this->getGroup($cap),
198
 
199
  return wp_json_encode(array('data' => $data));
200
  }
201
+
 
 
 
 
 
 
 
202
  /**
203
  * Prepare row actions
204
+ *
205
  * Based on current user permissions and subject's capability ownership, prepare
206
  * the correct list of actions
207
+ *
208
  * @param string $cap
209
+ *
210
  * @return string
211
+ *
212
  * @access protected
213
+ * @version 6.0.0
214
  */
215
+ protected function prepareActionList($cap)
216
+ {
217
  $actions = array();
218
+ $subject = $this->getSubject();
219
+
220
  $toggle = ($subject->hasCapability($cap) ? 'checked' : 'unchecked');
 
221
 
222
+ if ($this->isAllowedToToggle($cap) === false) {
223
  $toggle = 'no-' . $toggle;
224
  }
225
+
226
  $actions[] = $toggle;
227
+
 
228
  $edit = 'edit';
229
  $delete = 'delete';
230
 
238
 
239
  $actions[] = $edit;
240
  $actions[] = $delete;
241
+
242
  return implode(',', $actions);
243
  }
244
 
245
+ /**
246
+ * Check if current user is allowed to toggle capability
247
+ *
248
+ * @param string $cap
249
+ *
250
+ * @return boolean
251
+ *
252
+ * @access protected
253
+ * @version 6.0.0
254
+ */
255
+ protected function isAllowedToToggle($cap)
256
+ {
257
+ return apply_filters('aam_cap_can_filter', true, $cap, 'toggle');
258
+ }
259
+
260
  /**
261
  * Check if current user can edit capability
262
+ *
263
  * @param string $cap
264
+ *
265
  * @return boolean
266
+ *
267
  * @access protected
268
+ * @version 6.0.0
269
  */
270
+ protected function isAllowedToEdit($cap)
271
+ {
272
  $allowed = false;
273
+
274
  if (AAM_Core_Config::get('core.settings.editCapabilities', true)) {
275
  $allowed = true;
276
  }
277
 
278
  // Access & Security policy has higher priority
279
+ if (apply_filters('aam_cap_can_filter', true, $cap, 'update') === false) {
 
280
  $allowed = false;
281
  }
282
 
283
  // Check if current subject contains the capability and if so, allow to
284
  // edit it
 
285
  if ($allowed) {
286
+ $allowed = array_key_exists($cap, $this->getSubject()->getCapabilities());
287
+ }
288
+
289
  return $allowed;
290
  }
291
+
292
  /**
293
  * Check if current user can delete capability
294
+ *
295
  * @param string $cap
296
+ *
297
  * @return boolean
298
+ *
299
  * @access protected
300
+ * @version 6.0.0
301
  */
302
+ protected function isAllowedToDelete($cap)
303
+ {
304
  $allowed = false;
305
+
306
  if (AAM_Core_Config::get('core.settings.editCapabilities', true)) {
307
  $allowed = true;
308
  }
309
 
310
  // Access & Security policy has higher priority
311
+ if (apply_filters('aam_cap_can_filter', true, $cap, 'delete') === false) {
 
312
  $allowed = false;
313
  }
314
 
315
  // Check if current subject contains the capability and if so, allow to
316
  // delete it
 
317
  if ($allowed) {
318
+ $allowed = array_key_exists($cap, $this->getSubject()->getCapabilities());
319
+ }
320
+
321
  return $allowed;
322
  }
323
 
324
  /**
325
  * Get capability group list
326
+ *
327
  * @return array
328
+ *
329
  * @access public
330
+ * @version 6.0.0
331
  */
332
+ public function getGroupList()
333
+ {
334
+ return apply_filters('aam_capability_groups_filter', array(
335
  __('System', AAM_KEY),
336
  __('Posts & Pages', AAM_KEY),
337
  __('Backend', AAM_KEY),
340
  ));
341
  }
342
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
343
  /**
344
  * Get capability group name
345
+ *
346
  * @param string $capability
347
+ *
348
  * @return string
349
+ *
350
  * @access protected
351
+ * @version 6.0.0
352
  */
353
+ protected function getGroup($capability)
354
+ {
355
  if (in_array($capability, self::$groups['system'], true)) {
356
  $response = __('System', AAM_KEY);
357
  } elseif (in_array($capability, self::$groups['post'], true)) {
358
  $response = __('Posts & Pages', AAM_KEY);
359
  } elseif (in_array($capability, self::$groups['backend'], true)) {
360
  $response = __('Backend', AAM_KEY);
361
+ } elseif (strpos($capability, 'aam_') === 0) {
362
  $response = __('AAM Interface', AAM_KEY);
363
  } else {
364
  $response = __('Miscellaneous', AAM_KEY);
365
  }
366
 
367
+ return apply_filters('aam_capability_group_filter', $response, $capability);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
368
  }
369
+
370
  /**
371
+ * Register Capability service UI
372
+ *
373
  * @return void
374
+ *
375
  * @access public
376
+ * @version 6.0.0
377
  */
378
+ public static function register()
379
+ {
380
  AAM_Backend_Feature::registerFeature((object) array(
381
  'uid' => 'capability',
382
  'position' => 15,
383
  'title' => __('Capabilities', AAM_KEY),
384
+ 'capability' => self::ACCESS_CAPABILITY,
385
  'type' => 'main',
386
  'subjects' => array(
387
+ AAM_Core_Subject_Role::UID,
388
  AAM_Core_Subject_User::UID
389
  ),
390
  'view' => __CLASS__
application/Backend/Feature/Main/Jwt.php CHANGED
@@ -5,132 +5,179 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
- * JWT manager
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Main_Jwt extends AAM_Backend_Feature_Abstract {
17
-
 
 
 
 
18
  /**
19
- * Construct
 
 
20
  */
21
- public function __construct() {
22
- parent::__construct();
23
-
24
- $allowed = AAM_Backend_Subject::getInstance()->isAllowedToManage();
25
- if (!$allowed || !current_user_can('aam_manage_jwt')) {
26
- AAM::api()->denyAccess(array('reason' => 'aam_manage_jwt'));
27
- }
28
- }
29
-
30
  /**
31
- *
32
- * @return type
 
 
 
 
 
 
 
 
 
 
 
33
  */
34
- public function getTable() {
 
35
  return wp_json_encode($this->retrieveList());
36
  }
37
 
38
  /**
39
- *
40
- * @return type
 
 
 
 
41
  */
42
- public function generate() {
43
- $user = AAM_Backend_Subject::getInstance()->get();
44
- $expires = filter_input(INPUT_POST, 'expires');
45
- $refreshable = filter_input(INPUT_POST, 'refreshable', FILTER_VALIDATE_BOOLEAN);
46
-
47
- try {
 
 
 
 
 
 
48
  $max = AAM::getUser()->getMaxLevel();
49
- if ($max >= AAM_Core_API::maxLevel($user->allcaps)) {
50
- $issuer = new AAM_Core_Jwt_Issuer();
51
- $jwt = $issuer->issueToken(
52
- array(
53
- 'userId' => $user->ID,
54
- 'revocable' => true,
55
- 'refreshable' => $refreshable
56
- ),
57
- $expires
58
- );
59
- $result = array(
60
- 'status' => 'success',
61
- 'jwt' => $jwt->token
62
- );
63
- } else {
64
- throw new Exception('User ID has higher level than current user');
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
65
  }
66
- } catch (Exception $ex) {
67
- $result = array('status' => 'failure', 'reason' => $ex->getMessage());
68
  }
69
-
70
  return wp_json_encode($result);
71
  }
72
 
73
  /**
74
- *
75
- * @return type
 
 
 
 
76
  */
77
- public function save() {
78
- $user = AAM_Backend_Subject::getInstance()->get();
 
79
  $token = filter_input(INPUT_POST, 'token');
80
- $claims = AAM_Core_Jwt_Issuer::extractTokenClaims($token);
81
-
82
- $result = AAM_Core_Jwt_Manager::getInstance()->registerToken(
83
- $user->ID,
84
- $token
85
- );
86
 
87
  if ($result) {
88
  $response = array('status' => 'success');
89
  } else {
90
  $response = array(
91
- 'status' => 'failure',
92
  'reason' => __('Failed to register JWT token', AAM_KEY)
93
  );
94
  }
95
 
96
  return wp_json_encode($response);
97
  }
98
-
99
  /**
100
- *
101
- * @return type
 
 
 
 
102
  */
103
- public function delete() {
104
- $user = AAM_Backend_Subject::getInstance()->get();
105
- $token = filter_input(INPUT_POST, 'token');
106
- $result = AAM_Core_Jwt_Manager::getInstance()->revokeToken($user->ID, $token);
 
107
 
108
  if ($result) {
109
  $response = array('status' => 'success');
110
  } else {
111
  $response = array(
112
- 'status' => 'failure',
113
  'reason' => __('Failed to revoke JWT token', AAM_KEY)
114
  );
115
  }
116
 
117
- return wp_json_encode($response);
118
  }
119
 
120
  /**
121
- * @inheritdoc
 
 
 
 
 
122
  */
123
- public static function getTemplate() {
124
- return 'main/jwt.phtml';
125
- }
126
-
127
- /**
128
- *
129
- * @return type
130
- */
131
- protected function retrieveList() {
132
- $tokens = AAM_Core_Jwt_Manager::getInstance()->getTokenRegistry(
133
- AAM_Backend_Subject::getInstance()->get()->ID
134
  );
135
 
136
  $response = array(
@@ -140,46 +187,49 @@ class AAM_Backend_Feature_Main_Jwt extends AAM_Backend_Feature_Abstract {
140
  'data' => array(),
141
  );
142
 
143
- $issuer = new AAM_Core_Jwt_Issuer();
144
 
145
- foreach($tokens as $token) {
146
- try {
147
- $claims = $issuer->validateToken($token);
148
- } catch(Exception $e) {
149
- $claims = $issuer->extractTokenClaims($token);
150
- $claims->status = 'invalid';
 
 
151
  }
152
-
153
  $response['data'][] = array(
154
  $token,
155
  add_query_arg('aam-jwt', $token, site_url()),
156
- $claims->status,
157
- $claims->exp,
158
  'view,delete'
159
  );
160
  }
161
-
162
  return $response;
163
  }
164
 
165
  /**
166
- * Register Menu feature
167
- *
168
  * @return void
169
- *
170
  * @access public
 
171
  */
172
- public static function register() {
 
173
  AAM_Backend_Feature::registerFeature((object) array(
174
  'uid' => 'jwt',
175
  'position' => 65,
176
- 'title' => __('JWT Tokens', AAM_KEY) . '<span class="badge">NEW</span>',
177
- 'capability' => 'aam_manage_jwt',
178
  'type' => 'main',
179
  'subjects' => array(
180
  AAM_Core_Subject_User::UID
181
  ),
182
- 'option' => 'core.settings.jwtAuthentication',
183
  'view' => __CLASS__
184
  ));
185
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
+ * JWT UI manager
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Main_Jwt
19
+ extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAware
20
+ {
21
+
22
+ use AAM_Core_Contract_RequestTrait;
23
+
24
  /**
25
+ * Default access capability to the service
26
+ *
27
+ * @version 6.0.0
28
  */
29
+ const ACCESS_CAPABILITY = 'aam_manage_jwt';
30
+
 
 
 
 
 
 
 
31
  /**
32
+ * HTML template to render
33
+ *
34
+ * @version 6.0.0
35
+ */
36
+ const TEMPLATE = 'service/jwt.php';
37
+
38
+ /**
39
+ * Get list of tokens
40
+ *
41
+ * @return string
42
+ *
43
+ * @access public
44
+ * @version 6.0.0
45
  */
46
+ public function getTable()
47
+ {
48
  return wp_json_encode($this->retrieveList());
49
  }
50
 
51
  /**
52
+ * Generate JWT token
53
+ *
54
+ * @return string
55
+ *
56
+ * @access public
57
+ * @version 6.0.0
58
  */
59
+ public function generate()
60
+ {
61
+ $user = AAM_Backend_Subject::getInstance();
62
+ $result = array('status' => 'failure');
63
+
64
+ if (current_user_can('aam_manage_jwt')) {
65
+ $expires = $this->getFromPost('expires');
66
+ $refresh = $this->getFromPost('refreshable', FILTER_VALIDATE_BOOLEAN);
67
+ $register = $this->getFromPost('register', FILTER_VALIDATE_BOOLEAN);
68
+ $trigger = $this->getFromPost('trigger', FILTER_DEFAULT, FILTER_REQUIRE_ARRAY);
69
+
70
+ // Determine maximum user level
71
  $max = AAM::getUser()->getMaxLevel();
72
+
73
+ // Prepare the list of claims
74
+ $claims = array(
75
+ 'userId' => $user->ID,
76
+ 'revocable' => true,
77
+ 'refreshable' => ($refresh === true)
78
+ );
79
+
80
+ // If token also should contains the trigger action when it is expires,
81
+ // then add it to the list of claims
82
+ if (!empty($trigger)) {
83
+ $claims['trigger'] = $trigger;
84
+ }
85
+
86
+ try {
87
+ if ($max >= AAM_Core_API::maxLevel($user->allcaps)) {
88
+ $jwt = AAM_Core_Jwt_Issuer::getInstance()->issueToken(
89
+ $claims, new DateTime('@' . $expires)
90
+ );
91
+
92
+ if ($register === true) {
93
+ $status = AAM_Service_Jwt::getInstance()->registerToken(
94
+ $user->ID, $jwt->token
95
+ );
96
+ } else {
97
+ $status = true;
98
+ }
99
+
100
+ $result = array(
101
+ 'status' => (!empty($status) ? 'success' : 'failure'),
102
+ 'jwt' => $jwt->token
103
+ );
104
+ } else {
105
+ $result['reason'] = 'You are not allowed to generate JWT for this user';
106
+ }
107
+ } catch (Exception $ex) {
108
+ $result['reason'] = $ex->getMessage();
109
  }
110
+ } else {
111
+ $result['reason'] = 'You are not allowed to manage JWT tokens';
112
  }
113
+
114
  return wp_json_encode($result);
115
  }
116
 
117
  /**
118
+ * Save/register new JWT token
119
+ *
120
+ * @return string
121
+ *
122
+ * @access public
123
+ * @version 6.0.0
124
  */
125
+ public function save()
126
+ {
127
+ $user = AAM_Backend_Subject::getInstance();
128
  $token = filter_input(INPUT_POST, 'token');
129
+ $result = AAM_Service_Jwt::getInstance()->registerToken($user->ID, $token);
 
 
 
 
 
130
 
131
  if ($result) {
132
  $response = array('status' => 'success');
133
  } else {
134
  $response = array(
135
+ 'status' => 'failure',
136
  'reason' => __('Failed to register JWT token', AAM_KEY)
137
  );
138
  }
139
 
140
  return wp_json_encode($response);
141
  }
142
+
143
  /**
144
+ * Delete existing JWT token
145
+ *
146
+ * @return string
147
+ *
148
+ * @access public
149
+ * @version 6.0.0
150
  */
151
+ public function delete()
152
+ {
153
+ $user = AAM_Backend_Subject::getInstance();
154
+ $token = filter_input(INPUT_POST, 'token');
155
+ $result = AAM_Service_Jwt::getInstance()->revokeUserToken($user->ID, $token);
156
 
157
  if ($result) {
158
  $response = array('status' => 'success');
159
  } else {
160
  $response = array(
161
+ 'status' => 'failure',
162
  'reason' => __('Failed to revoke JWT token', AAM_KEY)
163
  );
164
  }
165
 
166
+ return wp_json_encode($response);
167
  }
168
 
169
  /**
170
+ * Retrieve list of registered JWT tokens
171
+ *
172
+ * @return array
173
+ *
174
+ * @access protected
175
+ * @version 6.0.0
176
  */
177
+ protected function retrieveList()
178
+ {
179
+ $tokens = AAM_Service_Jwt::getInstance()->getTokenRegistry(
180
+ AAM_Backend_Subject::getInstance()->ID
 
 
 
 
 
 
 
181
  );
182
 
183
  $response = array(
187
  'data' => array(),
188
  );
189
 
190
+ $issuer = AAM_Core_Jwt_Issuer::getInstance();
191
 
192
+ foreach ($tokens as $token) {
193
+ $claims = $issuer->validateToken($token);
194
+
195
+ if ($claims->isValid) {
196
+ $expires = new DateTime('@' . $claims->exp, new DateTimeZone('UTC'));
197
+ $details = $expires->format('m/d/Y, H:i O');
198
+ } else {
199
+ $details = __('Token is no longer valid', AAM_KEY);
200
  }
201
+
202
  $response['data'][] = array(
203
  $token,
204
  add_query_arg('aam-jwt', $token, site_url()),
205
+ $claims->isValid,
206
+ $details,
207
  'view,delete'
208
  );
209
  }
210
+
211
  return $response;
212
  }
213
 
214
  /**
215
+ * Register JWT service UI
216
+ *
217
  * @return void
218
+ *
219
  * @access public
220
+ * @version 6.0.0
221
  */
222
+ public static function register()
223
+ {
224
  AAM_Backend_Feature::registerFeature((object) array(
225
  'uid' => 'jwt',
226
  'position' => 65,
227
+ 'title' => __('JWT Tokens', AAM_KEY),
228
+ 'capability' => self::ACCESS_CAPABILITY,
229
  'type' => 'main',
230
  'subjects' => array(
231
  AAM_Core_Subject_User::UID
232
  ),
 
233
  'view' => __CLASS__
234
  ));
235
  }
application/Backend/Feature/Main/LoginRedirect.php CHANGED
@@ -5,113 +5,79 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Login redirect
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Main_LoginRedirect extends AAM_Backend_Feature_Abstract {
17
-
18
- /**
19
- * Construct
20
- */
21
- public function __construct() {
22
- parent::__construct();
23
-
24
- $allowed = AAM_Backend_Subject::getInstance()->isAllowedToManage();
25
- if (!$allowed || !current_user_can('aam_manage_login_redirect')) {
26
- AAM::api()->denyAccess(array('reason' => 'aam_manage_login_redirect'));
27
- }
28
- }
29
-
30
  /**
31
- * Undocumented function
32
  *
33
- * @return void
34
  */
35
- public function save() {
36
- $param = AAM_Core_Request::post('param');
37
- $value = AAM_Core_Request::post('value');
38
-
39
- $object = AAM_Backend_Subject::getInstance()->getObject('loginRedirect');
40
-
41
- $object->save($param, $value);
42
 
43
- return wp_json_encode(array('status' => 'success'));
44
- }
45
-
46
- /**
47
- *
48
- * @return type
49
- */
50
- public function reset() {
51
- return AAM_Backend_Subject::getInstance()->resetObject('loginRedirect');
52
- }
53
-
54
- /**
55
- *
56
- * @return type
57
- */
58
- public function isDefault() {
59
- $subject = AAM_Backend_Subject::getInstance()->getUID();
60
-
61
- return ($subject === AAM_Core_Subject_Default::UID);
62
- }
63
-
64
  /**
65
- * Check inheritance status
66
- *
67
- * Check if redirect settings are overwritten
68
- *
69
- * @return boolean
70
- *
71
- * @access protected
72
  */
73
- protected function isOverwritten() {
74
- $object = AAM_Backend_Subject::getInstance()->getObject('loginRedirect');
75
-
76
- return $object->isOverwritten();
77
- }
78
-
79
  /**
80
- *
81
- * @param type $option
82
- * @return type
83
  */
84
- public function getOption($option, $default = null) {
85
- $object = AAM_Backend_Subject::getInstance()->getObject('loginRedirect');
86
- $value = $object->get($option);
87
-
88
- return (!is_null($value) ? $value : $default);
89
- }
90
-
91
  /**
92
- * @inheritdoc
 
 
 
 
 
 
 
 
93
  */
94
- public static function getTemplate() {
95
- return 'main/login-redirect.phtml';
 
 
 
 
96
  }
97
-
98
  /**
99
- * Register Contact/Hire feature
100
- *
101
  * @return void
102
- *
103
  * @access public
 
104
  */
105
- public static function register() {
 
106
  AAM_Backend_Feature::registerFeature((object) array(
107
  'uid' => 'login_redirect',
108
  'position' => 40,
109
  'title' => __('Login Redirect', AAM_KEY),
110
- 'capability' => 'aam_manage_login_redirect',
111
  'type' => 'main',
112
  'subjects' => array(
113
- AAM_Core_Subject_Role::UID,
114
- AAM_Core_Subject_User::UID,
115
  AAM_Core_Subject_Default::UID
116
  ),
117
  'view' => __CLASS__
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Login redirect
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Main_LoginRedirect
19
+ extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAware
20
+ {
21
+
 
 
 
 
 
 
 
 
 
 
22
  /**
23
+ * Default access capability to the service
24
  *
25
+ * @version 6.0.0
26
  */
27
+ const ACCESS_CAPABILITY = 'aam_manage_login_redirect';
 
 
 
 
 
 
28
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
29
  /**
30
+ * Type of AAM core object
31
+ *
32
+ * @version 6.0.0
 
 
 
 
33
  */
34
+ const OBJECT_TYPE = AAM_Core_Object_LoginRedirect::OBJECT_TYPE;
35
+
 
 
 
 
36
  /**
37
+ * HTML template to render
38
+ *
39
+ * @version 6.0.0
40
  */
41
+ const TEMPLATE = 'service/login-redirect.php';
42
+
 
 
 
 
 
43
  /**
44
+ * Get option value
45
+ *
46
+ * @param string $name
47
+ * @param mixed $default
48
+ *
49
+ * @return mixed
50
+ *
51
+ * @access public
52
+ * @version 6.0.0
53
  */
54
+ public function getOption($name, $default = null)
55
+ {
56
+ $object = $this->getSubject()->getObject(self::OBJECT_TYPE);
57
+ $option = $object->getOption();
58
+
59
+ return (!empty($option[$name]) ? $option[$name] : $default);
60
  }
61
+
62
  /**
63
+ * Register login redirect feature
64
+ *
65
  * @return void
66
+ *
67
  * @access public
68
+ * @version 6.0.0
69
  */
70
+ public static function register()
71
+ {
72
  AAM_Backend_Feature::registerFeature((object) array(
73
  'uid' => 'login_redirect',
74
  'position' => 40,
75
  'title' => __('Login Redirect', AAM_KEY),
76
+ 'capability' => self::ACCESS_CAPABILITY,
77
  'type' => 'main',
78
  'subjects' => array(
79
+ AAM_Core_Subject_Role::UID,
80
+ AAM_Core_Subject_User::UID,
81
  AAM_Core_Subject_Default::UID
82
  ),
83
  'view' => __CLASS__
application/Backend/Feature/Main/LogoutRedirect.php CHANGED
@@ -5,113 +5,79 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
- * Logout redirect
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Main_LogoutRedirect extends AAM_Backend_Feature_Abstract {
17
-
18
- /**
19
- * Construct
20
- */
21
- public function __construct() {
22
- parent::__construct();
23
-
24
- $allowed = AAM_Backend_Subject::getInstance()->isAllowedToManage();
25
- if (!$allowed || !current_user_can('aam_manage_logout_redirect')) {
26
- AAM::api()->denyAccess(array('reason' => 'aam_manage_logout_redirect'));
27
- }
28
- }
29
-
30
  /**
31
- * Undocumented function
32
  *
33
- * @return void
34
  */
35
- public function save() {
36
- $param = AAM_Core_Request::post('param');
37
- $value = AAM_Core_Request::post('value');
38
-
39
- $object = AAM_Backend_Subject::getInstance()->getObject('logoutRedirect');
40
-
41
- $object->save($param, $value);
42
 
43
- return wp_json_encode(array('status' => 'success'));
44
- }
45
-
46
- /**
47
- *
48
- * @return type
49
- */
50
- public function reset() {
51
- return AAM_Backend_Subject::getInstance()->resetObject('logoutRedirect');
52
- }
53
-
54
- /**
55
- *
56
- * @return type
57
- */
58
- public function isDefault() {
59
- $subject = AAM_Backend_Subject::getInstance();
60
-
61
- return ($subject->getUID() === 'default');
62
- }
63
-
64
  /**
65
- * Check inheritance status
66
- *
67
- * Check if redirect settings are overwritten
68
- *
69
- * @return boolean
70
- *
71
- * @access protected
72
  */
73
- protected function isOverwritten() {
74
- $object = AAM_Backend_Subject::getInstance()->getObject('logoutRedirect');
75
-
76
- return $object->isOverwritten();
77
- }
78
-
79
  /**
80
- *
81
- * @param type $option
82
- * @return type
83
  */
84
- public function getOption($option, $default = null) {
85
- $object = AAM_Backend_Subject::getInstance()->getObject('logoutRedirect');
86
- $value = $object->get($option);
87
-
88
- return (!is_null($value) ? $value : $default);
89
- }
90
-
91
  /**
92
- * @inheritdoc
 
 
 
 
 
 
 
 
93
  */
94
- public static function getTemplate() {
95
- return 'main/logout-redirect.phtml';
 
 
 
 
96
  }
97
-
98
  /**
99
- * Register Contact/Hire feature
100
- *
101
  * @return void
102
- *
103
  * @access public
 
104
  */
105
- public static function register() {
 
106
  AAM_Backend_Feature::registerFeature((object) array(
107
  'uid' => 'logout_redirect',
108
  'position' => 41,
109
  'title' => __('Logout Redirect', AAM_KEY),
110
- 'capability' => 'aam_manage_logout_redirect',
111
  'type' => 'main',
112
  'subjects' => array(
113
- AAM_Core_Subject_Role::UID,
114
- AAM_Core_Subject_User::UID,
115
  AAM_Core_Subject_Default::UID
116
  ),
117
  'view' => __CLASS__
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
+ * Logout redirect service
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Main_LogoutRedirect
19
+ extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAware
20
+ {
21
+
 
 
 
 
 
 
 
 
 
 
22
  /**
23
+ * Default access capability to the service
24
  *
25
+ * @version 6.0.0
26
  */
27
+ const ACCESS_CAPABILITY = 'aam_manage_logout_redirect';
 
 
 
 
 
 
28
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
29
  /**
30
+ * Type of AAM core object
31
+ *
32
+ * @version 6.0.0
 
 
 
 
33
  */
34
+ const OBJECT_TYPE = AAM_Core_Object_LogoutRedirect::OBJECT_TYPE;
35
+
 
 
 
 
36
  /**
37
+ * HTML template to render
38
+ *
39
+ * @version 6.0.0
40
  */
41
+ const TEMPLATE = 'service/logout-redirect.php';
42
+
 
 
 
 
 
43
  /**
44
+ * Get option value
45
+ *
46
+ * @param string $name
47
+ * @param mixed $default
48
+ *
49
+ * @return mixed
50
+ *
51
+ * @access public
52
+ * @version 6.0.0
53
  */
54
+ public function getOption($name, $default = null)
55
+ {
56
+ $object = $this->getSubject()->getObject(self::OBJECT_TYPE);
57
+ $option = $object->getOption();
58
+
59
+ return (!empty($option[$name]) ? $option[$name] : $default);
60
  }
61
+
62
  /**
63
+ * Register logout redirect feature
64
+ *
65
  * @return void
66
+ *
67
  * @access public
68
+ * @version 6.0.0
69
  */
70
+ public static function register()
71
+ {
72
  AAM_Backend_Feature::registerFeature((object) array(
73
  'uid' => 'logout_redirect',
74
  'position' => 41,
75
  'title' => __('Logout Redirect', AAM_KEY),
76
+ 'capability' => self::ACCESS_CAPABILITY,
77
  'type' => 'main',
78
  'subjects' => array(
79
+ AAM_Core_Subject_Role::UID,
80
+ AAM_Core_Subject_User::UID,
81
  AAM_Core_Subject_Default::UID
82
  ),
83
  'view' => __CLASS__
application/Backend/Feature/Main/Menu.php CHANGED
@@ -5,153 +5,156 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Backend menu manager
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Main_Menu extends AAM_Backend_Feature_Abstract {
17
-
 
 
18
  /**
19
- * Construct
 
 
20
  */
21
- public function __construct() {
22
- parent::__construct();
23
-
24
- $allowed = AAM_Backend_Subject::getInstance()->isAllowedToManage();
25
- if (!$allowed || !current_user_can('aam_manage_admin_menu')) {
26
- AAM::api()->denyAccess(array('reason' => 'aam_manage_admin_menu'));
27
- }
28
- }
29
 
30
  /**
31
- * Undocumented function
32
  *
33
- * @return void
34
  */
35
- public function save() {
36
- $items = AAM_Core_Request::post('items', array());
37
- $status = AAM_Core_Request::post('status');
38
 
39
- $object = AAM_Backend_Subject::getInstance()->getObject('menu');
40
-
41
- foreach($items as $item) {
42
- $object->updateOptionItem($item, $status);
43
- }
44
-
45
- $object->save();
46
 
47
- return wp_json_encode(array('status' => 'success'));
48
- }
49
-
50
  /**
51
- *
52
- * @return type
 
 
 
 
53
  */
54
- public function reset() {
55
- return AAM_Backend_Subject::getInstance()->resetObject('menu');
 
 
 
 
 
 
 
 
 
 
 
 
 
56
  }
57
 
58
  /**
59
- * Get subject's menu
60
- *
61
  * Based on the list of capabilities that current subject has, prepare
62
  * complete menu list and return it.
63
- *
64
  * @return array
65
- *
66
  * @access public
67
- * @global array $menu
68
  */
69
- public function getMenu() {
70
- $menu = json_decode(base64_decode(AAM_Core_Request::post('menu')), 1);
71
-
72
  $response = array();
73
-
74
- //let's create menu list with submenus
75
- if (!empty($menu)) {
76
- $object = AAM_Backend_Subject::getInstance()->getObject('menu');
77
- foreach ($menu as $item) {
 
 
 
 
78
  if (preg_match('/^separator/', $item[2])) {
79
  continue; //skip separator
80
  }
81
 
82
- $submenu = $this->getSubmenu($item[2]);
83
-
84
- if ($this->isItemAllowed($item[1]) || count($submenu) > 0) {
85
- $menuItem = array(
86
- //add menu- prefix to define that this is the top level menu
87
- //WordPress by default gives the same menu id to the first
88
- //submenu
89
- 'id' => 'menu-' . $item[2],
90
- 'name' => $this->filterMenuName($item[0]),
91
- 'submenu' => $submenu,
92
- 'capability' => $item[1],
93
- 'crc32' => crc32('menu-' . $item[2]),
94
- );
95
- $menuItem['checked'] = $object->has($menuItem['id']) || $object->has($menuItem['crc32']);
96
- $response[] = $menuItem;
97
- }
98
  }
99
  }
100
 
101
  return $response;
102
  }
103
-
104
  /**
105
- *
106
- * @param array $menu
107
- * @return array
 
 
 
 
 
108
  */
109
- protected function normalizeItem($menu) {
 
110
  if (strpos($menu, 'customize.php') === 0) {
111
  $menu = 'customize.php';
112
  }
113
-
114
  return $menu;
115
  }
116
-
117
- /**
118
- * @inheritdoc
119
- */
120
- public static function getTemplate() {
121
- return 'main/menu.phtml';
122
- }
123
 
124
  /**
125
  * Prepare filtered submenu
126
- *
127
  * @param string $menu
128
- *
129
  * @return array
130
- *
131
  * @access protected
132
- * @global array $submenu
133
  */
134
- protected function getSubmenu($menu) {
135
- $submenu = json_decode(base64_decode(AAM_Core_Request::post('submenu')), 1);
136
- $object = AAM_Backend_Subject::getInstance()->getObject('menu');
137
-
138
- $response = array();
139
- $subject = AAM_Backend_Subject::getInstance();
140
- $isDefault = ($subject->getUID() === AAM_Core_Subject_Default::UID);
141
-
142
  if (array_key_exists($menu, $submenu) && is_array($submenu[$menu])) {
143
  foreach ($submenu[$menu] as $item) {
144
- if ($this->isItemAllowed($item[1]) || $isDefault) {
145
- $id = $this->normalizeItem($item[2]);
146
- $menuItem = array(
147
- 'id' => $id,
148
- 'name' => $this->filterMenuName($item[0]),
149
- 'capability' => $item[1],
150
- 'crc32' => crc32($id)
151
- );
152
- $menuItem['checked'] = $object->has($menuItem['id']) || $object->has($menuItem['crc32']);
153
- $response[] = $menuItem;
154
- }
155
  }
156
  }
157
 
@@ -159,94 +162,93 @@ class AAM_Backend_Feature_Main_Menu extends AAM_Backend_Feature_Abstract {
159
  }
160
 
161
  /**
162
- * Undocumented function
163
  *
164
- * @param [type] $cap
165
- * @return boolean
 
 
 
 
166
  */
167
- protected function isItemAllowed($cap) {
168
- $subject = AAM_Backend_Subject::getInstance();
169
- $exists = AAM_Core_API::capabilityExists($cap);
 
170
 
171
- return !$exists || $subject->hasCapability($cap);
172
  }
173
-
174
  /**
175
  * Filter menu name
176
- *
177
  * Strip any HTML tags from the menu name and also remove the trailing
178
  * numbers in case of Plugin or Comments menu name.
179
- *
180
  * @param string $name
181
- *
182
  * @return string
183
- *
184
  * @access protected
 
185
  */
186
- protected function filterMenuName($name) {
 
187
  $filtered = trim(wp_strip_all_tags(
188
- preg_replace('@<(span)[^>]*?>.*?</\\1>@si', '', $name),
189
  true
190
  ));
191
-
192
  return preg_replace('/([\d]+)$/', '', $filtered);
193
  }
194
 
195
  /**
196
- *
197
- * @param type $subs
 
 
198
  * @return boolean
 
 
 
199
  */
200
- protected function hasSubmenuChecked($subs) {
 
201
  $has = false;
202
-
203
  if (!empty($subs)) {
204
- foreach($subs as $submenu) {
205
  if ($submenu['checked']) {
206
  $has = true;
207
  break;
208
  }
209
  }
210
  }
211
-
212
  return $has;
213
  }
214
-
215
- /**
216
- * Check inheritance status
217
- *
218
- * Check if menu settings are overwritten
219
- *
220
- * @return boolean
221
- *
222
- * @access protected
223
- */
224
- protected function isOverwritten() {
225
- $object = AAM_Backend_Subject::getInstance()->getObject('menu');
226
-
227
- return $object->isOverwritten();
228
- }
229
 
230
  /**
231
- * Register Menu feature
232
- *
233
  * @return void
234
- *
235
  * @access public
 
236
  */
237
- public static function register() {
 
238
  AAM_Backend_Feature::registerFeature((object) array(
239
  'uid' => 'admin_menu',
240
  'position' => 5,
241
  'title' => __('Backend Menu', AAM_KEY),
242
- 'capability' => 'aam_manage_admin_menu',
243
  'type' => 'main',
244
  'subjects' => array(
245
- AAM_Core_Subject_Role::UID,
246
  AAM_Core_Subject_User::UID,
247
  AAM_Core_Subject_Default::UID
248
  ),
249
- 'option' => 'core.settings.backendAccessControl',
250
  'view' => __CLASS__
251
  ));
252
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Backend menu manager
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Main_Menu
19
+ extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAware
20
+ {
21
+
22
  /**
23
+ * Default access capability to the service
24
+ *
25
+ * @version 6.0.0
26
  */
27
+ const ACCESS_CAPABILITY = 'aam_manage_admin_menu';
 
 
 
 
 
 
 
28
 
29
  /**
30
+ * Type of AAM core object
31
  *
32
+ * @version 6.0.0
33
  */
34
+ const OBJECT_TYPE = AAM_Core_Object_Menu::OBJECT_TYPE;
 
 
35
 
36
+ /**
37
+ * HTML template to render
38
+ *
39
+ * @version 6.0.0
40
+ */
41
+ const TEMPLATE = 'service/menu.php';
 
42
 
 
 
 
43
  /**
44
+ * Save menu settings
45
+ *
46
+ * @return string
47
+ *
48
+ * @access public
49
+ * @version 6.0.0
50
  */
51
+ public function save()
52
+ {
53
+ $status = AAM_Core_Request::post('status');
54
+
55
+ $object = AAM_Backend_Subject::getInstance()->getObject(
56
+ self::OBJECT_TYPE, null, true
57
+ );
58
+
59
+ foreach (AAM_Core_Request::post('items', array()) as $item) {
60
+ $object->updateOptionItem($item, !empty($status));
61
+ }
62
+
63
+ $result = $object->save();
64
+
65
+ return wp_json_encode(array('status' => ($result ? 'success' : 'failure')));
66
  }
67
 
68
  /**
69
+ * Get admin menu
70
+ *
71
  * Based on the list of capabilities that current subject has, prepare
72
  * complete menu list and return it.
73
+ *
74
  * @return array
75
+ *
76
  * @access public
77
+ * @version 6.0.0
78
  */
79
+ public function getMenu()
80
+ {
 
81
  $response = array();
82
+
83
+ $cache = AAM_Service_AdminMenu::getInstance()->getMenuCache();
84
+ $subject = AAM_Backend_Subject::getInstance();
85
+
86
+ // Create menu list with submenus
87
+ if (!empty($cache)) {
88
+ $object = $subject->getObject(self::OBJECT_TYPE);
89
+
90
+ foreach ($cache['menu'] as $item) {
91
  if (preg_match('/^separator/', $item[2])) {
92
  continue; //skip separator
93
  }
94
 
95
+ $response[] = array(
96
+ // Add menu- prefix to define that this is the top level menu.
97
+ // WordPress by default gives the same menu id to the first
98
+ // submenu
99
+ 'id' => 'menu-' . $item[2],
100
+ 'uri' => $this->prepareAdminURI($item[2]),
101
+ 'name' => $this->filterMenuName($item[0]),
102
+ 'submenu' => $this->getSubmenu($item[2], $cache['submenu']),
103
+ 'capability' => $item[1],
104
+ 'checked' => $object->isRestricted('menu-' . $item[2])
105
+ );
 
 
 
 
 
106
  }
107
  }
108
 
109
  return $response;
110
  }
111
+
112
  /**
113
+ * Normalize menu item
114
+ *
115
+ * @param string $menu
116
+ *
117
+ * @return string
118
+ *
119
+ * @access protected
120
+ * @version 6.0.0
121
  */
122
+ protected function normalizeItem($menu)
123
+ {
124
  if (strpos($menu, 'customize.php') === 0) {
125
  $menu = 'customize.php';
126
  }
127
+
128
  return $menu;
129
  }
 
 
 
 
 
 
 
130
 
131
  /**
132
  * Prepare filtered submenu
133
+ *
134
  * @param string $menu
135
+ *
136
  * @return array
137
+ *
138
  * @access protected
139
+ * @version 6.0.0
140
  */
141
+ protected function getSubmenu($menu, $submenu)
142
+ {
143
+ $response = array();
144
+
145
+ $object = AAM_Backend_Subject::getInstance()->getObject(self::OBJECT_TYPE);
146
+
 
 
147
  if (array_key_exists($menu, $submenu) && is_array($submenu[$menu])) {
148
  foreach ($submenu[$menu] as $item) {
149
+ $id = $this->normalizeItem($item[2]);
150
+
151
+ $response[] = array(
152
+ 'id' => $id,
153
+ 'uri' => $this->prepareAdminURI($item[2]),
154
+ 'name' => $this->filterMenuName($item[0]),
155
+ 'capability' => $item[1],
156
+ 'checked' => $object->isRestricted($id)
157
+ );
 
 
158
  }
159
  }
160
 
162
  }
163
 
164
  /**
165
+ * Prepare admin URI for the menu item
166
  *
167
+ * @param string $resource
168
+ *
169
+ * @return string
170
+ *
171
+ * @access protected
172
+ * @version 6.0.0
173
  */
174
+ protected function prepareAdminURI($resource)
175
+ {
176
+ $hook = get_plugin_page_hook($resource, 'admin.php');
177
+ $uri = (!empty($hook) ? 'admin.php?page=' . $resource : $resource);
178
 
179
+ return '/wp-admin/' . $uri;
180
  }
181
+
182
  /**
183
  * Filter menu name
184
+ *
185
  * Strip any HTML tags from the menu name and also remove the trailing
186
  * numbers in case of Plugin or Comments menu name.
187
+ *
188
  * @param string $name
189
+ *
190
  * @return string
191
+ *
192
  * @access protected
193
+ * @version 6.0.0
194
  */
195
+ protected function filterMenuName($name)
196
+ {
197
  $filtered = trim(wp_strip_all_tags(
198
+ preg_replace('@<(span)[^>]*?>.*?</\\1>@si', '', $name),
199
  true
200
  ));
201
+
202
  return preg_replace('/([\d]+)$/', '', $filtered);
203
  }
204
 
205
  /**
206
+ * Check if there is at least one submenu restricted
207
+ *
208
+ * @param array $subs
209
+ *
210
  * @return boolean
211
+ *
212
+ * @access protected
213
+ * @version 6.0.0
214
  */
215
+ protected function hasSubmenuChecked($subs)
216
+ {
217
  $has = false;
218
+
219
  if (!empty($subs)) {
220
+ foreach ($subs as $submenu) {
221
  if ($submenu['checked']) {
222
  $has = true;
223
  break;
224
  }
225
  }
226
  }
227
+
228
  return $has;
229
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
230
 
231
  /**
232
+ * Register Admin Menu feature
233
+ *
234
  * @return void
235
+ *
236
  * @access public
237
+ * @version 6.0.0
238
  */
239
+ public static function register()
240
+ {
241
  AAM_Backend_Feature::registerFeature((object) array(
242
  'uid' => 'admin_menu',
243
  'position' => 5,
244
  'title' => __('Backend Menu', AAM_KEY),
245
+ 'capability' => self::ACCESS_CAPABILITY,
246
  'type' => 'main',
247
  'subjects' => array(
248
+ AAM_Core_Subject_Role::UID,
249
  AAM_Core_Subject_User::UID,
250
  AAM_Core_Subject_Default::UID
251
  ),
 
252
  'view' => __CLASS__
253
  ));
254
  }
application/Backend/Feature/Main/Metabox.php CHANGED
@@ -5,183 +5,203 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Backend metaboxes & widgets manager
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Main_Metabox extends AAM_Backend_Feature_Abstract {
 
 
17
 
18
  /**
19
- * Construct
 
 
20
  */
21
- public function __construct() {
22
- parent::__construct();
23
-
24
- $allowed = AAM_Backend_Subject::getInstance()->isAllowedToManage();
25
- if (!$allowed || !current_user_can('aam_manage_metaboxes')) {
26
- AAM::api()->denyAccess(array('reason' => 'aam_manage_metaboxes'));
27
- }
28
- }
29
-
30
  /**
31
- * Undocumented function
32
  *
33
- * @return void
34
  */
35
- public function save() {
36
- $items = AAM_Core_Request::post('items', array());
37
- $status = AAM_Core_Request::post('status');
38
 
39
- $object = AAM_Backend_Subject::getInstance()->getObject('metabox');
 
 
 
 
 
40
 
41
- foreach($items as $item) {
42
- $object->save($item, $status);
43
- }
44
-
45
- return wp_json_encode(array('status' => 'success'));
46
- }
47
-
48
  /**
49
- *
50
- * @return type
 
51
  */
52
- public function reset() {
53
- return AAM_Backend_Subject::getInstance()->resetObject('metabox');
54
- }
55
-
56
  /**
57
- * @inheritdoc
 
 
 
 
 
58
  */
59
- public static function getTemplate() {
60
- return 'main/metabox.phtml';
 
 
 
 
 
 
 
 
 
 
 
 
 
 
61
  }
62
-
63
  /**
64
- *
65
- * @global type $wp_post_types
66
- * @return type
 
 
 
 
 
 
67
  */
68
- public function prepareInitialization() {
 
69
  global $wp_post_types;
70
 
71
- AAM_Core_API::deleteOption('aam_metabox_cache');
72
-
73
- $endpoints = array();
74
-
75
- foreach (array_merge(array('widgets'), array_keys($wp_post_types)) as $type) {
76
- if ($type === 'widgets') {
77
- $endpoints[] = add_query_arg('init', 'metabox', admin_url('index.php'));
78
- } elseif ($wp_post_types[$type]->show_ui) {
 
 
 
79
  $endpoints[] = add_query_arg(
80
  'init', 'metabox', admin_url('post-new.php?post_type=' . $type)
81
  );
82
  }
83
  }
84
-
85
  return wp_json_encode(
86
- array(
87
- 'status' => 'success',
88
- 'endpoints' => $endpoints
89
- )
90
  );
91
  }
92
-
93
  /**
94
  * Initialize metabox list
95
- *
96
  * @param string $post_type
97
- *
98
  * @return void
99
- *
100
  * @access public
 
101
  */
102
- public function initialize($post_type) {
 
103
  $cache = $this->getMetaboxList();
104
-
105
  if ($post_type === 'dashboard') {
106
  $this->collectWidgets($cache);
107
  } else {
108
  $this->collectMetaboxes($post_type, $cache);
109
  }
110
-
111
- AAM_Core_API::updateOption('aam_metabox_cache', $cache);
112
  }
113
 
114
  /**
115
  * Collect dashboard widgets
116
- *
117
  * @global type $wp_registered_widgets
118
- *
119
  * @return void
120
- *
121
  * @access protected
 
122
  */
123
- protected function collectWidgets(&$cache) {
 
124
  global $wp_registered_widgets;
125
 
126
  if (!isset($cache['widgets'])) {
127
  $cache['widgets'] = array();
128
  }
129
 
130
- //get frontend widgets
131
- if (is_array($wp_registered_widgets)) {
132
- foreach ($wp_registered_widgets as $data) {
133
- if (is_object($data['callback'][0])) {
134
- $callback = get_class($data['callback'][0]);
135
- } elseif (is_string($data['callback'][0])) {
136
- $callback = $data['callback'][0];
137
- } else {
138
- $callback = isset($data['classname']) ? $data['classname'] : null;
139
- }
140
 
141
- if (!is_null($callback)) { //exclude any junk
142
- $cache['widgets'][$callback] = array(
143
- 'title' => wp_strip_all_tags($data['name']),
144
- 'id' => $callback
145
- );
146
- }
147
  }
148
  }
149
 
150
- //now collect Admin Dashboard Widgets
151
  $this->collectMetaboxes('dashboard', $cache);
152
  }
153
-
154
  /**
155
  * Collect metaboxes
156
- *
157
  * @param type $post_type
158
  * @param type $cache
159
- *
160
  * @return void
161
- *
162
  * @access protected
163
  * @global array $wp_meta_boxes
 
164
  */
165
- protected function collectMetaboxes($post_type, &$cache) {
 
166
  global $wp_meta_boxes;
167
 
168
  if (!isset($cache[$post_type])) {
169
  $cache[$post_type] = array();
170
  }
171
-
172
- if (isset($wp_meta_boxes[$post_type]) && is_array($wp_meta_boxes[$post_type])) {
173
- foreach ($wp_meta_boxes[$post_type] as $levels) {
174
- if (is_array($levels)) {
175
- foreach ($levels as $boxes) {
176
- if (is_array($boxes)) {
177
- foreach ($boxes as $data) {
178
- if (trim($data['id'])) { //exclude any junk
179
- $cache[$post_type][$data['id']] = array(
180
- 'id' => $data['id'],
181
- 'title' => wp_strip_all_tags($data['title'])
182
- );
183
- }
184
- }
185
  }
186
  }
187
  }
@@ -190,17 +210,21 @@ class AAM_Backend_Feature_Main_Metabox extends AAM_Backend_Feature_Abstract {
190
  }
191
 
192
  /**
193
- *
194
- * @return type
 
 
 
 
195
  */
196
- public function getMetaboxList() {
 
197
  global $wp_post_types;
198
-
199
- $cache = AAM_Core_API::getOption('aam_metabox_cache', array());
200
- $subject = AAM_Backend_Subject::getInstance();
201
-
202
- //if visitor, return only frontend widgets
203
- if ($subject->getUID() === AAM_Core_Subject_Visitor::UID) {
204
  if (!empty($cache['widgets'])) {
205
  $response = array('widgets' => $cache['widgets']);
206
  } else {
@@ -209,41 +233,35 @@ class AAM_Backend_Feature_Main_Metabox extends AAM_Backend_Feature_Abstract {
209
  } else {
210
  $response = $cache;
211
  }
212
-
213
- //filter non-existing metaboxes
214
- foreach(array_keys($response) as $id) {
215
- if (!in_array($id, array('dashboard', 'widgets'), true)
216
- && empty($wp_post_types[$id])) {
 
 
217
  unset($response[$id]);
218
  }
219
  }
220
-
221
  return $response;
222
  }
223
-
224
- /**
225
- *
226
- * @return type
227
- */
228
- protected function isOverwritten() {
229
- $object = AAM_Backend_Subject::getInstance()->getObject('metabox');
230
-
231
- return $object->isOverwritten();
232
- }
233
 
234
  /**
235
- * Register metabox feature
236
- *
237
  * @return void
238
- *
239
  * @access public
 
240
  */
241
- public static function register() {
242
- AAM_Backend_Feature::registerFeature((object) array(
 
243
  'uid' => 'metabox',
244
  'position' => 10,
245
  'title' => __('Metaboxes & Widgets', AAM_KEY),
246
- 'capability' => 'aam_manage_metaboxes',
247
  'type' => 'main',
248
  'subjects' => array(
249
  AAM_Core_Subject_Role::UID,
@@ -251,7 +269,6 @@ class AAM_Backend_Feature_Main_Metabox extends AAM_Backend_Feature_Abstract {
251
  AAM_Core_Subject_Visitor::UID,
252
  AAM_Core_Subject_Default::UID
253
  ),
254
- 'option' => 'core.settings.backendAccessControl',
255
  'view' => __CLASS__
256
  ));
257
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Backend metaboxes & widgets manager
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Main_Metabox
19
+ extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAware
20
+ {
21
 
22
  /**
23
+ * DB cache option
24
+ *
25
+ * @version 6.0.0
26
  */
27
+ const DB_CACHE_OPTION = 'aam_metabox_cache';
28
+
 
 
 
 
 
 
 
29
  /**
30
+ * Default access capability to the service
31
  *
32
+ * @version 6.0.0
33
  */
34
+ const ACCESS_CAPABILITY = 'aam_manage_metaboxes';
 
 
35
 
36
+ /**
37
+ * Type of AAM core object
38
+ *
39
+ * @version 6.0.0
40
+ */
41
+ const OBJECT_TYPE = AAM_Core_Object_Metabox::OBJECT_TYPE;
42
 
 
 
 
 
 
 
 
43
  /**
44
+ * HTML template to render
45
+ *
46
+ * @version 6.0.0
47
  */
48
+ const TEMPLATE = 'service/metabox.php';
49
+
 
 
50
  /**
51
+ * Save metabox access settings
52
+ *
53
+ * @return string
54
+ *
55
+ * @access public
56
+ * @version 6.0.0
57
  */
58
+ public function save()
59
+ {
60
+ $items = AAM_Core_Request::post('items', array());
61
+ $status = AAM_Core_Request::post('status');
62
+
63
+ $object = AAM_Backend_Subject::getInstance()->getObject(
64
+ self::OBJECT_TYPE, null, true
65
+ );
66
+
67
+ foreach ($items as $item) {
68
+ $object->updateOptionItem($item, $status);
69
+ }
70
+
71
+ return wp_json_encode(
72
+ array('status' => ($object->save() ? 'success' : 'failure'))
73
+ );
74
  }
75
+
76
  /**
77
+ * Prepare the Metabox & Widgets initialization process
78
+ *
79
+ * This method is invoked when user clicks "Refresh" button on the AAM UI
80
+ *
81
+ * @return string
82
+ *
83
+ * @access public
84
+ * @global array $wp_post_types
85
+ * @version 6.0.0
86
  */
87
+ public function prepareInitialization()
88
+ {
89
  global $wp_post_types;
90
 
91
+ AAM_Core_API::deleteOption(self::DB_CACHE_OPTION);
92
+
93
+ $endpoints = array(add_query_arg(
94
+ 'init', 'metabox', admin_url('index.php')
95
+ ));
96
+
97
+ foreach (array_keys($wp_post_types) as $type) {
98
+ $isVisible = $wp_post_types[$type]->show_ui;
99
+ $isClassic = empty($wp_post_types[$type]->show_in_rest);
100
+
101
+ if ($isVisible && $isClassic) {
102
  $endpoints[] = add_query_arg(
103
  'init', 'metabox', admin_url('post-new.php?post_type=' . $type)
104
  );
105
  }
106
  }
107
+
108
  return wp_json_encode(
109
+ array('status' => 'success', 'endpoints' => $endpoints)
 
 
 
110
  );
111
  }
112
+
113
  /**
114
  * Initialize metabox list
115
+ *
116
  * @param string $post_type
117
+ *
118
  * @return void
119
+ *
120
  * @access public
121
+ * @version 6.0.0
122
  */
123
+ public function initialize($post_type)
124
+ {
125
  $cache = $this->getMetaboxList();
126
+
127
  if ($post_type === 'dashboard') {
128
  $this->collectWidgets($cache);
129
  } else {
130
  $this->collectMetaboxes($post_type, $cache);
131
  }
132
+
133
+ AAM_Core_API::updateOption(self::DB_CACHE_OPTION, $cache);
134
  }
135
 
136
  /**
137
  * Collect dashboard widgets
138
+ *
139
  * @global type $wp_registered_widgets
140
+ *
141
  * @return void
142
+ *
143
  * @access protected
144
+ * @version 6.0.0
145
  */
146
+ protected function collectWidgets(&$cache)
147
+ {
148
  global $wp_registered_widgets;
149
 
150
  if (!isset($cache['widgets'])) {
151
  $cache['widgets'] = array();
152
  }
153
 
154
+ // Get frontend widgets
155
+ foreach ((array)$wp_registered_widgets as $data) {
156
+ if (is_object($data['callback'][0])) {
157
+ $callback = get_class($data['callback'][0]);
158
+ } elseif (is_string($data['callback'][0])) {
159
+ $callback = $data['callback'][0];
160
+ } else {
161
+ $callback = isset($data['classname']) ? $data['classname'] : null;
162
+ }
 
163
 
164
+ if (!is_null($callback)) { //exclude any junk
165
+ $cache['widgets'][$callback] = array(
166
+ 'title' => wp_strip_all_tags($data['name']),
167
+ 'id' => $callback
168
+ );
 
169
  }
170
  }
171
 
172
+ // Now collect Admin Dashboard Widgets
173
  $this->collectMetaboxes('dashboard', $cache);
174
  }
175
+
176
  /**
177
  * Collect metaboxes
178
+ *
179
  * @param type $post_type
180
  * @param type $cache
181
+ *
182
  * @return void
183
+ *
184
  * @access protected
185
  * @global array $wp_meta_boxes
186
+ * @version 6.0.0
187
  */
188
+ protected function collectMetaboxes($post_type, &$cache)
189
+ {
190
  global $wp_meta_boxes;
191
 
192
  if (!isset($cache[$post_type])) {
193
  $cache[$post_type] = array();
194
  }
195
+
196
+ if (isset($wp_meta_boxes[$post_type])) {
197
+ foreach ((array) $wp_meta_boxes[$post_type] as $levels) {
198
+ foreach ((array) $levels as $boxes) {
199
+ foreach ((array) $boxes as $data) {
200
+ if (trim($data['id'])) { //exclude any junk
201
+ $cache[$post_type][$data['id']] = array(
202
+ 'id' => $data['id'],
203
+ 'title' => wp_strip_all_tags($data['title'])
204
+ );
 
 
 
 
205
  }
206
  }
207
  }
210
  }
211
 
212
  /**
213
+ * Get list of metaboxes & widgets
214
+ *
215
+ * @return array
216
+ *
217
+ * @access public
218
+ * @version 6.0.0
219
  */
220
+ public function getMetaboxList()
221
+ {
222
  global $wp_post_types;
223
+
224
+ $cache = AAM_Core_API::getOption(self::DB_CACHE_OPTION, array());
225
+
226
+ // If visitor, return only frontend widgets
227
+ if (AAM_Backend_Subject::getInstance()->isVisitor()) {
 
228
  if (!empty($cache['widgets'])) {
229
  $response = array('widgets' => $cache['widgets']);
230
  } else {
233
  } else {
234
  $response = $cache;
235
  }
236
+
237
+ // Filter non-existing metaboxes
238
+ foreach (array_keys($response) as $id) {
239
+ if (
240
+ !in_array($id, array('dashboard', 'widgets'), true)
241
+ && empty($wp_post_types[$id])
242
+ ) {
243
  unset($response[$id]);
244
  }
245
  }
246
+
247
  return $response;
248
  }
 
 
 
 
 
 
 
 
 
 
249
 
250
  /**
251
+ * Register metabox service UI
252
+ *
253
  * @return void
254
+ *
255
  * @access public
256
+ * @version 6.0.0
257
  */
258
+ public static function register()
259
+ {
260
+ AAM_Backend_Feature::registerFeature((object)array(
261
  'uid' => 'metabox',
262
  'position' => 10,
263
  'title' => __('Metaboxes & Widgets', AAM_KEY),
264
+ 'capability' => self::ACCESS_CAPABILITY,
265
  'type' => 'main',
266
  'subjects' => array(
267
  AAM_Core_Subject_Role::UID,
269
  AAM_Core_Subject_Visitor::UID,
270
  AAM_Core_Subject_Default::UID
271
  ),
 
272
  'view' => __CLASS__
273
  ));
274
  }
application/Backend/Feature/Main/Policy.php CHANGED
@@ -5,220 +5,310 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
- * WordPress API manager
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Main_Policy extends AAM_Backend_Feature_Abstract {
17
-
 
 
 
 
18
  /**
19
- * Construct
 
 
20
  */
21
- public function __construct() {
22
- parent::__construct();
23
-
24
- $allowed = AAM_Backend_Subject::getInstance()->isAllowedToManage();
25
- if (!$allowed || !current_user_can('aam_manage_policy')) {
26
- AAM::api()->denyAccess(array('reason' => 'aam_manage_policy'));
27
- }
28
- }
29
 
30
  /**
31
- *
32
- * @return type
 
33
  */
34
- public function getTable() {
35
- return wp_json_encode($this->retrievePolicies());
36
- }
37
-
38
  /**
39
- * Install policy
40
- *
41
- * @return string
42
- *
 
 
 
 
 
 
 
43
  * @access public
44
- * @since v5.7.3
45
  */
46
- public function install() {
47
- $package = (object) AAM_Core_Request::post('package');
48
-
49
- if (!empty($package->content)) {
50
- $json = base64_decode($package->content);
51
-
52
- $result = wp_insert_post(array(
53
- 'post_author' => get_current_user_id(),
54
- 'post_content' => $json,
55
- 'post_title' => $package->title,
56
- 'post_excerpt' => $package->description,
57
- 'post_status' => 'publish',
58
- 'post_type' => 'aam_policy'
59
- ));
60
-
61
- if (!is_wp_error($result)) {
62
- $response = array('status' => 'success');
63
- } else {
64
- $response = array(
65
- 'status' => 'failure', 'reason' => $result->get_error_message()
66
  );
67
  }
68
- } else {
69
- $response = array(
70
- 'status' => 'failure',
71
- 'reason' => __('Failed to fetch policy. Please try again.', AAM_KEY)
72
- );
73
- }
74
-
75
- return wp_json_encode($response);
 
 
 
 
 
 
 
 
 
76
  }
77
 
78
  /**
79
- * Save post properties
80
- *
 
 
 
 
81
  * @return string
82
- *
83
  * @access public
 
84
  */
85
- public function save() {
86
- $subject = AAM_Backend_Subject::getInstance();
87
- $id = AAM_Core_Request::post('id');
88
- $effect = AAM_Core_Request::post('effect');
89
-
90
- $action = (!empty($effect) ? 'attach' : 'detach');
91
-
92
- // Verify that current user can perform following action
93
- if (AAM_Core_Policy_Factory::get()->canTogglePolicy($id, $action)) {
94
- $result = $subject->save($id, $effect, 'policy');
95
- } else {
96
- $result = false;
97
  }
98
 
99
- return wp_json_encode(array(
100
- 'status' => ($result ? 'success' : 'failure')
101
- ));
102
- }
103
-
104
- /**
105
- *
106
- * @return type
107
- */
108
- public function reset() {
109
- return AAM_Backend_Subject::getInstance()->resetObject('policy');
110
  }
111
-
112
  /**
113
- * @inheritdoc
 
 
 
 
 
 
 
 
114
  */
115
- public static function getTemplate() {
116
- return 'main/policy.phtml';
 
 
 
 
 
 
 
 
 
117
  }
118
-
119
  /**
120
- * Check inheritance status
121
- *
122
- * Check if menu settings are overwritten
123
- *
124
- * @return boolean
125
- *
126
- * @access protected
 
 
127
  */
128
- protected function isOverwritten() {
129
- $object = AAM_Backend_Subject::getInstance()->getObject('policy');
130
-
131
- return $object->isOverwritten();
 
 
 
 
 
132
  }
133
-
134
  /**
135
- *
136
- * @return type
 
 
 
 
137
  */
138
- protected function retrievePolicies() {
 
139
  $list = get_posts(array(
140
- 'post_type' => 'aam_policy',
141
  'numberposts' => -1,
142
  'post_status' => 'publish'
143
  ));
144
-
145
  $response = array(
146
  'recordsTotal' => count($list),
147
  'recordsFiltered' => count($list),
148
- 'draw' => AAM_Core_Request::request('draw'),
149
  'data' => array(),
150
  );
151
-
152
- foreach($list as $record) {
153
  $policy = json_decode($record->post_content);
154
-
155
  if ($policy) {
156
  $response['data'][] = array(
157
  $record->ID,
158
- $this->buildTitle($record),
159
- $this->buildActionList($record),
160
  get_edit_post_link($record->ID, 'link')
161
  );
162
  }
163
  }
164
-
165
- return $response;
166
  }
167
-
168
  /**
169
- *
170
- * @param type $record
 
 
171
  * @return string
 
 
 
172
  */
173
- protected function buildTitle($record) {
174
- $title = (!empty($record->post_title) ? $record->post_title : __('(no title)'));
 
 
 
 
 
 
175
  $title .= '<br/>';
176
-
177
  if (isset($record->post_excerpt)) {
178
  $title .= '<small>' . esc_js($record->post_excerpt) . '</small>';
179
  }
180
-
181
  return $title;
182
  }
183
-
184
  /**
185
- *
186
- * @param type $record
187
- * @return type
 
 
 
 
 
188
  */
189
- protected function buildActionList($record) {
190
- //'assign,edit,clone,delete'
191
  $subject = AAM_Backend_Subject::getInstance();
192
- $policy = $subject->getObject('policy');
193
- $post = $subject->getObject('post', $record->ID);
194
-
195
- $action = $policy->has($record->ID) ? 'detach' : 'attach';
196
- $prefix = AAM_Core_Policy_Factory::get()->canTogglePolicy($record->ID, $action) ? '' : 'no-';
197
-
198
  $actions = array(
199
- $policy->has($record->ID) ? "{$prefix}detach" : "{$prefix}attach",
200
- $post->has('backend.edit') ? 'no-edit' : 'edit'
201
  );
202
-
203
  return implode(',', $actions);
204
  }
205
 
206
  /**
207
- * Register Menu feature
208
- *
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
209
  * @return void
210
- *
211
  * @access public
 
212
  */
213
- public static function register() {
 
214
  AAM_Backend_Feature::registerFeature((object) array(
215
  'uid' => 'policy',
216
  'position' => 2,
217
- 'title' => __('Access Policies', AAM_KEY) . '<span class="badge">NEW</span>',
218
- 'capability' => 'aam_manage_policy',
219
  'type' => 'main',
220
  'subjects' => array(
221
- AAM_Core_Subject_Role::UID,
222
  AAM_Core_Subject_User::UID,
223
  AAM_Core_Subject_Visitor::UID,
224
  AAM_Core_Subject_Default::UID
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
+ * Access Policy UI manager
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Main_Policy
19
+ extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAware
20
+ {
21
+
22
+ use AAM_Core_Contract_RequestTrait;
23
+
24
  /**
25
+ * Default access capability to the feature
26
+ *
27
+ * @version 6.0.0
28
  */
29
+ const ACCESS_CAPABILITY = 'aam_manage_policy';
 
 
 
 
 
 
 
30
 
31
  /**
32
+ * Type of AAM core object
33
+ *
34
+ * @version 6.0.0
35
  */
36
+ const OBJECT_TYPE = AAM_Core_Object_Policy::OBJECT_TYPE;
37
+
 
 
38
  /**
39
+ * HTML template to render
40
+ *
41
+ * @version 6.0.0
42
+ */
43
+ const TEMPLATE = 'service/policy.php';
44
+
45
+ /**
46
+ * Constructor
47
+ *
48
+ * @return void
49
+ *
50
  * @access public
51
+ * @version 6.0.0
52
  */
53
+ public function __construct()
54
+ {
55
+ add_filter('aam_iframe_content_filter', array($this, 'renderPrincipalIframe'), 1, 3);
56
+ add_filter('aam_role_row_actions_filter', array($this, 'renderRoleActions'), 1, 2);
57
+ add_filter('aam_user_row_actions_filter', array($this, 'renderUserActions'), 1, 2);
58
+
59
+ add_filter('aam_visitor_subject_tab_filter', function ($content, $params) {
60
+ global $post;
61
+
62
+ if (is_a($post, 'WP_Post')
63
+ && ($post->post_type === AAM_Service_AccessPolicy::POLICY_CPT)) {
64
+ $content = AAM_Backend_View::getInstance()->loadPartial(
65
+ 'visitor-principal-subject-tab',
66
+ $params
 
 
 
 
 
 
67
  );
68
  }
69
+
70
+ return $content;
71
+ }, 10, 2);
72
+
73
+ add_filter('aam_default_subject_tab_filter', function ($content, $params) {
74
+ global $post;
75
+
76
+ if (is_a($post, 'WP_Post')
77
+ && ($post->post_type === AAM_Service_AccessPolicy::POLICY_CPT)) {
78
+ $content = AAM_Backend_View::getInstance()->loadPartial(
79
+ 'default-principal-subject-tab',
80
+ $params
81
+ );
82
+ }
83
+
84
+ return $content;
85
+ }, 10, 2);
86
  }
87
 
88
  /**
89
+ * Render access policy principal metabox
90
+ *
91
+ * @param null|string $content
92
+ * @param string $type
93
+ * @param AAM_Backend_View $view
94
+ *
95
  * @return string
96
+ *
97
  * @access public
98
+ * @version 6.0.0
99
  */
100
+ public function renderPrincipalIframe($content, $type, $view)
101
+ {
102
+ if ($type === 'principal') {
103
+ $content = $view->loadTemplate(
104
+ dirname(__DIR__) . '/../tmpl/metabox/principal-iframe.php',
105
+ (object) array(
106
+ 'policyId' => $this->getFromQuery('id', FILTER_VALIDATE_INT)
107
+ )
108
+ );
 
 
 
109
  }
110
 
111
+ return $content;
 
 
 
 
 
 
 
 
 
 
112
  }
113
+
114
  /**
115
+ * Render role actions
116
+ *
117
+ * @param array $actions
118
+ * @param string $id
119
+ *
120
+ * @return array
121
+ *
122
+ * @access public
123
+ * @version 6.0.0
124
  */
125
+ public function renderRoleActions($actions, $id)
126
+ {
127
+ if ($this->getFromPost('ui') === 'principal') {
128
+ $object = AAM::api()->getRole($id)->getObject(
129
+ AAM_Core_Object_Policy::OBJECT_TYPE
130
+ );
131
+ $policyId = $this->getFromPost('policyId', FILTER_VALIDATE_INT);
132
+ $actions = array($object->has($policyId) ? 'detach' : 'attach');
133
+ }
134
+
135
+ return $actions;
136
  }
137
+
138
  /**
139
+ * Render user actions
140
+ *
141
+ * @param array $actions
142
+ * @param AAM_Core_Subject_User $user
143
+ *
144
+ * @return array
145
+ *
146
+ * @access public
147
+ * @version 6.0.0
148
  */
149
+ public function renderUserActions($actions, $user)
150
+ {
151
+ if ($this->getFromPost('ui') === 'principal') {
152
+ $object = $user->getObject(AAM_Core_Object_Policy::OBJECT_TYPE);
153
+ $policyId = $this->getFromPost('policyId', FILTER_VALIDATE_INT);
154
+ $actions = array($object->has($policyId) ? 'detach' : 'attach');
155
+ }
156
+
157
+ return $actions;
158
  }
159
+
160
  /**
161
+ * Get list of access policies
162
+ *
163
+ * @return string
164
+ *
165
+ * @access public
166
+ * @version 6.0.0
167
  */
168
+ public function getTable()
169
+ {
170
  $list = get_posts(array(
171
+ 'post_type' => AAM_Service_AccessPolicy::POLICY_CPT,
172
  'numberposts' => -1,
173
  'post_status' => 'publish'
174
  ));
175
+
176
  $response = array(
177
  'recordsTotal' => count($list),
178
  'recordsFiltered' => count($list),
179
+ 'draw' => $this->getFromRequest('draw'),
180
  'data' => array(),
181
  );
182
+
183
+ foreach ($list as $record) {
184
  $policy = json_decode($record->post_content);
185
+
186
  if ($policy) {
187
  $response['data'][] = array(
188
  $record->ID,
189
+ $this->preparePolicyTitle($record),
190
+ $this->preparePolicyActionList($record),
191
  get_edit_post_link($record->ID, 'link')
192
  );
193
  }
194
  }
195
+
196
+ return wp_json_encode($response);
197
  }
198
+
199
  /**
200
+ * Prepare policy title
201
+ *
202
+ * @param WP_Post $record
203
+ *
204
  * @return string
205
+ *
206
+ * @access protected
207
+ * @version 6.0.0
208
  */
209
+ protected function preparePolicyTitle($record)
210
+ {
211
+ if (!empty($record->post_title)) {
212
+ $title = $record->post_title;
213
+ } else {
214
+ $title = __('(no title)', AAM_KEY);
215
+ }
216
+
217
  $title .= '<br/>';
218
+
219
  if (isset($record->post_excerpt)) {
220
  $title .= '<small>' . esc_js($record->post_excerpt) . '</small>';
221
  }
222
+
223
  return $title;
224
  }
225
+
226
  /**
227
+ * Prepare the list of policy actions
228
+ *
229
+ * @param WP_Post $record
230
+ *
231
+ * @return string
232
+ *
233
+ * @access protected
234
+ * @version 6.0.0
235
  */
236
+ protected function preparePolicyActionList($record)
237
+ {
238
  $subject = AAM_Backend_Subject::getInstance();
239
+
240
+ $policy = $subject->getObject(AAM_Core_Object_Policy::OBJECT_TYPE);
241
+ $post = $subject->getObject(AAM_Core_Object_Post::OBJECT_TYPE, $record->ID);
242
+
 
 
243
  $actions = array(
244
+ $policy->has($record->ID) ? "detach" : "attach",
245
+ $post->isAllowedTo('edit') ? 'edit' : 'no-edit'
246
  );
247
+
248
  return implode(',', $actions);
249
  }
250
 
251
  /**
252
+ * Save access policy effect
253
+ *
254
+ * @return string
255
+ *
256
+ * @access public
257
+ * @version 6.0.0
258
+ */
259
+ public function save()
260
+ {
261
+ $subject = AAM_Backend_Subject::getInstance();
262
+
263
+ $id = $this->getFromPost('id');
264
+ $effect = $this->getFromPost('effect', FILTER_VALIDATE_BOOLEAN);
265
+
266
+ // Verify that current user can perform following action
267
+ if (current_user_can('read_post', $id)) {
268
+ $object = $subject->getObject(self::OBJECT_TYPE, null, true);
269
+ $result = $object->updateOptionItem($id, $effect)->save();
270
+ } else {
271
+ $result = false;
272
+ }
273
+
274
+ return wp_json_encode(array(
275
+ 'status' => ($result ? 'success' : 'failure')
276
+ ));
277
+ }
278
+
279
+ /**
280
+ * Get default Access Policy
281
+ *
282
+ * @global string $wp_version
283
+ *
284
+ * @return string
285
+ *
286
+ * @access public
287
+ * @version 6.0.0
288
+ */
289
+ public static function getDefaultPolicy()
290
+ {
291
+ return include dirname(__DIR__) . '/../tmpl/policy/default-policy.php';
292
+ }
293
+
294
+ /**
295
+ * Register Access Policy UI feature
296
+ *
297
  * @return void
298
+ *
299
  * @access public
300
+ * @version 6.0.0
301
  */
302
+ public static function register()
303
+ {
304
  AAM_Backend_Feature::registerFeature((object) array(
305
  'uid' => 'policy',
306
  'position' => 2,
307
+ 'title' => __('Access Policies', AAM_KEY),
308
+ 'capability' => self::ACCESS_CAPABILITY,
309
  'type' => 'main',
310
  'subjects' => array(
311
+ AAM_Core_Subject_Role::UID,
312
  AAM_Core_Subject_User::UID,
313
  AAM_Core_Subject_Visitor::UID,
314
  AAM_Core_Subject_Default::UID
application/Backend/Feature/Main/Post.php CHANGED
@@ -5,169 +5,686 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
- * Backend posts & pages manager
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
17
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
18
  /**
19
- * Construct
 
 
 
 
 
 
 
20
  */
21
- public function __construct() {
22
- parent::__construct();
23
-
24
- $allowed = AAM_Backend_Subject::getInstance()->isAllowedToManage();
25
- if (!$allowed || !current_user_can('aam_manage_posts')) {
26
- AAM::api()->denyAccess(array('reason' => 'aam_manage_posts'));
27
  }
 
 
28
  }
29
-
30
  /**
31
- * Get list for the table
32
- *
 
 
33
  * @return string
34
- *
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
35
  * @access public
 
36
  */
37
- public function getTable() {
38
- $type = trim(AAM_Core_Request::request('type'));
 
 
 
 
39
 
40
- if (empty($type)) {
41
- $response = $this->retrieveTypeList();
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
42
  } else {
43
- $response = $this->retrieveTypeContent($type);
 
 
44
  }
45
 
46
- return $this->wrapTable($response);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
47
  }
48
-
49
  /**
50
- * Retrieve list of registered post types
51
- *
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
52
  * @return array
53
- *
54
  * @access protected
 
55
  */
56
- protected function retrieveTypeList() {
57
- $list = $this->prepareTypeList();
 
58
  $response = array(
59
- 'data' => array(),
60
- 'recordsTotal' => $list->total,
61
  'recordsFiltered' => $list->filtered
62
  );
63
-
64
  foreach ($list->records as $type) {
65
- $response['data'][] = array(
66
- $type->name,
67
- null,
68
- 'type',
69
- $type->labels->name,
70
- 'drilldown,manage',
71
- null,
72
- apply_filters(
73
- 'aam-type-override-status',
74
- false,
75
- $type->name,
76
- AAM_Backend_Subject::getInstance()
77
- )
78
- );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
79
  }
80
-
81
  return $response;
82
  }
83
-
84
  /**
85
- *
86
- * @return type
 
 
 
 
87
  */
88
- protected function prepareTypeList() {
89
- $list = get_post_types(array(), 'objects');
 
 
 
 
 
 
90
  $filtered = array();
91
-
92
- //filters
93
  $s = AAM_Core_Request::post('search.value');
94
  $length = AAM_Core_Request::post('length');
95
  $start = AAM_Core_Request::post('start');
96
- $all = AAM_Core_Config::get('core.settings.manageHiddenPostTypes', false);
97
-
98
- foreach (get_post_types(array(), 'objects') as $type) {
99
- if (($all || $type->show_ui)
100
- && (empty($s) || stripos($type->labels->name, $s) !== false)) {
101
- $filtered[$type->label] = $type;
102
  }
103
  }
104
-
105
  $this->getOrderDirection() === 'ASC' ? ksort($filtered) : krsort($filtered);
106
-
107
  return (object) array(
108
  'total' => count($list),
109
  'filtered' => count($filtered),
110
  'records' => array_slice($filtered, $start, $length)
111
  );
112
  }
113
-
114
  /**
115
- *
116
- * @return type
 
 
 
 
 
 
117
  */
118
- protected function getOrderDirection() {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
119
  $dir = 'asc';
120
  $order = AAM_Core_Request::post('order.0');
121
-
122
  if (!empty($order['column']) && ($order['column'] === '3')) {
123
  $dir = !empty($order['dir']) ? $order['dir'] : 'asc';
124
  }
125
-
126
  return strtoupper($dir);
127
  }
128
 
129
  /**
130
- * Get post type children
131
- *
132
  * Retrieve list of all posts and terms that belong to specified post type
133
- *
134
  * @param string $type
135
- *
136
  * @return array
137
- *
138
  * @access protected
 
139
  */
140
- protected function retrieveTypeContent($type) {
141
- $list = $this->prepareContentList($type);
142
- $subject = AAM_Backend_Subject::getInstance();
 
143
  $response = array(
144
- 'data' => array(),
145
- 'recordsTotal' => $list->total,
146
  'recordsFiltered' => $list->filtered
147
  );
148
-
149
- foreach($list->records as $record) {
150
- if (isset($record->ID)) { //this is post
151
  $link = get_edit_post_link($record->ID, 'link');
152
-
153
  $parent = '';
154
-
155
  if (!empty($record->post_parent)) {
156
  $p = get_post($record->post_parent);
157
  $parent = (is_a($p, 'WP_Post') ? $p->post_title : '');
158
  }
159
-
160
  if (empty($parent)) {
161
  $taxonomies = get_object_taxonomies($record);
162
 
163
  if (!empty($taxonomies)) {
164
  $terms = wp_get_object_terms(
165
- $record->ID, $taxonomies, array('fields' => 'names')
 
 
166
  );
167
  $parent = implode(', ', $terms);
168
  }
169
  }
170
-
171
  $response['data'][] = array(
172
  $record->ID,
173
  $link,
@@ -175,37 +692,70 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
175
  get_the_title($record),
176
  'manage' . ($link ? ',edit' : ',no-edit'),
177
  $parent,
178
- $subject->getObject('post', $record->ID)->isOverwritten()
179
- );
180
- } else { //term
181
- $response['data'][] = array(
182
- $record->term_id . '|' . $record->taxonomy . '|' . $type,
183
- get_edit_term_link($record->term_id, $record->taxonomy),
184
- (is_taxonomy_hierarchical($record->taxonomy) ? 'cat' : 'tag'),
185
- $record->name,
186
- implode(',', apply_filters('aam-term-row-actions', array('manage', 'edit'), $subject, $record, $type)),
187
- is_taxonomy_hierarchical($record->taxonomy) ? rtrim($this->getParentTermList($record), '/') : '',
188
- apply_filters(
189
- 'aam-term-override-status',
190
- false,
191
- $record->term_id . '|' . $record->taxonomy,
192
- $subject
193
- )
194
  );
 
 
195
  }
196
  }
197
 
198
  return $response;
199
  }
200
-
201
  /**
202
- *
203
- * @global type $wp_version
204
- * @param type $term
205
- * @return type
206
- * @todo Remove when min WP version will be 4.8
 
 
 
 
207
  */
208
- protected function getParentTermList($term) {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
209
  global $wp_version;
210
 
211
  $list = '';
@@ -244,77 +794,92 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
244
  }
245
 
246
  /**
247
- * Undocumented function
248
  *
249
  * @param string $type
250
- *
251
- * @return void
 
 
 
252
  */
253
- protected function prepareContentList($type) {
 
254
  $list = array();
255
- //filters
 
256
  $s = AAM_Core_Request::post('search.value');
257
- $length = AAM_Core_Request::post('length');
258
- $start = AAM_Core_Request::post('start');
259
-
260
- //calculate how many term and/or posts we need to fetch
261
  $paging = $this->getFetchPagination($type, $s, $start, $length);
262
-
263
- //first retrieve all terms that belong to Post Type
264
  if ($paging['terms']) {
265
  $list = $this->retrieveTermList(
266
- get_object_taxonomies($type),
267
- $s,
268
- $paging['term_offset'],
269
  $paging['terms']
270
  );
271
  }
272
-
273
- //retrieve all posts
274
  if ($paging['posts']) {
275
  $list = array_merge(
276
- $list,
277
  $this->retrievePostList(
278
- $type, $s, $paging['post_offset'], $paging['posts']
 
 
 
279
  )
280
  );
281
  }
282
-
283
  return (object) array(
284
  'total' => $paging['total'],
285
  'filtered' => $paging['total'],
286
  'records' => $list
287
  );
288
  }
289
-
290
  /**
291
- *
292
- * @param type $type
293
- * @param type $search
294
- * @param type $offset
295
- * @param type $limit
296
- * @return type
 
 
 
 
 
297
  */
298
- protected function getFetchPagination($type, $search, $offset, $limit) {
 
299
  $result = array('terms' => 0, 'posts' => 0, 'term_offset' => $offset);
300
-
301
- //get terms count
302
  $taxonomy = get_object_taxonomies($type);
303
-
304
  if (!empty($taxonomy)) {
305
  $terms = get_terms(array(
306
- 'fields' => 'count',
307
- 'search' => $search,
308
- 'hide_empty' => false,
309
- 'taxonomy' => $taxonomy
 
310
  ));
311
  } else {
312
  $terms = 0;
313
  }
314
-
315
- //get posts count
316
  $posts = $this->getPostCount($type, $search);
317
-
318
  if ($offset < $terms) {
319
  if ($terms - $limit >= $offset) {
320
  $result['terms'] = $limit;
@@ -325,324 +890,122 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
325
  } else {
326
  $result['posts'] = $limit;
327
  }
328
-
 
 
 
329
  $result['total'] = $terms + $posts;
330
- $result['post_offset'] = ($offset ? $offset - $terms : 0);
331
-
332
  return $result;
333
  }
334
-
335
  /**
336
- *
 
 
 
 
 
 
 
 
 
 
337
  * @global type $wpdb
338
- * @param type $type
339
- * @param type $search
340
- * @return type
341
  */
342
- protected function getPostCount($type, $search) {
 
343
  global $wpdb;
344
-
345
  $query = "SELECT COUNT(*) AS total FROM {$wpdb->posts} ";
346
- $query .= "WHERE (post_type = %s) AND (post_title LIKE %s)";
347
-
348
- $args = array($type, "{$search}%");
349
-
350
- foreach (get_post_stati(array( 'exclude_from_search' => true)) as $status ) {
 
351
  $query .= " AND ({$wpdb->posts}.post_status <> %s)";
352
  $args[] = $status;
353
  }
354
-
355
  return $wpdb->get_var($wpdb->prepare($query, $args));
356
  }
357
-
358
  /**
359
  * Retrieve term list
360
- *
361
- * @param array $taxonomies
362
- *
 
 
 
363
  * @return array
364
- *
365
  * @access protected
 
366
  */
367
- protected function retrieveTermList($taxonomies, $search, $offset, $limit) {
 
368
  $args = array(
369
- 'fields' => 'all',
370
- 'hide_empty' => false,
371
- 'search' => $search,
372
- 'taxonomy' => $taxonomies,
373
- 'offset' => $offset,
374
- 'number' => $limit,
375
- 'order' => $this->getOrderDirection()
 
376
  );
377
 
378
  return get_terms($args);
379
  }
380
-
381
  /**
382
- *
 
383
  * @param string $type
384
  * @param string $search
385
  * @param int $offset
386
  * @param int $limit
387
- *
388
  * @return array
 
 
 
389
  */
390
- protected function retrievePostList($type, $search, $offset, $limit) {
 
391
  return get_posts(array(
392
- 'post_type' => $type,
393
- 'category' => 0,
394
  's' => $search,
395
  'suppress_filters' => true,
396
  'offset' => $offset,
397
  'numberposts' => $limit,
398
  'orderby' => 'title',
399
  'order' => $this->getOrderDirection(),
400
- 'post_status' => 'any',
401
  'fields' => 'all'
402
  ));
403
  }
404
 
405
  /**
406
- * Prepare response
407
- *
408
- * @param array $response
409
- *
410
- * @return string
411
- *
412
- * @access protected
413
- */
414
- protected function wrapTable($response) {
415
- $response['draw'] = AAM_Core_Request::request('draw');
416
-
417
- return wp_json_encode($response);
418
- }
419
-
420
- /**
421
- * Get Post or Term access
422
- *
423
- * @return string
424
  *
425
- * @access public
426
- */
427
- public function getAccess() {
428
- $type = trim(AAM_Core_Request::post('type'));
429
- $id = AAM_Core_Request::post('id');
430
- $access = $metadata = array();
431
- $object = AAM_Backend_Subject::getInstance()->getObject($type, $id);
432
-
433
- //prepare the response object
434
- $bValues = array(1, '1', 0, '0', false, "false", true, "true");
435
- if (is_a($object, 'AAM_Core_Object')) {
436
- foreach($object->getOption() as $key => $value) {
437
- if (in_array($value, $bValues, true)) {
438
- $access[$key] = !empty($value);
439
- } else {
440
- $access[$key] = $value;
441
- }
442
- }
443
- $metadata = array('overwritten' => $object->isOverwritten());
444
- $access = apply_filters('aam-get-post-access-filter', $access, $object);
445
- }
446
-
447
- return wp_json_encode(array(
448
- 'access' => $access,
449
- 'meta' => $metadata,
450
- 'preview' => $this->preparePreviewValues($access)
451
- ));
452
- }
453
-
454
- /**
455
- *
456
- * @param type $options
457
- * @return type
458
- */
459
- protected function preparePreviewValues($options) {
460
- $previews = array();
461
-
462
- foreach($options as $option => $value) {
463
- $previews[$option] = $this->getPreviewValue($option, $value);
464
- }
465
-
466
- return $previews;
467
- }
468
-
469
- /**
470
- *
471
- * @param type $option
472
- * @param type $val
473
- * @return type
474
- */
475
- protected function getPreviewValue($option, $val) {
476
- switch($option) {
477
- case 'frontend.teaser':
478
- $str = wp_strip_all_tags($val);
479
- if (function_exists('mb_strlen')) {
480
- $preview = (mb_strlen($str) > 25 ? mb_substr($str, 0, 22) . '...' : $str);
481
- } else {
482
- $preview = (strlen($str) > 25 ? substr($str, 0, 22) . '...' : $str);
483
- }
484
- break;
485
-
486
- case 'frontend.location':
487
- if (!empty($val)) {
488
- $chunks = explode('|', $val);
489
- if ($chunks[0] === 'page') {
490
- $preview = __('Existing Page', AAM_KEY);
491
- } elseif ($chunks[0] === 'url') {
492
- $preview = __('Valid URL', AAM_KEY);
493
- } elseif ($chunks[0] === 'callback') {
494
- $preview = __('Custom Callback', AAM_KEY);
495
- } elseif ($chunks[0] === 'login') {
496
- $preview = __('Redirect To Login Page', AAM_KEY);
497
- }
498
- }
499
- break;
500
-
501
- default:
502
- $preview = apply_filters(
503
- 'aam-post-option-preview-filter', $val, $option
504
- );
505
- break;
506
- }
507
-
508
- return $preview;
509
- }
510
-
511
- /**
512
- * Save post properties
513
- *
514
- * @return string
515
- *
516
- * @access public
517
- */
518
- public function save() {
519
- $subject = AAM_Backend_Subject::getInstance();
520
-
521
- $object = trim(AAM_Core_Request::post('object'));
522
- $id = AAM_Core_Request::post('objectId', null);
523
-
524
- $param = AAM_Core_Request::post('param');
525
- $value = filter_input(INPUT_POST, 'value');
526
-
527
- $result = $subject->save($param, $value, $object, $id);
528
-
529
- return wp_json_encode(array(
530
- 'status' => ($result ? 'success' : 'failure'),
531
- 'value' => $value,
532
- 'preview' => $this->getPreviewValue($param, $value)
533
- ));
534
- }
535
-
536
- /**
537
- * Reset the object settings
538
- *
539
- * @return string
540
- *
541
- * @access public
542
- */
543
- public function reset() {
544
- $type = trim(AAM_Core_Request::post('type'));
545
- $id = AAM_Core_Request::post('id', 0);
546
-
547
- $object = AAM_Backend_Subject::getInstance()->getObject($type, $id);
548
- if ($object instanceof AAM_Core_Object) {
549
- $result = $object->reset();
550
- } else {
551
- $result = false;
552
- }
553
-
554
- return wp_json_encode(array('status' => ($result ? 'success' : 'failure')));
555
- }
556
-
557
- /**
558
- * @inheritdoc
559
- */
560
- public static function getTemplate() {
561
- return 'main/post.phtml';
562
- }
563
-
564
- /**
565
- *
566
- * @param type $area
567
- * @return type
568
- */
569
- public static function getAccessOptionList($area) {
570
- static $cache = null;
571
-
572
- if (is_null($cache)) {
573
- $cache = AAM_Backend_View_PostOptionList::get();
574
- }
575
-
576
- $subject = AAM_Backend_Subject::getInstance()->getUID();
577
- $list = apply_filters(
578
- 'aam-post-access-options-filter', $cache[$area], $area
579
- );
580
-
581
- $filtered = array();
582
- foreach($list as $option => $data) {
583
- $add = empty($data['exclude']) || !in_array($subject, $data['exclude'], true);
584
-
585
- if ($add) {
586
- $add = empty($data['config']) || AAM_Core_Config::get($data['config'], true);
587
- }
588
-
589
- if ($add) {
590
- $filtered[$option] = $data;
591
- }
592
- }
593
-
594
- return $filtered;
595
- }
596
-
597
- /**
598
- *
599
- * @param type $renderBackButton
600
- * @param type $extraClass
601
- */
602
- public static function renderAccessForm() {
603
- ob_start();
604
- require_once AAM_BASEDIR . '/application/Backend/phtml/partial/post-access-form.phtml';
605
- $content = ob_get_contents();
606
- ob_end_clean();
607
-
608
- return $content;
609
- }
610
-
611
- /**
612
- *
613
- * @return type
614
- */
615
- public static function getCurrentObject() {
616
- $object = (object) array(
617
- 'id' => urldecode(AAM_Core_Request::request('oid')),
618
- 'type' => AAM_Core_Request::request('otype')
619
- );
620
-
621
- if ($object->id) {
622
- if (strpos($object->id, '|') !== false) { //term
623
- $part = explode('|', $object->id);
624
- $object->term = get_term($part[0], $part[1]);
625
- } else {
626
- $object->post = get_post($object->id);
627
- }
628
- }
629
-
630
- return $object;
631
- }
632
-
633
- /**
634
- * Register Posts & Pages feature
635
- *
636
  * @return void
637
- *
638
  * @access public
 
639
  */
640
- public static function register() {
 
641
  AAM_Backend_Feature::registerFeature((object) array(
642
  'uid' => 'post',
643
  'position' => 20,
644
  'title' => __('Posts & Terms', AAM_KEY),
645
- 'capability' => 'aam_manage_posts',
646
  'type' => 'main',
647
  'subjects' => array(
648
  AAM_Core_Subject_Role::UID,
@@ -650,7 +1013,6 @@ class AAM_Backend_Feature_Main_Post extends AAM_Backend_Feature_Abstract {
650
  AAM_Core_Subject_Visitor::UID,
651
  AAM_Core_Subject_Default::UID
652
  ),
653
- 'option' => 'core.settings.backendAccessControl,core.settings.frontendAccessControl,core.settings.apiAccessControl',
654
  'view' => __CLASS__
655
  ));
656
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
+ * Backend posts & terms service UI
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Main_Post
19
+ extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAware
20
+ {
21
+
22
+ use AAM_Core_Contract_ServiceTrait,
23
+ AAM_Core_Contract_RequestTrait;
24
+
25
+ /**
26
+ * Default access capability to the service
27
+ *
28
+ * @version 6.0.0
29
+ */
30
+ const ACCESS_CAPABILITY = 'aam_manage_content';
31
+
32
+ /**
33
+ * Type of AAM core object
34
+ *
35
+ * @version 6.0.0
36
+ */
37
+ const OBJECT_TYPE = AAM_Core_Object_Post::OBJECT_TYPE;
38
+
39
+ /**
40
+ * HTML template to render
41
+ *
42
+ * @version 6.0.0
43
+ */
44
+ const TEMPLATE = 'service/post.php';
45
+
46
+ /**
47
+ * Get posts & terms list
48
+ *
49
+ * @return string
50
+ *
51
+ * @access public
52
+ * @version 6.0.0
53
+ */
54
+ public function getTable()
55
+ {
56
+ $id = $this->getFromPost('typeId');
57
+
58
+ switch($this->getFromPost('type')) {
59
+ case 'taxonomy':
60
+ $response = $this->retrieveTaxonomyTerms($id);
61
+ break;
62
+
63
+ case 'type':
64
+ $response = $this->retrievePostTypeObjects($id);
65
+ break;
66
+
67
+ default:
68
+ $response = $this->retrieveRootLevelList();
69
+ break;
70
+ }
71
+
72
+ // Extend the response with some required props and return JSON
73
+ // response.
74
+ $response['draw'] = $this->getFromRequest('draw');
75
+
76
+ return wp_json_encode($response);
77
+ }
78
+
79
+ /**
80
+ * Get access form with pre-populated data
81
+ *
82
+ * @param mixed $id
83
+ * @param string $type
84
+ *
85
+ * @return string
86
+ *
87
+ * @access public
88
+ * @version 6.0.0
89
+ */
90
+ public function getAccessForm($id, $type)
91
+ {
92
+ $object = $this->getSubject()->getObject($type, $id);
93
+ $view = AAM_Backend_View::getInstance();
94
+ $args = array(
95
+ 'object' => $object,
96
+ 'type' => $type,
97
+ 'id' => $id,
98
+ 'subject' => $this->getSubject(),
99
+ 'httpCodes' => $this->getRedirectHttpCodes(),
100
+ 'previews' => $this->preparePreviewValues(
101
+ apply_filters(
102
+ 'aam_post_preview_options_filter',
103
+ ($object ? $object->getOption() : array()),
104
+ $object
105
+ )
106
+ )
107
+ );
108
+
109
+ // Prepare HTML response
110
+ switch ($type) {
111
+ case 'term':
112
+ $chunks = explode('|', $id);
113
+ $args['term'] = get_term($chunks[0], $chunks[1]);
114
+ $args['postType'] = (isset($chunks[2]) ? $chunks[2] : null);
115
+
116
+ $response = apply_filters(
117
+ 'aam_term_access_form_filter',
118
+ $view->loadPartial('term-access-form', $args),
119
+ (object) $args
120
+ );
121
+ break;
122
+
123
+ case 'taxonomy':
124
+ $args['taxonomy'] = get_taxonomy($id);
125
+
126
+ $response = apply_filters(
127
+ 'aam_taxonomy_access_form_filter',
128
+ $view->loadPartial('taxonomy-access-form', $args),
129
+ (object) $args
130
+ );
131
+ break;
132
+
133
+ case 'type':
134
+ $args['postType'] = get_post_type_object($id);
135
+
136
+ $response = apply_filters(
137
+ 'aam_type_access_form_filter',
138
+ $view->loadPartial('type-access-form', $args),
139
+ (object) $args
140
+ );
141
+ break;
142
+
143
+ case 'post':
144
+ $args['postType'] = get_post_type_object($object->post_type);
145
+ $args['options'] = $this->getAccessOptionList();
146
+
147
+ $response = $view->loadPartial('post-access-form', $args);
148
+ break;
149
+
150
+ default:
151
+ $response = null;
152
+ break;
153
+ }
154
+
155
+ return $response;
156
+ }
157
+
158
+ /**
159
+ * Decorate additional view elements for access settings
160
+ *
161
+ * This method is necessary to prepare some preview information for access
162
+ * options like LIMIT or REDIRECT.
163
+ *
164
+ * @param array $options
165
+ *
166
+ * @return array
167
+ *
168
+ * @access protected
169
+ * @version 6.0.0
170
+ */
171
+ protected function preparePreviewValues($options)
172
+ {
173
+ $previews = array();
174
+
175
+ foreach ($options as $option => $value) {
176
+ $previews[$option] = $this->getPreviewValue($option, $value);
177
+ }
178
+
179
+ return $previews;
180
+ }
181
+
182
+ /**
183
+ * Get post object access options
184
+ *
185
+ * @return array
186
+ *
187
+ * @access protected
188
+ * @version 6.0.0
189
+ */
190
+ protected function getAccessOptionList()
191
+ {
192
+ $list = apply_filters(
193
+ 'aam_post_access_options_filter', AAM_Backend_View_PostOptionList::get()
194
+ );
195
+
196
+ return array_filter($list, function ($opt) {
197
+ $type = $this->getSubject()->getSubjectType();
198
+
199
+ return empty($opt['exclude']) || !in_array($type, $opt['exclude'], true);
200
+ });
201
+ }
202
+
203
+ /**
204
+ * Get list of HTTP redirect types
205
+ *
206
+ * @return array
207
+ *
208
+ * @access protected
209
+ * @version 6.0.0
210
+ */
211
+ protected function getRedirectHttpCodes()
212
+ {
213
+ return apply_filters('aam_content_redirect_http_codes', array(
214
+ '307' => __('307 - Temporary Redirect (Default)', AAM_KEY),
215
+ '301' => __('301 - Moved Permanently', AAM_KEY),
216
+ '303' => __('303 - See Other', AAM_KEY)
217
+ ));
218
+ }
219
+
220
+ /**
221
+ * Prepare readable preview value
222
+ *
223
+ * @param string $option
224
+ * @param mixed $value
225
+ *
226
+ * @return string
227
+ *
228
+ * @access protected
229
+ * @version 6.0.0
230
+ */
231
+ protected function getPreviewValue($option, $value)
232
+ {
233
+ switch ($option) {
234
+ case 'teaser':
235
+ $preview = $this->prepareTeaserPreview($value);
236
+ break;
237
+
238
+ case 'limited':
239
+ $preview = $this->prepareLimitedPreview($value);
240
+ break;
241
+
242
+ case 'redirected':
243
+ $preview = $this->prepareRedirectPreview($value);
244
+ break;
245
+
246
+ case 'protected':
247
+ $preview = $value['password'];
248
+ break;
249
+
250
+ case 'ceased':
251
+ $preview = $this->prepareCeasePreview($value);
252
+ break;
253
+
254
+ default:
255
+ $preview = apply_filters(
256
+ 'aam_post_option_preview_filter',
257
+ '',
258
+ $value,
259
+ $option
260
+ );
261
+ break;
262
+ }
263
+
264
+ return $preview;
265
+ }
266
+
267
+ /**
268
+ * Prepare teaser message preview
269
+ *
270
+ * @param array $teaser
271
+ *
272
+ * @return string
273
+ *
274
+ * @access protected
275
+ * @version 6.0.0
276
+ */
277
+ protected function prepareTeaserPreview($teaser)
278
+ {
279
+ $preview = null;
280
+
281
+ if (!empty($teaser['message'])) {
282
+ // Remove all HTML tags first
283
+ $str = wp_strip_all_tags($teaser['message']);
284
+
285
+ // Take in consideration UTF-8 encoding
286
+ if (function_exists('mb_strlen')) {
287
+ $preview = (mb_strlen($str) > 25 ? mb_substr($str, 0, 22) . '...' : $str);
288
+ } else {
289
+ $preview = (strlen($str) > 25 ? substr($str, 0, 22) . '...' : $str);
290
+ }
291
+ }
292
+
293
+ return $preview;
294
+ }
295
+
296
  /**
297
+ * Prepare limited option preview
298
+ *
299
+ * @param array $limited
300
+ *
301
+ * @return string
302
+ *
303
+ * @access protected
304
+ * @version 6.0.0
305
  */
306
+ protected function prepareLimitedPreview($limited)
307
+ {
308
+ $preview = null;
309
+
310
+ if (!empty($limited['threshold'])) {
311
+ $preview = sprintf(__('%d times', AAM_KEY), $limited['threshold']);
312
  }
313
+
314
+ return $preview;
315
  }
316
+
317
  /**
318
+ * Prepare redirect option preview
319
+ *
320
+ * @param array $redirect
321
+ *
322
  * @return string
323
+ *
324
+ * @access protected
325
+ * @version 6.0.0
326
+ */
327
+ protected function prepareRedirectPreview($redirect)
328
+ {
329
+ switch (isset($redirect['type']) ? $redirect['type'] : null) {
330
+ case 'page':
331
+ $page = get_post($redirect['destination']);
332
+ $preview = sprintf(
333
+ __('"%s" page', AAM_KEY),
334
+ (is_a($page, 'WP_Post') ? $page->post_title : '')
335
+ );
336
+ break;
337
+
338
+ case 'url':
339
+ $preview = sprintf(__('%s URL', AAM_KEY), $redirect['destination']);
340
+ break;
341
+
342
+ case 'login':
343
+ $preview = __('Login page', AAM_KEY);
344
+ break;
345
+
346
+ case 'callback':
347
+ $preview = $redirect['destination'];
348
+ break;
349
+
350
+ default:
351
+ $preview = null;
352
+ break;
353
+ }
354
+
355
+ return $preview;
356
+ }
357
+
358
+ /**
359
+ * Prepare ceased option preview
360
+ *
361
+ * @param array $cease
362
+ *
363
+ * @return string
364
+ *
365
+ * @access protected
366
+ * @version 6.0.0
367
+ */
368
+ protected function prepareCeasePreview($cease)
369
+ {
370
+ return (!empty($cease['after']) ? date('m/d/Y H:i O', $cease['after']) : null);
371
+ }
372
+
373
+ /**
374
+ * Save Posts & Terms access properties
375
+ *
376
+ * @return string
377
+ *
378
  * @access public
379
+ * @version 6.0.0
380
  */
381
+ public function save()
382
+ {
383
+ $type = $this->getFromPost('object');
384
+ $id = $this->getFromPost('objectId');
385
+ $param = $this->getFromPost('param');
386
+ $value = $this->sanitizeOption($param, AAM_Core_Request::post('value'));
387
 
388
+ $object = $this->getSubject()->getObject($type, $id, true);
389
+ $result = $object->updateOptionItem($param, $value)->save();
390
+
391
+ return wp_json_encode(array(
392
+ 'status' => ($result ? 'success' : 'failure')
393
+ ));
394
+ }
395
+
396
+ /**
397
+ * Reset view counter
398
+ *
399
+ * @return string
400
+ *
401
+ * @access public
402
+ * @version 6.0.0
403
+ */
404
+ public function resetCounter()
405
+ {
406
+ $type = $this->getFromPost('object');
407
+ $id = $this->getFromPost('objectId');
408
+
409
+ if ($type === 'post') {
410
+ $result = delete_user_option(
411
+ $this->getSubject()->getId(),
412
+ sprintf(AAM_Service_Content::POST_COUNTER_DB_OPTION, $id)
413
+ );
414
  } else {
415
+ $result = apply_filters(
416
+ 'aam_ajax_filter', false, $this->getSubject(), 'Main_Post.resetCounter'
417
+ );
418
  }
419
 
420
+ return wp_json_encode(array(
421
+ 'status' => ($result ? 'success' : 'failure')
422
+ ));
423
+ }
424
+
425
+ /**
426
+ * Reset the object access settings
427
+ *
428
+ * @return string
429
+ *
430
+ * @access public
431
+ * @version 6.0.0
432
+ */
433
+ public function reset()
434
+ {
435
+ $type = $this->getFromPost('type');
436
+ $id = $this->getFromPost('id');
437
+ $result = $this->getSubject()->getObject($type, $id)->reset();
438
+
439
+ return wp_json_encode(array('status' => ($result ? 'success' : 'failure')));
440
+ }
441
+
442
+ /**
443
+ * Sanitize and normalize the access settings
444
+ *
445
+ * Depending on the type of access, normalize and sanitize the incoming data
446
+ *
447
+ * @param string $option
448
+ * @param mixed $value
449
+ *
450
+ * @return mixed
451
+ *
452
+ * @access protected
453
+ * @version 6.0.0
454
+ */
455
+ protected function sanitizeOption($option, $value)
456
+ {
457
+ if (is_array($value)) {
458
+ $value['enabled'] = filter_var($value['enabled'], FILTER_VALIDATE_BOOLEAN);
459
+ } else { // Any scalar value has to be boolean
460
+ $value = filter_var($value, FILTER_VALIDATE_BOOLEAN);
461
+ }
462
+
463
+ return $value;
464
  }
465
+
466
  /**
467
+ * Check if post can be managed for current subject
468
+ *
469
+ * @return boolean
470
+ *
471
+ * @access protected
472
+ * @version 6.0.0
473
+ */
474
+ protected function isAllowedToManageCurrentSubject()
475
+ {
476
+ return apply_filters(
477
+ 'aam_posts_terms_manage_subject_filter',
478
+ !$this->getSubject()->isDefault(),
479
+ $this->getSubject()->getSubject()
480
+ );
481
+ }
482
+
483
+ /**
484
+ * Retrieve list of registered post types & taxonomies
485
+ *
486
+ * The Root level contains the list of all registered post types that are public
487
+ * as well as all the registered taxonomies
488
+ *
489
  * @return array
490
+ *
491
  * @access protected
492
+ * @version 6.0.0
493
  */
494
+ protected function retrieveRootLevelList()
495
+ {
496
+ $list = $this->prepareRootLevelList();
497
  $response = array(
498
+ 'data' => array(),
499
+ 'recordsTotal' => $list->total,
500
  'recordsFiltered' => $list->filtered
501
  );
502
+
503
  foreach ($list->records as $type) {
504
+ if (is_a($type, 'WP_Post_Type')) {
505
+ $response['data'][] = array(
506
+ $type->name,
507
+ null,
508
+ 'type',
509
+ $type->labels->name,
510
+ 'drilldown,manage',
511
+ null,
512
+ apply_filters(
513
+ 'aam_type_settings_override_status_filter',
514
+ false,
515
+ $type->name,
516
+ $this->getSubject()
517
+ )
518
+ );
519
+ } elseif(is_a($type, 'WP_Taxonomy')) {
520
+ $response['data'][] = array(
521
+ $type->name,
522
+ null,
523
+ 'taxonomy-' . ($type->hierarchical ? 'category' : 'tag'),
524
+ $type->labels->name,
525
+ 'drilldown,manage',
526
+ null,
527
+ apply_filters(
528
+ 'aam_taxonomy_settings_override_status_filter',
529
+ false,
530
+ $type->name,
531
+ $this->getSubject()
532
+ )
533
+ );
534
+ }
535
  }
536
+
537
  return $response;
538
  }
539
+
540
  /**
541
+ * Prepare the list of root level objects
542
+ *
543
+ * @return object
544
+ *
545
+ * @access protected
546
+ * @version 6.0.0
547
  */
548
+ protected function prepareRootLevelList()
549
+ {
550
+ $args = array('public' => true);
551
+ $list = array_merge(
552
+ get_post_types($args, 'objects'), // Get all registered post types
553
+ get_taxonomies($args, 'objects') // Get all registered taxonomies
554
+ );
555
+
556
  $filtered = array();
557
+
558
+ // Apply filters
559
  $s = AAM_Core_Request::post('search.value');
560
  $length = AAM_Core_Request::post('length');
561
  $start = AAM_Core_Request::post('start');
562
+
563
+ foreach ($list as $type) {
564
+ if (empty($s) || stripos($type->labels->name, $s) !== false) {
565
+ $filtered[get_class($type) . '_' . $type->name] = $type;
 
 
566
  }
567
  }
568
+
569
  $this->getOrderDirection() === 'ASC' ? ksort($filtered) : krsort($filtered);
570
+
571
  return (object) array(
572
  'total' => count($list),
573
  'filtered' => count($filtered),
574
  'records' => array_slice($filtered, $start, $length)
575
  );
576
  }
577
+
578
  /**
579
+ * Retrieve list of all terms that belong to specific taxonomy
580
+ *
581
+ * @param string $taxonomy
582
+ *
583
+ * @return array
584
+ *
585
+ * @access protected
586
+ * @version 6.0.0
587
  */
588
+ protected function retrieveTaxonomyTerms($taxonomy)
589
+ {
590
+ $list = $this->retrieveTermList(
591
+ $taxonomy,
592
+ AAM_Core_Request::post('search.value'),
593
+ $this->getFromPost('start'),
594
+ $this->getFromPost('length')
595
+ );
596
+
597
+ $countFiltered = get_terms(array(
598
+ 'fields' => 'count',
599
+ 'search' => AAM_Core_Request::post('search.value'),
600
+ 'hide_empty' => false,
601
+ 'suppress_filter' => true,
602
+ 'taxonomy' => $taxonomy
603
+ ));
604
+ $count = get_terms(array(
605
+ 'fields' => 'count',
606
+ 'hide_empty' => false,
607
+ 'suppress_filter' => true,
608
+ 'taxonomy' => $taxonomy
609
+ ));
610
+
611
+ $response = array(
612
+ 'data' => array(),
613
+ 'recordsTotal' => $count,
614
+ 'recordsFiltered' => $countFiltered
615
+ );
616
+
617
+ foreach ($list as $term) {
618
+ $response['data'][] = $this->_prepareTermRow($term);
619
+ }
620
+
621
+ return $response;
622
+ }
623
+
624
+ /**
625
+ * Get correct table order
626
+ *
627
+ * @return string
628
+ *
629
+ * @access protected
630
+ * @version 6.0.0
631
+ */
632
+ protected function getOrderDirection()
633
+ {
634
  $dir = 'asc';
635
  $order = AAM_Core_Request::post('order.0');
636
+
637
  if (!empty($order['column']) && ($order['column'] === '3')) {
638
  $dir = !empty($order['dir']) ? $order['dir'] : 'asc';
639
  }
640
+
641
  return strtoupper($dir);
642
  }
643
 
644
  /**
 
 
645
  * Retrieve list of all posts and terms that belong to specified post type
646
+ *
647
  * @param string $type
648
+ *
649
  * @return array
650
+ *
651
  * @access protected
652
+ * @version 6.0.0
653
  */
654
+ protected function retrievePostTypeObjects($type)
655
+ {
656
+ $list = $this->preparePostTermList($type);
657
+ $subject = $this->getSubject();
658
  $response = array(
659
+ 'data' => array(),
660
+ 'recordsTotal' => $list->total,
661
  'recordsFiltered' => $list->filtered
662
  );
663
+
664
+ foreach ($list->records as $record) {
665
+ if (isset($record->ID)) { // this is a post
666
  $link = get_edit_post_link($record->ID, 'link');
667
+
668
  $parent = '';
669
+
670
  if (!empty($record->post_parent)) {
671
  $p = get_post($record->post_parent);
672
  $parent = (is_a($p, 'WP_Post') ? $p->post_title : '');
673
  }
674
+
675
  if (empty($parent)) {
676
  $taxonomies = get_object_taxonomies($record);
677
 
678
  if (!empty($taxonomies)) {
679
  $terms = wp_get_object_terms(
680
+ $record->ID,
681
+ $taxonomies,
682
+ array('fields' => 'names', 'suppress_filter' => true)
683
  );
684
  $parent = implode(', ', $terms);
685
  }
686
  }
687
+
688
  $response['data'][] = array(
689
  $record->ID,
690
  $link,
692
  get_the_title($record),
693
  'manage' . ($link ? ',edit' : ',no-edit'),
694
  $parent,
695
+ $subject->getObject('post', $record->ID, true)->isOverwritten()
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
696
  );
697
+ } else { // this is a term
698
+ $response['data'][] = $this->_prepareTermRow($record, $type);
699
  }
700
  }
701
 
702
  return $response;
703
  }
704
+
705
  /**
706
+ * Prepare the term row for the table view
707
+ *
708
+ * @param WP_Term $term
709
+ * @param string $type
710
+ *
711
+ * @return array
712
+ *
713
+ * @access private
714
+ * @version 6.0.0
715
  */
716
+ private function _prepareTermRow($term, $type = null)
717
+ {
718
+ // Prepare list of actions
719
+ $actions = apply_filters(
720
+ 'aam_term_row_actions',
721
+ array('manage', 'edit'),
722
+ $this->getSubject(),
723
+ $term,
724
+ $type
725
+ );
726
+
727
+ // Prepare row id
728
+ $id = $term->term_id . '|' . $term->taxonomy . ($type ? '|' . $type : '');
729
+
730
+ $is_cat = is_taxonomy_hierarchical($term->taxonomy);
731
+ $path = ($is_cat ? rtrim($this->getParentTermList($term), '/') : '');
732
+
733
+ return array(
734
+ $id,
735
+ get_edit_term_link($term->term_id, $term->taxonomy),
736
+ ($is_cat ? 'cat' : 'tag'),
737
+ $term->name,
738
+ implode(',', $actions),
739
+ $path,
740
+ apply_filters(
741
+ 'aam_term_settings_override_status_filter', false, $id, $this->getSubject()
742
+ )
743
+ );
744
+ }
745
+
746
+ /**
747
+ * Get list of parent terms
748
+ *
749
+ * @param WP_Term $term
750
+ *
751
+ * @return string
752
+ *
753
+ * @access protected
754
+ * @global string $wp_version
755
+ * @version 6.0.0
756
+ */
757
+ protected function getParentTermList($term)
758
+ {
759
  global $wp_version;
760
 
761
  $list = '';
794
  }
795
 
796
  /**
797
+ * Prepare the list of posts and terms that are related to specific post type
798
  *
799
  * @param string $type
800
+ *
801
+ * @return array
802
+ *
803
+ * @access protected
804
+ * @version 6.0.0
805
  */
806
+ protected function preparePostTermList($type)
807
+ {
808
  $list = array();
809
+
810
+ // Retrieve filters
811
  $s = AAM_Core_Request::post('search.value');
812
+ $length = $this->getFromPost('length', FILTER_VALIDATE_INT);
813
+ $start = $this->getFromPost('start', FILTER_VALIDATE_INT);
814
+
815
+ // Calculate how many term and/or posts we need to fetch
816
  $paging = $this->getFetchPagination($type, $s, $start, $length);
817
+
818
+ // First retrieve all terms that belong to Post Type
819
  if ($paging['terms']) {
820
  $list = $this->retrieveTermList(
821
+ get_object_taxonomies($type),
822
+ $s,
823
+ $paging['term_offset'],
824
  $paging['terms']
825
  );
826
  }
827
+
828
+ // Retrieve all posts
829
  if ($paging['posts']) {
830
  $list = array_merge(
831
+ $list,
832
  $this->retrievePostList(
833
+ $type,
834
+ $s,
835
+ $paging['post_offset'],
836
+ $paging['posts']
837
  )
838
  );
839
  }
840
+
841
  return (object) array(
842
  'total' => $paging['total'],
843
  'filtered' => $paging['total'],
844
  'records' => $list
845
  );
846
  }
847
+
848
  /**
849
+ * Compute information for the pagination
850
+ *
851
+ * @param string $type
852
+ * @param string $search
853
+ * @param int $offset
854
+ * @param int $limit
855
+ *
856
+ * @return array
857
+ *
858
+ * @access protected
859
+ * @version 6.0.0
860
  */
861
+ protected function getFetchPagination($type, $search, $offset, $limit)
862
+ {
863
  $result = array('terms' => 0, 'posts' => 0, 'term_offset' => $offset);
864
+
865
+ // Get terms count
866
  $taxonomy = get_object_taxonomies($type);
867
+
868
  if (!empty($taxonomy)) {
869
  $terms = get_terms(array(
870
+ 'fields' => 'count',
871
+ 'search' => $search,
872
+ 'hide_empty' => false,
873
+ 'suppress_filter' => true,
874
+ 'taxonomy' => $taxonomy
875
  ));
876
  } else {
877
  $terms = 0;
878
  }
879
+
880
+ // Get posts count
881
  $posts = $this->getPostCount($type, $search);
882
+
883
  if ($offset < $terms) {
884
  if ($terms - $limit >= $offset) {
885
  $result['terms'] = $limit;
890
  } else {
891
  $result['posts'] = $limit;
892
  }
893
+
894
+ // Calculate post offset
895
+ $post_offset = ($offset ? $offset - $terms : 0);
896
+
897
  $result['total'] = $terms + $posts;
898
+ $result['post_offset'] = ($post_offset < 0 ? 0 : $post_offset);
899
+
900
  return $result;
901
  }
902
+
903
  /**
904
+ * Get list of posts
905
+ *
906
+ * Perform separate computation for the list of posts based on type and search
907
+ * criteria
908
+ *
909
+ * @param string $type
910
+ * @param string $search
911
+ *
912
+ * @return int
913
+ *
914
+ * @access protected
915
  * @global type $wpdb
916
+ * @version 6.0.0
 
 
917
  */
918
+ protected function getPostCount($type, $search)
919
+ {
920
  global $wpdb;
921
+
922
  $query = "SELECT COUNT(*) AS total FROM {$wpdb->posts} ";
923
+ $query .= "WHERE (post_type = %s) AND (post_title LIKE %s || ";
924
+ $query .= "post_excerpt LIKE %s || post_content LIKE %s)";
925
+
926
+ $args = array($type, "%{$search}%", "%{$search}%", "%{$search}%");
927
+
928
+ foreach (get_post_stati(array('show_in_admin_all_list' => false)) as $status) {
929
  $query .= " AND ({$wpdb->posts}.post_status <> %s)";
930
  $args[] = $status;
931
  }
932
+
933
  return $wpdb->get_var($wpdb->prepare($query, $args));
934
  }
935
+
936
  /**
937
  * Retrieve term list
938
+ *
939
+ * @param array $taxonomies
940
+ * @param string $search
941
+ * @param int $offset
942
+ * @param int $limit
943
+ *
944
  * @return array
945
+ *
946
  * @access protected
947
+ * @version 6.0.0
948
  */
949
+ protected function retrieveTermList($taxonomies, $search, $offset, $limit)
950
+ {
951
  $args = array(
952
+ 'fields' => 'all',
953
+ 'hide_empty' => false,
954
+ 'search' => $search,
955
+ 'suppress_filter' => true,
956
+ 'taxonomy' => $taxonomies,
957
+ 'offset' => $offset,
958
+ 'number' => $limit,
959
+ 'order' => $this->getOrderDirection()
960
  );
961
 
962
  return get_terms($args);
963
  }
964
+
965
  /**
966
+ * Get list of posts for specific post type
967
+ *
968
  * @param string $type
969
  * @param string $search
970
  * @param int $offset
971
  * @param int $limit
972
+ *
973
  * @return array
974
+ *
975
+ * @access protected
976
+ * @version 6.0.0
977
  */
978
+ protected function retrievePostList($type, $search, $offset, $limit)
979
+ {
980
  return get_posts(array(
981
+ 'post_type' => $type,
982
+ 'category' => 0,
983
  's' => $search,
984
  'suppress_filters' => true,
985
  'offset' => $offset,
986
  'numberposts' => $limit,
987
  'orderby' => 'title',
988
  'order' => $this->getOrderDirection(),
989
+ 'post_status' => 'any',
990
  'fields' => 'all'
991
  ));
992
  }
993
 
994
  /**
995
+ * Register Posts & Pages service UI
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
996
  *
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
997
  * @return void
998
+ *
999
  * @access public
1000
+ * @version 6.0.0
1001
  */
1002
+ public static function register()
1003
+ {
1004
  AAM_Backend_Feature::registerFeature((object) array(
1005
  'uid' => 'post',
1006
  'position' => 20,
1007
  'title' => __('Posts & Terms', AAM_KEY),
1008
+ 'capability' => self::ACCESS_CAPABILITY,
1009
  'type' => 'main',
1010
  'subjects' => array(
1011
  AAM_Core_Subject_Role::UID,
1013
  AAM_Core_Subject_Visitor::UID,
1014
  AAM_Core_Subject_Default::UID
1015
  ),
 
1016
  'view' => __CLASS__
1017
  ));
1018
  }
application/Backend/Feature/Main/Redirect.php CHANGED
@@ -5,127 +5,82 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
- * Redirect manager
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Main_Redirect extends AAM_Backend_Feature_Abstract {
17
-
18
- /**
19
- * Construct
20
- */
21
- public function __construct() {
22
- parent::__construct();
23
-
24
- $allowed = AAM_Backend_Subject::getInstance()->isAllowedToManage();
25
- if (!$allowed || !current_user_can('aam_manage_access_denied_redirect')) {
26
- AAM::api()->denyAccess(array('reason' => 'aam_manage_access_denied_redirect'));
27
- }
28
- }
29
-
30
  /**
31
- * Undocumented function
32
  *
33
- * @return void
34
  */
35
- public function save() {
36
- $param = AAM_Core_Request::post('param');
37
- $value = AAM_Core_Request::post('value');
38
-
39
- $object = AAM_Backend_Subject::getInstance()->getObject('redirect');
40
 
41
- $object->save($param, $value);
42
-
43
- return wp_json_encode(array('status' => 'success'));
44
- }
45
-
46
  /**
47
- *
48
- * @return type
49
- */
50
- public function reset() {
51
- return AAM_Backend_Subject::getInstance()->resetObject('redirect');
52
- }
53
-
54
- /**
55
- *
56
- * @return type
57
- */
58
- public function isDefault() {
59
- $subject = AAM_Backend_Subject::getInstance();
60
-
61
- return $subject->getUID() === AAM_Core_Subject_Default::UID;
62
- }
63
-
64
- /**
65
- *
66
- * @return type
67
  */
68
- public function isVisitor() {
69
- $subject = AAM_Backend_Subject::getInstance();
70
-
71
- return $subject->getUID() === AAM_Core_Subject_Visitor::UID;
72
- }
73
-
74
  /**
75
- * Check inheritance status
76
- *
77
- * Check if redirect settings are overwritten
78
- *
79
- * @return boolean
80
- *
81
- * @access protected
82
  */
83
- protected function isOverwritten() {
84
- $object = AAM_Backend_Subject::getInstance()->getObject('redirect');
85
-
86
- return $object->isOverwritten();
87
- }
88
-
89
  /**
90
- *
91
- * @param type $option
92
- * @return type
 
 
 
 
 
 
93
  */
94
- public function getOption($option, $default = null) {
95
- $object = AAM_Backend_Subject::getInstance()->getObject('redirect');
 
96
  $value = $object->get($option);
97
-
98
  return (!is_null($value) ? $value : $default);
99
  }
100
-
101
- /**
102
- * @inheritdoc
103
- */
104
- public static function getTemplate() {
105
- return 'main/redirect.phtml';
106
- }
107
-
108
  /**
109
- * Register Contact/Hire feature
110
- *
111
  * @return void
112
- *
113
  * @access public
 
114
  */
115
- public static function register() {
 
116
  AAM_Backend_Feature::registerFeature((object) array(
117
  'uid' => 'redirect',
118
  'position' => 30,
119
  'title' => __('Access Denied Redirect', AAM_KEY),
120
- 'capability' => 'aam_manage_access_denied_redirect',
121
  'type' => 'main',
122
  'subjects' => array(
123
- AAM_Core_Subject_Role::UID,
124
- AAM_Core_Subject_User::UID,
125
  AAM_Core_Subject_Visitor::UID,
126
  AAM_Core_Subject_Default::UID
127
  ),
128
- 'option' => 'core.settings.backendAccessControl,core.settings.frontendAccessControl',
129
  'view' => __CLASS__
130
  ));
131
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
+ * Access Denied Redirect manager
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Main_Redirect
19
+ extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAware
20
+ {
21
+
 
 
 
 
 
 
 
 
 
 
22
  /**
23
+ * Default access capability to the service
24
  *
25
+ * @version 6.0.0
26
  */
27
+ const ACCESS_CAPABILITY = 'aam_manage_access_denied_redirect';
 
 
 
 
28
 
 
 
 
 
 
29
  /**
30
+ * Type of AAM core object
31
+ *
32
+ * @version 6.0.0
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
33
  */
34
+ const OBJECT_TYPE = AAM_Core_Object_Redirect::OBJECT_TYPE;
35
+
 
 
 
 
36
  /**
37
+ * HTML template to render
38
+ *
39
+ * @version 6.0.0
 
 
 
 
40
  */
41
+ const TEMPLATE = 'service/redirect.php';
42
+
 
 
 
 
43
  /**
44
+ * Get access denied redirect option
45
+ *
46
+ * @param string $option
47
+ * @param mixed $default
48
+ *
49
+ * @return mixed
50
+ *
51
+ * @access public
52
+ * @version 6.0.0
53
  */
54
+ public function getOption($option, $default = null)
55
+ {
56
+ $object = AAM_Backend_Subject::getInstance()->getObject(self::OBJECT_TYPE);
57
  $value = $object->get($option);
58
+
59
  return (!is_null($value) ? $value : $default);
60
  }
61
+
 
 
 
 
 
 
 
62
  /**
63
+ * Register Access Denied Redirect UI feature
64
+ *
65
  * @return void
66
+ *
67
  * @access public
68
+ * @version 6.0.0
69
  */
70
+ public static function register()
71
+ {
72
  AAM_Backend_Feature::registerFeature((object) array(
73
  'uid' => 'redirect',
74
  'position' => 30,
75
  'title' => __('Access Denied Redirect', AAM_KEY),
76
+ 'capability' => self::ACCESS_CAPABILITY,
77
  'type' => 'main',
78
  'subjects' => array(
79
+ AAM_Core_Subject_Role::UID,
80
+ AAM_Core_Subject_User::UID,
81
  AAM_Core_Subject_Visitor::UID,
82
  AAM_Core_Subject_Default::UID
83
  ),
 
84
  'view' => __CLASS__
85
  ));
86
  }
application/Backend/Feature/Main/Route.php CHANGED
@@ -5,150 +5,125 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * WordPress API manager
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Main_Route extends AAM_Backend_Feature_Abstract {
17
-
18
- /**
19
- * Construct
20
- */
21
- public function __construct() {
22
- parent::__construct();
23
-
24
- $allowed = AAM_Backend_Subject::getInstance()->isAllowedToManage();
25
- if (!$allowed || !current_user_can('aam_manage_api_routes')) {
26
- AAM::api()->denyAccess(array('reason' => 'aam_manage_api_routes'));
27
- }
28
- }
29
-
30
- /**
31
- *
32
- * @return type
33
- */
34
- public function getTable() {
35
- $response = array('data' => $this->retrieveAllRoutes());
36
 
37
- return wp_json_encode($response);
38
- }
39
 
40
  /**
41
- *
42
- * @return type
 
43
  */
44
- public function save() {
45
- $type = filter_input(INPUT_POST, 'type');
46
- $route = filter_input(INPUT_POST, 'route');
47
- $method = filter_input(INPUT_POST, 'method');
48
- $value = filter_input(INPUT_POST, 'value');
49
-
50
- $object = AAM_Backend_Subject::getInstance()->getObject('route');
51
-
52
- $object->save($type, $route, $method, $value);
53
 
54
- return wp_json_encode(array('status' => 'success'));
55
- }
56
-
57
  /**
58
- *
59
- * @return type
 
60
  */
61
- public function reset() {
62
- return AAM_Backend_Subject::getInstance()->resetObject('route');
63
- }
64
 
65
  /**
66
- * @inheritdoc
 
 
67
  */
68
- public static function getTemplate() {
69
- return 'main/route.phtml';
70
- }
71
-
72
  /**
73
- *
74
- * @return type
 
 
 
 
75
  */
76
- protected function retrieveAllRoutes() {
77
- $response = array();
78
- $object = AAM_Backend_Subject::getInstance()->getObject('route');
79
-
80
- //build all RESTful routes
 
81
  if (AAM::api()->getConfig('core.settings.restful', true)) {
82
  foreach (rest_get_server()->get_routes() as $route => $handlers) {
83
  $methods = array();
84
- foreach($handlers as $handler) {
85
  $methods = array_merge($methods, array_keys($handler['methods']));
86
  }
87
 
88
- foreach(array_unique($methods) as $method) {
89
- $response[] = array(
 
90
  $route,
91
  'restful',
92
  $method,
93
  htmlspecialchars($route),
94
- $object->has('restful', $route, $method) ? 'checked' : 'unchecked'
95
  );
96
  }
97
  }
98
  }
99
-
100
- // Build XML RPC routes
101
- if (AAM::api()->getConfig('core.settings.xmlrpc', true)) {
102
- foreach(array_keys(AAM_Core_API::getXMLRPCServer()->methods) as $route) {
103
- $response[] = array(
104
- $route,
105
- 'xmlrpc',
106
- 'POST',
107
- htmlspecialchars($route),
108
- $object->has('xmlrpc', $route) ? 'checked' : 'unchecked'
109
- );
110
- }
111
- }
112
-
113
- return $response;
114
  }
115
 
116
  /**
117
- * Check inheritance status
118
- *
119
- * Check if menu settings are overwritten
120
- *
121
- * @return boolean
122
- *
123
- * @access protected
124
  */
125
- protected function isOverwritten() {
126
- $object = AAM_Backend_Subject::getInstance()->getObject('route');
127
-
128
- return $object->isOverwritten();
 
 
 
 
 
 
 
 
 
129
  }
130
 
131
  /**
132
- * Register Menu feature
133
- *
134
  * @return void
135
- *
136
  * @access public
 
137
  */
138
- public static function register() {
139
- AAM_Backend_Feature::registerFeature((object) array(
 
140
  'uid' => 'route',
141
  'position' => 50,
142
  'title' => __('API Routes', AAM_KEY),
143
- 'capability' => 'aam_manage_api_routes',
144
  'type' => 'main',
145
  'subjects' => array(
146
- AAM_Core_Subject_Role::UID,
147
  AAM_Core_Subject_User::UID,
148
  AAM_Core_Subject_Visitor::UID,
149
  AAM_Core_Subject_Default::UID
150
  ),
151
- 'option' => 'core.settings.apiAccessControl',
152
  'view' => __CLASS__
153
  ));
154
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * WordPress API manager
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Main_Route
19
+ extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAware
20
+ {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
21
 
22
+ use AAM_Core_Contract_RequestTrait;
 
23
 
24
  /**
25
+ * Default access capability to the service
26
+ *
27
+ * @version 6.0.0
28
  */
29
+ const ACCESS_CAPABILITY = 'aam_manage_api_routes';
 
 
 
 
 
 
 
 
30
 
 
 
 
31
  /**
32
+ * Type of AAM core object
33
+ *
34
+ * @version 6.0.0
35
  */
36
+ const OBJECT_TYPE = AAM_Core_Object_Route::OBJECT_TYPE;
 
 
37
 
38
  /**
39
+ * HTML template to render
40
+ *
41
+ * @version 6.0.0
42
  */
43
+ const TEMPLATE = 'service/route.php';
44
+
 
 
45
  /**
46
+ * Get list of API routes
47
+ *
48
+ * @return string
49
+ *
50
+ * @access public
51
+ * @version 6.0.0
52
  */
53
+ public function getTable()
54
+ {
55
+ $list = array();
56
+ $object = AAM_Backend_Subject::getInstance()->getObject(self::OBJECT_TYPE);
57
+
58
+ // Build all RESTful routes
59
  if (AAM::api()->getConfig('core.settings.restful', true)) {
60
  foreach (rest_get_server()->get_routes() as $route => $handlers) {
61
  $methods = array();
62
+ foreach ($handlers as $handler) {
63
  $methods = array_merge($methods, array_keys($handler['methods']));
64
  }
65
 
66
+ foreach (array_unique($methods) as $method) {
67
+ $isRestricted = $object->isRestricted('restful', $route, $method);
68
+ $list[] = array(
69
  $route,
70
  'restful',
71
  $method,
72
  htmlspecialchars($route),
73
+ $isRestricted ? 'checked' : 'unchecked'
74
  );
75
  }
76
  }
77
  }
78
+
79
+ return wp_json_encode(array('data' => $list));
 
 
 
 
 
 
 
 
 
 
 
 
 
80
  }
81
 
82
  /**
83
+ * Save route access settings
84
+ *
85
+ * @return string
86
+ *
87
+ * @access public
88
+ * @version 6.0.0
 
89
  */
90
+ public function save()
91
+ {
92
+ $type = $this->getFromPost('type');
93
+ $route = $this->getFromPost('route');
94
+ $method = $this->getFromPost('method');
95
+ $value = $this->getFromPost('value');
96
+
97
+ $object = AAM_Backend_Subject::getInstance()->getObject(self::OBJECT_TYPE);
98
+ $id = strtolower("{$type}|{$route}|{$method}");
99
+
100
+ $result = $object->updateOptionItem($id, $value)->save();
101
+
102
+ return wp_json_encode(array('status' => ($result ? 'success' : 'failure')));
103
  }
104
 
105
  /**
106
+ * Register API Routes service
107
+ *
108
  * @return void
109
+ *
110
  * @access public
111
+ * @version 6.0.0
112
  */
113
+ public static function register()
114
+ {
115
+ AAM_Backend_Feature::registerFeature((object)array(
116
  'uid' => 'route',
117
  'position' => 50,
118
  'title' => __('API Routes', AAM_KEY),
119
+ 'capability' => self::ACCESS_CAPABILITY,
120
  'type' => 'main',
121
  'subjects' => array(
122
+ AAM_Core_Subject_Role::UID,
123
  AAM_Core_Subject_User::UID,
124
  AAM_Core_Subject_Visitor::UID,
125
  AAM_Core_Subject_Default::UID
126
  ),
 
127
  'view' => __CLASS__
128
  ));
129
  }
application/Backend/Feature/Main/Toolbar.php CHANGED
@@ -5,150 +5,146 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
- * Backend menu manager
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Main_Toolbar extends AAM_Backend_Feature_Abstract {
17
-
 
 
 
 
18
  /**
19
- * Construct
 
 
20
  */
21
- public function __construct() {
22
- parent::__construct();
23
-
24
- $allowed = AAM_Backend_Subject::getInstance()->isAllowedToManage();
25
- if (!$allowed || !current_user_can('aam_manage_admin_toolbar')) {
26
- AAM::api()->denyAccess(array('reason' => 'aam_manage_admin_toolbar'));
27
- }
28
- }
29
 
30
  /**
31
- * Undocumented function
32
  *
33
- * @return void
34
  */
35
- public function save() {
36
- $items = AAM_Core_Request::post('items', array());
37
- $status = AAM_Core_Request::post('status');
38
 
39
- $object = AAM_Backend_Subject::getInstance()->getObject('toolbar');
40
-
41
- foreach($items as $item) {
42
- $object->updateOptionItem($item, $status);
43
- }
44
-
45
- $object->save();
46
 
47
- return wp_json_encode(array('status' => 'success'));
48
- }
49
-
50
  /**
51
- *
52
- * @return type
 
 
 
 
53
  */
54
- public function reset() {
55
- return AAM_Backend_Subject::getInstance()->resetObject('toolbar');
 
 
 
 
 
 
 
 
 
 
 
 
 
56
  }
57
 
58
  /**
59
- * Get subject's menu
60
- *
61
- * Based on the list of capabilities that current subject has, prepare
62
- * complete menu list and return it.
63
- *
64
  * @return array
65
- *
66
  * @access public
67
- * @global array $menu
68
  */
69
- public function getToolbar() {
70
- return json_decode(base64_decode(AAM_Core_Request::post('toolbar')));
 
71
  }
72
-
73
  /**
74
- *
75
- * @param type $branch
76
- * @return type
 
 
 
 
 
77
  */
78
- public function getAllChildren($branch) {
 
79
  $children = array();
80
-
81
- foreach($branch->children as $child) {
82
- if (empty($child->type) || !in_array($child->type, array('container', 'group'), true)) {
 
83
  $children[] = $child;
84
  }
85
- if(!empty($child->children)) {
86
  $children = array_merge($children, $this->getAllChildren($child));
87
  }
88
  }
89
-
90
  return $children;
91
  }
92
-
93
- /**
94
- *
95
- * @param type $node
96
- * @return type
97
- */
98
- public function normalizeTitle($node) {
99
- return ucwords(
100
- trim(
101
- preg_replace(
102
- '/[\d]/',
103
- '',
104
- wp_strip_all_tags(!empty($node->title) ? $node->title : $node->id)
105
- )
106
- )
107
- );
108
- }
109
-
110
- /**
111
- * @inheritdoc
112
- */
113
- public static function getTemplate() {
114
- return 'main/toolbar.phtml';
115
- }
116
 
117
  /**
118
- * Check inheritance status
119
- *
120
- * Check if menu settings are overwritten
121
- *
122
- * @return boolean
123
- *
124
  * @access protected
 
125
  */
126
- protected function isOverwritten() {
127
- $object = AAM_Backend_Subject::getInstance()->getObject('toolbar');
128
-
129
- return $object->isOverwritten();
 
130
  }
131
 
132
  /**
133
  * Register Menu feature
134
- *
135
  * @return void
136
- *
137
  * @access public
 
138
  */
139
- public static function register() {
 
140
  AAM_Backend_Feature::registerFeature((object) array(
141
  'uid' => 'toolbar',
142
  'position' => 6,
143
- 'title' => __('Admin Toolbar', AAM_KEY),
144
- 'capability' => 'aam_manage_admin_toolbar',
145
  'type' => 'main',
146
  'subjects' => array(
147
- AAM_Core_Subject_Role::UID,
148
  AAM_Core_Subject_User::UID,
149
  AAM_Core_Subject_Default::UID
150
  ),
151
- 'option' => 'core.settings.backendAccessControl,core.settings.frontendAccessControl',
152
  'view' => __CLASS__
153
  ));
154
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
+ * Toolbar manager
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Main_Toolbar
19
+ extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAware
20
+ {
21
+
22
+ use AAM_Core_Contract_RequestTrait;
23
+
24
  /**
25
+ * Default access capability to the service
26
+ *
27
+ * @version 6.0.0
28
  */
29
+ const ACCESS_CAPABILITY = 'aam_manage_toolbar';
 
 
 
 
 
 
 
30
 
31
  /**
32
+ * Type of AAM core object
33
  *
34
+ * @version 6.0.0
35
  */
36
+ const OBJECT_TYPE = AAM_Core_Object_Toolbar::OBJECT_TYPE;
 
 
37
 
38
+ /**
39
+ * HTML template to render
40
+ *
41
+ * @version 6.0.0
42
+ */
43
+ const TEMPLATE = 'service/toolbar.php';
 
44
 
 
 
 
45
  /**
46
+ * Save toolbar settings
47
+ *
48
+ * @return string
49
+ *
50
+ * @access public
51
+ * @version 6.0.0
52
  */
53
+ public function save()
54
+ {
55
+ $status = $this->getFromPost('status');
56
+ $items = $this->getFromPost('items', FILTER_DEFAULT, FILTER_REQUIRE_ARRAY);
57
+
58
+ $subject = AAM_Backend_Subject::getInstance();
59
+ $object = $subject->getObject(self::OBJECT_TYPE, null, true);
60
+
61
+ foreach ($items as $item) {
62
+ $object->updateOptionItem($item, !empty($status));
63
+ }
64
+
65
+ return wp_json_encode(
66
+ array('status' => ($object->save() ? 'success' : 'failure'))
67
+ );
68
  }
69
 
70
  /**
71
+ * Get toolbar
72
+ *
 
 
 
73
  * @return array
74
+ *
75
  * @access public
76
+ * @version 6.0.0
77
  */
78
+ public function getToolbar()
79
+ {
80
+ return AAM_Service_Toolbar::getInstance()->getToolbarCache();
81
  }
82
+
83
  /**
84
+ * Get list of child items
85
+ *
86
+ * @param object $branch
87
+ *
88
+ * @return array
89
+ *
90
+ * @access public
91
+ * @version 6.0.0
92
  */
93
+ public function getAllChildren($branch)
94
+ {
95
  $children = array();
96
+ $types = array('container', 'group');
97
+
98
+ foreach ($branch->children as $child) {
99
+ if (empty($child->type) || !in_array($child->type, $types, true)) {
100
  $children[] = $child;
101
  }
102
+ if (!empty($child->children)) {
103
  $children = array_merge($children, $this->getAllChildren($child));
104
  }
105
  }
106
+
107
  return $children;
108
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
109
 
110
  /**
111
+ * Normalize the item title
112
+ *
113
+ * @param object $node
114
+ *
115
+ * @return string
116
+ *
117
  * @access protected
118
+ * @version 6.0.0
119
  */
120
+ protected function normalizeTitle($node)
121
+ {
122
+ $title = wp_strip_all_tags(!empty($node->title) ? $node->title : $node->id);
123
+
124
+ return ucwords(trim(preg_replace('/[\d]/', '', $title)));
125
  }
126
 
127
  /**
128
  * Register Menu feature
129
+ *
130
  * @return void
131
+ *
132
  * @access public
133
+ * @version 6.0.0
134
  */
135
+ public static function register()
136
+ {
137
  AAM_Backend_Feature::registerFeature((object) array(
138
  'uid' => 'toolbar',
139
  'position' => 6,
140
+ 'title' => __('Toolbar', AAM_KEY),
141
+ 'capability' => self::ACCESS_CAPABILITY,
142
  'type' => 'main',
143
  'subjects' => array(
144
+ AAM_Core_Subject_Role::UID,
145
  AAM_Core_Subject_User::UID,
146
  AAM_Core_Subject_Default::UID
147
  ),
 
148
  'view' => __CLASS__
149
  ));
150
  }
application/Backend/Feature/Main/Uri.php CHANGED
@@ -5,160 +5,142 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
- * WordPress API manager
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Main_Uri extends AAM_Backend_Feature_Abstract {
17
-
18
- /**
19
- * Construct
20
- */
21
- public function __construct() {
22
- parent::__construct();
23
-
24
- $allowed = AAM_Backend_Subject::getInstance()->isAllowedToManage();
25
- if (!$allowed || !current_user_can('aam_manage_uri')) {
26
- AAM::api()->denyAccess(array('reason' => 'aam_manage_uri'));
27
- }
28
- }
29
-
30
- /**
31
- *
32
- * @return type
33
- */
34
- public function getTable() {
35
- return wp_json_encode($this->retrieveAllRules());
36
- }
37
 
38
  /**
39
- *
40
- * @return type
41
- */
42
- public function save() {
43
- $uri = filter_input(INPUT_POST, 'uri');
44
- $id = filter_input(INPUT_POST, 'id');
45
- $type = filter_input(INPUT_POST, 'type');
46
- $value = filter_input(INPUT_POST, 'value');
47
- $code = filter_input(INPUT_POST, 'code');
48
-
49
- $object = AAM_Backend_Subject::getInstance()->getObject('uri');
50
-
51
- if (empty($id)) {
52
- $id = uniqid();
53
- }
54
-
55
- $object->save($id, str_replace(site_url(), '', $uri), $type, $value, $code);
56
-
57
- return wp_json_encode(array('status' => 'success'));
58
- }
59
-
60
- /**
61
- *
62
- * @return type
63
  */
64
- public function reset() {
65
- return AAM_Backend_Subject::getInstance()->resetObject('uri');
66
- }
67
-
68
  /**
69
- *
70
- * @return type
 
71
  */
72
- public function delete() {
73
- $id = filter_input(INPUT_POST, 'id');
74
- $object = AAM_Backend_Subject::getInstance()->getObject('uri');
75
-
76
- $object->delete($id);
77
-
78
- return wp_json_encode(array('status' => 'success'));
79
- }
80
 
81
  /**
82
- * @inheritdoc
 
 
83
  */
84
- public static function getTemplate() {
85
- return 'main/uri.phtml';
86
- }
87
-
88
  /**
89
- *
90
- * @return type
 
 
 
 
91
  */
92
- public function isVisitor() {
 
93
  $subject = AAM_Backend_Subject::getInstance();
94
-
95
- return $subject->getUID() === AAM_Core_Subject_Visitor::UID;
96
- }
97
-
98
- /**
99
- *
100
- * @return type
101
- */
102
- protected function retrieveAllRules() {
103
- $rules = AAM_Backend_Subject::getInstance()->getObject('uri')->getOption();
104
-
105
  $response = array(
106
  'recordsTotal' => count($rules),
107
  'recordsFiltered' => count($rules),
108
- 'draw' => AAM_Core_Request::request('draw'),
109
  'data' => array(),
110
  );
111
-
112
- foreach($rules as $id => $rule) {
113
  $response['data'][] = array(
114
- $id,
115
- $rule['uri'],
116
  $rule['type'],
117
  $rule['action'],
118
  isset($rule['code']) ? $rule['code'] : 307,
119
  'edit,delete'
120
  );
121
  }
122
-
123
- return $response;
124
  }
125
 
126
  /**
127
- * Check inheritance status
128
- *
129
- * Check if menu settings are overwritten
130
- *
131
- * @return boolean
132
- *
133
- * @access protected
134
  */
135
- protected function isOverwritten() {
136
- $object = AAM_Backend_Subject::getInstance()->getObject('uri');
137
-
138
- return $object->isOverwritten();
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
139
  }
140
 
141
  /**
142
- * Register Menu feature
143
- *
144
  * @return void
145
- *
146
  * @access public
 
147
  */
148
- public static function register() {
 
149
  AAM_Backend_Feature::registerFeature((object) array(
150
  'uid' => 'uri',
151
  'position' => 55,
152
  'title' => __('URI Access', AAM_KEY),
153
- 'capability' => 'aam_manage_uri',
154
  'type' => 'main',
155
  'subjects' => array(
156
- AAM_Core_Subject_Role::UID,
157
  AAM_Core_Subject_User::UID,
158
  AAM_Core_Subject_Visitor::UID,
159
  AAM_Core_Subject_Default::UID
160
  ),
161
- 'option' => 'core.settings.backendAccessControl,core.settings.frontendAccessControl',
162
  'view' => __CLASS__
163
  ));
164
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
+ * URI service
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Main_Uri
19
+ extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAware
20
+ {
21
+
22
+ use AAM_Core_Contract_RequestTrait;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
23
 
24
  /**
25
+ * Default access capability to the feature
26
+ *
27
+ * @version 6.0.0
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
28
  */
29
+ const ACCESS_CAPABILITY = 'aam_manage_uri';
30
+
 
 
31
  /**
32
+ * Type of AAM core object
33
+ *
34
+ * @version 6.0.0
35
  */
36
+ const OBJECT_TYPE = AAM_Core_Object_Uri::OBJECT_TYPE;
 
 
 
 
 
 
 
37
 
38
  /**
39
+ * HTML template to render
40
+ *
41
+ * @version 6.0.0
42
  */
43
+ const TEMPLATE = 'service/uri.php';
44
+
 
 
45
  /**
46
+ * Get list of all rules
47
+ *
48
+ * @return string
49
+ *
50
+ * @access public
51
+ * @version 6.0.0
52
  */
53
+ public function getTable()
54
+ {
55
  $subject = AAM_Backend_Subject::getInstance();
56
+ $rules = $subject->getObject(self::OBJECT_TYPE)->getOption();
57
+
 
 
 
 
 
 
 
 
 
58
  $response = array(
59
  'recordsTotal' => count($rules),
60
  'recordsFiltered' => count($rules),
61
+ 'draw' => $this->getFromRequest('draw'),
62
  'data' => array(),
63
  );
64
+
65
+ foreach ($rules as $uri => $rule) {
66
  $response['data'][] = array(
67
+ $uri,
 
68
  $rule['type'],
69
  $rule['action'],
70
  isset($rule['code']) ? $rule['code'] : 307,
71
  'edit,delete'
72
  );
73
  }
74
+
75
+ return wp_json_encode($response);
76
  }
77
 
78
  /**
79
+ * Save URI access rule
80
+ *
81
+ * @return string
82
+ *
83
+ * @access public
84
+ * @version 6.0.0
 
85
  */
86
+ public function save()
87
+ {
88
+ $uri = str_replace(site_url(), '', $this->getFromPost('uri'));
89
+ $type = $this->getFromPost('type');
90
+ $value = $this->getFromPost('value');
91
+ $code = $this->getFromPost('code');
92
+
93
+ $object = AAM_Backend_Subject::getInstance()->getObject(self::OBJECT_TYPE);
94
+
95
+ $result = $object->updateOptionItem($uri, array(
96
+ 'type' => $type,
97
+ 'action' => $value,
98
+ 'code' => $code
99
+ ))->save();
100
+
101
+ return wp_json_encode(array('status' => ($result ? 'success' : 'failure')));
102
+ }
103
+
104
+ /**
105
+ * Delete URI access rule
106
+ *
107
+ * @return string
108
+ *
109
+ * @access public
110
+ * @version 6.0.0
111
+ */
112
+ public function delete()
113
+ {
114
+ $uri = filter_input(INPUT_POST, 'uri');
115
+ $object = AAM_Backend_Subject::getInstance()->getObject(self::OBJECT_TYPE);
116
+
117
+ return wp_json_encode(
118
+ array('status' => ($object->delete($uri) ? 'success' : 'failure'))
119
+ );
120
  }
121
 
122
  /**
123
+ * Register service UI
124
+ *
125
  * @return void
126
+ *
127
  * @access public
128
+ * @version 6.0.0
129
  */
130
+ public static function register()
131
+ {
132
  AAM_Backend_Feature::registerFeature((object) array(
133
  'uid' => 'uri',
134
  'position' => 55,
135
  'title' => __('URI Access', AAM_KEY),
136
+ 'capability' => self::ACCESS_CAPABILITY,
137
  'type' => 'main',
138
  'subjects' => array(
139
+ AAM_Core_Subject_Role::UID,
140
  AAM_Core_Subject_User::UID,
141
  AAM_Core_Subject_Visitor::UID,
142
  AAM_Core_Subject_Default::UID
143
  ),
 
144
  'view' => __CLASS__
145
  ));
146
  }
application/Backend/Feature/Main/{GetStarted.php → Welcome.php} RENAMED
@@ -5,35 +5,40 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
- * Backend Get Started manager
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Main_GetStarted extends AAM_Backend_Feature_Abstract {
17
-
 
18
  /**
19
- * @inheritdoc
 
 
20
  */
21
- public static function getTemplate() {
22
- return 'main/get-started.phtml';
23
- }
24
-
25
  /**
26
- * Register 404 redirect feature
27
- *
28
  * @return void
29
- *
30
  * @access public
 
31
  */
32
- public static function register() {
 
33
  AAM_Backend_Feature::registerFeature((object) array(
34
- 'uid' => 'get-started',
35
  'position' => 1,
36
- 'title' => __('Get Started', AAM_KEY),
37
  'type' => 'main',
38
  'subjects' => array(
39
  AAM_Core_Subject_Default::UID,
@@ -41,7 +46,6 @@ class AAM_Backend_Feature_Main_GetStarted extends AAM_Backend_Feature_Abstract
41
  AAM_Core_Subject_User::UID,
42
  AAM_Core_Subject_Visitor::UID
43
  ),
44
- 'option' => 'core.settings.getStarted',
45
  'view' => __CLASS__
46
  ));
47
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
+ * AAM Welcome backend service
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Main_Welcome extends AAM_Backend_Feature_Abstract
19
+ {
20
+
21
  /**
22
+ * HTML template to render
23
+ *
24
+ * @version 6.0.0
25
  */
26
+ const TEMPLATE = 'service/welcome.php';
27
+
 
 
28
  /**
29
+ * Register welcome service
30
+ *
31
  * @return void
32
+ *
33
  * @access public
34
+ * @version 6.0.0
35
  */
36
+ public static function register()
37
+ {
38
  AAM_Backend_Feature::registerFeature((object) array(
39
+ 'uid' => 'welcome',
40
  'position' => 1,
41
+ 'title' => __('Welcome', AAM_KEY),
42
  'type' => 'main',
43
  'subjects' => array(
44
  AAM_Core_Subject_Default::UID,
46
  AAM_Core_Subject_User::UID,
47
  AAM_Core_Subject_Visitor::UID
48
  ),
 
49
  'view' => __CLASS__
50
  ));
51
  }
application/Backend/Feature/Settings/ConfigPress.php CHANGED
@@ -5,71 +5,69 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
- * Backend ConfigPress
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Settings_ConfigPress extends AAM_Backend_Feature_Abstract {
17
-
 
 
 
18
  /**
19
- * Construct
 
 
20
  */
21
- public function __construct() {
22
- parent::__construct();
23
-
24
- if (!current_user_can('aam_manage_settings')) {
25
- AAM::api()->denyAccess(array('reason' => 'aam_manage_settings'));
26
- }
27
- }
28
-
29
  /**
30
- * @inheritdoc
 
 
31
  */
32
- public static function getTemplate() {
33
- return 'settings/configpress.phtml';
34
- }
35
-
36
  /**
37
  * Save config
38
- *
39
  * @return boolean
40
- *
41
  * @access protected
 
42
  */
43
- public function save() {
44
- $blog = (defined('BLOG_ID_CURRENT_SITE') ? BLOG_ID_CURRENT_SITE : 1);
45
- $config = filter_input(INPUT_POST, 'config');
46
-
47
- //normalize
48
  $data = str_replace(array('“', '”'), '"', $config);
49
-
50
- return AAM_Core_API::updateOption('aam-configpress', $data, $blog);
51
  }
52
-
53
  /**
54
- * Register Contact/Hire feature
55
- *
56
  * @return void
57
- *
58
  * @access public
 
59
  */
60
- public static function register() {
 
61
  AAM_Backend_Feature::registerFeature((object) array(
62
  'uid' => 'configpress',
63
  'position' => 90,
64
  'title' => __('ConfigPress', AAM_KEY),
65
- 'capability' => 'aam_manage_settings',
66
  'type' => 'settings',
67
- 'subjects' => array(
68
- AAM_Core_Subject_Role::UID,
69
- AAM_Core_Subject_User::UID,
70
- AAM_Core_Subject_Visitor::UID,
71
- AAM_Core_Subject_Default::UID
72
- ),
73
  'view' => __CLASS__
74
  ));
75
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
+ * Backend ConfigPress tab
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Settings_ConfigPress extends AAM_Backend_Feature_Abstract
19
+ {
20
+
21
+ use AAM_Core_Contract_RequestTrait;
22
+
23
  /**
24
+ * Default access capability to the settings
25
+ *
26
+ * @version 6.0.0
27
  */
28
+ const ACCESS_CAPABILITY = 'aam_manage_settings';
29
+
 
 
 
 
 
 
30
  /**
31
+ * HTML template to render
32
+ *
33
+ * @version 6.0.0
34
  */
35
+ const TEMPLATE = 'settings/configpress.php';
36
+
 
 
37
  /**
38
  * Save config
39
+ *
40
  * @return boolean
41
+ *
42
  * @access protected
43
+ * @version 6.0.0
44
  */
45
+ public function save()
46
+ {
47
+ $config = $this->getFromPost('config');
48
+
49
+ // Normalize ConfigPress settings
50
  $data = str_replace(array('“', '”'), '"', $config);
51
+
52
+ return AAM_Core_ConfigPress::getInstance()->save($data);
53
  }
54
+
55
  /**
56
+ * Register service UI
57
+ *
58
  * @return void
59
+ *
60
  * @access public
61
+ * @version 6.0.0
62
  */
63
+ public static function register()
64
+ {
65
  AAM_Backend_Feature::registerFeature((object) array(
66
  'uid' => 'configpress',
67
  'position' => 90,
68
  'title' => __('ConfigPress', AAM_KEY),
69
+ 'capability' => self::ACCESS_CAPABILITY,
70
  'type' => 'settings',
 
 
 
 
 
 
71
  'view' => __CLASS__
72
  ));
73
  }
application/Backend/Feature/Settings/Content.php CHANGED
@@ -5,68 +5,61 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Backend content settings
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Settings_Content extends AAM_Backend_Feature_Abstract {
17
-
 
18
  /**
19
- * Construct
 
 
20
  */
21
- public function __construct() {
22
- parent::__construct();
23
-
24
- if (!current_user_can('aam_manage_settings')) {
25
- AAM::api()->denyAccess(array('reason' => 'aam_manage_settings'));
26
- }
27
- }
28
-
29
  /**
30
- * @inheritdoc
 
 
31
  */
32
- public static function getTemplate() {
33
- return 'settings/content.phtml';
34
- }
35
-
36
  /**
37
- *
38
- * @return type
 
 
 
 
39
  */
40
- protected function getList() {
41
- $settings = array(
42
- 'core.settings.mediaAccessControl' => array(
43
- 'title' => __('Media Files Access Control', AAM_KEY),
44
- 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Allow AAM to manage a physically access to all media files located in the defined by the system [uploads] folder. [Note!] This feature requires additional steps as described in %sthis article%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/article/how-to-manage-wordpress-media-access" target="_blank">', '</a>'),
45
- 'value' => AAM_Core_Config::get('core.settings.mediaAccessControl', false)
46
- ),
47
- 'core.settings.manageHiddenPostTypes' => array(
48
- 'title' => __('Manage Hidden Post Types', AAM_KEY),
49
- 'descr' => __('By default AAM allows you to manage access only to public post types on Posts & Terms tab. By enabling this feature, you also will be able to manage access to hidden post types like revisions, navigation menus or any other custom post types that are not registered as public.', AAM_KEY),
50
- 'value' => AAM_Core_Config::get('core.settings.manageHiddenPostTypes', false)
51
- )
52
- );
53
-
54
- return apply_filters('aam-settings-filter', $settings, 'post');
55
  }
56
-
57
  /**
58
- * Register Contact/Hire feature
59
- *
60
  * @return void
61
- *
62
  * @access public
 
63
  */
64
- public static function register() {
65
- AAM_Backend_Feature::registerFeature((object) array(
 
66
  'uid' => 'settings-content',
67
  'position' => 5,
68
  'title' => __('Content Settings', AAM_KEY),
69
- 'capability' => 'aam_manage_settings',
70
  'type' => 'settings',
71
  'view' => __CLASS__
72
  ));
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Backend content settings
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Settings_Content extends AAM_Backend_Feature_Abstract
19
+ {
20
+
21
  /**
22
+ * Default access capability to the collection of settings
23
+ *
24
+ * @version 6.0.0
25
  */
26
+ const ACCESS_CAPABILITY = 'aam_manage_settings';
27
+
 
 
 
 
 
 
28
  /**
29
+ * HTML template to render
30
+ *
31
+ * @version 6.0.0
32
  */
33
+ const TEMPLATE = 'settings/content.php';
34
+
 
 
35
  /**
36
+ * Get list of content options
37
+ *
38
+ * @return array
39
+ *
40
+ * @access public
41
+ * @version 6.0.0
42
  */
43
+ public static function getList()
44
+ {
45
+ return apply_filters('aam_settings_list_filter', array(), 'content');
 
 
 
 
 
 
 
 
 
 
 
 
46
  }
47
+
48
  /**
49
+ * Register service UI
50
+ *
51
  * @return void
52
+ *
53
  * @access public
54
+ * @version 6.0.0
55
  */
56
+ public static function register()
57
+ {
58
+ AAM_Backend_Feature::registerFeature((object)array(
59
  'uid' => 'settings-content',
60
  'position' => 5,
61
  'title' => __('Content Settings', AAM_KEY),
62
+ 'capability' => self::ACCESS_CAPABILITY,
63
  'type' => 'settings',
64
  'view' => __CLASS__
65
  ));
application/Backend/Feature/Settings/Core.php CHANGED
@@ -5,128 +5,79 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Backend core settings
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Settings_Core extends AAM_Backend_Feature_Abstract {
17
-
 
18
  /**
19
- * Construct
 
 
20
  */
21
- public function __construct() {
22
- parent::__construct();
23
-
24
- if (!current_user_can('aam_manage_settings')) {
25
- AAM::api()->denyAccess(array('reason' => 'aam_manage_settings'));
26
- }
27
- }
28
-
29
  /**
30
- * @inheritdoc
 
 
31
  */
32
- public static function getTemplate() {
33
- return 'settings/core.phtml';
34
- }
35
-
36
  /**
37
- *
38
- * @return type
 
 
 
 
39
  */
40
- protected function getList() {
 
41
  $settings = array(
42
- 'core.settings.getStarted' => array(
43
- 'title' => __('Get Started Tab', AAM_KEY),
44
- 'descr' => __('Display the "Get Started" feature on the Main panel. You can disable this feature to remove the extra tab when you get familiar with core access control concepts.', AAM_KEY),
45
- 'value' => AAM_Core_Config::get('core.settings.getStarted', true)
46
- ),
47
  'core.settings.editCapabilities' => array(
48
- 'title' => __('Edit/Delete Capabilities', AAM_KEY),
49
- 'descr' => AAM_Backend_View_Helper::preparePhrase('Allow to edit or delete any existing capability on the Capabilities tab. [Warning!] For experienced users only. Changing or deleting capability may result in loosing access to some features or even the entire website.', 'b'),
50
- 'value' => AAM_Core_Config::get('core.settings.editCapabilities', true)
51
- ),
52
- 'core.settings.backendAccessControl' => array(
53
- 'title' => __('Backend Access Control', AAM_KEY),
54
- 'descr' => __('Allow AAM to manage access to the backend. Keep this option disabled if there is no needs to restrict backend features for other users.', AAM_KEY),
55
- 'value' => AAM_Core_Config::get('core.settings.backendAccessControl', true)
56
- ),
57
- 'core.settings.frontendAccessControl' => array(
58
- 'title' => __('Frontend Access Control', AAM_KEY),
59
- 'descr' => __('Allow AAM to manage access to the frontend. Keep this option disabled if there is no needs to restrict frontend resources for users and visitors.', AAM_KEY),
60
- 'value' => AAM_Core_Config::get('core.settings.frontendAccessControl', true)
61
- ),
62
- 'core.settings.apiAccessControl' => array(
63
- 'title' => __('API Access Control', AAM_KEY),
64
- 'descr' => __('Allow AAM to manage access to the website resources that are invoked with WordPress core APIs. Keep this option disabled if there is no needs to restrict API access.', AAM_KEY),
65
- 'value' => AAM_Core_Config::get('core.settings.apiAccessControl', true)
66
  ),
67
  'ui.settings.renderAccessMetabox' => array(
68
- 'title' => __('Render Access Manager Metabox', AAM_KEY),
69
- 'descr' => __('Render Access Manager metabox on all post and term edit pages. Access Manager metabox is the quick way to manage access to any post or term without leaving an edit page.', AAM_KEY),
70
- 'value' => AAM_Core_Config::get('ui.settings.renderAccessMetabox', true),
71
- ),
72
- 'ui.settings.renderAccessActionLink' => array(
73
- 'title' => __('Render Access Link', AAM_KEY),
74
- 'descr' => __('Render Access shortcut link under any post, page, custom post type, category, custom taxonomy title or user name.', AAM_KEY),
75
- 'value' => AAM_Core_Config::get('ui.settings.renderAccessActionLink', true),
76
- ),
77
- 'core.settings.secureLogin' => array(
78
- 'title' => __('Secure Login', AAM_KEY),
79
- 'descr' => __('AAM comes with its own user login handler. With this feature you can add AJAX login widget to your frontend page that significantly enhance your website security.', AAM_KEY),
80
- 'value' => AAM_Core_Config::get('core.settings.secureLogin', true)
81
- ),
82
- 'core.settings.xmlrpc' => array(
83
- 'title' => __('XML-RPC WordPress API', AAM_KEY),
84
- 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Remote procedure call (RPC) interface is used to manage WordPress website content and features. For more information check %sXML-RPC Support%s article.', 'b'), '<a href="https://codex.wordpress.org/XML-RPC_Support">', '</a>'),
85
- 'value' => AAM_Core_Config::get('core.settings.xmlrpc', true)
86
- ),
87
- 'core.settings.restful' => array(
88
- 'title' => __('RESTful WordPress API', AAM_KEY),
89
- 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('RESTful interface that is used to manage WordPress website content and features. For more information check %sREST API handbook%s.', 'b'), '<a href="https://developer.wordpress.org/rest-api/">', '</a>'),
90
- 'value' => AAM_Core_Config::get('core.settings.restful', true)
91
- ),
92
- 'core.settings.jwtAuthentication' => array(
93
- 'title' => __('JWT Authentication', AAM_KEY),
94
- 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('[Note!] PHP 5.4 or higher is required for this feature. Enable the ability to authenticate user with WordPress RESTful API and JWT token. For more information, check %sHow to authenticate WordPress user with JWT token%s article', 'b'), '<a href="https://aamplugin.com/article/how-to-authenticate-wordpress-user-with-jwt-token">', '</a>'),
95
- 'value' => AAM_Core_Config::get('core.settings.jwtAuthentication', true)
96
  ),
97
  'core.settings.multiSubject' => array(
98
- 'title' => __('Multiple Roles Support', AAM_KEY),
99
- 'descr' => sprintf(__('Enable support for multiple roles per use. The final access settings or general settings will be computed based on the mergin preferences. For more information check %sWordPress access control for users with multiple roles%s article.', AAM_KEY), '<a href="https://aamplugin.com/article/wordpress-access-control-for-users-with-multiple-roles">', '</a>'),
100
- 'value' => AAM_Core_Config::get('core.settings.multiSubject', false)
101
- ),
102
- 'core.settings.extensionSupport' => array(
103
- 'title' => __('Support AAM Extensions', AAM_KEY),
104
- 'descr' => __('AAM comes with the limited list of premium and free extensions that significantly enhance AAM behavior. You can disable support for AAM extension and any already installed extension will no longer be loaded during the website execution as well as website administrator will not be able to install new extensions.', AAM_KEY),
105
- 'value' => AAM_Core_Config::get('core.settings.extensionSupport', true)
106
- ),
107
- 'core.settings.cron' => array(
108
- 'title' => __('AAM Cron Job', AAM_KEY),
109
- 'descr' => __('AAM cron job executes periodically (typically once a day) to check for available updates for already installed extensions. Cron job is not executed if there are no installed extensions.', AAM_KEY),
110
- 'value' => AAM_Core_Config::get('core.settings.cron', true)
111
  )
112
  );
113
-
114
- return apply_filters('aam-settings-filter', $settings, 'core');
115
  }
116
-
117
  /**
118
- * Register Contact/Hire feature
119
- *
120
  * @return void
121
- *
122
  * @access public
 
123
  */
124
- public static function register() {
125
- AAM_Backend_Feature::registerFeature((object) array(
 
126
  'uid' => 'settings-core',
127
- 'position' => 1,
128
  'title' => __('Core Settings', AAM_KEY),
129
- 'capability' => 'aam_manage_settings',
130
  'type' => 'settings',
131
  'view' => __CLASS__
132
  ));
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Backend core settings
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Settings_Core extends AAM_Backend_Feature_Abstract
19
+ {
20
+
21
  /**
22
+ * Default access capability to the collection of settings
23
+ *
24
+ * @version 6.0.0
25
  */
26
+ const ACCESS_CAPABILITY = 'aam_manage_settings';
27
+
 
 
 
 
 
 
28
  /**
29
+ * HTML template to render
30
+ *
31
+ * @version 6.0.0
32
  */
33
+ const TEMPLATE = 'settings/core.php';
34
+
 
 
35
  /**
36
+ * Get list of core options
37
+ *
38
+ * @return array
39
+ *
40
+ * @access public
41
+ * @version 6.0.0
42
  */
43
+ public static function getList()
44
+ {
45
  $settings = array(
 
 
 
 
 
46
  'core.settings.editCapabilities' => array(
47
+ 'title' => __('Edit/Delete Capabilities', AAM_KEY),
48
+ 'description' => AAM_Backend_View_Helper::preparePhrase('Allow to edit or delete any existing capability on the Capabilities tab. [Warning!] For experienced users only. Changing or deleting capability may result in loosing access to some features or even the entire website.', 'b'),
49
+ 'value' => AAM_Core_Config::get('core.settings.editCapabilities', true)
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
50
  ),
51
  'ui.settings.renderAccessMetabox' => array(
52
+ 'title' => __('Render Access Manager Metabox', AAM_KEY),
53
+ 'description' => __('Render "Access Manager" metabox on all post, term or user edit pages.', AAM_KEY),
54
+ 'value' => AAM_Core_Config::get('ui.settings.renderAccessMetabox', true),
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
55
  ),
56
  'core.settings.multiSubject' => array(
57
+ 'title' => __('Multiple Roles Support', AAM_KEY),
58
+ 'description' => sprintf(__('Enable support for multiple roles per use. The final access settings will be combined based on the merging preferences. For more information check %sWordPress access control for users with multiple roles%s article.', AAM_KEY), '<a href="https://aamplugin.com/article/wordpress-access-control-for-users-with-multiple-roles">', '</a>'),
59
+ 'value' => AAM_Core_Config::get('core.settings.multiSubject', false)
 
 
 
 
 
 
 
 
 
 
60
  )
61
  );
62
+
63
+ return apply_filters('aam_settings_list_filter', $settings, 'core');
64
  }
65
+
66
  /**
67
+ * Register core settings UI
68
+ *
69
  * @return void
70
+ *
71
  * @access public
72
+ * @version 6.0.0
73
  */
74
+ public static function register()
75
+ {
76
+ AAM_Backend_Feature::registerFeature((object)array(
77
  'uid' => 'settings-core',
78
+ 'position' => 5,
79
  'title' => __('Core Settings', AAM_KEY),
80
+ 'capability' => self::ACCESS_CAPABILITY,
81
  'type' => 'settings',
82
  'view' => __CLASS__
83
  ));
application/Backend/Feature/Settings/Manager.php CHANGED
@@ -5,54 +5,76 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
- * Backend Utility manager
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Settings_Manager extends AAM_Backend_Feature_Abstract {
17
-
 
 
 
18
  /**
19
- * Save AAM option
20
- *
 
 
 
 
 
 
 
21
  * @return string
22
  *
23
  * @access public
 
24
  */
25
- public function save() {
26
- $param = filter_input(INPUT_POST, 'param');
27
- $value = filter_input(INPUT_POST, 'value');
28
-
 
29
  AAM_Core_Config::set($param, $value);
30
-
31
  return wp_json_encode(array('status' => 'success'));
32
  }
33
-
34
  /**
35
  * Clear all AAM settings
36
- *
37
  * @return string
38
- *
39
  * @access public
 
40
  */
41
- public function clearSettings() {
 
42
  AAM_Core_API::clearSettings();
43
 
44
  return wp_json_encode(array('status' => 'success'));
45
  }
46
 
47
  /**
48
- * Clear AAM cache manually
49
- *
50
- * @return string
51
- *
52
  * @access public
 
53
  */
54
- public function clearCache() {
55
- return wp_json_encode(array('status' => 'success'));
 
 
 
 
 
56
  }
57
-
58
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
+ * Backend Settings area abstract manager
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Settings_Manager extends AAM_Backend_Feature_Abstract
19
+ {
20
+
21
+ use AAM_Core_Contract_RequestTrait;
22
+
23
  /**
24
+ * Default access capability to the settings tab
25
+ *
26
+ * @version 6.0.0
27
+ */
28
+ const ACCESS_CAPABILITY = 'aam_manage_settings';
29
+
30
+ /**
31
+ * Save the option
32
+ *
33
  * @return string
34
  *
35
  * @access public
36
+ * @version 6.0.0
37
  */
38
+ public function save()
39
+ {
40
+ $param = $this->getFromPost('param');
41
+ $value = $this->getFromPost('value');
42
+
43
  AAM_Core_Config::set($param, $value);
44
+
45
  return wp_json_encode(array('status' => 'success'));
46
  }
47
+
48
  /**
49
  * Clear all AAM settings
50
+ *
51
  * @return string
52
+ *
53
  * @access public
54
+ * @version 6.0.0
55
  */
56
+ public function clearSettings()
57
+ {
58
  AAM_Core_API::clearSettings();
59
 
60
  return wp_json_encode(array('status' => 'success'));
61
  }
62
 
63
  /**
64
+ * Register settings UI manager
65
+ *
66
+ * @return void
67
+ *
68
  * @access public
69
+ * @version 6.0.0
70
  */
71
+ public static function register()
72
+ {
73
+ AAM_Backend_Feature::registerFeature((object) array(
74
+ 'capability' => self::ACCESS_CAPABILITY,
75
+ 'type' => 'core',
76
+ 'view' => __CLASS__
77
+ ));
78
  }
79
+
80
  }
application/Backend/Feature/Settings/Security.php CHANGED
@@ -5,78 +5,74 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Backend security settings
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Settings_Security extends AAM_Backend_Feature_Abstract {
17
-
 
18
  /**
19
- * Construct
 
 
20
  */
21
- public function __construct() {
22
- parent::__construct();
23
-
24
- if (!current_user_can('aam_manage_settings')) {
25
- AAM::api()->denyAccess(array('reason' => 'aam_manage_settings'));
26
- }
27
- }
28
-
29
  /**
30
- * @inheritdoc
 
 
31
  */
32
- public static function getTemplate() {
33
- return 'settings/security.phtml';
34
- }
35
-
36
  /**
37
- *
38
- * @return type
 
 
 
 
39
  */
40
- protected function getList() {
 
41
  $settings = array(
42
- 'core.settings.loginTimeout' => array(
43
- 'title' => __('Login Timeout', AAM_KEY),
44
- 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Delay the login process for 1 second (the value is configurable) to significantly reduce the chance for brute force or dictionary attack. For more information about this option please refer to %sHow does AAM Secure Login works%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/article/how-does-aam-secure-login-works" target="_blank">', '</a>'),
45
- 'value' => AAM_Core_Config::get('core.settings.loginTimeout', false)
46
- ),
47
- 'core.settings.loginTimeout' => array(
48
- 'title' => __('Login Timeout', AAM_KEY),
49
- 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Delay the login process for 1 second (the value is configurable) to significantly reduce the chance for brute force or dictionary attack. For more information about this option please refer to %sHow does AAM Secure Login works%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/article/how-does-aam-secure-login-works" target="_blank">', '</a>'),
50
- 'value' => AAM_Core_Config::get('core.settings.loginTimeout', false)
51
- ),
52
- 'core.settings.singleSession' => array(
53
- 'title' => __('One Session Per User', AAM_KEY),
54
- 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Automatically destroy all other sessions for a user if he/she tries to login from different location. For more information about this option please refer to %sHow does AAM Secure Login works%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/article/how-does-aam-secure-login-works" target="_blank">', '</a>'),
55
- 'value' => AAM_Core_Config::get('core.settings.singleSession', false)
56
  ),
57
- 'core.settings.bruteForceLockout' => array(
58
- 'title' => __('Brute Force Lockout', AAM_KEY),
59
- 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('Automatically reject login attempts if number of unsuccessful login attempts is more than 20 over the period of 2 minutes (both values are configurable). For more information about this option please refer to %sHow does AAM Secure Login works%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/article/how-does-aam-secure-login-works" target="_blank">', '</a>'),
60
- 'value' => AAM_Core_Config::get('core.settings.bruteForceLockout', false)
61
  ),
62
  );
63
-
64
- return apply_filters('aam-settings-filter', $settings, 'security');
65
  }
66
-
67
  /**
68
- * Register Contact/Hire feature
69
- *
70
  * @return void
71
- *
72
  * @access public
 
73
  */
74
- public static function register() {
 
75
  AAM_Backend_Feature::registerFeature((object) array(
76
  'uid' => 'settings-security',
77
  'position' => 6,
78
  'title' => __('Security Settings', AAM_KEY),
79
- 'capability' => 'aam_manage_settings',
80
  'type' => 'settings',
81
  'view' => __CLASS__
82
  ));
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Backend security settings
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Settings_Security extends AAM_Backend_Feature_Abstract
19
+ {
20
+
21
  /**
22
+ * Default access capability to the collection of settings
23
+ *
24
+ * @version 6.0.0
25
  */
26
+ const ACCESS_CAPABILITY = 'aam_manage_settings';
27
+
 
 
 
 
 
 
28
  /**
29
+ * HTML template to render
30
+ *
31
+ * @version 6.0.0
32
  */
33
+ const TEMPLATE = 'settings/security.php';
34
+
 
 
35
  /**
36
+ * Get list of security options
37
+ *
38
+ * @return array
39
+ *
40
+ * @access public
41
+ * @version 6.0.0
42
  */
43
+ public static function getList()
44
+ {
45
  $settings = array(
46
+ 'service.secureLogin.feature.singleSession' => array(
47
+ 'title' => __('One Session Per User', AAM_KEY),
48
+ 'description' => sprintf(AAM_Backend_View_Helper::preparePhrase('Automatically destroy all other sessions for a user if he/she tries to login from different location. For more information about this option please refer to %sHow does AAM Secure Login works%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/article/how-does-aam-secure-login-works" target="_blank">', '</a>'),
49
+ 'value' => AAM_Core_Config::get('service.secureLogin.feature.singleSession', false)
 
 
 
 
 
 
 
 
 
 
50
  ),
51
+ 'service.secureLogin.feature.bruteForceLockout' => array(
52
+ 'title' => __('Brute Force Lockout', AAM_KEY),
53
+ 'description' => sprintf(AAM_Backend_View_Helper::preparePhrase('Automatically reject login attempts if number of unsuccessful login attempts is more than 20 over the period of 2 minutes (both values are configurable). For more information about this option please refer to %sHow does AAM Secure Login works%s.', 'strong', 'strong'), '<a href="https://aamplugin.com/article/how-does-aam-secure-login-works" target="_blank">', '</a>'),
54
+ 'value' => AAM_Core_Config::get('service.secureLogin.feature.bruteForceLockout', false)
55
  ),
56
  );
57
+
58
+ return apply_filters('aam_settings_list_filter', $settings, 'security');
59
  }
60
+
61
  /**
62
+ * Register security settings
63
+ *
64
  * @return void
65
+ *
66
  * @access public
67
+ * @version 6.0.0
68
  */
69
+ public static function register()
70
+ {
71
  AAM_Backend_Feature::registerFeature((object) array(
72
  'uid' => 'settings-security',
73
  'position' => 6,
74
  'title' => __('Security Settings', AAM_KEY),
75
+ 'capability' => self::ACCESS_CAPABILITY,
76
  'type' => 'settings',
77
  'view' => __CLASS__
78
  ));
application/Backend/Feature/Settings/Service.php ADDED
@@ -0,0 +1,75 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
+ */
11
+
12
+ /**
13
+ * AAM services
14
+ *
15
+ * @package AAM
16
+ * @version 6.0.0
17
+ */
18
+ class AAM_Backend_Feature_Settings_Service extends AAM_Backend_Feature_Abstract
19
+ {
20
+
21
+ /**
22
+ * Default access capability to the collection of settings
23
+ *
24
+ * @version 6.0.0
25
+ */
26
+ const ACCESS_CAPABILITY = 'aam_manage_services';
27
+
28
+ /**
29
+ * HTML template to render
30
+ *
31
+ * @version 6.0.0
32
+ */
33
+ const TEMPLATE = 'settings/service.php';
34
+
35
+ /**
36
+ * Get list of services
37
+ *
38
+ * @return array
39
+ *
40
+ * @access public
41
+ * @version 6.0.0
42
+ */
43
+ public static function getList()
44
+ {
45
+ $response = apply_filters('aam_service_list_filter', array());
46
+
47
+ // Get each service status
48
+ foreach ($response as &$service) {
49
+ $service['status'] = AAM_Core_Config::get($service['setting'], 1);
50
+ }
51
+
52
+ return $response;
53
+ }
54
+
55
+ /**
56
+ * Register services settings tab
57
+ *
58
+ * @return void
59
+ *
60
+ * @access public
61
+ * @version 6.0.0
62
+ */
63
+ public static function register()
64
+ {
65
+ AAM_Backend_Feature::registerFeature((object) array(
66
+ 'uid' => 'settings-services',
67
+ 'position' => 1,
68
+ 'title' => __('Services', AAM_KEY),
69
+ 'capability' => self::ACCESS_CAPABILITY,
70
+ 'type' => 'settings',
71
+ 'view' => __CLASS__
72
+ ));
73
+ }
74
+
75
+ }
application/Backend/Feature/Subject/Role.php CHANGED
@@ -5,35 +5,38 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Role view manager
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Subject_Role {
17
-
 
18
  /**
19
- * Construct
 
 
20
  */
21
- public function __construct() {
22
- if (!current_user_can('aam_manage_roles')) {
23
- AAM::api()->denyAccess(array('reason' => 'aam_manage_roles'));
24
- }
25
- }
26
-
27
  /**
28
  * Get role list
29
- *
30
  * Prepare and return the list of roles for the table view
31
- *
32
  * @return string JSON Encoded role list
33
- *
34
  * @access public
 
35
  */
36
- public function getTable() {
 
37
  //retrieve list of users
38
  $count = count_users();
39
  $stats = $count['avail_roles'];
@@ -48,126 +51,156 @@ class AAM_Backend_Feature_Subject_Role {
48
  );
49
 
50
  foreach ($filtered as $id => $data) {
51
- $uc = (isset($stats[$id]) ? $stats[$id] : 0);
52
 
53
  $response['data'][] = array(
54
  $id,
55
- $uc,
56
  translate_user_role($data['name']),
57
- apply_filters(
58
- 'aam-role-row-actions-filter',
59
- implode(',', $this->prepareRowActions($uc, $id)),
60
- $data
61
- ),
62
  AAM_Core_API::maxLevel($data['capabilities'])
63
  );
64
  }
65
-
66
- return wp_json_encode(apply_filters('aam-get-role-list-filter', $response));
67
  }
68
-
69
  /**
70
  * Prepare the list of role actions
71
- *
72
- * @param int $count Number of users in role
73
- * @param string $roleId Role slug
74
- *
75
  * @return array
76
- *
77
  * @access protected
 
78
  */
79
- protected function prepareRowActions($count, $roleId) {
80
- $ui = AAM_Core_Request::post('ui', 'main');
81
- $id = AAM_Core_Request::post('id');
82
-
83
- if ($ui === 'principal') {
84
- $subject = new AAM_Core_Subject_Role($roleId);
85
-
86
- $object = $subject->getObject('policy');
87
- $action = ($object->has($id) ? 'detach' : 'attach');
88
- $manager = AAM_Core_Policy_Factory::get();
89
-
90
- // Verify that current user can perform following action
91
- $prefix = ($manager->canTogglePolicy($id, $action) ? '' : 'no-');
92
-
93
- $actions = array($prefix . $action);
94
- } else {
95
- $actions = array('manage');
96
 
97
- if (current_user_can('aam_edit_roles')) {
98
- $actions[] = 'edit';
99
- } else {
100
- $actions[] = 'no-edit';
101
- }
102
- if (current_user_can('aam_create_roles')) {
103
- $actions[] = 'clone';
104
- } else {
105
- $actions[] = 'no-clone';
106
- }
107
- if (current_user_can('aam_delete_roles') && !$count) {
108
- $actions[] = 'delete';
109
- } else {
110
- $actions[] = 'no-delete';
111
- }
112
  }
113
-
114
- return $actions;
 
 
 
 
 
 
 
 
 
 
115
  }
116
-
117
  /**
118
- * Retrieve Pure Role List
119
- *
 
 
 
 
 
120
  * @return string
 
 
 
121
  */
122
- public function getList(){
123
- return wp_json_encode(
124
- apply_filters('aam-get-role-list-filter', $this->fetchRoleList())
 
125
  );
 
 
 
 
 
 
 
 
 
 
 
 
126
  }
127
-
128
  /**
129
- * Fetch role list
130
- *
131
  * @return array
132
- *
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
133
  * @access protected
 
134
  */
135
- protected function fetchRoleList() {
 
136
  $response = array();
137
-
138
- //filter by name
139
  $search = trim(AAM_Core_Request::request('search.value'));
140
  $exclude = trim(AAM_Core_Request::request('exclude'));
141
  $roles = get_editable_roles();
142
-
143
  foreach ($roles as $id => $role) {
144
  $match = preg_match('/^' . $search . '/i', $role['name']);
145
  if (($exclude !== $id) && (!$search || $match)) {
146
  $response[$id] = $role;
147
  }
148
  }
149
-
150
  return $response;
151
  }
152
 
153
  /**
154
- * Add New Role
155
- *
156
- * @return string
157
- *
158
- * @access public
 
159
  */
160
- public function add() {
161
- $response = array('status' => 'failure');
162
-
 
 
 
163
  if (current_user_can('aam_create_roles')) {
164
  $name = sanitize_text_field(filter_input(INPUT_POST, 'name'));
165
  $roles = AAM_Core_API::getRoles();
166
  $role_id = sanitize_key(strtolower($name));
 
 
167
 
168
- //if inherited role is set get capabilities from it
169
- $parent = $roles->get_role(trim(filter_input(INPUT_POST, 'inherit')));
170
- $caps = ($parent ? $parent->capabilities : array());
 
 
 
 
171
 
172
  if ($role = $roles->add_role($role_id, $name, $caps)) {
173
  $response = array(
@@ -178,93 +211,110 @@ class AAM_Backend_Feature_Subject_Role {
178
  'level' => AAM_Core_API::maxLevel($caps)
179
  )
180
  );
181
- //clone settings if needed
182
- if (AAM_Core_Request::post('clone')) {
 
183
  $this->cloneSettings($role, $parent);
184
  }
185
-
186
- do_action('aam-post-add-role-action', $role, $parent);
187
  } else {
188
- $response['reason'] = __("Role with slug [{$role_id}] already exists", AAM_KEY);
189
  }
190
  }
191
 
192
- return wp_json_encode($response);
193
  }
194
-
195
  /**
196
- *
197
- * @global type $wpdb
198
- * @param type $role
199
- * @param type $parent
 
 
 
 
 
200
  */
201
- protected function cloneSettings($role, $parent) {
202
- global $wpdb;
203
-
204
- //clone _options settings
205
- $oquery = "SELECT * FROM {$wpdb->options} WHERE `option_name` LIKE %s";
206
- if ($wpdb->query($wpdb->prepare($oquery, 'aam_%_role_' . $parent->name))) {
207
- foreach($wpdb->last_result as $setting) {
208
- AAM_Core_API::updateOption(
209
- str_replace($parent->name, $role->name, $setting->option_name),
210
- maybe_unserialize($setting->option_value)
211
- );
212
- }
213
- }
214
-
215
- //clone _postmeta settings
216
- $pquery = "SELECT * FROM {$wpdb->postmeta} WHERE `meta_key` LIKE %s";
217
- if ($wpdb->query($wpdb->prepare($pquery, 'aam-%-role' . $parent->name))) {
218
- foreach($wpdb->last_result as $setting) {
219
- add_post_meta(
220
- $setting->post_id,
221
- str_replace($parent->name, $role->name, $setting->meta_key),
222
- maybe_unserialize($setting->meta_value)
223
- );
224
- }
225
- }
226
  }
227
-
228
  /**
229
  * Edit role name
230
- *
231
- * @return string
232
- *
233
- * @access public
 
234
  */
235
- public function edit() {
 
236
  if (current_user_can('aam_edit_roles')) {
237
  $role = AAM_Backend_Subject::getInstance();
238
 
239
  $role->update(esc_js(trim(filter_input(INPUT_POST, 'name'))));
240
-
241
- do_action('aam-post-update-role-action', $role->get());
242
-
243
  $response = array('status' => 'success');
244
  } else {
245
- $response = array('status' => 'failure');
 
 
 
246
  }
247
-
248
- return wp_json_encode($response);
249
  }
250
 
251
  /**
252
  * Delete role
253
- *
254
- * @return string
255
- *
256
- * @access public
 
257
  */
258
- public function delete() {
259
- $status = 'failure';
260
-
 
261
  if (current_user_can('aam_delete_roles')) {
262
  if (AAM_Backend_Subject::getInstance()->delete()) {
263
- $status = 'success';
 
 
264
  }
 
 
265
  }
266
 
267
- return wp_json_encode(array('status' => $status));
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
268
  }
269
 
270
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Role view manager
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Subject_Role
19
+ {
20
+
21
  /**
22
+ * Capability that allows to manage roles
23
+ *
24
+ * @version 6.0.0
25
  */
26
+ const ACCESS_CAPABILITY = 'aam_manage_roles';
27
+
 
 
 
 
28
  /**
29
  * Get role list
30
+ *
31
  * Prepare and return the list of roles for the table view
32
+ *
33
  * @return string JSON Encoded role list
34
+ *
35
  * @access public
36
+ * @version 6.0.0
37
  */
38
+ public function getTable()
39
+ {
40
  //retrieve list of users
41
  $count = count_users();
42
  $stats = $count['avail_roles'];
51
  );
52
 
53
  foreach ($filtered as $id => $data) {
54
+ $user_count = (isset($stats[$id]) ? $stats[$id] : 0);
55
 
56
  $response['data'][] = array(
57
  $id,
58
+ $user_count,
59
  translate_user_role($data['name']),
60
+ implode(',', $this->prepareRowActions($user_count, $id)),
 
 
 
 
61
  AAM_Core_API::maxLevel($data['capabilities'])
62
  );
63
  }
64
+
65
+ return wp_json_encode(apply_filters('aam_get_role_list_filter', $response));
66
  }
67
+
68
  /**
69
  * Prepare the list of role actions
70
+ *
71
+ * @param int $user_count
72
+ * @param string $roleId
73
+ *
74
  * @return array
75
+ *
76
  * @access protected
77
+ * @version 6.0.0
78
  */
79
+ protected function prepareRowActions($user_count, $roleId)
80
+ {
81
+ $actions = array('manage');
 
 
 
 
 
 
 
 
 
 
 
 
 
 
82
 
83
+ if (current_user_can('aam_edit_roles')) {
84
+ $actions[] = 'edit';
85
+ } else {
86
+ $actions[] = 'no-edit';
 
 
 
 
 
 
 
 
 
 
 
87
  }
88
+ if (current_user_can('aam_create_roles')) {
89
+ $actions[] = 'clone';
90
+ } else {
91
+ $actions[] = 'no-clone';
92
+ }
93
+ if (current_user_can('aam_delete_roles') && !$user_count) {
94
+ $actions[] = 'delete';
95
+ } else {
96
+ $actions[] = 'no-delete';
97
+ }
98
+
99
+ return apply_filters('aam_role_row_actions_filter', $actions, $roleId);
100
  }
101
+
102
  /**
103
+ * Additional layer for method authorization
104
+ *
105
+ * This is used to control if user is allowed to perform certain AJAX action
106
+ *
107
+ * @param string $method
108
+ * @param array $args
109
+ *
110
  * @return string
111
+ *
112
+ * @access public
113
+ * @version 6.0.0
114
  */
115
+ public function __call($method, $args)
116
+ {
117
+ $response = array(
118
+ 'status' => 'failure', 'reason' => __('Unauthorized operation', AAM_KEY)
119
  );
120
+
121
+ if (method_exists($this, "_{$method}")) {
122
+ $response = call_user_func(array($this, "_{$method}"));
123
+ } else {
124
+ _doing_it_wrong(
125
+ __CLASS__ . '::' . $method,
126
+ 'User Manager does not have this method defined',
127
+ AAM_VERSION
128
+ );
129
+ }
130
+
131
+ return wp_json_encode($response);
132
  }
133
+
134
  /**
135
+ * Get pure list of roles (without any meta info)
136
+ *
137
  * @return array
138
+ *
139
+ * @access private
140
+ * @version 6.0.0
141
+ */
142
+ private function _getList()
143
+ {
144
+ return apply_filters(
145
+ 'aam_get_role_list_filter', $this->fetchRoleList()
146
+ );
147
+ }
148
+
149
+ /**
150
+ * Fetch role list from the DB
151
+ *
152
+ * @return array
153
+ *
154
  * @access protected
155
+ * @version 6.0.0
156
  */
157
+ protected function fetchRoleList()
158
+ {
159
  $response = array();
160
+
161
+ // Filter by name
162
  $search = trim(AAM_Core_Request::request('search.value'));
163
  $exclude = trim(AAM_Core_Request::request('exclude'));
164
  $roles = get_editable_roles();
165
+
166
  foreach ($roles as $id => $role) {
167
  $match = preg_match('/^' . $search . '/i', $role['name']);
168
  if (($exclude !== $id) && (!$search || $match)) {
169
  $response[$id] = $role;
170
  }
171
  }
172
+
173
  return $response;
174
  }
175
 
176
  /**
177
+ * Create new role
178
+ *
179
+ * @return array
180
+ *
181
+ * @access private
182
+ * @version 6.0.0
183
  */
184
+ private function _create()
185
+ {
186
+ $response = array(
187
+ 'status' => 'failure', 'reason' => __('Unauthorized operation', AAM_KEY)
188
+ );
189
+
190
  if (current_user_can('aam_create_roles')) {
191
  $name = sanitize_text_field(filter_input(INPUT_POST, 'name'));
192
  $roles = AAM_Core_API::getRoles();
193
  $role_id = sanitize_key(strtolower($name));
194
+ $inherit = trim(filter_input(INPUT_POST, 'inherit'));
195
+ $doClone = filter_input(INPUT_POST, 'clone', FILTER_VALIDATE_BOOLEAN);
196
 
197
+ // If inherited role is set get capabilities from it
198
+ if ($inherit) {
199
+ $parent = $roles->get_role($inherit);
200
+ $caps = ($parent ? $parent->capabilities : array());
201
+ } else {
202
+ $caps = array();
203
+ }
204
 
205
  if ($role = $roles->add_role($role_id, $name, $caps)) {
206
  $response = array(
211
  'level' => AAM_Core_API::maxLevel($caps)
212
  )
213
  );
214
+
215
+ // Clone settings if needed
216
+ if ($doClone && !empty($parent)) {
217
  $this->cloneSettings($role, $parent);
218
  }
219
+
220
+ do_action('aam_post_add_role_action', $role, $parent);
221
  } else {
222
+ $response['reason'] = __("Role {$name} already exists", AAM_KEY);
223
  }
224
  }
225
 
226
+ return $response;
227
  }
228
+
229
  /**
230
+ * Clone access settings
231
+ *
232
+ * @param object $role
233
+ * @param object $parent
234
+ *
235
+ * @return boolean
236
+ *
237
+ * @access protected
238
+ * @version 6.0.0
239
  */
240
+ protected function cloneSettings($role, $parent)
241
+ {
242
+ $settings = AAM_Core_AccessSettings::getInstance();
243
+
244
+ // Clone the settings
245
+ $settings->set("role.{$role->name}", $settings->get("role.{$parent->name}"));
246
+
247
+ return $settings->save();
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
248
  }
249
+
250
  /**
251
  * Edit role name
252
+ *
253
+ * @return array
254
+ *
255
+ * @access private
256
+ * @version 6.0.0
257
  */
258
+ private function _edit()
259
+ {
260
  if (current_user_can('aam_edit_roles')) {
261
  $role = AAM_Backend_Subject::getInstance();
262
 
263
  $role->update(esc_js(trim(filter_input(INPUT_POST, 'name'))));
264
+
265
+ do_action('aam_post_update_role_action', $role->getSubject());
266
+
267
  $response = array('status' => 'success');
268
  } else {
269
+ $response = array(
270
+ 'status' => 'failure',
271
+ 'reason' => __('Unauthorized operation', AAM_KEY)
272
+ );
273
  }
274
+
275
+ return $response;
276
  }
277
 
278
  /**
279
  * Delete role
280
+ *
281
+ * @return array
282
+ *
283
+ * @access private
284
+ * @version 6.0.0
285
  */
286
+ private function _delete()
287
+ {
288
+ $response = array('status' => 'failure');
289
+
290
  if (current_user_can('aam_delete_roles')) {
291
  if (AAM_Backend_Subject::getInstance()->delete()) {
292
+ $response['status'] = 'success';
293
+ } else {
294
+ $response['reason'] = __('Failed to delete the role', AAM_KEY);
295
  }
296
+ } else {
297
+ $response['reason'] = __('Unauthorized operation', AAM_KEY);
298
  }
299
 
300
+ return $response;
301
+ }
302
+
303
+ /**
304
+ * Register Role UI feature
305
+ *
306
+ * @return void
307
+ *
308
+ * @access public
309
+ * @version 6.0.0
310
+ */
311
+ public static function register()
312
+ {
313
+ AAM_Backend_Feature::registerFeature((object) array(
314
+ 'capability' => self::ACCESS_CAPABILITY,
315
+ 'type' => 'subject',
316
+ 'view' => __CLASS__
317
+ ));
318
  }
319
 
320
  }
application/Backend/Feature/Subject/User.php CHANGED
@@ -5,40 +5,45 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * User view manager
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Feature_Subject_User {
17
-
 
 
 
18
  /**
19
- * Construct
 
 
20
  */
21
- public function __construct() {
22
- if (!current_user_can('aam_manage_users')) {
23
- AAM::api()->denyAccess(array('reason' => 'aam_manage_users'));
24
- }
25
- }
26
-
27
  /**
28
  * Retrieve list of users
29
- *
30
  * Based on filters, get list of users
31
- *
32
  * @return string JSON encoded list of users
33
- *
34
  * @access public
 
35
  */
36
- public function getTable() {
 
37
  $response = array(
38
- 'draw' => AAM_Core_Request::request('draw'),
39
  'data' => array()
40
  );
41
-
42
  //get total number of users
43
  $total = count_users();
44
  $result = $this->query();
@@ -47,149 +52,223 @@ class AAM_Backend_Feature_Subject_User {
47
  $response['recordsFiltered'] = $result->get_total();
48
 
49
  foreach ($result->get_results() as $row) {
50
- $user = new AAM_Core_Subject_User($row->ID);
51
- $user->initialize(true);
52
- $response['data'][] = $this->prepareRow($user);
53
  }
54
 
55
  return wp_json_encode($response);
56
  }
57
-
58
  /**
59
- * Save user expiration
60
- *
 
 
 
 
 
 
61
  * @return string
62
- *
63
  * @access public
 
64
  */
65
- public function saveExpiration() {
 
66
  $response = array(
67
- 'status' => 'failure',
68
- 'reason' => __('Operation is not permitted', AAM_KEY)
69
  );
70
-
71
- $userId = filter_input(INPUT_POST, 'user');
72
- $expires = filter_input(INPUT_POST, 'expires');
73
- $action = filter_input(INPUT_POST, 'after');
74
- $role = filter_input(INPUT_POST, 'role');
75
- $jwt = filter_input(INPUT_POST, 'jwt');
76
-
77
- if (current_user_can('edit_users')) {
78
- if ($userId != get_current_user_id()) {
79
- if ($this->isAllowed(new AAM_Core_Subject_User($userId))) {
80
- $this->updateUserExpiration($userId, $expires, $action, $role, $jwt);
81
- $response = array('status' => 'success');
82
  }
83
- } else {
84
- $response['reason'] = __('You cannot set expiration to yourself', AAM_KEY);
85
  }
 
 
 
 
 
 
86
  }
87
-
88
  return wp_json_encode($response);
89
  }
90
 
91
  /**
92
- * Undocumented function
93
  *
94
- * @return void
 
 
 
 
 
95
  */
96
- public function resetExpiration() {
97
- $response = array(
98
- 'status' => 'failure',
99
- 'reason' => __('Operation is not permitted', AAM_KEY)
 
100
  );
101
-
102
- $userId = filter_input(INPUT_POST, 'user');
103
-
104
- if (current_user_can('edit_users')) {
105
- if ($userId != get_current_user_id()) {
106
- if ($this->isAllowed(new AAM_Core_Subject_User($userId))) {
107
- $meta = get_user_meta($userId, 'aam_user_expiration', true);
108
-
109
- if (!empty($meta)) {
110
- $parts = explode('|', $meta);
111
- if (!empty($parts[3])) {
112
- AAM_Core_Jwt_Manager::getInstance()->revokeToken(
113
- $userId, $parts[3]
114
- );
115
- }
116
- }
117
- $result = delete_user_meta($userId, 'aam_user_expiration');
118
- $response = array(
119
- 'status' => $result ? 'success' : 'failure'
120
- );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
121
  }
122
- } else {
123
- $response['reason'] = __('You cannot manager expiration to yourself', AAM_KEY);
124
  }
125
  }
126
-
127
- return wp_json_encode($response);
128
  }
129
-
130
  /**
131
- *
132
- * @return type
 
 
 
 
 
 
133
  */
134
- public function switchToUser() {
135
- $response = array(
136
- 'status' => 'failure',
137
- 'reason' => 'You are not allowed to switch to this user'
138
- );
139
-
140
- if (current_user_can('aam_switch_users')) {
141
- $user = AAM_Backend_Subject::getInstance()->get();
142
-
143
- if ($this->isAllowed($user)) {
144
- AAM_Core_API::updateOption(
145
- 'aam-user-switch-' . $user->ID, get_current_user_id()
146
- );
147
-
148
- // Making sure that user that we are switching too is not logged in
149
- // already. Reported by https://github.com/KenAer
150
- $sessions = WP_Session_Tokens::get_instance($user->ID);
151
- if (count($sessions->get_all()) >= 1) {
152
- $sessions->destroy_all();
153
- }
154
-
155
- // If there is jwt token in cookie, make sure it is deleted otherwise
156
- // user technically will never be switched
157
- if (AAM_Core_Request::cookie('aam-jwt')) {
158
- setcookie(
159
- 'aam-jwt',
160
- '',
161
- time() - YEAR_IN_SECONDS,
162
- '/',
163
- parse_url(get_bloginfo('url'), PHP_URL_HOST),
164
- is_ssl(),
165
- true
166
- );
167
- }
168
 
169
- wp_clear_auth_cookie();
170
- wp_set_auth_cookie( $user->ID, true );
171
- wp_set_current_user( $user->ID );
 
 
 
 
 
 
 
172
 
173
- $response = array('status' => 'success', 'redirect' => admin_url());
174
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
175
  }
176
-
177
- return wp_json_encode($response);
178
  }
179
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
180
  /**
181
  * Query database for list of users
182
- *
183
  * Based on filters and settings get the list of users from database
184
- *
185
  * @return \WP_User_Query
186
- *
187
- * @access public
 
188
  */
189
- public function query() {
 
190
  $search = trim(AAM_Core_Request::request('search.value'));
191
  $role = trim(AAM_Core_Request::request('role'));
192
-
193
  $args = array(
194
  'blog_id' => get_current_blog_id(),
195
  'fields' => 'all',
@@ -202,244 +281,70 @@ class AAM_Backend_Feature_Subject_User {
202
  'orderby' => 'display_name',
203
  'order' => $this->getOrderDirection()
204
  );
205
-
206
  if (!empty($role)) {
207
  $args['role__in'] = $role;
208
  }
209
 
210
  return new WP_User_Query($args);
211
  }
212
-
213
  /**
214
- *
215
- * @return type
 
 
 
 
216
  */
217
- protected function getOrderDirection() {
 
218
  $dir = 'asc';
219
  $order = AAM_Core_Request::post('order.0');
220
-
221
- if (!empty($order['column']) && ($order['column'] === '2')) {
222
- $dir = !empty($order['dir']) ? $order['dir'] : 'asc';
223
- }
224
-
225
- return strtoupper($dir);
226
- }
227
 
228
- /**
229
- * Block user
230
- *
231
- * @return string
232
- *
233
- * @access public
234
- */
235
- public function block() {
236
- $result = false;
237
-
238
- if (current_user_can('aam_toggle_users') && current_user_can('edit_users')) {
239
- $subject = AAM_Backend_Subject::getInstance();
240
-
241
- if ($this->isAllowed($subject->get())) {
242
- //user is not allowed to lock himself
243
- if (intval($subject->getId()) !== get_current_user_id()) {
244
- $result = $subject->block();
245
- }
246
- }
247
  }
248
 
249
- return wp_json_encode(array('status' => ($result ? 'success' : 'failure')));
250
  }
251
 
252
  /**
253
- * Undocumented function
 
 
 
 
254
  *
255
- * @return void
256
- */
257
- public function generateJwt() {
258
- if (current_user_can('aam_manage_jwt')) {
259
- $user = AAM_Backend_Subject::getInstance()->get();
260
- $expires = filter_input(INPUT_POST, 'expires');
261
- $trigger = filter_input(INPUT_POST, 'trigger', FILTER_DEFAULT, FILTER_REQUIRE_ARRAY);
262
-
263
- try {
264
- $max = AAM::getUser()->getMaxLevel();
265
- if ($max >= AAM_Core_API::maxLevel($user->allcaps)) {
266
- $issuer = new AAM_Core_Jwt_Issuer();
267
- $jwt = $issuer->issueToken(
268
- array(
269
- 'userId' => $user->ID,
270
- 'revocable' => true,
271
- 'refreshable' => false,
272
- 'trigger' => $trigger
273
- ),
274
- $expires
275
- );
276
- AAM_Core_Jwt_Manager::getInstance()->registerToken($user->ID, $jwt->token);
277
- $result = array(
278
- 'status' => 'success',
279
- 'jwt' => $jwt->token
280
- );
281
- } else {
282
- $result = array('status' => 'failure', 'reason' => 'User ID has higher level than current user');
283
- }
284
- } catch (Exception $ex) {
285
- $result = array('status' => 'failure', 'reason' => $ex->getMessage());
286
- }
287
- } else {
288
- $result = array('status' => 'failure', 'reason' => 'You are not allowed to manage JWT tokens');
289
- }
290
-
291
- return wp_json_encode($result);
292
- }
293
-
294
- /**
295
- * Prepare row
296
- *
297
- * @param AAM_Core_Subject_User $user
298
- *
299
- * @return array
300
- *
301
- * @access protected
302
- */
303
- protected function prepareRow(AAM_Core_Subject_User $user) {
304
- return array(
305
- $user->ID,
306
- implode(', ', $this->getUserRoles($user->roles)),
307
- ($user->display_name ? $user->display_name : $user->user_nicename),
308
- implode(',', $this->prepareRowActions($user)),
309
- AAM_Core_API::maxLevel($user->getMaxLevel()),
310
- $this->getUserExpiration($user)
311
- );
312
- }
313
-
314
- /**
315
- * Get list of user roles
316
- *
317
- * @param array $roles
318
- *
319
- * @return array
320
- *
321
  * @access protected
 
322
  */
323
- protected function getUserRoles($roles) {
324
- $response = array();
325
-
326
- $names = AAM_Core_API::getRoles()->get_names();
327
-
328
- if (is_array($roles)) {
329
- foreach($roles as $role) {
330
- if (array_key_exists($role, $names)) {
331
- $response[] = translate_user_role($names[$role]);
332
- }
333
- }
334
  }
335
-
336
- return $response;
337
- }
338
-
339
- /**
340
- * Prepare user row actions
341
- *
342
- * @param WP_User $user
343
- *
344
- * @return array
345
- *
346
- * @access protected
347
- */
348
- protected function prepareRowActions(AAM_Core_Subject_User $user) {
349
- if ($this->isAllowed($user) || ($user->ID === get_current_user_id())) {
350
- $ui = AAM_Core_Request::post('ui', 'main');
351
- $id = AAM_Core_Request::post('id');
352
-
353
- if ($ui === 'principal') {
354
- $object = $user->getObject('policy');
355
- $actions = array(($object->has($id) ? 'detach' : 'attach'));
356
- } else {
357
- $actions = array('manage');
358
-
359
- if (AAM_Core_Config::get('core.settings.secureLogin', true)
360
- && current_user_can('aam_toggle_users')) {
361
- $actions[] = ($user->user_status ? 'unlock' : 'lock');
362
- }
363
-
364
- if (current_user_can('edit_users')) {
365
- $actions[] = 'edit';
366
- } else {
367
- $actions[] = 'no-edit';
368
- }
369
 
370
- if (current_user_can('aam_switch_users')) {
371
- $actions[] = 'switch';
372
- } else {
373
- $actions[] = 'no-switch';
374
- }
375
- }
376
- } else {
377
- $actions = array();
378
- }
379
-
380
- return $actions;
381
- }
382
-
383
- /**
384
- * Update user expiration
385
- *
386
- * @param int $user
387
- * @param string $expires
388
- * @param string $action
389
- * @param string $role
390
- *
391
- * @return bool
392
- *
393
- * @access protected
394
- */
395
- protected function updateUserExpiration($user, $expires, $action, $role = '', $jwt = '') {
396
- update_user_meta(
397
- $user,
398
- 'aam_user_expiration',
399
- $expires . "|" . ($action ? $action : 'delete') . '|' . $role . '|' . $jwt
400
  );
401
  }
402
-
403
- /**
404
- * Get user expiration
405
- *
406
- * @param WP_User $user
407
- *
408
- * @return string
409
- *
410
- * @access protected
411
- */
412
- protected function getUserExpiration(AAM_Core_Subject_User $user) {
413
- return get_user_meta($user->ID, 'aam_user_expiration', true);
414
- }
415
-
416
  /**
417
- * Check max user allowance
418
- *
419
- * @param AAM_Core_Subject_User $user
420
- *
421
- * @return boolean
422
- *
423
- * @access protected
424
  */
425
- protected function isAllowed(AAM_Core_Subject_User $user) {
426
- $sameLevel = false;
427
- if (AAM_Core_API::capabilityExists('manage_same_user_level')) {
428
- $sameLevel = current_user_can('manage_same_user_level');
429
- } else {
430
- $sameLevel = current_user_can('administrator');
431
- }
432
-
433
- $userMaxLevel = AAM::api()->getUser()->getMaxLevel();
434
- $subjectMaxLevel = $user->getMaxLevel();
435
-
436
- if ($sameLevel) {
437
- $allowed = $userMaxLevel >= $subjectMaxLevel;
438
- } else {
439
- $allowed = $userMaxLevel > $subjectMaxLevel;
440
- }
441
-
442
- return $allowed;
443
  }
444
 
445
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * User view manager
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Feature_Subject_User
19
+ {
20
+
21
+ use AAM_Core_Contract_RequestTrait;
22
+
23
  /**
24
+ * Access capability for the user manager service
25
+ *
26
+ * @version 6.0.0
27
  */
28
+ const ACCESS_CAPABILITY = 'aam_manage_users';
29
+
 
 
 
 
30
  /**
31
  * Retrieve list of users
32
+ *
33
  * Based on filters, get list of users
34
+ *
35
  * @return string JSON encoded list of users
36
+ *
37
  * @access public
38
+ * @version 6.0.0
39
  */
40
+ public function getTable()
41
+ {
42
  $response = array(
43
+ 'draw' => $this->getFromRequest('draw'),
44
  'data' => array()
45
  );
46
+
47
  //get total number of users
48
  $total = count_users();
49
  $result = $this->query();
52
  $response['recordsFiltered'] = $result->get_total();
53
 
54
  foreach ($result->get_results() as $row) {
55
+ $response['data'][] = $this->prepareRow(
56
+ AAM::api()->getUser($row->ID)
57
+ );
58
  }
59
 
60
  return wp_json_encode($response);
61
  }
62
+
63
  /**
64
+ * Additional layer for method authorization
65
+ *
66
+ * This is used to control if user is allowed to perform certain AJAX action for
67
+ * provided user
68
+ *
69
+ * @param string $method
70
+ * @param array $args
71
+ *
72
  * @return string
73
+ *
74
  * @access public
75
+ * @version 6.0.0
76
  */
77
+ public function __call($method, $args)
78
+ {
79
  $response = array(
80
+ 'status' => 'failure', 'reason' => __('Unauthorized operation', AAM_KEY)
 
81
  );
82
+
83
+ if (method_exists($this, "_{$method}")) {
84
+ $user_id = $this->getFromPost('user');
85
+
86
+ if (current_user_can('aam_manager') && current_user_can('edit_users')) {
87
+ if ($user_id != get_current_user_id()) {
88
+ if ($this->isAllowed($user_id)) {
89
+ $response = call_user_func(array($this, "_{$method}"));
90
+ }
91
+ } else {
92
+ $response['reason'] = __('Cannot manage yourself', AAM_KEY);
 
93
  }
 
 
94
  }
95
+ } else {
96
+ _doing_it_wrong(
97
+ __CLASS__ . '::' . $method,
98
+ 'User Manager does not have this method defined',
99
+ AAM_VERSION
100
+ );
101
  }
102
+
103
  return wp_json_encode($response);
104
  }
105
 
106
  /**
107
+ * Prepare individual user row
108
  *
109
+ * @param AAM_Core_Subject_User $user
110
+ *
111
+ * @return array
112
+ *
113
+ * @access protected
114
+ * @version 6.0.0
115
  */
116
+ protected function prepareRow(AAM_Core_Subject_User $user)
117
+ {
118
+ $attributes = array();
119
+ $expiration = get_user_option(
120
+ AAM_Core_Subject_User::EXPIRATION_OPTION, $user->ID
121
  );
122
+
123
+ if (!empty($expiration)) {
124
+ $expires = new DateTime(
125
+ '@' . $expiration['expires'], new DateTimeZone('UTC')
126
+ );
127
+
128
+ $attributes[] = $expires->format('m/d/Y, H:i O');
129
+ $attributes[] = $expiration['action'];
130
+ $attributes[] = (!empty($expiration['meta']) ? $expiration['meta'] : null);
131
+ }
132
+
133
+ return array(
134
+ $user->ID,
135
+ implode(', ', $this->prepareUserRoles($user->roles)),
136
+ $user->getName(),
137
+ implode(',', $this->prepareRowActions($user)),
138
+ AAM_Core_API::maxLevel($user->getMaxLevel()),
139
+ implode('|', $attributes)
140
+ );
141
+ }
142
+
143
+ /**
144
+ * Prepare the list of user roles
145
+ *
146
+ * @param array $roles
147
+ *
148
+ * @return array
149
+ *
150
+ * @access protected
151
+ * @version 6.0.0
152
+ */
153
+ protected function prepareUserRoles($roles)
154
+ {
155
+ $response = array();
156
+
157
+ $names = AAM_Core_API::getRoles()->get_names();
158
+
159
+ if (is_array($roles)) {
160
+ foreach ($roles as $role) {
161
+ if (array_key_exists($role, $names)) {
162
+ $response[] = translate_user_role($names[$role]);
163
  }
 
 
164
  }
165
  }
166
+
167
+ return $response;
168
  }
169
+
170
  /**
171
+ * Prepare user row actions
172
+ *
173
+ * @param AAM_Core_Subject_User $user
174
+ *
175
+ * @return array
176
+ *
177
+ * @access protected
178
+ * @version 6.0.0
179
  */
180
+ protected function prepareRowActions(AAM_Core_Subject_User $user)
181
+ {
182
+ $allowed = $this->isAllowed($user);
183
+ $actions = array();
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
184
 
185
+ if ($allowed) {
186
+ $actions = apply_filters(
187
+ 'aam_user_row_actions_filter',
188
+ array(
189
+ 'manage',
190
+ current_user_can('edit_users') ? 'edit' : 'no-edit'
191
+ ),
192
+ $user
193
+ );
194
+ }
195
 
196
+ return $actions;
197
+ }
198
+
199
+ /**
200
+ * Save user expiration
201
+ *
202
+ * @return array
203
+ *
204
+ * @access private
205
+ * @version 6.0.0
206
+ */
207
+ private function _saveExpiration()
208
+ {
209
+ $userId = $this->getFromPost('user');
210
+ $action = $this->getFromPost('after');
211
+ $role = $this->getFromPost('role');
212
+ $expires = new DateTime('@' . $this->getFromPost('expires'));
213
+
214
+ $result = AAM::api()->getUser($userId)->setUserExpiration(array(
215
+ 'expires' => $expires->getTimestamp(),
216
+ 'action' => $action,
217
+ 'meta' => (!empty($role) ? $role : null)
218
+ ));
219
+
220
+ if ($result) {
221
+ $response = array('status' => 'success');
222
+ } else {
223
+ $response = array(
224
+ 'status' => 'failure',
225
+ 'reason' => __('Unexpected application error', AAM_KEY)
226
+ );
227
  }
228
+
229
+ return $response;
230
  }
231
+
232
+ /**
233
+ * Reset user expiration settings
234
+ *
235
+ * @return array
236
+ *
237
+ * @access private
238
+ * @version 6.0.0
239
+ */
240
+ private function _resetExpiration()
241
+ {
242
+ $userId = $this->getFromPost('user');
243
+ $result = AAM::api()->getUser($userId)->resetExpiration();
244
+
245
+ if ($result) {
246
+ $response = array('status' => 'success');
247
+ } else {
248
+ $response = array(
249
+ 'status' => 'failure',
250
+ 'reason' => __('Unexpected application error', AAM_KEY)
251
+ );
252
+ }
253
+
254
+ return $response;
255
+ }
256
+
257
  /**
258
  * Query database for list of users
259
+ *
260
  * Based on filters and settings get the list of users from database
261
+ *
262
  * @return \WP_User_Query
263
+ *
264
+ * @access protected
265
+ * @version 6.0.0
266
  */
267
+ protected function query()
268
+ {
269
  $search = trim(AAM_Core_Request::request('search.value'));
270
  $role = trim(AAM_Core_Request::request('role'));
271
+
272
  $args = array(
273
  'blog_id' => get_current_blog_id(),
274
  'fields' => 'all',
281
  'orderby' => 'display_name',
282
  'order' => $this->getOrderDirection()
283
  );
284
+
285
  if (!empty($role)) {
286
  $args['role__in'] = $role;
287
  }
288
 
289
  return new WP_User_Query($args);
290
  }
291
+
292
  /**
293
+ * Get user list order direction
294
+ *
295
+ * @return string
296
+ *
297
+ * @access protected
298
+ * @version 6.0.0
299
  */
300
+ protected function getOrderDirection()
301
+ {
302
  $dir = 'asc';
303
  $order = AAM_Core_Request::post('order.0');
 
 
 
 
 
 
 
304
 
305
+ if (!empty($order['column']) && (intval($order['column']) === 2)) {
306
+ $dir = !empty($order['dir']) ? $order['dir'] : 'asc';
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
307
  }
308
 
309
+ return strtoupper($dir);
310
  }
311
 
312
  /**
313
+ * Check is current user is allowed to manage requested user
314
+ *
315
+ * @param int|AAM_Core_Subject_User $user
316
+ *
317
+ * @return boolean
318
  *
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
319
  * @access protected
320
+ * @version 6.0.0
321
  */
322
+ protected function isAllowed($user)
323
+ {
324
+ if (is_numeric($user)) {
325
+ $user = AAM::api()->getUser($user);
 
 
 
 
 
 
 
326
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
327
 
328
+ return apply_filters(
329
+ 'aam_user_can_manage_level_filter', true, $user->getMaxLevel()
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
330
  );
331
  }
332
+
 
 
 
 
 
 
 
 
 
 
 
 
 
333
  /**
334
+ * Register User UI feature
335
+ *
336
+ * @return void
337
+ *
338
+ * @access public
339
+ * @version 6.0.0
 
340
  */
341
+ public static function register()
342
+ {
343
+ AAM_Backend_Feature::registerFeature((object) array(
344
+ 'capability' => self::ACCESS_CAPABILITY,
345
+ 'type' => 'subject',
346
+ 'view' => __CLASS__
347
+ ));
 
 
 
 
 
 
 
 
 
 
 
348
  }
349
 
350
  }
application/Backend/Filter.php DELETED
@@ -1,274 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * Backend manager
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- */
16
- class AAM_Backend_Filter {
17
-
18
- /**
19
- * Instance of itself
20
- *
21
- * @var AAM_Backend_Filter
22
- *
23
- * @access private
24
- */
25
- private static $_instance = null;
26
-
27
- /**
28
- * Initialize backend filters
29
- *
30
- * @return void
31
- *
32
- * @access protected
33
- */
34
- protected function __construct() {
35
- //menu filter
36
- if (!AAM::isAAM() || !current_user_can('aam_manage_admin_menu')) {
37
- add_filter('parent_file', array($this, 'filterMenu'), 999, 1);
38
- }
39
-
40
- //manager WordPress metaboxes
41
- add_action("in_admin_header", array($this, 'metaboxes'), 999);
42
- add_action("widgets_admin_page", array($this, 'metaboxes'), 999);
43
-
44
- //control admin area
45
- add_action('admin_notices', array($this, 'adminNotices'), -1);
46
- add_action('network_admin_notices', array($this, 'adminNotices'), -1);
47
- add_action('user_admin_notices', array($this, 'adminNotices'), -1);
48
-
49
- //post restrictions
50
- add_filter('page_row_actions', array($this, 'postRowActions'), 10, 2);
51
- add_filter('post_row_actions', array($this, 'postRowActions'), 10, 2);
52
-
53
- //user/role filters
54
- if (!is_multisite() || !is_super_admin()) {
55
- add_filter('editable_roles', array($this, 'filterRoles'));
56
- add_action('pre_get_users', array($this, 'filterUserQuery'), 999);
57
- add_filter('views_users', array($this, 'filterViews'));
58
- }
59
-
60
- AAM_Backend_Authorization::bootstrap(); //bootstrap backend authorization
61
- }
62
-
63
- /**
64
- * Filter the Admin Menu
65
- *
66
- * @param string $parent_file
67
- *
68
- * @return string
69
- *
70
- * @access public
71
- */
72
- public function filterMenu($parent_file) {
73
- //filter admin menu
74
- AAM::getUser()->getObject('menu')->filter();
75
-
76
- return $parent_file;
77
- }
78
-
79
- /**
80
- * Handle metabox initialization process
81
- *
82
- * @return void
83
- *
84
- * @access public
85
- */
86
- public function metaboxes() {
87
- global $post;
88
-
89
- //make sure that nobody is playing with screen options
90
- if (is_a($post, 'WP_Post')) {
91
- $screen = $post->post_type;
92
- } else {
93
- $screen_object = get_current_screen();
94
- $screen = ($screen_object ? $screen_object->id : '');
95
- }
96
-
97
- if (AAM_Core_Request::get('init') !== 'metabox') {
98
- if ($screen !== 'widgets') {
99
- AAM::getUser()->getObject('metabox')->filterBackend($screen);
100
- } else {
101
- AAM::getUser()->getObject('metabox')->filterAppearanceWidgets();
102
- }
103
- }
104
- }
105
-
106
- /**
107
- * Manage notifications visibility
108
- *
109
- * @return void
110
- *
111
- * @access public
112
- */
113
- public function adminNotices() {
114
- if (AAM_Core_API::capabilityExists('show_admin_notices')) {
115
- if (!current_user_can('show_admin_notices')) {
116
- remove_all_actions('admin_notices');
117
- remove_all_actions('network_admin_notices');
118
- remove_all_actions('user_admin_notices');
119
- }
120
- }
121
- }
122
-
123
- /**
124
- * Post Quick Menu Actions Filtering
125
- *
126
- * @param array $actions
127
- * @param WP_Post $post
128
- *
129
- * @return array
130
- *
131
- * @access public
132
- */
133
- public function postRowActions($actions, $post) {
134
- $object = AAM::getUser()->getObject('post', $post->ID, $post);
135
-
136
- //filter edit menu
137
- if (!$object->allowed('backend.edit')) {
138
- if (isset($actions['edit'])) {
139
- unset($actions['edit']);
140
- }
141
- if (isset($actions['inline hide-if-no-js'])) {
142
- unset($actions['inline hide-if-no-js']);
143
- }
144
- }
145
-
146
- //filter delete menu
147
- if (!$object->allowed('backend.delete')) {
148
- if (isset($actions['trash'])) { unset($actions['trash']); }
149
- if (isset($actions['delete'])) { unset($actions['delete']); }
150
- }
151
-
152
- //filter edit menu
153
- if (!$object->allowed('backend.publish')) {
154
- if (isset($actions['inline hide-if-no-js'])) {
155
- unset($actions['inline hide-if-no-js']);
156
- }
157
- }
158
-
159
- return $actions;
160
- }
161
-
162
- /**
163
- * Filter roles
164
- *
165
- * @param array $roles
166
- *
167
- * @return array
168
- */
169
- public function filterRoles($roles) {
170
- static $levels = array(); // to speed-up the execution
171
-
172
- $userLevel = AAM::getUser()->getMaxLevel();
173
-
174
- //filter roles
175
- foreach($roles as $id => $role) {
176
- if (!empty($role['capabilities']) && is_array($role['capabilities'])) {
177
- if (!isset($levels[$id])) {
178
- $levels[$id] = AAM_Core_API::maxLevel($role['capabilities']);
179
- }
180
- if ($userLevel < $levels[$id]) {
181
- unset($roles[$id]);
182
- } elseif ($userLevel === $levels[$id] && $this->filterSameLevel()) {
183
- unset($roles[$id]);
184
- }
185
- }
186
- }
187
-
188
- return $roles;
189
- }
190
-
191
- /**
192
- *
193
- * @return type
194
- */
195
- protected function filterSameLevel() {
196
- $response = false;
197
-
198
- if (AAM_Core_API::capabilityExists('manage_same_user_level')) {
199
- $response = !current_user_can('manage_same_user_level');
200
- }
201
-
202
- return $response;
203
- }
204
-
205
- /**
206
- * Filter user query
207
- *
208
- * Exclude all users that have higher user level
209
- *
210
- * @param object $query
211
- *
212
- * @access public
213
- *
214
- * @return void
215
- */
216
- public function filterUserQuery($query) {
217
- //current user max level
218
- $max = AAM::getUser()->getMaxLevel();
219
- $exclude = array();
220
- $roles = AAM_Core_API::getRoles();
221
-
222
- foreach($roles->role_objects as $id => $role) {
223
- $roleMax = AAM_Core_API::maxLevel($role->capabilities);
224
- if ($roleMax > $max ) {
225
- $exclude[] = $id;
226
- } elseif ($roleMax === $max && $this->filterSameLevel()) {
227
- $exclude[] = $id;
228
- }
229
- }
230
-
231
- $query->query_vars['role__not_in'] = $exclude;
232
- }
233
-
234
- /**
235
- * Filter user list view options
236
- *
237
- * @param array $views
238
- *
239
- * @return array
240
- *
241
- * @access public
242
- */
243
- public function filterViews($views) {
244
- $max = AAM::getUser()->getMaxLevel();
245
- $roles = AAM_Core_API::getRoles();
246
-
247
- foreach($roles->role_objects as $id => $role) {
248
- $roleMax = AAM_Core_API::maxLevel($role->capabilities);
249
- if (isset($views[$id])) {
250
- if ($roleMax > $max) {
251
- unset($views[$id]);
252
- } elseif ($roleMax === $max && $this->filterSameLevel()) {
253
- unset($views[$id]);
254
- }
255
- }
256
- }
257
-
258
- return $views;
259
- }
260
-
261
- /**
262
- * Register backend filters and actions
263
- *
264
- * @return void
265
- *
266
- * @access public
267
- */
268
- public static function register() {
269
- if (is_null(self::$_instance)) {
270
- self::$_instance = new self;
271
- }
272
- }
273
-
274
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/Manager.php CHANGED
@@ -5,413 +5,220 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Backend manager
12
  *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_Manager {
 
17
 
18
- /**
19
- * Single instance of itself
20
- *
21
- * @var AAM_Backend_Manager
22
- *
23
- * @access private
24
- */
25
- private static $_instance = null;
26
 
27
  /**
28
- * Initialize the object
29
  *
30
  * @return void
31
  *
32
  * @access protected
 
33
  */
34
- protected function __construct() {
35
- //check if user is allowed to see backend
36
- $this->checkUserAccess();
37
-
38
- //check if user switch is required
39
- $this->checkUserSwitch();
40
-
41
  //print required JS & CSS
42
- add_action('admin_print_scripts', array($this, 'printJavascript'));
43
  add_action('admin_print_footer_scripts', array($this, 'printFooterJavascript'));
 
44
  add_action('admin_print_styles', array($this, 'printStylesheet'));
45
 
46
- //user profile update action
47
- add_action('profile_update', array($this, 'profileUpdate'), 10, 2);
48
-
49
- //alter user edit screen with support for multiple roles
50
  if (AAM::api()->getConfig('core.settings.multiSubject', false)) {
51
- add_action('show_user_profile', array($this, 'userEditPage'));
52
- add_action('edit_user_profile', array($this, 'userEditPage'));
53
- }
54
-
55
- //post title decorator
56
- add_filter('the_title', array($this, 'theTitle'), 999, 2);
57
-
58
- //cover any kind of surprize things by other funky plugins
59
- add_filter('pre_update_option', array($this, 'updateOption'), 10, 3);
60
- add_filter('role_has_cap', array($this, 'roleHasCap'), 1, 3);
61
-
62
- //permalink manager
63
- add_filter('get_sample_permalink_html', array($this, 'getPermalinkHtml'), 10, 5);
64
-
65
- //access policy save
66
- add_filter('wp_insert_post_data', array($this, 'filterPostData'), 10, 2);
67
 
68
- //screen options & contextual help hooks
69
- add_filter('screen_options_show_screen', array($this, 'screenOptions'));
70
- add_filter('contextual_help', array($this, 'helpOptions'), 10, 3);
 
71
 
72
- //manager Admin Menu
73
  if (is_multisite() && is_network_admin()) {
74
- //register AAM in the network admin panel
75
  add_action('_network_admin_menu', array($this, 'adminMenu'));
76
  } else {
77
  add_action('_user_admin_menu', array($this, 'adminMenu'));
78
  add_action('_admin_menu', array($this, 'adminMenu'));
79
- add_action('all_admin_notices', array($this, 'notification'));
80
- }
81
-
82
- if (AAM_Core_Config::get('ui.settings.renderAccessMetabox', true)) {
83
- add_action('edit_category_form_fields', array($this, 'renderTermMetabox'), 1);
84
- add_action('edit_link_category_form_fields', array($this, 'renderTermMetabox'), 1);
85
- add_action('edit_tag_form_fields', array($this, 'renderTermMetabox'), 1);
86
-
87
- //register custom access control metabox
88
- add_action('add_meta_boxes', array($this, 'metabox'));
89
  }
90
 
91
- //register custom access control metabox
92
- add_action('add_meta_boxes', array($this, 'registerPolicyDocMetabox'));
93
-
94
- //manager AAM Ajax Requests
95
  add_action('wp_ajax_aam', array($this, 'ajax'));
96
- //manager AAM Features Content rendering
97
  add_action('admin_action_aamc', array($this, 'renderContent'));
98
- //manager user search and authentication control
99
- add_filter('user_search_columns', array($this, 'searchColumns'));
100
-
101
- //manager WordPress metaboxes
102
- add_action("in_admin_header", array($this, 'initMetaboxes'), 999);
103
 
104
- // manage Navigation Menu page to support
105
- // https://forum.aamplugin.com/d/61-restrict-role-from-updating-or-deleting-specific-navigation-menus
106
- add_filter('nav_menu_meta_box_object', array($this, 'manageNavMenuMetabox'));
 
 
107
 
108
- if (AAM_Core_Config::get('ui.settings.renderAccessActionLink', true)) {
109
- //extend post inline actions
110
- add_filter('page_row_actions', array($this, 'postRowActions'), 10, 2);
111
- add_filter('post_row_actions', array($this, 'postRowActions'), 10, 2);
112
-
113
- //extend term inline actions
114
- add_filter('tag_row_actions', array($this, 'tagRowActions'), 10, 2);
115
-
116
- //manage access action to the user list
117
- add_filter('user_row_actions', array($this, 'userActions'), 10, 2);
118
- }
119
-
120
- //footer thank you
121
  add_filter('admin_footer_text', array($this, 'thankYou'), 999);
122
 
123
- //control admin area
124
  add_action('admin_init', array($this, 'adminInit'));
125
 
126
- //password reset feature
127
- add_filter('show_password_fields', array($this, 'canChangePassword'), 10, 2);
128
- add_action('check_passwords', array($this, 'canUpdatePassword'), 10, 3);
129
-
130
- //admin toolbar
131
- if (AAM::isAAM()) {
132
- add_action('wp_after_admin_bar_render', array($this, 'cacheAdminBar'));
133
- }
134
-
135
- //register login widget
136
- if (AAM_Core_Config::get('core.settings.secureLogin', true)) {
137
- add_action('widgets_init', function() {
138
- register_widget('AAM_Backend_Widget_Login');
139
- });
140
- add_action('wp_ajax_nopriv_aamlogin', array($this, 'handleLogin'));
141
- }
142
-
143
- //register backend hooks and filters
144
- if (AAM_Core_Config::get('core.settings.backendAccessControl', true)) {
145
- AAM_Backend_Filter::register();
146
- }
147
-
148
- AAM_Extension_Repository::getInstance()->hasUpdates();
149
-
150
- if (version_compare(PHP_VERSION, '5.3.0') === -1) {
151
- AAM_Core_Console::add(
152
- 'AAM requires PHP version 5.3.0 or higher to function properly'
153
- );
154
- }
155
- }
156
-
157
- /**
158
- * Undocumented function
159
- *
160
- * @param [type] $caps
161
- * @param [type] $cap
162
- *
163
- * @return void
164
- */
165
- public function roleHasCap($caps, $cap) {
166
- if (strpos($cap, 'aam|') === 0) {
167
- $parts = explode('|', $cap);
168
- if (isset($caps[$parts[2]])) {
169
- $caps[$cap] = $caps[$parts[2]];
170
- }
171
- }
172
-
173
- return $caps;
174
- }
175
-
176
- /**
177
- * Undocumented function
178
- *
179
- * @param [type] $value
180
- * @param [type] $option
181
- * @param [type] $old_value
182
- * @return void
183
- */
184
- public function updateOption($value, $option, $old_value) {
185
- global $wpdb;
186
-
187
- if ($option === $wpdb->prefix . 'user_roles') {
188
- //Remove all phseudo capabilities from list of caps
189
- foreach($value as &$role) {
190
- foreach($role['capabilities'] as $cap => $granted) {
191
- if (strpos($cap, 'aam|') === 0) {
192
- $parts = explode('|', $cap);
193
- unset($role['capabilities'][$cap]);
194
- $role['capabilities'][$parts[2]] = $granted;
195
- }
196
- }
197
- }
198
  }
199
-
200
- return $value;
201
  }
202
 
203
  /**
204
- * Undocumented function
205
  *
206
- * @param [type] $user
207
  * @return void
208
- */
209
- public function userEditPage($user) {
210
- ob_start();
211
- require_once dirname(__FILE__) . '/phtml/user/multiple-roles.phtml';
212
- $content = ob_get_contents();
213
- ob_end_clean();
214
-
215
- echo $content;
216
- }
217
-
218
- /**
219
  *
220
- * @param type $postType
221
- * @return type
222
  */
223
- public function manageNavMenuMetabox($postType) {
224
- $postType->_default_query['suppress_filters'] = false;
 
 
225
 
226
- return $postType;
227
- }
228
 
229
- /**
230
- *
231
- * @param boolean $result
232
- * @param type $user
233
- * @return boolean
234
- */
235
- public function canChangePassword($result, $user) {
236
- $isProfile = $user->ID === get_current_user_id();
237
- if ($isProfile) {
238
- if (AAM_Core_API::capabilityExists('change_own_password')
239
- && !current_user_can('change_own_password')) {
240
- $result = false;
241
  }
242
- } elseif (AAM_Core_API::capabilityExists('change_passwords')
243
- && !current_user_can('change_passwords')) {
244
- $result = false;
245
- }
246
-
247
- return $result;
248
- }
249
 
250
- /**
251
- *
252
- * @param type $login
253
- * @param type $password
254
- */
255
- public function canUpdatePassword($login, &$password, &$password2) {
256
- $userId = AAM_Core_Request::post('user_id');
257
- $isProfile = $userId === get_current_user_id();
258
-
259
- if ($isProfile) {
260
- if (AAM_Core_API::capabilityExists('change_own_password')
261
- && !current_user_can('change_own_password')) {
262
- $password = $password2 = null;
263
  }
264
- } elseif (AAM_Core_API::capabilityExists('change_passwords')
265
- && !current_user_can('change_passwords')) {
266
- $password = $password2 = null;
267
  }
268
- }
269
 
270
- /**
271
- *
272
- * @param type $data
273
- * @return type
274
- */
275
- public function filterPostData($data) {
276
- if (isset($data['post_type']) && ($data['post_type'] === 'aam_policy')) {
277
- $content = trim(filter_input(INPUT_POST, 'aam-policy'));
278
-
279
- if (empty($data['post_content'])) {
280
- $content = AAM_Backend_View_Helper::getDefaultPolicy();
281
- }
282
-
283
- $content = $this->formatPolicy($content);
284
-
285
- if (!empty($content)) { // Edit form was submitted
286
- $content = addslashes($content);
287
- }
288
 
289
- $data['post_content'] = $content;
 
 
 
 
 
290
  }
291
-
292
- return $data;
293
  }
294
 
295
  /**
296
- * Undocumented function
297
  *
298
- * @param [type] $content
299
  * @return void
300
- */
301
- protected function formatPolicy($content) {
302
- $json = json_decode($content);
303
-
304
- if (!empty($json)) {
305
- $content = wp_json_encode($json, JSON_PRETTY_PRINT);
306
- }
307
-
308
- return $content;
309
- }
310
-
311
- /**
312
  *
 
 
313
  */
314
- public function renderExportFields() {
315
- ob_start();
316
- require_once dirname(__FILE__) . '/phtml/system/export.phtml';
317
- $content = ob_get_contents();
318
- ob_end_clean();
319
-
320
- echo $content;
321
- }
322
-
323
- /**
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
324
  *
325
- * @param type $args
326
- * @return type
327
- */
328
- public function prepareExportArgs($args) {
329
- if ($args['content'] === 'aam') {
330
- $export = array();
331
-
332
- foreach(AAM_Core_Request::get('export', array()) as $group => $settings) {
333
- $export[$group] = implode(',', $settings);
334
- }
335
-
336
- if (empty($export)) {
337
- $export = array('system' => 'roles,utilities,configpress');
338
- }
339
-
340
- $args['export'] = $export;
341
- }
342
-
343
- return $args;
344
- }
345
-
346
- /**
347
  *
348
- * @param type $args
 
349
  */
350
- public function exportSettings($args) {
351
- if ($args['content'] === 'aam') {
352
- $filename = 'aam.export.' . date('Y-m-d') . '.json';
353
- header('Content-Description: File Transfer');
354
- header('Content-Disposition: attachment; filename=' . $filename);
355
- header('Content-Type: application/json; charset=' . get_option('blog_charset'), true);
356
- $exporter = new AAM_Core_Exporter($args['export']);
357
- echo wp_json_encode($exporter->run());
358
- die();
359
  }
360
  }
361
 
362
  /**
 
363
  *
364
- */
365
- protected function registerAAMImporter() {
366
- register_importer(
367
- 'aam',
368
- 'AAM Access Settings',
369
- 'Advanced Access Manager access settings and configurations',
370
- array($this, 'renderImporter')
371
- );
372
- }
373
-
374
- /**
375
  *
376
- */
377
- public function renderImporter() {
378
- $importer = new AAM_Core_Importer();
379
- $importer->dispatch();
380
- }
381
-
382
- /**
383
  *
384
- * @param string $html
385
- * @return string
386
  */
387
- public function getPermalinkHtml($html) {
388
- if (AAM_Core_API::capabilityExists('edit_permalink')
389
- && !current_user_can('edit_permalink')) {
390
- $html = '';
391
- }
392
-
393
- return $html;
394
  }
395
 
396
  /**
397
  * Profile updated hook
398
  *
399
- * Adjust expiration time and user cache if profile updated
400
- *
401
- * @param int $id
402
- * @param WP_User $old
403
  *
404
  * @return void
405
  *
406
  * @access public
 
407
  */
408
- public function profileUpdate($id, $old) {
 
409
  $user = get_user_by('ID', $id);
410
 
411
  //save selected user roles
412
  if (AAM::api()->getConfig('core.settings.multiSubject', false)) {
413
  $roles = filter_input(
414
- INPUT_POST, 'aam_user_roles', FILTER_DEFAULT , FILTER_REQUIRE_ARRAY
 
 
 
415
  );
416
 
417
  // let's make sure that the list of roles is array
@@ -423,8 +230,8 @@ class AAM_Backend_Manager {
423
  if (!empty($newRoles)) {
424
  //remove all current roles and then set new
425
  $user->set_role('');
426
- // TODO: Fix the bug where multiple roles are not removed
427
- foreach($newRoles as $role) {
428
  $user->add_role($role);
429
  }
430
  }
@@ -432,101 +239,38 @@ class AAM_Backend_Manager {
432
  }
433
 
434
  /**
435
- * Filter post title
436
- *
437
- * @param string $title
438
- * @param int $id
439
  *
440
- * @return string
441
  *
442
  * @access public
 
443
  */
444
- public function theTitle($title, $id = null) {
445
- if (empty($title) && AAM::isAAM()) { //apply filter only for AAM page
446
- $title = '[No Title]: ID ' . ($id ? $id : '[No ID]');
447
- }
448
-
449
- return $title;
450
- }
451
-
452
- /**
453
- *
454
- * @param type $flag
455
- * @return type
456
- */
457
- public function screenOptions($flag) {
458
- if (AAM_Core_API::capabilityExists('show_screen_options')) {
459
- $flag = current_user_can('show_screen_options');
460
- }
461
 
462
- if (AAM::isAAM()) {
463
- $flag = false;
464
  }
465
-
466
- return $flag;
467
  }
468
 
469
  /**
 
470
  *
471
- * @param array $help
472
- * @param type $id
473
- * @param type $screen
474
- * @return array
475
- */
476
- public function helpOptions($help, $id, $screen) {
477
- if (AAM_Core_API::capabilityExists('show_help_tabs')) {
478
- if (!current_user_can('show_help_tabs')) {
479
- $screen->remove_help_tabs();
480
- $help = array();
481
- }
482
- }
483
-
484
- if (AAM::isAAM()) {
485
- $screen->remove_help_tabs();
486
- }
487
-
488
- return $help;
489
- }
490
-
491
- /**
492
- *
493
- * @return type
494
- */
495
- public function handleLogin() {
496
- $login = AAM_Core_Login::getInstance();
497
-
498
- echo wp_json_encode($login->execute());
499
- exit;
500
- }
501
-
502
- /**
503
- *
504
- */
505
- public function adminInit() {
506
- $frame = AAM_Core_Request::get('aamframe');
507
-
508
- if ($frame && current_user_can('aam_manage_posts')) {
509
- echo AAM_Backend_View::getInstance()->renderAccessFrame();
510
- exit;
511
- }
512
-
513
- // Import/Export feature
514
- add_action('export_filters', array($this, 'renderExportFields'));
515
- add_filter('export_args', array($this, 'prepareExportArgs'));
516
- add_action('export_wp', array($this, 'exportSettings'));
517
- $this->registerAAMImporter();
518
- }
519
-
520
- /**
521
  *
522
- * @param type $text
523
  * @return string
 
 
 
524
  */
525
- public function thankYou($text) {
 
526
  if (AAM::isAAM()) {
527
  $text = '<span id="footer-thankyou">';
528
- $text .= '<b>Please help us</b> and submit your review <a href="';
529
- $text .= 'https://wordpress.org/support/plugin/advanced-access-manager/reviews/"';
530
  $text .= 'target="_blank"><i class="icon-star"></i>';
531
  $text .= '<i class="icon-star"></i><i class="icon-star"></i>';
532
  $text .= '<i class="icon-star"></i><i class="icon-star"></i></a>';
@@ -537,500 +281,66 @@ class AAM_Backend_Manager {
537
  }
538
 
539
  /**
540
- *
541
- */
542
- protected function checkUserAccess() {
543
- $uid = get_current_user_id();
544
-
545
- if ($uid && AAM_Core_API::capabilityExists('access_dashboard')) {
546
- $caps = AAM::getUser()->allcaps;
547
- // If this is the AJAX call, still allow it because it will break a lot
548
- // of frontend stuff that depends on it
549
- if (empty($caps['access_dashboard']) && !defined('DOING_AJAX')) {
550
- AAM_Core_API::reject(
551
- 'backend', array('hook' => 'access_dashboard')
552
- );
553
- }
554
- }
555
- }
556
-
557
- /**
558
- *
559
- */
560
- protected function checkUserSwitch() {
561
- if (AAM_Core_Request::get('action') === 'aam-switch-back') {
562
- $current = get_current_user_id();
563
- $uid = AAM_Core_API::getOption('aam-user-switch-' . $current);
564
- $redirect = admin_url('admin.php?page=aam&user=' . $current);
565
-
566
- check_admin_referer('aam-switch-' . $uid);
567
-
568
- wp_clear_auth_cookie();
569
- wp_set_auth_cookie( $uid, true );
570
- wp_set_current_user( $uid );
571
-
572
- AAM_Core_API::deleteOption('aam-user-switch-' . $current);
573
-
574
- wp_redirect($redirect);
575
- exit;
576
- }
577
- }
578
-
579
- /**
580
- *
581
- */
582
- public function notification() {
583
- $uid = AAM_Core_API::getOption('aam-user-switch-' . get_current_user_id());
584
-
585
- if ($uid) {
586
- //get user's name
587
- $user = new WP_User($uid);
588
- $name = $user->display_name ? $user->display_name : $user->user_nicename;
589
-
590
- //generate switch back URL
591
- $url = wp_nonce_url(
592
- 'index.php?action=aam-switch-back', 'aam-switch-' . $uid
593
- );
594
-
595
- echo '<div class="updated notice">';
596
- echo '<p style="padding: 10px; font-weight: 700; letter-spacing:0.5px;">';
597
- echo sprintf('Switch back to <a href="%s">%s</a>.', $url, esc_js($name));
598
- echo '</p></div>';
599
- }
600
- }
601
-
602
- /**
603
- *
604
- */
605
- public function metabox() {
606
- global $post;
607
-
608
- $frontend = AAM_Core_Config::get('core.settings.frontendAccessControl', true);
609
- $backend = AAM_Core_Config::get('core.settings.backendAccessControl', true);
610
- $api = AAM_Core_Config::get('core.settings.apiAccessControl', true);
611
-
612
- $needAC = ($frontend || $backend || $api);
613
- $allowed = current_user_can('aam_manage_posts');
614
- $notASP = (!is_a($post, 'WP_Post') || ($post->post_type !== 'aam_policy'));
615
-
616
- if ($needAC && $allowed && $notASP) {
617
- add_meta_box(
618
- 'aam-access-manager',
619
- __('Access Manager', AAM_KEY),
620
- array($this, 'renderPostMetabox'),
621
- null,
622
- 'advanced',
623
- 'high'
624
- );
625
- }
626
- }
627
-
628
- /**
629
- *
630
- * @global WP_Post $post
631
- */
632
- public function registerPolicyDocMetabox() {
633
- global $post;
634
-
635
- if (is_a($post, 'WP_Post') && ($post->post_type === 'aam_policy')) {
636
- add_meta_box(
637
- 'aam-policy',
638
- __('Policy Document', AAM_KEY),
639
- array($this, 'renderPolicyMetabox'),
640
- null,
641
- 'normal',
642
- 'high'
643
- );
644
- add_meta_box(
645
- 'aam-policy-attached',
646
- __('Policy Principals', AAM_KEY),
647
- array($this, 'renderPolicyPrincipalMetabox'),
648
- null,
649
- 'side'
650
- );
651
- }
652
- }
653
-
654
- /**
655
- *
656
- * @global WP_Post $post
657
- */
658
- public function renderPolicyMetabox() {
659
- global $post;
660
-
661
- if (is_a($post, 'WP_Post')) {
662
- echo AAM_Backend_View::getInstance()->renderPolicyMetabox($post);
663
- }
664
- }
665
-
666
- /**
667
- *
668
- * @global WP_Post $post
669
- */
670
- public function renderPolicyPrincipalMetabox() {
671
- global $post;
672
-
673
- if (is_a($post, 'WP_Post')) {
674
- echo AAM_Backend_View::getInstance()->renderPolicyPrincipalMetabox($post);
675
- }
676
- }
677
-
678
- /**
679
- *
680
- * @global type $wp_admin_bar
681
- */
682
- public function cacheAdminBar() {
683
- global $wp_admin_bar;
684
- static $cache = null;
685
-
686
- $reflection = new ReflectionClass(get_class($wp_admin_bar));
687
-
688
- if ($reflection->hasProperty('nodes')) {
689
- $prop = $reflection->getProperty('nodes');
690
- $prop->setAccessible(true);
691
-
692
- $nodes = $prop->getValue($wp_admin_bar);
693
-
694
- if (isset($nodes['root']) && is_null($cache)) {
695
- $cache = array();
696
- foreach($nodes['root']->children as $node) {
697
- $cache = array_merge($cache, $node->children);
698
- }
699
-
700
- // do some cleanup
701
- foreach($cache as $i => $node) {
702
- if ($node->id === 'menu-toggle') {
703
- unset($cache[$i]);
704
- }
705
- }
706
- }
707
- }
708
-
709
- return $cache;
710
- }
711
-
712
- /**
713
- *
714
- * @global type $post
715
- */
716
- public function renderPostMetabox() {
717
- global $post;
718
-
719
- if (is_a($post, 'WP_Post')) {
720
- echo AAM_Backend_View::getInstance()->renderPostMetabox($post);
721
- }
722
- }
723
-
724
- /**
725
- *
726
- * @param type $term
727
- */
728
- public function renderTermMetabox($term) {
729
- if (is_a($term, 'WP_Term')) {
730
- $frontend = AAM_Core_Config::get('core.settings.frontendAccessControl', true);
731
- $backend = AAM_Core_Config::get('core.settings.backendAccessControl', true);
732
- $api = AAM_Core_Config::get('core.settings.apiAccessControl', true);
733
-
734
- if (($frontend || $backend || $api) && current_user_can('aam_manage_posts')) {
735
- echo AAM_Backend_View::getInstance()->renderTermMetabox($term);
736
- }
737
- }
738
- }
739
-
740
- /**
741
- * Handle Metabox initialization process
742
  *
743
  * @return void
744
  *
745
  * @access public
746
- */
747
- public function initMetaboxes() {
748
- global $post;
749
-
750
- if (AAM_Core_Request::get('init') === 'metabox') {
751
- //make sure that nobody is playing with screen options
752
- if (is_a($post, 'WP_Post')) {
753
- $screen = $post->post_type;
754
- } else {
755
- $screen_object = get_current_screen();
756
- $screen = ($screen_object ? $screen_object->id : '');
757
- }
758
-
759
- $model = new AAM_Backend_Feature_Main_Metabox;
760
- $model->initialize($screen);
761
- }
762
- }
763
-
764
- /**
765
- * Add extra column to search in for User search
766
  *
767
- * @param array $columns
768
- *
769
- * @return array
770
- *
771
- * @access public
772
  */
773
- public function searchColumns($columns) {
774
- $columns[] = 'display_name';
 
775
 
776
- return $columns;
777
- }
778
-
779
- /**
780
- *
781
- * @param type $actions
782
- * @param type $post
783
- * @return string
784
- */
785
- public function postRowActions($actions, $post) {
786
- if ($this->renderExternalUIFeature('aam_manage_posts')) {
787
- $url = admin_url('admin.php?page=aam&oid=' . $post->ID . '&otype=post#post');
788
-
789
- $actions['aam'] = '<a href="' . $url . '" target="_blank">';
790
- $actions['aam'] .= __('Access', AAM_KEY) . '</a>';
791
- }
792
-
793
- return $actions;
794
- }
795
-
796
- /**
797
- *
798
- * @param type $actions
799
- * @param type $term
800
- * @return string
801
- */
802
- public function tagRowActions($actions, $term) {
803
- if ($this->renderExternalUIFeature('aam_manage_posts')) {
804
- $oid = $term->term_id . '|' . $term->taxonomy;
805
- $url = admin_url('admin.php?page=aam&oid=' . $oid . '&otype=term#post');
806
-
807
- $actions['aam'] = '<a href="' . $url . '" target="_blank">';
808
- $actions['aam'] .= __('Access', AAM_KEY) . '</a>';
809
- }
810
-
811
- return $actions;
812
- }
813
 
814
- /**
815
- * Add "Manage Access" action
816
- *
817
- * Add additional action to the user list table.
818
- *
819
- * @param array $actions
820
- * @param WP_User $user
821
- *
822
- * @return array
823
- *
824
- * @access public
825
- */
826
- public function userActions($actions, $user) {
827
- if ($this->renderExternalUIFeature('aam_manage_users')
828
- || $this->renderExternalUIFeature('list_users')) {
829
- $url = admin_url('admin.php?page=aam&user=' . $user->ID);
830
-
831
- $actions['aam'] = '<a href="' . $url . '" target="_blank">';
832
- $actions['aam'] .= __('Access', AAM_KEY) . '</a>';
833
- }
834
-
835
- return $actions;
836
- }
837
-
838
- /**
839
- *
840
- * @param type $cap
841
- * @return type
842
- */
843
- protected function renderExternalUIFeature($cap) {
844
- $frontend = AAM_Core_Config::get('core.settings.frontendAccessControl', true);
845
- $backend = AAM_Core_Config::get('core.settings.backendAccessControl', true);
846
- $api = AAM_Core_Config::get('core.settings.apiAccessControl', true);
847
- $aamManager = current_user_can('aam_manager');
848
- $featureManager = current_user_can($cap);
849
-
850
- return ($frontend || $backend || $api) && $aamManager && $featureManager;
851
- }
852
-
853
- /**
854
- * Print javascript libraries
855
- *
856
- * @return void
857
- *
858
- * @access public
859
- */
860
- public function printJavascript() {
861
- if (AAM::isAAM()) {
862
- wp_enqueue_script('aam-vendor', AAM_MEDIA . '/js/vendor.js');
863
- wp_enqueue_script('aam-main', AAM_MEDIA . '/js/aam-5.10.js');
864
-
865
- //add plugin localization
866
- $this->printLocalization('aam-main');
867
- }
868
- }
869
-
870
- /**
871
- *
872
- * @global type $menu
873
- * @global type $submenu
874
- */
875
- public function printFooterJavascript() {
876
- global $menu, $submenu;
877
-
878
- if (AAM::isAAM()) {
879
-
880
- $script = '<script type="text/javascript">';
881
- $script .= 'var aamEnvData = ' . wp_json_encode(array(
882
- 'menu' => base64_encode(json_encode($menu)),
883
- 'submenu' => base64_encode(json_encode($submenu)),
884
- 'toolbar' => base64_encode(json_encode($this->cacheAdminBar()))
885
- )) ;
886
- $script .= '</script>';
887
-
888
- echo $script;
889
- }
890
- }
891
-
892
- /**
893
- * Print plugin localization
894
- *
895
- * @param string $localKey
896
- *
897
- * @return void
898
- *
899
- * @access protected
900
- */
901
- protected function printLocalization($localKey) {
902
- $subject = AAM_Backend_Subject::getInstance();
903
-
904
- $locals = array(
905
- 'nonce' => wp_create_nonce('aam_ajax'),
906
- 'ajaxurl' => esc_url(admin_url('admin-ajax.php')),
907
- 'ui' => AAM_Core_Request::get('aamframe', 'main'),
908
- 'url' => array(
909
- 'site' => esc_url(admin_url('index.php')),
910
- 'editUser' => esc_url(admin_url('user-edit.php')),
911
- 'addUser' => esc_url(admin_url('user-new.php')),
912
- 'addPolicy' => esc_url(admin_url('post-new.php?post_type=aam_policy'))
913
- ),
914
- 'level' => AAM::getUser()->getMaxLevel(),
915
- 'subject' => array(
916
- 'type' => $subject->getUID(),
917
- 'id' => $subject->getId(),
918
- 'name' => $subject->getName(),
919
- 'level' => $subject->getMaxLevel(),
920
- 'blog' => get_current_blog_id()
921
- ),
922
- 'system' => array(
923
- 'domain' => wp_parse_url(site_url(), PHP_URL_HOST),
924
- 'uid' => AAM_Core_API::getOption('aam-uid', null, 'site'),
925
- 'apiV1Endpoint' => AAM_Core_Server::getEndpoint('V1'),
926
- 'apiV2Endpoint' => AAM_Core_Server::getEndpoint('V2')
927
- ),
928
- 'translation' => AAM_Backend_View_Localization::get(),
929
- 'caps' => array(
930
- 'create_roles' => current_user_can('aam_create_roles'),
931
- 'create_users' => current_user_can('create_users')
932
- )
933
- );
934
-
935
- wp_localize_script($localKey, 'aamLocal', $locals);
936
- }
937
-
938
- /**
939
- * Print necessary styles
940
- *
941
- * @return void
942
- *
943
- * @access public
944
- */
945
- public function printStylesheet() {
946
- if (AAM::isAAM()) {
947
- wp_enqueue_style('aam-bt', AAM_MEDIA . '/css/bootstrap.min.css');
948
- wp_enqueue_style('aam-db', AAM_MEDIA . '/css/datatables.min.css');
949
- wp_enqueue_style('aam-main', AAM_MEDIA . '/css/aam.css');
950
  }
951
- }
952
 
953
- /**
954
- * Register Admin Menu
955
- *
956
- * @return void
957
- *
958
- * @access public
959
- */
960
- public function adminMenu() {
961
- if (AAM_Core_Console::count() && current_user_can('aam_show_notifications')) {
962
- $counter = '&nbsp;<span class="update-plugins">'
963
- . '<span class="plugin-count">' . AAM_Core_Console::count()
964
- . '</span></span>';
965
- } else {
966
- $counter = '';
967
- }
968
 
969
- //register the menu
970
  add_menu_page(
971
  'AAM',
972
- 'AAM' . $counter,
973
- (AAM_Core_API::capabilityExists('aam_manager') ? 'aam_manager' : 'administrator'),
974
  'aam',
975
- array($this, 'renderPage'),
 
 
976
  AAM_MEDIA . '/active-menu.svg'
977
  );
978
-
979
- // Access policy page
980
- add_submenu_page(
981
- 'aam',
982
- 'Access Policies',
983
- 'Access Policies',
984
- AAM_Core_Config::get(
985
- 'policy.capability',
986
- (AAM_Core_API::capabilityExists('aam_manage_policy') ? 'aam_manage_policy' : 'administrator')
987
- ),
988
- 'edit.php?post_type=aam_policy'
989
- );
990
-
991
- $type = get_post_type_object('aam_policy');
992
- if (current_user_can($type->cap->create_posts)) {
993
- add_submenu_page(
994
- 'aam',
995
- 'Add New Policy',
996
- 'Add New Policy',
997
- $type->cap->create_posts,
998
- 'post-new.php?post_type=aam_policy'
999
- );
1000
- }
1001
-
1002
- }
1003
-
1004
- /**
1005
- * Render Main Content page
1006
- *
1007
- * @return void
1008
- *
1009
- * @access public
1010
- */
1011
- public function renderPage() {
1012
- echo AAM_Backend_View::getInstance()->renderPage();
1013
  }
1014
 
1015
  /**
1016
- * Render list of AAM Features
1017
  *
1018
- * Must be separate from Ajax call because WordPress ajax does not load
1019
- * a lot of UI stuff like admin menu
1020
  *
1021
  * @return void
1022
  *
1023
  * @access public
 
1024
  */
1025
- public function renderContent() {
 
1026
  check_ajax_referer('aam_ajax');
1027
 
1028
  // flush any output buffer
1029
  @ob_clean();
1030
 
1031
  if (current_user_can('aam_manager')) {
 
1032
  $response = AAM_Backend_View::getInstance()->renderContent(
1033
- AAM_Core_Request::post('uiType', 'main')
1034
  );
1035
 
1036
  $accept = AAM_Core_Request::server('HTTP_ACCEPT_ENCODING');
@@ -1045,7 +355,7 @@ class AAM_Backend_Manager {
1045
  if (in_array($zlib, array('1', 'on'), true) && !empty($accept)) {
1046
  header('Vary: Accept-Encoding'); // Handle proxies
1047
 
1048
- if ( false !== stripos($accept, 'gzip') && function_exists('gzencode') ) {
1049
  header('Content-Encoding: gzip');
1050
  $response = ($compressed ? $response : gzencode($response, 3));
1051
  }
@@ -1053,7 +363,7 @@ class AAM_Backend_Manager {
1053
 
1054
  echo $response;
1055
  } else {
1056
- echo __('Access Denied', AAM_KEY);
1057
  }
1058
 
1059
  exit();
@@ -1065,47 +375,23 @@ class AAM_Backend_Manager {
1065
  * @return void
1066
  *
1067
  * @access public
 
1068
  */
1069
- public function ajax() {
 
1070
  check_ajax_referer('aam_ajax');
1071
 
1072
- //clean buffer to make sure that nothing messing around with system
1073
- while (@ob_end_clean()){}
1074
 
1075
- //process ajax request
1076
  if (current_user_can('aam_manager')) {
1077
  echo AAM_Backend_View::getInstance()->processAjax();
1078
  } else {
1079
- echo __('Access Denied', AAM_KEY);
1080
- }
1081
-
1082
- exit();
1083
- }
1084
-
1085
- /**
1086
- * Bootstrap the manager
1087
- *
1088
- * @return AAM_Backend_View
1089
- *
1090
- * @access public
1091
- */
1092
- public static function bootstrap() {
1093
- if (is_null(self::$_instance)) {
1094
- self::$_instance = new self;
1095
  }
1096
 
1097
- return self::$_instance;
1098
- }
1099
-
1100
- /**
1101
- * Get instance of itself
1102
- *
1103
- * @return AAM_Backend_View
1104
- *
1105
- * @access public
1106
- */
1107
- public static function getInstance() {
1108
- return self::bootstrap();
1109
  }
1110
 
1111
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Backend manager
14
  *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_Manager
19
+ {
20
 
21
+ use AAM_Core_Contract_SingletonTrait;
 
 
 
 
 
 
 
22
 
23
  /**
24
+ * Initialize the AAM backend manager
25
  *
26
  * @return void
27
  *
28
  * @access protected
29
+ * @version 6.0.0
30
  */
31
+ protected function __construct()
32
+ {
 
 
 
 
 
33
  //print required JS & CSS
 
34
  add_action('admin_print_footer_scripts', array($this, 'printFooterJavascript'));
35
+ add_action('aam_iframe_footer_action', array($this, 'printFooterJavascript'));
36
  add_action('admin_print_styles', array($this, 'printStylesheet'));
37
 
38
+ // Alter user edit screen with support for multiple roles
 
 
 
39
  if (AAM::api()->getConfig('core.settings.multiSubject', false)) {
40
+ add_action('show_user_profile', array($this, 'addMultiRoleSupport'));
41
+ add_action('edit_user_profile', array($this, 'addMultiRoleSupport'));
42
+ add_action('user_new_form', array($this, 'addMultiRoleSupport'));
 
 
 
 
 
 
 
 
 
 
 
 
 
43
 
44
+ // User profile update action
45
+ add_action('profile_update', array($this, 'profileUpdate'), 10, 2);
46
+ add_action('user_register', array($this, 'profileUpdate'), 10, 2);
47
+ }
48
 
49
+ // Manager Admin Menu
50
  if (is_multisite() && is_network_admin()) {
51
+ // Register AAM in the network admin panel
52
  add_action('_network_admin_menu', array($this, 'adminMenu'));
53
  } else {
54
  add_action('_user_admin_menu', array($this, 'adminMenu'));
55
  add_action('_admin_menu', array($this, 'adminMenu'));
 
 
 
 
 
 
 
 
 
 
56
  }
57
 
58
+ // Manager AAM Ajax Requests
 
 
 
59
  add_action('wp_ajax_aam', array($this, 'ajax'));
60
+ // Manager AAM Features Content rendering
61
  add_action('admin_action_aamc', array($this, 'renderContent'));
 
 
 
 
 
62
 
63
+ // Manager user search on the AAM page
64
+ add_filter('user_search_columns', function($columns) {
65
+ $columns[] = 'display_name';
66
+ return $columns;
67
+ });
68
 
69
+ // Footer thank you
 
 
 
 
 
 
 
 
 
 
 
 
70
  add_filter('admin_footer_text', array($this, 'thankYou'), 999);
71
 
72
+ // Control admin area
73
  add_action('admin_init', array($this, 'adminInit'));
74
 
75
+ // Check for pending migration scripts
76
+ if (current_user_can('update_plugins')) {
77
+ $this->checkMigrationStatus();
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
78
  }
 
 
79
  }
80
 
81
  /**
82
+ * Check if there are any pending settings and if so, trigger migration
83
  *
 
84
  * @return void
 
 
 
 
 
 
 
 
 
 
 
85
  *
86
+ * @access protected
87
+ * @version 6.0.0
88
  */
89
+ protected function checkMigrationStatus()
90
+ {
91
+ if (AAM_Core_Migration::hasPending()) {
92
+ $results = array('errors' => array(), 'dumps' => array());
93
 
94
+ foreach(AAM_Core_Migration::getPending() as $filename) {
95
+ $executed = AAM_Core_Migration::executeScript($filename);
96
 
97
+ if (!empty($executed['errors'])) {
98
+ $results['errors'] = array_merge(
99
+ $results['errors'], $executed['errors']
100
+ );
101
+ $results['dumps'][basename($filename)] = $executed['dump'];
102
+ }
 
 
 
 
 
 
103
  }
 
 
 
 
 
 
 
104
 
105
+ // If there are any errors, store the entire log so user can be notified
106
+ if (!empty($results['errors'])) {
107
+ AAM_Core_Migration::storeFailureLog($results);
 
 
 
 
 
 
 
 
 
 
108
  }
 
 
 
109
  }
 
110
 
111
+ // Check if there are any errors captured during the last migration process
112
+ $log = AAM_Core_Migration::getFailureLog();
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
113
 
114
+ if (!empty($log['errors'])) {
115
+ AAM_Core_Console::add(sprintf(
116
+ __('There was at least one error detected with the automated migration script. %sDownload the log%s for more details and contact our support at %ssupport@aamplugin.com%s for further assistance.', AAM_KEY),
117
+ '<a href="#" id="download-migration-log">', '</a>',
118
+ '<a href="mailto:support@aamplugin.com">', '</a>'
119
+ ));
120
  }
 
 
121
  }
122
 
123
  /**
124
+ * Print all the necessary JS assets for the AAM UI
125
  *
 
126
  * @return void
 
 
 
 
 
 
 
 
 
 
 
 
127
  *
128
+ * @access public
129
+ * @version 6.0.0
130
  */
131
+ public function printFooterJavascript()
132
+ {
133
+ if (AAM::isAAM()) {
134
+ $subject = AAM_Backend_Subject::getInstance();
135
+ $locals = apply_filters('aam_js_localization_filter', array(
136
+ 'nonce' => wp_create_nonce('aam_ajax'),
137
+ 'ajaxurl' => esc_url(admin_url('admin-ajax.php')),
138
+ 'ui' => AAM_Core_Request::get('aamframe', 'main'),
139
+ 'url' => array(
140
+ 'site' => esc_url(admin_url('index.php')),
141
+ 'editUser' => esc_url(admin_url('user-edit.php')),
142
+ 'addUser' => esc_url(admin_url('user-new.php')),
143
+ 'addPolicy' => esc_url(admin_url('post-new.php?post_type=aam_policy'))
144
+ ),
145
+ 'level' => AAM::getUser()->getMaxLevel(),
146
+ 'subject' => array(
147
+ 'type' => $subject->getSubjectType(),
148
+ 'id' => $subject->getId(),
149
+ 'name' => $subject->getName(),
150
+ 'level' => $subject->getMaxLevel()
151
+ ),
152
+ 'system' => array(
153
+ 'apiEndpoint' => AAM_Core_API::getAPIEndpoint()
154
+ ),
155
+ 'translation' => AAM_Backend_View_Localization::get(),
156
+ 'caps' => array(
157
+ 'create_roles' => current_user_can('aam_create_roles'),
158
+ 'create_users' => current_user_can('create_users')
159
+ )
160
+ ));
161
+
162
+ echo '<script type="text/javascript">';
163
+ echo 'var aamLocal = ' . wp_json_encode($locals) . "\n";
164
+ echo file_get_contents(AAM_BASEDIR . '/media/js/vendor.js') . "\n";
165
+ echo file_get_contents(AAM_BASEDIR . '/media/js/aam.js');
166
+ echo '</script>';
167
+ }
168
+ }
169
+
170
+ /**
171
+ * Print all the necessary AAM styles
172
  *
173
+ * @return void
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
174
  *
175
+ * @access public
176
+ * @version 6.0.0
177
  */
178
+ public function printStylesheet()
179
+ {
180
+ if (AAM::isAAM()) {
181
+ wp_enqueue_style('aam-vendor', AAM_MEDIA . '/css/vendor.min.css');
182
+ wp_enqueue_style('aam-main', AAM_MEDIA . '/css/aam.css');
 
 
 
 
183
  }
184
  }
185
 
186
  /**
187
+ * Adjust user edit/add screen to support multiple roles
188
  *
189
+ * @param WP_User|string $param
 
 
 
 
 
 
 
 
 
 
190
  *
191
+ * @return void
 
 
 
 
 
 
192
  *
193
+ * @access public
194
+ * @version 6.0.0
195
  */
196
+ public function addMultiRoleSupport($param)
197
+ {
198
+ require_once dirname(__FILE__) . '/tmpl/user/multiple-roles.php';
 
 
 
 
199
  }
200
 
201
  /**
202
  * Profile updated hook
203
  *
204
+ * @param int $id
 
 
 
205
  *
206
  * @return void
207
  *
208
  * @access public
209
+ * @version 6.0.0
210
  */
211
+ public function profileUpdate($id)
212
+ {
213
  $user = get_user_by('ID', $id);
214
 
215
  //save selected user roles
216
  if (AAM::api()->getConfig('core.settings.multiSubject', false)) {
217
  $roles = filter_input(
218
+ INPUT_POST,
219
+ 'aam_user_roles',
220
+ FILTER_DEFAULT,
221
+ FILTER_REQUIRE_ARRAY
222
  );
223
 
224
  // let's make sure that the list of roles is array
230
  if (!empty($newRoles)) {
231
  //remove all current roles and then set new
232
  $user->set_role('');
233
+
234
+ foreach ($newRoles as $role) {
235
  $user->add_role($role);
236
  }
237
  }
239
  }
240
 
241
  /**
242
+ * Render AAM iframe content if specified
 
 
 
243
  *
244
+ * @return void
245
  *
246
  * @access public
247
+ * @version 6.0.0
248
  */
249
+ public function adminInit()
250
+ {
251
+ $frame = filter_input(INPUT_GET, 'aamframe');
 
 
 
 
 
 
 
 
 
 
 
 
 
 
252
 
253
+ if ($frame) {
254
+ echo AAM_Backend_View::getInstance()->renderIFrame($frame);
255
  }
 
 
256
  }
257
 
258
  /**
259
+ * Render "Thank You" note on the AAM page
260
  *
261
+ * @param string $text
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
262
  *
 
263
  * @return string
264
+ *
265
+ * @access public
266
+ * @version 6.0.0
267
  */
268
+ public function thankYou($text)
269
+ {
270
  if (AAM::isAAM()) {
271
  $text = '<span id="footer-thankyou">';
272
+ $text .= AAM_Backend_View_Helper::preparePhrase('[Help us] to be more noticeable and submit your review', 'b');
273
+ $text .= '<a href="https://wordpress.org/support/plugin/advanced-access-manager/reviews/"';
274
  $text .= 'target="_blank"><i class="icon-star"></i>';
275
  $text .= '<i class="icon-star"></i><i class="icon-star"></i>';
276
  $text .= '<i class="icon-star"></i><i class="icon-star"></i></a>';
281
  }
282
 
283
  /**
284
+ * Register AAM Admin Menu
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
285
  *
286
  * @return void
287
  *
288
  * @access public
289
+ * @version 6.0.0
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
290
  *
291
+ * @link https://aamplugin.com/article/how-to-manage-access-to-aam-page-for-other-users
 
 
 
 
292
  */
293
+ public function adminMenu()
294
+ {
295
+ $bubble = null; // Notification "bubble" for the AAM menu item
296
 
297
+ if (current_user_can('aam_show_notifications')) {
298
+ $count = AAM_Core_Console::count();
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
299
 
300
+ if ($count) {
301
+ $bubble = '&nbsp;<span class="update-plugins">'
302
+ . '<span class="plugin-count">' . $count
303
+ . '</span></span>';
304
+ }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
305
  }
 
306
 
307
+ $hasManagerCap = AAM_Core_API::capExists('aam_manager');
 
 
 
 
 
 
 
 
 
 
 
 
 
 
308
 
309
+ // Register the menu
310
  add_menu_page(
311
  'AAM',
312
+ 'AAM' . $bubble,
313
+ ($hasManagerCap ? 'aam_manager' : 'administrator'),
314
  'aam',
315
+ function() {
316
+ echo AAM_Backend_View::getInstance()->renderPage();
317
+ },
318
  AAM_MEDIA . '/active-menu.svg'
319
  );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
320
  }
321
 
322
  /**
323
+ * Render AAM UI html content
324
  *
325
+ * This is more logical separation between JSON response and HTML response with
326
+ * some additional check for compression
327
  *
328
  * @return void
329
  *
330
  * @access public
331
+ * @version 6.0.0
332
  */
333
+ public function renderContent()
334
+ {
335
  check_ajax_referer('aam_ajax');
336
 
337
  // flush any output buffer
338
  @ob_clean();
339
 
340
  if (current_user_can('aam_manager')) {
341
+ $partial = filter_input(INPUT_POST, 'partial');
342
  $response = AAM_Backend_View::getInstance()->renderContent(
343
+ (!empty($partial) ? $partial : 'main')
344
  );
345
 
346
  $accept = AAM_Core_Request::server('HTTP_ACCEPT_ENCODING');
355
  if (in_array($zlib, array('1', 'on'), true) && !empty($accept)) {
356
  header('Vary: Accept-Encoding'); // Handle proxies
357
 
358
+ if (false !== stripos($accept, 'gzip') && function_exists('gzencode')) {
359
  header('Content-Encoding: gzip');
360
  $response = ($compressed ? $response : gzencode($response, 3));
361
  }
363
 
364
  echo $response;
365
  } else {
366
+ echo -1;
367
  }
368
 
369
  exit();
375
  * @return void
376
  *
377
  * @access public
378
+ * @version 6.0.0
379
  */
380
+ public function ajax()
381
+ {
382
  check_ajax_referer('aam_ajax');
383
 
384
+ // Clean buffer to make sure that nothing messing around with system
385
+ while (@ob_end_clean()) { /* Close all the open buffers and flush them */ }
386
 
387
+ // Process ajax request
388
  if (current_user_can('aam_manager')) {
389
  echo AAM_Backend_View::getInstance()->processAjax();
390
  } else {
391
+ echo -1;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
392
  }
393
 
394
+ exit;
 
 
 
 
 
 
 
 
 
 
 
395
  }
396
 
397
  }
application/Backend/Subject.php CHANGED
@@ -5,211 +5,244 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Backend subject
12
- *
13
- * Currently managed subject. Based on the HTTP request critiria, define what subject
14
  * is currently managed with AAM UI.
15
- *
16
  * @package AAM
17
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
18
  */
19
- class AAM_Backend_Subject {
20
-
21
- /**
22
- * Single instance of itself
23
- *
24
- * @var AAM_Backend_Subject
25
- *
26
- * @access protected
27
- * @static
28
- */
29
- protected static $instance = null;
30
-
31
  /**
32
  * Subject information
33
- *
34
  * @var AAM_Core_Subject
35
- *
36
  * @access protected
 
37
  */
38
  protected $subject = null;
39
-
40
  /**
41
  * Constructor
42
- *
43
  * @return void
44
- *
45
  * @access protected
 
46
  */
47
- protected function __construct() {
48
- $subject = AAM_Core_Request::request('subject');
49
-
 
50
  if ($subject) {
51
- $instance = $this->initRequestedSubject(
52
- $subject, AAM_Core_Request::request('subjectId')
53
- );
54
  } else {
55
  $this->initDefaultSubject();
56
  }
57
  }
58
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
59
  /**
60
  * Initialize requested subject
61
- *
62
  * @param string $type
63
- * @param string $id
64
- *
65
- * @return void
66
- *
67
  * @access protected
 
68
  */
69
- protected function initRequestedSubject($type, $id) {
70
- $classname = 'AAM_Core_Subject_' . ucfirst($type);
71
-
72
- if (class_exists($classname)) {
73
- $subject = new $classname(stripslashes($id));
74
- $subject->initialize();
75
-
76
- $this->setSubject($subject);
77
  } else {
78
- wp_die('Invalid subject type'); exit;
 
79
  }
80
-
 
 
81
  return $subject;
82
  }
83
-
84
  /**
85
  * Initialize default subject
86
- *
87
  * Based on user permissions, pick the first available subject that current user
88
  * can manage with AAM UI
89
- *
90
  * @return void
91
- *
92
  * @access protected
 
93
  */
94
- protected function initDefaultSubject() {
95
- // This cover the scenario when we directly go to user e.g. ?page=aam&user=38
96
- // or through AJAX post request with user ID
97
- $forceUser = AAM_Core_Request::request('user');
98
-
99
- // TODO: The aam_list_roles is legacy and can be removed in Oct 2021
100
- if (!$forceUser && (current_user_can('aam_manage_roles') || current_user_can('aam_list_roles'))) {
101
  $roles = array_keys(get_editable_roles());
102
- $this->initRequestedSubject(AAM_Core_Subject_Role::UID, array_shift($roles));
103
- // TODO: The list_users is legacy and can be removed in Oct 2021
104
- } elseif (current_user_can('aam_manage_users') || current_user_can('list_users')) {
105
  $this->initRequestedSubject(
106
- AAM_Core_Subject_User::UID,
107
- ($forceUser ? intval($forceUser) : get_current_user_id())
 
 
 
108
  );
109
- // TODO: The aam_list_roles is legacy and can be removed in Oct 2021
110
  } elseif (current_user_can('aam_manage_visitors')) {
111
  $this->initRequestedSubject(AAM_Core_Subject_Visitor::UID, null);
112
  } elseif (current_user_can('aam_manage_default')) {
113
  $this->initRequestedSubject(AAM_Core_Subject_Default::UID, null);
 
 
114
  }
115
  }
116
-
117
  /**
118
- * Set subject
119
- *
120
  * @param AAM_Core_Subject $subject
121
- *
122
  * @access protected
 
123
  */
124
- protected function setSubject(AAM_Core_Subject $subject) {
 
125
  $this->subject = $subject;
126
  }
127
 
128
- /**
129
- * Check if current subject is allowed to be managed
130
- *
131
- * @return boolean
132
- *
133
- * @access public
134
- */
135
- public function isAllowedToManage() {
136
- // Determine that current user has enough level to manage requested subject
137
- $sameLevel = false;
138
- if (AAM_Core_API::capabilityExists('manage_same_user_level')) {
139
- $sameLevel = current_user_can('manage_same_user_level');
140
- } else {
141
- $sameLevel = current_user_can('administrator');
142
- }
143
-
144
- $userMaxLevel = AAM::api()->getUser()->getMaxLevel();
145
- $subjectMaxLevel = $this->subject->getMaxLevel();
146
-
147
- if ($sameLevel) {
148
- $allowed = $userMaxLevel >= $subjectMaxLevel;
149
- } else {
150
- $allowed = $userMaxLevel > $subjectMaxLevel;
151
- }
152
-
153
- return $allowed;
154
- }
155
-
156
  /**
157
  * Get subject property
158
- *
159
  * @return mixed
160
- *
161
  * @access public
 
162
  */
163
- public function __get($name) {
164
- return (!empty($this->subject->$name) ? $this->subject->$name : null);
 
165
  }
166
-
167
  /**
168
  * Call subject's method
169
- *
170
  * @param string $name
171
  * @param array $args
172
- *
173
  * @return mixed
174
- *
175
  * @access public
 
176
  */
177
- public function __call($name, $args) {
 
 
178
  //make sure that method is callable
179
  if (method_exists($this->subject, $name)) {
180
  $response = call_user_func_array(array($this->subject, $name), $args);
181
  } else {
182
- $response = null;
 
 
 
 
183
  }
184
 
185
  return $response;
186
  }
187
-
188
  /**
189
- * Get AAM subject
190
- *
191
  * @return AAM_Core_Subject
192
- *
193
  * @access public
 
194
  */
195
- public function get() {
 
196
  return $this->subject;
197
  }
198
-
199
- /**
200
- * Get single instance of the subject
201
- *
202
- * @return AAM_Backend_Subject
203
- *
204
- * @access public
205
- * @static
206
- */
207
- public static function getInstance() {
208
- if (is_null(self::$instance)) {
209
- self::$instance = new self;
210
- }
211
-
212
- return self::$instance;
213
- }
214
-
215
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Backend subject
14
+ *
15
+ * Currently managed subject. Based on the HTTP request data, define what subject
16
  * is currently managed with AAM UI.
17
+ *
18
  * @package AAM
19
+ * @version 6.0.0
20
  */
21
+ class AAM_Backend_Subject
22
+ {
23
+
24
+ use AAM_Core_Contract_RequestTrait,
25
+ AAM_Core_Contract_SingletonTrait;
26
+
 
 
 
 
 
 
27
  /**
28
  * Subject information
29
+ *
30
  * @var AAM_Core_Subject
31
+ *
32
  * @access protected
33
+ * @version 6.0.0
34
  */
35
  protected $subject = null;
36
+
37
  /**
38
  * Constructor
39
+ *
40
  * @return void
41
+ *
42
  * @access protected
43
+ * @version 6.0.0
44
  */
45
+ protected function __construct()
46
+ {
47
+ $subject = $this->getFromPost('subject');
48
+
49
  if ($subject) {
50
+ $this->initRequestedSubject($subject, $this->getFromPost('subjectId'));
 
 
51
  } else {
52
  $this->initDefaultSubject();
53
  }
54
  }
55
+
56
+ /**
57
+ * Check if current subject is role
58
+ *
59
+ * @return boolean
60
+ *
61
+ * @access public
62
+ * @version 6.0.0
63
+ */
64
+ public function isRole()
65
+ {
66
+ return $this->getSubjectType() === AAM_Core_Subject_Role::UID;
67
+ }
68
+
69
+ /**
70
+ * Check if current subject is user
71
+ *
72
+ * @return boolean
73
+ *
74
+ * @access public
75
+ * @version 6.0.0
76
+ */
77
+ public function isUser()
78
+ {
79
+ return $this->getSubjectType() === AAM_Core_Subject_User::UID;
80
+ }
81
+
82
+ /**
83
+ * Check if current subject is visitor
84
+ *
85
+ * @return boolean
86
+ *
87
+ * @access public
88
+ * @version 6.0.0
89
+ */
90
+ public function isVisitor()
91
+ {
92
+ return $this->getSubjectType() === AAM_Core_Subject_Visitor::UID;
93
+ }
94
+
95
+ /**
96
+ * Check if current subject is default
97
+ *
98
+ * @return boolean
99
+ *
100
+ * @access public
101
+ * @version 6.0.0
102
+ */
103
+ public function isDefault()
104
+ {
105
+ return $this->getSubjectType() === AAM_Core_Subject_Default::UID;
106
+ }
107
+
108
+ /**
109
+ * Get current subject type
110
+ *
111
+ * @return boolean
112
+ *
113
+ * @access public
114
+ * @version 6.0.0
115
+ */
116
+ public function getSubjectType()
117
+ {
118
+ $subject = $this->getSubject();
119
+
120
+ return $subject::UID;
121
+ }
122
+
123
  /**
124
  * Initialize requested subject
125
+ *
126
  * @param string $type
127
+ * @param mixed $id
128
+ *
129
+ * @return AAM_Core_Subject
130
+ *
131
  * @access protected
132
+ * @version 6.0.0
133
  */
134
+ protected function initRequestedSubject($type, $id)
135
+ {
136
+ if ($type === AAM_Core_Subject_User::UID) {
137
+ $subject = AAM::api()->getUser(intval($id));
138
+ } elseif ($type === AAM_Core_Subject_Default::UID) {
139
+ $subject = AAM_Core_Subject_Default::getInstance();
 
 
140
  } else {
141
+ $class_name = 'AAM_Core_Subject_' . ucfirst($type);
142
+ $subject = new $class_name(stripslashes($id));
143
  }
144
+
145
+ $this->setSubject($subject);
146
+
147
  return $subject;
148
  }
149
+
150
  /**
151
  * Initialize default subject
152
+ *
153
  * Based on user permissions, pick the first available subject that current user
154
  * can manage with AAM UI
155
+ *
156
  * @return void
157
+ *
158
  * @access protected
159
+ * @version 6.0.0
160
  */
161
+ protected function initDefaultSubject()
162
+ {
163
+ if (current_user_can('aam_manage_roles')) {
 
 
 
 
164
  $roles = array_keys(get_editable_roles());
 
 
 
165
  $this->initRequestedSubject(
166
+ AAM_Core_Subject_Role::UID, array_shift($roles)
167
+ );
168
+ } elseif (current_user_can('aam_manage_users')) {
169
+ $this->initRequestedSubject(
170
+ AAM_Core_Subject_User::UID, get_current_user_id()
171
  );
 
172
  } elseif (current_user_can('aam_manage_visitors')) {
173
  $this->initRequestedSubject(AAM_Core_Subject_Visitor::UID, null);
174
  } elseif (current_user_can('aam_manage_default')) {
175
  $this->initRequestedSubject(AAM_Core_Subject_Default::UID, null);
176
+ } else {
177
+ wp_die(__('You are not allowed to manage any AAM subject', AAM_KEY));
178
  }
179
  }
180
+
181
  /**
182
+ * Set AAM core subject
183
+ *
184
  * @param AAM_Core_Subject $subject
185
+ *
186
  * @access protected
187
+ * @version 6.0.0
188
  */
189
+ protected function setSubject(AAM_Core_Subject $subject)
190
+ {
191
  $this->subject = $subject;
192
  }
193
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
194
  /**
195
  * Get subject property
196
+ *
197
  * @return mixed
198
+ *
199
  * @access public
200
+ * @version 6.0.0
201
  */
202
+ public function __get($name)
203
+ {
204
+ return $this->subject->$name;
205
  }
206
+
207
  /**
208
  * Call subject's method
209
+ *
210
  * @param string $name
211
  * @param array $args
212
+ *
213
  * @return mixed
214
+ *
215
  * @access public
216
+ * @version 6.0.0
217
  */
218
+ public function __call($name, $args)
219
+ {
220
+ $response = null;
221
  //make sure that method is callable
222
  if (method_exists($this->subject, $name)) {
223
  $response = call_user_func_array(array($this->subject, $name), $args);
224
  } else {
225
+ _doing_it_wrong(
226
+ static::class . '::' . $name,
227
+ 'Backend Subject does not have method defined',
228
+ AAM_VERSION
229
+ );
230
  }
231
 
232
  return $response;
233
  }
234
+
235
  /**
236
+ * Get AAM core subject
237
+ *
238
  * @return AAM_Core_Subject
239
+ *
240
  * @access public
241
+ * @version 6.0.0
242
  */
243
+ public function getSubject()
244
+ {
245
  return $this->subject;
246
  }
247
+
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
248
  }
application/Backend/View.php CHANGED
@@ -5,232 +5,380 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Backend view manager
12
- *
 
 
 
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_View {
 
 
 
 
17
 
18
  /**
19
- * Instance of itself
20
- *
21
- * @var AAM_Backend_View
22
- *
23
- * @access private
 
24
  */
25
- private static $_instance = null;
 
 
 
 
 
 
 
 
26
 
27
  /**
28
- * Construct the view object
29
- *
30
- * @return void
31
- *
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
32
  * @access protected
 
33
  */
34
- protected function __construct() {
35
- //register default features
36
- AAM_Backend_Feature_Main_GetStarted::register();
37
- AAM_Backend_Feature_Main_Policy::register();
38
- AAM_Backend_Feature_Main_Menu::register();
39
- AAM_Backend_Feature_Main_Toolbar::register();
40
- AAM_Backend_Feature_Main_Metabox::register();
41
- AAM_Backend_Feature_Main_Capability::register();
42
- AAM_Backend_Feature_Main_Route::register();
43
- AAM_Backend_Feature_Main_Post::register();
44
- AAM_Backend_Feature_Main_Redirect::register();
45
- AAM_Backend_Feature_Main_LoginRedirect::register();
46
- AAM_Backend_Feature_Main_LogoutRedirect::register();
47
- AAM_Backend_Feature_Main_404Redirect::register();
48
- AAM_Backend_Feature_Main_Uri::register();
49
- AAM_Backend_Feature_Main_Jwt::register();
50
-
51
- AAM_Backend_Feature_Settings_Core::register();
52
- AAM_Backend_Feature_Settings_Content::register();
53
- AAM_Backend_Feature_Settings_Security::register();
54
- AAM_Backend_Feature_Settings_ConfigPress::register();
55
-
56
- //feature registration hook
57
- do_action('aam-feature-registration-action');
58
  }
59
-
60
  /**
61
  * Process the ajax call
62
  *
63
  * @return string
64
  *
65
  * @access public
 
66
  */
67
- public function processAjax() {
 
68
  $response = null;
69
-
70
- $action = AAM_Core_Request::request('sub_action');
71
- $parts = explode('.', $action);
72
-
 
73
  if (count($parts) === 2) {
74
- try {
75
- $classname = 'AAM_Backend_Feature_' . $parts[0];
76
- if (class_exists($classname)) {
77
- $response = call_user_func(array(new $classname, $parts[1]));
78
- }
79
- } catch (Exception $e) {
80
- $response = $e->getMessage();
81
  }
82
  }
83
-
84
  return apply_filters(
85
- 'aam-ajax-filter',
86
- $response,
87
- AAM_Backend_Subject::getInstance()->get(),
88
- $action
89
  );
90
  }
91
-
92
  /**
93
- * Run the Manager
 
 
94
  *
95
  * @return string
96
  *
97
  * @access public
 
98
  */
99
- public function renderPage() {
100
- return $this->loadTemplate(dirname(__FILE__) . '/phtml/index.phtml');
 
101
  }
102
-
103
  /**
104
- * Run the Manager
105
  *
106
  * @return string
107
  *
108
  * @access public
 
109
  */
110
- public function renderAccessFrame() {
111
- return $this->loadTemplate(
112
- dirname(__FILE__) . '/phtml/metabox/metabox-content.phtml'
113
- );
114
- }
115
-
116
- /**
117
- *
118
- * @param type $post
119
- * @return type
120
- */
121
- public function renderPostMetabox($post) {
122
- return $this->loadTemplate(
123
- dirname(__FILE__) . '/phtml/metabox/post-metabox.phtml',
124
- (object) array('post' => $post)
125
- );
 
 
 
 
 
 
 
 
 
 
 
 
126
  }
127
-
128
  /**
129
- *
130
- * @param type $post
131
- * @return type
 
 
 
 
 
132
  */
133
- public function renderPolicyMetabox($post) {
134
- return $this->loadTemplate(
135
- dirname(__FILE__) . '/phtml/metabox/policy-metabox.phtml',
 
136
  (object) array('post' => $post)
137
  );
138
  }
139
-
140
  /**
141
- *
142
- * @param type $post
143
- * @return type
 
 
 
 
 
144
  */
145
- public function renderPolicyPrincipalMetabox($post) {
146
- return $this->loadTemplate(
147
- dirname(__FILE__) . '/phtml/metabox/policy-principal-metabox.phtml',
148
- (object) array('post' => $post)
 
 
 
 
149
  );
150
  }
151
-
152
  /**
153
- *
154
- * @param type $term
155
- * @return type
 
 
 
 
 
156
  */
157
- public function renderTermMetabox($term) {
158
- return $this->loadTemplate(
159
- dirname(__FILE__) . '/phtml/metabox/term-metabox.phtml',
160
- (object) array('term' => $term)
 
 
 
161
  );
162
  }
163
 
164
  /**
165
- * Render the Main Control Area
166
  *
167
- * @param string $type
168
- *
169
- * @return void
170
  *
171
  * @access public
 
 
172
  */
173
- public function renderContent($type = 'main') {
174
- $content = apply_filters('aam-ui-content-filter', null, $type);
175
-
176
- if (is_null($content) && current_user_can('aam_manager')) {
177
- ob_start();
178
- if ($type === 'extensions' && current_user_can('aam_manage_settings')) {
179
- AAM_Backend_Feature_Extension_Manager::getInstance()->render();
180
- } elseif ($type === 'postform' && current_user_can('aam_manage_posts')) {
181
- echo AAM_Backend_Feature_Main_Post::renderAccessForm();
182
- } else {
183
- require_once dirname(__FILE__) . '/phtml/main-panel.phtml';
184
- }
185
- $content = ob_get_contents();
186
- ob_end_clean();
187
  }
188
-
189
- return $content;
190
- }
191
-
192
- /**
193
- *
194
- * @param type $partial
195
- * @return type
196
- */
197
- public function loadPartial($partial) {
198
- return $this->loadTemplate(dirname(__FILE__) . '/phtml/partial/' . $partial);
199
  }
200
-
201
  /**
202
- * Load template
203
- *
204
- * @param string $filepath
205
- *
206
  * @return string
207
- *
208
- * @access protected
 
 
209
  */
210
- protected function loadTemplate($filepath, $args = null) {
211
- ob_start();
212
-
213
- require_once $filepath;
214
- $content = ob_get_contents();
215
-
216
- ob_end_clean();
 
 
 
 
 
217
 
218
  return $content;
219
  }
220
 
221
  /**
222
- * Get instance of itself
223
- *
224
- * @return AAM_Backend_View
225
- *
 
 
 
 
 
226
  * @access public
 
227
  */
228
- public static function getInstance() {
229
- if (is_null(self::$_instance)) {
230
- self::$_instance = new self;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
231
  }
232
 
233
- return self::$_instance;
234
  }
235
 
236
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Backend view manager
14
+ *
15
+ * This class is used to manage all AAM UI templates and interaction of the UI with
16
+ * AAM backend core
17
+ *
18
  * @package AAM
19
+ * @version 6.0.0
20
  */
21
+ class AAM_Backend_View
22
+ {
23
+
24
+ use AAM_Core_Contract_RequestTrait,
25
+ AAM_Core_Contract_SingletonTrait;
26
 
27
  /**
28
+ * Constructor
29
+ *
30
+ * @return void
31
+ *
32
+ * @access protected
33
+ * @version 6.0.0
34
  */
35
+ protected function __construct()
36
+ {
37
+ $subject = AAM_Backend_Subject::getInstance();
38
+
39
+ // Allow other plugins to register new AAM UI tabs/features
40
+ do_action(
41
+ 'aam_init_ui_action', 'AAM_Backend_Feature::registerFeature', $subject
42
+ );
43
+ }
44
 
45
  /**
46
+ * Load partial template
47
+ *
48
+ * The specified template has to be located inside the ./tmpl/partial folder
49
+ *
50
+ * @param string $tmpl
51
+ * @param array $params
52
+ *
53
+ * @return string|null
54
+ *
55
+ * @access public
56
+ * @version 6.0.0
57
+ */
58
+ public static function loadPartial($tmpl, $params = array())
59
+ {
60
+ if (preg_match('/^[a-z-]+$/i', $tmpl)) {
61
+ $html = self::loadTemplate(
62
+ __DIR__ . "/tmpl/partial/{$tmpl}.php",
63
+ (is_object($params) ? $params : (object) $params)
64
+ );
65
+ } else {
66
+ $html = null;
67
+ }
68
+
69
+ return $html;
70
+ }
71
+
72
+ /**
73
+ * Load dynamic template
74
+ *
75
+ * @param string $file_path
76
+ * @param object $params
77
+ *
78
+ * @return string
79
+ *
80
+ * @access public
81
+ * @version 6.0.0
82
+ */
83
+ public static function loadTemplate($file_path, $params = null)
84
+ {
85
+ ob_start();
86
+
87
+ require_once $file_path;
88
+ $content = ob_get_contents();
89
+
90
+ ob_end_clean();
91
+
92
+ return $content;
93
+ }
94
+
95
+ /**
96
+ * Prepare AAM iFrame WordPress assets URL
97
+ *
98
+ * Based on the provided $type, return either JS or CSS URL
99
+ *
100
+ * @param string $type
101
+ *
102
+ * @return string
103
+ *
104
  * @access protected
105
+ * @version 6.0.0
106
  */
107
+ protected static function prepareIframeWPAssetsURL($type)
108
+ {
109
+ global $wp_scripts, $compress_scripts, $compress_css;
110
+
111
+ if ($type === 'js') {
112
+ $zip = $compress_scripts ? 1 : 0;
113
+ $script = 'load-scripts.php';
114
+ $concat = 'jquery-core,jquery-migrate';
115
+ } else {
116
+ $zip = $compress_css ? 1 : 0;
117
+ $script = 'load-styles.php';
118
+ $concat = 'wp-edit-post,common';
119
+ }
120
+
121
+ if ($zip && defined('ENFORCE_GZIP') && ENFORCE_GZIP) {
122
+ $zip = 'gzip';
123
+ }
124
+
125
+ $src = $wp_scripts->base_url . "/wp-admin/{$script}?c={$zip}&";
126
+ $src .= "load%5B%5D={$concat}&ver=" . $wp_scripts->default_version;
127
+
128
+ return esc_attr($src);
 
 
129
  }
130
+
131
  /**
132
  * Process the ajax call
133
  *
134
  * @return string
135
  *
136
  * @access public
137
+ * @version 6.0.0
138
  */
139
+ public function processAjax()
140
+ {
141
  $response = null;
142
+
143
+ $action = $this->getFromPost('sub_action');
144
+ $parts = explode('.', $action);
145
+ $subject = AAM_Backend_Subject::getInstance();
146
+
147
  if (count($parts) === 2) {
148
+ $id = 'AAM_Backend_Feature_' . $parts[0];
149
+
150
+ if (AAM_Backend_Feature::isFeatureRegistered($id)) {
151
+ $response = call_user_func(
152
+ array(AAM_Backend_Feature::getFeatureView($id), $parts[1])
153
+ );
 
154
  }
155
  }
156
+
157
  return apply_filters(
158
+ 'aam_ajax_filter', $response, $subject->getSubject(), $action
 
 
 
159
  );
160
  }
161
+
162
  /**
163
+ * Render the main AAM page
164
+ *
165
+ * This is the landing page for the /wp-admin/admin.php?page=aam
166
  *
167
  * @return string
168
  *
169
  * @access public
170
+ * @version 6.0.0
171
  */
172
+ public function renderPage()
173
+ {
174
+ return $this->loadTemplate(dirname(__FILE__) . '/tmpl/index.php');
175
  }
176
+
177
  /**
178
+ * Run AAM iFrame
179
  *
180
  * @return string
181
  *
182
  * @access public
183
+ * @version 6.0.0
184
  */
185
+ public function renderIFrame($type)
186
+ {
187
+ $basedir = dirname(__FILE__) . '/tmpl/metabox/';
188
+
189
+ if (current_user_can('aam_manager')) {
190
+ if (($type === 'post') && current_user_can('aam_manage_content')) {
191
+ echo $this->loadTemplate(
192
+ $basedir . 'post-iframe.php',
193
+ (object) array(
194
+ 'objectId' => $this->getFromQuery('id'),
195
+ 'objectType' => $this->getFromQuery('type'),
196
+ 'postManager' => new AAM_Backend_Feature_Main_Post()
197
+ )
198
+ );
199
+ } elseif ($type === 'user' && current_user_can('aam_manage_users')) {
200
+ echo $this->loadTemplate(
201
+ $basedir . 'user-iframe.php',
202
+ (object) array(
203
+ 'user' => new WP_User($this->getFromQuery('id')),
204
+ 'type' => 'main'
205
+ )
206
+ );
207
+ } else {
208
+ echo apply_filters('aam_iframe_content_filter', null, $type, $this);
209
+ }
210
+ }
211
+
212
+ exit;
213
  }
214
+
215
  /**
216
+ * Render Access Manager metabox iFrame element for posts
217
+ *
218
+ * @param WP_Post $post
219
+ *
220
+ * @return string
221
+ *
222
+ * @access public
223
+ * @version 6.0.0
224
  */
225
+ public static function renderPostMetabox($post)
226
+ {
227
+ return static::loadTemplate(
228
+ dirname(__FILE__) . '/tmpl/metabox/post-metabox.php',
229
  (object) array('post' => $post)
230
  );
231
  }
232
+
233
  /**
234
+ * Render Access Manager metabox iFrame element for terms
235
+ *
236
+ * @param WP_Term $term
237
+ *
238
+ * @return string
239
+ *
240
+ * @access public
241
+ * @version 6.0.0
242
  */
243
+ public static function renderTermMetabox($term)
244
+ {
245
+ return static::loadTemplate(
246
+ dirname(__FILE__) . '/tmpl/metabox/term-metabox.php',
247
+ (object) array(
248
+ 'term' => $term,
249
+ 'postType' => $this->getFromQuery('post_type')
250
+ )
251
  );
252
  }
253
+
254
  /**
255
+ * Render Access Manager metabox iFrame element for user
256
+ *
257
+ * @param WP_User $term
258
+ *
259
+ * @return string
260
+ *
261
+ * @access public
262
+ * @version 6.0.0
263
  */
264
+ public static function renderUserMetabox($user)
265
+ {
266
+ return static::loadTemplate(
267
+ dirname(__FILE__) . '/tmpl/metabox/user-metabox.php',
268
+ (object) array(
269
+ 'user' => $user
270
+ )
271
  );
272
  }
273
 
274
  /**
275
+ * Render Access Policy editor
276
  *
277
+ * @return string
 
 
278
  *
279
  * @access public
280
+ * @global WP_Post $post
281
+ * @version 6.0.0
282
  */
283
+ public static function renderPolicyMetabox()
284
+ {
285
+ global $post;
286
+
287
+ if (is_a($post, 'WP_Post')) {
288
+ $content = static::loadTemplate(
289
+ dirname(__FILE__) . '/tmpl/metabox/policy-metabox.php',
290
+ (object) array('post' => $post)
291
+ );
292
+ } else {
293
+ $content = null;
 
 
 
294
  }
295
+
296
+ return $content;
 
 
 
 
 
 
 
 
 
297
  }
298
+
299
  /**
300
+ * Render policy principal metabox
301
+ *
 
 
302
  * @return string
303
+ *
304
+ * @access public
305
+ * @global WP_Post $post
306
+ * @version 6.0.0
307
  */
308
+ public static function renderPolicyPrincipalMetabox()
309
+ {
310
+ global $post;
311
+
312
+ if (is_a($post, 'WP_Post')) {
313
+ $content = static::loadTemplate(
314
+ dirname(__FILE__) . '/tmpl/metabox/policy-principal-metabox.php',
315
+ (object) array('post' => $post)
316
+ );
317
+ } else {
318
+ $content = null;
319
+ }
320
 
321
  return $content;
322
  }
323
 
324
  /**
325
+ * Render the AAM HTML content
326
+ *
327
+ * Depending on the $type of the content, verify correct permissions and load
328
+ * proper HTML template.
329
+ *
330
+ * @param string $type
331
+ *
332
+ * @return string
333
+ *
334
  * @access public
335
+ * @version 6.0.0
336
  */
337
+ public function renderContent($type = 'main')
338
+ {
339
+ $basedir = __DIR__ . '/tmpl/page/';
340
+
341
+ switch ($type) {
342
+ case 'main':
343
+ // No need to do the authorization as this is already done in the
344
+ // AAM_Backend_Manager class
345
+ $content = $this->loadTemplate(
346
+ $basedir . 'main-panel.php',
347
+ (object) array('type' => 'main')
348
+ );
349
+ break;
350
+
351
+ case 'settings':
352
+ if (current_user_can('aam_manage_settings')) {
353
+ $content = $this->loadTemplate(
354
+ $basedir . 'main-panel.php',
355
+ (object) array('type' => 'settings')
356
+ );
357
+ }
358
+ break;
359
+
360
+ case 'extensions':
361
+ if (current_user_can('aam_manage_addons')) {
362
+ $content = $this->loadTemplate($basedir . 'addon-panel.php');
363
+ }
364
+ break;
365
+
366
+ case 'post-access-form':
367
+ $type = $this->getFromPost('type'); // Type of object to load
368
+ $id = $this->getFromPost('id'); // Object Id
369
+
370
+ $manager = new AAM_Backend_Feature_Main_Post();
371
+ $content = $manager->getAccessForm($id, $type);
372
+ break;
373
+
374
+ default:
375
+ // Allow other plugins to hook into the AAM template rendering with
376
+ // with custom HTML
377
+ $content = apply_filters('aam_ui_content_filter', null, $type);
378
+ break;
379
  }
380
 
381
+ return $content;
382
  }
383
 
384
  }
application/Backend/View/Helper.php CHANGED
@@ -5,31 +5,36 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Backend view helper
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Backend_View_Helper {
 
17
 
18
  /**
19
  * Prepare phrase or label
20
- *
21
  * @param string $phrase
22
  * @param mixed $...
23
- *
24
  * @return string
25
- *
26
  * @access protected
 
27
  */
28
- public static function preparePhrase($phrase) {
29
- //prepare search patterns
 
30
  $num = func_num_args();
31
  $search = ($num > 1 ? array_fill(0, ($num - 1) * 2, null) : array());
32
-
33
  array_walk($search, 'AAM_Backend_View_Helper::prepareWalk');
34
 
35
  $replace = array();
@@ -37,51 +42,24 @@ class AAM_Backend_View_Helper {
37
  array_push($replace, "<{$key}>", "</{$key}>");
38
  }
39
 
40
- //localize the phase first
41
  return preg_replace($search, $replace, __($phrase, AAM_KEY), 1);
42
  }
43
-
44
  /**
45
- *
 
46
  * @param string $value
47
- * @param type $index
48
- */
49
- public static function prepareWalk(&$value, $index) {
50
- $value = '/\\' . ($index % 2 ? ']' : '[') . '/';
51
- }
52
-
53
- /**
54
- * Get default Access Policy
55
- *
56
- * @global string $wp_version
57
- *
58
- * @return string
59
- *
60
  * @access public
61
- * @static
62
- * @since v5.7.3
63
  */
64
- public static function getDefaultPolicy() {
65
- global $wp_version;
66
-
67
- $aamVersion = AAM_Core_API::version();
68
-
69
- return <<<EOT
70
- {
71
- "Version": "1.0.0",
72
- "Dependency": {
73
- "wordpress": ">=$wp_version",
74
- "advanced-access-manager": ">=$aamVersion"
75
- },
76
- "Statement": [
77
- {
78
- "Effect": "deny",
79
- "Resource": [],
80
- "Action": []
81
- }
82
- ]
83
- }
84
- EOT;
85
  }
86
-
87
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Backend view helper
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_View_Helper
19
+ {
20
 
21
  /**
22
  * Prepare phrase or label
23
+ *
24
  * @param string $phrase
25
  * @param mixed $...
26
+ *
27
  * @return string
28
+ *
29
  * @access protected
30
+ * @version 6.0.0
31
  */
32
+ public static function preparePhrase($phrase)
33
+ {
34
+ // Prepare search patterns
35
  $num = func_num_args();
36
  $search = ($num > 1 ? array_fill(0, ($num - 1) * 2, null) : array());
37
+
38
  array_walk($search, 'AAM_Backend_View_Helper::prepareWalk');
39
 
40
  $replace = array();
42
  array_push($replace, "<{$key}>", "</{$key}>");
43
  }
44
 
45
+ // Localize the phase first
46
  return preg_replace($search, $replace, __($phrase, AAM_KEY), 1);
47
  }
48
+
49
  /**
50
+ * Prepare the wrapper replacement
51
+ *
52
  * @param string $value
53
+ * @param int $index
54
+ *
55
+ * @return void
56
+ *
 
 
 
 
 
 
 
 
 
57
  * @access public
58
+ * @version 6.0.0
 
59
  */
60
+ public static function prepareWalk(&$value, $index)
61
+ {
62
+ $value = '/\\' . ($index % 2 ? ']' : '[') . '/';
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
63
  }
64
+
65
  }
application/Backend/View/Localization.php CHANGED
@@ -5,30 +5,38 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
- * Localization
12
- *
 
 
13
  */
14
- class AAM_Backend_View_Localization {
 
15
 
16
  /**
17
  * Get localization array
18
- *
19
  * @return array
20
- *
21
  * @access public
22
- * @static
23
  */
24
- public static function get() {
 
25
  return array(
26
  'Search Capability' => __('Search Capability', AAM_KEY),
27
  '_TOTAL_ capability(s)' => __('_TOTAL_ capability(s)', AAM_KEY),
28
  'Saving...' => __('Saving...', AAM_KEY),
 
29
  'Failed to add new capability' => __('Failed to add new capability', AAM_KEY),
30
  'Application error' => __('Application error', AAM_KEY),
31
  'Add Capability' => __('Add Capability', AAM_KEY),
 
32
  'Show Menu' => __('Show Menu', AAM_KEY),
33
  'Restrict Menu' => __('Restrict Menu', AAM_KEY),
34
  'Failed to retrieve mataboxes' => __('Failed to retrieve mataboxes', AAM_KEY),
@@ -36,7 +44,8 @@ class AAM_Backend_View_Localization {
36
  '_TOTAL_ object(s)' => __('_TOTAL_ object(s)', AAM_KEY),
37
  'Failed' => __('Failed', AAM_KEY),
38
  'Loading...' => __('Loading...', AAM_KEY),
39
- 'No Role' => __('No Role', AAM_KEY),
 
40
  'Search Role' => __('Search Role', AAM_KEY),
41
  '_TOTAL_ role(s)' => __('_TOTAL_ role(s)', AAM_KEY),
42
  'Create' => __('Create', AAM_KEY),
@@ -45,27 +54,93 @@ class AAM_Backend_View_Localization {
45
  'Add Role' => __('Add Role', AAM_KEY),
46
  'Failed to update role' => __('Failed to update role', AAM_KEY),
47
  'Update' => __('Update', AAM_KEY),
 
 
48
  'Deleting...' => __('Deleting...', AAM_KEY),
49
  'Failed to delete role' => __('Failed to delete role', AAM_KEY),
50
  'Delete Role' => __('Delete Role', AAM_KEY),
51
- 'Failed to block user' => __('Failed to block user', AAM_KEY),
52
- 'Search User' => __('Search User', AAM_KEY),
 
53
  '_TOTAL_ user(s)' => __('_TOTAL_ user(s)', AAM_KEY),
 
54
  'Role' => __('Role', AAM_KEY),
 
 
 
 
 
55
  'Anonymous' => __('Anonymous', AAM_KEY),
 
 
 
 
56
  'Current user' => __('Current user', AAM_KEY),
57
  'Current role' => __('Current role', AAM_KEY),
58
  'Manage Access' => __('Manage Access', AAM_KEY),
 
59
  'Edit' => __('Edit', AAM_KEY),
60
- 'Manage Role' => __('Manage Role', AAM_KEY),
61
- 'Edit Role' => __('Edit Role', AAM_KEY),
62
- 'Delete Role' => __('Delete Role', AAM_KEY),
63
- 'Manage User' => __('Manage User', AAM_KEY),
64
- 'Edit User' => __('Edit User', AAM_KEY),
65
- 'Lock User' => __('Lock User', AAM_KEY),
66
- 'Unlock User' => __('Unlock User', AAM_KEY),
67
- 'Failed to grand capability - WordPress policy' => __('Failed to grand capability - WordPress policy', AAM_KEY),
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
68
  );
69
  }
70
 
71
- }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
+ * JS localization for AAM backend UI
14
+ *
15
+ * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_View_Localization
19
+ {
20
 
21
  /**
22
  * Get localization array
23
+ *
24
  * @return array
25
+ *
26
  * @access public
27
+ * @version 6.0.0
28
  */
29
+ public static function get()
30
+ {
31
  return array(
32
  'Search Capability' => __('Search Capability', AAM_KEY),
33
  '_TOTAL_ capability(s)' => __('_TOTAL_ capability(s)', AAM_KEY),
34
  'Saving...' => __('Saving...', AAM_KEY),
35
+ 'Execute Migration' => __('Execute Migration', AAM_KEY),
36
  'Failed to add new capability' => __('Failed to add new capability', AAM_KEY),
37
  'Application error' => __('Application error', AAM_KEY),
38
  'Add Capability' => __('Add Capability', AAM_KEY),
39
+ 'Update Capability' => __('Update Capability', AAM_KEY),
40
  'Show Menu' => __('Show Menu', AAM_KEY),
41
  'Restrict Menu' => __('Restrict Menu', AAM_KEY),
42
  'Failed to retrieve mataboxes' => __('Failed to retrieve mataboxes', AAM_KEY),
44
  '_TOTAL_ object(s)' => __('_TOTAL_ object(s)', AAM_KEY),
45
  'Failed' => __('Failed', AAM_KEY),
46
  'Loading...' => __('Loading...', AAM_KEY),
47
+ 'No role' => __('No role', AAM_KEY),
48
+ 'Create New Role' => __('Create New Role', AAM_KEY),
49
  'Search Role' => __('Search Role', AAM_KEY),
50
  '_TOTAL_ role(s)' => __('_TOTAL_ role(s)', AAM_KEY),
51
  'Create' => __('Create', AAM_KEY),
54
  'Add Role' => __('Add Role', AAM_KEY),
55
  'Failed to update role' => __('Failed to update role', AAM_KEY),
56
  'Update' => __('Update', AAM_KEY),
57
+ 'Reset' => __('Reset', AAM_KEY),
58
+ 'Resetting...' => __('Update...', AAM_KEY),
59
  'Deleting...' => __('Deleting...', AAM_KEY),
60
  'Failed to delete role' => __('Failed to delete role', AAM_KEY),
61
  'Delete Role' => __('Delete Role', AAM_KEY),
62
+ 'Failed to lock user' => __('Failed to lock user', AAM_KEY),
63
+ 'Search user' => __('Search user', AAM_KEY),
64
+ 'Counter was reset successfully' => __('Counter was reset successfully', AAM_KEY),
65
  '_TOTAL_ user(s)' => __('_TOTAL_ user(s)', AAM_KEY),
66
+ 'Create New User' => __('Create New User', AAM_KEY),
67
  'Role' => __('Role', AAM_KEY),
68
+ 'All Users, Roles and Visitor' => __('All Users, Roles and Visitor', AAM_KEY),
69
+ 'Failed to apply policy changes' => __('Failed to apply policy changes', AAM_KEY),
70
+ 'Attach Policy To Visitors' => __('Attach Policy To Visitors', AAM_KEY),
71
+ 'Detach Policy From Visitors' => __('Detach Policy From Visitors', AAM_KEY),
72
+ 'Generating URL...' => __('Generating URL...', AAM_KEY),
73
  'Anonymous' => __('Anonymous', AAM_KEY),
74
+ 'Processing...' => __('Processing...', AAM_KEY),
75
+ 'Loading roles...' => __('Loading roles...', AAM_KEY),
76
+ 'Failed to generate JWT token' => __('Failed to generate JWT token', AAM_KEY),
77
+ 'Failed to process request' => __('Failed to process request', AAM_KEY),
78
  'Current user' => __('Current user', AAM_KEY),
79
  'Current role' => __('Current role', AAM_KEY),
80
  'Manage Access' => __('Manage Access', AAM_KEY),
81
+ 'Filter by role' => __('Filter by role', AAM_KEY),
82
  'Edit' => __('Edit', AAM_KEY),
83
+ 'Save' => __('Save', AAM_KEY),
84
+ 'Manage role' => __('Manage role', AAM_KEY),
85
+ 'Edit role' => __('Edit role', AAM_KEY),
86
+ 'Delete role' => __('Delete role', AAM_KEY),
87
+ 'Clone role' => __('Clone role', AAM_KEY),
88
+ 'Manage user' => __('Manage user', AAM_KEY),
89
+ 'Edit user' => __('Edit user', AAM_KEY),
90
+ 'Lock user' => __('Lock user', AAM_KEY),
91
+ 'Unlock user' => __('Unlock user', AAM_KEY),
92
+ 'WordPress core does not allow to grant this capability' => __('WordPress core does not allow to grant this capability', AAM_KEY),
93
+ 'Detach Policy From Everybody' => __('Detach Policy From Everybody', AAM_KEY),
94
+ 'Attach Policy To Everybody' => __('Attach Policy To Everybody', AAM_KEY),
95
+ 'Search Policy' => __('Search Policy', AAM_KEY),
96
+ '_TOTAL_ Policies' => __('_TOTAL_ Policies', AAM_KEY),
97
+ 'Apply Policy' => __('Apply Policy', AAM_KEY),
98
+ 'Revoke Policy' => __('Revoke Policy', AAM_KEY),
99
+ 'Edit Policy' => __('Edit Policy', AAM_KEY),
100
+ 'Uncheck to allow' => __('Uncheck to allow', AAM_KEY),
101
+ 'Check to restrict' => __('Check to restrict', AAM_KEY),
102
+ 'Uncheck to show' => __('Uncheck to show', AAM_KEY),
103
+ 'Check to hide' => __('Check to hide', AAM_KEY),
104
+ 'Initialize' => __('Initialize', AAM_KEY),
105
+ 'No capabilities' => __('No capabilities', AAM_KEY),
106
+ 'Post Type' => __('Post Type', AAM_KEY),
107
+ 'Hierarchical Taxonomy' => __('Hierarchical Taxonomy', AAM_KEY),
108
+ 'Hierarchical Term' => __('Hierarchical Term', AAM_KEY),
109
+ 'Tag Taxonomy' => __('Tag Taxonomy', AAM_KEY),
110
+ 'Tag' => __('Tag', AAM_KEY),
111
+ 'Customized Settings' => __('Customized Settings', AAM_KEY),
112
+ 'Parent' => __('Parent', AAM_KEY),
113
+ 'Drill-Down' => __('Drill-Down', AAM_KEY),
114
+ '_TOTAL_ route(s)' => __('_TOTAL_ route(s)', AAM_KEY),
115
+ 'No API endpoints found. You might have APIs disabled.' => __('No API endpoints found. You might have APIs disabled.', AAM_KEY),
116
+ 'Nothing to show' => __('Nothing to show', AAM_KEY),
117
+ 'Failed to save URI rule' => __('Failed to save URI rule', AAM_KEY),
118
+ 'Failed to delete URI rule' => __('Failed to delete URI rule', AAM_KEY),
119
+ '_TOTAL_ URI(s)' => __('_TOTAL_ URI(s)', AAM_KEY),
120
+ 'Edit Rule' => __('Edit Rule', AAM_KEY),
121
+ 'Delete Rule' => __('Delete Rule', AAM_KEY),
122
+ 'Denied' => __('Denied', AAM_KEY),
123
+ 'Redirected' => __('Redirected', AAM_KEY),
124
+ 'Callback' => __('Callback', AAM_KEY),
125
+ 'Allowed' => __('Allowed', AAM_KEY),
126
+ 'Generating token...' => __('Generating token...', AAM_KEY),
127
+ '_TOTAL_ token(s)' => __('_TOTAL_ token(s)', AAM_KEY),
128
+ 'No JWT tokens have been generated.' => __('No JWT tokens have been generated.', AAM_KEY),
129
+ 'Delete Token' => __('Delete Token', AAM_KEY),
130
+ 'View Token' => __('View Token', AAM_KEY),
131
+ 'Creating...' => __('Creating...', AAM_KEY),
132
+ 'Search Service' => __('Search Service', AAM_KEY),
133
+ '_TOTAL_ service(s)' => __('_TOTAL_ service(s)', AAM_KEY),
134
+ 'Enabled' => __('Enabled', AAM_KEY),
135
+ 'Disabled' => __('Disabled', AAM_KEY),
136
+ 'All settings has been cleared successfully' => __('All settings has been cleared successfully', AAM_KEY),
137
+ 'Clear' => __('Clear', AAM_KEY),
138
+ 'Select Role' => __('Select Role', AAM_KEY),
139
+ 'Data has been saved to clipboard' => __('Data has been saved to clipboard', AAM_KEY),
140
+ 'Failed to save data to clipboard' => __('Failed to save data to clipboard', AAM_KEY),
141
+ 'Operation completed successfully' => __('Operation completed successfully', AAM_KEY),
142
+ 'Unexpected application error' => __('Unexpected application error', AAM_KEY)
143
  );
144
  }
145
 
146
+ }
application/Backend/View/PostOptionList.php CHANGED
@@ -5,165 +5,89 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
- * Post option list
 
 
 
12
  */
13
- class AAM_Backend_View_PostOptionList {
 
14
 
15
  /**
16
  * Get post option list
17
- *
18
  * @return array
19
- *
20
  * @access public
 
21
  */
22
- public static function get() {
 
23
  return array(
24
- 'frontend' => array(
25
- 'list' => array(
26
- 'title' => __('List', AAM_KEY),
27
- 'descr' => __('Hide %s however still allow access with direct URL.', AAM_KEY) . sprintf(__(' %sSee in action.%s', AAM_KEY), "<a href='https://youtu.be/2jiu_CL6JJg' target='_blank'>", '</a>'),
28
- ),
29
- 'read' => array(
30
- 'title' => __('Read', AAM_KEY),
31
- 'descr' => __('Restrict access to view, read or download %s. Any attempts to open %s will be denied and redirected based on the Access Denied Redirect rule.', AAM_KEY) . sprintf(__(' %sSee in action.%s', AAM_KEY), "<a href='https://youtu.be/1742nVeGvgs' target='_blank'>", '</a>')
32
- ),
33
- 'limit' => array(
34
- 'title' => __('Limit', AAM_KEY),
35
- 'sub' => __('Teaser message', AAM_KEY),
36
- 'option' => 'frontend.teaser',
37
- 'preview' => 'frontend-teaser-preview',
38
- 'modal' => 'modal-teaser',
39
- 'descr' => __('Replace %s content with defined teaser message.', AAM_KEY)
40
- ),
41
- 'access_counter' => array(
42
- 'title' => __('Read Counter', AAM_KEY),
43
- 'sub' => __('Threshold', AAM_KEY),
44
- 'option' => 'frontend.access_counter_limit',
45
- 'preview' => 'frontend-access_counter_limit-preview',
46
- 'modal' => 'modal-access-counter',
47
- 'exclude' => array(AAM_Core_Subject_Visitor::UID),
48
- 'descr' => __('Define how many times %s can be read, viewed or download. After number of times exceeds the specified threshold, access will be denied and redirected based on the Access Denied Redirect rule.', AAM_KEY)
49
- ),
50
- 'comment' => array(
51
- 'title' => __('Comment', AAM_KEY),
52
- 'descr' => __('Restrict access to comment on %s if commenting is allowed.', AAM_KEY)
53
- ),
54
- 'redirect' => array(
55
- 'title' => __('Redirect', AAM_KEY),
56
- 'sub' => __('Redirect Rule', AAM_KEY),
57
- 'option' => 'frontend.location',
58
- 'preview' => 'frontend-location-preview',
59
- 'modal' => 'modal-redirect',
60
- 'descr' => __('Redirect user based on the defined redirect rule when user tries to read the %s. The REDIRECT option will be ignored if READ option is checked.', AAM_KEY),
61
- ),
62
- 'protected' => array(
63
- 'title' => __('Password Protected', AAM_KEY),
64
- 'sub' => __('Password', AAM_KEY),
65
- 'option' => 'frontend.password',
66
- 'preview' => 'frontend-option-preview',
67
- 'modal' => 'modal-password',
68
- 'descr' => __('Protect access to %s with password. Available with WordPress 4.7.0 or higher.', AAM_KEY)
69
- ),
70
- 'expire' => array(
71
- 'title' => __('Access Expiration', AAM_KEY),
72
- 'sub' => __('Expires', AAM_KEY),
73
- 'option' => 'frontend.expire_datetime',
74
- 'preview' => 'frontend-expire_datetime-preview',
75
- 'modal' => 'modal-access-expires',
76
- 'descr' => __('Define when access will expire for %s.', AAM_KEY) . sprintf(__('After expiration, the access to %s will be denied and redirected based on the Access Denied Redirect rule. For more information %scheck this article%s or ', AAM_KEY), '%s', "<a href='https://aamplugin.com/article/how-to-set-expiration-date-for-any-wordpress-content' target='_blank'>", '</a>') . sprintf(__(' %ssee in action.%s', AAM_KEY), "<a href='https://youtu.be/IgtgVoWs35w' target='_blank'>", '</a>')
77
- ),
78
- 'monetize' => array(
79
- 'title' => __('Monetized Access', AAM_KEY),
80
- 'sub' => __('E-Product', AAM_KEY),
81
- 'option' => 'frontend.eproduct',
82
- 'preview' => 'frontend-eproduct-preview',
83
- 'modal' => 'modal-eproduct',
84
- 'exclude' => array(AAM_Core_Subject_Visitor::UID),
85
- 'descr' => sprintf(AAM_Backend_View_Helper::preparePhrase('[Premium feature!] Start selling access to %s. Access will be granted to open %s only if selected E-Product had been purchased. For more information %scheck this article%s.', 'b'), '%s', '%s', "<a href='https://aamplugin.com/article/how-to-monetize-access-to-the-wordpress-content' target='_blank'>", '</a>')
86
- )
87
  ),
88
- 'backend' => array(
89
- 'list' => array(
90
- 'title' => __('List', AAM_KEY),
91
- 'exclude' => array(AAM_Core_Subject_Visitor::UID),
92
- 'descr' => __('Hide %s however still allow access with direct URL.', AAM_KEY),
93
- ),
94
- 'edit' => array(
95
- 'title' => __('Edit', AAM_KEY),
96
- 'exclude' => array(AAM_Core_Subject_Visitor::UID),
97
- 'descr' => __('Restrict access to edit %s. Any attempts to edit %s will result in redirecting user based on the Access Denied Redirect rule.', AAM_KEY)
98
- ),
99
- 'delete' => array(
100
- 'title' => __('Delete', AAM_KEY),
101
- 'exclude' => array(AAM_Core_Subject_Visitor::UID),
102
- 'descr' => __('Restrict access to trash or permanently delete %s.', AAM_KEY)
103
- ),
104
- 'publish' => array(
105
- 'title' => __('Publish', AAM_KEY),
106
- 'exclude' => array(AAM_Core_Subject_Visitor::UID),
107
- 'descr' => __('Restrict access to publish %s. User will be allowed only to submit %s for review.', AAM_KEY)
108
- )
109
  ),
110
- 'api' => array(
111
- 'list' => array(
112
- 'title' => __('List', AAM_KEY),
113
- 'descr' => __('Hide %s however still allow access to retrieve %s.', AAM_KEY),
114
- ),
115
- 'read' => array(
116
- 'title' => __('Read', AAM_KEY),
117
- 'descr' => __('Restrict access to retrieve %s. Any attempts to retrieve %s will be denied.', AAM_KEY)
118
- ),
119
- 'limit' => array(
120
- 'title' => __('Limit', AAM_KEY),
121
- 'sub' => __('Teaser message', AAM_KEY),
122
- 'option' => 'api.teaser',
123
- 'preview' => 'api-teaser-preview',
124
- 'modal' => 'modal-teaser',
125
- 'descr' => __('Replace %s content with defined teaser message.', AAM_KEY)
126
- ),
127
- 'access_counter' => array(
128
- 'title' => __('Read Counter', AAM_KEY),
129
- 'sub' => __('Threshold', AAM_KEY),
130
- 'option' => 'api.access_counter_limit',
131
- 'preview' => 'api-access_counter_limit-preview',
132
- 'modal' => 'modal-access-counter',
133
- 'exclude' => array(AAM_Core_Subject_Visitor::UID),
134
- 'descr' => __('Define how many times %s can be retrieved. After number of time exceeds the defined threshold, the access will be denied to %s.', AAM_KEY)
135
- ),
136
- 'comment' => array(
137
- 'title' => __('Comment', AAM_KEY),
138
- 'descr' => __('Restrict access to comment on %s if commenting feature is enabled.', AAM_KEY)
139
- ),
140
- 'protected' => array(
141
- 'title' => __('Password Protected', AAM_KEY),
142
- 'sub' => __('Password', AAM_KEY),
143
- 'option' => 'api.password',
144
- 'preview' => 'api-option-preview',
145
- 'modal' => 'modal-password',
146
- 'descr' => __('Protected %s with password. Available with WordPress 4.7.0 or higher.', AAM_KEY)
147
- ),
148
- 'expire' => array(
149
- 'title' => __('Access Expiration', AAM_KEY),
150
- 'sub' => __('Expires', AAM_KEY),
151
- 'option' => 'api.expire_datetime',
152
- 'preview' => 'api-expire_datetime-preview',
153
- 'modal' => 'modal-access-expires',
154
- 'descr' => __('Define when access expires to %s.', AAM_KEY) . sprintf(__('After expiration, the access to %s will be denied. For more information %scheck this article%s or ', AAM_KEY), '%s', "<a href='https://aamplugin.com/article/how-to-set-expiration-date-for-any-wordpress-content' target='_blank'>", '</a>')
155
- ),
156
- 'edit' => array(
157
- 'title' => __('Update', AAM_KEY),
158
- 'exclude' => array(AAM_Core_Subject_Visitor::UID),
159
- 'descr' => __('Restrict access to update %s. Any attempts to update %s will be denied.', AAM_KEY)
160
- ),
161
- 'delete' => array(
162
- 'title' => __('Delete', AAM_KEY),
163
- 'exclude' => array(AAM_Core_Subject_Visitor::UID),
164
- 'descr' => __('Restrict access to trash or permanently delete %s.', AAM_KEY)
165
- )
166
  )
167
  );
168
  }
 
169
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
+ * Post & Term option list for the Post object
14
+ *
15
+ * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Backend_View_PostOptionList
19
+ {
20
 
21
  /**
22
  * Get post option list
23
+ *
24
  * @return array
25
+ *
26
  * @access public
27
+ * @version 6.0.0
28
  */
29
+ public static function get()
30
+ {
31
  return array(
32
+ 'hidden' => array(
33
+ 'title' => __('Hidden', AAM_KEY),
34
+ 'description' => __('Completely hide the post however, still allow direct access with the valid URL.', AAM_KEY),
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
35
  ),
36
+ 'restricted' => array(
37
+ 'title' => __('Restricted', AAM_KEY),
38
+ 'description' => __('Restrict direct access to the post. Any attempt to access the post will be denied and redirected based on the Access Denied Redirect rule.', AAM_KEY)
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
39
  ),
40
+ 'teaser' => array(
41
+ 'title' => __('Teaser Message', AAM_KEY),
42
+ 'sub' => __('Message', AAM_KEY),
43
+ 'modal' => 'modal-teaser',
44
+ 'description' => __('Dynamically replace the post content with defined plain text or HTML teaser message.', AAM_KEY)
45
+ ),
46
+ 'limited' => array(
47
+ 'title' => __('Limited', AAM_KEY),
48
+ 'sub' => __('Access Limit', AAM_KEY),
49
+ 'modal' => 'modal-limited',
50
+ 'exclude' => array(AAM_Core_Subject_Visitor::UID),
51
+ 'description' => __('Define how many times the post can be accessed. When the number of times exceeds the defined threshold, access will be denied and redirected based on the Access Denied Redirect rule.', AAM_KEY)
52
+ ),
53
+ 'comment' => array(
54
+ 'title' => __('Leave Comments', AAM_KEY),
55
+ 'description' => __('Restrict access to leave comments for the post.', AAM_KEY)
56
+ ),
57
+ 'redirected' => array(
58
+ 'title' => __('Redirect', AAM_KEY),
59
+ 'sub' => __('Destination', AAM_KEY),
60
+ 'modal' => 'modal-redirect',
61
+ 'description' => __('Redirect user based on the defined redirect rule when user tries to access the post. The REDIRECT option has lower precedence and will be ignored if RESTRICTED option is checked.', AAM_KEY),
62
+ ),
63
+ 'protected' => array(
64
+ 'title' => __('Password Protected', AAM_KEY),
65
+ 'sub' => __('Password', AAM_KEY),
66
+ 'modal' => 'modal-password',
67
+ 'description' => __('Protect access to the post with a password. Available with WordPress 4.7.0 or higher.', AAM_KEY)
68
+ ),
69
+ 'ceased' => array(
70
+ 'title' => __('Access Expires', AAM_KEY),
71
+ 'sub' => __('After', AAM_KEY),
72
+ 'modal' => 'modal-cease',
73
+ 'description' => __('Define when access will expire to the post.', AAM_KEY) . sprintf(__('After expiration, the access to the post will be denied and redirected based on the Access Denied Redirect rule. For more information %scheck this article%s or ', AAM_KEY), "<a href='https://aamplugin.com/article/how-to-set-expiration-date-for-any-wordpress-content' target='_blank'>", '</a>')
74
+ ),
75
+ 'edit' => array(
76
+ 'title' => __('Edit', AAM_KEY),
77
+ 'exclude' => array(AAM_Core_Subject_Visitor::UID),
78
+ 'description' => __('Restrict access to edit the post.', AAM_KEY)
79
+ ),
80
+ 'delete' => array(
81
+ 'title' => __('Delete', AAM_KEY),
82
+ 'exclude' => array(AAM_Core_Subject_Visitor::UID),
83
+ 'description' => __('Restrict access to trash or permanently delete the post.', AAM_KEY)
84
+ ),
85
+ 'publish' => array(
86
+ 'title' => __('Publish', AAM_KEY),
87
+ 'exclude' => array(AAM_Core_Subject_Visitor::UID),
88
+ 'description' => __('Restrict the ability to publish the post. User will be allowed only to submit the post for review.', AAM_KEY)
 
 
 
 
 
 
 
89
  )
90
  );
91
  }
92
+
93
  }
application/Backend/Widget/Login.php CHANGED
@@ -5,68 +5,107 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
- class AAM_Backend_Widget_Login extends WP_Widget {
 
 
 
 
 
 
 
11
 
 
 
 
 
 
 
 
 
12
  public $args = array();
13
-
14
  /**
15
- *
 
 
 
 
 
16
  */
17
- public function __construct() {
 
18
  $options = array(
19
- 'description' => __( "AAM Secure Login Widget", AAM_KEY)
20
  );
21
-
22
- parent::__construct(false, 'AAM Secure Login', $options);
23
  }
24
-
25
  /**
26
- *
 
27
  * @param array $args
28
- *
29
- * @param string $instance
 
 
 
 
30
  */
31
- public function widget($args, $instance) {
 
32
  $this->args = array_merge($args, $this->normalize($instance));
33
-
34
  require AAM_Core_Config::get(
35
- 'feature.secureLogin.widget.template',
36
- realpath(dirname(__FILE__) . '/../phtml/widget/login-frontend.phtml')
37
  );
38
  }
39
-
40
  /**
41
- *
42
- * @param type $instance
 
 
 
 
 
 
43
  */
44
- public function form($instance) {
 
45
  $instance = $this->normalize($instance);
46
-
47
- require dirname(__FILE__) . '/../phtml/widget/login-backend.phtml';
48
  }
49
-
50
  /**
51
- *
 
52
  * @param array $instance
53
- *
54
  * @return array
 
 
 
55
  */
56
- protected function normalize($instance) {
57
- $instance['login-title'] = AAM_Core_Config::get('login-title');
58
-
59
  if (empty($instance['login-title'])) {
60
  $instance['login-title'] = __('Login', AAM_KEY);
61
  }
62
-
63
  if (empty($instance['user-title'])) {
64
  $instance['user-title'] = __('Howdy, %username%', AAM_KEY);
65
  }
66
-
67
- $instance['redirect'] = AAM_Core_Request::get('redirect_to');
68
-
69
  return $instance;
70
  }
71
-
72
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
+ /**
13
+ * Secure login widget
14
+ *
15
+ * @package AAM
16
+ * @version 6.0.0
17
+ */
18
+ class AAM_Backend_Widget_Login extends WP_Widget
19
+ {
20
 
21
+ /**
22
+ * Widget arguments
23
+ *
24
+ * @var array
25
+ *
26
+ * @access public
27
+ * @version 6.0.0
28
+ */
29
  public $args = array();
30
+
31
  /**
32
+ * Constructor
33
+ *
34
+ * @access public
35
+ *
36
+ * @return void
37
+ * @version 6.0.0
38
  */
39
+ public function __construct()
40
+ {
41
  $options = array(
42
+ 'description' => __('AAM Secure Login Widget', AAM_KEY)
43
  );
44
+
45
+ parent::__construct(false, __('AAM Secure Login', AAM_KEY), $options);
46
  }
47
+
48
  /**
49
+ * Get frontend widget template
50
+ *
51
  * @param array $args
52
+ * @param array $instance
53
+ *
54
+ * @access public
55
+ *
56
+ * @return string
57
+ * @version 6.0.0
58
  */
59
+ public function widget($args, $instance)
60
+ {
61
  $this->args = array_merge($args, $this->normalize($instance));
62
+
63
  require AAM_Core_Config::get(
64
+ 'service.secureLogin.settings.widget.template',
65
+ realpath(dirname(__DIR__) . '/tmpl/widget/login-frontend.php')
66
  );
67
  }
68
+
69
  /**
70
+ * Generate backend form for the widget
71
+ *
72
+ * @param array $instance
73
+ *
74
+ * @access public
75
+ *
76
+ * @return void
77
+ * @version 6.0.0
78
  */
79
+ public function form($instance)
80
+ {
81
  $instance = $this->normalize($instance);
82
+
83
+ require dirname(__DIR__) . '/tmpl/widget/login-backend.php';
84
  }
85
+
86
  /**
87
+ * Normalize widget's settings
88
+ *
89
  * @param array $instance
90
+ *
91
  * @return array
92
+ *
93
+ * @access protected
94
+ * @version 6.0.0
95
  */
96
+ protected function normalize($instance)
97
+ {
 
98
  if (empty($instance['login-title'])) {
99
  $instance['login-title'] = __('Login', AAM_KEY);
100
  }
101
+
102
  if (empty($instance['user-title'])) {
103
  $instance['user-title'] = __('Howdy, %username%', AAM_KEY);
104
  }
105
+
106
+ $instance['redirect'] = filter_input(INPUT_GET, 'redirect_to');
107
+
108
  return $instance;
109
  }
110
+
111
  }
application/Backend/phtml/extensions.phtml DELETED
@@ -1,165 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <div id="extension-content" class="extension-container">
3
- <div class="row">
4
- <div class="col-xs-12">
5
- <p class="aam-info">
6
- <?php echo AAM_Backend_View_Helper::preparePhrase('By purchasing any of the addons below, you obtain the license that allows you to install and use our software for one physical WordPress installation only. Exceptions are websites where URL is either [localhost] or starts with [dev.], [staging.], [test.] or [demo.] They are considered as development websites and you can use the purchased license unlimited number of times before it is activated on a production website. [Money back guaranteed] within 30 day from the time of purchase.', 'i', 'i', 'i', 'i', 'i', 'i', 'b'); ?><br/>
7
- </p>
8
- </div>
9
- </div>
10
-
11
- <label for="extension-key"><?php echo __('Install/Update Extension', AAM_KEY); ?> <a href="#install-extension-modal" data-toggle="modal"><i class="icon-help-circled"></i></a></label>
12
- <div class="row">
13
- <div class="col-xs-8">
14
- <div class="form-group">
15
- <input type="text" class="form-control" id="extension-key" placeholder="<?php echo __('License Key', AAM_KEY); ?>" />
16
- </div>
17
- </div>
18
- <div class="col-xs-4">
19
- <div class="btn-group">
20
- <button type="button" class="btn btn-primary btn-block dropdown-toggle" id="download-software" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
21
- <i class="icon-download-cloud"></i> <?php echo __('Download', AAM_KEY); ?> <span class="caret"></span>
22
- </button>
23
- <ul class="dropdown-menu">
24
- <li><a href="#" id="install-extension"><?php echo __('As extension (legacy)', AAM_KEY); ?></a></li>
25
- <li><a href="#" id="download-plugin"><?php echo __('As standard WP plugin', AAM_KEY); ?></a></li>
26
- <li role="separator" class="divider"></li>
27
- <li><a href="https://aamplugin.com/article/aam-extensions-become-plugins" target="_blank"><?php echo __('Learn more', AAM_KEY); ?></a></li>
28
- </ul>
29
- </div>
30
- </div>
31
- </div>
32
-
33
- <?php $commercial = $this->getList('commercial'); ?>
34
- <?php $free = $this->getList('GNU'); ?>
35
-
36
- <div>
37
- <ul class="nav nav-tabs" role="tablist">
38
- <?php if(count($commercial)) { ?><li role="presentation" class="active"><a href="#premium-extensions" aria-controls="premium-extensions" role="tab" data-toggle="tab"><i class='icon-basket'></i> <?php echo __('Premium', AAM_KEY); ?></a></li><?php } ?>
39
- <?php if(count($free)) { ?><li role="presentation" <?php echo (!count($commercial) ? 'class="active"' : ''); ?>><a href="#free-extensions" aria-controls="free-extensions" role="tab" data-toggle="tab"><i class='icon-download-cloud'></i> <?php echo __('Free', AAM_KEY); ?> <span class="badge sup">NEW</span></a></li><?php } ?>
40
- <li class="aam-update-check"><a href="#" id="aam-update-check"><i class='icon-arrows-cw'></i> <?php echo __('Check for Updates', AAM_KEY); ?></a></li>
41
- </ul>
42
-
43
- <!-- Tab panes -->
44
- <div class="tab-content">
45
- <div role="tabpanel" class="tab-pane<?php echo (count($commercial) ? ' active' : ''); ?>" id="premium-extensions">
46
- <table class="table table-striped table-bordered">
47
- <tbody>
48
- <?php foreach ($commercial as $i => $product) { ?>
49
- <tr>
50
- <td width="80%">
51
- <span class='aam-setting-title'><?php echo $product['title'], (!empty($product['tag']) ? '<sup><span class="badge sup">' . $product['tag'] . '</span></sup>' : ''), (!empty($product['version']) ? ' <small class="text-muted">v' . $product['version'] . '</small>' : ''); ?></span>
52
- <?php if (!empty($product['license'])) { ?><small class="aam-license-key"><b>License:</b> <?php echo $product['license'] . (!empty($product['expire']) ? " (updates expire on {$product['expire']})" : ''); ?></small><?php } ?>
53
- <p class="aam-extension-description">
54
- <?php echo $product['description']; ?>
55
- </p>
56
- </td>
57
- <td class="text-center">
58
- <?php if (!is_null($product['pluginStatus'])) { ?>
59
- <?php if ($product['pluginStatus'] === true) { ?>
60
- <a href="#" class="btn btn-sm btn-success btn-block disabled"><i class="icon-check"></i> <?php echo __('Plugin Active', AAM_KEY); ?></a>
61
- <?php } else { ?>
62
- <a href="#" class="btn btn-sm btn-info btn-block disabled"><i class="icon-attention-circled"></i> <?php echo __('Plugin Inactive', AAM_KEY); ?></a>
63
- <?php } ?>
64
- <?php } elseif ($product['status'] == AAM_Extension_Repository::STATUS_INSTALLED) { ?>
65
- <?php if ($product['title'] === 'Complete Package') { ?>
66
- <a href="#" class="btn btn-sm btn-success btn-block disabled"><i class="icon-check"></i> <?php echo __('Installed', AAM_KEY); ?></a>
67
- <?php } else { ?>
68
- <a href="#" class="btn btn-sm btn-danger btn-block aam-deactivate-extension" data-product="<?php echo $product['id']; ?>"><i class="icon-attention-circled"></i> <?php echo __('Deactivate', AAM_KEY); ?></a><small><?php echo __('extension is active', AAM_KEY); ?></small>
69
- <?php } ?>
70
- <?php } elseif ($product['status'] == AAM_Extension_Repository::STATUS_UPDATE) { ?>
71
- <a href="#" class="btn btn-sm btn-warning btn-block aam-update-extension<?php echo (empty($product['license']) ? ' disabled' : ''); ?>" data-license="<?php echo (!empty($product['license']) ? $product['license'] : ''); ?>"><i class="icon-arrows-cw"></i> <?php echo __('Update', AAM_KEY); ?></a>
72
- <?php } elseif ($product['status'] == AAM_Extension_Repository::STATUS_INACTIVE) { ?>
73
- <a href="#" class="btn btn-sm btn-success btn-block aam-activate-extension" data-product="<?php echo $product['id']; ?>"><i class="icon-check"></i> <?php echo __('Activate', AAM_KEY); ?></a><small><?php echo __('extension is inactive', AAM_KEY); ?></small>
74
- <?php } else { ?>
75
- <a href="<?php echo $product['url']; ?>" target="_blank" class="btn btn-sm btn-primary btn-block"><i class="icon-link"></i> <?php echo __('Read More', AAM_KEY); ?></a>
76
- <?php } ?>
77
- </td>
78
- </tr>
79
- <?php } ?>
80
- </tbody>
81
- </table>
82
- </div>
83
- <div role="tabpanel" class="tab-pane" id="free-extensions">
84
- <table class="table table-striped table-bordered">
85
- <tbody>
86
- <?php foreach ($free as $product) { ?>
87
- <tr>
88
- <td width="80%">
89
- <span class='aam-setting-title'><?php echo $product['title'], (!empty($product['tag']) ? '<sup><span class="badge sup">' . $product['tag'] . '</span></sup>' : ''), (!empty($product['version']) ? ' <small class="text-muted">v' . $product['version'] . '</small>' : ''), ' - ' . ('<span class="text-success">' . __('Free', AAM_KEY) . '</span>'); ?></span>
90
- <p class="aam-extension-description">
91
- <?php echo $product['description']; ?>
92
- </p>
93
- </td>
94
- <td class="text-center">
95
- <?php if ($product['status'] == AAM_Extension_Repository::STATUS_INSTALLED) { ?>
96
- <a href="#" class="btn btn-sm btn-danger btn-block aam-deactivate-extension" data-product="<?php echo $product['id']; ?>"><i class="icon-attention-circled"></i> <?php echo __('Deactivate', AAM_KEY); ?></a><small><?php echo __('extension is active', AAM_KEY); ?></small>
97
- <?php } elseif ($product['status'] == AAM_Extension_Repository::STATUS_UPDATE) { ?>
98
- <a href="#" class="btn btn-sm btn-warning btn-block aam-update-extension" data-product="<?php echo $product['id']; ?>"><i class="icon-arrows-cw"></i> <?php echo __('Update', AAM_KEY); ?></a>
99
- <?php } elseif ($product['status'] == AAM_Extension_Repository::STATUS_INACTIVE) { ?>
100
- <a href="#" class="btn btn-sm btn-success btn-block aam-activate-extension" data-product="<?php echo $product['id']; ?>"><i class="icon-check"></i> <?php echo __('Activate', AAM_KEY); ?></a><small><?php echo __('extension is inactive', AAM_KEY); ?></small>
101
- <?php } else { ?>
102
- <a href="#" class="btn btn-sm btn-success btn-block aam-download-extension" data-license="<?php echo $product['license']; ?>"><i class="icon-download-cloud"></i> <?php echo __('Download', AAM_KEY); ?></a>
103
- <?php } ?>
104
- </td>
105
- </tr>
106
- <?php } ?>
107
- </tbody>
108
- </table>
109
- </div>
110
- </div>
111
- </div>
112
-
113
- <div class="modal fade" id="extension-notification-modal" tabindex="-1" role="dialog">
114
- <div class="modal-dialog" role="document">
115
- <div class="modal-content">
116
- <div class="modal-header">
117
- <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
118
- <h4 class="modal-title"><?php echo __('Notification', AAM_KEY); ?></h4>
119
- </div>
120
- <div class="modal-body">
121
- <p class="aam-notification">
122
- <strong><span id="installation-error"></span></strong> <?php echo __('Extension requires manual installation. Please follow few simple steps below.', AAM_KEY); ?>
123
- </p>
124
-
125
- <ul class="aam-outer-top-xs aam-numeric-list">
126
- <li><?php echo AAM_Backend_View_Helper::preparePhrase('Click [Download] button below and save the zip archive on your computer', 'b'); ?>;</li>
127
- <li><?php echo AAM_Backend_View_Helper::preparePhrase('Connect to your website via FTP and navigate to [wp-content] folder', 'b'); ?>;</li>
128
- <li><?php echo AAM_Backend_View_Helper::preparePhrase('Create [aam/extension] folder inside [wp-content] and make sure it is writable by your server', 'b', 'b'); ?>;</li>
129
- <li><?php echo AAM_Backend_View_Helper::preparePhrase('Unzip downloaded archive and upload the folder inside the [wp-content/aam/extension] folder', 'b'); ?>.</li>
130
- </ul>
131
-
132
- <p class="aam-notification hidden" id="safari-download-notification">
133
- <?php echo AAM_Backend_View_Helper::preparePhrase('[PLEASE NOTE!] Your browser may not support the latest HTML5 attribures and if downloaded file is not .ZIP archive, simply rename the file by adding .zip extension.', 'b'); ?>
134
- </p>
135
- </div>
136
- <div class="modal-footer">
137
- <button type="button" class="btn btn-success" id="download-extension"><?php echo __('Download', AAM_KEY); ?></button>
138
- <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Cancel', AAM_KEY); ?></button>
139
- </div>
140
- </div>
141
- </div>
142
- </div>
143
-
144
- <div class="modal fade" id="install-extension-modal" tabindex="-1" role="dialog">
145
- <div class="modal-dialog" role="document">
146
- <div class="modal-content">
147
- <div class="modal-header">
148
- <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
149
- <h4 class="modal-title"><?php echo __('Install Extension', AAM_KEY); ?></h4>
150
- </div>
151
- <div class="modal-body aam-info-modal">
152
- <p>
153
- <?php echo __('Insert license key that you recieved after the payment (find the email example below). It might take up to 2 hours to process the payment. Please remember that license key is limited only to one live domain.', AAM_KEY); ?>
154
- <br /> <br />
155
- <img src="https://aamplugin.com/media/img/email-confirmation.jpg" class="img-responsive" />
156
- </p>
157
- </div>
158
- <div class="modal-footer">
159
- <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
160
- </div>
161
- </div>
162
- </div>
163
- </div>
164
- </div>
165
- <?php }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/index.phtml DELETED
@@ -1,447 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <div class="wrap" id="aam-container">
3
- <div class="row" id="aam-subject-banner">
4
- <div class="col-xs-12 col-md-8">
5
- <div class="aam-current-subject"></div>
6
- </div>
7
- </div>
8
-
9
- <div class="row">
10
- <div class="col-xs-12 col-md-8">
11
- <div class="metabox-holder">
12
- <div class="postbox">
13
- <h3 class="hndle">
14
- <span><?php echo __('Main Panel', AAM_KEY); ?></span>
15
- </h3>
16
- <div class="inside" id="access-manager-inside">
17
- <div class="aam-postbox-inside" id="aam-content">
18
- <p class="alert alert-info text-larger text-center" id="aam-initial-load"><?php echo AAM_Backend_View_Helper::preparePhrase('[Loading AAM UI]. Please wait. If content will not load within next 30 seconds, clear your browser cache and reload the page. If still nothing, it is most likely some sort of JavaScript or CSS conflict with one your active plugins or theme. Try to deactivate all plugins and switch to any default WordPress theme to find out what causes the issue.', 'strong'); ?></p>
19
- </div>
20
- </div>
21
- </div>
22
- </div>
23
- </div>
24
-
25
- <?php $manageExtensions = AAM_Core_Config::get('core.settings.extensionSupport', true) && current_user_can('aam_manage_extensions'); ?>
26
-
27
- <div class="col-xs-12 col-md-4 aam-sidebar">
28
- <?php if (AAM_Core_Console::count() && current_user_can('aam_show_notifications')) { ?>
29
- <div class="metabox-holder shared-metabox">
30
- <div class="postbox">
31
- <h3 class="hndle text-danger">
32
- <i class='icon-attention-circled'></i> <span><?php echo __('Notifications', AAM_KEY); ?></span>
33
- </h3>
34
- <div class="inside">
35
- <div class="aam-postbox-inside">
36
- <ul class="aam-error-list">
37
- <?php foreach (AAM_Core_Console::getAll() as $message) { ?>
38
- <li><?php echo $message; ?></li>
39
- <?php } ?>
40
- </ul>
41
- </div>
42
- </div>
43
- </div>
44
- </div>
45
- <?php } ?>
46
-
47
- <div class="metabox-holder shared-metabox">
48
- <div class="postbox">
49
- <h3 class="hndle">
50
- <span><?php echo __('Announcement', AAM_KEY); ?></span>
51
- </h3>
52
- <div class="inside">
53
- <div class="aam-postbox-inside">
54
- <p class="alert alert-warning">AAM 6.0.0-beta.1 is here. You can download it from the <a href="https://downloads.wordpress.org/plugin/advanced-access-manager.6.0.0-beta.1.zip">Official WordPress Repository</a>. Subscribe to our email list to get all the latest news and information about the new features, improvements and migration path.</p>
55
- <div class="input-group aam-outer-top-xs">
56
- <input type="email" class="form-control" placeholder="<?php echo __('Enter your email', AAM_KEY); ?>" id="aam-subscribe-email" />
57
- <a href="#" class="btn input-group-addon btn-primary" id="aam-subscribe">Subscribe</a>
58
- </div>
59
- </div>
60
- </div>
61
- </div>
62
- </div>
63
-
64
- <div class="metabox-holder shared-metabox">
65
- <div class="postbox">
66
- <div class="inside">
67
- <div class="aam-social">
68
- <a href="#" title="Access" data-type="main" class="aam-area text-danger">
69
- <i class="icon-cog-alt"></i>
70
- <span>Access</span>
71
- </a>
72
- <?php if (current_user_can('aam_manage_settings')) { ?>
73
- <a href="#" title="Settings" data-type="settings" class="aam-area">
74
- <i class="icon-wrench"></i>
75
- <span>Settings</span>
76
- </a>
77
- <?php } ?>
78
- <?php if ($manageExtensions) { ?>
79
- <a href="#" title="Extensions" data-type="extensions" class="aam-area">
80
- <i class="icon-cubes"></i>
81
- <span>Extensions</span>
82
- </a>
83
- <?php } ?>
84
- <?php if (current_user_can('aam_view_help_btn')) { ?>
85
- <a href="https://aamplugin.com/support" title="Help" target="_blank">
86
- <i class="icon-help-circled"></i>
87
- <span>Help</span>
88
- </a>
89
- <?php } ?>
90
- </div>
91
- </div>
92
- </div>
93
- </div>
94
-
95
- <?php if (current_user_can('aam_manage_settings')) { ?>
96
- <div class="metabox-holder settings-metabox" style="display:none;">
97
- <div class="postbox">
98
- <div class="inside">
99
- <div class="row">
100
- <div class="col-xs-12 col-md-12">
101
- <a href="#clear-settings-modal" data-toggle="modal" class="btn btn-danger btn-block"><?php echo __('Reset AAM Settings', AAM_KEY); ?></a>
102
- </div>
103
- </div>
104
- </div>
105
- </div>
106
-
107
- <div class="modal fade" id="clear-settings-modal" tabindex="-1" role="dialog">
108
- <div class="modal-dialog modal-sm" role="document">
109
- <div class="modal-content">
110
- <div class="modal-header">
111
- <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
112
- <h4 class="modal-title"><?php echo __('Clear all settings', AAM_KEY); ?></h4>
113
- </div>
114
- <div class="modal-body">
115
- <p class="text-center alert alert-danger text-larger"><?php echo __('All AAM settings will be removed.', AAM_KEY); ?></p>
116
- </div>
117
- <div class="modal-footer">
118
- <button type="button" class="btn btn-danger" id="clear-settings"><?php echo __('Clear', AAM_KEY); ?></button>
119
- <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Cancel', AAM_KEY); ?></button>
120
- </div>
121
- </div>
122
- </div>
123
- </div>
124
- </div>
125
- <?php } ?>
126
-
127
- <?php $licenses = AAM_Extension_Repository::getInstance()->getCommercialLicenses(); ?>
128
- <?php if (count($licenses) && $manageExtensions) { ?>
129
- <div class="metabox-holder extensions-metabox" style="display:none;">
130
- <div class="postbox">
131
- <h3 class="hndle">
132
- <span><?php echo __('Premium Licenses', AAM_KEY); ?></span>
133
- </h3>
134
- <div class="inside">
135
- <div class="aam-postbox-inside">
136
- <table class="table table-striped table-bordered">
137
- <tbody>
138
- <?php foreach($licenses as $license) { ?>
139
- <tr>
140
- <td width="70%">
141
- <b><?php echo $license['extension']; ?></b><br/>
142
- <small>License: <?php echo $license['license']; ?></small>
143
- <?php if (!empty($license['expires'])) { ?>
144
- <br/> <small>Expires: <?php echo $license['expires']; ?></small>
145
- <?php } ?>
146
- </td>
147
- <td>
148
- <div class="aam-row-actions">
149
- <a href="https://aamplugin.com/license/<?php echo $license['license']; ?>" class="aam-row-action"><i class="icon-cog text-success" data-toggle="tooltip" title="<?php echo __('Manage License', AAM_KEY); ?>"></i></a>
150
- <?php if (!empty($license['expires'])) { ?>
151
- <a href="https://aamplugin.com/upgrade/<?php echo $license['license']; ?>" data-toggle="tooltip" title="<?php echo __('Upgrade License', AAM_KEY); ?>" class="aam-row-action" target="_blank"><i class="icon-angle-circled-up text-success"></i></a>
152
- <?php } ?>
153
- </div>
154
- </td>
155
- </tr>
156
- <?php } ?>
157
- </tbody>
158
- </table>
159
- </div>
160
- </div>
161
- </div>
162
- </div>
163
- <?php } ?>
164
-
165
- <div class="metabox-holder extensions-metabox" style="display:none;">
166
- <div class="postbox">
167
- <div class="inside">
168
- <div class="aam-postbox-inside text-center">
169
- <p class="alert alert-info text-larger highlighted-italic"><?php echo AAM_Backend_View_Helper::preparePhrase('The [Enterprise Package] allows you to get all premium addons in one package as well as dedicated support line.', 'i', 'b'); ?></p>
170
- <a href="https://aamplugin.com/pricing/enterprise-package" target="_blank" class="btn btn-sm btn-primary btn-block"><i class="icon-link"></i> <?php echo __('Read More', AAM_KEY); ?></a>
171
- </div>
172
- </div>
173
- </div>
174
- </div>
175
-
176
- <?php if (is_network_admin() && !defined('AAM_MULTISITE')) { ?>
177
- <div class="metabox-holder main-metabox">
178
- <div class="postbox">
179
- <h3 class="hndle text-warning">
180
- <i class='icon-attention-circled'></i> <span><?php echo __('AAM Multisite', AAM_KEY); ?></span>
181
- </h3>
182
- <div class="inside">
183
- <p class="aam-info"><?php echo AAM_Backend_View_Helper::preparePhrase('Install free [AAM Multisite extension] in order to manage all your sites from the Network Admin.', 'b'); ?></p>
184
- </div>
185
- </div>
186
- </div>
187
- <?php } ?>
188
-
189
- <?php do_action('aam-sidebar-ui-action', 'top'); ?>
190
-
191
- <div class="metabox-holder main-metabox">
192
- <div class="postbox">
193
- <h3 class="hndle">
194
- <span><?php echo __('Users/Roles Manager', AAM_KEY); ?></span>
195
- <span class="aam-help-menu" data-target="#user-role-manager-inside"><i class="icon-help-circled"></i></span>
196
- </h3>
197
- <div class="inside" id="user-role-manager-inside">
198
- <div class="aam-postbox-inside">
199
- <ul class="nav nav-tabs" role="tablist">
200
- <?php $active = 0; ?>
201
- <?php if (current_user_can('aam_manage_roles') || current_user_can('aam_list_roles')) { ?>
202
- <li role="presentation" class="<?php echo (!$active++ ? 'active ' : ''); ?>text-center"><a href="#roles" aria-controls="roles" role="tab" data-toggle="tab"><i class="icon-users"></i><br/><?php echo __('Roles', AAM_KEY); ?></a></li>
203
- <?php } ?>
204
- <?php if (current_user_can('aam_manage_users') || current_user_can('list_users')) { ?>
205
- <li role="presentation" class="<?php echo (!$active++ ? 'active ' : ''); ?>text-center"><a href="#users" aria-controls="users" role="tab" data-toggle="tab"><i class="icon-user"></i><br/><?php echo __('Users', AAM_KEY); ?></a></li>
206
- <?php } ?>
207
- <?php if (current_user_can('aam_manage_visitors')) { ?>
208
- <li role="presentation" class="<?php echo (!$active++ ? 'active ' : ''); ?>text-center"><a href="#visitor" aria-controls="visitor" role="tab" data-toggle="tab"><i class="icon-user-secret"></i><br/><?php echo __('Visitor', AAM_KEY); ?></a></li>
209
- <?php } ?>
210
- <?php if (current_user_can('aam_manage_default')) { ?>
211
- <li role="presentation" class="<?php echo (!$active++ ? 'active ' : ''); ?>text-center"><a href="#default" aria-controls="default" role="tab" data-toggle="tab" class="text-danger"><i class="icon-asterisk"></i><br/><?php echo __('Default', AAM_KEY); ?></a></li>
212
- <?php } ?>
213
- <?php if ($active === 0) { ?>
214
- <li role="presentation" class="active text-center"><a href="#none" aria-controls="none" role="tab" data-toggle="tab" class="text-muted"><i class="icon-asterisk"></i><br/><?php echo __('None', AAM_KEY); ?></a></li>
215
- <?php } ?>
216
- </ul>
217
- <div class="tab-content">
218
- <?php $active = 0; ?>
219
- <?php if (current_user_can('aam_manage_roles') || current_user_can('aam_list_roles')) { ?>
220
- <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="roles">
221
- <table id="role-list" class="table table-striped table-bordered">
222
- <thead>
223
- <tr>
224
- <th>ID</th>
225
- <th>Users</th>
226
- <th width="65%"><?php echo __('Role', AAM_KEY); ?></th>
227
- <th><?php echo __('Action', AAM_KEY); ?></th>
228
- <th>Level</th>
229
- </tr>
230
- </thead>
231
- <tbody></tbody>
232
- </table>
233
-
234
- <div class="modal fade" id="add-role-modal" tabindex="-1" role="dialog">
235
- <div class="modal-dialog modal-sm" role="document">
236
- <div class="modal-content">
237
- <div class="modal-header">
238
- <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
239
- <h4 class="modal-title"><?php echo __('Create Role', AAM_KEY); ?></h4>
240
- </div>
241
- <div class="modal-body">
242
- <div class="form-group">
243
- <label><?php echo __('Role Name', AAM_KEY); ?><span class="aam-asterix">*</span></label>
244
- <input type="text" class="form-control" name="name" placeholder="<?php echo __('Enter Role Name', AAM_KEY); ?>" />
245
- </div>
246
- <?php /* TODO: Rethink this filter */ do_action('aam-add-role-ui-action'); ?>
247
- <?php /* TODO: Rethink this filter */ echo apply_filters('aam-add-role-ui-filter', AAM_Backend_View::getInstance()->loadPartial('role-inheritance.phtml')); ?>
248
- </div>
249
- <div class="modal-footer">
250
- <button type="button" class="btn btn-success" id="add-role-btn"><?php echo __('Create', AAM_KEY); ?></button>
251
- <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
252
- </div>
253
- </div>
254
- </div>
255
- </div>
256
-
257
- <div class="modal fade" id="edit-role-modal" tabindex="-1" role="dialog">
258
- <div class="modal-dialog modal-sm" role="document">
259
- <div class="modal-content">
260
- <div class="modal-header">
261
- <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
262
- <h4 class="modal-title"><?php echo __('Update Role', AAM_KEY); ?></h4>
263
- </div>
264
- <div class="modal-body">
265
- <div class="form-group">
266
- <label for="new-role-name"><?php echo __('Role Name', AAM_KEY); ?></label>
267
- <input type="text" class="form-control" id="edit-role-name" placeholder="<?php echo __('Enter Role Name', AAM_KEY); ?>" name="name" />
268
- </div>
269
- <?php /* TODO: Rethink this filter */ do_action('aam-edit-role-ui-action'); ?>
270
- </div>
271
- <div class="modal-footer">
272
- <button type="button" class="btn btn-success" id="edit-role-btn"><?php echo __('Update', AAM_KEY); ?></button>
273
- <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
274
- </div>
275
- </div>
276
- </div>
277
- </div>
278
-
279
- <div class="modal fade" id="delete-role-modal" tabindex="-1" role="dialog">
280
- <div class="modal-dialog modal-sm" role="document">
281
- <div class="modal-content">
282
- <div class="modal-header">
283
- <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
284
- <h4 class="modal-title"><?php echo __('Delete Role', AAM_KEY); ?></h4>
285
- </div>
286
- <div class="modal-body">
287
- <p class="text-center aam-confirm-message alert alert-danger" data-message="<?php echo __('Are you sure that you want to delete the %s role?', AAM_KEY); ?>"></p>
288
- </div>
289
- <div class="modal-footer">
290
- <button type="button" class="btn btn-danger" id="delete-role-btn"><?php echo __('Delete', AAM_KEY); ?></button>
291
- <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
292
- </div>
293
- </div>
294
- </div>
295
- </div>
296
- </div>
297
- <?php } ?>
298
- <?php if (current_user_can('aam_manage_users') || current_user_can('list_users')) { ?>
299
- <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="users">
300
- <table id="user-list" class="table table-striped table-bordered">
301
- <thead>
302
- <tr>
303
- <th>ID</th>
304
- <th>Roles</th>
305
- <th width="60%"><?php echo __('Username', AAM_KEY); ?></th>
306
- <th><?php echo __('Action', AAM_KEY); ?></th>
307
- <th>Level</th>
308
- <th>Expiration</th>
309
- </tr>
310
- </thead>
311
- <tbody></tbody>
312
- </table>
313
-
314
- <div class="modal fade" id="edit-user-modal" tabindex="-1" role="dialog">
315
- <div class="modal-dialog" role="document">
316
- <div class="modal-content">
317
- <div class="modal-header">
318
- <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
319
- <h4 class="modal-title"><?php echo __('Manage User', AAM_KEY); ?></h4>
320
- </div>
321
- <div class="modal-body">
322
- <ul class="nav nav-tabs" role="tablist">
323
- <li role="presentation" class="active"><a href="#edit-user-expiration" aria-controls="edit-user-expiration" role="tab" data-toggle="tab">Temporary Access</a></li>
324
- <li role="presentation"><a href="#edit-user-profile" aria-controls="edit-user-profile" role="tab" data-toggle="tab">Edit User</a></li>
325
- </ul>
326
-
327
- <div class="tab-content">
328
- <div role="tabpanel" class="tab-pane active" id="edit-user-expiration">
329
- <p class="aam-info"><?php echo __('Define for how long user can access the website and what action needs to be taken after access expires.', AAM_KEY); ?>
330
-
331
- <div class="form-group aam-bordered">
332
- <div id="user-expiration-datapicker"></div>
333
- <input type="hidden" id="user-expires" />
334
- </div>
335
-
336
- <div class="aam-bordered">
337
- <div class="form-group">
338
- <label><?php echo __('Action After Expiration', AAM_KEY); ?> </label>
339
- <select class="form-control" id="action-after-expiration">
340
- <option value=""><?php echo __('Select Action', AAM_KEY); ?></option>
341
- <option value="logout"><?php echo __('Logout User', AAM_KEY); ?></option>
342
- <option value="delete"><?php echo __('Delete Account', AAM_KEY); ?></option>
343
- <option value="lock"><?php echo __('Lock Account', AAM_KEY); ?></option>
344
- <option value="change-role"><?php echo __('Change User Role', AAM_KEY); ?></option>
345
- </select>
346
- </div>
347
-
348
- <div class="form-group hidden" id="expiration-change-role-holder">
349
- <label><?php echo __('Change To Role', AAM_KEY); ?></label>
350
- <select class="form-control" id="expiration-change-role">
351
- <option value=""><?php echo __('Select Role', AAM_KEY); ?></option>
352
- </select>
353
- </div>
354
- </div>
355
-
356
- <?php if (AAM::api()->getConfig('core.settings.jwtAuthentication', true) && current_user_can('aam_manage_jwt')) { ?>
357
- <div class="form-group aam-bordered aam-outer-top-xs">
358
- <label for="login-url-preview" class="aam-block">
359
- <?php echo __('Login with URL', AAM_KEY); ?>
360
- <a href="#" class="aam-copy-clipboard" data-clipboard-target="#login-url-preview"><?php echo __('Copy to clipboard', AAM_KEY); ?></a>
361
- </label>
362
- <div class="input-group">
363
- <input type="text" class="form-control" id="login-url-preview" data-url="<?php echo add_query_arg('aam-jwt', '%s', site_url()); ?>" value="<?php echo __('Login URL has not been requested', AAM_KEY); ?>" readonly />
364
- <span class="input-group-btn">
365
- <a href="#" class="btn btn-primary" id="request-login-url"><?php echo __('Request URL', AAM_KEY); ?></a>
366
- </span>
367
- <input type="hidden" id="login-jwt" />
368
- </div>
369
- <small><?php echo AAM_Backend_View_Helper::preparePhrase('With this URL user will be automatically logged in until defined date and time. The JWT token associated with URL is [revokable] however not [refreshable].', 'i', 'i'); ?></small>
370
- </div>
371
- <?php } ?>
372
- </div>
373
- <div role="tabpanel" class="tab-pane" id="edit-user-profile">
374
- <p class="aam-info"><?php echo __("To manage user profile, click on the button below.", AAM_KEY); ?></p>
375
- <p class="text-center">
376
- <a href="#" id="edit-user-link" class="btn btn-primary" target="_blank"><?php echo __('Edit User Profile', AAM_KEY); ?></a>
377
- </p>
378
- </div>
379
- </div>
380
- </div>
381
- <div class="modal-footer">
382
- <button type="button" class="btn btn-warning hidden" id="reset-user-expiration-btn"><?php echo __('Reset', AAM_KEY); ?></button>
383
- <button type="button" class="btn btn-success" id="edit-user-expiration-btn"><?php echo __('Save', AAM_KEY); ?></button>
384
- <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
385
- </div>
386
- </div>
387
- </div>
388
- </div>
389
- </div>
390
- <?php } ?>
391
- <?php if (current_user_can('aam_manage_visitors')) { ?>
392
- <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="visitor">
393
- <div class="visitor-message">
394
- <span class="aam-bordered"><?php echo __('Manage access to your website for visitors (any user that is not authenticated)', AAM_KEY); ?>.</span>
395
- <button class="btn btn-primary btn-block" id="manage-visitor"><i class="icon-cog"></i> <?php echo __('Manage Visitors', AAM_KEY); ?></button>
396
- </div>
397
- </div>
398
- <?php } ?>
399
- <?php if (current_user_can('aam_manage_default')) { ?>
400
- <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="default">
401
- <div class="visitor-message">
402
- <span class="aam-bordered"><?php echo __('Manage default access to your website resources for all users, roles and visitor. This includes Administrator role and your user', AAM_KEY); ?>.</span>
403
- <button class="btn btn-danger btn-block" id="manage-default"><i class="icon-cog"></i> <?php echo __('Manage Default Access', AAM_KEY); ?></button>
404
- </div>
405
- </div>
406
- <?php } ?>
407
- <?php if ($active === 0) { ?>
408
- <div role="tabpanel" class="tab-pane active" id="none">
409
- <p class="alert alert-warning"><?php echo __('You are not allowed to manage any of the existing users, roles, visitors or default access settings for all.', AAM_KEY); ?></p>
410
- </div>
411
- <?php } ?>
412
- </div>
413
- </div>
414
- <div class="aam-help-context">
415
- <p class="aam-info aam-hint">
416
- <?php echo AAM_Backend_View_Helper::preparePhrase('Manage access for your users, roles and visitors. Be careful with [Administrator] role as well as your admin user. [Database backup is strongly recommended].', 'b', 'b'); ?>
417
- </p>
418
-
419
- <p class="text-justify">
420
- <strong><i class="icon-users"></i> <?php echo __('Roles', AAM_KEY); ?></strong><br/>
421
- <?php echo __('With Roles tab you can manage access for any defined role, edit role\'s name, create new role or even delete existing (but only when there is no users assigned to it). You are not allowed to delete Administrator role.', AAM_KEY); ?>
422
- </p>
423
-
424
- <p class="text-justify">
425
- <strong><i class="icon-user"></i> <?php echo __('Users', AAM_KEY); ?></strong><br/>
426
- <?php echo __('Manage access for any user. As a bonus feature, you can block user. It means that user will be not able to login to your website anymore.', AAM_KEY); ?>
427
- </p>
428
-
429
- <p class="text-justify">
430
- <strong><i class="icon-user-secret"></i> <?php echo __('Visitor', AAM_KEY); ?></strong><br/>
431
- <?php echo __('Visitor can be considered any user that is not authenticated to your website.', AAM_KEY); ?>
432
- </p>
433
-
434
- <p class="text-justify">
435
- <strong><i class="icon-asterisk"></i> <?php echo __('Default', AAM_KEY); ?></strong><br/>
436
- <?php echo __('Manage default access settings to your website resources for all users, roles and visitors.', AAM_KEY); ?>
437
- </p>
438
- </div>
439
- </div>
440
- </div>
441
- </div>
442
-
443
- <?php do_action('aam-sidebar-ui-action', 'bottom'); ?>
444
- </div>
445
- </div>
446
- </div>
447
- <?php }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/main-panel.phtml DELETED
@@ -1,30 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <?php $features = AAM_Backend_Feature::retrieveList($type); ?>
3
- <div class="row">
4
- <?php if (count($features)) { ?>
5
- <div class="col-xs-12 col-md-4">
6
- <ul class="list-group" id="feature-list">
7
- <?php
8
- foreach ($features as $i => $feature) {
9
- echo '<li class="list-group-item' . (isset($feature->class) ? ' ' . $feature->class : '') . '" data-feature="' . $feature->uid . '">';
10
- echo $feature->title;
11
- echo (empty($feature->notification) ? '' : ' <span class="badge">' . $feature->notification . '</span>');
12
- echo '</li>';
13
- }
14
- ?>
15
- </ul>
16
- </div>
17
- <div class="col-xs-12 col-md-8">
18
- <?php
19
- foreach ($features as $feature) {
20
- echo $feature->view->getContent();
21
- }
22
- ?>
23
- </div>
24
- <?php } else { ?>
25
- <div class="col-xs-12">
26
- <p class="aam-notification text-larger text-center"><?php echo __('You are not allowed to manage any of the existing features.', 'AAM_KEY'); ?></p>
27
- </div>
28
- <?php } ?>
29
- </div>
30
- <?php }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/main/404redirect.phtml DELETED
@@ -1,65 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <div class="aam-feature" id="404redirect-content">
3
- <?php if (AAM_Backend_Subject::getInstance()->getUID() == AAM_Core_Subject_Default::UID) { ?>
4
- <div class="row">
5
- <div class="col-xs-12">
6
- <p class="aam-info">
7
- <?php echo AAM_Backend_View_Helper::preparePhrase('Setup [default] 404 redirect for all none-existing pages.', 'strong'); ?>
8
- </p>
9
- </div>
10
- </div>
11
- <?php } ?>
12
-
13
- <div class="row">
14
- <div class="col-xs-12">
15
- <?php if (AAM_Backend_Subject::getInstance()->getUID() == AAM_Core_Subject_Default::UID) { ?>
16
- <?php $type = AAM_Core_Config::get('frontend.404redirect.type', 'default'); ?>
17
-
18
- <div class="radio">
19
- <input type="radio" name="frontend.404redirect.type" id="frontend-404redirect-default" value="default" data-action="none"<?php echo ($type == 'default' ? ' checked' : ''); ?> />
20
- <label for="frontend-404redirect-default"><?php echo AAM_Backend_View_Helper::preparePhrase('Default WordPress 404 handler', 'small'); ?></label>
21
- </div>
22
- <div class="radio">
23
- <input type="radio" name="frontend.404redirect.type" id="frontend-404redirect-page" data-action="#404redirect-page-action" value="page"<?php echo ($type == 'page' ? ' checked' : ''); ?> />
24
- <label for="frontend-404redirect-page"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to existing page [(select from the drop-down)]', 'small'); ?></label>
25
- </div>
26
- <div class="radio">
27
- <input type="radio" name="frontend.404redirect.type" id="frontend-404redirect-url" data-action="#404redirect-url-action" value="url"<?php echo ($type == 'url' ? ' checked' : ''); ?> />
28
- <label for="frontend-404redirect-url"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to the URL [(enter valid URL starting from http or https)]', 'small'); ?></label>
29
- </div>
30
- <div class="radio">
31
- <input type="radio" name="frontend.404redirect.type" id="frontend-404redirect-callback" data-action="#404redirect-callback-action" value="callback"<?php echo ($type == 'callback' ? ' checked' : ''); ?> />
32
- <label for="frontend-404redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="https://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
33
- </div>
34
-
35
- <div class="form-group aam-404redirect-action" id="404redirect-page-action" style="display: <?php echo ($type == 'page' ? 'block' : 'none'); ?>;">
36
- <label for="frontend-page"><?php echo __('Existing Page', AAM_KEY); ?></label>
37
- <?php
38
- wp_dropdown_pages(array(
39
- 'depth' => 99,
40
- 'selected' => AAM_Core_Config::get('frontend.404redirect.page'),
41
- 'echo' => 1,
42
- 'name' => 'frontend.404redirect.page',
43
- 'id' => '404-redirect-page', // string
44
- 'class' => 'form-control', // string
45
- 'show_option_none' => __('-- Select Page --', AAM_KEY) // string
46
- ));
47
- ?>
48
- </div>
49
-
50
- <div class="form-group aam-404redirect-action" id="404redirect-url-action" style="display: <?php echo ($type == 'url' ? 'block' : 'none'); ?>;">
51
- <label for="frontend-url"><?php echo __('The URL', AAM_KEY); ?></label>
52
- <input type="text" class="form-control" name="frontend.404redirect.url" placeholder="https://" value="<?php echo AAM_Core_Config::get('frontend.404redirect.url'); ?>" />
53
- </div>
54
-
55
- <div class="form-group aam-404redirect-action" id="404redirect-callback-action" style="display: <?php echo ($type == 'callback' ? 'block' : 'none'); ?>;">
56
- <label for="frontend-url"><?php echo __('PHP Callback Function', AAM_KEY); ?></label>
57
- <input type="text" class="form-control" placeholder="Enter valid callback" name="frontend.404redirect.callback" value="<?php echo AAM_Core_Config::get('frontend.404redirect.callback'); ?>" />
58
- </div>
59
- <?php } else { ?>
60
- <p class="alert alert-info text-center"><?php echo AAM_Backend_View_Helper::preparePhrase('You cannot setup 404 redirect for specific user, role or visitors. Switch to [Manage Default Access] and define default 404 redirect for everybody.', 'strong'); ?></p>
61
- <?php } ?>
62
- </div>
63
- </div>
64
- </div>
65
- <?php }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/main/get-started.phtml DELETED
@@ -1,21 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <div class="aam-feature" id="get-started-content">
3
- <div class="row">
4
- <div class="col-xs-12">
5
- <div class="panel panel-default">
6
- <div class="panel-body">
7
- <p class="text-larger"><?php echo __('Appreciate your interest in Advanced Access Manager (aka AAM). With strong knowledge and experience in WordPress, AAM becomes a very powerful tool to manage access to your frontend, backend, and RESTful/XML-PRC APIs.', AAM_KEY); ?></p>
8
- <p class="text-larger"><span class="aam-highlight"><?php echo __('Please Note!', AAM_KEY); ?></span> <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Power comes with responsibility. Make sure you have a good understanding of %sWordPress Roles & Capabilities%s because AAM is very closely integrated with WordPress core. It is also recommended to have a backup of your database before you start working with AAM. There is no need to backup your files; AAM does not modify any physical files on your server and never did.'), '<a href="https://aamplugin.com/article/wordpress-roles-and-capabilities" target="_blank">', '</a>'); ?></p>
9
- <p class="text-larger"><?php echo sprintf(__('AAM was thoroughly tested on the fresh installation of WordPress and in the latest versions of Chrome, Safari, IE, and Firefox. If you have any issues, the most typical cause is a conflict with other plugins or themes. In this case please do not hesitate to contact us directly on our website %saamplugin.com%s', AAM_KEY), '<a href="https://aamplugin.com" target="_blank">', '</a>'); ?></p>
10
- <p class="text-larger"><?php echo sprintf(__('If you are not sure where to start, please check our %s"Get Started"%s page to learn more about core concepts that will definitely help you to manage access to your WordPress website more effectively.', AAM_KEY), '<a href="https://aamplugin.com/get-started" target="_blank">', '</a>'); ?></p>
11
- <p class="text-center">
12
- <a href="https://aamplugin.com/get-started" class="btn btn-primary" target="_blank"><?php echo __('Go To "Get Started" Page', AAM_KEY); ?></a><br/><br/>
13
- <a href="#" class="text-success" id="ack-get-started"><?php echo __('OK, got it', AAM_KEY); ?></a>
14
- </p>
15
- </div>
16
- </div>
17
- </div>
18
- </div>
19
- </div>
20
- <?php
21
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/main/logout-redirect.phtml DELETED
@@ -1,69 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <div class="aam-feature" id="logout_redirect-content">
3
- <div class="row">
4
- <div class="col-xs-12">
5
- <?php if ($this->isDefault()) { ?>
6
- <p class="aam-info">
7
- <?php echo AAM_Backend_View_Helper::preparePhrase('Define the [default] logout redirect for all users and roles.', 'strong'); ?>
8
- </p>
9
- <?php } else { ?>
10
- <p class="aam-info">
11
- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Customize logout redirect for [%s].', 'strong'), AAM_Backend_Subject::getInstance()->getName()); ?>
12
- </p>
13
- <?php } ?>
14
- <div class="aam-overwrite" id="aam-logout-redirect-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
15
- <span><i class="icon-check"></i> Settings are customized</span>
16
- <span><a href="#" id="logout-redirect-reset" class="btn btn-xs btn-primary">Reset To Default</a></span>
17
- </div>
18
- </div>
19
- </div>
20
-
21
- <div class="row">
22
- <div class="col-xs-12">
23
- <?php $type = $this->getOption('logout.redirect.type', 'default'); ?>
24
-
25
- <div class="radio">
26
- <input type="radio" name="logout.redirect.type" id="logout-redirect-default" data-action="#default-redirect-action" value="default"<?php echo ($type == 'default' ? ' checked' : ''); ?> />
27
- <label for="logout-redirect-default"><?php echo __('WordPress default behavior', AAM_KEY); ?></label>
28
- </div>
29
- <div class="radio">
30
- <input type="radio" name="logout.redirect.type" id="logout-redirect-page" data-action="#page-logout-redirect-action" value="page"<?php echo ($type == 'page' ? ' checked' : ''); ?> />
31
- <label for="logout-redirect-page"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to existing page [(select from the drop-down)]', 'small'); ?></label>
32
- </div>
33
- <div class="radio">
34
- <input type="radio" name="logout.redirect.type" id="logout-redirect-url" data-action="#url-logout-redirect-action" value="url"<?php echo ($type == 'url' ? ' checked' : ''); ?> />
35
- <label for="logout-redirect-url"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to the URL [(enter full URL starting from http or https)]', 'small'); ?></label>
36
- </div>
37
- <div class="radio">
38
- <input type="radio" name="logout.redirect.type" id="logout-redirect-callback" data-action="#callback-logout-redirect-action" value="callback"<?php echo ($type == 'callback' ? ' checked' : ''); ?> />
39
- <label for="logout-redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="https://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
40
- </div>
41
-
42
- <div class="form-group logout-redirect-action" id="page-logout-redirect-action" style="display: <?php echo ($type == 'page' ? 'block' : 'none'); ?>;">
43
- <label><?php echo __('Existing Page', AAM_KEY); ?></label>
44
- <?php
45
- wp_dropdown_pages(array(
46
- 'depth' => 99,
47
- 'selected' => $this->getOption('logout.redirect.page'),
48
- 'echo' => 1,
49
- 'name' => 'logout.redirect.page',
50
- 'id' => 'logout-redirect-page', // string
51
- 'class' => 'form-control', // string
52
- 'show_option_none' => __('-- Select Page --', AAM_KEY) // string
53
- ));
54
- ?>
55
- </div>
56
-
57
- <div class="form-group logout-redirect-action" id="url-logout-redirect-action" style="display: <?php echo ($type == 'url' ? 'block' : 'none'); ?>;">
58
- <label><?php echo __('The URL', AAM_KEY); ?></label>
59
- <input type="text" class="form-control" name="logout.redirect.url" placeholder="https://" value="<?php echo $this->getOption('logout.redirect.url'); ?>" />
60
- </div>
61
-
62
- <div class="form-group logout-redirect-action" id="callback-logout-redirect-action" style="display: <?php echo ($type == 'callback' ? 'block' : 'none'); ?>;">
63
- <label><?php echo __('PHP Callback Function', AAM_KEY); ?></label>
64
- <input type="text" class="form-control" placeholder="Enter valid callback" name="logout.redirect.callback" value="<?php echo $this->getOption('logout.redirect.callback'); ?>" />
65
- </div>
66
- </div>
67
- </div>
68
- </div>
69
- <?php }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/main/metabox.phtml DELETED
@@ -1,113 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <div class="aam-feature" id="metabox-content">
3
- <div class="row">
4
- <div class="col-xs-12">
5
- <p class="aam-info">
6
- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Hide unnecessary or restricted metaboxes and widgets for [%s]. For more information please check %sHow to hide WordPress metaboxes and widgets%s.', 'b', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/how-to-hide-wordpress-metaboxes-and-widgets" target="_blank">', '</a>'); ?>
7
- </p>
8
- </div>
9
- </div>
10
-
11
- <div class="aam-feature-top-actions text-right">
12
- <a href="#" class="btn btn-xs btn-primary" id="refresh-metabox-list"><i class="icon-arrows-cw"></i> <?php echo __('Refresh', AAM_KEY); ?></a>
13
- <a href="#init-url-modal" class="btn btn-xs btn-primary" data-toggle="modal"><i class="icon-link"></i> <?php echo __('Init URL', AAM_KEY); ?></a>
14
- </div>
15
-
16
- <div class="row">
17
- <div class="col-xs-12">
18
- <div class="aam-overwrite" id="aam-metabox-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
19
- <span><i class="icon-check"></i> <?php echo __('Settings are customized', AAM_KEY); ?></span>
20
- <span><a href="#" id="metabox-reset" class="btn btn-xs btn-primary"><?php echo __('Reset To Default', AAM_KEY); ?></a>
21
- </div>
22
- </div>
23
- </div>
24
-
25
- <?php
26
- global $wp_post_types;
27
-
28
- $first = false;
29
- $object = AAM_Backend_Subject::getInstance()->getObject('metabox');
30
- $metaboxList = $this->getMetaboxList();
31
- ?>
32
-
33
- <?php if (!empty($metaboxList)) { ?>
34
- <div class="panel-group" id="metabox-list" role="tablist">
35
- <?php foreach ($metaboxList as $screen => $metaboxes) { ?>
36
- <div class="panel panel-default">
37
- <div class="panel-heading" role="tab" id="group-<?php echo $screen; ?>-heading">
38
- <h4 class="panel-title">
39
- <a role="button" data-toggle="collapse" data-parent="#metabox-list" href="#group-<?php echo $screen; ?>" aria-controls="group-<?php echo $screen; ?>" <?php if (!$first) { echo 'aria-expanded="true"'; } ?>>
40
- <?php
41
- switch ($screen) {
42
- case 'dashboard':
43
- echo __('Dashboard Widgets', AAM_KEY);
44
- break;
45
-
46
- case 'widgets':
47
- echo AAM_Backend_View_Helper::preparePhrase('Frontend Widgets [(including Appearance->Widgets)]', 'small');
48
- break;
49
-
50
- default:
51
- echo $wp_post_types[$screen]->labels->name;
52
- break;
53
- }
54
- ?>
55
- </a>
56
- </h4>
57
- </div>
58
- <div id="group-<?php echo $screen; ?>" class="panel-collapse collapse<?php if (!$first) { echo ' in'; $first = true; } ?>" role="tabpanel" aria-labelledby="group-<?php echo $screen; ?>-heading">
59
- <div class="panel-body">
60
- <div class="row">
61
- <?php foreach ($metaboxes as $metabox) { ?>
62
- <div class="col-xs-12 col-md-6 aam-submenu-item">
63
- <label for="metabox-<?php echo $screen; ?>-<?php echo $metabox['id']; ?>">
64
- <?php echo $metabox['title']; ?>
65
- <small class="aam-metabox-details"><?php echo __('Screen ID:', AAM_KEY); ?> <b><?php echo $screen; ?></b></small>
66
- <small class="aam-metabox-details"><?php echo __('ID:', AAM_KEY); ?> <b><?php echo crc32($screen . '|' . $metabox['id']); ?></b></small>
67
- </label>
68
- <input type="checkbox" class="aam-checkbox-danger" id="metabox-<?php echo $screen; ?>-<?php echo $metabox['id']; ?>" data-metabox="<?php echo $screen; ?>|<?php echo $metabox['id']; ?>"<?php echo ($object->has($screen, $metabox['id']) ? ' checked="checked"' : ''); ?> />
69
- <label for="metabox-<?php echo $screen; ?>-<?php echo $metabox['id']; ?>" data-toggle="tooltip" title="<?php echo ($object->has($screen, $metabox['id']) ? __('Uncheck to show', AAM_KEY) : __('Check to hide', AAM_KEY)); ?>"></label>
70
- </div>
71
- <?php } ?>
72
- </div>
73
- </div>
74
- </div>
75
- </div>
76
- <?php } ?>
77
- </div>
78
- <?php } else { ?>
79
- <div class="row">
80
- <div class="col-xs-12 text-center">
81
- <p class="alert alert-info text-larger">
82
- <?php echo __('The list is not initialized. Click Refresh button above.', AAM_KEY); ?>
83
- </p>
84
- </div>
85
- </div>
86
- <?php } ?>
87
-
88
- <div class="modal fade" id="init-url-modal" tabindex="-1" role="dialog">
89
- <div class="modal-dialog" role="document">
90
- <div class="modal-content">
91
- <div class="modal-header">
92
- <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
93
- <h4 class="modal-title"><?php echo __('Initialize URL', AAM_KEY); ?></h4>
94
- </div>
95
- <div class="modal-body">
96
- <p class="aam-info">
97
- <?php echo __('Some metaboxes are "conditional" and appear on the Edit screen when certain conditions are met. For example metabox "Comments" appears only for existing page and not for new page. If you do not see a desired metabox, try to copy & paste the full URL to the backend page where that metabox appears.'); ?>
98
- </p>
99
- <div class="form-group">
100
- <label><?php echo __('Backend page URL', AAM_KEY); ?></label>
101
- <input type="text" class="form-control" id="init-url" placeholder="<?php echo __('Insert valid URL', AAM_KEY); ?>" />
102
- </div>
103
- </div>
104
- <div class="modal-footer">
105
- <button type="button" class="btn btn-success" id="init-url-btn"><?php echo __('Initialize', AAM_KEY); ?></button>
106
- <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
107
- </div>
108
- </div>
109
- </div>
110
- </div>
111
-
112
- </div>
113
- <?php }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/main/post.phtml DELETED
@@ -1,91 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <div class="aam-feature" id="post-content">
3
- <?php if (!defined('AAM_PLUS_PACKAGE')) { ?>
4
- <div class="row">
5
- <div class="col-xs-12">
6
- <p class="aam-notification">
7
- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('You are allowed to manage access to unlimited number of posts, pages or custom post types but only for any role, user or visitor. Consider to purchase %s[AAM Plus Package]%s extension to have the ability to also manage access to categories and custom taxonomies or to define the default access to all posts, pages or custom post types. For more information about this functionality check %sHow to manage access to the WordPress content%s.', 'b'), '<a href="https://aamplugin.com/extension/plus-package" target="_blank">', '</a>', '<a href="https://aamplugin.com/article/manage-access-to-the-wordpress-posts-and-terms" target="_blank">', '</a>'); ?>
8
- </p>
9
- </div>
10
- </div>
11
- <?php } else { ?>
12
- <div class="row">
13
- <div class="col-xs-12">
14
- <p class="aam-info">
15
- <?php echo sprintf(__('Manage access to posts, pages, custom post types, categories or custom hierarchical taxonomies. For more information about this functionality check %sManage access to the WordPress Posts and Terms%s article.'), '<a href="https://aamplugin.com/article/manage-access-to-the-wordpress-posts-and-terms" target="_blank">', '</a>'); ?>
16
- </p>
17
- </div>
18
- </div>
19
- <?php } ?>
20
-
21
- <?php if (defined('AAM_PLUS_PACKAGE') || AAM_Backend_Subject::getInstance()->getUID() != AAM_Core_Subject_Default::UID) { ?>
22
- <?php $current = $this->getCurrentObject();?>
23
-
24
- <div class="aam-post-breadcrumb">
25
- <a href="#" data-level="root"><i class="icon-home"></i> <?php echo __('Root', AAM_KEY); ?></a>
26
- <?php if ($current->id) { ?>
27
- <span>
28
- <i class="icon-angle-double-right"></i>
29
- <?php echo ($current->type == 'post' ? $current->post->post_title : $current->term->name); ?>
30
- </span>
31
- <?php } ?>
32
- </div>
33
-
34
- <div class="aam-overwrite hidden" id="post-overwritten">
35
- <span><i class="icon-check"></i> <?php echo __('Settings are customized', AAM_KEY); ?></span>
36
- <span><a href="#" id="post-reset" class="btn btn-xs btn-primary"><?php echo __('Reset To Default', AAM_KEY); ?></a></span>
37
- </div>
38
-
39
- <?php if ($current->id) { ?>
40
- <input type="hidden" id="load-post-object" value="<?php echo ($current->type == 'post' ? $current->post->ID : $current->term->term_id); ?>" />
41
- <input type="hidden" id="load-post-object-type" value="<?php echo $current->type; ?>" />
42
- <?php } ?>
43
-
44
- <div class="aam-container">
45
- <table id="post-list" class="table table-striped table-bordered">
46
- <thead>
47
- <tr>
48
- <th>ID</th>
49
- <th>Link</th>
50
- <th width="5%">&nbsp;</th>
51
- <th width="75%"><?php echo __('Title', AAM_KEY); ?></th>
52
- <th><?php echo __('Actions', AAM_KEY); ?></th>
53
- <th>Parent</th>
54
- <th>Overwritten</th>
55
- </tr>
56
- </thead>
57
- <tbody></tbody>
58
- </table>
59
-
60
- <div class="aam-slide-form aam-access-form" data-type="type">
61
- <a href="#" class="btn btn-xs btn-primary post-back btn-right">&Lt; <?php echo __('Go Back', AAM_KEY); ?></a>
62
- <span class="aam-clear"></span>
63
- <?php /* TODO: Rethink this filter */ echo apply_filters('aam-post-type-ui-filter', AAM_Backend_View::getInstance()->loadPartial('post-type.phtml')); ?>
64
- <a href="#" class="btn btn-xs btn-primary post-back">&Lt; <?php echo __('Go Back', AAM_KEY); ?></a>
65
- </div>
66
-
67
- <div class="aam-slide-form aam-access-form" data-type="term">
68
- <a href="#" class="btn btn-xs btn-primary post-back btn-right">&Lt; <?php echo __('Go Back', AAM_KEY); ?></a>
69
- <span class="aam-clear"></span>
70
- <?php /* TODO: Rethink this filter */ echo apply_filters('aam-term-type-ui-filter', AAM_Backend_View::getInstance()->loadPartial('term-type.phtml')); ?>
71
- <a href="#" class="btn btn-xs btn-primary post-back">&Lt; <?php echo __('Go Back', AAM_KEY); ?></a>
72
- </div>
73
-
74
- <?php $frontendOptions = $this->getAccessOptionList('frontend'); ?>
75
- <?php $backendOptions = $this->getAccessOptionList('backend'); ?>
76
- <?php $apiOptions = $this->getAccessOptionList('api'); ?>
77
-
78
- <div class="aam-slide-form aam-access-form" data-type="post">
79
- <a href="#" class="btn btn-xs btn-primary post-back btn-right">&Lt; <?php echo __('Go Back', AAM_KEY); ?></a>
80
- <span class="aam-clear"></span>
81
-
82
- <?php echo $this->renderAccessForm(); ?>
83
-
84
- <a href="#" class="btn btn-xs btn-primary post-back">&Lt; <?php echo __('Go Back', AAM_KEY); ?></a>
85
- </div>
86
- </div>
87
- <?php } ?>
88
-
89
- <?php require dirname(__FILE__) . '/../partial/post-advanced-settings.phtml'; ?>
90
- </div>
91
- <?php }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/main/toolbar.phtml DELETED
@@ -1,94 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <div class="aam-feature" id="toolbar-content">
3
- <div class="row">
4
- <div class="col-xs-12">
5
- <p class="aam-info">
6
- <?php echo AAM_Backend_View_Helper::preparePhrase('[Note!] Admin Toolbar feature is not intended to restrict direct access to URLs and should be used only to remove unnecessary items from the top admin toolbar. Use [Backend Menu] tab to restrict direct access to backend pages or utilize the great power of roles and capabilities.', 'b', 'b'); ?>
7
- </p>
8
- </div>
9
- </div>
10
-
11
- <div class="row">
12
- <div class="col-xs-12">
13
- <div class="aam-overwrite" id="aam-toolbar-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
14
- <span><i class="icon-check"></i> <?php echo __('Settings are customized', AAM_KEY); ?></span>
15
- <span><a href="#" id="toolbar-reset" class="btn btn-xs btn-primary"><?php echo __('Reset To Default', AAM_KEY); ?></a>
16
- </div>
17
- </div>
18
- </div>
19
-
20
- <div class="panel-group" id="toolbar-list" role="tablist" aria-multiselectable="true">
21
- <?php
22
- $first = false;
23
- $toolbar = $this->getToolbar();
24
- $object = AAM_Backend_Subject::getInstance()->getObject('toolbar');
25
-
26
- if (!empty($toolbar)) { ?>
27
- <?php foreach ($toolbar as $i => $branch) { ?>
28
- <div class="panel panel-default">
29
- <div class="panel-heading" role="tab" id="toolbar-<?php echo $branch->id; ?>-heading">
30
- <h4 class="panel-title">
31
- <a role="button" data-toggle="collapse" data-parent="#toolbar-list" href="#toolbar-<?php echo $branch->id; ?>" aria-controls="toolbar-<?php echo $branch->id; ?>" <?php if (!$first) { echo 'aria-expanded="true"'; } ?>>
32
- <?php echo $this->normalizeTitle($branch); ?> <small class="aam-menu-capability"><?php echo str_replace(site_url(), '', $branch->href); ?></small>
33
- </a>
34
- <?php if ($object->has('toolbar-' . $branch->id)) { ?>
35
- <i class="aam-panel-title-icon icon-eye-off text-danger"></i>
36
- <?php } ?>
37
- </h4>
38
- </div>
39
-
40
- <div id="toolbar-<?php echo $branch->id; ?>" class="panel-collapse collapse<?php if (!$first) { echo ' in'; $first = true; } ?>" role="tabpanel" aria-labelledby="toolbar-<?php echo $branch->id; ?>-heading">
41
- <div class="panel-body">
42
- <div class="row aam-inner-tab">
43
- <div class="col-xs-12 text-center">
44
- <small class="aam-menu-capability"><?php echo __('Menu ID:', AAM_KEY); ?> <b><?php echo $branch->id; ?></b></small>
45
- </div>
46
- </div>
47
- <hr class="aam-divider" />
48
- <?php if (!empty($branch->children)) { ?>
49
- <div class="row aam-inner-tab">
50
- <?php echo ($object->has('toolbar-' . $branch->id) ? '<div class="aam-lock"></div>' : ''); ?>
51
- <?php foreach($this->getAllChildren($branch) as $child) { ?>
52
- <div class="col-xs-12 aam-submenu-item">
53
- <label for="toolbar-<?php echo $child->id; ?>">
54
- <?php echo $this->normalizeTitle($child); ?>
55
- <small class="aam-menu-capability"><?php echo __('URI:', AAM_KEY); ?> <b><?php echo str_replace(site_url(), '', $child->href); ?></b></small>
56
- <small class="aam-menu-capability"><?php echo __('ID:', AAM_KEY); ?> <b><?php echo esc_js($child->id); ?></b></small>
57
- </label>
58
- <input type="checkbox" class="aam-checkbox-danger" id="toolbar-<?php echo $child->id; ?>" data-toolbar="<?php echo $child->id; ?>"<?php echo ($object->has($child->id) ? ' checked="checked"' : ''); ?> />
59
- <label for="toolbar-<?php echo $child->id; ?>" data-toggle="tooltip" title="<?php echo ($object->has($child->id) ? __('Uncheck to allow', AAM_KEY) : __('Check to restrict', AAM_KEY)); ?>"></label>
60
- </div>
61
- <?php } ?>
62
- </div>
63
- <hr class="aam-divider" />
64
- <?php } ?>
65
- <div class="row<?php echo (!empty($branch->children) ? ' aam-margin-top-xs' : ''); ?>">
66
- <div class="col-xs-10 col-md-6 col-xs-offset-1 col-md-offset-3">
67
- <?php if ($object->has('toolbar-' . $branch->id)) { ?>
68
- <a href="#" class="btn btn-primary btn-sm btn-block aam-restrict-toolbar" data-toolbar="toolbar-<?php echo $branch->id; ?>" data-target="#toolbar-<?php echo $branch->id; ?>">
69
- <i class="icon-eye"></i> <?php echo __('Show Menu', AAM_KEY); ?>
70
- </a>
71
- <?php } else { ?>
72
- <a href="#" class="btn btn-danger btn-sm btn-block aam-restrict-toolbar" data-toolbar="toolbar-<?php echo $branch->id; ?>" data-target="#toolbar-<?php echo $branch->id; ?>">
73
- <i class="icon-eye-off"></i> <?php echo __('Restrict Menu', AAM_KEY); ?>
74
- </a>
75
- <?php } ?>
76
- </div>
77
- </div>
78
- </div>
79
- </div>
80
- </div>
81
- <?php } ?>
82
- <?php } else { ?>
83
- <div class="row">
84
- <div class="col-xs-12">
85
- <p class="aam-info">
86
- <?php echo __('The list of top admin bar items is not initialized. Click "Refresh" button above.', AAM_KEY); ?>
87
- </p>
88
- </div>
89
- </div>
90
- <?php }
91
- ?>
92
- </div>
93
- </div>
94
- <?php }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/metabox/metabox-content.phtml DELETED
@@ -1,178 +0,0 @@
1
- <?php
2
-
3
- if (get_current_screen() === null) {
4
- set_current_screen();
5
- }
6
-
7
- if (defined('AAM_KEY')) {
8
- ?>
9
- <!DOCTYPE html>
10
- <html xmlns="https://www.w3.org/1999/xhtml" lang="en-US">
11
- <head>
12
- <title>Post Access</title>
13
-
14
- <meta charset="UTF-8" />
15
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
16
- <meta name="viewport" content="width=device-width, initial-scale=1.0" />
17
-
18
- <link rel='stylesheet' href='<?php echo AAM_MEDIA; ?>/css/bootstrap.min.css' type='text/css' media='all' />
19
- <link rel='stylesheet' href='<?php echo AAM_MEDIA; ?>/css/datatables.min.css' type='text/css' media='all' />
20
- <link rel='stylesheet' href='<?php echo AAM_MEDIA; ?>/css/aam.css' type='text/css' media='all' />
21
-
22
- <?php do_action('admin_print_scripts'); ?>
23
-
24
- <?php $object = AAM_Backend_Feature_Main_Post::getCurrentObject(); ?>
25
- </head>
26
-
27
- <body id="aam-container">
28
- <div class="row" style="margin: 10px 0 0 0;">
29
- <div class="col-sm-4" style="padding: 0;">
30
- <div class="panel panel-default" style="border-radius:0;">
31
- <div class="panel-body">
32
- <ul class="nav nav-tabs" role="tablist">
33
- <?php $active = 0; ?>
34
- <?php if (current_user_can('aam_manage_roles') || current_user_can('aam_list_roles')) { ?>
35
- <li role="presentation"<?php echo (!$active++ ? ' class="active"' : ''); ?>><a href="#roles" aria-controls="roles" role="tab" data-toggle="tab"><i class="icon-users" data-toggle="tooltip" data-placement="top" title="Roles"></i></a></li>
36
- <?php } ?>
37
- <?php if (current_user_can('aam_manage_users')) { ?>
38
- <li role="presentation"<?php echo (!$active++ ? ' class="active"' : ''); ?>><a href="#users" aria-controls="users" role="tab" data-toggle="tab"><i class="icon-user" data-toggle="tooltip" data-placement="top" title="Users"></i></a></li>
39
- <?php } ?>
40
- <?php if (current_user_can('aam_manage_visitors')) { ?>
41
- <li role="presentation"<?php echo (!$active++ ? ' class="active"' : ''); ?>><a href="#visitor" aria-controls="visitor" role="tab" data-toggle="tab"><i class="icon-user-secret" data-toggle="tooltip" data-placement="top" title="Visitor"></i></a></li>
42
- <?php } ?>
43
- <?php if (current_user_can('aam_manage_default')) { ?>
44
- <li role="presentation"<?php echo (!$active++ ? ' class="active"' : ''); ?>><a href="#default" aria-controls="default" role="tab" data-toggle="tab" class="text-danger"><i class="icon-asterisk" data-toggle="tooltip" data-placement="top" title="Default"></i></a></li>
45
- <?php } ?>
46
- </ul>
47
- <div class="tab-content">
48
- <?php $active = 0; ?>
49
- <?php if (current_user_can('aam_manage_roles') || current_user_can('aam_list_roles')) { ?>
50
- <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="roles">
51
- <table id="role-list" class="table table-striped table-bordered">
52
- <thead>
53
- <tr>
54
- <th>ID</th>
55
- <th>Users</th>
56
- <th width="80%"><?php echo __('Role', AAM_KEY); ?></th>
57
- <th>&nbsp;</th>
58
- <th>Level</th>
59
- </tr>
60
- </thead>
61
- <tbody></tbody>
62
- </table>
63
- </div>
64
- <?php } ?>
65
- <?php if (current_user_can('aam_manage_users') || current_user_can('list_users')) { ?>
66
- <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="users">
67
- <table id="user-list" class="table table-striped table-bordered">
68
- <thead>
69
- <tr>
70
- <th>ID</th>
71
- <th>Roles</th>
72
- <th width="80%"><?php echo __('Username', AAM_KEY); ?></th>
73
- <th>&nbsp;</th>
74
- <th>Level</th>
75
- </tr>
76
- </thead>
77
- <tbody></tbody>
78
- </table>
79
- </div>
80
- <?php } ?>
81
- <?php if (current_user_can('aam_manage_visitors')) { ?>
82
- <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="visitor">
83
- <div class="visitor-message">
84
- <?php if (AAM_Core_Request::get('aamframe') !== 'principal') { ?>
85
- <span class="aam-bordered"><?php echo sprintf(__('Manage access to %s for visitors (any user that is not authenticated)', AAM_KEY), '<b>' . ($object->type == 'post' ? $object->post->post_title : $object->term->name) . '</b>'); ?>.</span>
86
- <button class="btn btn-primary btn-block" id="manage-visitor"><i class="icon-cog"></i> <?php echo __('Manage Visitors', AAM_KEY); ?></button>
87
- <?php } else { ?>
88
- <span class="aam-bordered"><?php echo __('Attach current access &amp; security policy to visitors (any user that is not authenticated)', AAM_KEY); ?>.</span>
89
- <?php
90
- $visitor = new AAM_Core_Subject_Visitor();
91
- $hasPolicy = $visitor->getObject('policy')->has($object->id);
92
- $btnStatus = AAM_Core_Policy_Factory::get()->canTogglePolicy($object->id, ($hasPolicy ? 'detach' : 'attach'));
93
- ?>
94
- <?php if ($hasPolicy) { ?>
95
- <button class="btn btn-primary btn-block" id="attach-policy-visitor" data-has="1"<?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Detach Policy From Visitors', AAM_KEY); ?></button>
96
- <?php } else { ?>
97
- <button class="btn btn-primary btn-block" id="attach-policy-visitor" data-has="0"<?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Attach Policy To Visitors', AAM_KEY); ?></button>
98
- <?php } ?>
99
- <?php } ?>
100
- </div>
101
- </div>
102
- <?php } ?>
103
- <?php if (current_user_can('aam_manage_default')) { ?>
104
- <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="default">
105
- <div class="visitor-message">
106
- <?php if (AAM_Core_Request::get('aamframe') !== 'principal') { ?>
107
- <span class="aam-bordered"><?php echo sprintf(__('Manage default access to %s for all users, roles and visitor. This includes Administrator role and yourself', AAM_KEY), '<b>' . ($object->type == 'post' ? $object->post->post_title : $object->term->name) . '</b>'); ?>.</span>
108
- <?php } else { ?>
109
- <span class="aam-bordered"><?php echo __('Attach current access &amp; security policy to all users, roles and visitors. This includes Administrator role and yourself', AAM_KEY); ?>.</span>
110
- <?php } ?>
111
- <?php if (defined('AAM_PLUS_PACKAGE')) { ?>
112
- <?php if (AAM_Core_Request::get('aamframe') !== 'principal') { ?>
113
- <button class="btn btn-danger btn-block" id="manage-default"><i class="icon-cog"></i> <?php echo __('Manage Default Access', AAM_KEY); ?></button>
114
- <?php } else { ?>
115
- <?php
116
- $default = new AAM_Core_Subject_Default();
117
- $hasPolicy = $default->getObject('policy')->has($object->id);
118
- $btnStatus = AAM_Core_Policy_Factory::get()->canTogglePolicy($object->id, ($hasPolicy ? 'detach' : 'attach'));
119
- ?>
120
- <?php if ($hasPolicy) { ?>
121
- <button class="btn btn-danger btn-block" id="attach-policy-default" data-has="1"<?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Detach Policy From Everybody', AAM_KEY); ?></button>
122
- <?php } else { ?>
123
- <button class="btn btn-danger btn-block" id="attach-policy-default" data-has="0"<?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Attach Policy To Everybody', AAM_KEY); ?></button>
124
- <?php } ?>
125
- <?php } ?>
126
- <?php } else { ?>
127
- <p class="aam-notification">
128
- <?php echo AAM_Backend_View_Helper::preparePhrase('This feature is allowed only with [AAM Plus Package] extension.', 'b'); ?>
129
- </p>
130
- <?php } ?>
131
- </div>
132
- </div>
133
- <?php } ?>
134
- </div>
135
- </div>
136
- </div>
137
- </div>
138
-
139
- <?php if (AAM_Core_Request::get('aamframe') !== 'principal') { ?>
140
- <div class="col-sm-8" id="post-content">
141
- <div class="aam-overwrite hidden" id="post-overwritten">
142
- <span><i class="icon-check"></i> <?php echo __('Settings are customized', AAM_KEY); ?></span>
143
- <span><a href="#" id="post-reset" class="btn btn-xs btn-primary" style="margin-top: -4px;"><?php echo __('Reset To Default', AAM_KEY); ?></a></span>
144
- </div>
145
-
146
- <?php if ($object->id) { ?>
147
- <input type="hidden" id="load-post-object" value="<?php echo ($object->type == 'post' ? $object->post->ID : $object->term->term_id . '|' . $object->term->taxonomy); ?>" />
148
- <input type="hidden" id="load-post-object-type" value="<?php echo $object->type; ?>" />
149
- <input type="hidden" id="load-post-object-title" value="<?php echo ($object->type == 'post' ? $object->post->post_title : $object->term->name); ?>" />
150
- <?php } ?>
151
-
152
- <div class="aam-access-form" data-type="<?php echo $object->type; ?>">
153
- <div id="metabox-post-access-form">
154
- <?php if ($object->type == 'post') { ?>
155
- <?php echo AAM_Backend_Feature_Main_Post::renderAccessForm(); ?>
156
- <?php } else {
157
- /* TODO: Rethink this filter */ echo apply_filters('aam-term-type-ui-filter', AAM_Backend_View::getInstance()->loadPartial('term-type.phtml'));
158
- } ?>
159
- </div>
160
- <div class="aam-overlay"></div>
161
- </div>
162
-
163
- <?php require AAM_BASEDIR . '/application/Backend/phtml/partial/post-advanced-settings.phtml'; ?>
164
- </div>
165
- <?php } ?>
166
- </div>
167
-
168
- <?php if (AAM_Core_Request::get('aamframe') !== 'principal') { ?>
169
- <p style="margin: 5px; text-align: left; font-size: 0.9em;">
170
- <b>Please help us</b> and submit your review <a href="https://wordpress.org/support/plugin/advanced-access-manager/reviews/" target="_blank"><i class="icon-star"></i><i class="icon-star"></i><i class="icon-star"></i><i class="icon-star"></i><i class="icon-star"></i></a>
171
- </p>
172
- <?php } ?>
173
-
174
- <input type="hidden" id="object-id" value="<?php echo $object->id; ?>" />
175
-
176
- </body>
177
- </html>
178
- <?php }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/metabox/policy-metabox.phtml DELETED
@@ -1,427 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <div>
3
- <style type="text/css">
4
- /* CODEMIRROR CSS RULES */
5
- /* BASICS */
6
-
7
- .CodeMirror {
8
- /* Set height, width, borders, and global font properties here */
9
- font-family: monospace;
10
- height: 300px;
11
- color: black;
12
- direction: ltr;
13
- border: 1px solid #EEEEEE;
14
- padding: 5px;
15
- }
16
-
17
- /* PADDING */
18
-
19
- .CodeMirror-lines {
20
- padding: 4px 0; /* Vertical padding around content */
21
- }
22
- .CodeMirror pre {
23
- padding: 0 4px; /* Horizontal padding of content */
24
- }
25
-
26
- .CodeMirror-scrollbar-filler, .CodeMirror-gutter-filler {
27
- background-color: white; /* The little square between H and V scrollbars */
28
- }
29
-
30
- /* GUTTER */
31
-
32
- .CodeMirror-gutters {
33
- white-space: nowrap;
34
- }
35
- .CodeMirror-linenumbers {}
36
- .CodeMirror-linenumber {
37
- padding: 0 3px 0 0px;
38
- min-width: 15px;
39
- text-align: right;
40
- color: #999;
41
- white-space: nowrap;
42
- }
43
-
44
- .CodeMirror-guttermarker { color: black; }
45
- .CodeMirror-guttermarker-subtle { color: #999; }
46
-
47
- /* CURSOR */
48
-
49
- .CodeMirror-cursor {
50
- border-left: 1px solid black;
51
- border-right: none;
52
- width: 0;
53
- }
54
- /* Shown when moving in bi-directional text */
55
- .CodeMirror div.CodeMirror-secondarycursor {
56
- border-left: 1px solid silver;
57
- }
58
- .cm-fat-cursor .CodeMirror-cursor {
59
- width: auto;
60
- border: 0 !important;
61
- background: #7e7;
62
- }
63
- .cm-fat-cursor div.CodeMirror-cursors {
64
- z-index: 1;
65
- }
66
- .cm-fat-cursor-mark {
67
- background-color: rgba(20, 255, 20, 0.5);
68
- -webkit-animation: blink 1.06s steps(1) infinite;
69
- -moz-animation: blink 1.06s steps(1) infinite;
70
- animation: blink 1.06s steps(1) infinite;
71
- }
72
- .cm-animate-fat-cursor {
73
- width: auto;
74
- border: 0;
75
- -webkit-animation: blink 1.06s steps(1) infinite;
76
- -moz-animation: blink 1.06s steps(1) infinite;
77
- animation: blink 1.06s steps(1) infinite;
78
- background-color: #7e7;
79
- }
80
- @-moz-keyframes blink {
81
- 0% {}
82
- 50% { background-color: transparent; }
83
- 100% {}
84
- }
85
- @-webkit-keyframes blink {
86
- 0% {}
87
- 50% { background-color: transparent; }
88
- 100% {}
89
- }
90
- @keyframes blink {
91
- 0% {}
92
- 50% { background-color: transparent; }
93
- 100% {}
94
- }
95
-
96
- /* Can style cursor different in overwrite (non-insert) mode */
97
- .CodeMirror-overwrite .CodeMirror-cursor {}
98
-
99
- .cm-tab { display: inline-block; text-decoration: inherit; }
100
-
101
- .CodeMirror-rulers {
102
- position: absolute;
103
- left: 0; right: 0; top: -50px; bottom: -20px;
104
- overflow: hidden;
105
- }
106
- .CodeMirror-ruler {
107
- border-left: 1px solid #ccc;
108
- top: 0; bottom: 0;
109
- position: absolute;
110
- }
111
-
112
- /* DEFAULT THEME */
113
-
114
- .cm-s-default .cm-header {color: blue;}
115
- .cm-s-default .cm-quote {color: #090;}
116
- .cm-negative {color: #d44;}
117
- .cm-positive {color: #292;}
118
- .cm-header, .cm-strong {font-weight: bold;}
119
- .cm-em {font-style: italic;}
120
- .cm-link {text-decoration: underline;}
121
- .cm-strikethrough {text-decoration: line-through;}
122
-
123
- .cm-s-default .cm-keyword {color: #708;}
124
- .cm-s-default .cm-atom {color: #219;}
125
- .cm-s-default .cm-number {color: #164;}
126
- .cm-s-default .cm-def {color: #00f;}
127
- .cm-s-default .cm-variable,
128
- .cm-s-default .cm-punctuation,
129
- .cm-s-default .cm-property,
130
- .cm-s-default .cm-operator {}
131
- .cm-s-default .cm-variable-2 {color: #05a;}
132
- .cm-s-default .cm-variable-3, .cm-s-default .cm-type {color: #085;}
133
- .cm-s-default .cm-comment {color: #a50;}
134
- .cm-s-default .cm-string {color: #a11;}
135
- .cm-s-default .cm-string-2 {color: #f50;}
136
- .cm-s-default .cm-meta {color: #555;}
137
- .cm-s-default .cm-qualifier {color: #555;}
138
- .cm-s-default .cm-builtin {color: #30a;}
139
- .cm-s-default .cm-bracket {color: #997;}
140
- .cm-s-default .cm-tag {color: #170;}
141
- .cm-s-default .cm-attribute {color: #00c;}
142
- .cm-s-default .cm-hr {color: #999;}
143
- .cm-s-default .cm-link {color: #00c;}
144
-
145
- .cm-s-default .cm-error {color: #f00;}
146
- .cm-invalidchar {color: #f00;}
147
-
148
- .CodeMirror-composing { border-bottom: 2px solid; }
149
-
150
- /* Default styles for common addons */
151
-
152
- div.CodeMirror span.CodeMirror-matchingbracket {color: #0b0;}
153
- div.CodeMirror span.CodeMirror-nonmatchingbracket {color: #a22;}
154
- .CodeMirror-matchingtag { background: rgba(255, 150, 0, .3); }
155
- .CodeMirror-activeline-background {background: #e8f2ff;}
156
-
157
- /* STOP */
158
-
159
- /* The rest of this file contains styles related to the mechanics of
160
- the editor. You probably shouldn't touch them. */
161
-
162
- .CodeMirror {
163
- position: relative;
164
- overflow: hidden;
165
- background: white;
166
- }
167
-
168
- .CodeMirror-scroll {
169
- overflow: scroll !important; /* Things will break if this is overridden */
170
- /* 30px is the magic margin used to hide the element's real scrollbars */
171
- /* See overflow: hidden in .CodeMirror */
172
- margin-bottom: -30px; margin-right: -30px;
173
- padding-bottom: 30px;
174
- height: 100%;
175
- outline: none; /* Prevent dragging from highlighting the element */
176
- position: relative;
177
- }
178
- .CodeMirror-sizer {
179
- position: relative;
180
- border-right: 30px solid transparent;
181
- }
182
-
183
- /* The fake, visible scrollbars. Used to force redraw during scrolling
184
- before actual scrolling happens, thus preventing shaking and
185
- flickering artifacts. */
186
- .CodeMirror-vscrollbar, .CodeMirror-hscrollbar, .CodeMirror-scrollbar-filler, .CodeMirror-gutter-filler {
187
- position: absolute;
188
- z-index: 6;
189
- display: none;
190
- }
191
- .CodeMirror-vscrollbar {
192
- right: 0; top: 0;
193
- overflow-x: hidden;
194
- overflow-y: scroll;
195
- }
196
- .CodeMirror-hscrollbar {
197
- bottom: 0; left: 0;
198
- overflow-y: hidden;
199
- overflow-x: scroll;
200
- }
201
- .CodeMirror-scrollbar-filler {
202
- right: 0; bottom: 0;
203
- }
204
- .CodeMirror-gutter-filler {
205
- left: 0; bottom: 0;
206
- }
207
-
208
- .CodeMirror-gutters {
209
- position: absolute; left: 0; top: 0;
210
- min-height: 100%;
211
- z-index: 3;
212
- }
213
- .CodeMirror-gutter {
214
- white-space: normal;
215
- height: 100%;
216
- display: inline-block;
217
- vertical-align: top;
218
- margin-bottom: -30px;
219
- }
220
- .CodeMirror-gutter-wrapper {
221
- position: absolute;
222
- z-index: 4;
223
- background: none !important;
224
- border: none !important;
225
- }
226
- .CodeMirror-gutter-background {
227
- position: absolute;
228
- top: 0; bottom: 0;
229
- z-index: 4;
230
- }
231
- .CodeMirror-gutter-elt {
232
- position: absolute;
233
- cursor: default;
234
- z-index: 4;
235
- }
236
- .CodeMirror-gutter-wrapper ::selection { background-color: transparent }
237
- .CodeMirror-gutter-wrapper ::-moz-selection { background-color: transparent }
238
-
239
- .CodeMirror-lines {
240
- cursor: text;
241
- min-height: 1px; /* prevents collapsing before first draw */
242
- }
243
- .CodeMirror pre {
244
- /* Reset some styles that the rest of the page might have set */
245
- -moz-border-radius: 0; -webkit-border-radius: 0; border-radius: 0;
246
- border-width: 0;
247
- background: transparent;
248
- font-family: inherit;
249
- font-size: inherit;
250
- margin: 0;
251
- white-space: pre;
252
- word-wrap: normal;
253
- line-height: inherit;
254
- color: inherit;
255
- z-index: 2;
256
- position: relative;
257
- overflow: visible;
258
- -webkit-tap-highlight-color: transparent;
259
- -webkit-font-variant-ligatures: contextual;
260
- font-variant-ligatures: contextual;
261
- }
262
- #policy-model .CodeMirror pre {
263
- padding-left: 20px;
264
- }
265
- .CodeMirror-wrap pre {
266
- word-wrap: break-word;
267
- white-space: pre-wrap;
268
- word-break: normal;
269
- }
270
-
271
- .CodeMirror-linebackground {
272
- position: absolute;
273
- left: 0; right: 0; top: 0; bottom: 0;
274
- z-index: 0;
275
- }
276
-
277
- .CodeMirror-linewidget {
278
- position: relative;
279
- z-index: 2;
280
- padding: 0.1px; /* Force widget margins to stay inside of the container */
281
- }
282
-
283
- .CodeMirror-widget {}
284
-
285
- .CodeMirror-rtl pre { direction: rtl; }
286
-
287
- .CodeMirror-code {
288
- outline: none;
289
- }
290
-
291
- /* Force content-box sizing for the elements where we expect it */
292
- .CodeMirror-scroll,
293
- .CodeMirror-sizer,
294
- .CodeMirror-gutter,
295
- .CodeMirror-gutters,
296
- .CodeMirror-linenumber {
297
- -moz-box-sizing: content-box;
298
- box-sizing: content-box;
299
- }
300
-
301
- .CodeMirror-measure {
302
- position: absolute;
303
- width: 100%;
304
- height: 0;
305
- overflow: hidden;
306
- visibility: hidden;
307
- }
308
-
309
- .CodeMirror-cursor {
310
- position: absolute;
311
- pointer-events: none;
312
- }
313
- .CodeMirror-measure pre { position: static; }
314
-
315
- div.CodeMirror-cursors {
316
- visibility: hidden;
317
- position: relative;
318
- z-index: 3;
319
- }
320
- div.CodeMirror-dragcursors {
321
- visibility: visible;
322
- }
323
-
324
- .CodeMirror-focused div.CodeMirror-cursors {
325
- visibility: visible;
326
- }
327
-
328
- .CodeMirror-selected { background: #d9d9d9; }
329
- .CodeMirror-focused .CodeMirror-selected { background: #d7d4f0; }
330
- .CodeMirror-crosshair { cursor: crosshair; }
331
- .CodeMirror-line::selection, .CodeMirror-line > span::selection, .CodeMirror-line > span > span::selection { background: #d7d4f0; }
332
- .CodeMirror-line::-moz-selection, .CodeMirror-line > span::-moz-selection, .CodeMirror-line > span > span::-moz-selection { background: #d7d4f0; }
333
-
334
- .cm-searching {
335
- background-color: #ffa;
336
- background-color: rgba(255, 255, 0, .4);
337
- }
338
-
339
- /* Used to force a border model for a node */
340
- .cm-force-border { padding-right: .1px; }
341
-
342
- @media print {
343
- /* Hide the cursor when printing */
344
- .CodeMirror div.CodeMirror-cursors {
345
- visibility: hidden;
346
- }
347
- }
348
-
349
- /* See issue #2901 */
350
- .cm-tab-wrap-hack:after { content: ''; }
351
-
352
- /* Help users use markselection to safely style text background */
353
- span.CodeMirror-selectedtext { background: none; }
354
-
355
- .aam-alert-danger{
356
- border-radius: 0;
357
- margin: 10px 0;
358
- color: #a94442;
359
- background-color: #f2dede;
360
- border-color: #ebccd1;
361
- padding: 15px;
362
- border: 1px solid transparent;
363
- }
364
- .aam-infobox {
365
- border-left: 5px solid #257fad;
366
- padding: 20px;
367
- background-color: #d9edf7;
368
- margin-bottom: 0;
369
- }
370
- </style>
371
-
372
- <?php
373
- if (!empty($args->post->post_content)) {
374
- // Validate the policy
375
- $validator = new AAM_Core_Policy_Validator(htmlspecialchars_decode($args->post->post_content));
376
- $errors = $validator->validate();
377
- } else {
378
- $args->post->post_content = AAM_Backend_View_Helper::getDefaultPolicy();
379
- $errors = array();
380
- }
381
- ?>
382
-
383
- <div class="aam-alert-danger<?php echo (empty($errors) ? ' hidden' : ''); ?>" id="policy-parsing-error">
384
- <?php echo implode('<br/>', $errors); ?>
385
- </div>
386
-
387
- <textarea id="aam-policy-editor" name="aam-policy" class="policy-editor" rows="10"><?php echo stripslashes($args->post->post_content); ?></textarea>
388
-
389
- <p class="aam-infobox">
390
- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('To learn more about Access &amp; Security policy document, please check [%sAccess &amp; Security Policy%s] page.', 'b'), '<a href="https://aamplugin.com/reference/policy" target="_blank">', '</a>'); ?>
391
- </p>
392
-
393
- <script type='text/javascript' src="<?php echo AAM_MEDIA . '/js/vendor.js'; ?>"></script>
394
-
395
- <script type='text/javascript'>
396
- (function($){
397
- var editor = CodeMirror.fromTextArea(
398
- document.getElementById("aam-policy-editor"),
399
- {
400
- mode: "application/json",
401
- lineNumbers: true
402
- }
403
- );
404
-
405
- $(document).ready(function () {
406
- $('form[name="post"]').bind('submit', function(event) {
407
- var json = editor.getValue();
408
-
409
- $('#policy-parsing-error').addClass('hidden');
410
-
411
- try {
412
- JSON.parse(json);
413
-
414
- $('#aam-policy-editor').val(json);
415
- } catch (e) {
416
- event.preventDefault();
417
-
418
- $('#policy-parsing-error').removeClass('hidden').html(
419
- '<b><?php echo __('Syntax Error', AAM_KEY); ?></b>: ' + e.message.replace('JSON.parse:', '')
420
- );
421
- }
422
- });
423
- });
424
- }(jQuery));
425
- </script>
426
- </div>
427
- <?php }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/metabox/policy-principal-metabox.phtml DELETED
@@ -1,3 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <iframe src="<?php echo admin_url('admin.php?page=aam&aamframe=principal&oid=' . $args->post->ID . '&otype=post'); ?>" width="100%" height="450" style="border: 0; margin-top:0;" id="policy-principal"></iframe>
3
- <?php }
 
 
 
application/Backend/phtml/metabox/term-metabox.phtml DELETED
@@ -1,16 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <tr class="form-field term-access-manager-wrap">
3
- <th scope="row"><label for="term-access-manager"><?php _e('Access'); ?></label></th>
4
- <td>
5
- <?php if (defined('AAM_PLUS_PACKAGE')) { ?>
6
- <div style="padding: 0px 10px; box-sizing: border-box; background-color: #FFFFFF; width: 95%;">
7
- <iframe src="<?php echo admin_url('admin.php?page=aam&aamframe=post&oid=' . $args->term->term_id . '|' . $args->term->taxonomy . '&otype=term'); ?>" width="100%" height="450" style="border-bottom: 1px solid #e5e5e5; margin-top:10px;"></iframe>
8
- </div>
9
- <?php } else { ?>
10
- <div style="border-left: 4px solid #ffb900; background-color: #FFF1CC; padding: 10px; font-size: 1em; margin: 10px 0px;">
11
- In order to manage access to this category for any user, role or visitors please consider to purchase <strong><a href="https://aamplugin.com/extension/plus-package" target="_blank">AAM Plus Package</a></strong> extension for <a href="https://wordpress.org/plugins/advanced-access-manager/" target="_blank">Advanced Access Manager</a> plugin.
12
- </div>
13
- <?php } ?>
14
- </td>
15
- </tr>
16
- <?php }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/partial/login-redirect.phtml DELETED
@@ -1,5 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <p class="aam-info">
3
- <?php echo AAM_Backend_View_Helper::preparePhrase('Setup [default] redirect after user logged in successfully for all your users and roles. With [AAM Login Redirect] extension you can customize login redirect for any user or role.', 'strong', 'strong'); ?>
4
- </p>
5
- <?php }
 
 
 
 
 
application/Backend/phtml/partial/post-access-form.phtml DELETED
@@ -1,127 +0,0 @@
1
- <?php if (!defined('AAM_KEY')) { exit; } ?>
2
-
3
- <?php $frontendOptions = AAM_Backend_Feature_Main_Post::getAccessOptionList('frontend'); ?>
4
- <?php $backendOptions = AAM_Backend_Feature_Main_Post::getAccessOptionList('backend'); ?>
5
- <?php $apiOptions = AAM_Backend_Feature_Main_Post::getAccessOptionList('api'); ?>
6
-
7
- <div class="panel-group" id="post-access-accordion" role="tablist" aria-multiselectable="true">
8
- <?php if (count($frontendOptions) && AAM_Core_Config::get('core.settings.frontendAccessControl', true)) { ?>
9
- <div class="panel panel-success">
10
- <div class="panel-heading" role="tab" id="heading-post-frontend-access-settings">
11
- <h4 class="panel-title">
12
- <a role="button" data-toggle="collapse" data-parent="#post-access-accordion" href="#post-frontend-access-settings" aria-expanded="true" aria-controls="post-frontend-access-settings">
13
- <i class="icon-doc-text-inv"></i> <strong><?php echo __('Frontend Access Settings', AAM_KEY); ?></strong>
14
- </a>
15
- </h4>
16
- </div>
17
- <div id="post-frontend-access-settings" class="panel-collapse collapse in" role="tabpanel" aria-labelledby="heading-post-frontend-access-settings">
18
- <div class="panel-body">
19
- <table class="table table-striped table-bordered">
20
- <tbody>
21
- <?php foreach ($frontendOptions as $option => $data) { ?>
22
- <tr>
23
- <?php $id = uniqid('aam'); ?>
24
- <td width="90%">
25
- <strong class="aam-block aam-highlight text-uppercase"><?php echo $data['title']; ?></strong>
26
- <?php if (!empty($data['sub'])) { ?>
27
- <small class="aam-small-highlighted">
28
- <?php echo $data['sub']; ?>: <b id="<?php echo $data['preview']; ?>" data-ref="<?php echo $data['option']; ?>" class="option-preview">...</b>
29
- <a href="#<?php echo $data['modal']; ?>" data-toggle="modal" class="advanced-post-option" data-ref="<?php echo $data['option']; ?>" data-preview="#<?php echo $data['preview']; ?>" id="<?php echo $id; ?>"><?php echo __('change', AAM_KEY); ?></a>
30
- </small>
31
- <?php } ?>
32
- <p class="aam-hint" data-dynamic-post-label="<?php echo $data['descr']; ?>"></p>
33
- </td>
34
- <td>
35
- <div class="aam-row-actions">
36
- <i class="aam-row-action text-muted icon-check-empty" data-property="frontend.<?php echo $option; ?>" <?php echo (!empty($data['sub']) ? 'data-trigger="' . $id . '"' : ''); ?>></i>
37
- </div>
38
- </td>
39
- </tr>
40
- <?php } ?>
41
- </tbody>
42
- </table>
43
- </div>
44
- </div>
45
- </div>
46
- <?php } ?>
47
-
48
- <?php if (count($backendOptions) && AAM_Core_Config::get('core.settings.backendAccessControl', true)) { ?>
49
- <div class="panel panel-info">
50
- <div class="panel-heading" role="tab" id="heading-post-backend-access-settings">
51
- <h4 class="panel-title">
52
- <a role="button" data-toggle="collapse" data-parent="#post-access-accordion" href="#post-backend-access-settings" aria-expanded="false" aria-controls="post-backend-access-settings">
53
- <i class="icon-doc-text-inv"></i> <strong><?php echo __('Backend Access Settings', AAM_KEY); ?></strong>
54
- </a>
55
- </h4>
56
- </div>
57
- <div id="post-backend-access-settings" class="panel-collapse collapse" role="tabpanel" aria-labelledby="heading-post-backend-access-settings">
58
- <div class="panel-body">
59
- <table class="table table-striped table-bordered">
60
- <tbody>
61
- <?php foreach ($backendOptions as $option => $data) { ?>
62
- <tr>
63
- <?php $id = uniqid('aam'); ?>
64
- <td width="90%">
65
- <strong class="aam-block aam-highlight text-uppercase"><?php echo $data['title']; ?></strong>
66
- <?php if (!empty($data['sub'])) { ?>
67
- <small class="aam-small-highlighted">
68
- <?php echo $data['sub']; ?>: <b id="<?php echo $data['preview']; ?>" data-ref="<?php echo $data['option']; ?>" class="option-preview">...</b>
69
- <a href="#modal-<?php echo str_replace('.', '-', $data['option']); ?>" data-toggle="modal" class="advanced-post-option" data-ref="<?php echo $data['option']; ?>" data-preview="#<?php echo $data['preview']; ?>" id="<?php echo $id; ?>"><?php echo __('change', AAM_KEY); ?></a>
70
- </small>
71
- <?php } ?>
72
- <p class="aam-hint" data-dynamic-post-label="<?php echo $data['descr']; ?>"></p>
73
- </td>
74
- <td>
75
- <div class="aam-row-actions">
76
- <i class="aam-row-action text-muted icon-check-empty" data-property="backend.<?php echo $option; ?>" <?php echo (!empty($data['sub']) ? 'data-trigger="' . $id . '"' : ''); ?>></i>
77
- </div>
78
- </td>
79
- </tr>
80
- <?php } ?>
81
- </tbody>
82
- </table>
83
- </div>
84
- </div>
85
- </div>
86
- <?php } ?>
87
-
88
- <?php if (count($apiOptions) && AAM_Core_Config::get('core.settings.apiAccessControl', true)) { ?>
89
- <div class="panel panel-warning">
90
- <div class="panel-heading" role="tab" id="heading-post-api-access-settings">
91
- <h4 class="panel-title">
92
- <a role="button" data-toggle="collapse" data-parent="#post-access-accordion" href="#post-api-access-settings" aria-expanded="false" aria-controls="post-backend-access-settings">
93
- <i class="icon-doc-text-inv"></i> <strong><?php echo __('API Access Settings', AAM_KEY); ?></strong>
94
- </a>
95
- </h4>
96
- </div>
97
- <div id="post-api-access-settings" class="panel-collapse collapse" role="tabpanel" aria-labelledby="heading-post-api-access-settings">
98
- <div class="panel-body">
99
- <table class="table table-striped table-bordered">
100
- <tbody>
101
- <?php foreach ($apiOptions as $option => $data) { ?>
102
- <tr>
103
- <?php $id = uniqid('aam'); ?>
104
- <td width="90%">
105
- <strong class="aam-block aam-highlight text-uppercase"><?php echo $data['title']; ?></strong>
106
- <?php if (!empty($data['sub'])) { ?>
107
- <small class="aam-small-highlighted">
108
- <?php echo $data['sub']; ?>: <b id="<?php echo $data['preview']; ?>" data-ref="<?php echo $data['option']; ?>" class="option-preview">...</b>
109
- <a href="#<?php echo $data['modal']; ?>" data-toggle="modal" class="advanced-post-option" data-ref="<?php echo $data['option']; ?>" data-preview="#<?php echo $data['preview']; ?>" id="<?php echo $id; ?>"><?php echo __('change', AAM_KEY); ?></a>
110
- </small>
111
- <?php } ?>
112
- <p class="aam-hint" data-dynamic-post-label="<?php echo $data['descr']; ?>"></p>
113
- </td>
114
- <td>
115
- <div class="aam-row-actions">
116
- <i class="aam-row-action text-muted icon-check-empty" data-property="api.<?php echo $option; ?>" <?php echo (!empty($data['sub']) ? 'data-trigger="' . $id . '"' : ''); ?>></i>
117
- </div>
118
- </td>
119
- </tr>
120
- <?php } ?>
121
- </tbody>
122
- </table>
123
- </div>
124
- </div>
125
- </div>
126
- <?php } ?>
127
- </div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/partial/post-advanced-settings.phtml DELETED
@@ -1,181 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <div class="modal fade" id="modal-teaser" tabindex="-1" role="dialog">
3
- <div class="modal-dialog" role="document">
4
- <div class="modal-content">
5
- <div class="modal-header">
6
- <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
7
- <h4 class="modal-title"><?php echo __('Teaser Message', AAM_KEY); ?></h4>
8
- </div>
9
- <div class="modal-body">
10
- <div class="form-group">
11
- <label><?php echo __('Simple text or valid HTML', AAM_KEY); ?></label>
12
- <textarea class="form-control" placeholder="<?php echo __('Enter your teaser', AAM_KEY); ?>" rows="5" id="aam-teaser-message"></textarea>
13
- </div>
14
- </div>
15
- <div class="modal-footer">
16
- <button type="button" class="btn btn-success extended-post-access-btn" data-modal="#modal-teaser" data-field="#aam-teaser-message"><?php echo __('Save', AAM_KEY); ?></button>
17
- <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
18
- </div>
19
- </div>
20
- </div>
21
- </div>
22
-
23
- <div class="modal fade" id="modal-access-counter" tabindex="-1" role="dialog">
24
- <div class="modal-dialog modal-sm" role="document">
25
- <div class="modal-content">
26
- <div class="modal-header">
27
- <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
28
- <h4 class="modal-title"><?php echo __('Define Threshold', AAM_KEY); ?></h4>
29
- </div>
30
- <div class="modal-body">
31
- <div class="form-group">
32
- <label><?php echo __('Threshold', AAM_KEY); ?></label>
33
- <input type="text" class="form-control" placeholder="<?php echo __('Enter digital number', AAM_KEY); ?>" id="aam-read-counter" />
34
- </div>
35
- </div>
36
- <div class="modal-footer">
37
- <button type="button" class="btn btn-success extended-post-access-btn" data-modal="#modal-access-counter" data-field="#aam-read-counter"><?php echo __('Update', AAM_KEY); ?></button>
38
- <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
39
- </div>
40
- </div>
41
- </div>
42
- </div>
43
-
44
- <div class="modal fade" id="modal-password" tabindex="-1" role="dialog">
45
- <div class="modal-dialog modal-sm" role="document">
46
- <div class="modal-content">
47
- <div class="modal-header">
48
- <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
49
- <h4 class="modal-title"><?php echo __('Set Password', AAM_KEY); ?></h4>
50
- </div>
51
- <div class="modal-body">
52
- <div class="form-group">
53
- <label><?php echo __('Password', AAM_KEY); ?></label>
54
- <input type="text" class="form-control" placeholder="<?php echo __('Enter Password', AAM_KEY); ?>" id="aam-access-password" />
55
- </div>
56
- </div>
57
- <div class="modal-footer">
58
- <button type="button" class="btn btn-success extended-post-access-btn" data-modal="#modal-password" data-field="#aam-access-password"><?php echo __('Update', AAM_KEY); ?></button>
59
- <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
60
- </div>
61
- </div>
62
- </div>
63
- </div>
64
-
65
- <div class="modal fade" id="modal-redirect" tabindex="-1" role="dialog">
66
- <div class="modal-dialog" role="document">
67
- <div class="modal-content">
68
- <div class="modal-header">
69
- <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
70
- <h4 class="modal-title"><?php echo __('Set Redirect Rule', AAM_KEY); ?></h4>
71
- </div>
72
- <div class="modal-body">
73
- <p class="aam-info"><?php echo __('Use REDIRECT option only if you want to redirect user to different location either temporary or permanently.'); ?></p>
74
- <div class="form-group aam-outer-top-xs">
75
- <div class="radio">
76
- <input type="radio" id="post-redirect-page" name="post-redirect-type" class="post-redirect-type" data-action="#post-redirect-page-action" value="page" />
77
- <label for="post-redirect-page"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to existing page [(select from the drop-down)]', 'small'); ?></label>
78
- </div>
79
- <div class="radio">
80
- <input type="radio" id="post-redirect-url" name="post-redirect-type" class="post-redirect-type" data-action="#post-redirect-url-action" value="url" />
81
- <label for="post-redirect-url"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to the URL [(enter full URL starting from http or https)]', 'small'); ?></label>
82
- </div>
83
- <div class="radio hidden" id="post-login-redirect-visitor">
84
- <input type="radio" id="post-redirect-login" name="post-redirect-type" class="post-redirect-type" value="login" data-action="none" />
85
- <label for="post-redirect-login"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirect to the login page [(after login, user will be redirected back to the restricted page)]', 'small'); ?></label>
86
- </div>
87
- <div class="radio">
88
- <input type="radio" id="post-redirect-callback" name="post-redirect-type" class="post-redirect-type" data-action="#post-redirect-callback-action" value="callback" />
89
- <label for="post-redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="https://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
90
- </div>
91
-
92
- <div class="form-group post-redirect-action" id="post-redirect-page-action" style="display: none;">
93
- <label><?php echo __('Existing Page', AAM_KEY); ?></label>
94
- <?php
95
- wp_dropdown_pages(array(
96
- 'depth' => 99,
97
- 'echo' => 1,
98
- 'id' => 'post-redirect-page-value', // string
99
- 'class' => 'form-control post-redirect-value', // string
100
- 'show_option_none' => __('-- Select Page --', AAM_KEY) // string
101
- ));
102
- ?>
103
- </div>
104
-
105
- <div class="form-group post-redirect-action" id="post-redirect-url-action" style="display: none;">
106
- <label><?php echo __('The URL', AAM_KEY); ?></label>
107
- <input type="text" class="form-control post-redirect-value" id="post-redirect-url-value" placeholder="https://" value="" />
108
- </div>
109
-
110
- <div class="form-group post-redirect-action" id="post-redirect-code" style="display: none;">
111
- <label><?php echo __('HTTP Redirect Code', AAM_KEY); ?></label>
112
- <select class="form-control post-redirect-value" id="post-redirect-code-value">
113
- <option value=""><?php echo __('HTTP Code (Default 307)', AAM_KEY); ?></option>
114
- <option value="301"><?php echo __('301 - Moved Permanently', AAM_KEY); ?></option>
115
- <option value="302"><?php echo __('302 - Found', AAM_KEY); ?></option>
116
- <option value="303"><?php echo __('303 - See Other', AAM_KEY); ?></option>
117
- <option value="307"><?php echo __('307 - Temporary Redirect', AAM_KEY); ?></option>
118
- <option value="401"><?php echo __('401 - Unauthorized', AAM_KEY); ?></option>
119
- <option value="403"><?php echo __('403 - Forbidden', AAM_KEY); ?></option>
120
- <option value="410"><?php echo __('410 - Gone', AAM_KEY); ?></option>
121
- </select>
122
- </div>
123
-
124
- <div class="form-group post-redirect-action" id="post-redirect-callback-action" style="display: none;">
125
- <label><?php echo __('PHP Callback Function', AAM_KEY); ?></label>
126
- <input type="text" class="form-control post-redirect-value" id="post-redirect-callback-value" placeholder="Enter valid callback" value="" />
127
- </div>
128
- </div>
129
- <input type="hidden" id="post-redirect-rule" />
130
- </div>
131
- <div class="modal-footer">
132
- <button type="button" class="btn btn-success extended-post-access-btn" data-modal="#modal-redirect" data-field="#post-redirect-rule"><?php echo __('Update', AAM_KEY); ?></button>
133
- <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
134
- </div>
135
- </div>
136
- </div>
137
- </div>
138
-
139
- <div class="modal fade" id="modal-access-expires" tabindex="-1" role="dialog">
140
- <div class="modal-dialog" role="document">
141
- <div class="modal-content">
142
- <div class="modal-header">
143
- <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
144
- <h4 class="modal-title"><?php echo __('Set Expiration', AAM_KEY); ?></h4>
145
- </div>
146
- <div class="modal-body">
147
- <div class="form-group">
148
- <div id="post-expiration-datapicker"></div>
149
- <input type="hidden" id="aam-expire-datetime" />
150
- </div>
151
- </div>
152
- <div class="modal-footer">
153
- <button type="button" class="btn btn-success extended-post-access-btn" data-modal="#modal-access-expires" data-field="#aam-expire-datetime"><?php echo __('Update', AAM_KEY); ?></button>
154
- <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
155
- </div>
156
- </div>
157
- </div>
158
- </div>
159
-
160
- <div class="modal fade" id="modal-eproduct" tabindex="-1" role="dialog">
161
- <div class="modal-dialog" role="document">
162
- <div class="modal-content">
163
- <div class="modal-header">
164
- <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
165
- <h4 class="modal-title"><?php echo __('E-Commerce Setup', AAM_KEY); ?></h4>
166
- </div>
167
- <div class="modal-body">
168
- <?php
169
- echo apply_filters(
170
- 'aam-frontend-eproduct-setup',
171
- '<p class="alert alert-warning text-center">' . sprintf(AAM_Backend_View_Helper::preparePhrase('Monetization is the premium feature that is available with %s[E-Commerce]%s extension.', 'b'), '<a href="https://aamplugin.com/extension/ecommerce" target="_blank">', '</a>') . '</p>'
172
- );
173
- ?>
174
- </div>
175
- <div class="modal-footer">
176
- <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
177
- </div>
178
- </div>
179
- </div>
180
- </div>
181
- <?php }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/partial/post-type.phtml DELETED
@@ -1,7 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <div class="row">
3
- <div class="col-xs-12">
4
- <p class="aam-notification" data-dynamic-post-label="<?php echo AAM_Backend_View_Helper::preparePhrase('Manage default access to all your %s and %s Categories. This feature is available only with [AAM Plus Package] extension. But you can still manage access to individual %s but only up to 10 %s. Consider to purchase [AAM Plus Package] extension.', 'b', 'b'); ?>"></p>
5
- </div>
6
- </div>
7
- <?php }
 
 
 
 
 
 
 
application/Backend/phtml/partial/redirect.phtml DELETED
@@ -1,5 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <p class="aam-info">
3
- <?php echo AAM_Backend_View_Helper::preparePhrase('Setup [default] redirect for all users, roles and visitors when access is denied for any restricted resources on your website.', 'strong'); ?>
4
- </p>
5
- <?php }
 
 
 
 
 
application/Backend/phtml/partial/term-type.phtml DELETED
@@ -1,7 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <div class="row">
3
- <div class="col-xs-12">
4
- <p class="aam-notification" data-dynamic-post-label="<?php echo AAM_Backend_View_Helper::preparePhrase('Manage access to %s is available with [AAM Plus Package] extension only. With this feature you can also define default access to all child posts that belong to %s. Consider to purchase [AAM Plus Package] extension.', 'b', 'b'); ?>"></p>
5
- </div>
6
- </div>
7
- <?php }
 
 
 
 
 
 
 
application/Backend/phtml/settings/content.phtml DELETED
@@ -1,21 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <div class="aam-feature settings" id="settings-content-content">
3
- <table class="table table-striped table-bordered">
4
- <tbody>
5
- <?php foreach($this->getList() as $id => $option) { ?>
6
- <tr>
7
- <td>
8
- <span class='aam-setting-title'><?php echo $option['title']; ?></span>
9
- <p class="aam-setting-description">
10
- <?php echo $option['descr']; ?>
11
- </p>
12
- </td>
13
- <td class="text-center">
14
- <input data-toggle="toggle" name="<?php echo $id; ?>" id="utility-<?php echo $id; ?>" <?php echo ($option['value'] ? 'checked' : ''); ?> type="checkbox" data-on="Enabled" data-off="Disabled" data-size="small" />
15
- </td>
16
- </tr>
17
- <?php } ?>
18
- </tbody>
19
- </table>
20
- </div>
21
- <?php }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/system/export.phtml DELETED
@@ -1,67 +0,0 @@
1
- <fieldset>
2
- <p><label><input type="radio" name="content" value="aam" /> <?php _e('AAM Settings'); ?></label></p>
3
- <ul id="aam-filters" class="export-filters">
4
- <li>
5
- <label><span class="label-responsive" style="font-weight: 500;"><?php _e('System Settings:'); ?></span></label><br/>
6
- <ul style="margin: 5px 0 0 15px;">
7
- <li><input type="checkbox" name="export[system][]" value="roles" /> Roles &amp; Capabilities</li>
8
- <li><input type="checkbox" name="export[system][]" value="utilities" /> AAM Settings</li>
9
- <li><input type="checkbox" name="export[system][]" value="configpress" /> ConfigPress</li>
10
- </ul>
11
- </li>
12
- <li>
13
- <label><span class="label-responsive" style="font-weight: 500;"><?php _e('Role Settings:'); ?></span></label><br/>
14
- <ul style="margin: 5px 0 0 15px;">
15
- <li><input type="checkbox" name="export[roles][]" value="menu" /> Backend Menu</li>
16
- <li><input type="checkbox" name="export[roles][]" value="toolbar" /> Top Admin Toolbar</li>
17
- <li><input type="checkbox" name="export[roles][]" value="metabox" /> Metaboxes &amp; Widgets</li>
18
- <li><input type="checkbox" name="export[roles][]" value="post" /> Posts &amp; Terms</li>
19
- <li><input type="checkbox" name="export[roles][]" value="redirect" /> Redirects</li>
20
- <li><input type="checkbox" name="export[roles][]" value="route" /> API Routes</li>
21
- </ul>
22
- </li>
23
- <li>
24
- <label><span class="label-responsive" style="font-weight: 500;"><?php _e('User Settings:'); ?></span></label><br/>
25
- <ul style="margin: 5px 0 0 15px;">
26
- <li><input type="checkbox" name="export[users][]" value="menu" /> Backend Menu</li>
27
- <li><input type="checkbox" name="export[users][]" value="toolbar" /> Top Admin Toolbar</li>
28
- <li><input type="checkbox" name="export[users][]" value="metabox" /> Metaboxes &amp; Widgets</li>
29
- <li><input type="checkbox" name="export[users][]" value="capability" /> Capabilities</li>
30
- <li><input type="checkbox" name="export[users][]" value="post" /> Posts &amp; Terms</li>
31
- <li><input type="checkbox" name="export[users][]" value="redirect" /> Redirects</li>
32
- <li><input type="checkbox" name="export[users][]" value="route" /> API Routes</li>
33
- </ul>
34
- </li>
35
- <li>
36
- <label><span class="label-responsive" style="font-weight: 500;"><?php _e('Visitor Settings:'); ?></span></label><br/>
37
- <ul style="margin: 5px 0 0 15px;">
38
- <li><input type="checkbox" name="export[visitor][]" value="metabox" /> Frontend Widgets</li>
39
- <li><input type="checkbox" name="export[visitor][]" value="post" /> Posts &amp; Terms</li>
40
- <li><input type="checkbox" name="export[visitor][]" value="redirect" /> Redirects</li>
41
- <li><input type="checkbox" name="export[visitor][]" value="route" /> API Routes</li>
42
- </ul>
43
- </li>
44
- <li>
45
- <label><span class="label-responsive" style="font-weight: 500;"><?php _e('Default Settings:'); ?></span></label><br/>
46
- <ul style="margin: 5px 0 0 15px;">
47
- <li><input type="checkbox" name="export[default][]" value="menu" /> Backend Menu</li>
48
- <li><input type="checkbox" name="export[default][]" value="toolbar" /> Top Admin Toolbar</li>
49
- <li><input type="checkbox" name="export[default][]" value="metabox" /> Metaboxes &amp; Widgets</li>
50
- <li><input type="checkbox" name="export[default][]" value="post" /> Posts &amp; Terms</li>
51
- <li><input type="checkbox" name="export[default][]" value="redirect" /> Redirects</li>
52
- <li><input type="checkbox" name="export[default][]" value="route" /> API Routes</li>
53
- </ul>
54
- </li>
55
- </ul>
56
- </fieldset>
57
- <script type="text/javascript">
58
- jQuery(document).ready(function($){
59
- var form = $('#export-filters');
60
-
61
- form.find('input:radio').change(function() {
62
- if ($(this).val() === 'aam') {
63
- $('#aam-filters').slideDown();
64
- }
65
- });
66
- });
67
- </script>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/user/multiple-roles.phtml DELETED
@@ -1,32 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <?php if ( !IS_PROFILE_PAGE && !is_network_admin() && current_user_can('promote_user', $user->ID)) { ?>
3
- <table class="form-table">
4
- <tr>
5
- <th><?php echo esc_html('User Roles', AAM_KEY); ?></th>
6
- <td>
7
- <div class="wp-tab-panel">
8
- <ul>
9
- <?php foreach (get_editable_roles() as $id => $role) { ?>
10
- <li>
11
- <label>
12
- <input type="checkbox" name="aam_user_roles[]" value="<?php echo esc_attr($id); ?>" <?php checked(in_array($id, $user->roles)); ?> />
13
- <?php echo esc_html(translate_user_role($role['name'])); ?>
14
- </label>
15
- </li>
16
- <?php } ?>
17
- </ul>
18
- </div>
19
- </td>
20
- </tr>
21
- </table>
22
-
23
- <!-- Remove standard WordPress roles selector-->
24
- <script>
25
- (function($) {
26
- $(document).ready(function(){
27
- $('.user-role-wrap').remove();
28
- });
29
- })(jQuery);
30
- </script>
31
- <?php } ?>
32
- <?php } ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/phtml/widget/login-frontend.phtml DELETED
@@ -1,75 +0,0 @@
1
- <?php if (defined('AAM_KEY')) { ?>
2
- <?php
3
- echo $this->args['before_widget'];
4
-
5
- if(!is_user_logged_in()) {
6
- echo $this->args['before_title'];
7
- echo apply_filters('widget_title', $this->args['login-title'], $this->args, $this->id_base);
8
- echo $this->args['after_title'];
9
- }elseif(is_user_logged_in()) {
10
- echo $this->args['before_title'];
11
- echo str_replace('%username%', AAM::getUser()->display_name, $this->args['user-title']);
12
- echo $this->args['after_title'];
13
- }
14
- ?>
15
-
16
- <?php if(!is_user_logged_in()) { ?>
17
- <div id="<?php echo $this->get_field_id('error'); ?>" style="display: none; margin-bottom: 15px; border-left: 4px solid #dc3232; padding: 6px;"></div>
18
-
19
- <div id="<?php echo $this->get_field_id('loginform'); ?>">
20
- <p>
21
- <label for="user_login"><?php echo __('Username or Email Address', AAM_KEY); ?><br>
22
- <input id="<?php echo $this->get_field_id('log'); ?>" class="input login-input" value="" size="20" type="text" />
23
- </label>
24
- </p>
25
-
26
- <p>
27
- <label for="user_pass"><?php echo __('Password', AAM_KEY); ?><br>
28
- <input id="<?php echo $this->get_field_id('pwd'); ?>" class="input login-input" value="" size="20" type="password" />
29
- </label>
30
- </p>
31
-
32
- <?php do_action('login_form'); ?>
33
-
34
- <p class="forgetmenot">
35
- <label for="rememberme">
36
- <input id="<?php echo $this->get_field_id('rememberme'); ?>" value="forever" type="checkbox"/> <?php echo __('Remember Me', AAM_KEY); ?>
37
- </label>
38
- </p>
39
-
40
- <p class="submit">
41
- <input class="button button-primary button-large aam-login-submit" data-prefix="<?php echo $this->get_field_id(''); ?>" value="<?php echo __('Log In', AAM_KEY); ?>" type="submit" />
42
- <input id="<?php echo $this->get_field_id('redirect'); ?>" value="<?php echo $this->args['redirect']; ?>" type="hidden" />
43
- </p>
44
- </div>
45
-
46
- <?php if (AAM::api()->getConfig('feature.secureLogin.ui.showNav', true)) { ?>
47
- <p id="<?php echo $this->get_field_id('nav'); ?>">
48
- <?php
49
- if ( get_option( 'users_can_register' ) ) {
50
- $registration_url = sprintf('<a href="%s">%s</a>', esc_url(wp_registration_url()), __('Register'));
51
- echo apply_filters( 'register', $registration_url );
52
- echo esc_html(apply_filters('login_link_separator', ' | '));
53
- }
54
- ?>
55
- <a href="<?php echo esc_url( wp_lostpassword_url() ); ?>"><?php echo __('Lost your password?', AAM_KEY); ?></a>
56
- </p>
57
- <?php } ?>
58
- <?php } else { ?>
59
- <div style="display: table; width: 100%;">
60
- <div style="display:table-cell; width: 30%; text-align: center; vertical-align: middle;">
61
- <?php echo get_avatar(AAM::getUser()->ID, "50"); ?>
62
- </div>
63
- <div style="display:table-cell;">
64
- <?php $allowAdmin = !AAM_Core_API::capabilityExists('access_dashboard') || current_user_can('access_dashboard'); ?>
65
- <?php if ($allowAdmin) { ?>
66
- <a href="<?php echo esc_url(get_admin_url()); ?>"><?php echo __('Dashboard', AAM_KEY); ?></a><br/>
67
- <a href="<?php echo esc_url(get_admin_url(null, 'profile.php')); ?>"><?php echo __('Edit My Profile', AAM_KEY); ?></a><br/>
68
- <?php } ?>
69
- <a href="<?php echo esc_url(wp_logout_url()); ?>"><?php echo __('Log Out', AAM_KEY); ?></a>
70
- </div>
71
- </div>
72
- <?php } ?>
73
-
74
- <?php echo $this->args['after_widget'];
75
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Backend/tmpl/index.php ADDED
@@ -0,0 +1,120 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="wrap" id="aam-container">
5
+ <?php echo static::loadTemplate(__DIR__ . '/page/current-subject.php'); ?>
6
+
7
+ <div class="row">
8
+ <div class="col-xs-12 col-md-8">
9
+ <div class="metabox-holder">
10
+ <div class="postbox">
11
+ <div class="inside" id="access-manager-inside">
12
+ <div class="aam-postbox-inside" id="aam-content">
13
+ <?php echo static::loadPartial('loading-content'); ?>
14
+ </div>
15
+ </div>
16
+ </div>
17
+ </div>
18
+ </div>
19
+
20
+ <div class="col-xs-12 col-md-4 aam-sidebar">
21
+ <?php if (AAM_Core_Console::count() && current_user_can('aam_show_notifications')) { ?>
22
+ <div class="metabox-holder shared-metabox">
23
+ <div class="postbox">
24
+ <h3 class="hndle text-danger">
25
+ <i class='icon-attention-circled'></i> <span><?php echo __('Notifications', AAM_KEY); ?></span>
26
+ </h3>
27
+ <div class="inside">
28
+ <div class="aam-postbox-inside">
29
+ <ul class="aam-error-list">
30
+ <?php foreach (AAM_Core_Console::getAll() as $message) { ?>
31
+ <li><?php echo $message; ?></li>
32
+ <?php } ?>
33
+ </ul>
34
+ <div class="hidden" id="migration-errors-container"><?php echo base64_encode(print_r(AAM_Core_Migration::getFailureLog(), 1)); ?></div>
35
+ </div>
36
+ </div>
37
+ </div>
38
+ </div>
39
+ <?php } ?>
40
+
41
+ <div class="metabox-holder shared-metabox">
42
+ <div class="postbox">
43
+ <div class="inside">
44
+ <div class="aam-social">
45
+ <a href="#" title="Access" data-type="main" class="aam-area text-danger">
46
+ <i class="icon-cog-alt"></i>
47
+ <span><?php echo __('Access', AAM_KEY); ?></span>
48
+ </a>
49
+ <?php if (current_user_can('aam_manage_settings')) { ?>
50
+ <a href="#" title="Settings" data-type="settings" class="aam-area">
51
+ <i class="icon-wrench"></i>
52
+ <span><?php echo __('Settings', AAM_KEY); ?></span>
53
+ </a>
54
+ <?php } ?>
55
+ <?php if (current_user_can('aam_manage_addons')) { ?>
56
+ <a href="#" title="Add-ons" data-type="extensions" class="aam-area">
57
+ <i class="icon-cubes"></i>
58
+ <span><?php echo __('Add-Ons', AAM_KEY); ?></span>
59
+ </a>
60
+ <?php } ?>
61
+ <?php if (current_user_can('aam_view_help_btn')) { ?>
62
+ <a href="https://aamplugin.com/support" title="Help" target="_blank">
63
+ <i class="icon-help-circled"></i>
64
+ <span><?php echo __('Help', AAM_KEY); ?></span>
65
+ </a>
66
+ <?php } ?>
67
+ </div>
68
+ </div>
69
+ </div>
70
+ </div>
71
+
72
+ <?php if (current_user_can('aam_manage_settings')) { ?>
73
+ <div class="metabox-holder settings-metabox" style="display:none;">
74
+ <div class="postbox">
75
+ <div class="inside">
76
+ <div class="row">
77
+ <div class="col-xs-12 col-md-12">
78
+ <a href="#clear-settings-modal" data-toggle="modal" class="btn btn-danger btn-block"><?php echo __('Reset AAM Settings', AAM_KEY); ?></a>
79
+ </div>
80
+ </div>
81
+ </div>
82
+ </div>
83
+
84
+ <div class="modal fade" id="clear-settings-modal" tabindex="-1" role="dialog">
85
+ <div class="modal-dialog modal-sm" role="document">
86
+ <div class="modal-content">
87
+ <div class="modal-header">
88
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
89
+ <h4 class="modal-title"><?php echo __('Clear all settings', AAM_KEY); ?></h4>
90
+ </div>
91
+ <div class="modal-body">
92
+ <p class="text-center alert alert-danger text-larger"><?php echo __('All AAM settings will be removed.', AAM_KEY); ?></p>
93
+ </div>
94
+ <div class="modal-footer">
95
+ <button type="button" class="btn btn-danger" id="clear-settings"><?php echo __('Clear', AAM_KEY); ?></button>
96
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Cancel', AAM_KEY); ?></button>
97
+ </div>
98
+ </div>
99
+ </div>
100
+ </div>
101
+ </div>
102
+ <?php } ?>
103
+
104
+ <div class="metabox-holder extensions-metabox" style="display:none;">
105
+ <div class="postbox">
106
+ <div class="inside">
107
+ <div class="aam-postbox-inside text-center">
108
+ <p class="alert alert-info text-larger highlighted-italic"><?php echo AAM_Backend_View_Helper::preparePhrase('With the [Enterprise Package] get our dedicated support channel and all the premium add-ons for [50+ live websites]', 'i', 'b'); ?></p>
109
+ <a href="https://aamplugin.com/pricing/enterprise-package" target="_blank" class="btn btn-sm btn-primary btn-block"><i class="icon-link"></i> <?php echo __('Read More', AAM_KEY); ?></a>
110
+ </div>
111
+ </div>
112
+ </div>
113
+ </div>
114
+
115
+ <?php echo static::loadTemplate(__DIR__ . '/page/subject-panel.php'); ?>
116
+ <?php echo static::loadTemplate(__DIR__ . '/page/subject-panel-advanced.php'); ?>
117
+ </div>
118
+ </div>
119
+ </div>
120
+ <?php }
application/Backend/tmpl/metabox/iframe-footer.php ADDED
@@ -0,0 +1,8 @@
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <script type="text/javascript" src="<?php echo static::prepareIframeWPAssetsURL('js'); ?>"></script>
5
+ <?php do_action('aam_iframe_footer_action'); ?>
6
+ </body>
7
+ </html>
8
+ <?php }
application/Backend/tmpl/metabox/iframe-header.php ADDED
@@ -0,0 +1,22 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <!DOCTYPE html>
5
+ <html xmlns="https://www.w3.org/1999/xhtml" lang="en-US">
6
+
7
+ <head>
8
+ <title>Advanced Access Manager</title>
9
+
10
+ <meta charset="UTF-8" />
11
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
12
+ <meta name="viewport" content="width=device-width, initial-scale=1.0" />
13
+
14
+ <link rel="stylesheet" href="<?php echo static::prepareIframeWPAssetsURL('css'); ?>" type="text/css" media="all" />
15
+ <link rel="stylesheet" href="<?php echo AAM_MEDIA; ?>/css/vendor.min.css" type="text/css" media="all" />
16
+ <link rel="stylesheet" href="<?php echo AAM_MEDIA; ?>/css/aam.css" type="text/css" media="all" />
17
+
18
+ <?php do_action('aam_iframe_header_action'); ?>
19
+ </head>
20
+
21
+ <body id="aam-container" class="aam-iframe">
22
+ <?php }
application/Backend/tmpl/metabox/policy-metabox.php ADDED
@@ -0,0 +1,59 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php if (defined('AAM_KEY')) { ?>
2
+ <div>
3
+ <style type="text/css">.CodeMirror{font-family:monospace;height:300px;color:#000;direction:ltr;border:1px solid #eee;padding:5px}.CodeMirror-lines{padding:4px 0}.CodeMirror pre{padding:0 4px}.CodeMirror-gutter-filler,.CodeMirror-scrollbar-filler{background-color:#fff}.CodeMirror-gutters{white-space:nowrap}.CodeMirror-linenumber{padding:0 3px 0 0;min-width:15px;text-align:right;color:#999;white-space:nowrap}.CodeMirror-guttermarker{color:#000}.CodeMirror-guttermarker-subtle{color:#999}.CodeMirror-cursor{border-left:1px solid #000;border-right:none;width:0}.CodeMirror div.CodeMirror-secondarycursor{border-left:1px solid silver}.cm-fat-cursor .CodeMirror-cursor{width:auto;border:0!important;background:#7e7}.cm-fat-cursor div.CodeMirror-cursors{z-index:1}.cm-fat-cursor-mark{background-color:rgba(20,255,20,.5);-webkit-animation:blink 1.06s steps(1) infinite;-moz-animation:blink 1.06s steps(1) infinite;animation:blink 1.06s steps(1) infinite}.cm-animate-fat-cursor{width:auto;border:0;-webkit-animation:blink 1.06s steps(1) infinite;-moz-animation:blink 1.06s steps(1) infinite;animation:blink 1.06s steps(1) infinite;background-color:#7e7}@-moz-keyframes blink{50%{background-color:transparent}}@-webkit-keyframes blink{50%{background-color:transparent}}@keyframes blink{50%{background-color:transparent}}.cm-tab{display:inline-block;text-decoration:inherit}.CodeMirror-rulers{position:absolute;left:0;right:0;top:-50px;bottom:-20px;overflow:hidden}.CodeMirror-ruler{border-left:1px solid #ccc;top:0;bottom:0;position:absolute}.cm-s-default .cm-header{color:#00f}.cm-s-default .cm-quote{color:#090}.cm-negative{color:#d44}.cm-positive{color:#292}.cm-header,.cm-strong{font-weight:700}.cm-em{font-style:italic}.cm-link{text-decoration:underline}.cm-strikethrough{text-decoration:line-through}.cm-s-default .cm-keyword{color:#708}.cm-s-default .cm-atom{color:#219}.cm-s-default .cm-number{color:#164}.cm-s-default .cm-def{color:#00f}.cm-s-default .cm-variable-2{color:#05a}.cm-s-default .cm-type,.cm-s-default .cm-variable-3{color:#085}.cm-s-default .cm-comment{color:#a50}.cm-s-default .cm-string{color:#a11}.cm-s-default .cm-string-2{color:#f50}.cm-s-default .cm-meta{color:#555}.cm-s-default .cm-qualifier{color:#555}.cm-s-default .cm-builtin{color:#30a}.cm-s-default .cm-bracket{color:#997}.cm-s-default .cm-tag{color:#170}.cm-s-default .cm-attribute{color:#00c}.cm-s-default .cm-hr{color:#999}.cm-s-default .cm-link{color:#00c}.cm-s-default .cm-error{color:red}.cm-invalidchar{color:red}.CodeMirror-composing{border-bottom:2px solid}div.CodeMirror span.CodeMirror-matchingbracket{color:#0b0}div.CodeMirror span.CodeMirror-nonmatchingbracket{color:#a22}.CodeMirror-matchingtag{background:rgba(255,150,0,.3)}.CodeMirror-activeline-background{background:#e8f2ff}.CodeMirror{position:relative;overflow:hidden;background:#fff}.CodeMirror-scroll{overflow:scroll!important;margin-bottom:-30px;margin-right:-30px;padding-bottom:30px;height:100%;outline:0;position:relative}.CodeMirror-sizer{position:relative;border-right:30px solid transparent}.CodeMirror-gutter-filler,.CodeMirror-hscrollbar,.CodeMirror-scrollbar-filler,.CodeMirror-vscrollbar{position:absolute;z-index:6;display:none}.CodeMirror-vscrollbar{right:0;top:0;overflow-x:hidden;overflow-y:scroll}.CodeMirror-hscrollbar{bottom:0;left:0;overflow-y:hidden;overflow-x:scroll}.CodeMirror-scrollbar-filler{right:0;bottom:0}.CodeMirror-gutter-filler{left:0;bottom:0}.CodeMirror-gutters{position:absolute;left:0;top:0;min-height:100%;z-index:3}.CodeMirror-gutter{white-space:normal;height:100%;display:inline-block;vertical-align:top;margin-bottom:-30px}.CodeMirror-gutter-wrapper{position:absolute;z-index:4;background:0 0!important;border:none!important}.CodeMirror-gutter-background{position:absolute;top:0;bottom:0;z-index:4}.CodeMirror-gutter-elt{position:absolute;cursor:default;z-index:4}.CodeMirror-gutter-wrapper ::selection{background-color:transparent}.CodeMirror-gutter-wrapper ::-moz-selection{background-color:transparent}.CodeMirror-lines{cursor:text;min-height:1px}.CodeMirror pre{-moz-border-radius:0;-webkit-border-radius:0;border-radius:0;border-width:0;background:0 0;font-family:inherit;font-size:inherit;margin:0;white-space:pre;word-wrap:normal;line-height:inherit;color:inherit;z-index:2;position:relative;overflow:visible;-webkit-tap-highlight-color:transparent;-webkit-font-variant-ligatures:contextual;font-variant-ligatures:contextual}#policy-model .CodeMirror pre{padding-left:20px}.CodeMirror-wrap pre{word-wrap:break-word;white-space:pre-wrap;word-break:normal}.CodeMirror-linebackground{position:absolute;left:0;right:0;top:0;bottom:0;z-index:0}.CodeMirror-linewidget{position:relative;z-index:2;padding:.1px}.CodeMirror-rtl pre{direction:rtl}.CodeMirror-code{outline:0}.CodeMirror-gutter,.CodeMirror-gutters,.CodeMirror-linenumber,.CodeMirror-scroll,.CodeMirror-sizer{-moz-box-sizing:content-box;box-sizing:content-box}.CodeMirror-measure{position:absolute;width:100%;height:0;overflow:hidden;visibility:hidden}.CodeMirror-cursor{position:absolute;pointer-events:none}.CodeMirror-measure pre{position:static}div.CodeMirror-cursors{visibility:hidden;position:relative;z-index:3}div.CodeMirror-dragcursors{visibility:visible}.CodeMirror-focused div.CodeMirror-cursors{visibility:visible}.CodeMirror-selected{background:#d9d9d9}.CodeMirror-focused .CodeMirror-selected{background:#d7d4f0}.CodeMirror-crosshair{cursor:crosshair}.CodeMirror-line::selection,.CodeMirror-line>span::selection,.CodeMirror-line>span>span::selection{background:#d7d4f0}.CodeMirror-line::-moz-selection,.CodeMirror-line>span::-moz-selection,.CodeMirror-line>span>span::-moz-selection{background:#d7d4f0}.cm-searching{background-color:#ffa;background-color:rgba(255,255,0,.4)}.cm-force-border{padding-right:.1px}@media print{.CodeMirror div.CodeMirror-cursors{visibility:hidden}}.cm-tab-wrap-hack:after{content:''}span.CodeMirror-selectedtext{background:0 0}.aam-alert-danger{border-radius:0;margin:10px 0;color:#a94442;background-color:#f2dede;border-color:#ebccd1;padding:15px;border:1px solid transparent}.aam-infobox{border-left:5px solid #257fad;padding:20px;background-color:#d9edf7;margin-bottom:0}</style>
4
+
5
+ <?php
6
+ if (!empty($params->post->post_content)) {
7
+ // Validate the policy
8
+ $validator = new AAM_Core_Policy_Validator(htmlspecialchars_decode($params->post->post_content));
9
+ $errors = $validator->validate();
10
+ } else {
11
+ $params->post->post_content = AAM_Backend_Feature_Main_Policy::getDefaultPolicy();
12
+ $errors = array();
13
+ }
14
+ ?>
15
+
16
+ <div class="aam-alert-danger<?php echo (empty($errors) ? ' hidden' : ''); ?>" id="policy-parsing-error">
17
+ <?php echo implode('<br/>', $errors); ?>
18
+ </div>
19
+
20
+ <textarea id="aam-policy-editor" name="aam-policy" class="policy-editor" rows="10"><?php echo $params->post->post_content; ?></textarea>
21
+
22
+ <p class="aam-infobox">
23
+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('To learn more about Access &amp; Security policy document, please check [%sAccess &amp; Security Policy%s] page.', 'b'), '<a href="https://aamplugin.com/reference/policy" target="_blank">', '</a>'); ?>
24
+ </p>
25
+
26
+ <script type='text/javascript' src="<?php echo AAM_MEDIA . '/js/vendor.js'; ?>"></script>
27
+
28
+ <script type='text/javascript'>
29
+ (function($) {
30
+ var editor = CodeMirror.fromTextArea(
31
+ document.getElementById("aam-policy-editor"), {
32
+ mode: "application/json",
33
+ lineNumbers: true
34
+ }
35
+ );
36
+
37
+ $(document).ready(function() {
38
+ $('form[name="post"]').bind('submit', function(event) {
39
+ var json = editor.getValue();
40
+
41
+ $('#policy-parsing-error').addClass('hidden');
42
+
43
+ try {
44
+ JSON.parse(json);
45
+
46
+ $('#aam-policy-editor').val(json);
47
+ } catch (e) {
48
+ event.preventDefault();
49
+
50
+ $('#policy-parsing-error').removeClass('hidden').html(
51
+ '<b><?php echo __('Syntax Error', AAM_KEY); ?></b>: ' + e.message.replace('JSON.parse:', '')
52
+ );
53
+ }
54
+ });
55
+ });
56
+ }(jQuery));
57
+ </script>
58
+ </div>
59
+ <?php }
application/Backend/tmpl/metabox/policy-principal-metabox.php ADDED
@@ -0,0 +1,3 @@
 
 
 
1
+ <?php if (defined('AAM_KEY')) { ?>
2
+ <iframe src="<?php echo admin_url('admin.php?page=aam&aamframe=principal&id=' . $params->post->ID); ?>" width="100%" height="450" style="border: 0; margin-top:0;" id="policy-principal"></iframe>
3
+ <?php }
application/Backend/tmpl/metabox/post-iframe.php ADDED
@@ -0,0 +1,19 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <?php echo static::loadTemplate(__DIR__ . '/iframe-header.php'); ?>
5
+
6
+ <div class="row" style="margin: 10px 0 0 0;">
7
+ <div class="col-sm-4" style="padding: 0;">
8
+ <?php echo static::loadTemplate(dirname(__DIR__) . '/page/subject-panel.php'); ?>
9
+ </div>
10
+
11
+ <div class="col-sm-8">
12
+ <div id="aam-access-form-container">
13
+ <?php echo $params->postManager->getAccessForm($params->objectId, $params->objectType); ?>
14
+ </div>
15
+ </div>
16
+ </div>
17
+
18
+ <?php echo static::loadTemplate(__DIR__ . '/iframe-footer.php'); ?>
19
+ <?php }
application/Backend/{phtml/metabox/post-metabox.phtml → tmpl/metabox/post-metabox.php} RENAMED
@@ -1,3 +1,5 @@
 
 
1
  <?php if (defined('AAM_KEY')) { ?>
2
- <iframe src="<?php echo admin_url('admin.php?page=aam&aamframe=post&oid=' . $args->post->ID . '&otype=post'); ?>" width="100%" height="450" style="border-bottom: 1px solid #e5e5e5; margin-top:10px;"></iframe>
3
  <?php }
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
  <?php if (defined('AAM_KEY')) { ?>
4
+ <iframe src="<?php echo admin_url('admin.php?page=aam&aamframe=post&id=' . $params->post->ID . '&type=post'); ?>" width="100%" height="450" style="border-bottom: 1px solid #e5e5e5; margin-top:10px;"></iframe>
5
  <?php }
application/Backend/tmpl/metabox/principal-iframe.php ADDED
@@ -0,0 +1,12 @@
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <?php echo static::loadTemplate(__DIR__ . '/iframe-header.php', $params); ?>
5
+
6
+ <?php echo static::loadTemplate(dirname(__DIR__) . '/page/subject-panel.php', $params); ?>
7
+
8
+ <!-- Additional attributes -->
9
+ <input type="hidden" id="aam-policy-id" value="<?php echo $params->policyId; ?>" />
10
+
11
+ <?php echo static::loadTemplate(__DIR__ . '/iframe-footer.php', $params); ?>
12
+ <?php }
application/Backend/tmpl/metabox/term-metabox.php ADDED
@@ -0,0 +1,12 @@
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <tr class="form-field term-access-manager-wrap">
5
+ <th scope="row"><label for="term-access-manager"><?php _e('Access Manager', AAM_KEY); ?></label></th>
6
+ <td>
7
+ <div style="padding: 0px 10px; box-sizing: border-box; background-color: #FFFFFF; width: 95%;">
8
+ <iframe src="<?php echo admin_url('admin.php?page=aam&aamframe=post&id=' . $params->term->term_id . '|' . $params->term->taxonomy . '|' . $params->postType . '&type=term'); ?>" width="100%" height="450" style="border-bottom: 1px solid #e5e5e5; margin-top:10px;"></iframe>
9
+ </div>
10
+ </td>
11
+ </tr>
12
+ <?php }
application/Backend/tmpl/metabox/user-iframe.php ADDED
@@ -0,0 +1,21 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <?php echo static::loadTemplate(__DIR__ . '/iframe-header.php'); ?>
5
+
6
+ <div class="row" style="margin: 10px 0 0 0;">
7
+ <div class="col-sm-12">
8
+ <div id="aam-content">
9
+ <?php echo static::loadPartial('loading-content'); ?>
10
+ </div>
11
+ </div>
12
+ </div>
13
+
14
+ <!-- User specific attributes -->
15
+ <input type="hidden" id="aam-subject-type" value="user" />
16
+ <input type="hidden" id="aam-subject-id" value="<?php echo $params->user->ID; ?>" />
17
+ <input type="hidden" id="aam-subject-name" value="<?php echo esc_js($params->user->display_name); ?>" />
18
+ <input type="hidden" id="aam-subject-level" value="<?php echo AAM_Core_API::maxLevel($params->user->allcaps); ?>" />
19
+
20
+ <?php echo static::loadTemplate(__DIR__ . '/iframe-footer.php'); ?>
21
+ <?php }
application/Backend/tmpl/metabox/user-metabox.php ADDED
@@ -0,0 +1,5 @@
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <iframe src="<?php echo admin_url('admin.php?page=aam&aamframe=user&id=' . $params->user->ID); ?>" width="100%" height="550" style="border-bottom: 1px solid #e5e5e5; margin-top:10px;"></iframe>
5
+ <?php }
application/Backend/tmpl/page/addon-panel.php ADDED
@@ -0,0 +1,110 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div id="extension-content" class="extension-container">
5
+ <div class="row">
6
+ <div class="col-xs-12">
7
+ <p class="aam-info">
8
+ <?php echo AAM_Backend_View_Helper::preparePhrase('By purchasing any of the premium addon(s) below, you obtain the license that allows you to install and use AAM software for one physical WordPress installation only. Exceptions are websites where URL is either [localhost] or starts with [dev.], [staging.], [test.] or [demo.] They are considered as development websites and you can use the purchased license unlimited number of times before it is activated on a production website. [Money back guaranteed] within 30 day from the time of purchase.', 'i', 'i', 'i', 'i', 'i', 'i', 'b'); ?><br />
9
+ </p>
10
+ </div>
11
+ </div>
12
+
13
+ <label for="extension-key"><?php echo __('Download Addon', AAM_KEY); ?> <a href="#license-key-info-modal" data-toggle="modal"><i class="icon-help-circled"></i></a></label>
14
+ <div class="row">
15
+ <div class="col-xs-8">
16
+ <div class="form-group">
17
+ <input type="text" class="form-control" id="extension-key" placeholder="<?php echo __('Enter The License Key', AAM_KEY); ?>" />
18
+ </div>
19
+ </div>
20
+ <div class="col-xs-4">
21
+ <button class="btn btn-primary btn-block" id="download-extension"><i class="icon-download-cloud"></i> <?php echo __('Download', AAM_KEY); ?></button>
22
+ </div>
23
+ </div>
24
+
25
+ <?php $commercial = AAM_Addon_Repository::getInstance()->getList('commercial'); ?>
26
+
27
+ <div>
28
+ <ul class="nav nav-tabs" role="tablist">
29
+ <?php if (count($commercial)) { ?><li role="presentation" class="active"><a href="#premium-extensions" aria-controls="premium-extensions" role="tab" data-toggle="tab"><i class='icon-basket'></i> <?php echo __('Premium', AAM_KEY); ?></a></li><?php } ?>
30
+ </ul>
31
+
32
+ <div class="tab-content">
33
+ <div role="tabpanel" class="tab-pane<?php echo (count($commercial) ? ' active' : ''); ?>" id="premium-extensions">
34
+ <table class="table table-striped table-bordered">
35
+ <tbody>
36
+ <?php foreach ($commercial as $i => $product) { ?>
37
+ <tr>
38
+ <td width="80%">
39
+ <span class='aam-setting-title'><?php echo $product['title'], (!empty($product['tag']) ? '<sup><span class="badge sup">' . $product['tag'] . '</span></sup>' : ''), (!empty($product['version']) ? ' <small class="text-muted">' . $product['version'] . '</small>' : ''); ?></span>
40
+ <?php if (!empty($product['license'])) { ?>
41
+ <small class="aam-license-key"><b><?php echo __('License', AAM_KEY); ?>:</b> <a href="https://aamplugin.com/license/<?php echo $product['license']; ?>" target="_blank"><?php echo $product['license']; ?></a> <?php echo (!empty($product['expire']) ? sprintf('(expire on %s)', $product['expire']) : ''); ?></small>
42
+ <?php } elseif (!empty($product['version'])) { ?>
43
+ <small class="aam-license-key"><b><?php echo __('License', AAM_KEY); ?>:</b> <span class="text-danger"><?php echo __('unregistered version', AAM_KEY); ?></span></small>
44
+ <?php } ?>
45
+ <p class="aam-extension-description">
46
+ <?php echo $product['description']; ?>
47
+ </p>
48
+ </td>
49
+ <td class="text-center">
50
+ <?php if (!empty($product['isActive'])) { ?>
51
+ <a href="#" class="btn btn-sm btn-success btn-block disabled"><i class="icon-check"></i> <?php echo __('Active', AAM_KEY); ?></a>
52
+ <?php } elseif (!empty($product['version'])) { ?>
53
+ <a href="#" class="btn btn-sm btn-warning btn-block disabled"><i class="icon-attention-circled"></i> <?php echo __('Inactive', AAM_KEY); ?></a>
54
+ <?php } else { ?>
55
+ <a href="<?php echo $product['url']; ?>" target="_blank" class="btn btn-sm btn-primary btn-block"><i class="icon-link"></i> <?php echo __('Read More', AAM_KEY); ?></a>
56
+ <?php } ?>
57
+ </td>
58
+ </tr>
59
+ <?php } ?>
60
+ </tbody>
61
+ </table>
62
+ </div>
63
+ </div>
64
+ </div>
65
+
66
+ <div class="modal fade" id="license-key-info-modal" tabindex="-1" role="dialog">
67
+ <div class="modal-dialog" role="document">
68
+ <div class="modal-content">
69
+ <div class="modal-header">
70
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
71
+ <h4 class="modal-title"><?php echo __('License Key Info', AAM_KEY); ?></h4>
72
+ </div>
73
+ <div class="modal-body aam-info-modal">
74
+ <p>
75
+ <?php echo __('Insert license key that you received after the payment (find the email example below). It might take up to 2 hours to process the payment.', AAM_KEY); ?>
76
+ <br /> <br />
77
+ <img src="https://aamplugin.com/media/img/email-confirmation.jpg" class="img-responsive" />
78
+ </p>
79
+ </div>
80
+ <div class="modal-footer">
81
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
82
+ </div>
83
+ </div>
84
+ </div>
85
+ </div>
86
+
87
+ <div class="modal fade" id="downloaded-info-modal" tabindex="-1" role="dialog">
88
+ <div class="modal-dialog" role="document">
89
+ <div class="modal-content">
90
+ <div class="modal-header">
91
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
92
+ <h4 class="modal-title"><?php echo __('Plugin Installation', AAM_KEY); ?></h4>
93
+ </div>
94
+ <div class="modal-body">
95
+ <p class="alert alert-success text-center">
96
+ <?php echo __('The plugin has been successfully downloaded from our server.', AAM_KEY); ?>
97
+ </p>
98
+
99
+ <p class="aam-info aam-outer-top-xs">
100
+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('With AAM v6.0.0 or higher, all premium addons are [regular WordPress plugins] that you can upload by going to the %sPlugins%s page or extract downloaded ZIP archive to the [/wp-content/plugins] folder.', 'b', 'i'), '<a href="' . admin_url('plugin-install.php?tab=upload') . '" target="_blank">', '</a>'); ?>
101
+ </p>
102
+ </div>
103
+ <div class="modal-footer">
104
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
105
+ </div>
106
+ </div>
107
+ </div>
108
+ </div>
109
+ </div>
110
+ <?php }
application/Backend/tmpl/page/current-subject.php ADDED
@@ -0,0 +1,9 @@
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="row" id="aam-subject-banner">
5
+ <div class="col-xs-12 col-md-8">
6
+ <div class="aam-current-subject"></div>
7
+ </div>
8
+ </div>
9
+ <?php }
application/Backend/tmpl/page/main-panel.php ADDED
@@ -0,0 +1,36 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <?php $features = AAM_Backend_Feature::retrieveList($params->type); ?>
5
+ <?php if (count($features)) { ?>
6
+ <?php if (count($features) > 1) { ?>
7
+ <div class="row">
8
+ <div class="col-xs-12 col-md-4">
9
+ <ul class="list-group" id="feature-list">
10
+ <?php
11
+ foreach ($features as $i => $feature) {
12
+ echo '<li class="list-group-item' . (isset($feature->class) ? ' ' . $feature->class : '') . '" data-feature="' . $feature->uid . '">';
13
+ echo $feature->title;
14
+ echo (empty($feature->notification) ? '' : ' <span class="badge">' . $feature->notification . '</span>');
15
+ echo '</li>';
16
+ }
17
+ ?>
18
+ </ul>
19
+ </div>
20
+ <div class="col-xs-12 col-md-8">
21
+ <?php
22
+ foreach ($features as $feature) {
23
+ echo $feature->view->getContent();
24
+ }
25
+ ?>
26
+ </div>
27
+ </div>
28
+ <?php } else {
29
+ echo array_pop($features)->view->getContent();
30
+ } ?>
31
+ <?php } else { ?>
32
+ <div class="col-xs-12">
33
+ <p class="aam-notification text-larger text-center"><?php echo __('You are not allowed to manage any of the existing services.', AAM_KEY); ?></p>
34
+ </div>
35
+ <?php } ?>
36
+ <?php }
application/Backend/tmpl/page/subject-panel-advanced.php ADDED
@@ -0,0 +1,117 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="modal fade" id="add-role-modal" tabindex="-1" role="dialog">
5
+ <div class="modal-dialog modal-sm" role="document">
6
+ <div class="modal-content">
7
+ <div class="modal-header">
8
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
9
+ <h4 class="modal-title"><?php echo __('Create Role', AAM_KEY); ?></h4>
10
+ </div>
11
+ <div class="modal-body">
12
+ <div class="form-group">
13
+ <label><?php echo __('Role Name', AAM_KEY); ?><span class="aam-asterix">*</span></label>
14
+ <input type="text" class="form-control" name="name" placeholder="<?php echo __('Enter Role Name', AAM_KEY); ?>" />
15
+ </div>
16
+ <?php echo apply_filters('aam_add_role_ui_filter', AAM_Backend_View::getInstance()->loadPartial('role-inheritance')); ?>
17
+ </div>
18
+ <div class="modal-footer">
19
+ <button type="button" class="btn btn-success" id="add-role-btn"><?php echo __('Create', AAM_KEY); ?></button>
20
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
21
+ </div>
22
+ </div>
23
+ </div>
24
+ </div>
25
+
26
+ <div class="modal fade" id="edit-role-modal" tabindex="-1" role="dialog">
27
+ <div class="modal-dialog modal-sm" role="document">
28
+ <div class="modal-content">
29
+ <div class="modal-header">
30
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
31
+ <h4 class="modal-title"><?php echo __('Update Role', AAM_KEY); ?></h4>
32
+ </div>
33
+ <div class="modal-body">
34
+ <div class="form-group">
35
+ <label for="new-role-name"><?php echo __('Role Name', AAM_KEY); ?></label>
36
+ <input type="text" class="form-control" id="edit-role-name" placeholder="<?php echo __('Enter Role Name', AAM_KEY); ?>" name="name" />
37
+ </div>
38
+ <?php do_action('aam_edit_role_ui_action'); ?>
39
+ </div>
40
+ <div class="modal-footer">
41
+ <button type="button" class="btn btn-success" id="edit-role-btn"><?php echo __('Update', AAM_KEY); ?></button>
42
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
43
+ </div>
44
+ </div>
45
+ </div>
46
+ </div>
47
+
48
+ <div class="modal fade" id="delete-role-modal" tabindex="-1" role="dialog">
49
+ <div class="modal-dialog modal-sm" role="document">
50
+ <div class="modal-content">
51
+ <div class="modal-header">
52
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
53
+ <h4 class="modal-title"><?php echo __('Delete Role', AAM_KEY); ?></h4>
54
+ </div>
55
+ <div class="modal-body">
56
+ <p class="text-center aam-confirm-message alert alert-danger" data-message="<?php echo __('Are you sure that you want to delete the %s role?', AAM_KEY); ?>"></p>
57
+ </div>
58
+ <div class="modal-footer">
59
+ <button type="button" class="btn btn-danger" id="delete-role-btn"><?php echo __('Delete', AAM_KEY); ?></button>
60
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
61
+ </div>
62
+ </div>
63
+ </div>
64
+ </div>
65
+
66
+ <div class="modal fade" id="edit-user-modal" tabindex="-1" role="dialog">
67
+ <div class="modal-dialog" role="document">
68
+ <div class="modal-content">
69
+ <div class="modal-header">
70
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
71
+ <h4 class="modal-title"><?php echo __('Manage User', AAM_KEY); ?></h4>
72
+ </div>
73
+ <div class="modal-body">
74
+ <p class="aam-info"><?php echo __('Define for how long user can access the website and what action needs to be taken after access expires.', AAM_KEY); ?>
75
+
76
+ <div class="form-group aam-bordered">
77
+ <div id="user-expiration-datapicker"></div>
78
+ <input type="hidden" id="user-expires" />
79
+ </div>
80
+
81
+ <div class="aam-bordered">
82
+ <div class="form-group">
83
+ <label><?php echo __('Action After Expiration', AAM_KEY); ?> </label>
84
+ <?php
85
+ $expirationActions = array(
86
+ '' => __('Select Action', AAM_KEY),
87
+ 'logout' => __('Logout User', AAM_KEY),
88
+ 'delete' => __('Delete Account', AAM_KEY),
89
+ 'change-role' => __('Change User Role', AAM_KEY)
90
+ );
91
+ ?>
92
+ <select class="form-control" id="action-after-expiration">
93
+ <?php foreach(apply_filters('aam_user_expiration_actions_filter', $expirationActions) as $key => $label) { ?>
94
+ <option value="<?php echo $key; ?>"><?php echo $label; ?></option>
95
+ <?php } ?>
96
+ </select>
97
+ </div>
98
+
99
+ <div class="form-group hidden" id="expiration-change-role-holder">
100
+ <label><?php echo __('Change To Role', AAM_KEY); ?></label>
101
+ <select class="form-control" id="expiration-change-role">
102
+ <option value=""><?php echo __('Select Role', AAM_KEY); ?></option>
103
+ </select>
104
+ </div>
105
+ </div>
106
+
107
+ <?php do_action('aam_post_edit_user_modal_action'); ?>
108
+ </div>
109
+ <div class="modal-footer">
110
+ <button type="button" class="btn btn-warning hidden" id="reset-user-expiration-btn"><?php echo __('Reset', AAM_KEY); ?></button>
111
+ <button type="button" class="btn btn-success" id="edit-user-expiration-btn"><?php echo __('Save', AAM_KEY); ?></button>
112
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
113
+ </div>
114
+ </div>
115
+ </div>
116
+ </div>
117
+ <?php }
application/Backend/tmpl/page/subject-panel.php ADDED
@@ -0,0 +1,84 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="metabox-holder main-metabox">
5
+ <div class="postbox">
6
+ <h3 class="hndle">
7
+ <span><?php echo __('Users/Roles Manager', AAM_KEY); ?></span>
8
+ </h3>
9
+ <div class="inside" id="user-role-manager-inside">
10
+ <div class="aam-postbox-inside">
11
+ <ul class="nav nav-tabs" role="tablist">
12
+ <?php $active = 0; ?>
13
+ <?php if (current_user_can('aam_manage_roles')) { ?>
14
+ <li role="presentation" class="<?php echo (!$active++ ? 'active ' : ''); ?>text-center"><a href="#roles" aria-controls="roles" role="tab" data-toggle="tab"><i class="icon-users"></i><span class="aam-subject-title"><?php echo __('Roles', AAM_KEY); ?></span></a></li>
15
+ <?php } ?>
16
+ <?php if (current_user_can('aam_manage_users')) { ?>
17
+ <li role="presentation" class="<?php echo (!$active++ ? 'active ' : ''); ?>text-center"><a href="#users" aria-controls="users" role="tab" data-toggle="tab"><i class="icon-user"></i><span class="aam-subject-title"><?php echo __('Users', AAM_KEY); ?></span></a></li>
18
+ <?php } ?>
19
+ <?php if (current_user_can('aam_manage_visitors')) { ?>
20
+ <li role="presentation" class="<?php echo (!$active++ ? 'active ' : ''); ?>text-center"><a href="#visitor" aria-controls="visitor" role="tab" data-toggle="tab"><i class="icon-user-secret"></i><span class="aam-subject-title"><?php echo __('Visitor', AAM_KEY); ?></span></a></li>
21
+ <?php } ?>
22
+ <?php if (current_user_can('aam_manage_default')) { ?>
23
+ <li role="presentation" class="<?php echo (!$active++ ? 'active ' : ''); ?>text-center"><a href="#default" aria-controls="default" role="tab" data-toggle="tab" class="text-danger"><i class="icon-asterisk"></i><span class="aam-subject-title"><?php echo __('Default', AAM_KEY); ?></span></a></li>
24
+ <?php } ?>
25
+ <?php if ($active === 0) { ?>
26
+ <li role="presentation" class="active text-center"><a href="#none" aria-controls="none" role="tab" data-toggle="tab" class="text-muted"><i class="icon-asterisk"></i><span class="aam-subject-title"><?php echo __('None', AAM_KEY); ?></span></a></li>
27
+ <?php } ?>
28
+ </ul>
29
+ <div class="tab-content">
30
+ <?php $active = 0; ?>
31
+ <?php if (current_user_can('aam_manage_roles')) { ?>
32
+ <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="roles">
33
+ <table id="role-list" class="table table-striped table-bordered">
34
+ <thead>
35
+ <tr>
36
+ <th>ID</th>
37
+ <th>Users</th>
38
+ <th width="65%"><?php echo __('Role', AAM_KEY); ?></th>
39
+ <th><?php echo __('Action', AAM_KEY); ?></th>
40
+ <th>Level</th>
41
+ </tr>
42
+ </thead>
43
+ <tbody></tbody>
44
+ </table>
45
+ </div>
46
+ <?php } ?>
47
+ <?php if (current_user_can('aam_manage_users')) { ?>
48
+ <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="users">
49
+ <table id="user-list" class="table table-striped table-bordered">
50
+ <thead>
51
+ <tr>
52
+ <th>ID</th>
53
+ <th>Roles</th>
54
+ <th width="60%"><?php echo __('Username', AAM_KEY); ?></th>
55
+ <th><?php echo __('Action', AAM_KEY); ?></th>
56
+ <th>Level</th>
57
+ <th>Expiration</th>
58
+ </tr>
59
+ </thead>
60
+ <tbody></tbody>
61
+ </table>
62
+ </div>
63
+ <?php } ?>
64
+ <?php if (current_user_can('aam_manage_visitors')) { ?>
65
+ <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="visitor">
66
+ <?php echo apply_filters('aam_visitor_subject_tab_filter', static::loadPartial('visitor-subject-tab', $params), $params); ?>
67
+ </div>
68
+ <?php } ?>
69
+ <?php if (current_user_can('aam_manage_default')) { ?>
70
+ <div role="tabpanel" class="tab-pane<?php echo (!$active++ ? ' active' : ''); ?>" id="default">
71
+ <?php echo apply_filters('aam_default_subject_tab_filter', static::loadPartial('default-subject-tab', $params), $params); ?>
72
+ </div>
73
+ <?php } ?>
74
+ <?php if ($active === 0) { ?>
75
+ <div role="tabpanel" class="tab-pane active" id="none">
76
+ <p class="alert alert-warning"><?php echo __('You are not allowed to manage any of the existing users, roles, visitors or default access settings.', AAM_KEY); ?></p>
77
+ </div>
78
+ <?php } ?>
79
+ </div>
80
+ </div>
81
+ </div>
82
+ </div>
83
+ </div>
84
+ <?php }
application/Backend/tmpl/partial/default-principal-subject-tab.php ADDED
@@ -0,0 +1,9 @@
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="visitor-message">
5
+ <p class="aam-notification">
6
+ <?php echo AAM_Backend_View_Helper::preparePhrase('This feature is allowed only with [Plus Package] addon.', 'b'); ?>
7
+ </p>
8
+ </div>
9
+ <?php }
application/Backend/tmpl/partial/default-subject-tab.php ADDED
@@ -0,0 +1,8 @@
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="visitor-message">
5
+ <span class="aam-bordered"><?php echo __('Manage default access to your website resources for all users, roles and visitor. This includes Administrator role and your user', AAM_KEY); ?>.</span>
6
+ <button class="btn btn-danger btn-block" id="manage-default"><i class="icon-cog"></i> <?php echo __('Manage Default Access', AAM_KEY); ?></button>
7
+ </div>
8
+ <?php }
application/Backend/tmpl/partial/jwt-login-url.php ADDED
@@ -0,0 +1,18 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="form-group aam-bordered aam-outer-top-xs">
5
+ <label for="login-url-preview" class="aam-block">
6
+ <?php echo __('Login with URL', AAM_KEY); ?>
7
+ <a href="#" class="aam-copy-clipboard" data-clipboard-target="#login-url-preview"><?php echo __('Copy to clipboard', AAM_KEY); ?></a>
8
+ </label>
9
+ <div class="input-group">
10
+ <input type="text" class="form-control" id="login-url-preview" data-url="<?php echo add_query_arg('aam-jwt', '%s', site_url()); ?>" value="<?php echo __('Login URL has not been requested', AAM_KEY); ?>" readonly />
11
+ <span class="input-group-btn">
12
+ <a href="#" class="btn btn-primary" id="request-login-url"><?php echo __('Request URL', AAM_KEY); ?></a>
13
+ </span>
14
+ <input type="hidden" id="login-jwt" />
15
+ </div>
16
+ <small><?php echo AAM_Backend_View_Helper::preparePhrase('With this URL user will be automatically logged in until defined date and time. The JWT token associated with URL is [revokable] however not [refreshable].', 'i', 'i'); ?></small>
17
+ </div>
18
+ <?php }
application/Backend/tmpl/partial/loading-content.php ADDED
@@ -0,0 +1,7 @@
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <p class="alert alert-info text-larger text-center" id="aam-initial-load">
5
+ <?php echo AAM_Backend_View_Helper::preparePhrase('[Loading AAM UI]. Please wait. If content will not load within next 30 seconds, clear your browser cache and reload the page. If still nothing, it is most likely some sort of JavaScript or CSS conflict with one your active plugins or theme. Try to deactivate all plugins and switch to any default WordPress theme to find out what causes the issue.', 'strong'); ?>
6
+ </p>
7
+ <?php }
application/Backend/tmpl/partial/post-access-form.php ADDED
@@ -0,0 +1,214 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="aam-overwrite<?php echo $params->object->isOverwritten() ? '' : ' hidden'; ?>" id="post-term-overwritten">
5
+ <span><i class="icon-check"></i> <?php echo __('Settings are customized', AAM_KEY); ?></span>
6
+ <span><a href="#" id="content-reset" data-type="post" data-id="<?php echo $params->object->getId(); ?>" class="btn btn-xs btn-primary"><?php echo __('Reset to default', AAM_KEY); ?></a></span>
7
+ </div>
8
+
9
+ <input type="hidden" value="<?php echo $params->type; ?>" id="content-object-type" />
10
+ <input type="hidden" value="<?php echo $params->id; ?>" id="content-object-id" />
11
+
12
+ <table class="table table-striped table-bordered">
13
+ <tbody>
14
+ <?php foreach ($params->options as $option => $data) { ?>
15
+ <tr>
16
+ <?php $id = 'advanced-' . $option; ?>
17
+ <td width="90%">
18
+ <strong class="aam-block aam-highlight text-uppercase"><?php echo $data['title']; ?></strong>
19
+ <?php if (!empty($data['sub'])) { ?>
20
+ <small class="aam-small-highlighted">
21
+ <?php echo $data['sub']; ?>: <b class="option-preview"><?php echo (isset($params->previews[$option]) ? $params->previews[$option] : '...') ?></b>
22
+ <a href="#<?php echo $data['modal']; ?>" data-toggle="modal" class="advanced-post-option" data-ref="<?php echo $option; ?>" id="<?php echo $id; ?>">
23
+ <?php echo __('change', AAM_KEY); ?>
24
+ </a>
25
+ </small>
26
+ <?php } ?>
27
+ <p class="aam-hint">
28
+ <?php echo str_replace(
29
+ array('{postType}'),
30
+ array(get_post_type_labels($params->postType)->singular_name),
31
+ $data['description']
32
+ ); ?>
33
+ </p>
34
+ </td>
35
+ <td>
36
+ <div class="aam-row-actions">
37
+ <i class="aam-row-action <?php echo ($params->object->is($option) ? 'text-danger icon-check' : 'text-muted icon-check-empty'); ?>" data-property="<?php echo $option; ?>" <?php echo (!empty($data['sub']) ? 'data-trigger="' . $id . '"' : ''); ?>></i>
38
+ </div>
39
+ </td>
40
+ </tr>
41
+ <?php } ?>
42
+ </tbody>
43
+ </table>
44
+
45
+ <div class="modal fade" id="modal-teaser" tabindex="-1" role="dialog">
46
+ <div class="modal-dialog" role="document">
47
+ <div class="modal-content">
48
+ <div class="modal-header">
49
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
50
+ <h4 class="modal-title"><?php echo __('Teaser Message', AAM_KEY); ?></h4>
51
+ </div>
52
+ <div class="modal-body">
53
+ <div class="form-group">
54
+ <label><?php echo __('Plain text or valid HTML', AAM_KEY); ?></label>
55
+ <textarea class="form-control" placeholder="<?php echo __('Enter your teaser message...', AAM_KEY); ?>" rows="5" id="aam-teaser-message"><?php echo $params->object->get('teaser.message'); ?></textarea>
56
+ <span class="hint text-muted"><?php echo AAM_Backend_View_Helper::preparePhrase('Use [&#91;excerpt&#93;] shortcode to insert post excerpt to the teaser message.', 'strong'); ?></span>
57
+ </div>
58
+ </div>
59
+ <div class="modal-footer">
60
+ <button type="button" class="btn btn-success btn-save" id="save-teaser-btn"><?php echo __('Save', AAM_KEY); ?></button>
61
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
62
+ </div>
63
+ </div>
64
+ </div>
65
+ </div>
66
+
67
+ <div class="modal fade" id="modal-limited" tabindex="-1" role="dialog">
68
+ <div class="modal-dialog modal-sm" role="document">
69
+ <div class="modal-content">
70
+ <div class="modal-header">
71
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
72
+ <h4 class="modal-title"><?php echo __('Define Access Limit', AAM_KEY); ?></h4>
73
+ </div>
74
+ <div class="modal-body">
75
+ <div class="form-group">
76
+ <label><?php echo __('Access Limit Threshold', AAM_KEY); ?></label>
77
+ <input type="number" class="form-control" placeholder="<?php echo __('Enter digital number', AAM_KEY); ?>" id="aam-access-threshold" value="<?php echo $params->object->get('limited.threshold'); ?>" />
78
+ </div>
79
+ <?php if ($params->subject->isUser()) { ?>
80
+ <?php $counter = intval(get_user_option(sprintf(AAM_Service_Content::POST_COUNTER_DB_OPTION, $params->object->ID), $params->subject->getId())); ?>
81
+ <?php $remaining = $params->object->get('limited.threshold') - $counter; ?>
82
+
83
+ <div class="form-group">
84
+ <p class="alert alert-info"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('The user can access content [%d] times.', 'b'), $remaining >= 0 ? $remaining : 0); ?></p>
85
+ </div>
86
+ <?php } ?>
87
+ </div>
88
+ <div class="modal-footer">
89
+ <?php if (!empty($counter)) { ?><button type="button" class="btn btn-warning btn-save" id="reset-limited-btn"><?php echo __('Reset', AAM_KEY); ?></button><?php } ?>
90
+ <button type="button" class="btn btn-success btn-save" id="save-limited-btn"><?php echo __('Save', AAM_KEY); ?></button>
91
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
92
+ </div>
93
+ </div>
94
+ </div>
95
+ </div>
96
+
97
+ <div class="modal fade" id="modal-redirect" tabindex="-1" role="dialog">
98
+ <div class="modal-dialog" role="document">
99
+ <div class="modal-content">
100
+ <div class="modal-header">
101
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
102
+ <h4 class="modal-title"><?php echo __('Access Redirect', AAM_KEY); ?></h4>
103
+ </div>
104
+ <div class="modal-body">
105
+ <p class="aam-info"><?php echo __('Use REDIRECT option only if you want to redirect user to a different location either temporary or permanently. Do not use it as a way to protect access to avoid inconsistent user experience.'); ?></p>
106
+ <div class="form-group aam-outer-top-xs">
107
+ <?php $type = $params->object->get('redirected.type'); ?>
108
+ <div class="radio">
109
+ <input type="radio" id="post-redirect-page" name="post-redirect-type" class="post-redirect-type" data-action="#post-redirect-page-action" value="page" <?php echo ($type === 'page' ? 'checked' : ''); ?> />
110
+ <label for="post-redirect-page"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to existing page [(select from the drop-down)]', 'small'); ?></label>
111
+ </div>
112
+ <div class="radio">
113
+ <input type="radio" id="post-redirect-url" name="post-redirect-type" class="post-redirect-type" data-action="#post-redirect-url-action" value="url" <?php echo ($type === 'url' ? 'checked' : ''); ?> />
114
+ <label for="post-redirect-url"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to the URL [(enter full URL starting from http or https)]', 'small'); ?></label>
115
+ </div>
116
+ <?php if ($params->subject->isVisitor()) { ?>
117
+ <div class="radio">
118
+ <input type="radio" id="post-redirect-login" name="post-redirect-type" class="post-redirect-type" value="login" data-action="none" <?php echo ($type === 'login' ? 'checked' : ''); ?> />
119
+ <label for="post-redirect-login"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirect to the login page [(after login, user will be redirected back to the restricted page)]', 'small'); ?></label>
120
+ </div>
121
+ <?php } ?>
122
+ <div class="radio">
123
+ <input type="radio" id="post-redirect-callback" name="post-redirect-type" class="post-redirect-type" data-action="#post-redirect-callback-action" value="callback" <?php echo ($type === 'callback' ? 'checked' : ''); ?> />
124
+ <label for="post-redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="https://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
125
+ </div>
126
+
127
+ <div class="form-group post-redirect-value" id="post-redirect-page-value-container" style="display: <?php echo ($type === 'page' ? 'block' : 'none'); ?>;">
128
+ <label><?php echo __('Existing Page', AAM_KEY); ?></label>
129
+ <?php
130
+ wp_dropdown_pages(array(
131
+ 'depth' => 99,
132
+ 'echo' => 1,
133
+ 'selected' => ($type === 'page' ? $params->object->get('redirected.destination') : null),
134
+ 'id' => 'post-redirect-page-value',
135
+ 'class' => 'form-control',
136
+ 'show_option_none' => __('-- Select Page --', AAM_KEY)
137
+ ));
138
+ ?>
139
+ </div>
140
+
141
+ <div class="form-group post-redirect-value" id="post-redirect-url-value-container" style="display: <?php echo ($type === 'url' ? 'block' : 'none'); ?>;">
142
+ <label><?php echo __('The URL', AAM_KEY); ?></label>
143
+ <input type="text" class="form-control" id="post-redirect-url-value" placeholder="https://" value="<?php echo ($type === 'url' ? $params->object->get('redirected.destination') : null); ?>" />
144
+ </div>
145
+
146
+ <div class="form-group post-redirect-value" id="post-redirect-callback-value-container" style="display: <?php echo ($type === 'callback' ? 'block' : 'none'); ?>;">
147
+ <label><?php echo __('PHP Callback Function', AAM_KEY); ?></label>
148
+ <input type="text" class="form-control" id="post-redirect-callback-value" placeholder="<?php echo __('Enter valid callback', AAM_KEY); ?>" value="<?php echo ($type === 'callback' ? $params->object->get('redirected.destination') : null); ?>" />
149
+ </div>
150
+
151
+ <div class="form-group post-redirect-value" id="post-redirect-code-value-container" style="display: <?php echo (!empty($type) ? 'block' : 'none'); ?>;">
152
+ <label><?php echo __('HTTP Redirect Code', AAM_KEY); ?></label>
153
+ <select class="form-control" id="post-redirect-code-value">
154
+ <?php foreach ($params->httpCodes as $code => $label) { ?>
155
+ <option value="<?php echo $code; ?>" <?php echo ((string) $code === $params->object->get('redirected.httpCode') ? 'selected' : ''); ?>><?php echo $label; ?></option>
156
+ <?php } ?>
157
+ </select>
158
+ </div>
159
+ </div>
160
+ </div>
161
+
162
+ <div class="modal-footer">
163
+ <button type="button" class="btn btn-success btn-save" id="save-redirect-btn"><?php echo __('Save', AAM_KEY); ?></button>
164
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
165
+ </div>
166
+ </div>
167
+ </div>
168
+ </div>
169
+
170
+ <div class="modal fade" id="modal-password" tabindex="-1" role="dialog">
171
+ <div class="modal-dialog modal-sm" role="document">
172
+ <div class="modal-content">
173
+ <div class="modal-header">
174
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
175
+ <h4 class="modal-title"><?php echo __('Password Protected', AAM_KEY); ?></h4>
176
+ </div>
177
+ <div class="modal-body">
178
+ <div class="form-group">
179
+ <label><?php echo __('Password', AAM_KEY); ?></label>
180
+ <input type="text" class="form-control" placeholder="<?php echo __('Enter Password', AAM_KEY); ?>" id="aam-access-password" value="<?php echo $params->object->get('protected.password'); ?>" />
181
+ </div>
182
+ </div>
183
+ <div class="modal-footer">
184
+ <button type="button" class="btn btn-success btn-save" id="save-password-btn"><?php echo __('Save', AAM_KEY); ?></button>
185
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
186
+ </div>
187
+ </div>
188
+ </div>
189
+ </div>
190
+
191
+ <div class="modal fade" id="modal-cease" tabindex="-1" role="dialog">
192
+ <div class="modal-dialog" role="document">
193
+ <div class="modal-content">
194
+ <div class="modal-header">
195
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
196
+ <h4 class="modal-title"><?php echo __('Expiration Date/Time', AAM_KEY); ?></h4>
197
+ </div>
198
+ <div class="modal-body">
199
+ <div class="form-group">
200
+ <div id="post-expiration-datapicker"></div>
201
+ <?php $ceased = $params->object->get('ceased.after'); ?>
202
+ <input type="hidden" id="aam-expire-datetime" value="<?php echo ($ceased ? $ceased : strtotime('tomorrow')); ?>" />
203
+ </div>
204
+ </div>
205
+ <div class="modal-footer">
206
+ <button type="button" class="btn btn-success btn-save" id="save-ceased-btn"><?php echo __('Save', AAM_KEY); ?></button>
207
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
208
+ </div>
209
+ </div>
210
+ </div>
211
+ </div>
212
+
213
+ <?php do_action('aam_post_access_form_action', $params); ?>
214
+ <?php }
application/Backend/tmpl/partial/posts-terms-help-tips.php ADDED
@@ -0,0 +1,11 @@
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="row">
5
+ <div class="col-xs-12">
6
+ <p class="aam-notification">
7
+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('You are allowed to manage access to unlimited number of posts, pages or custom post types but only for any role, user or visitor. Consider to get %s[Plus Package]%s add-on to have the ability to manage access to categories and custom taxonomies or to define the default access to all posts, pages or custom post types. For more information about this functionality check %sHow to manage access to the WordPress content%s.', 'b'), '<a href="https://aamplugin.com/pricing/plus-package" target="_blank">', '</a>', '<a href="https://aamplugin.com/article/manage-access-to-the-wordpress-posts-and-terms" target="_blank">', '</a>'); ?>
8
+ </p>
9
+ </div>
10
+ </div>
11
+ <?php }
application/Backend/{phtml/partial/role-inheritance.phtml → tmpl/partial/role-inheritance.php} RENAMED
@@ -1,6 +1,8 @@
 
 
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <div class="form-group">
3
- <label><?php echo __('Inherit Capabilities From', AAM_KEY); ?></label>
4
  <select class="form-control inherit-role-list" name="inherit" id="inherit-role">
5
  <option value=""><?php echo __('Select Role', AAM_KEY); ?></option>
6
  </select>
@@ -8,7 +10,7 @@
8
  <div class="checkbox">
9
  <label for="clone">
10
  <input type="checkbox" value="1" id="clone-role" name="clone" />
11
- <?php echo __('Also clone all AAM access settings (admin menu, metaboxes, redirects etc)', AAM_KEY); ?>
12
  </label>
13
  </div>
14
  <?php }
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
  <?php if (defined('AAM_KEY')) { ?>
4
  <div class="form-group">
5
+ <label><?php echo __('Inherit capabilities from', AAM_KEY); ?></label>
6
  <select class="form-control inherit-role-list" name="inherit" id="inherit-role">
7
  <option value=""><?php echo __('Select Role', AAM_KEY); ?></option>
8
  </select>
10
  <div class="checkbox">
11
  <label for="clone">
12
  <input type="checkbox" value="1" id="clone-role" name="clone" />
13
+ <?php echo __('Also clone all AAM access settings (admin menu, metaboxes, redirects, etc.)', AAM_KEY); ?>
14
  </label>
15
  </div>
16
  <?php }
application/Backend/tmpl/partial/taxonomy-access-form.php ADDED
@@ -0,0 +1,16 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="row">
5
+ <div class="col-xs-12">
6
+ <p class="aam-notification">
7
+ <?php echo sprintf(
8
+ AAM_Backend_View_Helper::preparePhrase('Managing access to the taxonomy "%s" is available with the premium %s[Plus Package]%s add-on only. It also allows to define the default access to all terms that are associated with this taxonomy. Consider to purchase Plus Package add-on.', 'b'),
9
+ $params->taxonomy->labels->name,
10
+ '<a href="https://aamplugin.com/pricing/plus-package">',
11
+ '</a>'
12
+ ); ?>
13
+ </p>
14
+ </div>
15
+ </div>
16
+ <?php }
application/Backend/tmpl/partial/term-access-form.php ADDED
@@ -0,0 +1,19 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="row">
5
+ <div class="col-xs-12">
6
+ <p class="aam-notification">
7
+ <?php echo sprintf(
8
+ AAM_Backend_View_Helper::preparePhrase('Managing access to the %s "%s" is available with the premium %s[Plus Package]%s add-on only. It also allows to define default access to all child posts that are related to the %s "%s". Consider to purchase Plus Package add-on.', 'b'),
9
+ is_taxonomy_hierarchical($params->term->taxonomy) ? __('category', AAM_KEY) : __('tag', AAM_KEY),
10
+ $params->term->name,
11
+ '<a href="https://aamplugin.com/pricing/plus-package">',
12
+ '</a>',
13
+ is_taxonomy_hierarchical($params->term->taxonomy) ? __('category', AAM_KEY) : __('tag', AAM_KEY),
14
+ $params->term->name
15
+ ); ?>
16
+ </p>
17
+ </div>
18
+ </div>
19
+ <?php }
application/Backend/tmpl/partial/type-access-form.php ADDED
@@ -0,0 +1,16 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="row">
5
+ <div class="col-xs-12">
6
+ <p class="aam-notification">
7
+ <?php echo sprintf(
8
+ AAM_Backend_View_Helper::preparePhrase('Manage default access to all posts that belong to the post type %s. This feature is available only with the premium %s[Plus Package]%s add-on.', 'b', 'b'),
9
+ $params->postType->label,
10
+ '<a href="https://aamplugin.com/pricing/plus-package">',
11
+ '</a>'
12
+ ); ?>
13
+ </p>
14
+ </div>
15
+ </div>
16
+ <?php }
application/Backend/tmpl/partial/visitor-principal-subject-tab.php ADDED
@@ -0,0 +1,17 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="visitor-message">
5
+ <span class="aam-bordered"><?php echo __('Attach current access &amp; security policy to visitors (any user that is not authenticated)', AAM_KEY); ?>.</span>
6
+ <?php
7
+ $visitor = new AAM_Core_Subject_Visitor();
8
+ $hasPolicy = $visitor->getObject(AAM_Core_Object_Policy::OBJECT_TYPE)->has($params->policyId);
9
+ $btnStatus = $hasPolicy ? 'detach' : 'attach';
10
+ ?>
11
+ <?php if ($hasPolicy) { ?>
12
+ <button class="btn btn-primary btn-block" id="attach-policy-visitor" data-has="1" <?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Detach Policy From Visitors', AAM_KEY); ?></button>
13
+ <?php } else { ?>
14
+ <button class="btn btn-primary btn-block" id="attach-policy-visitor" data-has="0" <?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Attach Policy To Visitors', AAM_KEY); ?></button>
15
+ <?php } ?>
16
+ </div>
17
+ <?php }
application/Backend/tmpl/partial/visitor-subject-tab.php ADDED
@@ -0,0 +1,8 @@
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="visitor-message">
5
+ <span class="aam-bordered"><?php echo __('Manage access to your website for visitors (any user that is not authenticated)', AAM_KEY); ?>.</span>
6
+ <button class="btn btn-primary btn-block" id="manage-visitor"><i class="icon-cog"></i> <?php echo __('Manage Visitors', AAM_KEY); ?></button>
7
+ </div>
8
+ <?php }
application/Backend/tmpl/policy/default-policy.php ADDED
@@ -0,0 +1,27 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
+ */
11
+
12
+ global $wp_version;
13
+
14
+ return sprintf('{
15
+ "Version": "1.0.0",
16
+ "Dependency": {
17
+ "wordpress": ">=%s",
18
+ "advanced-access-manager": ">=%s"
19
+ },
20
+ "Statement": [
21
+ {
22
+ "Effect": "deny",
23
+ "Resource": [],
24
+ "Action": []
25
+ }
26
+ ]
27
+ }', $wp_version, AAM_VERSION);
application/Backend/tmpl/service/404redirect.php ADDED
@@ -0,0 +1,67 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="aam-feature" id="404redirect-content">
5
+ <?php if ($this->getSubject()->isDefault()) { ?>
6
+ <div class="row">
7
+ <div class="col-xs-12">
8
+ <p class="aam-info">
9
+ <?php echo AAM_Backend_View_Helper::preparePhrase('Setup [default] 404 redirect for all none-existing pages.', 'strong'); ?>
10
+ </p>
11
+ </div>
12
+ </div>
13
+ <?php } ?>
14
+
15
+ <div class="row">
16
+ <div class="col-xs-12">
17
+ <?php if ($this->getSubject()->isDefault()) { ?>
18
+ <?php $type = AAM_Core_Config::get('frontend.404redirect.type', 'default'); ?>
19
+
20
+ <div class="radio">
21
+ <input type="radio" name="frontend.404redirect.type" id="frontend-404redirect-default" value="default" data-action="none" <?php echo ($type === 'default' ? ' checked' : ''); ?> />
22
+ <label for="frontend-404redirect-default"><?php echo AAM_Backend_View_Helper::preparePhrase('Default WordPress 404 handler', 'small'); ?></label>
23
+ </div>
24
+ <div class="radio">
25
+ <input type="radio" name="frontend.404redirect.type" id="frontend-404redirect-page" data-action="#404redirect-page-action" value="page" <?php echo ($type === 'page' ? ' checked' : ''); ?> />
26
+ <label for="frontend-404redirect-page"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to existing page [(select from the drop-down)]', 'small'); ?></label>
27
+ </div>
28
+ <div class="radio">
29
+ <input type="radio" name="frontend.404redirect.type" id="frontend-404redirect-url" data-action="#404redirect-url-action" value="url" <?php echo ($type === 'url' ? ' checked' : ''); ?> />
30
+ <label for="frontend-404redirect-url"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to the URL [(enter valid URL starting from http or https)]', 'small'); ?></label>
31
+ </div>
32
+ <div class="radio">
33
+ <input type="radio" name="frontend.404redirect.type" id="frontend-404redirect-callback" data-action="#404redirect-callback-action" value="callback" <?php echo ($type === 'callback' ? ' checked' : ''); ?> />
34
+ <label for="frontend-404redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="https://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
35
+ </div>
36
+
37
+ <div class="form-group aam-404redirect-action" id="404redirect-page-action" style="display: <?php echo ($type === 'page' ? 'block' : 'none'); ?>;">
38
+ <label for="frontend-page"><?php echo __('Existing Page', AAM_KEY); ?></label>
39
+ <?php
40
+ wp_dropdown_pages(array(
41
+ 'depth' => 99,
42
+ 'selected' => AAM_Core_Config::get('frontend.404redirect.page'),
43
+ 'echo' => 1,
44
+ 'name' => 'frontend.404redirect.page',
45
+ 'id' => '404-redirect-page', // string
46
+ 'class' => 'form-control', // string
47
+ 'show_option_none' => __('-- Select Page --', AAM_KEY) // string
48
+ ));
49
+ ?>
50
+ </div>
51
+
52
+ <div class="form-group aam-404redirect-action" id="404redirect-url-action" style="display: <?php echo ($type === 'url' ? 'block' : 'none'); ?>;">
53
+ <label for="frontend-url"><?php echo __('The URL', AAM_KEY); ?></label>
54
+ <input type="text" class="form-control" name="frontend.404redirect.url" placeholder="https://" value="<?php echo AAM_Core_Config::get('frontend.404redirect.url'); ?>" />
55
+ </div>
56
+
57
+ <div class="form-group aam-404redirect-action" id="404redirect-callback-action" style="display: <?php echo ($type === 'callback' ? 'block' : 'none'); ?>;">
58
+ <label for="frontend-url"><?php echo __('PHP Callback Function', AAM_KEY); ?></label>
59
+ <input type="text" class="form-control" placeholder="Enter valid callback" name="frontend.404redirect.callback" value="<?php echo AAM_Core_Config::get('frontend.404redirect.callback'); ?>" />
60
+ </div>
61
+ <?php } else { ?>
62
+ <p class="alert alert-info text-center"><?php echo AAM_Backend_View_Helper::preparePhrase('You cannot setup 404 redirect for specific user, role or visitors. Switch to [Manage Default Access] and define default 404 redirect for everybody.', 'strong'); ?></p>
63
+ <?php } ?>
64
+ </div>
65
+ </div>
66
+ </div>
67
+ <?php }
application/Backend/{phtml/main/capability.phtml → tmpl/service/capability.php} RENAMED
@@ -1,14 +1,18 @@
 
 
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <div class="aam-feature" id="capability-content">
3
  <?php $subject = AAM_Backend_Subject::getInstance(); ?>
4
 
5
- <div class="row">
6
- <div class="col-xs-12">
7
- <p class="aam-notification">
8
- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('[Be careful!] On this tab, you can manage capabilities for [%s]. Any changes to the list of capabilities is [permanent]. Consider to backup at least your database tables [_options] and [_usermeta] regularly. For more information about this feature, refer to the %sHow to manage WordPress capabilities%s article.', 'b', 'b', 'b', 'i', 'i'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/how-to-manage-wordpress-capabilities" target="_blank">', '</a>'); ?>
9
- </p>
 
 
10
  </div>
11
- </div>
12
 
13
  <div class="aam-feature-top-actions text-right">
14
  <div class="btn-group">
@@ -26,15 +30,6 @@
26
  <a href="#" class="btn btn-xs btn-primary" id="add-capability"><i class="icon-plus"></i> <?php echo __('Create', AAM_KEY); ?></a>
27
  </div>
28
 
29
- <div class="row">
30
- <div class="col-xs-12">
31
- <div class="aam-overwrite" id="aam-capability-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
32
- <span><i class="icon-check"></i> <?php echo __('Capabilities are customized', AAM_KEY); ?></span>
33
- <span><a href="#" id="capability-reset" class="btn btn-xs btn-primary"><?php echo __('Reset To Default', AAM_KEY); ?></a>
34
- </div>
35
- </div>
36
- </div>
37
-
38
  <table id="capability-list" class="table table-striped table-bordered">
39
  <thead>
40
  <tr>
@@ -100,21 +95,22 @@
100
  </div>
101
 
102
  <div class="modal fade" id="delete-capability-modal" tabindex="-1" role="dialog">
103
- <div class="modal-dialog modal-sm" role="document">
104
  <div class="modal-content">
105
  <div class="modal-header">
106
  <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
107
  <h4 class="modal-title"><?php echo __('Delete Capability', AAM_KEY); ?></h4>
108
  </div>
109
  <div class="modal-body">
110
- <p class="text-center aam-confirm-message alert alert-danger" data-message="<?php echo __('You are about to delete the %s capability from %n', AAM_KEY); ?>"></p>
111
  </div>
112
  <div class="modal-footer">
113
- <button type="button" class="btn btn-danger" id="delete-capability-btn"><?php echo __('Delete', AAM_KEY); ?></button>
 
114
  <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
115
  </div>
116
  </div>
117
  </div>
118
  </div>
119
  </div>
120
- <?php }
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
  <?php if (defined('AAM_KEY')) { ?>
4
  <div class="aam-feature" id="capability-content">
5
  <?php $subject = AAM_Backend_Subject::getInstance(); ?>
6
 
7
+ <?php if (current_user_can('aam_page_help_tips')) { ?>
8
+ <div class="row">
9
+ <div class="col-xs-12">
10
+ <p class="aam-notification">
11
+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('[Be careful!] On this tab, you can manage capabilities for [%s]. Any changes to the list of capabilities is [permanent]. Consider to backup at least your database tables [_options] and [_usermeta] regularly. For more information about this service, refer to the %sHow to manage WordPress capabilities%s article.', 'b', 'b', 'b', 'i', 'i'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/how-to-manage-wordpress-capabilities" target="_blank">', '</a>'); ?>
12
+ </p>
13
+ </div>
14
  </div>
15
+ <?php } ?>
16
 
17
  <div class="aam-feature-top-actions text-right">
18
  <div class="btn-group">
30
  <a href="#" class="btn btn-xs btn-primary" id="add-capability"><i class="icon-plus"></i> <?php echo __('Create', AAM_KEY); ?></a>
31
  </div>
32
 
 
 
 
 
 
 
 
 
 
33
  <table id="capability-list" class="table table-striped table-bordered">
34
  <thead>
35
  <tr>
95
  </div>
96
 
97
  <div class="modal fade" id="delete-capability-modal" tabindex="-1" role="dialog">
98
+ <div class="modal-dialog" role="document">
99
  <div class="modal-content">
100
  <div class="modal-header">
101
  <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
102
  <h4 class="modal-title"><?php echo __('Delete Capability', AAM_KEY); ?></h4>
103
  </div>
104
  <div class="modal-body">
105
+ <p class="text-center aam-confirm-message alert alert-danger" data-message="<?php echo __('You are about to delete the %s capability. Any functionality that depends on this capability will no longer be accessible by %n.', AAM_KEY); ?>"></p>
106
  </div>
107
  <div class="modal-footer">
108
+ <button type="button" class="btn btn-danger" id="delete-subject-cap-btn" data-message="<?php echo __('Delete For %n Only', AAM_KEY); ?>"></button>
109
+ <button type="button" class="btn btn-danger" id="delete-all-roles-cap-btn"><?php echo __('Delete For All Roles', AAM_KEY); ?></button>
110
  <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
111
  </div>
112
  </div>
113
  </div>
114
  </div>
115
  </div>
116
+ <?php }
application/Backend/{phtml/main/jwt.phtml → tmpl/service/jwt.php} RENAMED
@@ -1,7 +1,9 @@
 
 
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <div class="aam-feature" id="jwt-content">
3
  <?php $subject = AAM_Backend_Subject::getInstance(); ?>
4
-
5
  <div class="row">
6
  <div class="col-xs-12">
7
  <p class="aam-info">
@@ -9,7 +11,7 @@
9
  </p>
10
  </div>
11
  </div>
12
-
13
  <div class="row">
14
  <div class="col-xs-12">
15
  <table id="jwt-list" class="table table-striped table-bordered">
@@ -61,17 +63,17 @@
61
 
62
  <div class="form-group aam-outer-top-xs">
63
  <label for="jwt-token-preview" class="aam-block">
64
- <?php echo __('JWT Token (for any API calls)', AAM_KEY); ?>
65
  <a href="#" class="aam-copy-clipboard" data-clipboard-target="#jwt-token-preview"><?php echo __('Copy to clipboard', AAM_KEY); ?></a>
66
  </label>
67
  <input type="text" class="form-control" id="jwt-token-preview" readonly />
68
  </div>
69
-
70
  <hr/>
71
-
72
  <div class="form-group">
73
  <label for="jwt-url-preview" class="aam-block">
74
- <?php echo __('Account Login URL (with JWT token)', AAM_KEY); ?>
75
  <a href="#" class="aam-copy-clipboard" data-clipboard-target="#jwt-url-preview"><?php echo __('Copy to clipboard', AAM_KEY); ?></a>
76
  </label>
77
  <input type="text" class="form-control" id="jwt-url-preview" data-url="<?php echo add_query_arg('aam-jwt', '%s', site_url()); ?>" readonly />
@@ -96,17 +98,17 @@
96
  <div class="modal-body">
97
  <div class="form-group">
98
  <label for="view-jwt-token" class="aam-block">
99
- <?php echo __('JWT Token (for any API calls)', AAM_KEY); ?>
100
  <a href="#" class="aam-copy-clipboard" data-clipboard-target="#view-jwt-token"><?php echo __('Copy to clipboard', AAM_KEY); ?></a>
101
  </label>
102
  <textarea class="form-control" id="view-jwt-token" readonly rows="5"></textarea>
103
  </div>
104
-
105
  <hr/>
106
-
107
  <div class="form-group">
108
  <label for="view-jwt-url" class="aam-block">
109
- <?php echo __('Account Login URL (with JWT token)', AAM_KEY); ?>
110
  <a href="#" class="aam-copy-clipboard" data-clipboard-target="#view-jwt-url"><?php echo __('Copy to clipboard', AAM_KEY); ?></a>
111
  </label>
112
  <textarea class="form-control" id="view-jwt-url" readonly rows="5"></textarea>
@@ -128,7 +130,7 @@
128
  <h4 class="modal-title"><?php echo __('Delete JWT Token', AAM_KEY); ?></h4>
129
  </div>
130
  <div class="modal-body">
131
- <p class="alert alert-danger text-larger"><?php echo __('You are about to delete already issued JWT token. Any application or person that has this token, will no longer be able to use it. Please confirm.') ?></p>
132
  </div>
133
  <div class="modal-footer">
134
  <button type="button" class="btn btn-danger" id="jwt-delete-btn"><?php echo __('Delete', AAM_KEY); ?></button>
@@ -137,6 +139,5 @@
137
  </div>
138
  </div>
139
  </div>
140
-
141
  </div>
142
  <?php }
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
  <?php if (defined('AAM_KEY')) { ?>
4
  <div class="aam-feature" id="jwt-content">
5
  <?php $subject = AAM_Backend_Subject::getInstance(); ?>
6
+
7
  <div class="row">
8
  <div class="col-xs-12">
9
  <p class="aam-info">
11
  </p>
12
  </div>
13
  </div>
14
+
15
  <div class="row">
16
  <div class="col-xs-12">
17
  <table id="jwt-list" class="table table-striped table-bordered">
63
 
64
  <div class="form-group aam-outer-top-xs">
65
  <label for="jwt-token-preview" class="aam-block">
66
+ <?php echo __('JWT Token (for API request)', AAM_KEY); ?>
67
  <a href="#" class="aam-copy-clipboard" data-clipboard-target="#jwt-token-preview"><?php echo __('Copy to clipboard', AAM_KEY); ?></a>
68
  </label>
69
  <input type="text" class="form-control" id="jwt-token-preview" readonly />
70
  </div>
71
+
72
  <hr/>
73
+
74
  <div class="form-group">
75
  <label for="jwt-url-preview" class="aam-block">
76
+ <?php echo __('Passwordless Login URL', AAM_KEY); ?>
77
  <a href="#" class="aam-copy-clipboard" data-clipboard-target="#jwt-url-preview"><?php echo __('Copy to clipboard', AAM_KEY); ?></a>
78
  </label>
79
  <input type="text" class="form-control" id="jwt-url-preview" data-url="<?php echo add_query_arg('aam-jwt', '%s', site_url()); ?>" readonly />
98
  <div class="modal-body">
99
  <div class="form-group">
100
  <label for="view-jwt-token" class="aam-block">
101
+ <?php echo __('JWT Token (for API request)', AAM_KEY); ?>
102
  <a href="#" class="aam-copy-clipboard" data-clipboard-target="#view-jwt-token"><?php echo __('Copy to clipboard', AAM_KEY); ?></a>
103
  </label>
104
  <textarea class="form-control" id="view-jwt-token" readonly rows="5"></textarea>
105
  </div>
106
+
107
  <hr/>
108
+
109
  <div class="form-group">
110
  <label for="view-jwt-url" class="aam-block">
111
+ <?php echo __('Passwordless Login URL (with JWT token)', AAM_KEY); ?>
112
  <a href="#" class="aam-copy-clipboard" data-clipboard-target="#view-jwt-url"><?php echo __('Copy to clipboard', AAM_KEY); ?></a>
113
  </label>
114
  <textarea class="form-control" id="view-jwt-url" readonly rows="5"></textarea>
130
  <h4 class="modal-title"><?php echo __('Delete JWT Token', AAM_KEY); ?></h4>
131
  </div>
132
  <div class="modal-body">
133
+ <p class="alert alert-danger text-larger"><?php echo __('You are about to delete already issued JWT token. Any application or user that has this token, will no longer be able to use it. Please confirm.') ?></p>
134
  </div>
135
  <div class="modal-footer">
136
  <button type="button" class="btn btn-danger" id="jwt-delete-btn"><?php echo __('Delete', AAM_KEY); ?></button>
139
  </div>
140
  </div>
141
  </div>
 
142
  </div>
143
  <?php }
application/Backend/{phtml/main/login-redirect.phtml → tmpl/service/login-redirect.php} RENAMED
@@ -1,19 +1,21 @@
 
 
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <div class="aam-feature" id="login_redirect-content">
3
  <div class="row">
4
  <div class="col-xs-12">
5
- <?php if ($this->isDefault()) { ?>
6
  <p class="aam-info">
7
- <?php echo AAM_Backend_View_Helper::preparePhrase('Define the [default] login redirect for all users and roles when authentication is completed successfully.', 'strong'); ?>
8
  </p>
9
  <?php } else { ?>
10
  <p class="aam-info">
11
- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Customize login redirect for [%s] when the authentication is completed successfully. [Please note!] Login redirect works with default WordPress login form or %sAAM Secure Login widget%s. It may [not] work with any other login solutions.', 'strong', 'strong', 'strong'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/how-does-aam-secure-login-works" target="_blank">', '</a>'); ?>
12
  </p>
13
  <?php } ?>
14
  <div class="aam-overwrite" id="aam-login-redirect-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
15
- <span><i class="icon-check"></i> Settings are customized</span>
16
- <span><a href="#" id="login-redirect-reset" class="btn btn-xs btn-primary">Reset To Default</a></span>
17
  </div>
18
  </div>
19
  </div>
@@ -23,19 +25,19 @@
23
  <?php $type = $this->getOption('login.redirect.type', 'default'); ?>
24
 
25
  <div class="radio">
26
- <input type="radio" name="login.redirect.type" id="login-redirect-default" data-action="#default-redirect-action" value="default"<?php echo ($type == 'default' ? ' checked' : ''); ?> />
27
  <label for="login-redirect-default"><?php echo __('WordPress default behavior', AAM_KEY); ?></label>
28
  </div>
29
  <div class="radio">
30
- <input type="radio" name="login.redirect.type" id="login-redirect-page" data-action="#page-login-redirect-action" value="page"<?php echo ($type == 'page' ? ' checked' : ''); ?> />
31
  <label for="login-redirect-page"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to existing page [(select from the drop-down)]', 'small'); ?></label>
32
  </div>
33
  <div class="radio">
34
- <input type="radio" name="login.redirect.type" id="login-redirect-url" data-action="#url-login-redirect-action" value="url"<?php echo ($type == 'url' ? ' checked' : ''); ?> />
35
- <label for="login-redirect-url"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to the URL [(enter full URL starting from http or https)]', 'small'); ?></label>
36
  </div>
37
  <div class="radio">
38
- <input type="radio" name="login.redirect.type" id="login-redirect-callback" data-action="#callback-login-redirect-action" value="callback"<?php echo ($type == 'callback' ? ' checked' : ''); ?> />
39
  <label for="login-redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="https://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
40
  </div>
41
 
@@ -47,19 +49,19 @@
47
  'selected' => $this->getOption('login.redirect.page'),
48
  'echo' => 1,
49
  'name' => 'login.redirect.page',
50
- 'id' => 'login-redirect-page', // string
51
- 'class' => 'form-control', // string
52
- 'show_option_none' => __('-- Select Page --', AAM_KEY) // string
53
  ));
54
- ?>
55
  </div>
56
 
57
- <div class="form-group login-redirect-action" id="url-login-redirect-action" style="display: <?php echo ($type == 'url' ? 'block' : 'none'); ?>;">
58
  <label><?php echo __('The URL', AAM_KEY); ?></label>
59
  <input type="text" class="form-control" name="login.redirect.url" placeholder="https://" value="<?php echo $this->getOption('login.redirect.url'); ?>" />
60
  </div>
61
 
62
- <div class="form-group login-redirect-action" id="callback-login-redirect-action" style="display: <?php echo ($type == 'callback' ? 'block' : 'none'); ?>;">
63
  <label><?php echo __('PHP Callback Function', AAM_KEY); ?></label>
64
  <input type="text" class="form-control" placeholder="Enter valid callback" name="login.redirect.callback" value="<?php echo $this->getOption('login.redirect.callback'); ?>" />
65
  </div>
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
  <?php if (defined('AAM_KEY')) { ?>
4
  <div class="aam-feature" id="login_redirect-content">
5
  <div class="row">
6
  <div class="col-xs-12">
7
+ <?php if ($this->getSubject()->isDefault()) { ?>
8
  <p class="aam-info">
9
+ <?php echo AAM_Backend_View_Helper::preparePhrase('Define the [default] login redirect for all the users and roles when authentication is completed successfully.', 'strong'); ?>
10
  </p>
11
  <?php } else { ?>
12
  <p class="aam-info">
13
+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Customize login redirect for [%s] when the authentication is completed successfully. [Note!] Login redirect works with default WordPress login form or %sAAM Secure Login widget%s. It may [not] work with any other login solutions.', 'strong', 'strong', 'strong'), $this->getSubject()->getName(), '<a href="https://aamplugin.com/article/how-does-aam-secure-login-works" target="_blank">', '</a>'); ?>
14
  </p>
15
  <?php } ?>
16
  <div class="aam-overwrite" id="aam-login-redirect-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
17
+ <span><i class="icon-check"></i> <?php echo __('Settings are customized', AAM_KEY); ?></span>
18
+ <span><a href="#" id="login-redirect-reset" class="btn btn-xs btn-primary"><?php echo __('Reset to default', AAM_KEY); ?></a></span>
19
  </div>
20
  </div>
21
  </div>
25
  <?php $type = $this->getOption('login.redirect.type', 'default'); ?>
26
 
27
  <div class="radio">
28
+ <input type="radio" name="login.redirect.type" id="login-redirect-default" data-action="#default-redirect-action" value="default" <?php echo ($type === 'default' ? ' checked' : ''); ?> />
29
  <label for="login-redirect-default"><?php echo __('WordPress default behavior', AAM_KEY); ?></label>
30
  </div>
31
  <div class="radio">
32
+ <input type="radio" name="login.redirect.type" id="login-redirect-page" data-action="#page-login-redirect-action" value="page" <?php echo ($type === 'page' ? ' checked' : ''); ?> />
33
  <label for="login-redirect-page"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to existing page [(select from the drop-down)]', 'small'); ?></label>
34
  </div>
35
  <div class="radio">
36
+ <input type="radio" name="login.redirect.type" id="login-redirect-url" data-action="#url-login-redirect-action" value="url" <?php echo ($type === 'url' ? ' checked' : ''); ?> />
37
+ <label for="login-redirect-url"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to the local URL [(enter full URL starting from http or https)]', 'small'); ?></label>
38
  </div>
39
  <div class="radio">
40
+ <input type="radio" name="login.redirect.type" id="login-redirect-callback" data-action="#callback-login-redirect-action" value="callback" <?php echo ($type === 'callback' ? ' checked' : ''); ?> />
41
  <label for="login-redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="https://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
42
  </div>
43
 
49
  'selected' => $this->getOption('login.redirect.page'),
50
  'echo' => 1,
51
  'name' => 'login.redirect.page',
52
+ 'id' => 'login-redirect-page',
53
+ 'class' => 'form-control',
54
+ 'show_option_none' => __('-- Select Page --', AAM_KEY)
55
  ));
56
+ ?>
57
  </div>
58
 
59
+ <div class="form-group login-redirect-action" id="url-login-redirect-action" style="display: <?php echo ($type === 'url' ? 'block' : 'none'); ?>;">
60
  <label><?php echo __('The URL', AAM_KEY); ?></label>
61
  <input type="text" class="form-control" name="login.redirect.url" placeholder="https://" value="<?php echo $this->getOption('login.redirect.url'); ?>" />
62
  </div>
63
 
64
+ <div class="form-group login-redirect-action" id="callback-login-redirect-action" style="display: <?php echo ($type === 'callback' ? 'block' : 'none'); ?>;">
65
  <label><?php echo __('PHP Callback Function', AAM_KEY); ?></label>
66
  <input type="text" class="form-control" placeholder="Enter valid callback" name="login.redirect.callback" value="<?php echo $this->getOption('login.redirect.callback'); ?>" />
67
  </div>
application/Backend/tmpl/service/logout-redirect.php ADDED
@@ -0,0 +1,71 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="aam-feature" id="logout_redirect-content">
5
+ <div class="row">
6
+ <div class="col-xs-12">
7
+ <?php if ($this->getSubject()->isDefault()) { ?>
8
+ <p class="aam-info">
9
+ <?php echo AAM_Backend_View_Helper::preparePhrase('Define the [default] logout redirect for all the users and roles.', 'strong'); ?>
10
+ </p>
11
+ <?php } else { ?>
12
+ <p class="aam-info">
13
+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Customize logout redirect for [%s].', 'strong'), $this->getSubject()->getName()); ?>
14
+ </p>
15
+ <?php } ?>
16
+ <div class="aam-overwrite" id="aam-logout-redirect-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
17
+ <span><i class="icon-check"></i> <?php echo __('Settings are customized', AAM_KEY); ?></span>
18
+ <span><a href="#" id="logout-redirect-reset" class="btn btn-xs btn-primary"><?php echo __('Reset to default', AAM_KEY); ?></a></span>
19
+ </div>
20
+ </div>
21
+ </div>
22
+
23
+ <div class="row">
24
+ <div class="col-xs-12">
25
+ <?php $type = $this->getOption('logout.redirect.type', 'default'); ?>
26
+
27
+ <div class="radio">
28
+ <input type="radio" name="logout.redirect.type" id="logout-redirect-default" data-action="#default-redirect-action" value="default" <?php echo ($type === 'default' ? ' checked' : ''); ?> />
29
+ <label for="logout-redirect-default"><?php echo __('WordPress default behavior', AAM_KEY); ?></label>
30
+ </div>
31
+ <div class="radio">
32
+ <input type="radio" name="logout.redirect.type" id="logout-redirect-page" data-action="#page-logout-redirect-action" value="page" <?php echo ($type === 'page' ? ' checked' : ''); ?> />
33
+ <label for="logout-redirect-page"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to existing page [(select from the drop-down)]', 'small'); ?></label>
34
+ </div>
35
+ <div class="radio">
36
+ <input type="radio" name="logout.redirect.type" id="logout-redirect-url" data-action="#url-logout-redirect-action" value="url" <?php echo ($type === 'url' ? ' checked' : ''); ?> />
37
+ <label for="logout-redirect-url"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to the URL [(enter full URL starting from http or https)]', 'small'); ?></label>
38
+ </div>
39
+ <div class="radio">
40
+ <input type="radio" name="logout.redirect.type" id="logout-redirect-callback" data-action="#callback-logout-redirect-action" value="callback" <?php echo ($type === 'callback' ? ' checked' : ''); ?> />
41
+ <label for="logout-redirect-callback"><?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Trigger PHP callback function [(valid %sPHP callback%s is required)]', 'small'), '<a href="https://php.net/manual/en/language.types.callable.php" target="_blank">', '</a>'); ?></label>
42
+ </div>
43
+
44
+ <div class="form-group logout-redirect-action" id="page-logout-redirect-action" style="display: <?php echo ($type === 'page' ? 'block' : 'none'); ?>;">
45
+ <label><?php echo __('Existing Page', AAM_KEY); ?></label>
46
+ <?php
47
+ wp_dropdown_pages(array(
48
+ 'depth' => 99,
49
+ 'selected' => $this->getOption('logout.redirect.page'),
50
+ 'echo' => 1,
51
+ 'name' => 'logout.redirect.page',
52
+ 'id' => 'logout-redirect-page',
53
+ 'class' => 'form-control',
54
+ 'show_option_none' => __('-- Select Page --', AAM_KEY)
55
+ ));
56
+ ?>
57
+ </div>
58
+
59
+ <div class="form-group logout-redirect-action" id="url-logout-redirect-action" style="display: <?php echo ($type === 'url' ? 'block' : 'none'); ?>;">
60
+ <label><?php echo __('The URL', AAM_KEY); ?></label>
61
+ <input type="text" class="form-control" name="logout.redirect.url" placeholder="https://" value="<?php echo $this->getOption('logout.redirect.url'); ?>" />
62
+ </div>
63
+
64
+ <div class="form-group logout-redirect-action" id="callback-logout-redirect-action" style="display: <?php echo ($type === 'callback' ? 'block' : 'none'); ?>;">
65
+ <label><?php echo __('PHP Callback Function', AAM_KEY); ?></label>
66
+ <input type="text" class="form-control" placeholder="Enter valid callback" name="logout.redirect.callback" value="<?php echo $this->getOption('logout.redirect.callback'); ?>" />
67
+ </div>
68
+ </div>
69
+ </div>
70
+ </div>
71
+ <?php }
application/Backend/{phtml/main/menu.phtml → tmpl/service/menu.php} RENAMED
@@ -1,34 +1,40 @@
 
 
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <div class="aam-feature" id="admin_menu-content">
3
- <div class="row">
4
- <div class="col-xs-12">
5
- <p class="aam-info">
6
- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Protect your backend area. The list of menus and submenus is based on capabilities [%s] has. For more information please check %sHow to manage WordPress backend menu%s.', 'b', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/how-to-manage-wordpress-backend-menu" target="_blank">', '</a>'); ?>
7
- </p>
 
 
8
  </div>
9
- </div>
10
  <div class="row">
11
  <div class="col-xs-12">
12
  <div class="aam-overwrite" id="aam-menu-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
13
  <span><i class="icon-check"></i> <?php echo __('Settings are customized', AAM_KEY); ?></span>
14
- <span><a href="#" id="menu-reset" class="btn btn-xs btn-primary"><?php echo __('Reset To Default', AAM_KEY); ?></a>
15
  </div>
16
  </div>
17
  </div>
18
-
19
  <div class="panel-group" id="admin-menu" role="tablist" aria-multiselectable="true">
20
  <?php
21
- $first = false;
22
- $object = AAM_Backend_Subject::getInstance()->getObject('menu');
23
- $menuList = $this->getMenu();
24
-
25
- if (!empty($menuList)) {
26
- foreach ($menuList as $i => $menu) {
27
- ?>
28
  <div class="panel panel-default">
29
  <div class="panel-heading" role="tab" id="menu-<?php echo $i; ?>-heading">
30
  <h4 class="panel-title">
31
- <a role="button" data-toggle="collapse" data-parent="#admin-menu" href="#menu-<?php echo $i; ?>" aria-controls="menu-<?php echo $i; ?>" <?php if (!$first) { echo 'aria-expanded="true"'; } ?>>
 
 
32
  <?php echo $menu['name']; ?> <small class="aam-menu-capability"><?php echo $menu['capability']; ?></small>
33
  </a>
34
  <?php if ($menu['checked']) { ?>
@@ -39,12 +45,15 @@
39
  </h4>
40
  </div>
41
 
42
- <div id="menu-<?php echo $i; ?>" class="panel-collapse collapse<?php if (!$first) { echo ' in'; $first = true; } ?>" role="tabpanel" aria-labelledby="menu-<?php echo $i; ?>-heading">
 
 
 
43
  <div class="panel-body">
44
  <?php if ($menu['id'] != 'menu-index.php') { ?>
45
  <div class="row aam-inner-tab">
46
  <div class="col-xs-12 text-center">
47
- <small class="aam-menu-capability"><?php echo __('Menu ID:', AAM_KEY); ?> <b><?php echo $menu['crc32']; ?></b></small>
48
  </div>
49
  </div>
50
  <hr class="aam-divider" />
@@ -55,19 +64,19 @@
55
  <?php foreach ($menu['submenu'] as $j => $submenu) { ?>
56
  <?php if ($submenu['id'] == 'index.php') { ?>
57
  <div class="col-xs-12 col-md-6 aam-submenu-item">
58
- <label for="menu-item-<?php echo $i . $j; ?>">
59
- <?php echo $submenu['name']; ?><small class="aam-menu-capability"><?php echo __('Cap:', AAM_KEY), ' <b>', $submenu['capability']; ?></b></small></label>
 
60
  <a href="#dashboard-lockout-modal" data-toggle="modal"><i class="icon-help-circled"></i></a>
61
  </div>
62
  <?php } else { ?>
63
  <div class="col-xs-12 col-md-6 aam-submenu-item">
64
- <label for="menu-item-<?php echo $i . $j; ?>">
65
  <?php echo $submenu['name']; ?>
66
- <small class="aam-menu-capability"><?php echo __('Cap:', AAM_KEY), ' <b>', $submenu['capability']; ?></b></small>
67
- <small class="aam-menu-capability"><?php echo __('ID:', AAM_KEY), ' <b>', $submenu['crc32']; ?></b></small>
68
- </label>
69
- <input type="checkbox" class="aam-checkbox-danger" id="menu-item-<?php echo $i . $j; ?>" data-menu-id="<?php echo $submenu['id']; ?>"<?php echo ($submenu['checked'] ? ' checked="checked"' : ''); ?> />
70
- <label for="menu-item-<?php echo $i . $j; ?>" data-toggle="tooltip" title="<?php echo ($object->has($submenu['id']) ? __('Uncheck to allow', AAM_KEY) : __('Check to restrict', AAM_KEY)); ?>"></label>
71
  </div>
72
  <?php } ?>
73
  <?php } ?>
@@ -91,23 +100,23 @@
91
  </div>
92
  </div>
93
  <?php } else { ?>
94
- <p class="aam-info"><?php echo __('Dashboard menu cannot be restricted because it is the default page users are redirected after login. You can restrict only Dashboard submenus if any.', AAM_KEY); ?></p>
95
  <?php } ?>
96
  </div>
97
  </div>
98
  </div>
99
- <?php }
100
- } else { ?>
101
  <div class="row">
102
  <div class="col-xs-12">
103
  <p class="aam-notification">
104
- <?php echo __('Current user does not have enough capabilities to access any available dashboard page.', AAM_KEY); ?>
105
  </p>
106
  </div>
107
  </div>
108
- <?php }?>
109
  </div>
110
-
111
  <div class="modal fade" id="dashboard-lockout-modal" tabindex="-1" role="dialog">
112
  <div class="modal-dialog" role="document">
113
  <div class="modal-content">
@@ -117,8 +126,8 @@
117
  </div>
118
  <div class="modal-body">
119
  <p class="text-center alert alert-warning text-larger">
120
- <strong><?php echo __('You cannot restrict access to Dashboard home page.', AAM_KEY); ?></strong><br/>
121
- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('The [Home] is the default page every user is redirected after login. To restrict access to the entire backend, please check %sHow to lockdown WordPress backend%s article.', 'b'), '<a href="https://aamplugin.com/article/how-to-lockdown-wordpress-backend" target="_blank">', '</a>'); ?>
122
  </p>
123
  </div>
124
  <div class="modal-footer">
@@ -127,5 +136,41 @@
127
  </div>
128
  </div>
129
  </div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
130
  </div>
131
  <?php }
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
  <?php if (defined('AAM_KEY')) { ?>
4
  <div class="aam-feature" id="admin_menu-content">
5
+ <?php if (current_user_can('aam_page_help_tips')) { ?>
6
+ <div class="row">
7
+ <div class="col-xs-12">
8
+ <p class="aam-info">
9
+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Manage access to the backend main menu for [%s]. For more information check %sHow to manage WordPress backend menu%s.', 'b', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/how-to-manage-wordpress-backend-menu" target="_blank">', '</a>'); ?>
10
+ </p>
11
+ </div>
12
  </div>
13
+ <?php } ?>
14
  <div class="row">
15
  <div class="col-xs-12">
16
  <div class="aam-overwrite" id="aam-menu-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
17
  <span><i class="icon-check"></i> <?php echo __('Settings are customized', AAM_KEY); ?></span>
18
+ <span><a href="#" id="menu-reset" class="btn btn-xs btn-primary"><?php echo __('Reset to default', AAM_KEY); ?></a>
19
  </div>
20
  </div>
21
  </div>
22
+
23
  <div class="panel-group" id="admin-menu" role="tablist" aria-multiselectable="true">
24
  <?php
25
+ $first = false;
26
+ $object = AAM_Backend_Subject::getInstance()->getObject(AAM_Core_Object_Menu::OBJECT_TYPE);
27
+ $menuList = $this->getMenu();
28
+
29
+ if (!empty($menuList)) {
30
+ foreach ($menuList as $i => $menu) {
31
+ ?>
32
  <div class="panel panel-default">
33
  <div class="panel-heading" role="tab" id="menu-<?php echo $i; ?>-heading">
34
  <h4 class="panel-title">
35
+ <a role="button" data-toggle="collapse" data-parent="#admin-menu" href="#menu-<?php echo $i; ?>" aria-controls="menu-<?php echo $i; ?>" <?php if (!$first) {
36
+ echo 'aria-expanded="true"';
37
+ } ?>>
38
  <?php echo $menu['name']; ?> <small class="aam-menu-capability"><?php echo $menu['capability']; ?></small>
39
  </a>
40
  <?php if ($menu['checked']) { ?>
45
  </h4>
46
  </div>
47
 
48
+ <div id="menu-<?php echo $i; ?>" class="panel-collapse collapse<?php if (!$first) {
49
+ echo ' in';
50
+ $first = true;
51
+ } ?>" role="tabpanel" aria-labelledby="menu-<?php echo $i; ?>-heading">
52
  <div class="panel-body">
53
  <?php if ($menu['id'] != 'menu-index.php') { ?>
54
  <div class="row aam-inner-tab">
55
  <div class="col-xs-12 text-center">
56
+ <small class="aam-menu-capability"><?php echo __('Menu URI:', AAM_KEY); ?> <b><?php echo urldecode($menu['uri']); ?></b></small>
57
  </div>
58
  </div>
59
  <hr class="aam-divider" />
64
  <?php foreach ($menu['submenu'] as $j => $submenu) { ?>
65
  <?php if ($submenu['id'] == 'index.php') { ?>
66
  <div class="col-xs-12 col-md-6 aam-submenu-item">
67
+ <div class="aam-menu-details">
68
+ <?php echo $submenu['name']; ?>
69
+ </div>
70
  <a href="#dashboard-lockout-modal" data-toggle="modal"><i class="icon-help-circled"></i></a>
71
  </div>
72
  <?php } else { ?>
73
  <div class="col-xs-12 col-md-6 aam-submenu-item">
74
+ <div class="aam-menu-details">
75
  <?php echo $submenu['name']; ?>
76
+ <small><a href="#menu-details-modal" data-toggle="modal" data-uri="<?php echo urldecode($submenu['uri']); ?>" data-cap="<?php echo $submenu['capability']; ?>" data-name="<?php echo $submenu['name']; ?>" data-id="<?php echo $submenu['id']; ?>" class="aam-menu-item"><?php echo __('more details', AAM_KEY); ?></a></small>
77
+ </div>
78
+ <input type="checkbox" class="aam-checkbox-danger" id="menu-item-<?php echo $i . $j; ?>" data-menu-id="<?php echo $submenu['id']; ?>" <?php echo ($submenu['checked'] ? ' checked="checked"' : ''); ?> />
79
+ <label for="menu-item-<?php echo $i . $j; ?>" data-toggle="tooltip" title="<?php echo ($object->isRestricted($submenu['id']) ? __('Uncheck to allow', AAM_KEY) : __('Check to restrict', AAM_KEY)); ?>"></label>
 
80
  </div>
81
  <?php } ?>
82
  <?php } ?>
100
  </div>
101
  </div>
102
  <?php } else { ?>
103
+ <p class="aam-info"><?php echo __('Dashboard menu cannot be restricted because it is the default page all users are redirected after login. You can restrict only Dashboard submenus if any.', AAM_KEY); ?></p>
104
  <?php } ?>
105
  </div>
106
  </div>
107
  </div>
108
+ <?php }
109
+ } else { ?>
110
  <div class="row">
111
  <div class="col-xs-12">
112
  <p class="aam-notification">
113
+ <?php echo __('Current user does not have enough capabilities to access any available backend menu.', AAM_KEY); ?>
114
  </p>
115
  </div>
116
  </div>
117
+ <?php } ?>
118
  </div>
119
+
120
  <div class="modal fade" id="dashboard-lockout-modal" tabindex="-1" role="dialog">
121
  <div class="modal-dialog" role="document">
122
  <div class="modal-content">
126
  </div>
127
  <div class="modal-body">
128
  <p class="text-center alert alert-warning text-larger">
129
+ <strong><?php echo __('You cannot restrict access to the Dashboard Home page.', AAM_KEY); ?></strong><br />
130
+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('The [Dashboard Home] is the default page that every user is redirected to after login. To restrict access to the entire backend, check %sHow to lockdown WordPress backend%s article.', 'b'), '<a href="https://aamplugin.com/article/how-to-lockdown-wordpress-backend" target="_blank">', '</a>'); ?>
131
  </p>
132
  </div>
133
  <div class="modal-footer">
136
  </div>
137
  </div>
138
  </div>
139
+
140
+ <div class="modal fade" id="menu-details-modal" tabindex="-1" role="dialog">
141
+ <div class="modal-dialog" role="document">
142
+ <div class="modal-content">
143
+ <div class="modal-header">
144
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
145
+ <h4 class="modal-title"><?php echo __('Menu Details', AAM_KEY); ?></h4>
146
+ </div>
147
+ <div class="modal-body">
148
+ <table class="table table-striped table-bordered">
149
+ <tbody>
150
+ <tr>
151
+ <th width="20%"><?php echo __('Name', AAM_KEY); ?></th>
152
+ <td id="menu-item-name"></td>
153
+ </tr>
154
+ <tr>
155
+ <th width="20%"><?php echo __('Capability', AAM_KEY); ?></th>
156
+ <td id="menu-item-cap"></td>
157
+ </tr>
158
+ <tr>
159
+ <th width="20%"><?php echo __('URI', AAM_KEY); ?></th>
160
+ <td id="menu-item-uri"></td>
161
+ </tr>
162
+ <tr>
163
+ <th width="20%"><?php echo __('ID', AAM_KEY); ?></th>
164
+ <td id="menu-item-id"></td>
165
+ </tr>
166
+ </tbody>
167
+ </table>
168
+ </div>
169
+ <div class="modal-footer">
170
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
171
+ </div>
172
+ </div>
173
+ </div>
174
+ </div>
175
  </div>
176
  <?php }
application/Backend/tmpl/service/metabox.php ADDED
@@ -0,0 +1,153 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="aam-feature" id="metabox-content">
5
+ <?php if (current_user_can('aam_page_help_tips')) { ?>
6
+ <div class="row">
7
+ <div class="col-xs-12">
8
+ <p class="aam-info">
9
+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Manage classic (not Gutenberg) metaboxes and widgets visibility for [%s]. For more information please check %sHow to hide WordPress metaboxes and widgets%s.', 'b', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/how-to-hide-wordpress-metaboxes-and-widgets" target="_blank">', '</a>'); ?>
10
+ </p>
11
+ </div>
12
+ </div>
13
+ <?php } ?>
14
+
15
+ <div class="aam-feature-top-actions text-right">
16
+ <a href="#" class="btn btn-xs btn-primary" id="refresh-metabox-list"><i class="icon-arrows-cw"></i> <?php echo __('Refresh', AAM_KEY); ?></a>
17
+ <a href="#init-url-modal" class="btn btn-xs btn-primary" data-toggle="modal"><i class="icon-link"></i> <?php echo __('Init URL', AAM_KEY); ?></a>
18
+ </div>
19
+
20
+ <div class="row">
21
+ <div class="col-xs-12">
22
+ <div class="aam-overwrite" id="aam-metabox-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
23
+ <span><i class="icon-check"></i> <?php echo __('Settings are customized', AAM_KEY); ?></span>
24
+ <span><a href="#" id="metabox-reset" class="btn btn-xs btn-primary"><?php echo __('Reset to default', AAM_KEY); ?></a>
25
+ </div>
26
+ </div>
27
+ </div>
28
+
29
+ <?php
30
+ global $wp_post_types;
31
+
32
+ $first = false;
33
+ $object = AAM_Backend_Subject::getInstance()->getObject(AAM_Core_Object_Metabox::OBJECT_TYPE);
34
+ $metaboxList = $this->getMetaboxList();
35
+ ?>
36
+
37
+ <?php if (!empty($metaboxList)) { ?>
38
+ <div class="panel-group" id="metabox-list" role="tablist">
39
+ <?php foreach ($metaboxList as $screen => $metaboxes) { ?>
40
+ <div class="panel panel-default">
41
+ <div class="panel-heading" role="tab" id="group-<?php echo $screen; ?>-heading">
42
+ <h4 class="panel-title">
43
+ <a role="button" data-toggle="collapse" data-parent="#metabox-list" href="#group-<?php echo $screen; ?>" aria-controls="group-<?php echo $screen; ?>" <?php if (!$first) {
44
+ echo 'aria-expanded="true"';
45
+ } ?>>
46
+ <?php
47
+ switch ($screen) {
48
+ case 'dashboard':
49
+ echo __('Dashboard Widgets', AAM_KEY);
50
+ break;
51
+
52
+ case 'widgets':
53
+ echo AAM_Backend_View_Helper::preparePhrase('Frontend Widgets [(including Appearance->Widgets)]', 'small');
54
+ break;
55
+
56
+ default:
57
+ echo $wp_post_types[$screen]->labels->name;
58
+ break;
59
+ }
60
+ ?>
61
+ </a>
62
+ </h4>
63
+ </div>
64
+ <div id="group-<?php echo $screen; ?>" class="panel-collapse collapse<?php if (!$first) {
65
+ echo ' in';
66
+ $first = true;
67
+ } ?>" role="tabpanel" aria-labelledby="group-<?php echo $screen; ?>-heading">
68
+ <div class="panel-body">
69
+ <div class="row">
70
+ <?php foreach ($metaboxes as $metabox) { ?>
71
+ <div class="col-xs-12 col-md-6 aam-submenu-item">
72
+ <div class="aam-menu-details">
73
+ <?php echo $metabox['title']; ?>
74
+ <small><a href="#metabox-details-modal" data-toggle="modal" data-title="<?php echo $metabox['title']; ?>" data-screen="<?php echo $screen; ?>" data-id="<?php echo strtolower($screen . '|' . $metabox['id']); ?>" class="aam-metabox-item"><?php echo __('more details', AAM_KEY); ?></a></small>
75
+ </div>
76
+
77
+ <input type="checkbox" class="aam-checkbox-danger" id="metabox-<?php echo $screen; ?>-<?php echo $metabox['id']; ?>" data-metabox="<?php echo strtolower($screen . '|' . $metabox['id']); ?>" <?php echo ($object->isHidden($screen, $metabox['id']) ? ' checked="checked"' : ''); ?> />
78
+ <label for="metabox-<?php echo $screen; ?>-<?php echo $metabox['id']; ?>" data-toggle="tooltip" title="<?php echo ($object->isHidden($screen, $metabox['id']) ? __('Uncheck to show', AAM_KEY) : __('Check to hide', AAM_KEY)); ?>"></label>
79
+ </div>
80
+ <?php } ?>
81
+ </div>
82
+ </div>
83
+ </div>
84
+ </div>
85
+ <?php } ?>
86
+ </div>
87
+ <?php } else { ?>
88
+ <div class="row">
89
+ <div class="col-xs-12 text-center">
90
+ <p class="alert alert-info text-larger">
91
+ <?php echo __('The list is not initialized. Click Refresh button above.', AAM_KEY); ?>
92
+ </p>
93
+ </div>
94
+ </div>
95
+ <?php } ?>
96
+
97
+ <div class="modal fade" id="init-url-modal" tabindex="-1" role="dialog">
98
+ <div class="modal-dialog" role="document">
99
+ <div class="modal-content">
100
+ <div class="modal-header">
101
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
102
+ <h4 class="modal-title"><?php echo __('Initialize URL', AAM_KEY); ?></h4>
103
+ </div>
104
+ <div class="modal-body">
105
+ <p class="aam-info">
106
+ <?php echo __('Some metaboxes are "conditional" and appear on the edit screen when certain conditions are met. For example metabox "Comments" appears only for existing page and not for new page. If you do not see a desired metabox, try to copy & paste the full URL to the backend page where that metabox appears.'); ?>
107
+ </p>
108
+ <div class="form-group">
109
+ <label><?php echo __('Backend page URL', AAM_KEY); ?></label>
110
+ <input type="text" class="form-control" id="init-url" placeholder="<?php echo __('Insert valid URL', AAM_KEY); ?>" />
111
+ </div>
112
+ </div>
113
+ <div class="modal-footer">
114
+ <button type="button" class="btn btn-success" id="init-url-btn"><?php echo __('Initialize', AAM_KEY); ?></button>
115
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
116
+ </div>
117
+ </div>
118
+ </div>
119
+ </div>
120
+
121
+ <div class="modal fade" id="metabox-details-modal" tabindex="-1" role="dialog">
122
+ <div class="modal-dialog" role="document">
123
+ <div class="modal-content">
124
+ <div class="modal-header">
125
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
126
+ <h4 class="modal-title"><?php echo __('Metabox/Widget Details', AAM_KEY); ?></h4>
127
+ </div>
128
+ <div class="modal-body">
129
+ <table class="table table-striped table-bordered">
130
+ <tbody>
131
+ <tr>
132
+ <th width="20%"><?php echo __('Title', AAM_KEY); ?></th>
133
+ <td id="metabox-title"></td>
134
+ </tr>
135
+ <tr>
136
+ <th width="20%"><?php echo __('Screen ID', AAM_KEY); ?></th>
137
+ <td id="metabox-screen-id"></td>
138
+ </tr>
139
+ <tr>
140
+ <th width="20%"><?php echo __('Internal ID', AAM_KEY); ?></th>
141
+ <td id="metabox-id"></td>
142
+ </tr>
143
+ </tbody>
144
+ </table>
145
+ </div>
146
+ <div class="modal-footer">
147
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
148
+ </div>
149
+ </div>
150
+ </div>
151
+ </div>
152
+ </div>
153
+ <?php }
application/Backend/{phtml/main/policy.phtml → tmpl/service/policy.php} RENAMED
@@ -1,6 +1,6 @@
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <div class="aam-feature" id="policy-content">
3
- <?php if (defined('AAM_PLUS_PACKAGE') || AAM_Backend_Subject::getInstance()->getUID() != AAM_Core_Subject_Default::UID) { ?>
4
  <div class="row">
5
  <div class="col-xs-12">
6
  <p class="aam-info">
@@ -43,4 +43,4 @@
43
  </div>
44
  <?php } ?>
45
  </div>
46
- <?php }
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <div class="aam-feature" id="policy-content">
3
+ <?php if (defined('AAM_PLUS_PACKAGE') || !AAM_Backend_Subject::getInstance()->isDefault()) { ?>
4
  <div class="row">
5
  <div class="col-xs-12">
6
  <p class="aam-info">
43
  </div>
44
  <?php } ?>
45
  </div>
46
+ <?php }
application/Backend/tmpl/service/post.php ADDED
@@ -0,0 +1,39 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="aam-feature" id="post-content">
5
+ <?php if (current_user_can('aam_page_help_tips')) { ?>
6
+ <?php echo apply_filters('aam_posts_terms_help_tips_filter', AAM_Backend_View::getInstance()->loadPartial('posts-terms-help-tips')); ?>
7
+ <?php } ?>
8
+
9
+ <?php if ($this->isAllowedToManageCurrentSubject()) { ?>
10
+ <div class="aam-post-breadcrumb">
11
+ <a href="#" data-level="root"><i class="icon-home"></i> <?php echo __('Root', AAM_KEY); ?></a>
12
+ </div>
13
+
14
+ <div class="aam-container">
15
+ <table id="post-list" class="table table-striped table-bordered">
16
+ <thead>
17
+ <tr>
18
+ <th>ID</th>
19
+ <th>Link</th>
20
+ <th width="5%">&nbsp;</th>
21
+ <th width="75%"><?php echo __('Title', AAM_KEY); ?></th>
22
+ <th><?php echo __('Actions', AAM_KEY); ?></th>
23
+ <th>Parent</th>
24
+ <th>Overwritten</th>
25
+ </tr>
26
+ </thead>
27
+ <tbody></tbody>
28
+ </table>
29
+
30
+ <div class="aam-slide-form aam-access-form">
31
+ <a href="#" class="btn btn-xs btn-primary post-back btn-right">&Lt; <?php echo __('Go Back', AAM_KEY); ?></a>
32
+ <span class="aam-clear"></span>
33
+ <div id="aam-access-form-container"></div>
34
+ <a href="#" class="btn btn-xs btn-primary post-back">&Lt; <?php echo __('Go Back', AAM_KEY); ?></a>
35
+ </div>
36
+ </div>
37
+ <?php } ?>
38
+ </div>
39
+ <?php }
application/Backend/{phtml/main/redirect.phtml → tmpl/service/redirect.php} RENAMED
@@ -1,8 +1,12 @@
 
 
1
  <?php if (defined('AAM_KEY')) { ?>
 
 
2
  <div class="aam-feature" id="redirect-content">
3
  <div class="row">
4
  <div class="col-xs-12">
5
- <?php if ($this->isDefault()) { ?>
6
  <p class="aam-info">
7
  <?php echo AAM_Backend_View_Helper::preparePhrase('Define the [default] redirect for all users, roles and visitors when access is denied to any restricted resources on your website.', 'strong'); ?>
8
  </p>
@@ -12,8 +16,8 @@
12
  </p>
13
  <?php } ?>
14
  <div class="aam-overwrite" id="aam-redirect-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
15
- <span><i class="icon-check"></i> Settings are customized</span>
16
- <span><a href="#" id="redirect-reset" class="btn btn-xs btn-primary">Reset To Default</a></span>
17
  </div>
18
  </div>
19
  </div>
@@ -22,8 +26,8 @@
22
  <div class="col-xs-12">
23
  <div>
24
  <ul class="nav nav-tabs" role="tablist">
25
- <?php if (AAM_Core_Config::get('core.settings.frontendAccessControl', true)) { ?> <li role="presentation" class="active"><a href="#frontend-redirect" aria-controls="frontend-redirect" role="tab" data-toggle="tab"><i class="icon-home"></i> <?php echo __('Frontend Redirect', AAM_KEY); ?></a></li><?php } ?>
26
- <?php if (AAM_Core_Config::get('core.settings.backendAccessControl', true) && !$this->isVisitor()) { ?><li role="presentation"><a href="#backend-redirect" aria-controls="backend-redirect" role="tab" data-toggle="tab"><i class="icon-circle"></i> <?php echo __('Backend Redirect', AAM_KEY); ?></a></li><?php } ?>
27
  </ul>
28
 
29
  <?php $frontendType = $this->getOption('frontend.redirect.type', 'default'); ?>
@@ -39,7 +43,7 @@
39
  <input type="radio" name="frontend.redirect.type" id="frontend-redirect-message" data-action="#frontend-message-action" value="message" data-group="frontend-redirect"<?php echo ($frontendType == 'message' ? ' checked' : ''); ?> />
40
  <label for="frontend-redirect-message"><?php echo AAM_Backend_View_Helper::preparePhrase('Show customized message [(plain text or HTML)]', 'small'); ?></label>
41
  </div>
42
- <?php if ($this->isVisitor()) { ?>
43
  <div class="radio">
44
  <input type="radio" name="frontend.redirect.type" id="frontend-redirect-login" value="login" data-action="none" data-group="frontend-redirect"<?php echo ($frontendType == 'login' ? ' checked' : ''); ?> />
45
  <label for="frontend-redirect-login"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirect to the login page [(after login, user will be redirected back to the restricted page)]', 'small'); ?></label>
@@ -51,7 +55,7 @@
51
  </div>
52
  <div class="radio">
53
  <input type="radio" name="frontend.redirect.type" id="frontend-redirect-url" data-action="#frontend-url-action" value="url" data-group="frontend-redirect"<?php echo ($frontendType == 'url' ? ' checked' : ''); ?> />
54
- <label for="frontend-redirect-url"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to the URL [(enter valid URL starting from http or https)]', 'small'); ?></label>
55
  </div>
56
  <div class="radio">
57
  <input type="radio" name="frontend.redirect.type" id="frontend-redirect-callback" data-action="#frontend-callback-action" value="callback" data-group="frontend-redirect"<?php echo ($frontendType == 'callback' ? ' checked' : ''); ?> />
@@ -66,16 +70,16 @@
66
  <div class="form-group aam-redirect-action frontend-redirect" id="frontend-page-action" style="display: <?php echo ($frontendType == 'page' ? 'block' : 'none'); ?>;">
67
  <label for="frontend-page"><?php echo __('Existing Page', AAM_KEY); ?></label>
68
  <?php
69
- wp_dropdown_pages(array(
70
- 'depth' => 99,
71
- 'selected' => $this->getOption('frontend.redirect.page'),
72
- 'echo' => 1,
73
- 'name' => 'frontend.redirect.page',
74
- 'id' => 'frontend-page', // string
75
- 'class' => 'form-control', // string
76
- 'show_option_none' => __('-- Select Page --', AAM_KEY) // string
77
- ));
78
- ?>
79
  </div>
80
 
81
  <div class="form-group aam-redirect-action frontend-redirect" id="frontend-url-action" style="display: <?php echo ($frontendType == 'url' ? 'block' : 'none'); ?>;">
@@ -85,7 +89,7 @@
85
 
86
  <div class="form-group aam-redirect-action frontend-redirect" id="frontend-callback-action" style="display: <?php echo ($frontendType == 'callback' ? 'block' : 'none'); ?>;">
87
  <label for="frontend-url"><?php echo __('PHP Callback Function', AAM_KEY); ?></label>
88
- <input type="text" class="form-control" placeholder="Enter valid callback" name="frontend.redirect.callback" value="<?php echo $this->getOption('frontend.redirect.callback'); ?>" />
89
  </div>
90
  </div>
91
  <div role="tabpanel" class="tab-pane" id="backend-redirect">
@@ -103,7 +107,7 @@
103
  </div>
104
  <div class="radio">
105
  <input type="radio" name="backend.redirect.type" id="backend-redirect-url" data-action="#backend-url" value="url" data-group="backend-redirect"<?php echo ($backendType == 'url' ? ' checked' : ''); ?> />
106
- <label for="backend-redirect-url"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to the URL [(enter valid URL starting from http or https)]', 'small'); ?></label>
107
  </div>
108
  <div class="radio">
109
  <input type="radio" name="backend.redirect.type" id="backend-redirect-callback" data-action="#backend-callback-action" value="callback" data-group="backend-redirect"<?php echo ($backendType == 'callback' ? ' checked' : ''); ?> />
@@ -114,20 +118,20 @@
114
  <label for="backend-message"><?php echo __('Customized Message', AAM_KEY); ?></label>
115
  <textarea class="form-control" rows="3" placeholder="<?php echo __('Enter message...', AAM_KEY); ?>" name="backend.redirect.message"><?php echo $this->getOption('backend.redirect.message'); ?></textarea>
116
  </div>
117
-
118
  <div class="form-group aam-redirect-action backend-redirect" id="backend-page-action" style="display: <?php echo ($backendType == 'page' ? 'block' : 'none'); ?>;">
119
  <label for="backend-page"><?php echo __('Existing Page', AAM_KEY); ?></label>
120
  <?php
121
- wp_dropdown_pages(array(
122
- 'depth' => 99,
123
- 'selected' => $this->getOption('backend.redirect.page'),
124
- 'echo' => 1,
125
- 'name' => 'backend.redirect.page',
126
- 'id' => 'backend-page', // string
127
- 'class' => 'form-control', // string
128
- 'show_option_none' => __('-- Select Page --', AAM_KEY) // string
129
- ));
130
- ?>
131
  </div>
132
 
133
  <div class="form-group aam-redirect-action backend-redirect" id="backend-url" style="display: <?php echo ($backendType == 'url' ? 'block' : 'none'); ?>;">
@@ -137,7 +141,7 @@
137
 
138
  <div class="form-group aam-redirect-action backend-redirect" id="backend-callback-action" style="display: <?php echo ($backendType == 'callback' ? 'block' : 'none'); ?>;">
139
  <label for="frontend-url"><?php echo __('PHP Callback Function', AAM_KEY); ?></label>
140
- <input type="text" class="form-control" placeholder="Enter valid callback" name="backend.redirect.callback" value="<?php echo $this->getOption('backend.redirect.callback'); ?>" />
141
  </div>
142
  </div>
143
  </div>
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
  <?php if (defined('AAM_KEY')) { ?>
4
+ <?php $subject = AAM_Backend_Subject::getInstance(); ?>
5
+
6
  <div class="aam-feature" id="redirect-content">
7
  <div class="row">
8
  <div class="col-xs-12">
9
+ <?php if ($subject->isDefault()) { ?>
10
  <p class="aam-info">
11
  <?php echo AAM_Backend_View_Helper::preparePhrase('Define the [default] redirect for all users, roles and visitors when access is denied to any restricted resources on your website.', 'strong'); ?>
12
  </p>
16
  </p>
17
  <?php } ?>
18
  <div class="aam-overwrite" id="aam-redirect-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
19
+ <span><i class="icon-check"></i> <?php echo __('Settings are customized', AAM_KEY); ?></span>
20
+ <span><a href="#" id="redirect-reset" class="btn btn-xs btn-primary"><?php echo __('Reset to default', AAM_KEY); ?></a></span>
21
  </div>
22
  </div>
23
  </div>
26
  <div class="col-xs-12">
27
  <div>
28
  <ul class="nav nav-tabs" role="tablist">
29
+ <li role="presentation" class="active"><a href="#frontend-redirect" aria-controls="frontend-redirect" role="tab" data-toggle="tab"><i class="icon-home"></i> <?php echo __('Frontend Redirect', AAM_KEY); ?></a></li>
30
+ <?php if (!$subject->isVisitor()) { ?><li role="presentation"><a href="#backend-redirect" aria-controls="backend-redirect" role="tab" data-toggle="tab"><i class="icon-circle"></i> <?php echo __('Backend Redirect', AAM_KEY); ?></a></li><?php } ?>
31
  </ul>
32
 
33
  <?php $frontendType = $this->getOption('frontend.redirect.type', 'default'); ?>
43
  <input type="radio" name="frontend.redirect.type" id="frontend-redirect-message" data-action="#frontend-message-action" value="message" data-group="frontend-redirect"<?php echo ($frontendType == 'message' ? ' checked' : ''); ?> />
44
  <label for="frontend-redirect-message"><?php echo AAM_Backend_View_Helper::preparePhrase('Show customized message [(plain text or HTML)]', 'small'); ?></label>
45
  </div>
46
+ <?php if ($subject->isVisitor()) { ?>
47
  <div class="radio">
48
  <input type="radio" name="frontend.redirect.type" id="frontend-redirect-login" value="login" data-action="none" data-group="frontend-redirect"<?php echo ($frontendType == 'login' ? ' checked' : ''); ?> />
49
  <label for="frontend-redirect-login"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirect to the login page [(after login, user will be redirected back to the restricted page)]', 'small'); ?></label>
55
  </div>
56
  <div class="radio">
57
  <input type="radio" name="frontend.redirect.type" id="frontend-redirect-url" data-action="#frontend-url-action" value="url" data-group="frontend-redirect"<?php echo ($frontendType == 'url' ? ' checked' : ''); ?> />
58
+ <label for="frontend-redirect-url"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to local URL [(enter valid URL starting from http or https)]', 'small'); ?></label>
59
  </div>
60
  <div class="radio">
61
  <input type="radio" name="frontend.redirect.type" id="frontend-redirect-callback" data-action="#frontend-callback-action" value="callback" data-group="frontend-redirect"<?php echo ($frontendType == 'callback' ? ' checked' : ''); ?> />
70
  <div class="form-group aam-redirect-action frontend-redirect" id="frontend-page-action" style="display: <?php echo ($frontendType == 'page' ? 'block' : 'none'); ?>;">
71
  <label for="frontend-page"><?php echo __('Existing Page', AAM_KEY); ?></label>
72
  <?php
73
+ wp_dropdown_pages(array(
74
+ 'depth' => 99,
75
+ 'selected' => $this->getOption('frontend.redirect.page'),
76
+ 'echo' => 1,
77
+ 'name' => 'frontend.redirect.page',
78
+ 'id' => 'frontend-page',
79
+ 'class' => 'form-control',
80
+ 'show_option_none' => __('-- Select Page --', AAM_KEY)
81
+ ));
82
+ ?>
83
  </div>
84
 
85
  <div class="form-group aam-redirect-action frontend-redirect" id="frontend-url-action" style="display: <?php echo ($frontendType == 'url' ? 'block' : 'none'); ?>;">
89
 
90
  <div class="form-group aam-redirect-action frontend-redirect" id="frontend-callback-action" style="display: <?php echo ($frontendType == 'callback' ? 'block' : 'none'); ?>;">
91
  <label for="frontend-url"><?php echo __('PHP Callback Function', AAM_KEY); ?></label>
92
+ <input type="text" class="form-control" placeholder="<?php echo __('Enter valid callback', AAM_KEY); ?>" name="frontend.redirect.callback" value="<?php echo $this->getOption('frontend.redirect.callback'); ?>" />
93
  </div>
94
  </div>
95
  <div role="tabpanel" class="tab-pane" id="backend-redirect">
107
  </div>
108
  <div class="radio">
109
  <input type="radio" name="backend.redirect.type" id="backend-redirect-url" data-action="#backend-url" value="url" data-group="backend-redirect"<?php echo ($backendType == 'url' ? ' checked' : ''); ?> />
110
+ <label for="backend-redirect-url"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to local URL [(enter valid URL starting from http or https)]', 'small'); ?></label>
111
  </div>
112
  <div class="radio">
113
  <input type="radio" name="backend.redirect.type" id="backend-redirect-callback" data-action="#backend-callback-action" value="callback" data-group="backend-redirect"<?php echo ($backendType == 'callback' ? ' checked' : ''); ?> />
118
  <label for="backend-message"><?php echo __('Customized Message', AAM_KEY); ?></label>
119
  <textarea class="form-control" rows="3" placeholder="<?php echo __('Enter message...', AAM_KEY); ?>" name="backend.redirect.message"><?php echo $this->getOption('backend.redirect.message'); ?></textarea>
120
  </div>
121
+
122
  <div class="form-group aam-redirect-action backend-redirect" id="backend-page-action" style="display: <?php echo ($backendType == 'page' ? 'block' : 'none'); ?>;">
123
  <label for="backend-page"><?php echo __('Existing Page', AAM_KEY); ?></label>
124
  <?php
125
+ wp_dropdown_pages(array(
126
+ 'depth' => 99,
127
+ 'selected' => $this->getOption('backend.redirect.page'),
128
+ 'echo' => 1,
129
+ 'name' => 'backend.redirect.page',
130
+ 'id' => 'backend-page',
131
+ 'class' => 'form-control',
132
+ 'show_option_none' => __('-- Select Page --', AAM_KEY)
133
+ ));
134
+ ?>
135
  </div>
136
 
137
  <div class="form-group aam-redirect-action backend-redirect" id="backend-url" style="display: <?php echo ($backendType == 'url' ? 'block' : 'none'); ?>;">
141
 
142
  <div class="form-group aam-redirect-action backend-redirect" id="backend-callback-action" style="display: <?php echo ($backendType == 'callback' ? 'block' : 'none'); ?>;">
143
  <label for="frontend-url"><?php echo __('PHP Callback Function', AAM_KEY); ?></label>
144
+ <input type="text" class="form-control" placeholder="<?php echo __('Enter valid callback', AAM_KEY); ?>" name="backend.redirect.callback" value="<?php echo $this->getOption('backend.redirect.callback'); ?>" />
145
  </div>
146
  </div>
147
  </div>
application/Backend/{phtml/main/route.phtml → tmpl/service/route.php} RENAMED
@@ -1,20 +1,22 @@
 
 
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <div class="aam-feature" id="route-content">
3
  <?php $subject = AAM_Backend_Subject::getInstance(); ?>
4
-
5
  <div class="row">
6
  <div class="col-xs-12">
7
  <p class="aam-info">
8
- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Manage access to the website API routes for [%s]. For full RESTful API experience, you might want to use %sJWT authentication%s that is already available in AAM.', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/how-to-authenticate-wordpress-user-with-jwt-token" target="_blank">', '</a>'); ?>
9
  </p>
10
  </div>
11
  </div>
12
-
13
  <div class="row">
14
  <div class="col-xs-12">
15
  <div class="aam-overwrite<?php echo ($this->isOverwritten() ? '' : ' hidden'); ?>" id="aam-route-overwrite">
16
  <span><i class="icon-check"></i> <?php echo __('Routes are customized', AAM_KEY); ?></span>
17
- <span><a href="#" id="route-reset" class="btn btn-xs btn-primary"><?php echo __('Reset To Default', AAM_KEY); ?></a>
18
  </div>
19
  </div>
20
  </div>
@@ -24,7 +26,7 @@
24
  <tr>
25
  <th>Route Raw</th>
26
  <th>Type</th>
27
- <th width="10%">Method</th>
28
  <th width="80%"><?php echo __('Route', AAM_KEY); ?></th>
29
  <th><?php echo __('Deny', AAM_KEY); ?></th>
30
  </tr>
@@ -32,4 +34,4 @@
32
  <tbody></tbody>
33
  </table>
34
  </div>
35
- <?php }
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
  <?php if (defined('AAM_KEY')) { ?>
4
  <div class="aam-feature" id="route-content">
5
  <?php $subject = AAM_Backend_Subject::getInstance(); ?>
6
+
7
  <div class="row">
8
  <div class="col-xs-12">
9
  <p class="aam-info">
10
+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Manage access to the website API routes for [%s]. For the full RESTful API experience, consider to use %sJWT authentication%s that is already available in AAM.', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/ultimate-guide-to-wordpress-jwt-authentication" target="_blank">', '</a>'); ?>
11
  </p>
12
  </div>
13
  </div>
14
+
15
  <div class="row">
16
  <div class="col-xs-12">
17
  <div class="aam-overwrite<?php echo ($this->isOverwritten() ? '' : ' hidden'); ?>" id="aam-route-overwrite">
18
  <span><i class="icon-check"></i> <?php echo __('Routes are customized', AAM_KEY); ?></span>
19
+ <span><a href="#" id="route-reset" class="btn btn-xs btn-primary"><?php echo __('Reset to default', AAM_KEY); ?></a>
20
  </div>
21
  </div>
22
  </div>
26
  <tr>
27
  <th>Route Raw</th>
28
  <th>Type</th>
29
+ <th width="10%"><?php echo __('Method', AAM_KEY); ?></th>
30
  <th width="80%"><?php echo __('Route', AAM_KEY); ?></th>
31
  <th><?php echo __('Deny', AAM_KEY); ?></th>
32
  </tr>
34
  <tbody></tbody>
35
  </table>
36
  </div>
37
+ <?php }
application/Backend/tmpl/service/toolbar.php ADDED
@@ -0,0 +1,126 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="aam-feature" id="toolbar-content">
5
+ <div class="row">
6
+ <div class="col-xs-12">
7
+ <p class="aam-info">
8
+ <?php echo AAM_Backend_View_Helper::preparePhrase('[Note!] Toolbar service is not intended to restrict direct access to linked pages. It used only to remove unnecessary items from the top toolbar. Use [Backend Menu] tab to restrict direct access to backend pages or utilize the great power of capabilities.', 'b', 'b'); ?>
9
+ </p>
10
+ </div>
11
+ </div>
12
+
13
+ <div class="row">
14
+ <div class="col-xs-12">
15
+ <div class="aam-overwrite" id="aam-toolbar-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
16
+ <span><i class="icon-check"></i> <?php echo __('Settings are customized', AAM_KEY); ?></span>
17
+ <span><a href="#" id="toolbar-reset" class="btn btn-xs btn-primary"><?php echo __('Reset to default', AAM_KEY); ?></a>
18
+ </div>
19
+ </div>
20
+ </div>
21
+
22
+ <div class="panel-group" id="toolbar-list" role="tablist" aria-multiselectable="true">
23
+ <?php
24
+ $first = false;
25
+ $toolbar = $this->getToolbar();
26
+ $object = AAM_Backend_Subject::getInstance()->getObject('toolbar');
27
+
28
+ if (!empty($toolbar)) { ?>
29
+ <?php foreach ($toolbar as $i => $branch) { ?>
30
+ <div class="panel panel-default">
31
+ <div class="panel-heading" role="tab" id="toolbar-<?php echo $branch->id; ?>-heading">
32
+ <h4 class="panel-title">
33
+ <a role="button" data-toggle="collapse" data-parent="#toolbar-list" href="#toolbar-<?php echo $branch->id; ?>" aria-controls="toolbar-<?php echo $branch->id; ?>" <?php if (!$first) { echo 'aria-expanded="true"'; } ?>>
34
+ <?php echo $this->normalizeTitle($branch); ?> <small class="aam-menu-capability"><?php echo str_replace(site_url(), '', $branch->href); ?></small>
35
+ </a>
36
+ <?php if ($object->isHidden('toolbar-' . $branch->id)) { ?>
37
+ <i class="aam-panel-title-icon icon-eye-off text-danger"></i>
38
+ <?php } ?>
39
+ </h4>
40
+ </div>
41
+
42
+ <div id="toolbar-<?php echo $branch->id; ?>" class="panel-collapse collapse<?php if (!$first) { echo ' in'; $first = true; } ?>" role="tabpanel" aria-labelledby="toolbar-<?php echo $branch->id; ?>-heading">
43
+ <div class="panel-body">
44
+ <div class="row aam-inner-tab">
45
+ <div class="col-xs-12 text-center">
46
+ <small class="aam-menu-capability"><?php echo __('Item ID:', AAM_KEY); ?> <b><?php echo $branch->id; ?></b></small>
47
+ </div>
48
+ </div>
49
+ <hr class="aam-divider" />
50
+ <?php if (!empty($branch->children)) { ?>
51
+ <div class="row aam-inner-tab">
52
+ <?php echo ($object->isHidden('toolbar-' . $branch->id) ? '<div class="aam-lock"></div>' : ''); ?>
53
+ <?php foreach ($this->getAllChildren($branch) as $child) { ?>
54
+ <div class="col-xs-12 col-md-6 aam-submenu-item">
55
+ <div class="aam-menu-details">
56
+ <?php echo $this->normalizeTitle($child); ?>
57
+ <small><a href="#toolbar-details-modal" data-toggle="modal" data-uri="<?php echo urldecode(str_replace(site_url(), '', $child->href)); ?>" data-id="<?php echo esc_js($child->id); ?>" data-name="<?php echo esc_js($this->normalizeTitle($child)); ?>" class="aam-toolbar-item"><?php echo __('more details', AAM_KEY); ?></a></small>
58
+ </div>
59
+ <input type="checkbox" class="aam-checkbox-danger" id="toolbar-<?php echo $child->id; ?>" data-toolbar="<?php echo $child->id; ?>" <?php echo ($object->isHidden($child->id) ? ' checked="checked"' : ''); ?> />
60
+ <label for="toolbar-<?php echo $child->id; ?>" data-toggle="tooltip" title="<?php echo ($object->isHidden($child->id) ? __('Uncheck to allow', AAM_KEY) : __('Check to restrict', AAM_KEY)); ?>"></label>
61
+ </div>
62
+ <?php } ?>
63
+ </div>
64
+ <hr class="aam-divider" />
65
+ <?php } ?>
66
+ <div class="row<?php echo (!empty($branch->children) ? ' aam-margin-top-xs' : ''); ?>">
67
+ <div class="col-xs-10 col-md-6 col-xs-offset-1 col-md-offset-3">
68
+ <?php if ($object->isHidden('toolbar-' . $branch->id)) { ?>
69
+ <a href="#" class="btn btn-primary btn-sm btn-block aam-restrict-toolbar" data-toolbar="toolbar-<?php echo $branch->id; ?>" data-target="#toolbar-<?php echo $branch->id; ?>">
70
+ <i class="icon-eye"></i> <?php echo __('Show Menu', AAM_KEY); ?>
71
+ </a>
72
+ <?php } else { ?>
73
+ <a href="#" class="btn btn-danger btn-sm btn-block aam-restrict-toolbar" data-toolbar="toolbar-<?php echo $branch->id; ?>" data-target="#toolbar-<?php echo $branch->id; ?>">
74
+ <i class="icon-eye-off"></i> <?php echo __('Restrict Menu', AAM_KEY); ?>
75
+ </a>
76
+ <?php } ?>
77
+ </div>
78
+ </div>
79
+ </div>
80
+ </div>
81
+ </div>
82
+ <div class="modal fade" id="toolbar-details-modal" tabindex="-1" role="dialog">
83
+ <div class="modal-dialog" role="document">
84
+ <div class="modal-content">
85
+ <div class="modal-header">
86
+ <button type="button" class="close" data-dismiss="modal" aria-label="<?php echo __('Close', AAM_KEY); ?>"><span aria-hidden="true">&times;</span></button>
87
+ <h4 class="modal-title"><?php echo __('Item Details', AAM_KEY); ?></h4>
88
+ </div>
89
+ <div class="modal-body">
90
+ <table class="table table-striped table-bordered">
91
+ <tbody>
92
+ <tr>
93
+ <th width="20%"><?php echo __('Name', AAM_KEY); ?></th>
94
+ <td id="toolbar-item-name"></td>
95
+ </tr>
96
+ <tr>
97
+ <th width="20%"><?php echo __('URI', AAM_KEY); ?></th>
98
+ <td id="toolbar-item-uri"></td>
99
+ </tr>
100
+ <tr>
101
+ <th width="20%"><?php echo __('ID', AAM_KEY); ?></th>
102
+ <td id="toolbar-item-id"></td>
103
+ </tr>
104
+ </tbody>
105
+ </table>
106
+ </div>
107
+ <div class="modal-footer">
108
+ <button type="button" class="btn btn-default" data-dismiss="modal"><?php echo __('Close', AAM_KEY); ?></button>
109
+ </div>
110
+ </div>
111
+ </div>
112
+ </div>
113
+ <?php } ?>
114
+ <?php } else { ?>
115
+ <div class="row">
116
+ <div class="col-xs-12">
117
+ <p class="aam-info">
118
+ <?php echo __('The list of top admin bar items is not initialized. Reload the page.', AAM_KEY); ?>
119
+ </p>
120
+ </div>
121
+ </div>
122
+ <?php }
123
+ ?>
124
+ </div>
125
+ </div>
126
+ <?php }
application/Backend/{phtml/main/uri.phtml → tmpl/service/uri.php} RENAMED
@@ -1,24 +1,24 @@
 
 
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <div class="aam-feature" id="uri-content">
3
- <?php $subject = AAM_Backend_Subject::getInstance(); ?>
4
-
5
  <div class="row">
6
  <div class="col-xs-12">
7
  <p class="aam-info">
8
- <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Manage access to the website URL(s) for the [%s]. However, note! All entered URLs have to belong to this particular website and processed by the WordPress core. For more information check %sHow to restrict access to any WordPress website URL%s.', 'b'), AAM_Backend_Subject::getInstance()->getName(), '<a href="https://aamplugin.com/article/how-to-restrict-access-to-any-wordpress-website-url" target="_blank">', '</a>'); ?>
9
  </p>
10
  </div>
11
  </div>
12
-
13
  <div class="row">
14
  <div class="col-xs-12">
15
  <div class="aam-overwrite" id="aam-uri-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
16
  <span><i class="icon-check"></i> <?php echo __('Settings are customized', AAM_KEY); ?></span>
17
- <span><a href="#" id="uri-reset" class="btn btn-xs btn-primary"><?php echo __('Reset To Default', AAM_KEY); ?></a>
18
  </div>
19
  </div>
20
  </div>
21
-
22
  <div class="modal fade" id="uri-model" tabindex="-1" role="dialog">
23
  <div class="modal-dialog" role="document">
24
  <div class="modal-content">
@@ -31,26 +31,26 @@
31
  <label><?php echo AAM_Backend_View_Helper::preparePhrase('Enter URL [(wildcard * is available with Plus Package extension)]', 'small'); ?></label>
32
  <input type="text" class="form-control form-clearable" id="uri-rule" placeholder="Enter valid URL" />
33
  </div>
34
-
35
- <label><?php echo __('How to redirect user when match?', AAM_KEY); ?></label><br/>
36
-
37
  <div class="radio">
38
  <input type="radio" name="uri.access.type" id="uri-access-allow" value="allow" data-action="none" />
39
  <label for="uri-access-allow"><?php echo __('Allow Access', AAM_KEY); ?></label>
40
  </div>
41
  <div class="radio">
42
- <input type="radio" name="uri.access.type" id="uri-access-deny" value="deny" data-action="none" />
43
- <label for="uri-access-deny"><?php echo AAM_Backend_View_Helper::preparePhrase('Deny Access [(show "Access Denied" message)]', 'small'); ?></label>
44
  </div>
45
  <div class="radio">
46
  <input type="radio" name="uri.access.type" id="uri-access-deny-message" data-action="#uri-access-deny-message-action" value="message" />
47
  <label for="uri-access-deny-message"><?php echo AAM_Backend_View_Helper::preparePhrase('Show customized message [(plain text or HTML)]', 'small'); ?></label>
48
  </div>
49
- <?php if ($this->isVisitor()) { ?>
50
- <div class="radio">
51
- <input type="radio" name="uri.access.type" id="uri-access-deny-login" value="login" />
52
- <label for="uri-access-deny-login"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirect to the login page [(after login, user will be redirected back to the restricted page)]', 'small'); ?></label>
53
- </div>
54
  <?php } ?>
55
  <div class="radio">
56
  <input type="radio" name="uri.access.type" id="uri-access-deny-page" data-action="#uri-access-deny-page-action" value="page" />
@@ -58,7 +58,7 @@
58
  </div>
59
  <div class="radio">
60
  <input type="radio" name="uri.access.type" id="uri-access-deny-url" data-action="#uri-access-deny-url-action" value="url" />
61
- <label for="uri-access-deny-url"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to the URL [(enter valid URL starting from http or https)]', 'small'); ?></label>
62
  </div>
63
  <div class="radio">
64
  <input type="radio" name="uri.access.type" id="uri-access-deny-callback" data-action="#uri-access-deny-callback-action" value="callback" />
@@ -73,14 +73,14 @@
73
  <div class="form-group aam-uri-access-action" id="uri-access-deny-page-action" style="display: none;">
74
  <label><?php echo __('Existing Page', AAM_KEY); ?></label>
75
  <?php
76
- wp_dropdown_pages(array(
77
- 'depth' => 99,
78
- 'echo' => 1,
79
- 'id' => 'uri-access-deny-page-value', // string
80
- 'class' => 'form-control form-clearable', // string
81
- 'show_option_none' => __('-- Select Page --', AAM_KEY) // string
82
- ));
83
- ?>
84
  </div>
85
 
86
  <div class="form-group aam-uri-access-action" id="uri-access-deny-url-action" style="display: none;">
@@ -96,9 +96,6 @@
96
  <option value="302"><?php echo __('302 - Found', AAM_KEY); ?></option>
97
  <option value="303"><?php echo __('303 - See Other', AAM_KEY); ?></option>
98
  <option value="307"><?php echo __('307 - Temporary Redirect', AAM_KEY); ?></option>
99
- <option value="401"><?php echo __('401 - Unauthorized', AAM_KEY); ?></option>
100
- <option value="403"><?php echo __('403 - Forbidden', AAM_KEY); ?></option>
101
- <option value="410"><?php echo __('410 - Gone', AAM_KEY); ?></option>
102
  </select>
103
  </div>
104
 
@@ -114,7 +111,7 @@
114
  </div>
115
  </div>
116
  </div>
117
-
118
  <div class="modal fade" id="uri-delete-model" tabindex="-1" role="dialog">
119
  <div class="modal-dialog modal-sm" role="document">
120
  <div class="modal-content">
@@ -125,7 +122,7 @@
125
  <div class="modal-body">
126
  <div class="form-group">
127
  <p class="aam-notification">
128
- You are about to delete the URI Rule. Please confirm!
129
  </p>
130
  </div>
131
  </div>
@@ -142,10 +139,9 @@
142
  <table id="uri-list" class="table table-striped table-bordered">
143
  <thead>
144
  <tr>
145
- <th>ID</th>
146
- <th width="80%"><?php echo __('URI', AAM_KEY); ?></th>
147
- <th><?php echo __('Type', AAM_KEY); ?></th>
148
- <th><?php echo __('Action', AAM_KEY); ?></th>
149
  <th>HTTP Code</th>
150
  <th><?php echo __('Actions', AAM_KEY); ?></th>
151
  </tr>
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
  <?php if (defined('AAM_KEY')) { ?>
4
  <div class="aam-feature" id="uri-content">
 
 
5
  <div class="row">
6
  <div class="col-xs-12">
7
  <p class="aam-info">
8
+ <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Manage access to the website URL(s) for the [%s]. Note! All entered URLs have to belong to this particular website and processed by the WordPress core. For more information check %sHow to restrict access to any WordPress website URL%s.', 'b'), $this->getSubject()->getName(), '<a href="https://aamplugin.com/article/how-to-restrict-access-to-any-wordpress-website-url" target="_blank">', '</a>'); ?>
9
  </p>
10
  </div>
11
  </div>
12
+
13
  <div class="row">
14
  <div class="col-xs-12">
15
  <div class="aam-overwrite" id="aam-uri-overwrite" style="display: <?php echo ($this->isOverwritten() ? 'block' : 'none'); ?>">
16
  <span><i class="icon-check"></i> <?php echo __('Settings are customized', AAM_KEY); ?></span>
17
+ <span><a href="#" id="uri-reset" class="btn btn-xs btn-primary"><?php echo __('Reset to default', AAM_KEY); ?></a>
18
  </div>
19
  </div>
20
  </div>
21
+
22
  <div class="modal fade" id="uri-model" tabindex="-1" role="dialog">
23
  <div class="modal-dialog" role="document">
24
  <div class="modal-content">
31
  <label><?php echo AAM_Backend_View_Helper::preparePhrase('Enter URL [(wildcard * is available with Plus Package extension)]', 'small'); ?></label>
32
  <input type="text" class="form-control form-clearable" id="uri-rule" placeholder="Enter valid URL" />
33
  </div>
34
+
35
+ <label><?php echo __('How to redirect user when match?', AAM_KEY); ?></label><br />
36
+
37
  <div class="radio">
38
  <input type="radio" name="uri.access.type" id="uri-access-allow" value="allow" data-action="none" />
39
  <label for="uri-access-allow"><?php echo __('Allow Access', AAM_KEY); ?></label>
40
  </div>
41
  <div class="radio">
42
+ <input type="radio" name="uri.access.type" id="uri-access-default" value="default" data-action="none" />
43
+ <label for="uri-access-default"><?php echo AAM_Backend_View_Helper::preparePhrase('Deny Access [(show "Access Denied" message)]', 'small'); ?></label>
44
  </div>
45
  <div class="radio">
46
  <input type="radio" name="uri.access.type" id="uri-access-deny-message" data-action="#uri-access-deny-message-action" value="message" />
47
  <label for="uri-access-deny-message"><?php echo AAM_Backend_View_Helper::preparePhrase('Show customized message [(plain text or HTML)]', 'small'); ?></label>
48
  </div>
49
+ <?php if ($this->getSubject()->isVisitor()) { ?>
50
+ <div class="radio">
51
+ <input type="radio" name="uri.access.type" id="uri-access-deny-login" value="login" />
52
+ <label for="uri-access-deny-login"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirect to the login page [(after login, user will be redirected back to the restricted page)]', 'small'); ?></label>
53
+ </div>
54
  <?php } ?>
55
  <div class="radio">
56
  <input type="radio" name="uri.access.type" id="uri-access-deny-page" data-action="#uri-access-deny-page-action" value="page" />
58
  </div>
59
  <div class="radio">
60
  <input type="radio" name="uri.access.type" id="uri-access-deny-url" data-action="#uri-access-deny-url-action" value="url" />
61
+ <label for="uri-access-deny-url"><?php echo AAM_Backend_View_Helper::preparePhrase('Redirected to local URL [(enter valid URL starting from http or https)]', 'small'); ?></label>
62
  </div>
63
  <div class="radio">
64
  <input type="radio" name="uri.access.type" id="uri-access-deny-callback" data-action="#uri-access-deny-callback-action" value="callback" />
73
  <div class="form-group aam-uri-access-action" id="uri-access-deny-page-action" style="display: none;">
74
  <label><?php echo __('Existing Page', AAM_KEY); ?></label>
75
  <?php
76
+ wp_dropdown_pages(array(
77
+ 'depth' => 99,
78
+ 'echo' => 1,
79
+ 'id' => 'uri-access-deny-page-value',
80
+ 'class' => 'form-control form-clearable',
81
+ 'show_option_none' => __('-- Select Page --', AAM_KEY)
82
+ ));
83
+ ?>
84
  </div>
85
 
86
  <div class="form-group aam-uri-access-action" id="uri-access-deny-url-action" style="display: none;">
96
  <option value="302"><?php echo __('302 - Found', AAM_KEY); ?></option>
97
  <option value="303"><?php echo __('303 - See Other', AAM_KEY); ?></option>
98
  <option value="307"><?php echo __('307 - Temporary Redirect', AAM_KEY); ?></option>
 
 
 
99
  </select>
100
  </div>
101
 
111
  </div>
112
  </div>
113
  </div>
114
+
115
  <div class="modal fade" id="uri-delete-model" tabindex="-1" role="dialog">
116
  <div class="modal-dialog modal-sm" role="document">
117
  <div class="modal-content">
122
  <div class="modal-body">
123
  <div class="form-group">
124
  <p class="aam-notification">
125
+ <?php echo __('You are about to delete the URI Rule. Please confirm!', AAM_KEY); ?>
126
  </p>
127
  </div>
128
  </div>
139
  <table id="uri-list" class="table table-striped table-bordered">
140
  <thead>
141
  <tr>
142
+ <th width="60%"><?php echo __('URI', AAM_KEY); ?></th>
143
+ <th width="20%"><?php echo __('Type', AAM_KEY); ?></th>
144
+ <th>Type Details</th>
 
145
  <th>HTTP Code</th>
146
  <th><?php echo __('Actions', AAM_KEY); ?></th>
147
  </tr>
application/Backend/tmpl/service/welcome.php ADDED
@@ -0,0 +1,23 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <?php global $wpdb; ?>
5
+
6
+ <div class="aam-feature" id="welcome-content">
7
+ <div class="row">
8
+ <div class="col-xs-12">
9
+ <div class="panel panel-default">
10
+ <div class="panel-body">
11
+ <p class="text-larger"><?php echo __('Thank you for using the Advanced Access Manager (aka AAM) plugin. With strong knowledge and experience in WordPress core, AAM becomes a very powerful collection of services to manage access to the website frontend, backend, and RESTful API.', AAM_KEY); ?></p>
12
+ <p class="text-larger"><span class="aam-highlight"><?php echo __('Note!', AAM_KEY); ?></span> <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('Power comes with responsibility. Make sure you have a good understanding of %sWordPress Roles & Capabilities%s because AAM is very closely integrated with WordPress core. It is also recommended to have a backup of your database table wp_options before you start working with AAM. There is no need to back up your files. AAM does not modify any physical files on your server and never did.'), '<a href="https://aamplugin.com/article/wordpress-roles-and-capabilities" target="_blank">', '</a>', $wpdb->options); ?></p>
13
+ <p class="text-larger"><?php echo __('AAM is thoroughly tested on the fresh installation of the latest WordPress and in the latest versions of Chrome, Safari, IE, and Firefox. If you have any issues, the most typical cause is a conflict with other plugins or themes.', AAM_KEY); ?></p>
14
+ <p class="text-larger"><?php echo sprintf(__('If you are not sure where to start, please check our %s"Get Started"%s page to learn more about core concepts that may help you to manage access to your WordPress website more effectively.', AAM_KEY), '<a href="https://aamplugin.com/get-started" target="_blank">', '</a>'); ?></p>
15
+ <p class="text-center">
16
+ <a href="https://aamplugin.com/get-started" class="btn btn-primary" target="_blank"><?php echo __('Go To The "Get Started" Page', AAM_KEY); ?></a><br/><br/>
17
+ </p>
18
+ </div>
19
+ </div>
20
+ </div>
21
+ </div>
22
+ </div>
23
+ <?php }
application/Backend/{phtml/settings/configpress.phtml → tmpl/settings/configpress.php} RENAMED
@@ -1,13 +1,15 @@
 
 
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <div class="aam-feature" id="configpress-content">
3
  <div class="row">
4
  <div class="col-xs-12">
5
  <p class="aam-info">
6
- Fore more information about AAM configurations check <a href="https://aamplugin.com/article/aam-configurations">this article</a>
7
  </p>
8
  </div>
9
  </div>
10
-
11
  <textarea id="configpress-editor" class="configpress-editor" rows="10"><?php echo AAM_Core_ConfigPress::getInstance()->read(); ?></textarea>
12
  </div>
13
  <?php }
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
  <?php if (defined('AAM_KEY')) { ?>
4
  <div class="aam-feature" id="configpress-content">
5
  <div class="row">
6
  <div class="col-xs-12">
7
  <p class="aam-info">
8
+ <?php echo sprintf(__('Fore more information about AAM configurations check %sAAM Configurations%s article.', AAM_KEY), '<a href="https://aamplugin.com/article/aam-configurations">', '</a>'); ?>
9
  </p>
10
  </div>
11
  </div>
12
+
13
  <textarea id="configpress-editor" class="configpress-editor" rows="10"><?php echo AAM_Core_ConfigPress::getInstance()->read(); ?></textarea>
14
  </div>
15
  <?php }
application/Backend/tmpl/settings/content.php ADDED
@@ -0,0 +1,29 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="aam-feature settings" id="settings-content-content">
5
+ <table class="table table-striped table-bordered">
6
+ <tbody>
7
+ <?php $list = $this->getList(); ?>
8
+
9
+ <?php if (count($list)) { ?>
10
+ <?php foreach($list as $id => $option) { ?>
11
+ <tr>
12
+ <td>
13
+ <span class='aam-setting-title'><?php echo $option['title']; ?></span>
14
+ <p class="aam-setting-description">
15
+ <?php echo $option['description']; ?>
16
+ </p>
17
+ </td>
18
+ <td class="text-center">
19
+ <input data-toggle="toggle" name="<?php echo $id; ?>" id="utility-<?php echo $id; ?>" <?php echo ($option['value'] ? 'checked' : ''); ?> type="checkbox" data-on="<?php echo __('Enabled', AAM_KEY); ?>" data-off="<?php echo __('Disabled', AAM_KEY); ?>" data-size="small" />
20
+ </td>
21
+ </tr>
22
+ <?php } ?>
23
+ <?php } else { ?>
24
+ <p class="alert alert-info text-center"><?php echo __('There are no settings associated with content service.', AAM_KEY); ?></p>
25
+ <?php } ?>
26
+ </tbody>
27
+ </table>
28
+ </div>
29
+ <?php }
application/Backend/{phtml/settings/core.phtml → tmpl/settings/core.php} RENAMED
@@ -1,3 +1,5 @@
 
 
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <div class="aam-feature settings" id="settings-core-content">
3
  <table class="table table-striped table-bordered">
@@ -7,11 +9,11 @@
7
  <td>
8
  <span class='aam-setting-title'><?php echo $option['title']; ?></span>
9
  <p class="aam-setting-description">
10
- <?php echo $option['descr']; ?>
11
  </p>
12
  </td>
13
  <td class="text-center">
14
- <input data-toggle="toggle" name="<?php echo $id; ?>" id="utility-<?php echo $id; ?>" <?php echo ($option['value'] ? 'checked' : ''); ?> type="checkbox" data-on="Enabled" data-off="Disabled" data-size="small" />
15
  </td>
16
  </tr>
17
  <?php } ?>
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
  <?php if (defined('AAM_KEY')) { ?>
4
  <div class="aam-feature settings" id="settings-core-content">
5
  <table class="table table-striped table-bordered">
9
  <td>
10
  <span class='aam-setting-title'><?php echo $option['title']; ?></span>
11
  <p class="aam-setting-description">
12
+ <?php echo $option['description']; ?>
13
  </p>
14
  </td>
15
  <td class="text-center">
16
+ <input data-toggle="toggle" name="<?php echo $id; ?>" id="utility-<?php echo $id; ?>" <?php echo ($option['value'] ? 'checked' : ''); ?> type="checkbox" data-on="<?php echo __('Enabled', AAM_KEY); ?>" data-off="<?php echo __('Disabled', AAM_KEY); ?>" data-size="small" />
17
  </td>
18
  </tr>
19
  <?php } ?>
application/Backend/{phtml/settings/security.phtml → tmpl/settings/security.php} RENAMED
@@ -1,3 +1,5 @@
 
 
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <div class="aam-feature settings" id="settings-security-content">
3
  <table class="table table-striped table-bordered">
@@ -7,15 +9,15 @@
7
  <td>
8
  <span class='aam-setting-title'><?php echo $option['title']; ?></span>
9
  <p class="aam-setting-description">
10
- <?php echo $option['descr']; ?>
11
  </p>
12
  </td>
13
  <td class="text-center">
14
- <input data-toggle="toggle" name="<?php echo $id; ?>" id="utility-<?php echo $id; ?>" <?php echo ($option['value'] ? 'checked' : ''); ?> type="checkbox" data-on="Enabled" data-off="Disabled" data-size="small" />
15
  </td>
16
  </tr>
17
  <?php } ?>
18
  </tbody>
19
  </table>
20
  </div>
21
- <?php }
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
  <?php if (defined('AAM_KEY')) { ?>
4
  <div class="aam-feature settings" id="settings-security-content">
5
  <table class="table table-striped table-bordered">
9
  <td>
10
  <span class='aam-setting-title'><?php echo $option['title']; ?></span>
11
  <p class="aam-setting-description">
12
+ <?php echo $option['description']; ?>
13
  </p>
14
  </td>
15
  <td class="text-center">
16
+ <input data-toggle="toggle" name="<?php echo $id; ?>" id="utility-<?php echo $id; ?>" <?php echo ($option['value'] ? 'checked' : ''); ?> type="checkbox" data-on="<?php echo __('Enabled', AAM_KEY); ?>" data-off="<?php echo __('Disabled', AAM_KEY); ?>" data-size="small" />
17
  </td>
18
  </tr>
19
  <?php } ?>
20
  </tbody>
21
  </table>
22
  </div>
23
+ <?php }
application/Backend/tmpl/settings/service.php ADDED
@@ -0,0 +1,18 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <div class="aam-feature settings" id="settings-services-content">
5
+ <table id="service-list" class="table table-striped table-bordered">
6
+ <thead>
7
+ <tr>
8
+ <th>ID</th>
9
+ <th>Name</th>
10
+ <th width="80%"><?php echo __('Service Name/Description', AAM_KEY); ?></th>
11
+ <th><?php echo __('Status', AAM_KEY); ?></th>
12
+ </tr>
13
+ </thead>
14
+ <tbody></tbody>
15
+ </table>
16
+ <div class="hidden" id="service-list-json"><?php echo wp_json_encode($this->getList(), JSON_HEX_QUOT); ?></div>
17
+ </div>
18
+ <?php }
application/Backend/tmpl/user/multiple-roles.php ADDED
@@ -0,0 +1,41 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <?php $user = ($param === 'add-new-user' ? null : $param); ?>
5
+
6
+ <?php if ((!defined('IS_PROFILE_PAGE') || !IS_PROFILE_PAGE) && !is_network_admin() && (empty($user) || current_user_can('promote_user', $user->ID))) { ?>
7
+ <table class="form-table">
8
+ <tr>
9
+ <th><?php echo esc_html('User Roles', AAM_KEY); ?></th>
10
+ <td>
11
+ <div class="wp-tab-panel">
12
+ <ul>
13
+ <?php $roles = (!empty($user) ? $user->roles : array('subscriber')); ?>
14
+ <?php foreach (get_editable_roles() as $id => $role) { ?>
15
+ <li>
16
+ <label>
17
+ <input type="checkbox" name="aam_user_roles[]" value="<?php echo esc_attr($id); ?>" <?php checked(in_array($id, $roles)); ?> />
18
+ <?php echo esc_html(translate_user_role($role['name'])); ?>
19
+ </label>
20
+ </li>
21
+ <?php } ?>
22
+ </ul>
23
+ </div>
24
+ </td>
25
+ </tr>
26
+ </table>
27
+
28
+ <!-- Remove standard WordPress roles selector-->
29
+ <script>
30
+ (function($) {
31
+ $(document).ready(function() {
32
+ if ($('.user-role-wrap').length) {
33
+ $('.user-role-wrap').remove();
34
+ } else if ($('#role').length) {
35
+ $('#role').parent().parent().remove();
36
+ }
37
+ });
38
+ })(jQuery);
39
+ </script>
40
+ <?php } ?>
41
+ <?php }
application/Backend/{phtml/widget/login-backend.phtml → tmpl/widget/login-backend.php} RENAMED
@@ -1,3 +1,5 @@
 
 
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <p>
3
  <label for="<?php echo $this->get_field_id('login-title'); ?>"><?php echo __('Login Title', AAM_KEY); ?>: </label>
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
  <?php if (defined('AAM_KEY')) { ?>
4
  <p>
5
  <label for="<?php echo $this->get_field_id('login-title'); ?>"><?php echo __('Login Title', AAM_KEY); ?>: </label>
application/Backend/tmpl/widget/login-frontend.php ADDED
@@ -0,0 +1,110 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
+ <?php if (defined('AAM_KEY')) { ?>
4
+ <?php
5
+ echo $this->args['before_widget'];
6
+
7
+ if (!is_user_logged_in()) {
8
+ echo $this->args['before_title'];
9
+ echo apply_filters('widget_title', $this->args['login-title'], $this->args, $this->id_base);
10
+ echo $this->args['after_title'];
11
+ } elseif (is_user_logged_in()) {
12
+ echo $this->args['before_title'];
13
+ echo str_replace('%username%', AAM::getUser()->display_name, $this->args['user-title']);
14
+ echo $this->args['after_title'];
15
+ }
16
+ ?>
17
+
18
+ <?php if (!is_user_logged_in()) { ?>
19
+ <div id="aam-login-error" style="display: none; margin-bottom: 15px; border-left: 4px solid #dc3232; padding: 6px;"></div>
20
+
21
+ <div id="<?php echo $this->get_field_id('loginform'); ?>">
22
+ <p>
23
+ <label for="user_login"><?php echo __('Username or Email Address', AAM_KEY); ?><br>
24
+ <input id="aam-login-username" class="input login-input" type="text" />
25
+ </label>
26
+ </p>
27
+
28
+ <p>
29
+ <label for="user_pass"><?php echo __('Password', AAM_KEY); ?><br>
30
+ <input id="aam-login-password" class="input login-input" type="password" />
31
+ </label>
32
+ </p>
33
+
34
+ <?php do_action('login_form'); ?>
35
+
36
+ <p class="forgetmenot">
37
+ <label for="rememberme">
38
+ <input id="aam-login-remember" value="forever" type="checkbox" /> <?php echo __('Remember Me', AAM_KEY); ?>
39
+ </label>
40
+ </p>
41
+
42
+ <p class="submit">
43
+ <input class="button button-primary button-large" id="aam-login-submit" value="<?php echo __('Log In', AAM_KEY); ?>" type="submit" />
44
+ <input id="aam-login-redirect" value="<?php echo $this->args['redirect']; ?>" type="hidden" />
45
+ </p>
46
+ </div>
47
+
48
+ <p id="<?php echo $this->get_field_id('nav'); ?>">
49
+ <?php
50
+ if (get_option('users_can_register')) {
51
+ $registration_url = sprintf('<a href="%s">%s</a>', esc_url(wp_registration_url()), __('Register'));
52
+ echo apply_filters('register', $registration_url);
53
+ echo esc_html(apply_filters('login_link_separator', ' | '));
54
+ }
55
+ ?>
56
+ <a href="<?php echo esc_url(wp_lostpassword_url()); ?>"><?php echo __('Lost your password?', AAM_KEY); ?></a>
57
+ </p>
58
+ <script>
59
+ (function() {
60
+ var c = document.getElementById("aam-login-submit"),
61
+ b = document.getElementsByClassName("login-input");
62
+ if (b.length)
63
+ for (var d = 0; d < b.length; d++) b[d].addEventListener("keyup", function(a) {
64
+ 13 === a.which && c.click()
65
+ });
66
+ c && c.addEventListener("click", function() {
67
+ c.disabled = !0;
68
+ var a = new XMLHttpRequest;
69
+ a.addEventListener("readystatechange", function() {
70
+ if (4 === this.readyState) {
71
+ c.disabled = !1;
72
+ var a = JSON.parse(this.responseText);
73
+ if (200 === this.status) a.redirect ? location.href = a.redirect : location.reload();
74
+ else {
75
+ var b = document.getElementById("aam-login-error");
76
+ b.innerHTML = a.reason;
77
+ b.style.display = "block"
78
+ }
79
+ }
80
+ });
81
+ a.open("POST", "<?php echo get_rest_url(null, 'aam/v2/authenticate'); ?>");
82
+ a.setRequestHeader("Content-Type", "application/json");
83
+ a.setRequestHeader("Accept", "application/json");
84
+ a.send(JSON.stringify({
85
+ username: "" + document.getElementById("aam-login-username").value,
86
+ password: "" + document.getElementById("aam-login-password").value,
87
+ redirect: "" + document.getElementById("aam-login-redirect").value,
88
+ remember: "" + document.getElementById("aam-login-remember").checked
89
+ }))
90
+ })
91
+ })();
92
+ </script>
93
+
94
+ <?php } else { ?>
95
+ <div style="display: table; width: 100%;">
96
+ <div style="display:table-cell; width: 30%; text-align: center; vertical-align: middle;">
97
+ <?php echo get_avatar(AAM::getUser()->ID, 50); ?>
98
+ </div>
99
+ <div style="display:table-cell;">
100
+ <?php if (AAM_Core_API::isAAMCapabilityAllowed('aam_access_dashboard')) { ?>
101
+ <a href="<?php echo esc_url(get_admin_url()); ?>"><?php echo __('Dashboard', AAM_KEY); ?></a><br />
102
+ <a href="<?php echo esc_url(get_admin_url(null, 'profile.php')); ?>"><?php echo __('Edit My Profile', AAM_KEY); ?></a><br />
103
+ <?php } ?>
104
+ <a href="<?php echo esc_url(wp_logout_url()); ?>"><?php echo __('Log Out', AAM_KEY); ?></a>
105
+ </div>
106
+ </div>
107
+ <?php } ?>
108
+
109
+ <?php echo $this->args['after_widget']; ?>
110
+ <?php }
application/Core/API.php CHANGED
@@ -5,20 +5,21 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * AAM core API
12
- *
13
- * NOTE! THIS IS LEGACY CLASS THAT SLOWLY WILL DIE! DO NOT RELY ON ITS METHODS
14
- *
15
  * @package AAM
16
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
17
  */
18
- final class AAM_Core_API {
 
19
 
20
  /**
21
- * Get option
22
  *
23
  * @param string $option
24
  * @param mixed $default
@@ -27,9 +28,10 @@ final class AAM_Core_API {
27
  * @return mixed
28
  *
29
  * @access public
30
- * @static
31
  */
32
- public static function getOption($option, $default = FALSE, $blog_id = null) {
 
33
  if (is_multisite()) {
34
  if (is_null($blog_id) || get_current_blog_id() === $blog_id) {
35
  $response = self::getCachedOption($option, $default);
@@ -47,45 +49,36 @@ final class AAM_Core_API {
47
 
48
  return $response;
49
  }
50
-
51
- /**
52
- *
53
- * @staticvar type $xmlrpc
54
- * @return \classname
55
- */
56
- public static function getXMLRPCServer() {
57
- static $xmlrpc = null;
58
-
59
- if (is_null($xmlrpc)) {
60
- require_once(ABSPATH . WPINC . '/class-IXR.php');
61
- require_once(ABSPATH . WPINC . '/class-wp-xmlrpc-server.php');
62
- $classname = apply_filters('wp_xmlrpc_server_class', 'wp_xmlrpc_server');
63
- $xmlrpc = new $classname;
64
- }
65
-
66
- return $xmlrpc;
67
- }
68
-
69
  /**
70
- *
71
- * @param type $option
72
- * @param type $default
73
- * @return type
 
 
 
 
 
 
 
74
  */
75
- protected static function getCachedOption($option, $default) {
76
- $cache = wp_cache_get('alloptions', 'options');
77
-
 
 
78
  if (empty($cache)) {
79
  $response = get_option($option, $default);
80
- } else {
81
- $response = isset($cache[$option]) ? maybe_unserialize($cache[$option]) : $default;
82
  }
83
-
84
  return $response;
85
  }
86
 
87
  /**
88
- * Update option
89
  *
90
  * @param string $option
91
  * @param mixed $data
@@ -94,9 +87,11 @@ final class AAM_Core_API {
94
  * @return bool
95
  *
96
  * @access public
97
- * @static
98
  */
99
- public static function updateOption($option, $data, $blog_id = null) {
 
 
100
  if (is_multisite()) {
101
  if (is_null($blog_id)) {
102
  $blog = get_current_blog_id();
@@ -107,24 +102,25 @@ final class AAM_Core_API {
107
  }
108
  $response = update_blog_option($blog, $option, $data);
109
  } else {
110
- $response = update_option($option, $data);
111
  }
112
 
113
  return $response;
114
  }
115
 
116
  /**
117
- * Delete option
118
  *
119
  * @param string $option
120
  * @param int $blog_id
121
- *
122
  * @return bool
123
  *
124
  * @access public
125
- * @static
126
  */
127
- public static function deleteOption($option, $blog_id = null) {
 
128
  if (is_multisite()) {
129
  if (is_null($blog_id)) {
130
  $blog = get_current_blog_id();
@@ -141,83 +137,71 @@ final class AAM_Core_API {
141
  return $response;
142
  }
143
 
144
- /**
145
- * Initiate HTTP request
146
- *
147
- * @param string $url Requested URL
148
- *
149
- * @return WP_Error|array
150
- *
151
- * @access public
152
- */
153
- public static function cURL($url, $params = array(), $timeout = 20) {
154
- $header = array('User-Agent' => AAM_Core_Request::server('HTTP_USER_AGENT'));
155
-
156
- return wp_remote_request($url, array(
157
- 'headers' => $header,
158
- 'method' => 'POST',
159
- 'body' => $params,
160
- 'timeout' => $timeout
161
- ));
162
- }
163
-
164
  /**
165
  * Get role list
166
- *
167
  * @global WP_Roles $wp_roles
168
- *
169
  * @return WP_Roles
 
 
 
170
  */
171
- public static function getRoles() {
 
172
  global $wp_roles;
173
-
174
  if (function_exists('wp_roles')) {
175
  $roles = wp_roles();
176
- } elseif(isset($wp_roles)) {
177
  $roles = $wp_roles;
178
  } else {
179
  $roles = new WP_Roles();
180
  }
181
-
182
  return $roles;
183
  }
184
-
185
  /**
186
- * Return max capability level
187
- *
188
  * @param array $caps
189
  * @param int $default
190
- *
191
  * @return int
192
- *
193
  * @access public
 
194
  */
195
- public static function maxLevel($caps, $default = 0) {
 
196
  $max = $default;
197
-
198
- if (is_array($caps)) { //WP Error Fix bug report
199
- foreach($caps as $cap => $granted) {
200
  if (!empty($granted) && preg_match('/^level_([0-9]+)$/', $cap, $match)) {
201
  $max = ($max < $match[1] ? $match[1] : $max);
202
  }
203
  }
204
  }
205
-
206
  return intval($max);
207
  }
208
-
209
  /**
210
- * Get all capabilities
211
- *
212
  * Prepare and return list of all registered in the system capabilities
213
- *
214
  * @return array
215
- *
216
  * @access public
 
217
  */
218
- public static function getAllCapabilities() {
 
219
  static $caps = array();
220
-
221
  if (empty($caps)) {
222
  foreach (self::getRoles()->role_objects as $role) {
223
  if (is_array($role->capabilities)) {
@@ -225,207 +209,83 @@ final class AAM_Core_API {
225
  }
226
  }
227
  }
228
-
229
  return $caps;
230
  }
231
-
232
  /**
233
  * Check if capability exists
234
- *
235
  * @param string $cap
236
- *
237
  * @return boolean
238
- *
239
- * @access public
240
- * @static
241
- */
242
- public static function capabilityExists($cap) {
243
- $caps = self::getAllCapabilities();
244
- $exists = array_key_exists($cap, $caps) ? true : false;
245
-
246
- return (is_string($cap) && $exists);
247
- }
248
-
249
- /**
250
- * Clear all AAM settings
251
- *
252
- * @global wpdb $wpdb
253
- *
254
  * @access public
 
255
  */
256
- public static function clearSettings() {
257
- global $wpdb;
258
-
259
- //clear wp_options
260
- $oquery = "DELETE FROM {$wpdb->options} WHERE (`option_name` LIKE %s) AND ";
261
- $oquery .= "(`option_name` NOT IN ('aam-extensions', 'aam-uid'))";
262
- $wpdb->query($wpdb->prepare($oquery, 'aam%'));
263
-
264
- //clear wp_postmeta
265
- $pquery = "DELETE FROM {$wpdb->postmeta} WHERE `meta_key` LIKE %s";
266
- $wpdb->query($wpdb->prepare($pquery, 'aam-post-access-%'));
267
-
268
- //clear wp_usermeta
269
- $uquery = "DELETE FROM {$wpdb->usermeta} WHERE `meta_key` LIKE %s";
270
- $wpdb->query($wpdb->prepare($uquery, 'aam%'));
271
-
272
- $mquery = "DELETE FROM {$wpdb->usermeta} WHERE `meta_key` LIKE %s";
273
- $wpdb->query($wpdb->prepare($mquery, $wpdb->prefix . 'aam%'));
274
-
275
- self::clearCache();
276
- }
277
-
278
- /**
279
- *
280
- * @param AAM_Core_Subject $subject
281
- */
282
- public static function clearCache($subject = null) {
283
- global $wpdb;
284
-
285
- if (empty($subject)) { // clear all cache
286
- // visitors, default and role cache
287
- $query = "DELETE FROM {$wpdb->options} WHERE `option_name` LIKE %s";
288
- $wpdb->query($wpdb->prepare($query, '%aam_cache%' ));
289
-
290
- // TODO: aam_visitor_cache does not follow the option naming pattern
291
- $query = "DELETE FROM {$wpdb->options} WHERE `option_name` = %s";
292
- $wpdb->query($wpdb->prepare($query, 'aam_visitor_cache' ));
293
-
294
- // user cache
295
- $query = "DELETE FROM {$wpdb->usermeta} WHERE `meta_key` LIKE %s";
296
- $wpdb->query($wpdb->prepare($query, '%aam_cache%' ));
297
- } else {
298
- //clear visitor cache
299
- $subject->getObject('cache')->reset();
300
  }
 
 
301
  }
302
-
303
  /**
304
- * Reject the request
305
  *
306
- * Redirect or die the execution based on ConfigPress settings
307
- *
308
- * @param string $area
309
- * @param array $args
310
  *
311
- * @return void
312
  *
313
  * @access public
 
314
  */
315
- public static function reject($area = 'frontend', $args = array()) {
316
- if (AAM_Core_Request::server('REQUEST_METHOD') !== 'POST') {
317
- $object = AAM::getUser()->getObject('redirect');
318
- $type = $object->get("{$area}.redirect.type");
319
-
320
- if ($type === 'login') {
321
- $redirect = add_query_arg(
322
- array('reason' => 'restricted'),
323
- wp_login_url(AAM_Core_Request::server('REQUEST_URI'))
324
- );
325
- } elseif (!empty($type) && ($type !== 'default')) {
326
- $redirect = $object->get("{$area}.redirect.{$type}");
327
- } else { //ConfigPress setup
328
- $redirect = AAM_Core_Config::get(
329
- "{$area}.access.deny.redirectRule", __('Access Denied', AAM_KEY)
330
- );
331
- }
332
-
333
- $doRedirect = true;
334
-
335
- if ($type === 'page') {
336
- $page = self::getCurrentPost();
337
- $doRedirect = (empty($page) || ($page->ID !== intval($redirect)));
338
- } elseif ($type === 'url') {
339
- $doRedirect = strpos($redirect, AAM_Core_Request::server('REQUEST_URI')) === false;
340
- }
341
-
342
- if ($doRedirect) {
343
- do_action('aam-access-rejected-action', $area, $args);
344
- self::redirect($redirect, $args);
345
- }
346
- } else {
347
- wp_die(-1);
348
- }
349
  }
350
-
351
- /**
352
- * Redirect request
353
- *
354
- * Redirect user based on defined $rule
355
- *
356
- * @param mixed $rule
357
- * @param mixed $args
358
- *
359
- * @access public
360
- */
361
- public static function redirect($rule, $args = null) {
362
- $path = wp_parse_url($rule);
363
-
364
- if ($path && !empty($path['host'])) {
365
- wp_redirect($rule, 307); exit;
366
- } elseif (preg_match('/^[\d]+$/', $rule)) {
367
- wp_safe_redirect(get_page_link($rule), 307); exit;
368
- } elseif (is_callable($rule)) {
369
- call_user_func($rule, $args);
370
- } elseif (!empty($args['callback']) && is_callable($args['callback'])) {
371
- call_user_func($args['callback'], $rule, '', array());
372
- } else {
373
- wp_die($rule);
374
- }
375
- exit;
376
- }
377
-
378
  /**
379
- * Remove directory recursively
380
- *
381
- * @param string $pathname
382
- *
383
  * @return void
384
- *
385
- * @access public
386
- */
387
- public static function removeDirectory($pathname) {
388
- $files = glob($pathname . '/*');
389
-
390
- foreach ($files as $file) {
391
- is_dir($file) ? self::removeDirectory($file) : @unlink($file);
392
- }
393
-
394
- @rmdir($pathname);
395
- }
396
-
397
- /**
398
- * Get plugin version
399
- *
400
- * @return string
401
- *
402
  * @access public
 
403
  */
404
- public static function version() {
405
- if (file_exists(ABSPATH . 'wp-admin/includes/plugin.php')) {
406
- require_once ABSPATH . 'wp-admin/includes/plugin.php';
407
- }
408
-
409
- if (function_exists('get_plugin_data')) {
410
- $data = get_plugin_data(
411
- realpath(dirname(__FILE__) . '/../../aam.php')
412
- );
413
- $version = (isset($data['Version']) ? $data['Version'] : null);
414
- }
415
-
416
- return (!empty($version) ? $version : null);
417
  }
418
-
419
  /**
420
  * Get current post
421
- *
422
- * @global type $wp_query
423
- *
424
  * @return AAM_Core_Object_Post|null
 
 
 
 
 
425
  */
426
- public static function getCurrentPost($raw = false) {
 
427
  global $wp_query, $post;
428
-
429
  $res = $post;
430
 
431
  if (get_the_ID()) {
@@ -441,7 +301,7 @@ final class AAM_Core_API {
441
  } elseif (!empty($wp_query->query['name'])) {
442
  //Important! Cover the scenario of NOT LIST but ALLOW READ
443
  if (!empty($wp_query->posts)) {
444
- foreach($wp_query->posts as $p) {
445
  if ($p->post_name === $wp_query->query['name']) {
446
  $res = $p;
447
  break;
@@ -449,35 +309,52 @@ final class AAM_Core_API {
449
  }
450
  } elseif (!empty($wp_query->query['post_type'])) {
451
  $res = get_page_by_path(
452
- $wp_query->query['name'], OBJECT, $wp_query->query['post_type']
 
 
453
  );
454
  }
455
  }
456
-
457
- $user = AAM::getUser();
458
-
459
- $response = null;
460
 
461
  if (is_a($res, 'WP_Post')) {
462
- if ($raw) {
463
- $response = $res;
464
- } else {
465
- $response = $user->getObject('post', $res->ID);
466
- }
467
  }
468
-
469
- return $response;
470
  }
471
 
472
  /**
473
- * Undocumented function
474
  *
475
  * @return PasswordHash
 
 
 
476
  */
477
- public static function prepareHasher() {
 
478
  require_once ABSPATH . WPINC . '/class-phpass.php';
479
-
480
- return new PasswordHash( 8, true );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
481
  }
482
 
483
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * AAM core API
14
+ *
 
 
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ final class AAM_Core_API
19
+ {
20
 
21
  /**
22
+ * Get option from the database
23
  *
24
  * @param string $option
25
  * @param mixed $default
28
  * @return mixed
29
  *
30
  * @access public
31
+ * @version 6.0.0
32
  */
33
+ public static function getOption($option, $default = null, $blog_id = null)
34
+ {
35
  if (is_multisite()) {
36
  if (is_null($blog_id) || get_current_blog_id() === $blog_id) {
37
  $response = self::getCachedOption($option, $default);
49
 
50
  return $response;
51
  }
52
+
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
53
  /**
54
+ * Get cached option
55
+ *
56
+ * This reduces the number of DB queries
57
+ *
58
+ * @param string $option
59
+ * @param mixed $default
60
+ *
61
+ * @return mixed
62
+ *
63
+ * @access protected
64
+ * @version 6.0.0
65
  */
66
+ protected static function getCachedOption($option, $default)
67
+ {
68
+ $response = $default;
69
+ $cache = wp_cache_get('alloptions', 'options');
70
+
71
  if (empty($cache)) {
72
  $response = get_option($option, $default);
73
+ } elseif(isset($cache[$option])) {
74
+ $response = maybe_unserialize($cache[$option]);
75
  }
76
+
77
  return $response;
78
  }
79
 
80
  /**
81
+ * Update option in the DB
82
  *
83
  * @param string $option
84
  * @param mixed $data
87
  * @return bool
88
  *
89
  * @access public
90
+ * @version 6.0.0
91
  */
92
+ public static function updateOption(
93
+ $option, $data, $blog_id = null, $autoload = null
94
+ ) {
95
  if (is_multisite()) {
96
  if (is_null($blog_id)) {
97
  $blog = get_current_blog_id();
102
  }
103
  $response = update_blog_option($blog, $option, $data);
104
  } else {
105
+ $response = update_option($option, $data, $autoload);
106
  }
107
 
108
  return $response;
109
  }
110
 
111
  /**
112
+ * Delete option from the DB
113
  *
114
  * @param string $option
115
  * @param int $blog_id
116
+ *
117
  * @return bool
118
  *
119
  * @access public
120
+ * @version 6.0.0
121
  */
122
+ public static function deleteOption($option, $blog_id = null)
123
+ {
124
  if (is_multisite()) {
125
  if (is_null($blog_id)) {
126
  $blog = get_current_blog_id();
137
  return $response;
138
  }
139
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
140
  /**
141
  * Get role list
142
+ *
143
  * @global WP_Roles $wp_roles
144
+ *
145
  * @return WP_Roles
146
+ *
147
+ * @access public
148
+ * @version 6.0.0
149
  */
150
+ public static function getRoles()
151
+ {
152
  global $wp_roles;
153
+
154
  if (function_exists('wp_roles')) {
155
  $roles = wp_roles();
156
+ } elseif (isset($wp_roles)) {
157
  $roles = $wp_roles;
158
  } else {
159
  $roles = new WP_Roles();
160
  }
161
+
162
  return $roles;
163
  }
164
+
165
  /**
166
+ * Return max user level
167
+ *
168
  * @param array $caps
169
  * @param int $default
170
+ *
171
  * @return int
172
+ *
173
  * @access public
174
+ * @version 6.0.0
175
  */
176
+ public static function maxLevel($caps, $default = 0)
177
+ {
178
  $max = $default;
179
+
180
+ if (is_array($caps)) { // WP Error Fix bug report
181
+ foreach ($caps as $cap => $granted) {
182
  if (!empty($granted) && preg_match('/^level_([0-9]+)$/', $cap, $match)) {
183
  $max = ($max < $match[1] ? $match[1] : $max);
184
  }
185
  }
186
  }
187
+
188
  return intval($max);
189
  }
190
+
191
  /**
192
+ * Get list of all capabilities
193
+ *
194
  * Prepare and return list of all registered in the system capabilities
195
+ *
196
  * @return array
197
+ *
198
  * @access public
199
+ * @version 6.0.0
200
  */
201
+ public static function getAllCapabilities()
202
+ {
203
  static $caps = array();
204
+
205
  if (empty($caps)) {
206
  foreach (self::getRoles()->role_objects as $role) {
207
  if (is_array($role->capabilities)) {
209
  }
210
  }
211
  }
212
+
213
  return $caps;
214
  }
215
+
216
  /**
217
  * Check if capability exists
218
+ *
219
  * @param string $cap
220
+ *
221
  * @return boolean
222
+ *
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
223
  * @access public
224
+ * @version 6.0.0
225
  */
226
+ public static function capExists($cap)
227
+ {
228
+ // Get list of all capabilities registered on the role levels
229
+ $caps = self::getAllCapabilities();
230
+
231
+ // Get list of all capabilities that are assigned on the user level if user
232
+ // is authenticated
233
+ if (is_user_logged_in()) {
234
+ $user = wp_get_current_user();
235
+ $caps = array_merge($user->caps, $user->allcaps, $caps);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
236
  }
237
+
238
+ return (is_string($cap) && array_key_exists($cap, $caps));
239
  }
240
+
241
  /**
242
+ * Check if AAM capability is allowed
243
  *
244
+ * @param string $cap
 
 
 
245
  *
246
+ * @return boolean
247
  *
248
  * @access public
249
+ * @version 6.0.0
250
  */
251
+ public static function isAAMCapabilityAllowed($cap)
252
+ {
253
+ return !self::capExists($cap) || current_user_can($cap);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
254
  }
255
+
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
256
  /**
257
+ * Clear all AAM settings
258
+ *
 
 
259
  * @return void
260
+ *
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
261
  * @access public
262
+ * @version 6.0.0
263
  */
264
+ public static function clearSettings()
265
+ {
266
+ self::deleteOption(AAM_Core_AccessSettings::DB_OPTION);
267
+ self::deleteOption(AAM_Core_Config::DB_OPTION);
268
+ self::deleteOption(AAM_Core_ConfigPress::DB_OPTION);
269
+ self::deleteOption(AAM_Core_Migration::DB_FAILURE_OPTION);
270
+
271
+ // Trigger the action to inform other services to clean-up the options
272
+ do_action('aam_clear_settings_action');
 
 
 
 
273
  }
274
+
275
  /**
276
  * Get current post
277
+ *
 
 
278
  * @return AAM_Core_Object_Post|null
279
+ *
280
+ * @access public
281
+ * @global WP_Query $wp_query
282
+ * @global WP_Post $post
283
+ * @version 6.0.0
284
  */
285
+ public static function getCurrentPost()
286
+ {
287
  global $wp_query, $post;
288
+
289
  $res = $post;
290
 
291
  if (get_the_ID()) {
301
  } elseif (!empty($wp_query->query['name'])) {
302
  //Important! Cover the scenario of NOT LIST but ALLOW READ
303
  if (!empty($wp_query->posts)) {
304
+ foreach ($wp_query->posts as $p) {
305
  if ($p->post_name === $wp_query->query['name']) {
306
  $res = $p;
307
  break;
309
  }
310
  } elseif (!empty($wp_query->query['post_type'])) {
311
  $res = get_page_by_path(
312
+ $wp_query->query['name'],
313
+ OBJECT,
314
+ $wp_query->query['post_type']
315
  );
316
  }
317
  }
 
 
 
 
318
 
319
  if (is_a($res, 'WP_Post')) {
320
+ $result = AAM::getUser()->getObject(
321
+ AAM_Core_Object_Post::OBJECT_TYPE, $res->ID
322
+ );
323
+ } else {
324
+ $result = null;
325
  }
326
+
327
+ return $result;
328
  }
329
 
330
  /**
331
+ * Get WP core password hasher
332
  *
333
  * @return PasswordHash
334
+ *
335
+ * @access public
336
+ * @version 6.0.0
337
  */
338
+ public static function prepareHasher()
339
+ {
340
  require_once ABSPATH . WPINC . '/class-phpass.php';
341
+
342
+ return new PasswordHash(8, true);
343
+ }
344
+
345
+ /**
346
+ * Get AAM API endpoint
347
+ *
348
+ * @return string
349
+ *
350
+ * @access public
351
+ * @version 6.0.0
352
+ */
353
+ public static function getAPIEndpoint()
354
+ {
355
+ $endpoint = getenv('AAM_ENDPOINT');
356
+
357
+ return ($endpoint ? $endpoint : 'https://api.aamplugin.com/v2');
358
  }
359
 
360
  }
application/Core/AccessSettings.php ADDED
@@ -0,0 +1,163 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
+ */
11
+
12
+ /**
13
+ * AAM Access Settings repository
14
+ *
15
+ * @package AAM
16
+ * @version 6.0.0
17
+ */
18
+ class AAM_Core_AccessSettings
19
+ {
20
+
21
+ use AAM_Core_Contract_SingletonTrait;
22
+
23
+ /**
24
+ * AAM access settings option
25
+ *
26
+ * @version 6.0.0
27
+ */
28
+ const DB_OPTION = 'aam_access_settings';
29
+
30
+ /**
31
+ * Full repository of the settings
32
+ *
33
+ * @var array
34
+ *
35
+ * @access private
36
+ * @version 6.0.0
37
+ */
38
+ private $_settings = array();
39
+
40
+ /**
41
+ * Constructor
42
+ *
43
+ * @return void
44
+ *
45
+ * @access protected
46
+ * @version 6.0.0
47
+ */
48
+ protected function __construct()
49
+ {
50
+ $this->_settings = AAM_Core_API::getOption(self::DB_OPTION, array());
51
+ }
52
+
53
+ /**
54
+ * Get access settings
55
+ *
56
+ * @param string $option
57
+ * @param array $default
58
+ *
59
+ * @return mixed
60
+ *
61
+ * @access public
62
+ * @version 6.0.0
63
+ */
64
+ public function get($option, $default = array())
65
+ {
66
+ $value = $this->_settings;
67
+
68
+ foreach (explode('.', $option) as $ns) {
69
+ if (isset($value[$ns])) {
70
+ $value = $value[$ns];
71
+ } else {
72
+ $value = null;
73
+ break;
74
+ }
75
+ }
76
+
77
+ return (is_null($value) ? $default : $value);
78
+ }
79
+
80
+ /**
81
+ * Set access settings
82
+ *
83
+ * @param string $option
84
+ * @param mixed $value
85
+ *
86
+ * @return AAM_Core_AccessSettings
87
+ *
88
+ * @access public
89
+ * @version 6.0.0
90
+ */
91
+ public function set($option, $value)
92
+ {
93
+ $settings = &$this->_settings;
94
+
95
+ foreach (explode('.', $option) as $ns) {
96
+ if (!isset($settings[$ns])) {
97
+ $settings[$ns] = array();
98
+ }
99
+ $settings = &$settings[$ns];
100
+ }
101
+
102
+ $settings = $value;
103
+
104
+ return $this;
105
+ }
106
+
107
+ /**
108
+ * Unset specified access settings
109
+ *
110
+ * @param string $option
111
+ *
112
+ * @return AAM_Core_AccessSettings
113
+ *
114
+ * @access public
115
+ * @version 6.0.0
116
+ */
117
+ public function delete($option)
118
+ {
119
+ $settings = &$this->_settings;
120
+ $path = explode('.', $option);
121
+
122
+ for($i = 0; $i < count($path); $i++) {
123
+ if (!isset($settings[$path[$i]])) {
124
+ break;
125
+ } elseif ($i + 1 === count($path)) {
126
+ unset($settings[$path[$i]]);
127
+ } else {
128
+ $settings = &$settings[$path[$i]];
129
+ }
130
+ }
131
+
132
+ return $this;
133
+ }
134
+
135
+ /**
136
+ * Save access settings
137
+ *
138
+ * @return boolean
139
+ *
140
+ * @access public
141
+ * @version 6.0.0
142
+ */
143
+ public function save()
144
+ {
145
+ return AAM_Core_API::updateOption(self::DB_OPTION, $this->_settings);
146
+ }
147
+
148
+ /**
149
+ * Reset all the settings
150
+ *
151
+ * @return boolean
152
+ *
153
+ * @access public
154
+ * @version 6.0.0
155
+ */
156
+ public function reset()
157
+ {
158
+ $this->_settings = array();
159
+
160
+ return $this->save();
161
+ }
162
+
163
+ }
application/Core/Api/Area.php DELETED
@@ -1,79 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM core API Area class
12
- *
13
- * This class defines what area AAM is operating on. Can be backend, frontend, rest
14
- * etc.
15
- *
16
- * @package AAM
17
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
18
- */
19
- final class AAM_Core_Api_Area {
20
-
21
- /**
22
- *
23
- */
24
- const BACKEND = "backend";
25
-
26
- /**
27
- *
28
- */
29
- const FRONTEND = "frontend";
30
-
31
- /**
32
- *
33
- */
34
- const API = "api";
35
-
36
- /**
37
- * Get operating area
38
- *
39
- * @return string
40
- *
41
- * @access public
42
- * @static
43
- */
44
- public static function get() {
45
- if (defined('REST_REQUEST') && REST_REQUEST) {
46
- $area = self::API;
47
- } elseif (is_admin()) {
48
- $area = self::BACKEND;
49
- } else {
50
- $area = self::FRONTEND;
51
- }
52
-
53
- return $area;
54
- }
55
-
56
- /**
57
- *
58
- * @return type
59
- */
60
- public static function isBackend() {
61
- return self::get() === self::BACKEND;
62
- }
63
-
64
- /**
65
- *
66
- * @return type
67
- */
68
- public static function isFrontend() {
69
- return self::get() === self::FRONTEND;
70
- }
71
-
72
- /**
73
- *
74
- * @return type
75
- */
76
- public static function isAPI() {
77
- return self::get() === self::API;
78
- }
79
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Core/Cache.php DELETED
@@ -1,65 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM Core Cache
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- * @todo - Remove with v6.0
16
- */
17
- class AAM_Core_Cache {
18
-
19
- /**
20
- * Get cached option
21
- *
22
- * @param string $option
23
- *
24
- * @return mixed
25
- *
26
- * @access public
27
- */
28
- public static function get() {
29
- return null;
30
- }
31
-
32
- /**
33
- * Set cache option
34
- *
35
- * @param string $option
36
- * @param mixed $data
37
- * @param mixed $legacy Deprecated as the first arg was subject
38
- *
39
- * @return void
40
- *
41
- * @access public
42
- */
43
- public static function set() {
44
- }
45
-
46
- /**
47
- * Check if key exists
48
- *
49
- * @param string $option
50
- *
51
- * @return boolean
52
- *
53
- * @access public
54
- */
55
- public static function has() {
56
- return null;
57
- }
58
-
59
- /**
60
- *
61
- */
62
- public static function clear() {
63
- AAM_Core_API::clearCache();
64
- }
65
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Core/Compatibility.php DELETED
@@ -1,398 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * Core compatibility with older versions
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- */
16
- class AAM_Core_Compatibility {
17
-
18
- /**
19
- * Undocumented variable
20
- *
21
- * @var [type]
22
- */
23
- protected static $instance = null;
24
-
25
- /**
26
- * Compatibility between post actions and policy actions
27
- *
28
- * @param string $action
29
- * @param bool|int $effect
30
- * @param string $prefix
31
- * @param array $meta
32
- * @param array $args
33
- *
34
- * @return array
35
- */
36
- public static function convertPolicyAction($action, $effect, $prefix = '', $meta = array(), $args = array()) {
37
- $result = array();
38
-
39
- if (!empty($meta['Password']['Value'])) {
40
- $result = array(
41
- "{$prefix}frontend.password" => $meta['Password']['Value'],
42
- "{$prefix}api.password" => $meta['Password']['Value'],
43
- "{$prefix}frontend.protected" => true,
44
- "{$prefix}api.protected" => true
45
- );
46
- }
47
-
48
- if (!empty($meta['Teaser']['Value'])) {
49
- if (preg_match_all('/(\$\{[^}]+\})/', $meta['Teaser']['Value'], $match)) {
50
- $res = AAM_Core_Policy_Token::evaluate($meta['Teaser']['Value'], $match[1], $args);
51
- } else {
52
- $res = $meta['Teaser']['Value'];
53
- }
54
-
55
- $result = array_merge($result, array(
56
- "{$prefix}frontend.teaser" => $res,
57
- "{$prefix}api.teaser" => $res,
58
- "{$prefix}frontend.limit" => true,
59
- "{$prefix}api.limit" => true
60
- ));
61
- }
62
-
63
- if (!empty($meta['Redirect'])) {
64
- // Build the redirect location
65
- $type = (isset($meta['Redirect']['Type']) ? $meta['Redirect']['Type'] : 'message');
66
- switch($type) {
67
- case 'page':
68
- if (isset($meta['Redirect']['Id'])) {
69
- $destination = intval($meta['Redirect']['Id']);
70
- } elseif (isset($meta['Redirect']['Slug'])) {
71
- $page = get_page_by_path(
72
- $meta['Redirect']['Slug'], OBJECT
73
- );
74
- $destination = (is_a($page, 'WP_Post') ? $page->ID : 0);
75
- }
76
- if (isset($meta['Redirect']['Code'])) {
77
- $destination .= "|{$meta['Redirect']['Code']}";
78
- } else {
79
- $destination .= "|307";
80
- }
81
- break;
82
-
83
- case 'url':
84
- $destination = filter_var(
85
- $meta['Redirect']['URL'],
86
- FILTER_VALIDATE_URL
87
- );
88
- if (empty($destination)) {
89
- $type = 'message';
90
- $destination = "Invalid URL: [{$meta['Redirect']['URL']}]";
91
- }
92
- if (isset($meta['Redirect']['Code'])) {
93
- $destination .= "|{$meta['Redirect']['Code']}";
94
- } else {
95
- $destination .= "|307";
96
- }
97
- break;
98
-
99
- case 'callback':
100
- $destination = $meta['Redirect']['Callback'];
101
- break;
102
-
103
- case 'login':
104
- $destination = null;
105
- break;
106
-
107
- default:
108
- $destination = $meta['Redirect']['Message'];
109
- break;
110
- }
111
-
112
- $result = array_merge($result, array(
113
- "{$prefix}frontend.redirect" => true,
114
- "{$prefix}frontend.location" => $type . (!empty($destination) ? "|{$destination}" : '')
115
- ));
116
- }
117
-
118
- if (empty($meta)){
119
- $action = apply_filters('aam-policy-post-resource-action-filter', $action);
120
-
121
- $result = array_merge($result, array(
122
- "{$prefix}frontend.{$action}" => $effect,
123
- "{$prefix}backend.{$action}" => $effect,
124
- "{$prefix}api.{$action}" => $effect
125
- ));
126
- }
127
-
128
- return $result;
129
- }
130
-
131
- /**
132
- * Convert config to the Policy Config
133
- *
134
- * @param string $option
135
- * @param mixed $value
136
- *
137
- * @return mixed
138
- *
139
- * @access public
140
- * @static
141
- * @since v5.9
142
- */
143
- public static function convertConfig($option, $value) {
144
- if (strpos($option, '.defaultTerm.') !== false && empty($value)) {
145
- $param = AAM_Core_Policy_Factory::get()->getParam(
146
- 'post:default:category'
147
- );
148
- if (!empty($param)) {
149
- if (!is_numeric($param)) {
150
- $term = get_term_by('slug', $param, 'category');
151
- $param = (is_wp_error($term) || empty($term) ? null : $term->term_id);
152
- }
153
- }
154
- $value = (is_null($param) ? $value : $param);
155
- }
156
-
157
- return $value;
158
- }
159
-
160
- /**
161
- *
162
- */
163
- public static function checkConfigPressCompatibility($key) {
164
- if (strpos($key, 'htpasswd') === 0) {
165
- $key = str_replace('htpasswd', 'feature.metabox.htpasswd', $key);
166
- } elseif (strpos($key, 'export') === 0) {
167
- $key = str_replace('export', 'feature.export', $key);
168
- } elseif (strpos($key, 'default.category') === 0) {
169
- $key = str_replace('default.category', 'feature.post.defaultTerm', $key);
170
- } elseif (strpos($key, 'extention') === 0) {
171
- $key = str_replace('extention', 'core.extention', $key);
172
- } elseif (strpos($key, 'login') === 0) {
173
- $key = str_replace('login', 'feature.secureLogin', $key);
174
- }
175
-
176
- return $key;
177
- }
178
-
179
- /**
180
- * Converting metabox options from 2 dimensional to 1
181
- *
182
- * @param array $metaboxes
183
- *
184
- * @return array
185
- * @todo Remove in 2021
186
- */
187
- public static function convertMetaboxes($metaboxes) {
188
- $response = array();
189
-
190
- if (is_array($metaboxes)) {
191
- foreach($metaboxes as $key => $value) {
192
- if (is_array($value)) {
193
- foreach($value as $id => $grand) {
194
- $response["{$key}|{$id}"] = $grand;
195
- }
196
- } else {
197
- $response[$key] = $value;
198
- }
199
- }
200
- }
201
-
202
- return $response;
203
- }
204
-
205
- /**
206
- *
207
- * @param type $list
208
- * @return type
209
- * @todo Remove in 2021
210
- */
211
- public static function convertRoute($list) {
212
- $response = array();
213
-
214
- if (is_array($list)) {
215
- foreach($list as $type => $routes) {
216
- if (is_array($routes)) {
217
- foreach($routes as $route => $methods) {
218
- foreach($methods as $method => $grand) {
219
- $response[strtolower("{$type}|{$route}|{$method}")] = $grand;
220
- }
221
- }
222
- } else {
223
- $response[$type] = $routes;
224
- }
225
- }
226
- }
227
-
228
- return $response;
229
- }
230
-
231
- /**
232
- * Convert all-style AAM settings to standard ConfigPress style settings
233
- *
234
- * @param array $config
235
- *
236
- * @return array
237
- * @since AAM 5.3.1
238
- * @todo Remove June 1st 2019
239
- */
240
- public static function normalizeConfigOptions($config) {
241
- if (is_array($config)) {
242
- $changes = 0;
243
- $changes += self::normalizeOption('manage-capability', 'core.settings.editCapabilities', $config);
244
- $changes += self::normalizeOption('backend-access-control', 'core.settings.backendAccessControl', $config);
245
- $changes += self::normalizeOption('frontend-access-control', 'core.settings.frontendAccessControl', $config);
246
- $changes += self::normalizeOption('api-access-control', 'core.settings.apiAccessControl', $config);
247
- $changes += self::normalizeOption('render-access-metabox', 'ui.settings.renderAccessMetabox', $config);
248
- $changes += self::normalizeOption('show-access-link', 'ui.settings.renderAccessActionLink', $config);
249
- $changes += self::normalizeOption('secure-login', 'core.settings.secureLogin', $config);
250
- $changes += self::normalizeOption('core.xmlrpc', 'core.settings.xmlrpc', $config);
251
- $changes += self::normalizeOption('core.restful', 'core.settings.restful', $config);
252
- $changes += self::normalizeOption('jwt-authentication', 'core.settings.jwtAuthentication', $config);
253
- $changes += self::normalizeOption('ms-member-access', 'core.settings.multisiteMemberAccessControl', $config);
254
- $changes += self::normalizeOption('media-access-control', 'core.settings.mediaAccessControl', $config);
255
- $changes += self::normalizeOption('manage-hidden-post-types', 'core.settings.manageHiddenPostTypes', $config);
256
- $changes += self::normalizeOption('page-category', 'core.settings.pageCategory', $config);
257
- $changes += self::normalizeOption('media-category', 'core.settings.mediaCategory', $config);
258
- $changes += self::normalizeOption('multi-category', 'core.settings.multiCategory', $config);
259
- $changes += self::normalizeOption('login-timeout', 'core.settings.loginTimeout', $config);
260
- $changes += self::normalizeOption('single-session', 'core.settings.singleSession', $config);
261
- $changes += self::normalizeOption('brute-force-lockout', 'core.settings.bruteForceLockout', $config);
262
- $changes += self::normalizeOption('inherit-parent-post', 'core.settings.inheritParentPost', $config);
263
-
264
- if ($changes > 0) {
265
- if (is_multisite()) {
266
- AAM_Core_API::updateOption('aam-utilities', $config, 'site');
267
- } else {
268
- AAM_Core_API::updateOption('aam-utilities', $config);
269
- }
270
- }
271
- }
272
-
273
- return $config;
274
- }
275
-
276
- /**
277
- *
278
- * @param type $option
279
- * @param type $normalizedName
280
- * @param array &$config
281
- * @return int
282
- */
283
- protected static function normalizeOption($option, $normalizedName, &$config) {
284
- $changed = 0;
285
-
286
- if (array_key_exists($option, $config)) {
287
- $value = $config[$option];
288
- unset($config[$option]);
289
- $config[$normalizedName] = $value;
290
- $changed = 1;
291
- }
292
-
293
- return $changed;
294
- }
295
-
296
- /**
297
- * Get config
298
- * @return type
299
- */
300
- public static function getConfig() {
301
- $config = AAM_Core_API::getOption('aam-utilities', array(), 'site');
302
-
303
- foreach(array_keys((is_array($config) ? $config : array())) as $option) {
304
- if (strpos($option, 'frontend.redirect') !== false) {
305
- self::convertConfigOption('redirect', $config, $option);
306
- } elseif (strpos($option, 'backend.redirect') !== false) {
307
- self::convertConfigOption('redirect', $config, $option);
308
- } elseif (strpos($option, 'login.redirect') !== false) {
309
- self::convertConfigOption('loginRedirect', $config, $option);
310
- } elseif (strpos($option, 'frontend.teaser') !== false) {
311
- self::convertConfigOption('teaser', $config, $option);
312
- }
313
- }
314
-
315
- return self::normalizeConfigOptions($config);
316
- }
317
-
318
- /**
319
- *
320
- */
321
- public static function initExtensions() {
322
- //block deprecated extensions from loading
323
- define('AAM_UTILITIES', '99');
324
- define('AAM_ROLE_FILTER', '99');
325
- define('AAM_POST_FILTER', '99');
326
- define('AAM_REDIRECT', '99');
327
- define('AAM_CONTENT_TEASER', '99');
328
- define('AAM_LOGIN_REDIRECT', '99');
329
- define('AAM_CONFIGPRESS', '99');
330
- //TODO - Remove this in Jul 2019
331
-
332
- //utilities option
333
- add_filter('aam-utility-property', 'AAM_Core_Config::get', 10, 2);
334
- }
335
-
336
- /**
337
- *
338
- * @return type
339
- */
340
- public static function getLicenseList() {
341
- $list = AAM_Core_API::getOption('aam-extensions', array(), 'site');
342
-
343
- if (empty($list)) {
344
- $list = AAM_Core_API::getOption('aam-extension-license', array(), 'site');
345
- if (!empty($list)) {
346
- $converted = array();
347
-
348
- foreach($list as $title => $license) {
349
- $id = strtoupper(str_replace(' ', '_', $title));
350
- $converted[$id] = array('license' => $license);
351
- }
352
-
353
- AAM_Core_API::updateOption('aam-extensions', $converted);
354
- AAM_Core_API::deleteOption('aam-extension-license');
355
- }
356
- }
357
-
358
- return $list;
359
- }
360
-
361
- /**
362
- *
363
- * @staticvar type $subject
364
- * @param type $oid
365
- * @param type &$config
366
- * @param type $option
367
- *
368
- * @todo Legacy remove Jul 2018
369
- */
370
- protected static function convertConfigOption($oid, &$config, $option) {
371
- static $subject = null;
372
-
373
- if (is_null($subject)) {
374
- $subject = new AAM_Core_Subject_Default;
375
- }
376
-
377
- $object = $subject->getObject($oid);
378
-
379
- if (is_a($object, 'AAM_Core_Subject')) {
380
- $object->save($option, $config[$option]);
381
- unset($config[$option]);
382
- AAM_Core_API::updateOption('aam-utilities', $config);
383
- }
384
- }
385
-
386
- /**
387
- * Undocumented function
388
- *
389
- * @return void
390
- */
391
- public static function getInstance() {
392
- if (is_null(self::$instance)) {
393
- self::$instance = new self;
394
- }
395
-
396
- return self::$instance;
397
- }
398
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Core/Config.php CHANGED
@@ -5,149 +5,141 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * AAM Core Config
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Core_Config {
17
-
 
18
  /**
19
- * Core settings database option
20
- *
21
- * aam-utilities slug is used because AAM Utilities with v3.4 became a core
22
- * feature instead of independent extension.
23
  */
24
- const OPTION = 'aam-utilities';
25
-
26
  /**
27
  * Core config
28
- *
29
  * @var array
30
- *
31
- * @access protected
 
32
  */
33
  protected static $config = array();
34
-
35
  /**
36
- * Load core AAM settings
37
- *
38
  * @return void
39
- *
40
  * @access public
 
41
  */
42
- public static function bootstrap() {
43
- // TODO: Remove in July 2019
44
- add_filter(
45
- 'aam-configpress-compatibility-filter',
46
- 'AAM_Core_Compatibility::checkConfigPressCompatibility'
47
- );
48
-
49
- if (is_multisite()) {
50
- self::$config = AAM_Core_Compatibility::normalizeConfigOptions(
51
- AAM_Core_API::getOption(self::OPTION, array(), 'site')
52
- );
53
- } else {
54
- self::$config = AAM_Core_Compatibility::getConfig();
55
- }
56
  }
57
-
58
  /**
59
  * Get config option
60
- *
61
  * @param string $option
62
  * @param mixed $default
63
- *
64
  * @return mixed
65
- *
66
  * @access public
67
- * @static
68
  */
69
- public static function get($option, $default = null) {
 
70
  if (array_key_exists($option, self::$config)) {
71
  $response = self::$config[$option];
72
  } else {
73
  $response = self::readConfigPress($option, $default);
74
  }
75
-
76
  return ($response ? self::normalize($response) : $response);
77
  }
78
-
79
  /**
80
  * Normalize config option
81
- *
82
  * @param string $setting
83
- *
84
  * @return string
85
- *
86
  * @access protected
87
- * @static
88
  */
89
- protected static function normalize($setting) {
 
90
  return str_replace(array('{ABSPATH}'), array(ABSPATH), $setting);
91
  }
92
-
93
  /**
94
- * Set config
95
- *
96
  * @param string $option
97
  * @param mixed $value
98
- *
99
  * @return boolean
100
- *
101
  * @access public
 
102
  */
103
- public static function set($option, $value) {
 
104
  self::$config[$option] = $value;
105
-
106
  //save config to database
107
- if (is_multisite()) {
108
- $result = AAM_Core_API::updateOption(self::OPTION, self::$config, 'site');
109
- } else {
110
- $result = AAM_Core_API::updateOption(self::OPTION, self::$config);
111
- }
112
-
113
-
114
- return $result;
115
  }
116
-
117
  /**
118
  * Delete config option
119
- *
120
  * @param string $option
121
- *
 
 
122
  * @access public
123
- * @static
124
  */
125
- public static function delete($option) {
 
126
  if (array_key_exists($option, self::$config)) {
127
  unset(self::$config[$option]);
128
-
129
- if (is_multisite()) {
130
- AAM_Core_API::updateOption(self::OPTION, self::$config, 'site');
131
- } else {
132
- AAM_Core_API::updateOption(self::OPTION, self::$config);
133
- }
134
  }
 
 
135
  }
136
-
137
  /**
138
  * Get ConfigPress parameter
139
- *
140
  * @param string $param
141
  * @param mixed $default
142
- *
143
  * @return mixed
144
- *
145
  * @access public
146
- * @static
147
  */
148
- protected static function readConfigPress($param, $default = null) {
 
149
  $config = AAM_Core_ConfigPress::get('aam.' . $param, $default);
150
-
151
  if (is_array($config) && isset($config['userFunc'])) {
152
  if (is_callable($config['userFunc'])) {
153
  $response = call_user_func($config['userFunc']);
@@ -161,4 +153,17 @@ class AAM_Core_Config {
161
  return $response;
162
  }
163
 
 
 
 
 
 
 
 
 
 
 
 
 
 
164
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * AAM Core Config
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Core_Config
19
+ {
20
+
21
  /**
22
+ * Core AAM config db option
23
+ *
24
+ * @version 6.0.0
 
25
  */
26
+ const DB_OPTION = 'aam_config';
27
+
28
  /**
29
  * Core config
30
+ *
31
  * @var array
32
+ *
33
+ * @access protected
34
+ * @version 6.0.0
35
  */
36
  protected static $config = array();
37
+
38
  /**
39
+ * Load core AAM config
40
+ *
41
  * @return void
42
+ *
43
  * @access public
44
+ * @version 6.0.0
45
  */
46
+ public static function bootstrap()
47
+ {
48
+ self::$config = AAM_Core_API::getOption(self::DB_OPTION, array());
 
 
 
 
 
 
 
 
 
 
 
49
  }
50
+
51
  /**
52
  * Get config option
53
+ *
54
  * @param string $option
55
  * @param mixed $default
56
+ *
57
  * @return mixed
58
+ *
59
  * @access public
60
+ * @version 6.0.0
61
  */
62
+ public static function get($option, $default = null)
63
+ {
64
  if (array_key_exists($option, self::$config)) {
65
  $response = self::$config[$option];
66
  } else {
67
  $response = self::readConfigPress($option, $default);
68
  }
69
+
70
  return ($response ? self::normalize($response) : $response);
71
  }
72
+
73
  /**
74
  * Normalize config option
75
+ *
76
  * @param string $setting
77
+ *
78
  * @return string
79
+ *
80
  * @access protected
81
+ * @version 6.0.0
82
  */
83
+ protected static function normalize($setting)
84
+ {
85
  return str_replace(array('{ABSPATH}'), array(ABSPATH), $setting);
86
  }
87
+
88
  /**
89
+ * Set config option
90
+ *
91
  * @param string $option
92
  * @param mixed $value
93
+ *
94
  * @return boolean
95
+ *
96
  * @access public
97
+ * @version 6.0.0
98
  */
99
+ public static function set($option, $value)
100
+ {
101
  self::$config[$option] = $value;
102
+
103
  //save config to database
104
+ return AAM_Core_API::updateOption(self::DB_OPTION, self::$config);
 
 
 
 
 
 
 
105
  }
106
+
107
  /**
108
  * Delete config option
109
+ *
110
  * @param string $option
111
+ *
112
+ * @return boolean
113
+ *
114
  * @access public
115
+ * @version 6.0.0
116
  */
117
+ public static function delete($option)
118
+ {
119
  if (array_key_exists($option, self::$config)) {
120
  unset(self::$config[$option]);
121
+
122
+ $result = AAM_Core_API::updateOption(self::DB_OPTION, self::$config);
 
 
 
 
123
  }
124
+
125
+ return !empty($result);
126
  }
127
+
128
  /**
129
  * Get ConfigPress parameter
130
+ *
131
  * @param string $param
132
  * @param mixed $default
133
+ *
134
  * @return mixed
135
+ *
136
  * @access public
137
+ * @version 6.0.0
138
  */
139
+ protected static function readConfigPress($param, $default = null)
140
+ {
141
  $config = AAM_Core_ConfigPress::get('aam.' . $param, $default);
142
+
143
  if (is_array($config) && isset($config['userFunc'])) {
144
  if (is_callable($config['userFunc'])) {
145
  $response = call_user_func($config['userFunc']);
153
  return $response;
154
  }
155
 
156
+ /**
157
+ * Reset internal cache
158
+ *
159
+ * @return void
160
+ *
161
+ * @access public
162
+ * @version 6.0.0
163
+ */
164
+ public static function reset()
165
+ {
166
+ self::$config = array();
167
+ }
168
+
169
  }
application/Core/ConfigPress.php CHANGED
@@ -5,51 +5,58 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * ConfigPress layer
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- final class AAM_Core_ConfigPress {
17
-
 
 
 
18
  /**
19
- * Instance of itself
20
- *
21
- * @var AAM_Core_ConfigPress
22
- *
23
- * @access private
24
  */
25
- protected static $instance = null;
26
-
27
  /**
28
  * Parsed config
29
- *
30
  * @var array
31
- *
32
- * @access protected
 
33
  */
34
  protected $config = null;
35
-
36
  /**
37
  * Raw config text
38
- *
39
  * @var string
40
- *
41
- * @access protected
 
42
  */
43
  protected $rawConfig = null;
44
-
45
  /**
46
  * Constructor
47
- *
48
  * @return void
49
- *
50
  * @access protected
 
51
  */
52
- protected function __construct() {
 
53
  try {
54
  $reader = new AAM_Core_ConfigPress_Reader;
55
  $this->config = $reader->parseString($this->read());
@@ -58,37 +65,55 @@ final class AAM_Core_ConfigPress {
58
  $this->config = array();
59
  }
60
  }
61
-
62
  /**
63
  * Read config from the database
64
- *
65
  * @return string
66
- *
67
  * @access protected
 
68
  */
69
- public function read() {
70
- $blog = (defined('BLOG_ID_CURRENT_SITE') ? BLOG_ID_CURRENT_SITE : 1);
71
- $config = AAM_Core_API::getOption('aam-configpress', 'null', $blog);
72
 
73
  return ($config === 'null' ? '' : $config);
74
  }
75
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
76
  /**
77
  * Get configuration option/setting
78
- *
79
  * If $option is defined, return it, otherwise return the $default value
80
- *
81
  * @param string $option
82
  * @param mixed $default
83
- *
84
  * @return mixed
85
- *
86
  * @access public
 
87
  */
88
- public static function get($option = null, $default = null) {
 
89
  //init config only when requested and only one time
90
  $instance = self::getInstance();
91
-
92
  if (is_null($option)) {
93
  $value = $instance->config;
94
  } else {
@@ -103,24 +128,8 @@ final class AAM_Core_ConfigPress {
103
  }
104
  }
105
  }
106
-
107
  return $value;
108
  }
109
-
110
- /**
111
- * Get single instance of itself
112
- *
113
- * @return AAM_Core_ConfigPress
114
- *
115
- * @access public
116
- * @static
117
- */
118
- public static function getInstance() {
119
- if (is_null(self::$instance)) {
120
- self::$instance = new self;
121
- }
122
-
123
- return self::$instance;
124
- }
125
-
126
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * ConfigPress layer
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ final class AAM_Core_ConfigPress
19
+ {
20
+
21
+ use AAM_Core_Contract_SingletonTrait;
22
+
23
  /**
24
+ * DB option name
25
+ *
26
+ * @version 6.0.0
 
 
27
  */
28
+ const DB_OPTION = 'aam_configpress';
29
+
30
  /**
31
  * Parsed config
32
+ *
33
  * @var array
34
+ *
35
+ * @access protected
36
+ * @version 6.0.0
37
  */
38
  protected $config = null;
39
+
40
  /**
41
  * Raw config text
42
+ *
43
  * @var string
44
+ *
45
+ * @access protected
46
+ * @version 6.0.0
47
  */
48
  protected $rawConfig = null;
49
+
50
  /**
51
  * Constructor
52
+ *
53
  * @return void
54
+ *
55
  * @access protected
56
+ * @version 6.0.0
57
  */
58
+ protected function __construct()
59
+ {
60
  try {
61
  $reader = new AAM_Core_ConfigPress_Reader;
62
  $this->config = $reader->parseString($this->read());
65
  $this->config = array();
66
  }
67
  }
68
+
69
  /**
70
  * Read config from the database
71
+ *
72
  * @return string
73
+ *
74
  * @access protected
75
+ * @version 6.0.0
76
  */
77
+ public function read()
78
+ {
79
+ $config = AAM_Core_API::getOption(self::DB_OPTION, 'null');
80
 
81
  return ($config === 'null' ? '' : $config);
82
  }
83
 
84
+ /**
85
+ * Save config to the database
86
+ *
87
+ * @param string $value
88
+ *
89
+ * @return boolean
90
+ *
91
+ * @access public
92
+ * @version 6.0.0
93
+ */
94
+ public function save($value)
95
+ {
96
+ return AAM_Core_API::updateOption(self::DB_OPTION, $value);
97
+ }
98
+
99
  /**
100
  * Get configuration option/setting
101
+ *
102
  * If $option is defined, return it, otherwise return the $default value
103
+ *
104
  * @param string $option
105
  * @param mixed $default
106
+ *
107
  * @return mixed
108
+ *
109
  * @access public
110
+ * @version 6.0.0
111
  */
112
+ public static function get($option = null, $default = null)
113
+ {
114
  //init config only when requested and only one time
115
  $instance = self::getInstance();
116
+
117
  if (is_null($option)) {
118
  $value = $instance->config;
119
  } else {
128
  }
129
  }
130
  }
131
+
132
  return $value;
133
  }
134
+
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
135
  }
application/Core/ConfigPress/Evaluator.php CHANGED
@@ -5,6 +5,8 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
@@ -12,20 +14,22 @@
12
  *
13
  * Parse configuration section and evaluate an expression. At this point it
14
  * does not take in consideration the operator's precedence but you can force
15
- * the order with parenthesises.
16
  *
17
- * @package ConfigPress
18
  * @author Vasyl Martyniuk <vasyl@vasyltech.com>
19
- * @copyright Copyright Vasyl Martyniuk
20
  */
21
- class AAM_Core_ConfigPress_Evaluator {
 
22
 
23
  /**
24
  * Accepted operators
25
- *
26
  * @var array
27
- *
28
- * @access private
 
29
  */
30
  private $_operators = array(
31
  array('*', '/'), //the highest priority
@@ -37,55 +41,65 @@ class AAM_Core_ConfigPress_Evaluator {
37
 
38
  /**
39
  * Expression to parse
40
- *
41
  * @var string
42
- *
43
- * @access protected
 
44
  */
45
  protected $expression;
46
 
47
  /**
48
  * Parsing expression alias
49
- *
50
  * @var string
51
- *
52
- * @access protected
 
53
  */
54
  protected $alias;
55
 
56
  /**
57
  * Current expression part index
58
- *
59
  * @var array
60
- *
61
  * @access protected
 
62
  */
63
  protected $index = array(0);
64
 
65
  /**
66
  * Prepare expression evaluation
67
- *
68
  * @param string $expression
69
- *
70
  * @return void
 
71
  */
72
- public function __construct($expression) {
 
73
  $this->alias = $expression;
74
 
75
  $regexp = '/(===|!==|==|>=|<=|<>|<|>|\+|\-|\*|\/|&&|\|\||\(|\)|\sas\s)/';
76
  $this->expression = preg_split(
77
- $regexp, $expression, -1, PREG_SPLIT_DELIM_CAPTURE
 
 
 
78
  );
79
  }
80
 
81
  /**
82
  * Evaluate the expression
83
- *
84
  * @return mixed
85
- *
86
  * @access public
 
87
  */
88
- public function evaluate() {
 
89
  $queue = array();
90
 
91
  $index = &$this->index[count($this->index) - 1];
@@ -93,17 +107,17 @@ class AAM_Core_ConfigPress_Evaluator {
93
  for ($index; $index < count($this->expression); $index++) {
94
  $chunk = trim($this->expression[$index]);
95
 
96
- if (empty($chunk)) {
97
- continue; //skip empty part
98
- } elseif ($chunk === '(') {
99
- $this->index[] = ++$index;
100
- $queue[] = $this->evaluate();
101
- } elseif ($chunk === ')') {
102
- array_pop($this->index);
103
- $this->index[count($this->index) - 1] = ++$index;
104
- break;
105
- } else { //evaluate operand or operator
106
- $queue[] = $this->evaluateOperand($chunk);
107
  }
108
  }
109
 
@@ -113,14 +127,16 @@ class AAM_Core_ConfigPress_Evaluator {
113
 
114
  /**
115
  * Evaluate an operand
116
- *
117
  * @param string $operand
118
- *
119
  * @return mixed
120
- *
121
  * @access protected
 
122
  */
123
- protected function evaluateOperand($operand) {
 
124
  if (strpos($operand, '$') === 0) { //variable
125
  $operand = $this->parseVariable(substr($operand, 1));
126
  } elseif (strpos($operand, '@') === 0) { //callback function
@@ -132,14 +148,16 @@ class AAM_Core_ConfigPress_Evaluator {
132
 
133
  /**
134
  * Evaluate variable
135
- *
136
  * @param string $variable
137
- *
138
  * @return mixed
139
- *
140
  * @access protected
 
141
  */
142
- protected function parseVariable($variable) {
 
143
  $value = null;
144
 
145
  $xpath = explode('.', $variable);
@@ -163,12 +181,16 @@ class AAM_Core_ConfigPress_Evaluator {
163
 
164
  /**
165
  * Evaluate callback function
166
- *
167
  * @param string $callback
168
- *
169
  * @return mixed
 
 
 
170
  */
171
- protected function parseCallback($callback) {
 
172
  $value = null;
173
 
174
  if (is_callable($callback)) {
@@ -180,22 +202,26 @@ class AAM_Core_ConfigPress_Evaluator {
180
 
181
  /**
182
  * Compute parsed expression
183
- *
184
  * @param array $queue
185
- *
186
  * @return mixed
187
- *
188
  * @access protected
 
189
  */
190
- protected function computeQueue($queue) {
 
191
  $value = $queue[0]; //default value
192
-
193
  foreach ($this->_operators as $operators) {
194
  $i = 0;
195
  while ($i < count($queue)) {
196
  if (!is_bool($queue[$i]) && in_array($queue[$i], $operators, true)) {
197
  $value = $this->processOperation(
198
- $queue[$i], $queue[$i - 1], $queue[$i + 1]
 
 
199
  );
200
  //replace just calculated value
201
  array_splice($queue, --$i, 3, $value);
@@ -210,16 +236,18 @@ class AAM_Core_ConfigPress_Evaluator {
210
 
211
  /**
212
  * Process the calculation
213
- *
214
  * @param string $operation
215
  * @param mixed $operandA
216
  * @param mixed $operandB
217
- *
218
  * @return mixed
219
- *
220
  * @access protected
 
221
  */
222
- protected function processOperation($operation, $operandA, $operandB) {
 
223
  switch ($operation) {
224
  case '+':
225
  $operandA += $operandB;
@@ -292,12 +320,14 @@ class AAM_Core_ConfigPress_Evaluator {
292
 
293
  /**
294
  * Get section alias
295
- *
296
  * @return string
297
- *
298
  * @access public
 
299
  */
300
- public function getAlias() {
 
301
  return $this->alias;
302
  }
303
 
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
14
  *
15
  * Parse configuration section and evaluate an expression. At this point it
16
  * does not take in consideration the operator's precedence but you can force
17
+ * the order with parentheses.
18
  *
19
+ * @package AAM
20
  * @author Vasyl Martyniuk <vasyl@vasyltech.com>
21
+ * @version 6.0.0
22
  */
23
+ class AAM_Core_ConfigPress_Evaluator
24
+ {
25
 
26
  /**
27
  * Accepted operators
28
+ *
29
  * @var array
30
+ *
31
+ * @access private
32
+ * @version 6.0.0
33
  */
34
  private $_operators = array(
35
  array('*', '/'), //the highest priority
41
 
42
  /**
43
  * Expression to parse
44
+ *
45
  * @var string
46
+ *
47
+ * @access protected
48
+ * @version 6.0.0
49
  */
50
  protected $expression;
51
 
52
  /**
53
  * Parsing expression alias
54
+ *
55
  * @var string
56
+ *
57
+ * @access protected
58
+ * @version 6.0.0
59
  */
60
  protected $alias;
61
 
62
  /**
63
  * Current expression part index
64
+ *
65
  * @var array
66
+ *
67
  * @access protected
68
+ * @version 6.0.0
69
  */
70
  protected $index = array(0);
71
 
72
  /**
73
  * Prepare expression evaluation
74
+ *
75
  * @param string $expression
76
+ *
77
  * @return void
78
+ * @version 6.0.0
79
  */
80
+ public function __construct($expression)
81
+ {
82
  $this->alias = $expression;
83
 
84
  $regexp = '/(===|!==|==|>=|<=|<>|<|>|\+|\-|\*|\/|&&|\|\||\(|\)|\sas\s)/';
85
  $this->expression = preg_split(
86
+ $regexp,
87
+ $expression,
88
+ -1,
89
+ PREG_SPLIT_DELIM_CAPTURE
90
  );
91
  }
92
 
93
  /**
94
  * Evaluate the expression
95
+ *
96
  * @return mixed
97
+ *
98
  * @access public
99
+ * @version 6.0.0
100
  */
101
+ public function evaluate()
102
+ {
103
  $queue = array();
104
 
105
  $index = &$this->index[count($this->index) - 1];
107
  for ($index; $index < count($this->expression); $index++) {
108
  $chunk = trim($this->expression[$index]);
109
 
110
+ if (!empty($chunk)) {
111
+ if ($chunk === '(') {
112
+ $this->index[] = ++$index;
113
+ $queue[] = $this->evaluate();
114
+ } elseif ($chunk === ')') {
115
+ array_pop($this->index);
116
+ $this->index[count($this->index) - 1] = ++$index;
117
+ break;
118
+ } else { //evaluate operand or operator
119
+ $queue[] = $this->evaluateOperand($chunk);
120
+ }
121
  }
122
  }
123
 
127
 
128
  /**
129
  * Evaluate an operand
130
+ *
131
  * @param string $operand
132
+ *
133
  * @return mixed
134
+ *
135
  * @access protected
136
+ * @version 6.0.0
137
  */
138
+ protected function evaluateOperand($operand)
139
+ {
140
  if (strpos($operand, '$') === 0) { //variable
141
  $operand = $this->parseVariable(substr($operand, 1));
142
  } elseif (strpos($operand, '@') === 0) { //callback function
148
 
149
  /**
150
  * Evaluate variable
151
+ *
152
  * @param string $variable
153
+ *
154
  * @return mixed
155
+ *
156
  * @access protected
157
+ * @version 6.0.0
158
  */
159
+ protected function parseVariable($variable)
160
+ {
161
  $value = null;
162
 
163
  $xpath = explode('.', $variable);
181
 
182
  /**
183
  * Evaluate callback function
184
+ *
185
  * @param string $callback
186
+ *
187
  * @return mixed
188
+ *
189
+ * @access protected
190
+ * @version 6.0.0
191
  */
192
+ protected function parseCallback($callback)
193
+ {
194
  $value = null;
195
 
196
  if (is_callable($callback)) {
202
 
203
  /**
204
  * Compute parsed expression
205
+ *
206
  * @param array $queue
207
+ *
208
  * @return mixed
209
+ *
210
  * @access protected
211
+ * @version 6.0.0
212
  */
213
+ protected function computeQueue($queue)
214
+ {
215
  $value = $queue[0]; //default value
216
+
217
  foreach ($this->_operators as $operators) {
218
  $i = 0;
219
  while ($i < count($queue)) {
220
  if (!is_bool($queue[$i]) && in_array($queue[$i], $operators, true)) {
221
  $value = $this->processOperation(
222
+ $queue[$i],
223
+ $queue[$i - 1],
224
+ $queue[$i + 1]
225
  );
226
  //replace just calculated value
227
  array_splice($queue, --$i, 3, $value);
236
 
237
  /**
238
  * Process the calculation
239
+ *
240
  * @param string $operation
241
  * @param mixed $operandA
242
  * @param mixed $operandB
243
+ *
244
  * @return mixed
245
+ *
246
  * @access protected
247
+ * @version 6.0.0
248
  */
249
+ protected function processOperation($operation, $operandA, $operandB)
250
+ {
251
  switch ($operation) {
252
  case '+':
253
  $operandA += $operandB;
320
 
321
  /**
322
  * Get section alias
323
+ *
324
  * @return string
325
+ *
326
  * @access public
327
+ * @version 6.0.0
328
  */
329
+ public function getAlias()
330
+ {
331
  return $this->alias;
332
  }
333
 
application/Core/ConfigPress/Reader.php CHANGED
@@ -5,6 +5,8 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
@@ -12,40 +14,46 @@
12
  *
13
  * Parse configuration string
14
  *
15
- * @package ConfigPress
16
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
17
- * @copyright Copyright Vasyl Martyniuk
18
  */
19
- class AAM_Core_ConfigPress_Reader {
 
20
 
21
  /**
22
- *
 
 
23
  */
24
  const SEPARATOR = '.';
25
 
26
  /**
27
- *
 
 
28
  */
29
  const INHERIT_KEY = ':';
30
 
31
  /**
32
  * Parse INI config
33
- *
34
  * Parse configuration string
35
  *
36
  * @param string $string
37
- *
38
  * @return array|bool
39
- *
40
  * @throws Exception
 
41
  */
42
- public function parseString($string) {
 
43
  if (!empty($string)) {
44
  //parse the string
45
  set_error_handler(array($this, 'parserError'));
46
  $ini = parse_ini_string($string, true);
47
  restore_error_handler();
48
-
49
  $response = $this->process(is_array($ini) ? $ini : array());
50
  } else {
51
  $response = array();
@@ -55,14 +63,21 @@ class AAM_Core_ConfigPress_Reader {
55
  }
56
 
57
  /**
58
- *
59
- * @param type $error
60
- * @param type $message
61
- * @throws Exception
 
 
 
 
 
62
  */
63
- public function parserError($error, $message = '') {
 
64
  AAM_Core_Console::add(
65
- sprintf('Error parsing config string: %s', $message), $error
 
66
  );
67
  }
68
 
@@ -70,12 +85,17 @@ class AAM_Core_ConfigPress_Reader {
70
  * Process data from the parsed ini file.
71
  *
72
  * @param array $data
 
73
  * @return array
 
 
 
74
  */
75
- protected function process(array $data) {
 
76
  $config = array();
77
-
78
- foreach ($data as $section => $data) {
79
  //check if section has parent section or property
80
  if (preg_match('/[\s\w]{1}' . self::INHERIT_KEY . '[\s\w]{1}/', $section)) {
81
  $section = $this->inherit($section, $config);
@@ -90,10 +110,10 @@ class AAM_Core_ConfigPress_Reader {
90
  }
91
  }
92
 
93
- if (is_array($data)) { //this is a INI section, build the nested tree
94
- $this->buildNestedSection($data, $config[$section]);
95
  } else { //single property, no need to do anything
96
- $config[$section] = $this->parseValue($data);
97
  }
98
  }
99
 
@@ -101,12 +121,18 @@ class AAM_Core_ConfigPress_Reader {
101
  }
102
 
103
  /**
104
- *
105
- * @param type $section
106
- * @param type $config
107
- * @return type
 
 
 
 
 
108
  */
109
- protected function inherit($section, &$config) {
 
110
  $sections = explode(self::INHERIT_KEY, $section);
111
  $target = trim($sections[0]);
112
  $parent = trim($sections[1]);
@@ -119,15 +145,22 @@ class AAM_Core_ConfigPress_Reader {
119
  }
120
 
121
  /**
122
- *
123
- * @param type $data
124
- * @param type $config
 
 
 
 
 
 
125
  */
126
- protected function buildNestedSection($data, &$config) {
 
127
  foreach ($data as $key => $value) {
128
  $root = &$config;
129
- // TODO - Remove July 2019
130
- foreach (explode(self::SEPARATOR, apply_filters('aam-configpress-compatibility-filter', $key)) as $level) {
131
  if (!isset($root[$level])) {
132
  $root[$level] = array();
133
  }
@@ -138,11 +171,17 @@ class AAM_Core_ConfigPress_Reader {
138
  }
139
 
140
  /**
141
- *
142
- * @param type $value
143
- * @return type
 
 
 
 
 
144
  */
145
- protected function parseValue($value) {
 
146
  return is_string($value) ? trim($value) : $value;
147
  }
148
 
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
14
  *
15
  * Parse configuration string
16
  *
17
+ * @package AAM
18
+ * @version 6.0.0
 
19
  */
20
+ class AAM_Core_ConfigPress_Reader
21
+ {
22
 
23
  /**
24
+ * Default param separator
25
+ *
26
+ * @version 6.0.0
27
  */
28
  const SEPARATOR = '.';
29
 
30
  /**
31
+ * Default section inheritance indicator
32
+ *
33
+ * @version 6.0.0
34
  */
35
  const INHERIT_KEY = ':';
36
 
37
  /**
38
  * Parse INI config
39
+ *
40
  * Parse configuration string
41
  *
42
  * @param string $string
43
+ *
44
  * @return array|bool
45
+ *
46
  * @throws Exception
47
+ * @version 6.0.0
48
  */
49
+ public function parseString($string)
50
+ {
51
  if (!empty($string)) {
52
  //parse the string
53
  set_error_handler(array($this, 'parserError'));
54
  $ini = parse_ini_string($string, true);
55
  restore_error_handler();
56
+
57
  $response = $this->process(is_array($ini) ? $ini : array());
58
  } else {
59
  $response = array();
63
  }
64
 
65
  /**
66
+ * Add error to the AAM console
67
+ *
68
+ * @param string $error
69
+ * @param string $message
70
+ *
71
+ * @return void
72
+ *
73
+ * @access public
74
+ * @version 6.0.0
75
  */
76
+ public function parserError($error, $message = '')
77
+ {
78
  AAM_Core_Console::add(
79
+ sprintf('Error parsing config string: %s', $message),
80
+ $error
81
  );
82
  }
83
 
85
  * Process data from the parsed ini file.
86
  *
87
  * @param array $data
88
+ *
89
  * @return array
90
+ *
91
+ * @access protected
92
+ * @version 6.0.0
93
  */
94
+ protected function process(array $data)
95
+ {
96
  $config = array();
97
+
98
+ foreach ($data as $section => $block) {
99
  //check if section has parent section or property
100
  if (preg_match('/[\s\w]{1}' . self::INHERIT_KEY . '[\s\w]{1}/', $section)) {
101
  $section = $this->inherit($section, $config);
110
  }
111
  }
112
 
113
+ if (is_array($block)) { //this is a INI section, build the nested tree
114
+ $this->buildNestedSection($block, $config[$section]);
115
  } else { //single property, no need to do anything
116
+ $config[$section] = $this->parseValue($block);
117
  }
118
  }
119
 
121
  }
122
 
123
  /**
124
+ * Inherit settings from different section
125
+ *
126
+ * @param string $section
127
+ * @param array $config
128
+ *
129
+ * @return string
130
+ *
131
+ * @access protected
132
+ * @version 6.0.0
133
  */
134
+ protected function inherit($section, &$config)
135
+ {
136
  $sections = explode(self::INHERIT_KEY, $section);
137
  $target = trim($sections[0]);
138
  $parent = trim($sections[1]);
145
  }
146
 
147
  /**
148
+ * Build the nested config array
149
+ *
150
+ * @param array $data
151
+ * @param array $config
152
+ *
153
+ * @return void
154
+ *
155
+ * @access protected
156
+ * @version 6.0.0
157
  */
158
+ protected function buildNestedSection($data, &$config)
159
+ {
160
  foreach ($data as $key => $value) {
161
  $root = &$config;
162
+
163
+ foreach (explode(self::SEPARATOR, $key) as $level) {
164
  if (!isset($root[$level])) {
165
  $root[$level] = array();
166
  }
171
  }
172
 
173
  /**
174
+ * Parse single value
175
+ *
176
+ * @param mixed $value
177
+ *
178
+ * @return mixed
179
+ *
180
+ * @access protected
181
+ * @version 6.0.0
182
  */
183
+ protected function parseValue($value)
184
+ {
185
  return is_string($value) ? trim($value) : $value;
186
  }
187
 
application/Core/Console.php CHANGED
@@ -5,86 +5,85 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
- * AAM Core Consol Panel
12
- *
13
- * Track and display list of all warnings that has been detected during AAM
14
  * execution. The consol is used only when AAM interface was triggered in Admin side.
15
- *
16
  * @package AAM
17
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
18
  */
19
- class AAM_Core_Console {
 
20
 
21
  /**
22
  * List of Runtime errors related to AAM
23
- *
24
  * @var array
25
- *
26
- * @access private
27
- * @static
28
  */
29
  private static $_messages = array();
30
 
31
  /**
32
  * Add new warning
33
- *
34
  * @param string $message
35
- * @param stirng $args...
36
- *
37
  * @return void
38
- *
39
  * @access public
40
- * @static
41
  */
42
- public static function add($message) {
 
43
  //prepare search patterns
44
  $num = func_num_args();
45
  $search = ($num > 1 ? array_fill(0, ($num - 1) * 2, null) : array());
46
-
47
- array_walk($search, 'AAM_Core_Console::walk');
48
-
 
 
49
  $replace = array();
50
  foreach (array_slice(func_get_args(), 1) as $key) {
51
  array_push($replace, "<{$key}>", "</{$key}>");
52
  }
53
-
54
  self::$_messages[] = preg_replace($search, $replace, $message, 1);
55
  }
56
 
57
  /**
58
  * Get list of all warnings
59
- *
60
  * @return array
61
- *
62
  * @access public
63
- * @static
64
  */
65
- public static function getAll() {
 
66
  return self::$_messages;
67
  }
68
-
69
  /**
70
- *
71
- * @return type
 
 
 
 
72
  */
73
- public static function count() {
 
74
  return count(self::$_messages);
75
  }
76
-
77
- /**
78
- * Replace place holders with markup
79
- *
80
- * @param string $value
81
- * @param int $index
82
- *
83
- * @access protected
84
- * @static
85
- */
86
- protected static function walk(&$value, $index) {
87
- $value = '/\\' . ($index % 2 ? ']' : '[') . '/';
88
- }
89
 
90
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
+ * AAM Core notification consol
14
+ *
15
+ * Track and display list of all warnings that has been detected during AAM
16
  * execution. The consol is used only when AAM interface was triggered in Admin side.
17
+ *
18
  * @package AAM
19
+ * @version 6.0.0
20
  */
21
+ class AAM_Core_Console
22
+ {
23
 
24
  /**
25
  * List of Runtime errors related to AAM
26
+ *
27
  * @var array
28
+ *
29
+ * @access private
30
+ * @version 6.0.0
31
  */
32
  private static $_messages = array();
33
 
34
  /**
35
  * Add new warning
36
+ *
37
  * @param string $message
38
+ * @param string $args...
39
+ *
40
  * @return void
41
+ *
42
  * @access public
43
+ * @version 6.0.0
44
  */
45
+ public static function add($message)
46
+ {
47
  //prepare search patterns
48
  $num = func_num_args();
49
  $search = ($num > 1 ? array_fill(0, ($num - 1) * 2, null) : array());
50
+
51
+ array_walk($search, function (&$value, $index) {
52
+ $value = '/\\' . ($index % 2 ? ']' : '[') . '/';
53
+ });
54
+
55
  $replace = array();
56
  foreach (array_slice(func_get_args(), 1) as $key) {
57
  array_push($replace, "<{$key}>", "</{$key}>");
58
  }
59
+
60
  self::$_messages[] = preg_replace($search, $replace, $message, 1);
61
  }
62
 
63
  /**
64
  * Get list of all warnings
65
+ *
66
  * @return array
67
+ *
68
  * @access public
69
+ * @version 6.0.0
70
  */
71
+ public static function getAll()
72
+ {
73
  return self::$_messages;
74
  }
75
+
76
  /**
77
+ * Count the list of all notifications
78
+ *
79
+ * @return int
80
+ *
81
+ * @access public
82
+ * @version 6.0.0
83
  */
84
+ public static function count()
85
+ {
86
  return count(self::$_messages);
87
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
88
 
89
  }
application/Core/Contract/MigrationInterface.php ADDED
@@ -0,0 +1,30 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
+ */
11
+
12
+ /**
13
+ * Migration interface
14
+ *
15
+ * @package AAM
16
+ * @version 6.0.0
17
+ */
18
+ interface AAM_Core_Contract_MigrationInterface
19
+ {
20
+ /**
21
+ * Trigger migration script
22
+ *
23
+ * @return array
24
+ *
25
+ * @access public
26
+ * @version 6.0.0
27
+ */
28
+ public function run();
29
+
30
+ }
application/Core/Contract/RequestTrait.php ADDED
@@ -0,0 +1,170 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
+ */
11
+
12
+ /**
13
+ * Work with HTTP requests
14
+ *
15
+ * @package AAM
16
+ * @version 6.0.0
17
+ */
18
+ trait AAM_Core_Contract_RequestTrait
19
+ {
20
+
21
+ /**
22
+ * Get data from the POST payload
23
+ *
24
+ * @param string $param
25
+ * @param int $filter
26
+ * @param int $options
27
+ *
28
+ * @return mixed
29
+ *
30
+ * @access public
31
+ * @version 6.0.0
32
+ */
33
+ public function getFromPost($param, $filter = FILTER_DEFAULT, $options = null)
34
+ {
35
+ $post = filter_input(INPUT_POST, $param, $filter, $options);
36
+
37
+ if (is_null($post)) {
38
+ $post = filter_var($this->readFromArray($_POST, $param), $filter, $options);
39
+ }
40
+
41
+ return $post;
42
+ }
43
+
44
+ /**
45
+ * Get data from the GET/Query
46
+ *
47
+ * @param string $param
48
+ * @param int $filter
49
+ * @param int $options
50
+ *
51
+ * @return mixed
52
+ *
53
+ * @access public
54
+ * @version 6.0.0
55
+ */
56
+ public function getFromQuery($param, $filter = FILTER_DEFAULT, $options = null)
57
+ {
58
+ $get = filter_input(INPUT_GET, $param, $filter, $options);
59
+
60
+ if (is_null($get)) {
61
+ $get = filter_var($this->readFromArray($_GET, $param), $filter, $options);
62
+ }
63
+
64
+ return $get;
65
+ }
66
+
67
+ /**
68
+ * Get data from the super-global $_REQUEST
69
+ *
70
+ * @param string $param
71
+ * @param int $filter
72
+ * @param int $options
73
+ *
74
+ * @return mixed
75
+ *
76
+ * @access public
77
+ * @version 6.0.0
78
+ */
79
+ public function getFromRequest($param, $filter = FILTER_DEFAULT, $options = null)
80
+ {
81
+ return filter_var($this->readFromArray($_REQUEST, $param), $filter, $options);
82
+ }
83
+
84
+ /**
85
+ * Get data from Cookie
86
+ *
87
+ * @param string $param
88
+ * @param int $filter
89
+ * @param int $options
90
+ *
91
+ * @return mixed
92
+ *
93
+ * @access public
94
+ * @version 6.0.0
95
+ */
96
+ public function getFromCookie($param, $filter = FILTER_DEFAULT, $options = null)
97
+ {
98
+ $cookie = filter_input(INPUT_COOKIE, $param, $filter, $options);
99
+
100
+ if (is_null($cookie)) {
101
+ $cookie = filter_var($this->readFromArray(
102
+ $_COOKIE, $param), $filter, $options
103
+ );
104
+ }
105
+
106
+ return $cookie;
107
+ }
108
+
109
+ /**
110
+ * Get data from the super-global $_SERVER
111
+ *
112
+ * @param string $param
113
+ * @param int $filter
114
+ * @param int $options
115
+ *
116
+ * @return mixed
117
+ *
118
+ * @access public
119
+ * @version 6.0.0
120
+ */
121
+ public function getFromServer($param, $filter = FILTER_DEFAULT, $options = null)
122
+ {
123
+ $var = filter_input(INPUT_SERVER, $param, $filter, $options);
124
+
125
+ // Cover the unexpected server issues (e.g. FastCGI may cause unexpected null)
126
+ if (empty($var)) {
127
+ $var = filter_var(
128
+ $this->readFromArray($_SERVER, $param), $filter, $options
129
+ );
130
+ }
131
+
132
+ return $var;
133
+ }
134
+
135
+ /**
136
+ * Check array for specified parameter and return the it's value or
137
+ * default one
138
+ *
139
+ * @param array $array Global array _GET, _POST etc
140
+ * @param string $param Array Parameter
141
+ * @param mixed $default Default value
142
+ *
143
+ * @return mixed
144
+ *
145
+ * @access protected
146
+ * @version 6.0.0
147
+ */
148
+ protected function readFromArray($array, $param, $default = null)
149
+ {
150
+ $value = $default;
151
+
152
+ if (is_null($param)) {
153
+ $value = $array;
154
+ } else {
155
+ $chunks = explode('.', $param);
156
+ $value = $array;
157
+ foreach ($chunks as $chunk) {
158
+ if (isset($value[$chunk])) {
159
+ $value = $value[$chunk];
160
+ } else {
161
+ $value = $default;
162
+ break;
163
+ }
164
+ }
165
+ }
166
+
167
+ return $value;
168
+ }
169
+
170
+ }
application/Core/Contract/ServiceTrait.php ADDED
@@ -0,0 +1,63 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
+ */
11
+
12
+ /**
13
+ * Reusable elements for each service
14
+ *
15
+ * @package AAM
16
+ * @version 6.0.0
17
+ */
18
+ trait AAM_Core_Contract_ServiceTrait
19
+ {
20
+
21
+ /**
22
+ * Single instance of itself
23
+ *
24
+ * @var object
25
+ *
26
+ * @access protected
27
+ * @version 6.0.0
28
+ */
29
+ protected static $instance = null;
30
+
31
+ /**
32
+ * Bootstrap the service
33
+ *
34
+ * @return void
35
+ *
36
+ * @access public
37
+ * @version 6.0.0
38
+ */
39
+ public static function bootstrap()
40
+ {
41
+ if (is_null(self::$instance)) {
42
+ self::$instance = new self;
43
+ }
44
+ }
45
+
46
+ /**
47
+ * Get single instance of itself
48
+ *
49
+ * @return object
50
+ *
51
+ * @access public
52
+ * @version 6.0.0
53
+ */
54
+ public static function getInstance()
55
+ {
56
+ if (is_null(self::$instance)) {
57
+ self::bootstrap();
58
+ }
59
+
60
+ return self::$instance;
61
+ }
62
+
63
+ }
application/{Shortcode/Strategy/Interface.php → Core/Contract/ShortcodeInterface.php} RENAMED
@@ -5,27 +5,40 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * AAM shortcode strategy interface
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- interface AAM_Shortcode_Strategy_Interface {
17
-
 
18
  /**
19
  * Initialize shortcode strategy
20
- *
21
- * @param type $args
22
- * @param type $content
 
 
 
 
 
23
  */
24
  public function __construct($args, $content);
25
-
26
  /**
27
- * Process strategy
 
 
 
 
 
28
  */
29
  public function run();
30
-
31
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * AAM shortcode strategy interface
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ interface AAM_Core_Contract_ShortcodeInterface
19
+ {
20
+
21
  /**
22
  * Initialize shortcode strategy
23
+ *
24
+ * @param array $args
25
+ * @param string $content
26
+ *
27
+ * @return void
28
+ *
29
+ * @access public
30
+ * @version 6.0.0
31
  */
32
  public function __construct($args, $content);
33
+
34
  /**
35
+ * Process shortcode strategy
36
+ *
37
+ * @return string
38
+ *
39
+ * @access public
40
+ * @version 6.0.0
41
  */
42
  public function run();
43
+
44
  }
application/Core/Contract/SingletonTrait.php ADDED
@@ -0,0 +1,73 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
+ */
11
+
12
+ /**
13
+ * Reusable elements for singletons
14
+ *
15
+ * @package AAM
16
+ * @version 6.0.0
17
+ */
18
+ trait AAM_Core_Contract_SingletonTrait
19
+ {
20
+
21
+ /**
22
+ * Single instance of itself
23
+ *
24
+ * @var object
25
+ *
26
+ * @access private
27
+ */
28
+ private static $_instance = null;
29
+
30
+ /**
31
+ * Constructor
32
+ *
33
+ * @access protected
34
+ * @version 6.0.0
35
+ */
36
+ protected function __construct()
37
+ { }
38
+
39
+ /**
40
+ * Bootstrap the object
41
+ *
42
+ * @return self
43
+ *
44
+ * @access public
45
+ * @version 6.0.0
46
+ */
47
+ public static function bootstrap()
48
+ {
49
+ if (is_null(self::$_instance)) {
50
+ self::$_instance = new self;
51
+ }
52
+
53
+ return self::$_instance;
54
+ }
55
+
56
+ /**
57
+ * Get single instance of itself
58
+ *
59
+ * @return self
60
+ *
61
+ * @access public
62
+ * @version 6.0.0
63
+ */
64
+ public static function getInstance()
65
+ {
66
+ if (is_null(self::$_instance)) {
67
+ self::$_instance = self::bootstrap();
68
+ }
69
+
70
+ return self::$_instance;
71
+ }
72
+
73
+ }
application/Core/Exporter.php DELETED
@@ -1,328 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM Exporter
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- */
16
- class AAM_Core_Exporter {
17
-
18
- /**
19
- *
20
- * @var type
21
- */
22
- protected $config = array();
23
-
24
- /**
25
- * Undocumented variable
26
- *
27
- * @var [type]
28
- */
29
- protected $blog = null;
30
-
31
- /**
32
- *
33
- * @var type
34
- */
35
- protected $output = array();
36
-
37
- /**
38
- *
39
- * @var type
40
- */
41
- protected $cache = array();
42
-
43
- /**
44
- *
45
- * @param type $config
46
- */
47
- public function __construct($config, $blog = null) {
48
- $this->config = $config;
49
- $this->blog = ($blog ? $blog : get_current_blog_id());
50
- }
51
-
52
- /**
53
- *
54
- * @return type
55
- */
56
- public function run() {
57
- $this->output = array(
58
- 'version' => AAM_Core_API::version(),
59
- 'plugin' => AAM_KEY,
60
- 'datetime' => date('Y-m-d H:i:s'),
61
- 'metadata' => $this->config,
62
- 'dataset' => array()
63
- );
64
-
65
- foreach($this->config as $backet => $features) {
66
- $method = 'export' . ucfirst($backet);
67
-
68
- if (method_exists($this, $method)) {
69
- call_user_func(array($this, $method), explode(',', $features));
70
- } else {
71
- $this->output = apply_filters(
72
- 'aam-export-filter', $this->output, $backet, $this->config
73
- );
74
- }
75
- }
76
-
77
- return $this->output;
78
- }
79
-
80
- /**
81
- *
82
- * @global type $wpdb
83
- * @param type $features
84
- */
85
- protected function exportSystem($features) {
86
- global $wpdb;
87
-
88
- foreach($features as $feature) {
89
- if ($feature === 'roles') {
90
- $this->add(
91
- '_user_roles',
92
- AAM_Core_API::getOption(
93
- $wpdb->get_blog_prefix($this->blog) . 'user_roles',
94
- array(),
95
- $this->blog
96
- )
97
- );
98
- } elseif (in_array($feature, array('utilities', 'settings'), true)) {
99
- $this->add(
100
- AAM_Core_Config::OPTION,
101
- AAM_Core_API::getOption(AAM_Core_Config::OPTION, '', 'site')
102
- );
103
- } elseif ($feature === 'configpress') {
104
- $this->add(
105
- 'aam-configpress', AAM_Core_ConfigPress::getInstance()->read()
106
- );
107
- } else {
108
- do_action('aam-export-action', 'system', $feature, $this);
109
- }
110
- }
111
- }
112
-
113
- /**
114
- *
115
- * @param type $features
116
- */
117
- protected function exportRoles($features) {
118
- foreach($features as $feature) {
119
- if ($feature === 'menu') {
120
- $this->pushData('options', '/^aam_menu_role/');
121
- } elseif ($feature === 'toolbar') {
122
- $this->pushData('options', '/^aam_toolbar_role/');
123
- } elseif ($feature === 'uri') {
124
- $this->pushData('options', '/^aam_uri_role/');
125
- } elseif ($feature === 'route') {
126
- $this->pushData('options', '/^aam_route_role/');
127
- } elseif ($feature === 'metabox') {
128
- $this->pushData('options', '/^aam_metabox_role/');
129
- } elseif ($feature === 'post') {
130
- $this->pushData('options', '/^aam_type_[\w_\-]+_role/');
131
- $this->pushData('options', '/^aam_term_[\d]+\|.+_role/');
132
- $this->pushData('postmeta', '/^aam-post-access-role/');
133
- } elseif ($feature === 'redirect') {
134
- $this->pushData('options', '/^aam_redirect_role/');
135
- $this->pushData('options', '/^aam_loginredirect_role/');
136
- $this->pushData('options', '/^aam_logoutredirect_role/');
137
- }
138
- }
139
- }
140
-
141
- /**
142
- *
143
- * @param type $features
144
- */
145
- protected function exportUsers($features) {
146
- global $wpdb;
147
-
148
- foreach($features as $feature) {
149
- if ($feature === 'menu') {
150
- $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_menu/');
151
- } elseif ($feature === 'toolbar') {
152
- $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_toolbar/');
153
- } elseif ($feature === 'uri') {
154
- $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_uri/');
155
- } elseif ($feature === 'route') {
156
- $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_route/');
157
- } elseif ($feature === 'metabox') {
158
- $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_metabox/');
159
- } elseif ($feature === 'post') {
160
- $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_type/');
161
- $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_term/');
162
- $this->pushData('postmeta', '/^aam-post-access-user/');
163
- } elseif ($feature === 'redirect') {
164
- $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_redirect/');
165
- $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_loginredirect/');
166
- $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_logoutredirect/');
167
- } elseif ($feature === 'capability') {
168
- $this->pushData('usermeta', '/^' . $wpdb->prefix . 'aam_capability/');
169
- }
170
- }
171
- }
172
-
173
- /**
174
- *
175
- * @param type $features
176
- */
177
- protected function exportVisitor($features) {
178
- foreach($features as $feature) {
179
- if ($feature === 'metabox') {
180
- $this->pushData('options', '/^aam_visitor_metabox/');
181
- } elseif ($feature === 'post') {
182
- $this->pushData('options', '/^aam_visitor_type/');
183
- $this->pushData('options', '/^aam_visitor_term/');
184
- $this->pushData('postmeta', '/^aam-post-access-visitor/');
185
- } elseif ($feature === 'redirect') {
186
- $this->pushData('options', '/^aam_visitor_redirect/');
187
- } elseif ($feature === 'route') {
188
- $this->pushData('options', '/^aam_visitor_route/');
189
- } elseif ($feature === 'uri') {
190
- $this->pushData('options', '/^aam_visitor_uri/');
191
- }
192
- }
193
- }
194
-
195
- /**
196
- *
197
- * @param type $features
198
- */
199
- protected function exportDefault($features) {
200
- foreach($features as $feature) {
201
- if ($feature === 'menu') {
202
- $this->pushData('options', '/^aam_menu_default/');
203
- } elseif ($feature === 'metabox') {
204
- $this->pushData('options', '/^aam_metabox_default/');
205
- } elseif ($feature === 'route') {
206
- $this->pushData('options', '/^aam_route_default/');
207
- } elseif ($feature === 'toolbar') {
208
- $this->pushData('options', '/^aam_toolbar_default/');
209
- } elseif ($feature === 'uri') {
210
- $this->pushData('options', '/^aam_uri_default/');
211
- } elseif ($feature === 'post') {
212
- $this->pushData('options', '/^aam_type_[\w_\-]_default/');
213
- $this->pushData('options', '/^aam_term_[\d]+\|.+_default/');
214
- $this->pushData('postmeta', '/^aam-post-access-default/');
215
- } elseif ($feature === 'redirect') {
216
- $this->pushData('options', '/^aam_redirect_default/');
217
- $this->pushData('options', '/^aam_loginredirect_default/');
218
- $this->pushData('options', '/^aam_logoutredirect_default/');
219
- }
220
- }
221
- }
222
-
223
- /**
224
- *
225
- * @param type $group
226
- * @param type $regexp
227
- */
228
- public function pushData($group, $regexp) {
229
- $cache = $this->getCache();
230
-
231
- if (is_array($cache[$group])) {
232
- foreach($cache[$group] as $option) {
233
- if (isset($option->user_id)) {
234
- $id = $option->user_id;
235
- } elseif (isset($option->post_id)) {
236
- $id = $option->post_id;
237
- } else {
238
- $id = null;
239
- }
240
-
241
- if (isset($option->option_name)) {
242
- if (preg_match($regexp, $option->option_name)) {
243
- $this->add(
244
- $this->stripPrefix($option->option_name),
245
- maybe_unserialize($option->option_value),
246
- '_' . $group,
247
- $id
248
- );
249
- }
250
- } elseif (isset($option->meta_key)) {
251
- if (preg_match($regexp, $option->meta_key)) {
252
- $this->add(
253
- $this->stripPrefix($option->meta_key),
254
- maybe_unserialize($option->meta_value),
255
- '_' . $group,
256
- $id
257
- );
258
- }
259
- }
260
- }
261
- }
262
- }
263
-
264
- /**
265
- *
266
- * @global type $wpdb
267
- * @param type $key
268
- * @return type
269
- */
270
- public function stripPrefix($key) {
271
- global $wpdb;
272
-
273
- return preg_replace('/^' . $wpdb->prefix . '/', '_', $key);
274
- }
275
-
276
- /**
277
- *
278
- * @param type $key
279
- * @param type $value
280
- * @param type $group
281
- */
282
- public function add($key, $value, $group = '_options', $id = null) {
283
- $compressed = base64_encode(json_encode($value));
284
-
285
- if (is_null($id)) {
286
- $this->output['dataset'][$group][$key] = $compressed;
287
- } else {
288
- $this->output['dataset'][$group][$id][$key] = $compressed;
289
- }
290
- }
291
-
292
- /**
293
- *
294
- * @global type $wpdb
295
- * @return type
296
- */
297
- protected function getCache() {
298
- global $wpdb;
299
-
300
- if (empty($this->cache)) {
301
- if (is_multisite()) {
302
- switch_to_blog(get_main_site_id());
303
- }
304
-
305
- $query = "SELECT option_name, option_value FROM {$wpdb->options} ";
306
- $query .= "WHERE option_name LIKE 'aam%'";
307
-
308
- $this->cache['options'] = $wpdb->get_results($query);
309
-
310
- $query = "SELECT user_id, meta_key, meta_value FROM {$wpdb->usermeta} ";
311
- $query .= "WHERE meta_key LIKE '{$wpdb->prefix}aam%'";
312
-
313
- $this->cache['usermeta'] = $wpdb->get_results($query);
314
-
315
- $query = "SELECT post_id, meta_key, meta_value FROM {$wpdb->postmeta} ";
316
- $query .= "WHERE meta_key LIKE 'aam%'";
317
-
318
- $this->cache['postmeta'] = $wpdb->get_results($query);
319
-
320
- if (is_multisite()) {
321
- restore_current_blog();
322
- }
323
- }
324
-
325
- return $this->cache;
326
- }
327
-
328
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Core/Gateway.php CHANGED
@@ -5,289 +5,297 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * AAM core API gateway
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- final class AAM_Core_Gateway {
17
-
18
- /**
19
- * Single instance of itself
20
- *
21
- * @var AAM_Core_Gateway
22
- *
23
- * @access protected
24
- */
25
- protected static $instance = null;
26
-
27
- /**
28
- * Constructor
29
- */
30
- protected function __construct() {}
31
-
32
  /**
33
  * Prevent from fatal errors
34
- *
35
  * @param string $name
36
  * @param array $arguments
37
- *
38
  * @return void
39
- *
40
  * @access public
 
41
  */
42
- public function __call($name, $arguments) {
43
- trigger_error(
44
- esc_js(__("The method {$name} is not defined in the AAM API", AAM_KEY))
 
 
 
45
  );
46
  }
47
-
48
  /**
49
  * Get AAM configuration option
50
- *
51
  * @param string $option
52
  * @param mixed $default
53
- *
54
  * @return mixed
55
- *
56
  * @access public
 
57
  */
58
- public function getConfig($option, $default = null) {
59
- $value = AAM_Core_Config::get($option, $default);
60
-
61
- return AAM_Core_Compatibility::convertConfig($option, $value);
62
  }
63
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
64
  /**
65
  * Get user
66
- *
67
  * If no $id specified, current user will be returned
68
- *
69
- * @param int $id Optional user id
70
- *
71
  * @return AAM_Core_Subject
72
- *
73
  * @access public
 
74
  */
75
- public function getUser($id = null) {
 
76
  if (!empty($id)) {
77
  $user = new AAM_Core_Subject_User($id);
78
  $user->initialize();
79
- } elseif (get_current_user_id()) {
80
- $user = AAM::getUser();
81
  } else {
82
- $user = new AAM_Core_Subject_Visitor();
83
  }
84
-
85
  return $user;
86
  }
87
-
88
  /**
89
- * Log any critical message
90
- *
91
- * @param string $message
92
- * @param string $markers...
93
- *
 
94
  * @access public
 
95
  */
96
- public function log() {
97
- call_user_func_array('AAM_Core_Console::add', func_get_args());
 
98
  }
99
-
100
  /**
101
- * Deny access for current HTTP request
102
- *
103
- * @param mixed $params
104
- *
105
- * @return void
106
- *
107
  * @access public
 
108
  */
109
- public function denyAccess($params = null) {
110
- AAM_Core_API::reject(AAM_Core_Api_Area::get(), $params);
 
 
 
 
 
 
 
111
  }
112
-
113
  /**
114
- * Get policy manager
115
- *
116
- * @return AAM_Core_Policy_Manager
117
- *
118
  * @access public
 
119
  */
120
- public function getPolicyManager(AAM_Core_Subject $subject = null) {
121
- return AAM_Core_Policy_Factory::get(
122
- (is_null($subject) ? $this->getUser() : $subject)
123
- );
124
  }
125
-
126
  /**
127
- * Compatibility manager
128
  *
129
- * @return AAM_Core_Compatibility
 
 
 
 
130
  */
131
- public function getCompatibilityManager() {
132
- return AAM_Core_Compatibility::getInstance();
 
133
  }
134
 
135
  /**
136
- * Redirect request
137
- *
138
- * @param string $type
139
- * @param mixed $location
140
- * @param int $code
141
- *
142
- * @return void
143
- *
144
  * @access public
 
145
  */
146
- public function redirect($type, $location = null, $code = 307) {
147
- $area = AAM_Core_Api_Area::get();
148
-
149
- switch($type) {
150
- case 'login':
151
- wp_redirect(add_query_arg(
152
- array('reason' => 'restricted'),
153
- wp_login_url(AAM_Core_Request::server('REQUEST_URI'))
154
- ), $code);
155
- break;
156
-
157
- case 'page':
158
- $page = AAM_Core_API::getCurrentPost();
159
- if(empty($page) || ($page->ID !== intval($location))) {
160
- wp_safe_redirect(get_page_link($location), $code);
161
- }
162
- break;
163
-
164
- case 'message':
165
- wp_die($location);
166
- break;
167
-
168
- case 'url':
169
- if (stripos($location, AAM_Core_Request::server('REQUEST_URI')) === false) {
170
- wp_redirect($location, $code);
171
- }
172
- break;
173
-
174
- case 'callback':
175
- if (is_callable($location)) {
176
- call_user_func($location);
177
- }
178
- break;
179
-
180
- default:
181
- wp_die(AAM_Core_Config::get(
182
- "{$area}.access.deny.redirectRule", __('Access Denied', AAM_KEY)
183
- ));
184
- break;
185
  }
186
-
187
- exit; // Halt the execution
188
- }
189
-
190
- /**
191
- * Get current post
192
- *
193
- * @return WP_Post
194
- *
195
- * @access public
196
- */
197
- public function getCurrentPost() {
198
- return AAM_Core_API::getCurrentPost();
199
- }
200
-
201
- /**
202
- * Check if capability exists
203
- *
204
- * This method checks if provided capability exists (registered for any role).
205
- *
206
- * @param string $capability
207
- *
208
- * @return boolean
209
- *
210
- * @access public
211
- */
212
- public function capabilityExists($capability) {
213
- return AAM_Core_API::capabilityExists($capability);
214
  }
215
-
216
  /**
217
- * Merge AAM settings
218
- *
219
- * @param array $set1
220
- * @param array $set2
 
 
 
221
  * @param string $objectType
222
- *
 
223
  * @return array
224
- *
225
  * @access public
 
226
  */
227
- public function mergeSettings($set1, $set2, $objectType, $preference = null) {
228
- $combined = array($set1, $set2);
229
  $merged = array();
230
 
 
231
  if (is_null($preference)) {
232
  $preference = $this->getConfig(
233
- "core.settings.{$objectType}.merge.preference", 'deny'
 
234
  );
235
  }
236
-
237
  // first get the complete list of unique keys
238
  $keys = array_keys($set1);
239
-
240
- foreach(array_keys($set2) as $key) {
241
  if (!in_array($key, $keys, true)) {
242
  $keys[] = $key;
243
  }
244
  }
245
 
246
- foreach($keys as $key) {
247
- foreach($combined as $options) {
248
- // If merging preference is "deny" and at least one of the access
249
- // settings is checked, then final merged array will have it set
250
- // to checked
251
- if (in_array($preference, array('deny', 'apply'), true) && !empty($options[$key])) {
252
- $merged[$key] = $options[$key];
253
- break;
254
- } elseif (in_array($preference, array('allow', 'deprive'), true) && empty($options[$key])) {
255
- $merged[$key] = 0;
256
- break;
257
- } elseif (isset($options[$key])) {
258
- $merged[$key] = $options[$key];
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
259
  }
260
  }
261
  }
262
-
263
  return $merged;
264
- }
265
 
266
  /**
267
- * Get current AAM version
268
  *
269
- * @return string
270
- *
271
- * @access public
272
- */
273
- public function getAAMVersion() {
274
- return AAM_Core_API::version();
275
- }
276
-
277
- /**
278
- * Get instance of the API gateway
279
- *
280
- * @return AAM_Core_Gateway
281
- *
282
- * @access public
283
- * @static
284
  */
285
- public static function getInstance() {
286
- if (is_null(self::$instance)) {
287
- self::$instance = new self();
 
 
 
288
  }
289
-
290
- return self::$instance;
291
  }
292
-
293
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * AAM core API gateway
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ final class AAM_Core_Gateway
19
+ {
20
+
21
+ use AAM_Core_Contract_SingletonTrait;
22
+
 
 
 
 
 
 
 
 
 
 
 
23
  /**
24
  * Prevent from fatal errors
25
+ *
26
  * @param string $name
27
  * @param array $arguments
28
+ *
29
  * @return void
30
+ *
31
  * @access public
32
+ * @version 6.0.0
33
  */
34
+ public function __call($name, $arguments)
35
+ {
36
+ _doing_it_wrong(
37
+ __CLASS__ . '::' . __METHOD__,
38
+ "The method {$name} is not defined in the AAM API",
39
+ AAM_VERSION
40
  );
41
  }
42
+
43
  /**
44
  * Get AAM configuration option
45
+ *
46
  * @param string $option
47
  * @param mixed $default
48
+ *
49
  * @return mixed
50
+ *
51
  * @access public
52
+ * @version 6.0.0
53
  */
54
+ public function getConfig($option, $default = null)
55
+ {
56
+ return AAM_Core_Config::get($option, $default);
 
57
  }
58
+
59
+ /**
60
+ * Update AAM configuration option
61
+ *
62
+ * @param string $option
63
+ * @param mixed $value
64
+ *
65
+ * @return boolean
66
+ *
67
+ * @access public
68
+ * @version 6.0.0
69
+ */
70
+ public function updateConfig($option, $value)
71
+ {
72
+ return AAM_Core_Config::set($option, $value);
73
+ }
74
+
75
+ /**
76
+ * Delete AAM configuration option
77
+ *
78
+ * @param string $option
79
+ *
80
+ * @return boolean
81
+ *
82
+ * @access public
83
+ * @version 6.0.0
84
+ */
85
+ public function deleteConfig($option)
86
+ {
87
+ return AAM_Core_Config::delete($option);
88
+ }
89
+
90
  /**
91
  * Get user
92
+ *
93
  * If no $id specified, current user will be returned
94
+ *
95
+ * @param int $id
96
+ *
97
  * @return AAM_Core_Subject
98
+ *
99
  * @access public
100
+ * @version 6.0.0
101
  */
102
+ public function getUser($id = null)
103
+ {
104
  if (!empty($id)) {
105
  $user = new AAM_Core_Subject_User($id);
106
  $user->initialize();
 
 
107
  } else {
108
+ $user = AAM::getUser();
109
  }
110
+
111
  return $user;
112
  }
113
+
114
  /**
115
+ * Get role subject
116
+ *
117
+ * @param string $id
118
+ *
119
+ * @return AAM_Core_Subject_Role
120
+ *
121
  * @access public
122
+ * @version 6.0.0
123
  */
124
+ public function getRole($id)
125
+ {
126
+ return new AAM_Core_Subject_Role($id);
127
  }
128
+
129
  /**
130
+ * Get visitor subject
131
+ *
132
+ * @return AAM_Core_Subject_Visitor
133
+ *
 
 
134
  * @access public
135
+ * @version 6.0.0
136
  */
137
+ public function getVisitor()
138
+ {
139
+ if (is_user_logged_in()) {
140
+ $visitor = new AAM_Core_Subject_Visitor();
141
+ } else {
142
+ $visitor = AAM::getUser();
143
+ }
144
+
145
+ return $visitor;
146
  }
147
+
148
  /**
149
+ * Get default subject
150
+ *
151
+ * @return AAM_Core_Subject_Default
152
+ *
153
  * @access public
154
+ * @version 6.0.0
155
  */
156
+ public function getDefault()
157
+ {
158
+ return AAM_Core_Subject_Default::getInstance();
 
159
  }
160
+
161
  /**
162
+ * Log any critical message
163
  *
164
+ * @param string $message
165
+ * @param string $markers...
166
+ *
167
+ * @access public
168
+ * @version 6.0.0
169
  */
170
+ public function log()
171
+ {
172
+ call_user_func_array('AAM_Core_Console::add', func_get_args());
173
  }
174
 
175
  /**
176
+ * Prepare Access Policy manager but only if service is enabled
177
+ *
178
+ * @param AAM_Core_Subject $subject
179
+ *
180
+ * @return AAM_Core_Policy_Manager|null
181
+ *
 
 
182
  * @access public
183
+ * @version 6.0.0
184
  */
185
+ public function getAccessPolicyManager(AAM_Core_Subject $subject)
186
+ {
187
+ if (AAM_Core_Config::get(AAM_Service_AccessPolicy::FEATURE_FLAG, true)) {
188
+ $manager = AAM_Core_Policy_Factory::get($subject);
189
+ } else {
190
+ $manager = null;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
191
  }
192
+
193
+ return $manager;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
194
  }
195
+
196
  /**
197
+ * Merge two set of access settings into one
198
+ *
199
+ * The merging method also takes in consideration the access settings preference
200
+ * defined in ConfigPress
201
+ *
202
+ * @param array $set1
203
+ * @param array $set2
204
  * @param string $objectType
205
+ * @param string $preference
206
+ *
207
  * @return array
208
+ *
209
  * @access public
210
+ * @version 6.0.0
211
  */
212
+ public function mergeSettings($set1, $set2, $objectType, $preference = null)
213
+ {
214
  $merged = array();
215
 
216
+ // If preference is not explicitly defined, fetch it from the AAM configs
217
  if (is_null($preference)) {
218
  $preference = $this->getConfig(
219
+ "core.settings.{$objectType}.merge.preference",
220
+ 'deny'
221
  );
222
  }
223
+
224
  // first get the complete list of unique keys
225
  $keys = array_keys($set1);
226
+ foreach (array_keys($set2) as $key) {
 
227
  if (!in_array($key, $keys, true)) {
228
  $keys[] = $key;
229
  }
230
  }
231
 
232
+ foreach ($keys as $key) {
233
+ // There can be only two types of preferences: "deny" or "allow". Based
234
+ // on that, choose access settings that have proper effect as following:
235
+ //
236
+ // - If set1 and set2 have two different preferences, get the one that
237
+ // has correct preference;
238
+ // - If set1 and set2 have two the same preferences, choose the set2
239
+ // - If only set1 has access settings, use set1 as-is
240
+ // - If only set2 has access settings, use set2 as-is
241
+ // - If set1 and set2 have different effect than preference, choose
242
+ // set2
243
+ $effect1 = $this->computeAccessOptionEffect($set1, $key);
244
+ $effect2 = $this->computeAccessOptionEffect($set2, $key);
245
+ $effect = ($preference === 'deny');
246
+
247
+ // Access Option is either boolean true or array with "enabled" key
248
+ // set as boolean true
249
+ if ($effect1 === $effect2) { // both equal
250
+ $merged[$key] = $set2[$key];
251
+ } elseif ($effect1 === $effect) { // set1 matches preference
252
+ $merged[$key] = $set1[$key];
253
+ } elseif ($effect2 === $effect) { // set2 matches preference
254
+ $merged[$key] = $set2[$key];
255
+ } else {
256
+ if ($preference === 'allow') {
257
+ $option = isset($set2[$key]) ? $set2[$key] : $set1[$key];
258
+ if (is_array($option)) {
259
+ $option['enabled'] = false;
260
+ } else {
261
+ $option = false;
262
+ }
263
+ $merged[$key] = $option;
264
+ } elseif (is_null($effect1)) {
265
+ $merged[$key] = $set2[$key];
266
+ } elseif (is_null($effect2)) {
267
+ $merged[$key] = $set1[$key];
268
  }
269
  }
270
  }
271
+
272
  return $merged;
273
+ }
274
 
275
  /**
276
+ * Determine correct access option effect
277
  *
278
+ * There can be two possible types of the access settings: straight boolean and
279
+ * array with "enabled" flag. If provided key is not a part of the access options,
280
+ * the null is returned, otherwise boolean true of false.
281
+ *
282
+ * @param array $opts
283
+ * @param string $key
284
+ *
285
+ * @return null|boolean
286
+ *
287
+ * @access protected
288
+ * @version 6.0.0
 
 
 
 
289
  */
290
+ protected function computeAccessOptionEffect($opts, $key)
291
+ {
292
+ $effect = null; // nothing is defined
293
+
294
+ if (isset($opts[$key])) {
295
+ $effect = is_array($opts[$key]) ? $opts[$key]['enabled'] : $opts[$key];
296
  }
297
+
298
+ return $effect;
299
  }
300
+
301
  }
application/Core/Importer.php DELETED
@@ -1,301 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM Importer
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- */
16
- class AAM_Core_Importer {
17
-
18
- /**
19
- *
20
- * @var type
21
- */
22
- protected $input = null;
23
-
24
- /**
25
- * Undocumented variable
26
- *
27
- * @var [type]
28
- */
29
- protected $blog = null;
30
-
31
- /**
32
- *
33
- * @param type $input
34
- */
35
- public function __construct($input = null, $blog = null) {
36
- if (!is_null($input)) {
37
- $this->input = json_decode($input);
38
- }
39
-
40
- $this->setBlog(is_null($blog) ? get_current_blog_id() : $blog);
41
- }
42
-
43
- /**
44
- *
45
- * @param type $blog_id
46
- * @return type
47
- */
48
- public function setBlog($blog_id) {
49
- if ( is_numeric( $blog_id ) ) {
50
- $blog_id = (int) $blog_id;
51
- } else {
52
- $blog = 'http://' . preg_replace( '#^https?://#', '', $blog_id );
53
- if ( ( !$parsed = parse_url( $blog ) ) || empty( $parsed['host'] ) ) {
54
- fwrite( STDERR, "Error: can not determine blog_id from $blog_id\n" );
55
- exit();
56
- }
57
- if ( empty( $parsed['path'] ) ) {
58
- $parsed['path'] = '/';
59
- }
60
- $blogs = get_sites( array( 'domain' => $parsed['host'], 'number' => 1, 'path' => $parsed['path'] ) );
61
- if ( ! $blogs ) {
62
- fwrite( STDERR, "Error: Could not find blog\n" );
63
- exit();
64
- }
65
- $blog = array_shift( $blogs );
66
- $blog_id = (int) $blog->blog_id;
67
- }
68
-
69
- if ( function_exists( 'is_multisite' ) ) {
70
- if ( is_multisite() )
71
- switch_to_blog( $blog_id );
72
- }
73
-
74
- return $blog_id;
75
- }
76
-
77
- /**
78
- *
79
- */
80
- public function dispatch() {
81
- $this->header();
82
-
83
- switch(AAM_Core_Request::get('step', 0)) {
84
- case 0:
85
- $this->greet();
86
- break;
87
-
88
- case 1:
89
- check_admin_referer('import-upload');
90
-
91
- if ($this->handleUpload()) {
92
- $this->renderConfirmationStep();
93
- }
94
- break;
95
-
96
- case 2:
97
- check_admin_referer( 'import-wordpress' );
98
-
99
- $this->id = intval(AAM_Core_Request::post('import_id'));
100
- $filepath = get_attached_file($this->id);
101
- $this->import_start( $filepath );
102
- $this->run();
103
- $this->import_end();
104
- break;
105
- }
106
-
107
- $this->footer();
108
- }
109
-
110
- // Display import page title
111
- protected function header() {
112
- echo '<div class="wrap">';
113
- echo '<h2>' . __('Import AAM Settings', AAM_KEY) . '</h2>';
114
- }
115
-
116
- // Close div.wrap
117
- protected function footer() {
118
- echo '</div>';
119
- }
120
-
121
- /**
122
- * Display introductory text and file upload form
123
- */
124
- protected function greet() {
125
- echo '<div class="narrow">';
126
- echo '<p>' . __('Howdy! Upload your AAM JSON file and we&#8217;ll import the access settings into this site.', AAM_KEY) . '</p>';
127
- echo '<p>' . __('Choose a JSON (.json) file to upload, then click Upload file and import.', AAM_KEY) . '</p>';
128
- wp_import_upload_form('admin.php?import=aam&amp;step=1');
129
- echo '</div>';
130
- }
131
-
132
- /**
133
- *
134
- * @return boolean
135
- */
136
- protected function handleUpload() {
137
- $result = true;
138
- $file = wp_import_handle_upload();
139
-
140
- if ( isset( $file['error'] ) ) {
141
- echo '<p><strong>' . __( 'Sorry, there has been an error.', AAM_KEY ) . '</strong><br />';
142
- echo esc_html( $file['error'] ) . '</p>';
143
- $result = false;
144
- } else if ( ! file_exists( $file['file'] ) ) {
145
- echo '<p><strong>' . __( 'Sorry, there has been an error.', AAM_KEY ) . '</strong><br />';
146
- printf( __( 'The export file could not be found at <code>%s</code>. It is likely that this was caused by a permissions problem.', AAM_KEY ), esc_html( $file['file'] ) );
147
- echo '</p>';
148
- $result = false;
149
- } else {
150
- $this->file = $file;
151
- }
152
-
153
- return $result;
154
- }
155
-
156
- /**
157
- *
158
- */
159
- protected function renderConfirmationStep() {
160
- ?>
161
- <form action="<?php echo admin_url('admin.php?import=aam&amp;step=2' ); ?>" method="post">
162
- <?php wp_nonce_field('import-wordpress' ); ?>
163
- <input type="hidden" name="import_id" value="<?php echo $this->file['id']; ?>" />
164
-
165
- <p>Please confirm the AAM access settings import. Note! All imported access settings will override existing.</p>
166
-
167
- <p class="submit"><input type="submit" class="button" value="<?php esc_attr_e( 'Submit', AAM_KEY ); ?>" /></p>
168
- </form>
169
- <?php
170
- }
171
-
172
- /**
173
- * Parses the WXR file and prepares us for the task of processing parsed data
174
- *
175
- * @param string $file Path to the WXR file for importing
176
- */
177
- protected function import_start( $file ) {
178
- if ( ! is_file($file) ) {
179
- echo '<p><strong>' . __( 'Sorry, there has been an error.', AAM_KEY ) . '</strong><br />';
180
- echo __( 'The file does not exist, please try again.', AAM_KEY ) . '</p>';
181
- $this->footer();
182
- die();
183
- }
184
-
185
- $this->input = json_decode(file_get_contents($file));
186
-
187
- if ( empty( $this->input ) ) {
188
- echo '<p><strong>' . __( 'Sorry, there has been an error. File content is invalid', AAM_KEY ) . '</strong></p>';
189
- $this->footer();
190
- die();
191
- }
192
- }
193
-
194
- /**
195
- * Performs post-import cleanup of files and the cache
196
- */
197
- function import_end() {
198
- wp_import_cleanup( $this->id );
199
-
200
- wp_cache_flush();
201
-
202
- echo '<p>' . __( 'All done.', 'wordpress-importer' ) . ' <a href="' . admin_url() . '">' . __( 'Have fun!', 'wordpress-importer' ) . '</a>' . '</p>';
203
- }
204
-
205
- /**
206
- *
207
- * @return type
208
- */
209
- public function run() {
210
- $response = array('status' => 'success');
211
-
212
- if (version_compare($this->input->version, AAM_Core_API::version()) === 0) {
213
- foreach ($this->input->dataset as $table => $data) {
214
- if ($table === '_options') {
215
- $this->insertOptions($data);
216
- } elseif ($table === '_postmeta') {
217
- $this->insertPostmeta($data);
218
- } elseif ($table === '_usermeta') {
219
- $this->insertUsermeta($data);
220
- } else {
221
- do_action('aam-import-action', $table, $data);
222
- }
223
- }
224
- } else {
225
- $response = array(
226
- 'status' => 'failure',
227
- 'reason' => __('Version of exported settings do not match current AAM version', AAM_KEY)
228
- );
229
- }
230
-
231
- return $response;
232
- }
233
-
234
- /**
235
- * Undocumented function
236
- *
237
- * @param [type] $data
238
- * @return void
239
- */
240
- protected function insertOptions($data) {
241
- global $wpdb;
242
-
243
- foreach ($data as $key => $value) {
244
- AAM_Core_API::updateOption(
245
- preg_replace('/^_/', $wpdb->get_blog_prefix(), $key),
246
- $this->prepareValue($value)
247
- );
248
- }
249
- }
250
-
251
- /**
252
- * Undocumented function
253
- *
254
- * @param [type] $data
255
- * @return void
256
- */
257
- protected function insertUsermeta($data) {
258
- global $wpdb;
259
-
260
- foreach ($data as $id => $set) {
261
- foreach ($set as $key => $value) {
262
- update_user_meta(
263
- $id,
264
- preg_replace('/^_/', $wpdb->get_blog_prefix(), $key),
265
- $this->prepareValue($value)
266
- );
267
- }
268
- }
269
- }
270
-
271
- /**
272
- * Undocumented function
273
- *
274
- * @param [type] $data
275
- * @return void
276
- */
277
- protected function insertPostmeta($data) {
278
- global $wpdb;
279
-
280
- foreach ($data as $id => $set) {
281
- foreach ($set as $key => $value) {
282
- update_post_meta(
283
- $id,
284
- preg_replace('/^_/', $wpdb->prefix, $key),
285
- $this->prepareValue($value)
286
- );
287
- }
288
- }
289
- }
290
-
291
- /**
292
- * Undocumented function
293
- *
294
- * @param [type] $value
295
- * @return void
296
- */
297
- protected function prepareValue($value) {
298
- return json_decode(base64_decode($value), true);
299
- }
300
-
301
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Core/Jwt/Auth.php DELETED
@@ -1,64 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM JWT Authentication handler
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- * @since v5.9.2
16
- */
17
- class AAM_Core_Jwt_Auth {
18
-
19
- /**
20
- * Authenticate user with username and password
21
- *
22
- * @param string $username
23
- * @param string $password
24
- *
25
- * @return stdClass
26
- *
27
- * @access public
28
- */
29
- public function authenticateWithCredentials($username, $password) {
30
- $response = array('error' => true);
31
-
32
- // try to authenticate user with provided credentials
33
- try {
34
- $result = AAM_Core_Login::getInstance()->execute(
35
- array(
36
- 'user_login' => $username,
37
- 'user_password' => $password
38
- ),
39
- false
40
- );
41
- } catch (Exception $ex) {
42
- $result = array(
43
- 'status' => 'failure',
44
- 'reason' => $ex->getMessage(),
45
- );
46
- }
47
-
48
- if ($result['status'] === 'success') { // generate token
49
- try {
50
- $response = array(
51
- 'status' => 'success',
52
- 'user' => $result['user']
53
- );
54
- } catch (Exception $ex) {
55
- $response['reason'] = $ex->getMessage();
56
- }
57
- } else {
58
- $response['reason'] = $result['reason'];
59
- }
60
-
61
- return (object) $response;
62
- }
63
-
64
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Core/Jwt/Issuer.php CHANGED
@@ -5,42 +5,43 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * AAM JWT Issuer
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- * @since v5.9.2
16
  */
17
- class AAM_Core_Jwt_Issuer {
 
18
 
19
- /**
20
- * Just a local cache
21
- *
22
- * @var array
23
- */
24
- protected $cache = array();
25
 
26
  /**
27
  * Validate JWT token
28
- *
29
  * @param string $token
30
- *
31
- * @return stdClass
32
- *
33
  * @access public
 
34
  */
35
- public function validateToken($token) {
 
36
  try {
37
  $headers = $this->extractTokenHeaders($token);
38
 
39
  if (strpos($headers->alg, 'RS') === 0) {
40
- $filepath = AAM_Core_Config::get('authentication.jwt.publicKeyPath');
41
- $key = (is_readable($filepath) ? file_get_contents($filepath) : null);
42
  } else {
43
- $key = AAM_Core_Config::get('authentication.jwt.secret', SECURE_AUTH_KEY);
 
 
44
  }
45
 
46
  // Step #1. Check if token is actually valid
@@ -51,63 +52,65 @@ class AAM_Core_Jwt_Issuer {
51
  // Step #2. If token is "revocable", make sure that claimed user still has
52
  // the token in the meta
53
  if (!empty($response->revocable)) {
54
- $tokens = $this->getUsersTokens($response->userId);
55
- if (!in_array($token, $tokens, true)) {
 
 
 
56
  throw new Exception(__('Token has been revoked', AAM_KEY));
57
  }
58
  }
59
 
60
- $response->status = 'valid';
61
  } catch (Exception $ex) {
62
- $response = array_merge(array(
63
- 'status' => 'invalid',
64
- 'reason' => $ex->getMessage()
65
- ), (array) $this->extractTokenClaims($token));
66
  }
67
 
68
  return (object) $response;
69
  }
70
-
71
  /**
72
  * Issue JWT token
73
- *
74
  * @param array $args
75
  * @param string|DateTime $expires
76
- *
77
- * @return stdClass
78
- *
79
  * @access public
80
  * @throws Exception
 
81
  */
82
- public function issueToken($args = array(), $expires = null) {
 
83
  if (!empty($expires)) {
84
- if (is_a($expires, 'DateTime')) {
85
- $time = $expires;
86
- } else {
87
- $time = DateTime::createFromFormat('m/d/Y, H:i O', $expires);
88
- }
89
  } else {
90
  $time = new DateTime(
91
- AAM_Core_Config::get('authentication.jwt.expires', '+24 hours')
 
92
  );
93
  }
94
 
95
  $claims = apply_filters(
96
- 'aam-jwt-claims-filter',
97
  array_merge(
98
  array(
99
  "iat" => time(),
100
  'iss' => get_site_url(),
101
- 'exp' => $time->format('m/d/Y, H:i O'),
102
  'jti' => $this->generateUuid()
103
- ),
104
  $args
105
  )
106
  );
107
 
108
  // Determine algorithm and key
109
  $attr = $this->getJWTSigningAttributes();
110
-
111
  return (object) array(
112
  'token' => Firebase\JWT\JWT::encode($claims, $attr->key, $attr->alg),
113
  'claims' => $claims
@@ -118,63 +121,78 @@ class AAM_Core_Jwt_Issuer {
118
  * Extract tokens headers
119
  *
120
  * @param string $token
121
- *
122
  * @return object
123
- *
124
  * @access public
 
125
  */
126
- public static function extractTokenHeaders($token) {
127
- $parts = explode('.', $token);
128
-
 
129
  try {
130
  $headers = Firebase\JWT\JWT::jsonDecode(
131
  Firebase\JWT\JWT::urlsafeB64Decode($parts[0])
132
  );
133
  } catch (Exception $ex) {
134
- $headers = new stdClass();
 
 
 
 
135
  }
136
 
137
- return $headers;
138
  }
139
 
140
  /**
141
  * Extract token claims
142
  *
143
  * @param string $token
144
- *
145
  * @return object
146
- *
147
  * @access public
 
148
  */
149
- public static function extractTokenClaims($token) {
150
- $parts = explode('.', $token);
 
 
151
 
152
  try {
153
  $claims = Firebase\JWT\JWT::jsonDecode(
154
  Firebase\JWT\JWT::urlsafeB64Decode($parts[1])
155
  );
156
  } catch (Exception $ex) {
157
- $claims = new stdClass();
 
 
 
 
158
  }
159
 
160
- return $claims;
161
  }
162
 
163
  /**
164
  * Get JWT attributes for signing
165
  *
166
  * @return object
167
- *
168
  * @access protected
 
169
  */
170
- protected function getJWTSigningAttributes() {
 
171
  $alg = strtoupper(
172
  AAM_Core_Config::get('authentication.jwt.algorithm', 'HS256')
173
  );
174
 
175
  if (strpos($alg, 'RS') === 0) {
176
- $filepath = AAM_Core_Config::get('authentication.jwt.privateKeyPath');
177
- $key = (is_readable($filepath) ? file_get_contents($filepath) : null);
178
  } else {
179
  $key = AAM_Core_Config::get('authentication.jwt.secret', SECURE_AUTH_KEY);
180
  }
@@ -185,49 +203,39 @@ class AAM_Core_Jwt_Issuer {
185
  );
186
  }
187
 
188
- /**
189
- * Get user's tokens
190
- *
191
- * @param int $userId
192
- *
193
- * @return array
194
- *
195
- * @access protected
196
- */
197
- protected function getUsersTokens($userId) {
198
- if (!isset($this->cache[$userId])) {
199
- $list = get_user_meta($userId, 'aam-jwt');
200
- $this->cache[$userId] = is_array($list) ? $list : array();
201
- }
202
-
203
- return $this->cache[$userId];
204
- }
205
-
206
  /**
207
  * Generate random uuid
208
  *
209
  * @return string
 
 
 
210
  */
211
- protected function generateUuid() {
212
- return sprintf( '%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
 
 
213
  // 32 bits for "time_low"
214
- mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ),
215
-
 
216
  // 16 bits for "time_mid"
217
- mt_rand( 0, 0xffff ),
218
-
219
  // 16 bits for "time_hi_and_version",
220
  // four most significant bits holds version number 4
221
- mt_rand( 0, 0x0fff ) | 0x4000,
222
-
223
  // 16 bits, 8 bits for "clk_seq_hi_res",
224
  // 8 bits for "clk_seq_low",
225
  // two most significant bits holds zero and one for variant DCE1.1
226
- mt_rand( 0, 0x3fff ) | 0x8000,
227
-
228
  // 48 bits for "node"
229
- mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff )
 
 
230
  );
231
  }
232
-
233
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * AAM JWT Issuer
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
 
17
  */
18
+ class AAM_Core_Jwt_Issuer
19
+ {
20
 
21
+ use AAM_Core_Contract_SingletonTrait;
 
 
 
 
 
22
 
23
  /**
24
  * Validate JWT token
25
+ *
26
  * @param string $token
27
+ *
28
+ * @return object
29
+ *
30
  * @access public
31
+ * @version 6.0.0
32
  */
33
+ public function validateToken($token)
34
+ {
35
  try {
36
  $headers = $this->extractTokenHeaders($token);
37
 
38
  if (strpos($headers->alg, 'RS') === 0) {
39
+ $path = AAM_Core_Config::get('authentication.jwt.publicKeyPath');
40
+ $key = (is_readable($path) ? file_get_contents($path) : null);
41
  } else {
42
+ $key = AAM_Core_Config::get(
43
+ 'authentication.jwt.secret', SECURE_AUTH_KEY
44
+ );
45
  }
46
 
47
  // Step #1. Check if token is actually valid
52
  // Step #2. If token is "revocable", make sure that claimed user still has
53
  // the token in the meta
54
  if (!empty($response->revocable)) {
55
+ $tokens = get_user_option(
56
+ AAM_Service_Jwt::DB_OPTION, $response->userId
57
+ );
58
+
59
+ if (!is_array($tokens) || !in_array($token, $tokens, true)) {
60
  throw new Exception(__('Token has been revoked', AAM_KEY));
61
  }
62
  }
63
 
64
+ $response->isValid = true;
65
  } catch (Exception $ex) {
66
+ $response = array(
67
+ 'isValid' => false,
68
+ 'reason' => $ex->getMessage()
69
+ );
70
  }
71
 
72
  return (object) $response;
73
  }
74
+
75
  /**
76
  * Issue JWT token
77
+ *
78
  * @param array $args
79
  * @param string|DateTime $expires
80
+ *
81
+ * @return object
82
+ *
83
  * @access public
84
  * @throws Exception
85
+ * @version 6.0.0
86
  */
87
+ public function issueToken($args = array(), $expires = null)
88
+ {
89
  if (!empty($expires)) {
90
+ $time = $expires;
 
 
 
 
91
  } else {
92
  $time = new DateTime(
93
+ AAM_Core_Config::get('authentication.jwt.expires', '+24 hours'),
94
+ new DateTimeZone('UTC')
95
  );
96
  }
97
 
98
  $claims = apply_filters(
99
+ 'aam_jwt_claims_filter',
100
  array_merge(
101
  array(
102
  "iat" => time(),
103
  'iss' => get_site_url(),
104
+ 'exp' => $time->getTimestamp(),
105
  'jti' => $this->generateUuid()
106
+ ),
107
  $args
108
  )
109
  );
110
 
111
  // Determine algorithm and key
112
  $attr = $this->getJWTSigningAttributes();
113
+
114
  return (object) array(
115
  'token' => Firebase\JWT\JWT::encode($claims, $attr->key, $attr->alg),
116
  'claims' => $claims
121
  * Extract tokens headers
122
  *
123
  * @param string $token
124
+ *
125
  * @return object
126
+ *
127
  * @access public
128
+ * @version 6.0.0
129
  */
130
+ public function extractTokenHeaders($token)
131
+ {
132
+ $parts = explode('.', $token);
133
+ $headers = array();
134
  try {
135
  $headers = Firebase\JWT\JWT::jsonDecode(
136
  Firebase\JWT\JWT::urlsafeB64Decode($parts[0])
137
  );
138
  } catch (Exception $ex) {
139
+ _doing_it_wrong(
140
+ __CLASS__ . '::' . __METHOD__,
141
+ 'Invalid JWT token: ' . $ex->getMessage(),
142
+ AAM_VERSION
143
+ );
144
  }
145
 
146
+ return (object) $headers;
147
  }
148
 
149
  /**
150
  * Extract token claims
151
  *
152
  * @param string $token
153
+ *
154
  * @return object
155
+ *
156
  * @access public
157
+ * @version 6.0.0
158
  */
159
+ public function extractTokenClaims($token)
160
+ {
161
+ $parts = explode('.', $token);
162
+ $claims = array();
163
 
164
  try {
165
  $claims = Firebase\JWT\JWT::jsonDecode(
166
  Firebase\JWT\JWT::urlsafeB64Decode($parts[1])
167
  );
168
  } catch (Exception $ex) {
169
+ _doing_it_wrong(
170
+ __CLASS__ . '::' . __METHOD__,
171
+ 'Invalid JWT token: ' . $ex->getMessage(),
172
+ AAM_VERSION
173
+ );
174
  }
175
 
176
+ return (object) $claims;
177
  }
178
 
179
  /**
180
  * Get JWT attributes for signing
181
  *
182
  * @return object
183
+ *
184
  * @access protected
185
+ * @version 6.0.0
186
  */
187
+ protected function getJWTSigningAttributes()
188
+ {
189
  $alg = strtoupper(
190
  AAM_Core_Config::get('authentication.jwt.algorithm', 'HS256')
191
  );
192
 
193
  if (strpos($alg, 'RS') === 0) {
194
+ $path = AAM_Core_Config::get('authentication.jwt.privateKeyPath');
195
+ $key = (is_readable($path) ? file_get_contents($path) : null);
196
  } else {
197
  $key = AAM_Core_Config::get('authentication.jwt.secret', SECURE_AUTH_KEY);
198
  }
203
  );
204
  }
205
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
206
  /**
207
  * Generate random uuid
208
  *
209
  * @return string
210
+ *
211
+ * @access protected
212
+ * @version 6.0.0
213
  */
214
+ protected function generateUuid()
215
+ {
216
+ return sprintf(
217
+ '%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
218
  // 32 bits for "time_low"
219
+ mt_rand(0, 0xffff),
220
+ mt_rand(0, 0xffff),
221
+
222
  // 16 bits for "time_mid"
223
+ mt_rand(0, 0xffff),
224
+
225
  // 16 bits for "time_hi_and_version",
226
  // four most significant bits holds version number 4
227
+ mt_rand(0, 0x0fff) | 0x4000,
228
+
229
  // 16 bits, 8 bits for "clk_seq_hi_res",
230
  // 8 bits for "clk_seq_low",
231
  // two most significant bits holds zero and one for variant DCE1.1
232
+ mt_rand(0, 0x3fff) | 0x8000,
233
+
234
  // 48 bits for "node"
235
+ mt_rand(0, 0xffff),
236
+ mt_rand(0, 0xffff),
237
+ mt_rand(0, 0xffff)
238
  );
239
  }
240
+
241
  }
application/Core/Jwt/Manager.php DELETED
@@ -1,463 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM JWT Manager
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- * @since v5.9.2
16
- */
17
- class AAM_Core_Jwt_Manager {
18
-
19
- /**
20
- * Single instance of itself
21
- *
22
- * @var AAM_Core_Jwt_Manager
23
- *
24
- * @access protected
25
- * @static
26
- */
27
- protected static $instance = null;
28
-
29
- /**
30
- * Constructor
31
- *
32
- * @return void
33
- *
34
- * @access protected
35
- */
36
- protected function __construct() {
37
- //register API endpoint
38
- add_action('rest_api_init', array($this, 'registerAPI'));
39
-
40
- //register authentication hook
41
- add_filter('determine_current_user', array($this, 'determineUser'), 999);
42
-
43
- //login user if JWT is in the URL
44
- add_action('init', array($this, 'loginAccount'), 1);
45
- }
46
-
47
- /**
48
- * Register APIs
49
- *
50
- * @return void
51
- *
52
- * @access public
53
- */
54
- public function registerAPI() {
55
- // Authenticate user
56
- register_rest_route('aam/v1', '/authenticate', array(
57
- 'methods' => 'POST',
58
- 'callback' => array($this, 'authenticate'),
59
- 'args' => array(
60
- 'username' => array(
61
- 'description' => __('Valid username.', AAM_KEY),
62
- 'type' => 'string',
63
- ),
64
- 'password' => array(
65
- 'description' => __('Valid password.', AAM_KEY),
66
- 'type' => 'string',
67
- )
68
- ),
69
- ));
70
-
71
- // Validate JWT token
72
- register_rest_route('aam/v1', '/validate-jwt', array(
73
- 'methods' => 'POST',
74
- 'callback' => array($this, 'validateToken'),
75
- 'args' => array(
76
- 'jwt' => array(
77
- 'description' => __('JWT token.', AAM_KEY),
78
- 'type' => 'string',
79
- )
80
- ),
81
- ));
82
-
83
- // Refresh JWT token
84
- register_rest_route('aam/v1', '/refresh-jwt', array(
85
- 'methods' => 'POST',
86
- 'callback' => array($this, 'refreshToken'),
87
- 'args' => array(
88
- 'jwt' => array(
89
- 'description' => __('JWT token.', AAM_KEY),
90
- 'type' => 'string',
91
- )
92
- ),
93
- ));
94
- }
95
-
96
- /**
97
- * Authenticate user
98
- *
99
- * @param WP_REST_Request $request
100
- *
101
- * @return WP_REST_Response
102
- *
103
- * @access public
104
- */
105
- public function authenticate(WP_REST_Request $request) {
106
- $username = $request->get_param('username');
107
- $password = $request->get_param('password');
108
- $response = new WP_REST_Response();
109
-
110
- $auth = new AAM_Core_Jwt_Auth();
111
- $result = $auth->authenticateWithCredentials($username, $password);
112
-
113
- if (!empty($result->error)) {
114
- $response->status = 403;
115
- $response->data = new WP_Error(
116
- 'rest_jwt_auth_failure',
117
- strip_tags($result->reason)
118
- );
119
- } else {
120
- $jwt = $this->issueToken($result->user->ID);
121
-
122
- $response->status = 200;
123
- $response->data = array(
124
- 'token' => $jwt->token,
125
- 'token_expires' => $jwt->claims['exp'],
126
- 'user' => $result->user
127
- );
128
- }
129
-
130
- return apply_filters('aam-jwt-response-filter', $response);
131
- }
132
-
133
- /**
134
- * Validate JWT token
135
- *
136
- * @param WP_REST_Request $request
137
- *
138
- * @return WP_REST_Response
139
- *
140
- * @access public
141
- */
142
- public function validateToken(WP_REST_Request $request) {
143
- $jwt = $request->get_param('jwt');
144
- $issuer = new AAM_Core_Jwt_Issuer();
145
- $response = new WP_REST_Response();
146
-
147
- $result = $issuer->validateToken($jwt);
148
-
149
- if ($result->status === 'valid') {
150
- $response->status = 200;
151
- $response->data = $result;
152
- } else {
153
- $response->status = 400;
154
- $response->data = new WP_Error(
155
- 'rest_jwt_validation_failure',
156
- $result->reason
157
- );
158
- }
159
-
160
- return $response;
161
- }
162
-
163
- /**
164
- * Refresh/renew JWT token
165
- *
166
- * @param WP_REST_Request $request
167
- *
168
- * @return WP_REST_Response
169
- *
170
- * @access public
171
- */
172
- public function refreshToken(WP_REST_Request $request) {
173
- $jwt = $request->get_param('jwt');
174
- $issuer = new AAM_Core_Jwt_Issuer();
175
- $response = new WP_REST_Response();
176
-
177
- $result = $issuer->validateToken($jwt);
178
-
179
- if ($result->status === 'valid') {
180
- if (!empty($result->refreshable)) {
181
- // calculate the new expiration
182
- $issuedAt = new DateTime();
183
- $issuedAt->setTimestamp($result->iat);
184
- $expires = DateTime::createFromFormat('m/d/Y, H:i O', $result->exp);
185
-
186
- $exp = new DateTime();
187
- $exp->add($issuedAt->diff($expires));
188
-
189
- $new = $this->issueToken($result->userId, $jwt, $exp);
190
-
191
- $response->status = 200;
192
- $response->data = array(
193
- 'token' => $new->token,
194
- 'token_expires' => $new->claims['exp'],
195
- );
196
- } else {
197
- $response->status = 400;
198
- $response->data = new WP_Error(
199
- 'rest_jwt_validation_failure',
200
- __('Provided JWT token is not refreshable', AAM_KEY)
201
- );
202
- }
203
- } else {
204
- $response->status = 400;
205
- $response->data = new WP_Error(
206
- 'rest_jwt_validation_failure',
207
- $result->reason
208
- );
209
- }
210
-
211
- return $response;
212
- }
213
-
214
- /**
215
- * Determine current user by JWT
216
- *
217
- * @param int $userId
218
- *
219
- * @return int
220
- *
221
- * @access public
222
- */
223
- public function determineUser($userId) {
224
- if (empty($userId)) {
225
- $token = $this->extractJwt();
226
-
227
- if (!empty($token)) {
228
- $issuer = new AAM_Core_Jwt_Issuer();
229
- $result = $issuer->validateToken($token->jwt);
230
-
231
- if ($result->status === 'valid') {
232
- $userId = $result->userId;
233
- }
234
- }
235
- }
236
-
237
- return $userId;
238
- }
239
-
240
- /**
241
- * Undocumented function
242
- *
243
- * @return void
244
- */
245
- public function loginAccount() {
246
- $jwt = AAM_Core_Request::get('aam-jwt');
247
- $method = AAM_Core_Request::server('REQUEST_METHOD');
248
-
249
- if (!empty($jwt) && ($method === 'GET')) {
250
- $issuer = new AAM_Core_Jwt_Issuer();
251
- $token = $issuer->validateToken($jwt);
252
-
253
-
254
-
255
- // Check that JWT token is valid
256
- if ($token->status === 'valid') {
257
- // Check if Account is active
258
- $user = AAM::api()->getUser($token->userId);
259
-
260
- if ($user->getUserStatus()->status === 'active') {
261
- wp_set_current_user($token->userId);
262
- wp_set_auth_cookie($token->userId);
263
-
264
- // TODO: Remove June 2020
265
- $exp = (is_numeric($token->exp) ? date('m/d/Y, H:i O', $token->exp) : $token->exp);
266
-
267
- // determine correct trigger
268
- if (!empty($token->trigger)) {
269
- update_user_meta(
270
- $token->userId,
271
- 'aam_user_expiration',
272
- $exp . "|{$token->trigger->action}|" . (!empty($token->trigger->role) ? $token->trigger->role : '')
273
- );
274
- }
275
-
276
- do_action('wp_login', $user->user_login, $user->getSubject());
277
-
278
- // finally just redirect user to the homepage
279
- wp_safe_redirect(get_home_url()); exit;
280
- }
281
- }
282
- }
283
- }
284
-
285
- /**
286
- * Register JWT token to user's registry
287
- *
288
- * @param int $userId
289
- * @param string $token
290
- * @param string $replaceExisting
291
- *
292
- * @return bool
293
- *
294
- * @access public
295
- */
296
- public function registerToken($userId, $token, $replaceExisting = false) {
297
- $registry = $this->getTokenRegistry($userId);
298
- $limit = AAM_Core_Config::get('authentication.jwt.registryLimit', 10);
299
-
300
- if ($replaceExisting) {
301
- $result = update_user_meta($userId, 'aam-jwt', $token, $replaceExisting);
302
- } else {
303
- // Make sure that we do not overload the user meta
304
- if (count($registry) >= $limit) {
305
- $this->revokeToken($userId, array_shift($registry));
306
- }
307
-
308
- // Save token
309
- $result = add_user_meta($userId, 'aam-jwt', $token);
310
- }
311
-
312
-
313
- return $result;
314
- }
315
-
316
- /**
317
- * Revoke JWT token
318
- *
319
- * @param int $userId
320
- * @param string $token
321
- *
322
- * @return bool
323
- *
324
- * @access public
325
- */
326
- public function revokeToken($userId, $token) {
327
- $result = false;
328
- $registry = $this->getTokenRegistry($userId);
329
-
330
- if (in_array($token, $registry, true)) {
331
- $result = delete_user_meta($userId, 'aam-jwt', $token);
332
- }
333
-
334
- return $result;
335
- }
336
-
337
- /**
338
- * Get JWT token registry
339
- *
340
- * @param int $userId
341
- *
342
- * @return array
343
- *
344
- * @access public
345
- */
346
- public function getTokenRegistry($userId) {
347
- $registry = get_user_meta($userId, 'aam-jwt', false);
348
-
349
- return (!empty($registry) ? $registry : array());
350
- }
351
-
352
- /**
353
- * Issue JWT token
354
- *
355
- * @param int $userId
356
- * @param string $replace
357
- * @param string $expires
358
- *
359
- * @return object
360
- *
361
- * @access protected
362
- */
363
- protected function issueToken($userId, $replace = null, $expires = null) {
364
- $issuer = new AAM_Core_Jwt_Issuer();
365
- $result = $issuer->issueToken(
366
- array(
367
- 'userId' => $userId,
368
- 'revocable' => true,
369
- 'refreshable' => AAM::api()->getConfig(
370
- 'authentication.jwt.refreshable', false
371
- )
372
- ),
373
- $expires
374
- );
375
-
376
- // Finally register token so it can be revoked
377
- $this->registerToken($userId, $result->token, $replace);
378
-
379
- return $result;
380
- }
381
-
382
- /**
383
- * Extract JWT token from the request
384
- *
385
- * Based on the `authentication.jwt.container` setting, parse HTTP request and
386
- * try to extract the JWT token
387
- *
388
- * @return object|null
389
- *
390
- * @access protected
391
- */
392
- protected function extractJwt() {
393
- $container = explode(',', AAM_Core_Config::get(
394
- 'authentication.jwt.container', 'header,post,cookie'
395
- ));
396
-
397
- $jwt = null;
398
-
399
- foreach($container as $method) {
400
- switch(strtolower(trim($method))) {
401
- case 'header':
402
- $jwt = AAM_Core_Request::server('HTTP_AUTHENTICATION');
403
- break;
404
-
405
- case 'cookie':
406
- $jwt = AAM_Core_Request::cookie('aam-jwt');
407
- break;
408
-
409
- case 'post':
410
- $jwt = AAM_Core_Request::post('aam-jwt');
411
- break;
412
-
413
- default:
414
- $jwt = apply_filters('aam-get-jwt-filter', null, $method);
415
- break;
416
- }
417
-
418
- if (!is_null($jwt)) {
419
- break;
420
- }
421
- }
422
-
423
- if (!empty($jwt)) {
424
- $response = (object) array(
425
- 'jwt' => preg_replace('/^Bearer /', '', $jwt),
426
- 'method' => $method
427
- );
428
- } else {
429
- $response = null;
430
- }
431
-
432
- return $response;
433
- }
434
-
435
- /**
436
- * Get single instance of itself
437
- *
438
- * @return AAM_Core_Jwt_Manager
439
- *
440
- * @access public
441
- * @static
442
- */
443
- public static function getInstance() {
444
- if (is_null(self::$instance)) {
445
- self::$instance = new self;
446
- }
447
-
448
- return self::$instance;
449
- }
450
-
451
- /**
452
- * Bootstrap AAM JWT Manager
453
- *
454
- * @return AAM_Core_Jwt_Manager
455
- *
456
- * @access public
457
- * @static
458
- */
459
- public static function bootstrap() {
460
- return self::getInstance();
461
- }
462
-
463
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Core/Login.php DELETED
@@ -1,355 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM Core login
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- */
16
- class AAM_Core_Login {
17
-
18
- /**
19
- * AAM Login flag
20
- *
21
- * Is used to indicate that the user authentication process is handled by
22
- * AAM plugin. Important to differentiate to avoid redirects
23
- *
24
- * @var boolean
25
- *
26
- * @access protected
27
- */
28
- protected $aamLogin = false;
29
-
30
- /**
31
- * Single instance of itself
32
- *
33
- * @var AAM_Core_Login
34
- *
35
- * @access protected
36
- * @static
37
- */
38
- protected static $instance = null;
39
-
40
- /**
41
- * Constructor
42
- *
43
- * @return void
44
- *
45
- * @access protected
46
- */
47
- protected function __construct() {
48
- // Fires after the user has successfully logged in
49
- add_action('wp_login', array($this, 'login'), 10, 2);
50
-
51
- // Fired after the user has been logged out successfully
52
- add_action('wp_logout', array($this, 'logout'));
53
-
54
- //user login control
55
- add_filter('wp_authenticate_user', array($this, 'authenticateUser'), 1, 2);
56
-
57
- //login process
58
- add_filter('login_message', array($this, 'loginMessage'));
59
-
60
- //security controls
61
- add_filter('authenticate', array($this, 'authenticate'), -1);
62
- }
63
-
64
- /**
65
- * Fires after the user has successfully logged in
66
- *
67
- * @param string $username Username
68
- * @param WP_User $user Current user
69
- *
70
- * @return void
71
- *
72
- * @access public
73
- */
74
- public function login($username, $user = null) {
75
- if (is_a($user, 'WP_User')) {
76
- if (AAM_Core_Config::get('brute-force-lockout', false)) {
77
- $this->updateLoginCounter(-1);
78
- }
79
-
80
- // Delete User Switch flag in case admin is impersonating user
81
- AAM_Core_API::deleteOption('aam-user-switch-' . $user->ID);
82
-
83
- // Experimental feature. Track user session
84
- if (AAM::api()->getConfig('core.session.tracking', false)) {
85
- $ttl = AAM::api()->getConfig(
86
- "core.session.user.{$this->ID}.ttl",
87
- AAM::api()->getConfig("core.session.user.ttl", null)
88
- );
89
- if (!empty($ttl)) {
90
- add_user_meta($user->ID, 'aam-authenticated-timestamp', time());
91
- }
92
- }
93
-
94
- if ($this->aamLogin === false) {
95
- $redirect = $this->getLoginRedirect($user);
96
-
97
- if ($redirect !== null) {
98
- AAM_Core_API::redirect($redirect);
99
- }
100
- }
101
- }
102
- }
103
-
104
- /**
105
- * Logout redirect
106
- *
107
- * @return void
108
- *
109
- * @access public
110
- */
111
- public function logout() {
112
- $object = AAM::getUser()->getObject('logoutRedirect');
113
- $type = $object->get('logout.redirect.type');
114
-
115
- if (!empty($type) && $type !== 'default') {
116
- $redirect = $object->get("logout.redirect.{$type}");
117
- AAM_Core_API::redirect($redirect);
118
- }
119
-
120
- // get user login timestamp
121
- delete_user_meta(AAM::getUser()->ID, 'aam-authenticated-timestamp');
122
- }
123
-
124
- /**
125
- * Control User Block flag
126
- *
127
- * @param WP_Error $user
128
- *
129
- * @return WP_Error|WP_User
130
- *
131
- * @access public
132
- */
133
- public function authenticateUser($user) {
134
- if (is_a($user, 'WP_User')) {
135
- // First check if user is blocked
136
- if (intval($user->user_status) === 1) {
137
- $user = new WP_Error();
138
-
139
- $message = '[ERROR]: User is locked. Please contact your website ';
140
- $message .= 'administrator.';
141
-
142
- $user->add(
143
- 'authentication_failed',
144
- AAM_Backend_View_Helper::preparePhrase($message, 'strong')
145
- );
146
- } elseif (AAM_Core_Config::get('core.settings.singleSession', false)) {
147
- $sessions = WP_Session_Tokens::get_instance($user->ID);
148
-
149
- if (count($sessions->get_all()) >= 1) {
150
- $sessions->destroy_all();
151
- }
152
- }
153
- }
154
-
155
- return $user;
156
- }
157
-
158
- /**
159
- * Customize login message
160
- *
161
- * @param string $message
162
- *
163
- * @return string
164
- *
165
- * @access public
166
- */
167
- public function loginMessage($message) {
168
- $reason = AAM_Core_Request::get('reason');
169
-
170
- if (empty($message)) {
171
- if ($reason === 'restricted') {
172
- $message = AAM_Core_Config::get(
173
- 'security.redirect.message',
174
- '<p class="message">' .
175
- __('Access denied. Please login to get access.', AAM_KEY) .
176
- '</p>'
177
- );
178
- }
179
- }
180
-
181
- return $message;
182
- }
183
-
184
- /**
185
- * Authentication hooks
186
- *
187
- * @param mixed $response
188
- */
189
- public function authenticate($response) {
190
- // Login Timeout
191
- if (AAM_Core_Config::get('core.settings.loginTimeout', false)) {
192
- @sleep(intval(AAM_Core_Config::get('security.login.timeout', 1)));
193
- }
194
-
195
- // Brute Force Lockout
196
- if (AAM_Core_Config::get('core.settings.bruteForceLockout', false)) {
197
- $this->updateLoginCounter(1);
198
- }
199
-
200
- return $response;
201
- }
202
-
203
- /**
204
- * Get AAM Login Redirect rule
205
- *
206
- * @param WP_User $user
207
- *
208
- * @return null|string
209
- *
210
- * @access protected
211
- */
212
- protected function getLoginRedirect($user) {
213
- $redirect = null;
214
- $subject = new AAM_Core_Subject_User($user->ID);
215
- $object = $subject->getObject('loginRedirect');
216
-
217
- //if Login redirect is defined
218
- $type = $object->get('login.redirect.type');
219
-
220
- if (!empty($type) && $type !== 'default') {
221
- $redirect = $object->get("login.redirect.{$type}");
222
- }
223
-
224
- return $redirect;
225
- }
226
-
227
- /**
228
- * Update login counter
229
- *
230
- * @param int $increment
231
- *
232
- * @return void
233
- *
234
- * @access protected
235
- */
236
- protected function updateLoginCounter($increment) {
237
- $attempts = get_transient('aam_login_attempts');
238
-
239
- if ($attempts !== false) {
240
- $timeout = get_option('_transient_timeout_aam_login_attempts') - time();
241
- $attempts = intval($attempts) + $increment;
242
- } else {
243
- $attempts = 1;
244
- $period = strtotime(
245
- AAM_Core_Config::get('security.login.period', '20 minutes')
246
- );
247
- $timeout = $period - time();
248
- }
249
-
250
- if ($attempts >= AAM_Core_Config::get('security.login.attempts', 20)) {
251
- if (AAM_Core_Api_Area::isAPI()) {
252
- throw new Exception(
253
- 'Exceeded maximum number for authentication attempts. Please try later again.'
254
- );
255
- } else {
256
- wp_safe_redirect(site_url('index.php'));
257
- exit;
258
- }
259
- } else {
260
- set_transient('aam_login_attempts', $attempts, $timeout);
261
- }
262
- }
263
-
264
- /**
265
- * Handle WP core login
266
- *
267
- * @return array
268
- *
269
- * @access public
270
- */
271
- public function execute($credentials = array(), $set_cookie = true) {
272
- $this->aamLogin = true;
273
-
274
- if ($set_cookie === false) {
275
- add_filter('send_auth_cookies', '__return_false');
276
- }
277
-
278
- $response = array(
279
- 'status' => 'failure',
280
- 'redirect' => AAM_Core_Request::post('redirect')
281
- );
282
-
283
- try {
284
- $user = wp_signon($credentials);
285
-
286
- if (is_wp_error($user)) {
287
- Throw new Exception($user->get_error_message());
288
- }
289
-
290
- if (empty($response['redirect'])) {
291
- $goto = $this->getLoginRedirect($user);
292
- $response['redirect'] = ($goto ? $this->normalizeRule($goto) : admin_url());
293
- }
294
-
295
- $response['status'] = 'success';
296
- $response['user'] = $user;
297
- } catch (Exception $ex) {
298
- $response['reason'] = $ex->getMessage();
299
- }
300
-
301
- return $response;
302
- }
303
-
304
- /**
305
- * Normalize redirect rule
306
- *
307
- * @param mixed $redirect
308
- *
309
- * @return string
310
- *
311
- * @access protected
312
- */
313
- protected function normalizeRule($redirect) {
314
- $normalized = null;
315
-
316
- if (filter_var($redirect, FILTER_VALIDATE_URL)) {
317
- $normalized = $redirect;
318
- } elseif (preg_match('/^[\d]+$/', $redirect)) {
319
- $normalized = get_page_link($redirect);
320
- } elseif (is_callable($redirect)) {
321
- $normalized = call_user_func($redirect);
322
- }
323
-
324
- return $normalized;
325
- }
326
-
327
- /**
328
- * Get single instance of itself
329
- *
330
- * @return AAM_Core_Login
331
- *
332
- * @access public
333
- * @static
334
- */
335
- public static function getInstance() {
336
- if (is_null(self::$instance)) {
337
- self::$instance = new self;
338
- }
339
-
340
- return self::$instance;
341
- }
342
-
343
- /**
344
- * Bootstrap AAM Login feature
345
- *
346
- * @return AAM_Core_Login
347
- *
348
- * @access public
349
- * @static
350
- */
351
- public static function bootstrap() {
352
- return self::getInstance();
353
- }
354
-
355
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Core/Media.php DELETED
@@ -1,218 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'LICENSE', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM Media Access
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- */
16
- class AAM_Core_Media {
17
-
18
- /**
19
- * Instance of itself
20
- *
21
- * @var AAM_PlusPackage
22
- *
23
- * @access private
24
- */
25
- private static $_instance = null;
26
-
27
- /**
28
- *
29
- * @var type
30
- */
31
- protected $request = '';
32
-
33
- /**
34
- *
35
- * @var type
36
- */
37
- protected $request_uri = '';
38
-
39
- /**
40
- * Initialize the extension
41
- *
42
- * @return void
43
- *
44
- * @access protected
45
- */
46
- protected function __construct() {
47
- $media = filter_input(INPUT_GET, 'aam-media');
48
- $request = (is_numeric($media) ? urldecode(AAM_Core_Request::server('REQUEST_URI')) : $media);
49
- $root = AAM_Core_Request::server('DOCUMENT_ROOT');
50
-
51
- $this->request = str_replace('\\', '/', $root . $request);
52
- $this->request_uri = preg_replace('/\?.*$/', '', $request);
53
- }
54
-
55
- /**
56
- *
57
- */
58
- public function authorize() {
59
- if (AAM_Core_Config::get('core.settings.mediaAccessControl', false)) {
60
- $area = AAM_Core_Api_Area::get();
61
- if (AAM_Core_Config::get("core.settings.{$area}AccessControl", true)) {
62
- $this->checkMediaAccess();
63
- } else {
64
- $this->printMedia();
65
- }
66
- }
67
- }
68
-
69
- /**
70
- * Check media access
71
- *
72
- * @return void
73
- *
74
- * @access protected
75
- */
76
- protected function checkMediaAccess() {
77
- if (apply_filters('aam-media-request', true, $this->request)) {
78
- $media = $this->findMedia();
79
- $area = (is_admin() ? 'backend' : 'frontend');
80
-
81
- if (empty($media)) {
82
- $this->printMedia();
83
- } else {
84
- if (!$media->allowed('frontend.read')) {
85
- $args = array(
86
- 'hook' => 'media_read',
87
- 'action' => "{$area}.read",
88
- 'post' => $media->getPost()
89
- );
90
-
91
- $default = AAM_Core_Config::get('media.default.placeholder');
92
-
93
- if ($default) {
94
- do_action('aam-access-rejected-action', $area, $args);
95
- $this->printMedia(get_post($default));
96
- } else {
97
- AAM_Core_API::reject($area, $args);
98
- }
99
- } else {
100
- $this->printMedia($media);
101
- }
102
- }
103
- } else {
104
- $this->printMedia($media);
105
- }
106
- }
107
-
108
- /**
109
- *
110
- * @param type $media
111
- */
112
- protected function printMedia($media = null) {
113
- $type = 'application/octet-stream';
114
-
115
- if (is_null($media)) {
116
- $media = $this->findMedia();
117
- }
118
-
119
- if (!empty($media)) {
120
- $mime = $media->post_mime_type;
121
- $path = get_attached_file($media->ID); // This can be buggy!
122
- }
123
-
124
- if (empty($path) || !file_exists($path)) {
125
- $path = ABSPATH . $this->request_uri;
126
- }
127
-
128
- //normalize path and strip all unexpected trails. Thanks to Antonius Hegyes
129
- $path = preg_replace('/\?.*$/', '', $path);
130
- $rpath = preg_replace('/\?.*$/', '', $this->request_uri);
131
-
132
- //finally replace the filename with requested filename
133
- $request = realpath(str_replace(basename($path), basename($rpath), $path));
134
-
135
- if (empty($mime)) {
136
- if (function_exists('mime_content_type')) {
137
- $mime = mime_content_type($request);
138
- }
139
- }
140
-
141
- $filetype = wp_check_filetype(basename($request));
142
- $location = wp_get_upload_dir();
143
- $upload_dir = (isset($location['basedir']) ? $location['basedir'] : WP_CONTENT_DIR . '/uploads');
144
-
145
- // Props to Ov3rfly report
146
- if (!empty($filetype['ext']) && (strpos($request, realpath($upload_dir)) !== false)) {
147
- @header('Content-Type: ' . (empty($mime) ? $type : $mime));
148
- echo file_get_contents($request);
149
- } else {
150
- http_response_code(403);
151
- }
152
- exit;
153
- }
154
-
155
- /**
156
- * Find media by URI
157
- *
158
- * @global Wpdb $wpdb
159
- *
160
- * @return AAM_Core_Object_Post|null
161
- *
162
- * @access protected
163
- */
164
- protected function findMedia() {
165
- global $wpdb;
166
-
167
- // 1. replace the cropped extension for images
168
- $s = preg_replace('/(-[\d]+x[\d]+)(\.[\w]+)$/', '$2', $this->request);
169
-
170
- // 2. Replace the path to the media
171
- $basedir = wp_upload_dir();
172
- $s = ltrim(str_replace($basedir['basedir'], '', $s), '/');
173
-
174
- $id = apply_filters(
175
- 'aam-found-media-filter',
176
- $wpdb->get_var(
177
- $wpdb->prepare(
178
- "SELECT post_id FROM {$wpdb->postmeta} WHERE meta_key = %s AND meta_value = %s",
179
- array('_wp_attached_file', $s)
180
- )
181
- ),
182
- $this->request_uri,
183
- $this->request
184
- );
185
-
186
- if (empty($id)) { // Try to find the image by GUID
187
- $id = apply_filters(
188
- 'aam-found-media-filter',
189
- $wpdb->get_var(
190
- $wpdb->prepare(
191
- "SELECT ID FROM {$wpdb->posts} WHERE guid LIKE %s",
192
- array('%' . $s)
193
- )
194
- ),
195
- $this->request_uri,
196
- $this->request
197
- );
198
- }
199
-
200
- return ($id ? AAM::getUser()->getObject('post', $id) : null);
201
- }
202
-
203
- /**
204
- * Bootstrap the extension
205
- *
206
- * @return AAM_Skeleton
207
- *
208
- * @access public
209
- */
210
- public static function bootstrap() {
211
- if (is_null(self::$_instance)) {
212
- self::$_instance = new self;
213
- }
214
-
215
- return self::$_instance;
216
- }
217
-
218
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Core/Migration.php ADDED
@@ -0,0 +1,150 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
+ */
11
+
12
+ /**
13
+ * AAM Core Migration class
14
+ *
15
+ * @package AAM
16
+ * @version 6.0.0
17
+ */
18
+ final class AAM_Core_Migration
19
+ {
20
+
21
+ /**
22
+ * DB option that stores list of migration scripts that were completed
23
+ *
24
+ * @version 6.0.0
25
+ */
26
+ const DB_OPTION = 'aam_migrations';
27
+
28
+ /**
29
+ * DB option that stores the entire migration log
30
+ *
31
+ * @version 6.0.0
32
+ */
33
+ const DB_FAILURE_OPTION = 'aam_migration_failures';
34
+
35
+ /**
36
+ * Get list of migrations that are still pending to be executed
37
+ *
38
+ * @return array
39
+ *
40
+ * @access public
41
+ * @version 6.0.0
42
+ */
43
+ public static function getPending()
44
+ {
45
+ $completed = AAM_Core_API::getOption(self::DB_OPTION, array());
46
+ $pending = array();
47
+
48
+ foreach (self::getDirectoryIterator() as $mg) {
49
+ if ($mg->isFile() && !in_array($mg->getFilename(), $completed, true)) {
50
+ $pending[] = $mg->getPathname();
51
+ }
52
+ }
53
+
54
+ return $pending;
55
+ }
56
+
57
+ /**
58
+ * Store failure log
59
+ *
60
+ * @param array $log
61
+ *
62
+ * @return boolean
63
+ *
64
+ * @access public
65
+ * @version 6.0.0
66
+ */
67
+ public static function storeFailureLog($log)
68
+ {
69
+ return AAM_Core_API::updateOption(self::DB_FAILURE_OPTION, $log);
70
+ }
71
+
72
+ /**
73
+ * Get migration failure log
74
+ *
75
+ * @return array
76
+ *
77
+ * @access public
78
+ * @version 6.0.0
79
+ */
80
+ public static function getFailureLog()
81
+ {
82
+ return AAM_Core_API::getOption(self::DB_FAILURE_OPTION, array());
83
+ }
84
+
85
+ /**
86
+ * Store completed script
87
+ *
88
+ * @param string $file_name
89
+ *
90
+ * @return boolean
91
+ *
92
+ * @access public
93
+ * @version 6.0.0
94
+ */
95
+ public static function storeCompletedScript($file_name)
96
+ {
97
+ $completed = AAM_Core_API::getOption(self::DB_OPTION, array());
98
+ $completed[] = $file_name;
99
+
100
+ return AAM_Core_API::updateOption(self::DB_OPTION, $completed);
101
+ }
102
+
103
+ /**
104
+ * Execute migration script
105
+ *
106
+ * @param string $file_path
107
+ *
108
+ * @return array
109
+ *
110
+ * @access public
111
+ * @version 6.0.0
112
+ */
113
+ public static function executeScript($file_path)
114
+ {
115
+ if (file_exists($file_path)) {
116
+ $results = include $file_path;
117
+ } else {
118
+ $results = array();
119
+ }
120
+
121
+ return $results;
122
+ }
123
+
124
+ /**
125
+ * Check if there is at least one pending migration script
126
+ *
127
+ * @return boolean
128
+ *
129
+ * @access public
130
+ * @version 6.0.0
131
+ */
132
+ public static function hasPending()
133
+ {
134
+ return (count(self::getPending()) > 0);
135
+ }
136
+
137
+ /**
138
+ * Get migration scripts directory iterator
139
+ *
140
+ * @return DirectoryIterator
141
+ *
142
+ * @access protected
143
+ * @version 6.0.0
144
+ */
145
+ protected static function getDirectoryIterator()
146
+ {
147
+ return new DirectoryIterator(dirname(__DIR__) . '/Migration');
148
+ }
149
+
150
+ }
application/Core/Object.php CHANGED
@@ -5,15 +5,25 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Abstract object class
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- abstract class AAM_Core_Object {
 
 
 
 
 
 
 
 
17
 
18
  /**
19
  * Subject
@@ -21,204 +31,399 @@ abstract class AAM_Core_Object {
21
  * @var AAM_Core_Subject
22
  *
23
  * @access private
 
24
  */
25
  private $_subject = null;
26
 
 
 
 
 
 
 
 
 
 
 
27
  /**
28
  * Object options
29
  *
30
  * @var array
31
  *
32
  * @access private
 
33
  */
34
  private $_option = array();
35
 
36
  /**
37
- * Inheritance indicator
38
- *
39
- * @var null|string
40
- *
41
- * @access private
 
42
  */
43
- private $_inherited = null;
44
-
45
  /**
46
  * Overwritten indicator
47
- *
48
- * If settings for specific object were detected befor inheritance mechanism
49
- * kicked off, then it it considered overwritten
50
- *
51
  * @var boolean
52
- *
53
- * @access private
 
54
  */
55
  private $_overwritten = false;
56
 
 
 
 
 
 
 
 
 
 
 
 
 
 
57
  /**
58
  * Constructor
59
  *
60
  * @param AAM_Core_Subject $subject
 
 
61
  *
62
  * @return void
63
  *
64
  * @access public
 
65
  */
66
- public function __construct(AAM_Core_Subject $subject) {
 
 
67
  $this->setSubject($subject);
 
 
 
 
68
  }
69
-
 
 
 
 
 
 
 
 
 
 
70
  /**
71
- * Read object option
72
- *
 
 
 
73
  * @return void
74
- *
75
  * @access public
 
76
  */
77
- public function initialize() {}
 
 
 
 
 
 
 
78
 
79
  /**
80
  * Set current subject
81
  *
82
- * Either it is User or Role
83
  *
84
  * @param AAM_Core_Subject $subject
85
  *
86
  * @return void
87
  *
88
  * @access public
 
89
  */
90
- public function setSubject(AAM_Core_Subject $subject) {
 
91
  $this->_subject = $subject;
92
  }
93
 
94
  /**
95
- * Get Subject
96
  *
97
  * @return AAM_Core_Subject
98
  *
99
  * @access public
 
100
  */
101
- public function getSubject() {
 
102
  return $this->_subject;
103
  }
104
 
105
  /**
106
- * Set Object options
107
- *
108
- * @param mixed $option
109
- *
110
  * @return void
111
- *
112
  * @access public
 
113
  */
114
- public function setOption($option) {
115
- $this->_option = (is_array($option) ? $option : array());
 
116
  }
117
 
118
  /**
119
- * Get Object options
120
- *
121
- * @return mixed
122
- *
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
123
  * @access public
 
124
  */
125
- public function getOption() {
 
126
  return $this->_option;
127
  }
128
-
129
  /**
130
- *
131
- * @param type $external
132
- * @return type
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
133
  */
134
- public function mergeOption($external) {
135
- return $external;
 
 
 
 
 
136
  }
137
-
138
  /**
139
  * Update single option item
140
- *
141
  * @param string $item
142
  * @param mixed $value
143
- *
144
- * @return boolean Always true
145
- *
146
  * @access public
 
147
  */
148
- public function updateOptionItem($item, $value) {
 
149
  $option = $this->getOption();
150
- $option[$item] = $value;
 
 
 
 
 
 
151
  $this->setOption($option);
152
-
153
- return true;
154
  }
155
-
156
  /**
157
- * Set Inherited flag
158
- *
159
- * @param string $inherited
160
- *
161
  * @return void
 
 
 
162
  */
163
- public function setInherited($inherited) {
164
- $this->_inherited = $inherited;
 
 
165
  }
166
 
167
  /**
168
- * Get Inherited flag
169
- *
170
- * @return null|string
171
- *
 
 
172
  * @access public
 
173
  */
174
- public function getInherited() {
175
- return $this->_inherited;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
176
  }
177
-
178
  /**
179
- * Set overwritten flat
180
- *
181
- * @param boolean $overwritten
182
- *
183
- * @return void
184
- *
185
  * @access public
 
186
  */
187
- public function setOverwritten($overwritten = true) {
188
- $this->_overwritten = $overwritten;
 
189
  }
190
-
191
  /**
192
- * Check if options are overwritten
193
- *
194
  * @return boolean
195
- *
196
  * @access public
 
197
  */
198
- public function isOverwritten() {
199
- return $this->_overwritten;
 
 
 
 
 
200
  }
201
-
202
  /**
203
- * Check if access is allowed
204
- *
205
- * @return bool
206
- *
207
  * @access public
 
208
  */
209
- public function allowed() {
210
- return !call_user_func_array(array($this, 'has'), func_get_args());
 
 
 
 
211
  }
212
-
213
  /**
214
- * Check if access is denied
215
- *
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
216
  * @return boolean
217
- *
218
  * @access public
 
219
  */
220
- public function denied() {
221
- return call_user_func_array(array($this, 'has'), func_get_args());
 
222
  }
223
 
224
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Abstract object class
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ abstract class AAM_Core_Object
19
+ {
20
+
21
+ /**
22
+ * Core object slug
23
+ *
24
+ * @version 6.0.0
25
+ */
26
+ const OBJECT_TYPE = null;
27
 
28
  /**
29
  * Subject
31
  * @var AAM_Core_Subject
32
  *
33
  * @access private
34
+ * @version 6.0.0
35
  */
36
  private $_subject = null;
37
 
38
+ /**
39
+ * Object Id
40
+ *
41
+ * @var mixed
42
+ *
43
+ * @access private
44
+ * @version 6.0.0
45
+ */
46
+ private $_id = null;
47
+
48
  /**
49
  * Object options
50
  *
51
  * @var array
52
  *
53
  * @access private
54
+ * @version 6.0.0
55
  */
56
  private $_option = array();
57
 
58
  /**
59
+ * Explicit options (not inherited from parent subjects)
60
+ *
61
+ * @var array
62
+ *
63
+ * @access private
64
+ * @version 6.0.0
65
  */
66
+ private $_explicitOption = array();
67
+
68
  /**
69
  * Overwritten indicator
70
+ *
71
+ * If settings for specific object were detected before inheritance mechanism
72
+ * kicked off, then it is considered overwritten
73
+ *
74
  * @var boolean
75
+ *
76
+ * @access private
77
+ * @version 6.0.0
78
  */
79
  private $_overwritten = false;
80
 
81
+ /**
82
+ * Suppress any filters that may alter option
83
+ *
84
+ * This is used to suppress the inheritance chain that invokes when object has
85
+ * hierarchical relationships.
86
+ *
87
+ * @var boolean
88
+ *
89
+ * @access private
90
+ * @version 6.0.0
91
+ */
92
+ private $_suppressFilters = false;
93
+
94
  /**
95
  * Constructor
96
  *
97
  * @param AAM_Core_Subject $subject
98
+ * @param mixed $id
99
+ * @param boolean $setSuppressFilters
100
  *
101
  * @return void
102
  *
103
  * @access public
104
+ * @version 6.0.0
105
  */
106
+ public function __construct(
107
+ AAM_Core_Subject $subject, $id = null, $suppressFilters = false
108
+ ) {
109
  $this->setSubject($subject);
110
+ $this->setId($id);
111
+ $this->setSuppressFilters($suppressFilters);
112
+
113
+ $this->initialize();
114
  }
115
+
116
+ /**
117
+ * Initialize access settings
118
+ *
119
+ * @return void
120
+ *
121
+ * @access protected
122
+ * @version 6.0.0
123
+ */
124
+ abstract protected function initialize();
125
+
126
  /**
127
+ * Fallback to avoid any issues with previous versions
128
+ *
129
+ * @param string $function
130
+ * @param array $args
131
+ *
132
  * @return void
133
+ *
134
  * @access public
135
+ * @version 6.0.0
136
  */
137
+ public function __call($function, $args)
138
+ {
139
+ _doing_it_wrong(
140
+ $function,
141
+ sprintf(__('AAM object function %s is not defined', AAM_KEY), $function),
142
+ AAM_VERSION
143
+ );
144
+ }
145
 
146
  /**
147
  * Set current subject
148
  *
149
+ * Either it is User, Role, Visitor or Default
150
  *
151
  * @param AAM_Core_Subject $subject
152
  *
153
  * @return void
154
  *
155
  * @access public
156
+ * @version 6.0.0
157
  */
158
+ public function setSubject(AAM_Core_Subject $subject)
159
+ {
160
  $this->_subject = $subject;
161
  }
162
 
163
  /**
164
+ * Get current Subject
165
  *
166
  * @return AAM_Core_Subject
167
  *
168
  * @access public
169
+ * @version 6.0.0
170
  */
171
+ public function getSubject()
172
+ {
173
  return $this->_subject;
174
  }
175
 
176
  /**
177
+ * Set current object Id
178
+ *
179
+ * @param int|string $id
180
+ *
181
  * @return void
182
+ *
183
  * @access public
184
+ * @version 6.0.0
185
  */
186
+ public function setId($id)
187
+ {
188
+ $this->_id = $id;
189
  }
190
 
191
  /**
192
+ * Get current object Id
193
+ *
194
+ * @return int|string
195
+ *
196
+ * @access public
197
+ * @version 6.0.0
198
+ */
199
+ public function getId()
200
+ {
201
+ return $this->_id;
202
+ }
203
+
204
+ /**
205
+ * Set object options
206
+ *
207
+ * @param array $option
208
+ *
209
+ * @return AAM_Core_Object
210
+ *
211
+ * @access public
212
+ * @version 6.0.0
213
+ */
214
+ public function setOption(array $option)
215
+ {
216
+ $this->_option = $option;
217
+
218
+ return $this;
219
+ }
220
+
221
+ /**
222
+ * Get object options
223
+ *
224
+ * @return array
225
+ *
226
  * @access public
227
+ * @version 6.0.0
228
  */
229
+ public function getOption()
230
+ {
231
  return $this->_option;
232
  }
233
+
234
  /**
235
+ * Get specific access property
236
+ *
237
+ * @param string $property
238
+ * @param mixed $default
239
+ *
240
+ * @return mixed
241
+ *
242
+ * @access public
243
+ * @version 5.0.0
244
+ */
245
+ public function get($property, $default = null)
246
+ {
247
+ $option = $this->getOption();
248
+
249
+ $chunks = explode('.', $property);
250
+ $value = (isset($option[$chunks[0]]) ? $option[$chunks[0]] : null);
251
+
252
+ foreach (array_slice($chunks, 1) as $chunk) {
253
+ if (isset($value[$chunk])) {
254
+ $value = $value[$chunk];
255
+ } else {
256
+ $value = $default;
257
+ break;
258
+ }
259
+ }
260
+
261
+ return (is_null($value) ? $default : $value);
262
+ }
263
+
264
+ /**
265
+ * Merge options based on merging preferences
266
+ *
267
+ * @param array $options
268
+ *
269
+ * @return array
270
+ *
271
+ * @access public
272
+ * @version 6.0.0
273
  */
274
+ public function mergeOption($options)
275
+ {
276
+ return AAM::api()->mergeSettings(
277
+ $options,
278
+ $this->getOption(),
279
+ static::OBJECT_TYPE
280
+ );
281
  }
282
+
283
  /**
284
  * Update single option item
285
+ *
286
  * @param string $item
287
  * @param mixed $value
288
+ *
289
+ * @return AAM_Core_Object
290
+ *
291
  * @access public
292
+ * @version 6.0.0
293
  */
294
+ public function updateOptionItem($item, $value)
295
+ {
296
  $option = $this->getOption();
297
+
298
+ if (isset($option[$item]) && is_array($option[$item])) {
299
+ $option[$item] = array_replace_recursive($option[$item], $value);
300
+ } else {
301
+ $option[$item] = $value;
302
+ }
303
+
304
  $this->setOption($option);
305
+
306
+ return $this;
307
  }
308
+
309
  /**
310
+ * Set overwritten flat
311
+ *
312
+ * @param array $option
313
+ *
314
  * @return void
315
+ *
316
+ * @access public
317
+ * @version 6.0.0
318
  */
319
+ public function determineOverwritten($option)
320
+ {
321
+ $this->_overwritten = !empty($option);
322
+ $this->_explicitOption = $option;
323
  }
324
 
325
  /**
326
+ * Determine if access settings are set explicitly for current subject
327
+ *
328
+ * @param string $property
329
+ *
330
+ * @return boolean
331
+ *
332
  * @access public
333
+ * @version 6.0.0
334
  */
335
+ public function isExplicit($property)
336
+ {
337
+ $option = $this->_explicitOption;
338
+ $explicit = true;
339
+
340
+ $chunks = explode('.', $property);
341
+ $value = (isset($option[$chunks[0]]) ? $option[$chunks[0]] : null);
342
+
343
+ foreach (array_slice($chunks, 1) as $chunk) {
344
+ if (isset($value[$chunk])) {
345
+ $value = $value[$chunk];
346
+ } else {
347
+ $explicit = false;
348
+ break;
349
+ }
350
+ }
351
+
352
+ return $explicit;
353
  }
354
+
355
  /**
356
+ * Check if options are overwritten
357
+ *
358
+ * @return boolean
359
+ *
 
 
360
  * @access public
361
+ * @version 6.0.0
362
  */
363
+ public function isOverwritten()
364
+ {
365
+ return $this->_overwritten;
366
  }
367
+
368
  /**
369
+ * Save access settings
370
+ *
371
  * @return boolean
372
+ *
373
  * @access public
374
+ * @version 6.0.0
375
  */
376
+ public function save()
377
+ {
378
+ return $this->getSubject()->updateOption(
379
+ $this->getOption(),
380
+ static::OBJECT_TYPE,
381
+ $this->getId()
382
+ );
383
  }
384
+
385
  /**
386
+ * Reset access settings
387
+ *
388
+ * @return boolean
389
+ *
390
  * @access public
391
+ * @version 6.0.0
392
  */
393
+ public function reset()
394
+ {
395
+ return $this->getSubject()->deleteOption(
396
+ static::OBJECT_TYPE,
397
+ $this->getId()
398
+ );
399
  }
400
+
401
  /**
402
+ * Suppress filters flag
403
+ *
404
+ * @param boolean $setSuppressFilters
405
+ *
406
+ * @return void
407
+ *
408
+ * @access protected
409
+ * @version 6.0.0
410
+ */
411
+ protected function setSuppressFilters($setSuppressFilters)
412
+ {
413
+ $this->_suppressFilters = $setSuppressFilters;
414
+ }
415
+
416
+ /**
417
+ * Get suppress filters flag
418
+ *
419
  * @return boolean
420
+ *
421
  * @access public
422
+ * @version 6.0.0
423
  */
424
+ public function suppressFilters()
425
+ {
426
+ return $this->_suppressFilters;
427
  }
428
 
429
  }
application/Core/Object/Cache.php DELETED
@@ -1,101 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM cache object
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- */
16
- class AAM_Core_Object_Cache extends AAM_Core_Object {
17
-
18
- /**
19
- * Is cache enabled?
20
- *
21
- * @var boolean
22
- *
23
- * @access protected
24
- */
25
- protected $enabled = true;
26
-
27
- /**
28
- * Constructor
29
- *
30
- * @param AAM_Core_Subject $subject
31
- *
32
- * @return void
33
- *
34
- * @access public
35
- */
36
- public function __construct(AAM_Core_Subject $subject) {
37
- parent::__construct($subject);
38
-
39
- // Determine if cache is enabled
40
- $status = AAM_Core_Config::get('core.cache.status', 'enabled');
41
-
42
- if (AAM::isAAM() || ($status !== 'enabled')) {
43
- $this->enabled = false;
44
- }
45
- }
46
-
47
- /**
48
- *
49
- * @param type $type
50
- * @param type $id
51
- * @param type $value
52
- */
53
- public function add($type, $id, $value) {
54
- $option = $this->getOption();
55
-
56
- $limit = AAM_Core_Config::get('core.cache.limit', 1000);
57
- if (isset($option[$type][$id]) && (count($option[$type][$id]) >= $limit)) {
58
- array_shift($option[$type][$id]);
59
- }
60
-
61
- $option[$type][$id] = $value;
62
- $this->setOption($option);
63
- }
64
-
65
- /**
66
- * Get cache
67
- *
68
- * @param string $type
69
- * @param string|int $id
70
- * @param mixed $default
71
- *
72
- * @return mixed
73
- *
74
- * @access public
75
- */
76
- public function get($type, $id = 0, $default = array()) {
77
- $option = $this->getOption();
78
-
79
- return (isset($option[$type][$id]) ? $option[$type][$id] : $default);
80
- }
81
-
82
- /**
83
- * Save cache
84
- *
85
- * @return bool
86
- *
87
- * @access public
88
- */
89
- public function save() {
90
- return true;
91
- }
92
-
93
- /**
94
- *
95
- * @return type
96
- */
97
- public function reset() {
98
- return $this->getSubject()->deleteOption('cache');
99
- }
100
-
101
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Core/Object/Capability.php DELETED
@@ -1,74 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * Capability object
12
- *
13
- * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- */
16
- class AAM_Core_Object_Capability extends AAM_Core_Object {
17
-
18
- /**
19
- * Update subject's capability
20
- *
21
- * @param string $capability
22
- * @param bool $granted
23
- *
24
- * @return bool
25
- *
26
- * @access public
27
- */
28
- public function save($capability, $granted) {
29
- return $this->getSubject()->addCapability(
30
- $capability,
31
- intval($granted) ? true : false
32
- );
33
- }
34
-
35
- /**
36
- * Check if subject has specified capability
37
- *
38
- * @param string $capability
39
- *
40
- * @return bool
41
- *
42
- * @access public
43
- */
44
- public function has($capability) {
45
- return $this->getSubject()->hasCapability($capability);
46
- }
47
-
48
- /**
49
- * Assign capability to user
50
- *
51
- * @param string $capability
52
- *
53
- * @return boolean
54
- *
55
- * @access public
56
- */
57
- public function add($capability) {
58
- return $this->save($capability, 1);
59
- }
60
-
61
- /**
62
- * Remove capability from user
63
- *
64
- * @param string $capability
65
- *
66
- * @return boolean
67
- *
68
- * @access public
69
- */
70
- public function remove($capability) {
71
- return $this->save($capability, 0);
72
- }
73
-
74
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Core/Object/LoginRedirect.php CHANGED
@@ -5,112 +5,39 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Login redirect object
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Core_Object_LoginRedirect extends AAM_Core_Object {
17
-
18
- /**
19
- * Constructor
20
- *
21
- * @param AAM_Core_Subject $subject
22
- *
23
- * @return void
24
- *
25
- * @access public
26
- */
27
- public function __construct(AAM_Core_Subject $subject) {
28
- parent::__construct($subject);
29
-
30
- $this->initialize();
31
- }
32
-
33
- /**
34
- *
35
- */
36
- public function initialize() {
37
- $this->read();
38
- }
39
-
40
  /**
 
41
  *
42
- * @return void
43
- *
44
- * @access public
45
- */
46
- public function read() {
47
- $option = $this->getSubject()->readOption('loginredirect');
48
-
49
- //inherit from default Administrator role
50
- if (empty($option)) {
51
- //inherit from parent subject
52
- $option = $this->getSubject()->inheritFromParent('loginredirect');
53
- } else {
54
- $this->setOverwritten(true);
55
- }
56
-
57
- $this->setOption($option);
58
- }
59
-
60
- /**
61
- * Save options
62
- *
63
- * @param string $property
64
- * @param boolean $value
65
- *
66
- * @return boolean
67
- *
68
- * @access public
69
- */
70
- public function save($property, $value) {
71
- $option = $this->getOption();
72
- $option[$property] = $value;
73
-
74
- return $this->getSubject()->updateOption($option, 'loginredirect');
75
- }
76
-
77
- /**
78
- * Reset settings to default
79
- *
80
- * @return boolean
81
- *
82
- * @access public
83
  */
84
- public function reset() {
85
- return $this->getSubject()->deleteOption('loginredirect');
86
- }
87
 
88
  /**
89
- *
90
- * @param string $param
91
- *
92
- * @return boolean
93
- *
94
- * @access public
95
  */
96
- public function has($param) {
97
- $option = $this->getOption();
98
-
99
- return !empty($option[$param]);
100
- }
101
-
102
- /**
103
- *
104
- * @param string $param
105
- *
106
- * @return boolean
107
- *
108
- * @access public
109
- */
110
- public function get($param) {
111
- $option = $this->getOption();
112
-
113
- return !empty($option[$param]) ? $option[$param] : null;
114
  }
115
-
116
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Login redirect object
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Core_Object_LoginRedirect extends AAM_Core_Object
19
+ {
20
+
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
21
  /**
22
+ * Type of object
23
  *
24
+ * @version 6.0.0
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
25
  */
26
+ const OBJECT_TYPE = 'loginRedirect';
 
 
27
 
28
  /**
29
+ * @inheritdoc
30
+ * @version 6.0.0
 
 
 
 
31
  */
32
+ protected function initialize()
33
+ {
34
+ // Initialize the settings
35
+ $option = $this->getSubject()->readOption(self::OBJECT_TYPE);
36
+
37
+ // If options are defined, set the overwritten flag
38
+ $this->determineOverwritten($option);
39
+
40
+ $this->setOption(is_array($option) ? $option : array());
 
 
 
 
 
 
 
 
 
41
  }
42
+
43
  }
application/Core/Object/LogoutRedirect.php CHANGED
@@ -5,109 +5,39 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Logout redirect object
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Core_Object_LogoutRedirect extends AAM_Core_Object {
17
-
18
- /**
19
- * Constructor
20
- *
21
- * @param AAM_Core_Subject $subject
22
- *
23
- * @return void
24
- *
25
- * @access public
26
- */
27
- public function __construct(AAM_Core_Subject $subject) {
28
- parent::__construct($subject);
29
 
30
- $this->initialize();
31
- }
32
-
33
- /**
34
- *
35
- */
36
- public function initialize() {
37
- $this->read();
38
- }
39
-
40
  /**
 
41
  *
42
- * @return void
43
- *
44
- * @access public
45
  */
46
- public function read() {
47
- $option = $this->getSubject()->readOption('logoutredirect');
48
-
49
- //inherit from default Administrator role
50
- if (empty($option)) {
51
- //inherit from parent subject
52
- $option = $this->getSubject()->inheritFromParent('logoutredirect');
53
- } else {
54
- $this->setOverwritten(true);
55
- }
56
-
57
- $this->setOption($option);
58
- }
59
-
60
- /**
61
- * Save options
62
- *
63
- * @param string $property
64
- * @param boolean $value
65
- *
66
- * @return boolean
67
- *
68
- * @access public
69
- */
70
- public function save($property, $value) {
71
- $option = $this->getOption();
72
- $option[$property] = $value;
73
-
74
- return $this->getSubject()->updateOption($option, 'logoutredirect');
75
- }
76
-
77
- /**
78
- *
79
- * @return type
80
- */
81
- public function reset() {
82
- return $this->getSubject()->deleteOption('logoutredirect');
83
- }
84
 
85
  /**
86
- *
87
- * @param string $param
88
- *
89
- * @return boolean
90
- *
91
- * @access public
92
  */
93
- public function has($param) {
94
- $option = $this->getOption();
95
-
96
- return !empty($option[$param]);
97
- }
98
-
99
- /**
100
- *
101
- * @param string $param
102
- *
103
- * @return boolean
104
- *
105
- * @access public
106
- */
107
- public function get($param) {
108
- $option = $this->getOption();
109
-
110
- return !empty($option[$param]) ? $option[$param] : null;
111
  }
112
-
113
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Logout redirect object
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Core_Object_LogoutRedirect extends AAM_Core_Object
19
+ {
 
 
 
 
 
 
 
 
 
 
 
20
 
 
 
 
 
 
 
 
 
 
 
21
  /**
22
+ * Type of object
23
  *
24
+ * @version 6.0.0
 
 
25
  */
26
+ const OBJECT_TYPE = 'logoutRedirect';
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
27
 
28
  /**
29
+ * @inheritdoc
30
+ * @version 6.0.0
 
 
 
 
31
  */
32
+ protected function initialize()
33
+ {
34
+ // Initialize the settings
35
+ $option = $this->getSubject()->readOption(self::OBJECT_TYPE);
36
+
37
+ // If options are defined, set the overwritten flag
38
+ $this->determineOverwritten($option);
39
+
40
+ $this->setOption(is_array($option) ? $option : array());
 
 
 
 
 
 
 
 
 
41
  }
42
+
43
  }
application/Core/Object/Menu.php CHANGED
@@ -5,192 +5,98 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Menu object
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Core_Object_Menu extends AAM_Core_Object {
 
17
 
18
  /**
19
- * Constructor
20
  *
21
- * @param AAM_Core_Subject $subject
22
- *
23
- * @return void
24
- *
25
- * @access public
26
  */
27
- public function __construct(AAM_Core_Subject $subject) {
28
- parent::__construct($subject);
29
-
30
- $option = $this->getSubject()->readOption('menu');
31
-
32
- if (!empty($option)) {
33
- $this->setOverwritten(true);
34
- }
35
-
36
- // Load settings from Access & Security Policy
37
- if (empty($option)) {
38
- $stms = AAM_Core_Policy_Factory::get($subject)->find("/^BackendMenu:/i");
39
-
40
- foreach($stms as $key => $stm) {
41
- $chunks = explode(':', $key);
42
- $option[$chunks[1]] = ($stm['Effect'] === 'deny' ? 1 : 0);
43
- }
44
- }
45
-
46
- // Finally try to load from parent
47
- if (empty($option)) {
48
- $option = $this->getSubject()->inheritFromParent('menu');
49
- }
50
-
51
- $this->setOption($option);
52
- }
53
 
54
  /**
55
- * Filter Menu List
56
- *
57
- * Keep in mind that this function only filter the menu items but do not
58
- * restrict access to them. You have to explore roles and capabilities to
59
- * control the full access to menus.
60
- *
61
- * @global array $menu
62
- * @global array $submenu
63
- *
64
- * @return void
65
- *
66
- * @access public
67
  */
68
- public function filter() {
69
- global $menu, $submenu;
 
70
 
71
- foreach ($menu as $id => $item) {
72
- if (!empty($submenu[$item[2]])) {
73
- // Cover the scenario when there are some dynamic submenus
74
- $subs = $this->filterSubmenu($item, ($this->has('menu-' . $item[2])));
75
- } else {
76
- $subs = array();
77
- }
78
-
79
- // cover scenario like with Visual Composer where landing page
80
- // is defined dynamically
81
- if ($this->has('menu-' . $item[2])) {
82
- unset($menu[$id]);
83
- } elseif ($this->has($item[2])) {
84
- if (count($subs)) {
85
- $menu[$id][2] = $subs[0][2];
86
- $submenu[$menu[$id][2]] = $subs;
87
- } else {
88
- unset($menu[$id]);
89
- }
90
- }
91
- }
92
 
93
- // remove duplicated separators
94
- $count = 0;
95
- foreach ($menu as $id => $item) {
96
- if (preg_match('/^separator/', $item[2])) {
97
- if ($count === 0) {
98
- $count++;
99
- } else {
100
- unset($menu[$id]);
101
- }
102
- } else {
103
- $count = 0;
104
- }
105
- }
106
- }
107
-
108
- /**
109
- *
110
- * @param array $menu
111
- * @return array
112
- */
113
- protected function normalizeItem($menu) {
114
- if (strpos($menu, 'customize.php') === 0) {
115
- $menu = 'customize.php';
116
- }
117
-
118
- return $menu;
119
  }
120
-
121
  /**
122
- * Update single option item
123
- *
124
- * @param string $item
125
- * @param mixed $value
126
- *
127
- * @return boolean Always true
128
- *
129
  * @access public
 
130
  */
131
- public function updateOptionItem($item, $value) {
132
- $option = $this->getOption();
133
-
134
- $option[$item] = $value;
135
- $option[crc32($item)] = $value;
136
-
137
- $this->setOption($option);
138
-
139
- return true;
140
- }
141
 
142
- /**
143
- * Filter submenu
144
- *
145
- * @param array &$parent
146
- * @param bool $deny_all
147
- *
148
- * @return void
149
- *
150
- * @access protected
151
- *
152
- * @global array $menu
153
- * @global array $submenu
154
- */
155
- protected function filterSubmenu(&$parent, $deny_all = false) {
156
- global $submenu;
157
 
158
- $filtered = array();
 
159
 
160
- foreach ($submenu[$parent[2]] as $id => $item) {
161
- if ($deny_all || $this->has($this->normalizeItem($item[2]))) {
162
- unset($submenu[$parent[2]][$id]);
163
- } else {
164
- $filtered[] = $submenu[$parent[2]][$id];
165
- }
166
- }
167
-
168
- if (count($filtered)) { //make sure that the parent points to the first sub
169
- $values = array_values($filtered);
170
- $parent[2] = $values[0][2];
171
- }
172
 
173
- return $filtered;
 
 
 
 
 
 
 
 
174
  }
175
-
176
  /**
177
  * Get parent menu
178
- *
179
  * @param string $search
180
- *
181
- * @return string|bool
182
- *
183
  * @access protected
184
  * @global array $submenu
 
185
  */
186
- protected function getParentMenu($search) {
 
187
  global $submenu;
188
-
189
  $result = null;
190
-
191
  if (is_array($submenu)) {
192
- foreach($submenu as $parent => $subs) {
193
- foreach($subs as $sub) {
194
  if ($sub[2] === $search) {
195
  $result = $parent;
196
  break;
@@ -202,99 +108,8 @@ class AAM_Core_Object_Menu extends AAM_Core_Object {
202
  }
203
  }
204
  }
205
-
206
- return $result;
207
- }
208
-
209
- /**
210
- * Check is menu defined
211
- *
212
- * Check if menu defined in options based on the id
213
- *
214
- * @param string $menu
215
- *
216
- * @return boolean
217
- *
218
- * @access public
219
- */
220
- public function has($menu, $both = false) {
221
- //decode URL in case of any special characters like &amp;
222
- $decoded = htmlspecialchars_decode($menu);
223
-
224
- $options = $this->getOption();
225
- $parent = $this->getParentMenu($decoded);
226
-
227
- // Step #1. Check if menu is directly restricted
228
- $direct = !empty($options[$decoded]) || !empty($options[crc32($decoded)]);
229
-
230
- // Step #2. Check if whole branch is restricted
231
- $branch = ($both && (!empty($options['menu-' . $decoded]) || !empty($options[crc32('menu-' . $decoded)])));
232
-
233
- // Step #3. Check if dynamic submenu is restricted because of whole branch
234
- $indirect = ($parent && (!empty($options['menu-' . $parent]) || !empty($options[crc32('menu-' . $parent)])));
235
-
236
- return $direct || $branch || $indirect;
237
- }
238
-
239
- /**
240
- * Allow access to a specific menu
241
- *
242
- * @param string $menu
243
- *
244
- * @return boolean
245
- *
246
- * @access public
247
- */
248
- public function allow($menu) {
249
- return $this->save($menu, 0);
250
- }
251
-
252
- /**
253
- * Deny access to a specific menu
254
- *
255
- * @param string $menu
256
- *
257
- * @return boolean
258
- *
259
- * @access public
260
- */
261
- public function deny($menu) {
262
- return $this->save($menu, 1);
263
- }
264
 
265
- /**
266
- * Save menu option
267
- *
268
- * @return bool
269
- *
270
- * @access public
271
- */
272
- public function save($item = null, $value = null) {
273
- if (!is_null($item)) { // keep it compatible with main Manager.save
274
- $this->updateOptionItem($item, $value);
275
- }
276
-
277
- return $this->getSubject()->updateOption($this->getOption(), 'menu');
278
- }
279
-
280
- /**
281
- * Reset default settings
282
- *
283
- * @return bool
284
- *
285
- * @access public
286
- */
287
- public function reset() {
288
- return $this->getSubject()->deleteOption('menu');
289
- }
290
-
291
- /**
292
- *
293
- * @param type $external
294
- * @return type
295
- */
296
- public function mergeOption($external) {
297
- return AAM::api()->mergeSettings($external, $this->getOption(), 'menu');
298
  }
299
 
300
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Menu object
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Core_Object_Menu extends AAM_Core_Object
19
+ {
20
 
21
  /**
22
+ * Type of object
23
  *
24
+ * @version 6.0.0
 
 
 
 
25
  */
26
+ const OBJECT_TYPE = 'menu';
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
27
 
28
  /**
29
+ * @inheritdoc
30
+ * @version 6.0.0
 
 
 
 
 
 
 
 
 
 
31
  */
32
+ protected function initialize()
33
+ {
34
+ $option = $this->getSubject()->readOption(self::OBJECT_TYPE);
35
 
36
+ $this->determineOverwritten($option);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
37
 
38
+ // Trigger custom functionality that may populate the menu options. For
39
+ // example, this hooks is used by Access Policy service
40
+ $option = apply_filters('aam_menu_object_option_filter', $option, $this);
41
+
42
+ $this->setOption(is_array($option) ? $option : array());
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
43
  }
44
+
45
  /**
46
+ * Check is menu or submenu is restricted
47
+ *
48
+ * @param string $menu
49
+ *
50
+ * @return boolean
51
+ *
 
52
  * @access public
53
+ * @version 6.0.0
54
  */
55
+ public function isRestricted($menu)
56
+ {
57
+ // Decode URL in case of any special characters like &amp;
58
+ $decoded = htmlspecialchars_decode($menu);
 
 
 
 
 
 
59
 
60
+ $options = $this->getOption();
61
+ $parent = $this->getParentMenu($decoded);
 
 
 
 
 
 
 
 
 
 
 
 
 
62
 
63
+ // Step #1. Check if menu is directly restricted
64
+ $direct = !empty($options[$decoded]);
65
 
66
+ // Step #2. Check if whole branch is restricted
67
+ $branch = !empty($options['menu-' . $decoded]);
 
 
 
 
 
 
 
 
 
 
68
 
69
+ // Step #3. Check if dynamic submenu is restricted because of whole branch
70
+ $indirect = ($parent && (!empty($options['menu-' . $parent])));
71
+
72
+ return apply_filters(
73
+ 'aam_admin_menu_is_restricted_filter',
74
+ $direct || $branch || $indirect,
75
+ $decoded,
76
+ $this
77
+ );
78
  }
79
+
80
  /**
81
  * Get parent menu
82
+ *
83
  * @param string $search
84
+ *
85
+ * @return string|null
86
+ *
87
  * @access protected
88
  * @global array $submenu
89
+ * @version 6.0.0
90
  */
91
+ protected function getParentMenu($search)
92
+ {
93
  global $submenu;
94
+
95
  $result = null;
96
+
97
  if (is_array($submenu)) {
98
+ foreach ($submenu as $parent => $subs) {
99
+ foreach ($subs as $sub) {
100
  if ($sub[2] === $search) {
101
  $result = $parent;
102
  break;
108
  }
109
  }
110
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
111
 
112
+ return $result;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
113
  }
114
 
115
  }
application/Core/Object/Metabox.php CHANGED
@@ -5,234 +5,59 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Metabox object
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Core_Object_Metabox extends AAM_Core_Object {
 
17
 
18
  /**
19
- * Constructor
20
  *
21
- * @param AAM_Core_Subject $subject
22
- *
23
- * @return void
24
- *
25
- * @access public
26
- */
27
- public function __construct(AAM_Core_Subject $subject) {
28
- parent::__construct($subject);
29
-
30
- $option = AAM_Core_Compatibility::convertMetaboxes(
31
- $this->getSubject()->readOption('metabox')
32
- );
33
-
34
- if (!empty($option)) {
35
- $this->setOverwritten(true);
36
- }
37
-
38
- // Load settings from Access & Security Policy
39
- if (empty($option)) {
40
- $stms = AAM_Core_Policy_Factory::get($subject)->find("/^(Metabox|Widget):/i");
41
-
42
- foreach($stms as $key => $stm) {
43
- $chunks = explode(':', $key);
44
- $option[$chunks[1]] = ($stm['Effect'] === 'deny' ? 1 : 0);
45
- }
46
- }
47
-
48
- if (empty($option)) {
49
- $option = $this->getSubject()->inheritFromParent('metabox');
50
- }
51
-
52
- $this->setOption($option);
53
- }
54
-
55
- /**
56
- *
57
- * @global type $wp_registered_widgets
58
- * @param type $sidebar_widgets
59
- * @return type
60
- */
61
- public function filterFrontend($sidebar_widgets) {
62
- global $wp_registered_widgets;
63
-
64
- if (is_array($wp_registered_widgets)) {
65
- foreach ($wp_registered_widgets as $id => $widget) {
66
- $callback = $this->getWidgetCallback($widget);
67
- if ($this->has('widgets', $callback)) {
68
- unregister_widget($callback);
69
- //remove it from registered widget global var!!
70
- //INFORM: Why Unregister Widget does not clear global var?
71
- unset($wp_registered_widgets[$id]);
72
- }
73
- }
74
- }
75
-
76
- return $sidebar_widgets;
77
- }
78
-
79
- /**
80
- *
81
- * @param type $widget
82
- * @return type
83
  */
84
- protected function getWidgetCallback($widget) {
85
- if (is_array($widget['callback'])) {
86
- if (is_object($widget['callback'][0])) {
87
- $callback = get_class($widget['callback'][0]);
88
- } elseif (is_string($widget['callback'][0])) {
89
- $callback = $widget['callback'][0];
90
- }
91
- }
92
-
93
- if (empty($callback)) {
94
- $callback = isset($widget['classname']) ? $widget['classname'] : null;
95
- }
96
-
97
- return $callback;
98
- }
99
-
100
- /**
101
- *
102
- * @global type $wp_meta_boxes
103
- * @param type $screen
104
- */
105
- public function filterBackend($screen) {
106
- global $wp_meta_boxes;
107
-
108
- if (is_array($wp_meta_boxes)) {
109
- foreach ($wp_meta_boxes as $screen_id => $zones) {
110
- if ($screen === $screen_id) {
111
- $this->filterZones($zones, $screen_id);
112
- }
113
- }
114
- }
115
- }
116
-
117
- /**
118
- *
119
- * @global type $wp_registered_widgets
120
- */
121
- public function filterAppearanceWidgets() {
122
- global $wp_registered_widgets;
123
-
124
- foreach($wp_registered_widgets as $id => $widget) {
125
- $callback = $this->getWidgetCallback($widget);
126
- if ($this->has('widgets', $callback)) {
127
- unregister_widget($callback);
128
- unset($wp_registered_widgets[$id]);
129
- }
130
- }
131
- }
132
-
133
- /**
134
- *
135
- * @param type $zones
136
- * @param type $screen_id
137
- */
138
- protected function filterZones($zones, $screen_id) {
139
- foreach ($zones as $zone => $priorities) {
140
- foreach ($priorities as $metaboxes) {
141
- $this->filterMetaboxes($zone, $metaboxes, $screen_id);
142
- }
143
- }
144
- }
145
-
146
- /**
147
- *
148
- * @param type $zone
149
- * @param type $metaboxes
150
- * @param type $screen_id
151
- */
152
- protected function filterMetaboxes($zone, $metaboxes, $screen_id) {
153
- foreach ($metaboxes as $id => $metabox) {
154
- if ($this->has($screen_id, $id, $metabox['title'])) {
155
- remove_meta_box($id, $screen_id, $zone);
156
- }
157
- }
158
- }
159
 
160
  /**
161
  * @inheritdoc
 
162
  */
163
- public function save($metabox, $granted) {
164
- $option = $this->getOption();
 
165
 
166
- $option[$metabox] = $granted;
167
- $option[crc32($metabox)] = $granted;
168
 
169
- return $this->getSubject()->updateOption($option, 'metabox');
170
- }
171
-
172
- /**
173
- *
174
- */
175
- public function reset() {
176
- return $this->getSubject()->deleteOption('metabox');
177
  }
178
 
179
  /**
 
180
  *
181
- * @param type $screen
182
- * @param type $metabox
183
- * @return type
184
- */
185
- public function has($screen, $metaboxId, $metaboxTitle = null) {
186
- $options = $this->getOption();
187
- $mid = "{$screen}|{$metaboxId}";
188
-
189
- if(function_exists('mb_strtolower')) {
190
- $mtl = mb_strtolower("{$screen}|{$metaboxTitle}");
191
- } else {
192
- $mtl = strtolower("{$screen}|{$metaboxTitle}");
193
- }
194
-
195
- // Also remove any HTML tags
196
- $mtl = wp_strip_all_tags($mtl);
197
-
198
- return !empty($options[$mid]) || !empty($options[crc32($mid)]) || !empty($options[$mtl]);
199
- }
200
-
201
- /**
202
- * Allow access to a specific metabox
203
- *
204
- * @param string $screen
205
- * @param string $metabox
206
- *
207
- * @return boolean
208
- *
209
- * @access public
210
- */
211
- public function allow($screen, $metabox) {
212
- $this->save("{$screen}|{$metabox}", 0);
213
- }
214
-
215
- /**
216
- * Deny access to a specific metabox
217
- *
218
  * @param string $screen
219
- * @param string $metabox
220
- *
221
  * @return boolean
222
- *
223
  * @access public
 
224
  */
225
- public function deny($screen, $metabox) {
226
- return $this->save("{$screen}|{$metabox}", 1);
227
- }
228
-
229
- /**
230
- *
231
- * @param type $external
232
- * @return type
233
- */
234
- public function mergeOption($external) {
235
- return AAM::api()->mergeSettings($external, $this->getOption(), 'metabox');
236
  }
237
 
238
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Metabox object
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Core_Object_Metabox extends AAM_Core_Object
19
+ {
20
 
21
  /**
22
+ * Type of object
23
  *
24
+ * @version 6.0.0
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
25
  */
26
+ const OBJECT_TYPE = 'metabox';
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
27
 
28
  /**
29
  * @inheritdoc
30
+ * @version 6.0.0
31
  */
32
+ protected function initialize()
33
+ {
34
+ $option = $this->getSubject()->readOption(self::OBJECT_TYPE);
35
 
36
+ $this->determineOverwritten($option);
 
37
 
38
+ // Trigger custom functionality that may populate the menu options. For
39
+ // example, this hooks is used by Access Policy service
40
+ $option = apply_filters('aam_metabox_object_option_filter', $option, $this);
41
+
42
+ $this->setOption(is_array($option) ? $option : array());
 
 
 
43
  }
44
 
45
  /**
46
+ * Check if metabox or widget is visible
47
  *
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
48
  * @param string $screen
49
+ * @param string $metaboxId
50
+ *
51
  * @return boolean
52
+ *
53
  * @access public
54
+ * @version 6.0.0
55
  */
56
+ public function isHidden($screen, $metaboxId)
57
+ {
58
+ $option = $this->getOption();
59
+
60
+ return !empty($option[strtolower("{$screen}|{$metaboxId}")]);
 
 
 
 
 
 
61
  }
62
 
63
  }
application/Core/Object/Policy.php CHANGED
@@ -5,115 +5,58 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Policy object
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Core_Object_Policy extends AAM_Core_Object {
 
17
 
18
  /**
19
- * Constructor
20
  *
21
- * @param AAM_Core_Subject $subject
22
- *
23
- * @return void
24
- *
25
- * @access public
26
  */
27
- public function __construct(AAM_Core_Subject $subject) {
28
- parent::__construct($subject);
29
-
30
- $this->initialize();
31
- }
32
-
33
  /**
34
  * Initialize the policy rules for current subject
35
- *
36
  * @return void
37
- *
38
- * @access public
39
- */
40
- public function initialize() {
41
- $subject = $this->getSubject();
42
- $parent = $subject->inheritFromParent('policy');
43
-
44
- // Prevent from any kind of surprises
45
- if(empty($parent) || !is_array($parent)) {
46
- $parent = array();
47
- }
48
-
49
- $option = $subject->readOption('policy');
50
- if (empty($option)) {
51
- $option = array();
52
- } else {
53
- $this->setOverwritten(true);
54
- }
55
-
56
- foreach($option as $key => $value) {
57
- $parent[$key] = $value; //override
58
- }
59
-
60
- $this->setOption($parent);
61
- }
62
-
63
- /**
64
- * Save menu option
65
- *
66
- * @return bool
67
- *
68
- * @access public
69
  */
70
- public function save($id, $effect) {
71
- $option = $this->getOption();
72
- $option[$id] = intval($effect);
73
 
74
- $this->setOption($option);
75
 
76
- return $this->getSubject()->updateOption($this->getOption(), 'policy');
77
  }
78
-
79
  /**
80
  * Check if policy attached
81
- *
82
  * @param int $id
83
- *
84
  * @return boolean
85
- *
86
  * @access public
 
87
  */
88
- public function has($id) {
 
89
  $option = $this->getOption();
90
-
91
  return !empty($option[$id]);
92
  }
93
-
94
- /**
95
- *
96
- * @param type $id
97
- *
98
- * @return type
99
- */
100
- public function delete($id) {
101
- $option = $this->getOption();
102
- if (isset($option[$id])) {
103
- unset($option[$id]);
104
- }
105
- $this->setOption($option);
106
-
107
- return $this->getSubject()->updateOption($this->getOption(), 'policy');
108
- }
109
-
110
- /**
111
- *
112
- * @param type $external
113
- * @return type
114
- */
115
- public function mergeOption($external) {
116
- return AAM::api()->mergeSettings($external, $this->getOption(), 'policy');
117
- }
118
-
119
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Policy object
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Core_Object_Policy extends AAM_Core_Object
19
+ {
20
 
21
  /**
22
+ * Type of object
23
  *
24
+ * @version 6.0.0
 
 
 
 
25
  */
26
+ const OBJECT_TYPE = 'policy';
27
+
 
 
 
 
28
  /**
29
  * Initialize the policy rules for current subject
30
+ *
31
  * @return void
32
+ *
33
+ * @access protected
34
+ * @version 6.0.0
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
35
  */
36
+ protected function initialize()
37
+ {
38
+ $option = $this->getSubject()->readOption(self::OBJECT_TYPE);
39
 
40
+ $this->determineOverwritten($option);
41
 
42
+ $this->setOption(is_array($option) ? $option : array());
43
  }
44
+
45
  /**
46
  * Check if policy attached
47
+ *
48
  * @param int $id
49
+ *
50
  * @return boolean
51
+ *
52
  * @access public
53
+ * @version 6.0.0
54
  */
55
+ public function has($id)
56
+ {
57
  $option = $this->getOption();
58
+
59
  return !empty($option[$id]);
60
  }
61
+
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
62
  }
application/Core/Object/Post.php CHANGED
@@ -5,192 +5,114 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Post object
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Core_Object_Post extends AAM_Core_Object {
 
17
 
18
  /**
19
- * Post object
20
- *
 
 
 
 
 
 
 
21
  * @var WP_Post
22
- *
23
  * @access private
 
24
  */
25
- private $_post;
26
-
27
  /**
28
  * Constructor
29
  *
30
  * @param AAM_Core_Subject $subject
31
  * @param WP_Post|Int $post
 
32
  *
33
  * @return void
34
  *
35
  * @access public
 
36
  */
37
- public function __construct(AAM_Core_Subject $subject, $post, $param = null) {
38
- parent::__construct($subject);
 
 
39
 
40
  // Make sure that we are dealing with WP_Post object
41
  // This is done to remove redundant calls to the database on the backend view
42
- if (is_object($param) && is_a($param, 'WP_Post')) {
43
- $this->setPost($param);
44
  } elseif (is_numeric($post)) {
45
  $this->setPost(get_post($post));
46
  }
47
 
48
- // Determine if we need to skip inheritance chain from the parent subject
49
- // This is done to eliminate constrains related to Inherit From Parent Post
50
- if (is_array($param)) {
51
- $void = !empty($param['voidInheritance']);
52
  } else {
53
- $void = false;
 
54
  }
55
-
56
- $this->initialize($void);
57
  }
58
-
59
  /**
60
  * Get WP post property
61
- *
62
  * @param string $name
63
- *
64
  * @return mixed
65
- *
66
  * @access public
 
67
  */
68
- public function __get($name) {
 
69
  $post = $this->getPost();
70
-
71
- return (is_object($post) && property_exists($post, $name) ? $post->$name : null);
72
- }
73
-
74
- /**
75
- *
76
- */
77
- public function initialize($voidInheritance = false) {
78
- if ($this->getPost()) {
79
- $this->read($voidInheritance);
80
- }
81
  }
82
 
83
  /**
84
- * Read the Post AAM Metadata
85
- *
86
- * Get all settings related to specified post.
87
- *
88
- * @return void
89
- *
90
- * @access public
91
  */
92
- public function read($voidInheritance = false) {
93
- $subject = $this->getSubject();
94
- $post = $this->getPost();
95
-
96
- $option = get_post_meta($post->ID, $this->getOptionName(), true);
97
- $this->setOverwritten(!empty($option));
98
-
99
- // Read settings from access policy
100
- if (empty($option)) {
101
- $stms = AAM_Core_Policy_Factory::get($subject)->find(
102
- "/^post:{$post->post_type}:({$post->post_name}|{$post->ID}):/",
103
- array('post' => $post)
104
- );
105
-
106
- $option = array();
107
 
108
- foreach($stms as $key => $stm) {
109
- $chunks = explode(':', $key);
110
- $action = (isset($chunks[3]) ? $chunks[3] : 'read');
111
- $meta = (isset($stm['Metadata']) ? $stm['Metadata'] : array());
112
 
113
- $option = array_merge(
114
- $option,
115
- AAM_Core_Compatibility::convertPolicyAction(
116
- $action,
117
- $stm['Effect'] === 'deny',
118
- '',
119
- ($action === 'read' ? $meta : array()),
120
- array($post)
121
- )
122
- );
123
- }
124
- }
125
-
126
- // Inherit from terms or default settings - AAM Plus Package
127
- if (empty($option)) {
128
- $option = apply_filters('aam-post-access-filter', $option, $this);
129
- }
130
-
131
- // No settings for a post. Try to inherit from the parent
132
- if (empty($option) && ($voidInheritance === false)) {
133
- $option = $subject->inheritFromParent('post', $post->ID, $post);
134
  }
135
 
 
136
  $this->setOption($option);
137
  }
138
-
139
- /**
140
- * Save options
141
- *
142
- * @param string $property
143
- * @param mixed $value
144
- *
145
- * @return boolean
146
- *
147
- * @access public
148
- */
149
- public function save($property, $value) {
150
- $option = $this->getOption();
151
-
152
- $option[$property] = $value;
153
-
154
- // Very specific WP case. According to the WP core, you are not allowed to
155
- // set meta for revision, so let's bypass this constrain.
156
- if ($this->getPost()->post_type === 'revision') {
157
- $result = update_metadata(
158
- 'post', $this->getPost()->ID, $this->getOptionName(), $option
159
- );
160
- } else {
161
- $result = update_post_meta(
162
- $this->getPost()->ID, $this->getOptionName(), $option
163
- );
164
- }
165
-
166
- if ($result) {
167
- $this->setOption($option);
168
- }
169
-
170
- return $result;
171
- }
172
-
173
- /**
174
- * Reset post settings
175
- *
176
- * @return boolean
177
- *
178
- * @access public
179
- */
180
- public function reset() {
181
- // Very specific WP case. According to the WP core, you are not allowed to
182
- // set meta for revision, so let's bypass this constrain.
183
- if ($this->getPost()->post_type === 'revision') {
184
- $result = delete_metadata(
185
- 'post', $this->getPost()->ID, $this->getOptionName()
186
- );
187
- } else {
188
- $result = delete_post_meta($this->getPost()->ID, $this->getOptionName());
189
- }
190
-
191
- return $result;
192
- }
193
-
194
  /**
195
  * Set Post
196
  *
@@ -198,168 +120,121 @@ class AAM_Core_Object_Post extends AAM_Core_Object {
198
  *
199
  * @return void
200
  *
201
- * @access public
202
- */
203
- public function setPost($post) {
204
- $this->_post = $post;
205
- }
206
-
207
- /**
208
- * Generate option name
209
- *
210
- * @return string
211
- *
212
  * @access protected
 
213
  */
214
- protected function getOptionName() {
215
- $subject = $this->getSubject();
216
-
217
- //prepare option name
218
- $meta_key = 'aam-post-access-' . $subject->getUID();
219
- $meta_key .= ($subject->getId() ? $subject->getId() : '');
220
-
221
- return $meta_key;
222
  }
223
 
224
  /**
225
- * Check if option is set
226
- *
 
 
227
  * @param string $property
228
- *
229
  * @return boolean
230
- *
231
  * @access public
 
232
  */
233
- public function has($property) {
 
 
234
  $option = $this->getOption();
235
 
236
- return (array_key_exists($property, $option) && !empty($option[$property]));
237
- }
238
-
239
- /**
240
- * Check if subject can do certain action
241
- *
242
- * The difference between `can` and `allowed` is that can is more in-depth way
243
- * to take in consideration relationships between properties.
244
- *
245
- * @return boolean
246
- *
247
- * @access public
248
- */
249
- public function allowed() {
250
- return apply_filters(
251
- 'aam-post-action-allowed-filter',
252
- !call_user_func_array(array($this, 'has'), func_get_args()),
253
- func_get_arg(0),
254
- $this
255
- );
256
  }
257
-
258
  /**
259
- * Update property
260
- *
 
 
 
 
261
  * @param string $property
262
- * @param mixed $value
263
- *
264
  * @return boolean
265
- *
266
  * @access public
 
267
  */
268
- public function update($property, $value) {
269
- return $this->save($property, $value);
 
270
  }
271
-
272
  /**
273
- * Remove property
274
- *
 
 
 
 
275
  * @param string $property
276
- *
277
  * @return boolean
278
- *
279
  * @access public
 
280
  */
281
- public function remove($property) {
282
- $option = $this->getOption();
283
-
284
- if (array_key_exists($property, $option)) {
285
- unset($option[$property]);
286
- }
287
-
288
- // Very specific WP case. According to the WP core, you are not allowed to
289
- // set meta for revision, so let's bypass this constrain.
290
- if ($this->getPost()->post_type === 'revision') {
291
- $result = update_metadata(
292
- 'post', $this->getPost()->ID, $this->getOptionName(), $option
293
- );
294
- } else {
295
- $result = update_post_meta(
296
- $this->getPost()->ID, $this->getOptionName(), $option
297
- );
298
- }
299
-
300
- if ($result) {
301
- $this->setOption($option);
302
- }
303
-
304
- return $result;
305
  }
306
-
307
  /**
308
- * Get option
309
- *
310
- * @param string $area
311
- * @param string $action
312
- *
313
- * @return boolean
314
- *
315
  * @access public
 
316
  */
317
- public function get($action) {
318
- $option = $this->getOption();
319
-
320
- return (isset($option[$action]) ? $option[$action] : null);
321
  }
322
-
323
  /**
324
- * Set option
325
- *
326
- * Set property without storing to the database for cased like "expire".
327
- *
328
- * @param string $property
329
- * @param mixed $value
330
- *
331
  * @return boolean
332
- *
333
  * @access public
 
334
  */
335
- public function set($property, $value) {
336
- $option = $this->getOption();
337
-
338
- $option[$property] = $value;
339
-
340
- $this->setOption($option);
341
-
342
- return true;
343
- }
344
-
345
- /**
346
- *
347
- * @param type $external
348
- * @return type
349
- */
350
- public function mergeOption($external) {
351
- return AAM::api()->mergeSettings($external, $this->getOption(), 'post');
352
  }
353
-
354
  /**
355
- * Get Post
356
  *
357
- * @return WP_Post|stdClass
358
  *
359
  * @access public
 
360
  */
361
- public function getPost() {
362
- return $this->_post;
 
 
 
363
  }
364
-
365
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Post object
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Core_Object_Post extends AAM_Core_Object
19
+ {
20
 
21
  /**
22
+ * Type of object
23
+ *
24
+ * @version 6.0.0
25
+ */
26
+ const OBJECT_TYPE = 'post';
27
+
28
+ /**
29
+ * WP Post object
30
+ *
31
  * @var WP_Post
32
+ *
33
  * @access private
34
+ * @version 6.0.0
35
  */
36
+ private $_post = null;
37
+
38
  /**
39
  * Constructor
40
  *
41
  * @param AAM_Core_Subject $subject
42
  * @param WP_Post|Int $post
43
+ * @param boolean $suppressFilters
44
  *
45
  * @return void
46
  *
47
  * @access public
48
+ * @version 6.0.0
49
  */
50
+ public function __construct(AAM_Core_Subject $subject, $post, $suppressFilters = false)
51
+ {
52
+ $this->setSubject($subject);
53
+ $this->setSuppressFilters($suppressFilters);
54
 
55
  // Make sure that we are dealing with WP_Post object
56
  // This is done to remove redundant calls to the database on the backend view
57
+ if (is_a($post, 'WP_Post')) {
58
+ $this->setPost($post);
59
  } elseif (is_numeric($post)) {
60
  $this->setPost(get_post($post));
61
  }
62
 
63
+ // Making sure that we actually have post, otherwise just initiate with dummy
64
+ if (is_a($this->getPost(), 'WP_Post')) {
65
+ $this->setId($this->getPost()->ID);
 
66
  } else {
67
+ $this->setPost(new WP_Post((object) array('ID' => 0)));
68
+ $this->setId(0);
69
  }
70
+
71
+ $this->initialize();
72
  }
73
+
74
  /**
75
  * Get WP post property
76
+ *
77
  * @param string $name
78
+ *
79
  * @return mixed
80
+ *
81
  * @access public
82
+ * @version 6.0.0
83
  */
84
+ public function __get($name)
85
+ {
86
  $post = $this->getPost();
87
+
88
+ return (property_exists($post, $name) ? $post->$name : null);
 
 
 
 
 
 
 
 
 
89
  }
90
 
91
  /**
92
+ * @inheritDoc
93
+ * @version 6.0.0
 
 
 
 
 
94
  */
95
+ protected function initialize()
96
+ {
97
+ // Read direct access settings - those that are explicitly defined for the
98
+ // post
99
+ $option = $this->getSubject()->readOption(
100
+ self::OBJECT_TYPE, $this->ID . '|' . $this->post_type
101
+ );
 
 
 
 
 
 
 
 
102
 
103
+ $this->determineOverwritten($option);
 
 
 
104
 
105
+ if ($this->suppressFilters() === false) {
106
+ // Trigger custom functionality that may populate the post access options
107
+ // after initial setup. Typically is used by third party functionality and
108
+ // premium AAM plugins.
109
+ $option = apply_filters('aam_post_object_option_filter', $option, $this);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
110
  }
111
 
112
+ // Finally set the option for this object
113
  $this->setOption($option);
114
  }
115
+
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
116
  /**
117
  * Set Post
118
  *
120
  *
121
  * @return void
122
  *
 
 
 
 
 
 
 
 
 
 
 
123
  * @access protected
124
+ * @version 6.0.0
125
  */
126
+ protected function setPost($post)
127
+ {
128
+ $this->_post = $post;
 
 
 
 
 
129
  }
130
 
131
  /**
132
+ * Check if particular access property is enabled
133
+ *
134
+ * Examples of such a access property is "restricted", "hidden", etc.
135
+ *
136
  * @param string $property
137
+ *
138
  * @return boolean
139
+ *
140
  * @access public
141
+ * @version 6.0.0
142
  */
143
+ public function is($property)
144
+ {
145
+ $result = false;
146
  $option = $this->getOption();
147
 
148
+ if (array_key_exists($property, $option)) {
149
+ if (is_bool($option[$property])) {
150
+ $result = $option[$property];
151
+ } else {
152
+ $result = !empty($option[$property]['enabled']);
153
+ }
154
+ }
155
+
156
+ return $result;
 
 
 
 
 
 
 
 
 
 
 
157
  }
158
+
159
  /**
160
+ * Check if particular action is allowed
161
+ *
162
+ * This is alias for the AAM_Core_Object_Post::is($property) method and is used
163
+ * only to improve code readability. Example of such action is "edit", "publish",
164
+ * etc.
165
+ *
166
  * @param string $property
167
+ *
 
168
  * @return boolean
169
+ *
170
  * @access public
171
+ * @version 6.0.0
172
  */
173
+ public function isAllowedTo($property)
174
+ {
175
+ return !$this->is($property);
176
  }
177
+
178
  /**
179
+ * Check if particular access option is enabled
180
+ *
181
+ * This is alias for the AAM_Core_Object_Post::is($property) method and is used
182
+ * only to improve code readability. Example of such action is "teaser",
183
+ * "origin", etc.
184
+ *
185
  * @param string $property
186
+ *
187
  * @return boolean
188
+ *
189
  * @access public
190
+ * @version 6.0.0
191
  */
192
+ public function has($property)
193
+ {
194
+ return $this->is($property);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
195
  }
196
+
197
  /**
198
+ * Get WP Post
199
+ *
200
+ * @return WP_Post
201
+ *
 
 
 
202
  * @access public
203
+ * @version 6.0.0
204
  */
205
+ public function getPost()
206
+ {
207
+ return $this->_post;
 
208
  }
209
+
210
  /**
211
+ * Save access settings
212
+ *
 
 
 
 
 
213
  * @return boolean
214
+ *
215
  * @access public
216
+ * @version 6.0.0
217
  */
218
+ public function save()
219
+ {
220
+ return $this->getSubject()->updateOption(
221
+ $this->getOption(), self::OBJECT_TYPE, $this->ID . '|' . $this->post_type
222
+ );
 
 
 
 
 
 
 
 
 
 
 
 
223
  }
224
+
225
  /**
226
+ * Reset access settings
227
  *
228
+ * @return boolean
229
  *
230
  * @access public
231
+ * @version 6.0.0
232
  */
233
+ public function reset()
234
+ {
235
+ return $this->getSubject()->deleteOption(
236
+ self::OBJECT_TYPE, $this->ID . '|' . $this->post_type
237
+ );
238
  }
239
+
240
  }
application/Core/Object/Redirect.php CHANGED
@@ -5,130 +5,55 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Access denied redirect object
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Core_Object_Redirect extends AAM_Core_Object {
17
-
18
- /**
19
- * Constructor
20
- *
21
- * @param AAM_Core_Subject $subject
22
- *
23
- * @return void
24
- *
25
- * @access public
26
- */
27
- public function __construct(AAM_Core_Subject $subject) {
28
- parent::__construct($subject);
29
 
30
- $this->initialize();
31
- }
32
-
33
  /**
34
- *
35
- */
36
- public function initialize() {
37
- $this->read();
38
- }
39
-
40
- /**
41
- *
42
- * @return void
43
  *
44
- * @access public
45
- */
46
- public function read() {
47
- $option = $this->getSubject()->readOption('redirect');
48
-
49
- //inherit from default Administrator role
50
- if (empty($option)) {
51
- //inherit from parent subject
52
- $option = $this->getSubject()->inheritFromParent('redirect');
53
-
54
- if (empty($option)) {
55
- $option = array();
56
- $this->readByArea('frontend', $option);
57
- $this->readByArea('backend', $option);
58
- }
59
- } else {
60
- $this->setOverwritten(true);
61
- }
62
-
63
- $this->setOption($option);
64
- }
65
-
66
- /**
67
- *
68
- * @param type $area
69
- * @param type $option
70
  */
71
- protected function readByArea($area, &$option) {
72
- $type = AAM_Core_Config::get("{$area}.redirect.type");
73
- if ($type) {
74
- $option["{$area}.redirect.type"] = $type;
75
- $option["{$area}.redirect.{$type}"] = AAM_Core_Config::get(
76
- "{$area}.redirect.{$type}"
77
- );
78
- }
79
- }
80
 
81
  /**
82
- * Save options
83
- *
84
- * @param string $property
85
- * @param boolean $value
86
- *
87
- * @return boolean
88
- *
89
- * @access public
90
  */
91
- public function save($property, $value) {
92
- $option = $this->getOption();
93
- $option[$property] = $value;
94
-
95
- return $this->getSubject()->updateOption($option, 'redirect');
96
- }
97
-
98
- /**
99
- *
100
- * @return type
101
- */
102
- public function reset() {
103
- return $this->getSubject()->deleteOption('redirect');
104
- }
105
 
106
- /**
107
- *
108
- * @param string $param
109
- *
110
- * @return boolean
111
- *
112
- * @access public
113
- */
114
- public function has($param) {
115
- $option = $this->getOption();
116
-
117
- return !empty($option[$param]);
118
  }
119
-
120
  /**
121
- *
 
122
  * @param string $param
123
- *
124
- * @return boolean
125
- *
 
126
  * @access public
 
127
  */
128
- public function get($param) {
 
129
  $option = $this->getOption();
130
-
131
- return !empty($option[$param]) ? $option[$param] : null;
132
  }
133
-
134
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Access denied redirect object
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Core_Object_Redirect extends AAM_Core_Object
19
+ {
 
 
 
 
 
 
 
 
 
 
 
20
 
 
 
 
21
  /**
22
+ * Type of object
 
 
 
 
 
 
 
 
23
  *
24
+ * @version 6.0.0
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
25
  */
26
+ const OBJECT_TYPE = 'redirect';
 
 
 
 
 
 
 
 
27
 
28
  /**
29
+ * @inheritdoc
30
+ * @version 6.0.0
 
 
 
 
 
 
31
  */
32
+ protected function initialize()
33
+ {
34
+ $option = $this->getSubject()->readOption(self::OBJECT_TYPE);
 
 
 
 
 
 
 
 
 
 
 
35
 
36
+ $this->determineOverwritten($option);
37
+
38
+ $this->setOption(is_array($option) ? $option : array());
 
 
 
 
 
 
 
 
 
39
  }
40
+
41
  /**
42
+ * Get access option
43
+ *
44
  * @param string $param
45
+ * @param mixed $default
46
+ *
47
+ * @return mixed
48
+ *
49
  * @access public
50
+ * @version 6.0.0
51
  */
52
+ public function get($param, $default = null)
53
+ {
54
  $option = $this->getOption();
55
+
56
+ return isset($option[$param]) ? $option[$param] : $default;
57
  }
58
+
59
  }
application/Core/Object/Route.php CHANGED
@@ -5,110 +5,63 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * API route object
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Core_Object_Route extends AAM_Core_Object {
 
17
 
18
  /**
19
- * Constructor
20
  *
21
- * @param AAM_Core_Subject $subject
22
- *
23
- * @return void
24
- *
25
- * @access public
26
  */
27
- public function __construct(AAM_Core_Subject $subject) {
28
- parent::__construct($subject);
29
-
30
- $option = AAM_Core_Compatibility::convertRoute(
31
- $this->getSubject()->readOption('route')
32
- );
33
-
34
- if (!empty($option)) {
35
- $this->setOverwritten(true);
36
- }
37
-
38
- // Load settings from Access & Security Policy
39
- if (empty($option)) {
40
- $stms = AAM_Core_Policy_Factory::get($subject)->find("/^Route:/i");
41
-
42
- foreach($stms as $key => $stm) {
43
- $chunks = explode(':', $key);
44
- $method = (isset($chunks[3]) ? $chunks[3] : 'post');
45
- $id = "{$chunks[1]}|{$chunks[2]}|{$method}";
46
-
47
- $option[$id] = ($stm['Effect'] === 'deny' ? 1 : 0);
48
- }
49
- }
50
-
51
  if (empty($option)) {
52
- $option = $this->getSubject()->inheritFromParent('route');
53
  }
54
-
55
- $this->setOption($option);
56
  }
57
-
58
  /**
59
- * Check if route is denied
60
- *
61
- * @param string $type REST or XMLRPC
62
  * @param string $route
63
  * @param string $method
64
- *
65
  * @return boolean
66
- *
67
  * @access public
 
68
  */
69
- public function has($type, $route, $method = 'POST') {
 
70
  $options = $this->getOption();
71
  $id = strtolower("{$type}|{$route}|{$method}");
72
-
73
- return !empty($options[$id]);
74
- }
75
 
76
- /**
77
- * Save menu option
78
- *
79
- * @return bool
80
- *
81
- * @access public
82
- */
83
- public function save($type, $route, $method, $value) {
84
- $option = $this->getOption();
85
-
86
- $id = strtolower("{$type}|{$route}|{$method}");
87
- $option[$id] = $value;
88
-
89
- $this->setOption($option);
90
-
91
- return $this->getSubject()->updateOption($this->getOption(), 'route');
92
- }
93
-
94
- /**
95
- * Reset default settings
96
- *
97
- * @return bool
98
- *
99
- * @access public
100
- */
101
- public function reset() {
102
- return $this->getSubject()->deleteOption('route');
103
  }
104
 
105
- /**
106
- *
107
- * @param type $external
108
- * @return type
109
- */
110
- public function mergeOption($external) {
111
- return AAM::api()->mergeSettings($external, $this->getOption(), 'route');
112
- }
113
-
114
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * API route object
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Core_Object_Route extends AAM_Core_Object
19
+ {
20
 
21
  /**
22
+ * Type of object
23
  *
24
+ * @version 6.0.0
 
 
 
 
25
  */
26
+ const OBJECT_TYPE = 'route';
27
+
28
+ /**
29
+ * @inheritdoc
30
+ * @version 6.0.0
31
+ */
32
+ protected function initialize()
33
+ {
34
+ $option = $this->getSubject()->readOption('route');
35
+
36
+ $this->determineOverwritten($option);
37
+
38
+ // Trigger custom functionality that may populate the menu options. For
39
+ // example, this hooks is used by Access Policy service
 
 
 
 
 
 
 
 
 
 
40
  if (empty($option)) {
41
+ $option = apply_filters('aam_route_object_option_filter', $option, $this);
42
  }
43
+
44
+ $this->setOption(is_array($option) ? $option : array());
45
  }
46
+
47
  /**
48
+ * Check if route is restricted
49
+ *
50
+ * @param string $type REST or XMLRPC
51
  * @param string $route
52
  * @param string $method
53
+ *
54
  * @return boolean
55
+ *
56
  * @access public
57
+ * @version 6.0.0
58
  */
59
+ public function isRestricted($type, $route, $method = 'POST')
60
+ {
61
  $options = $this->getOption();
62
  $id = strtolower("{$type}|{$route}|{$method}");
 
 
 
63
 
64
+ return !empty($options[$id]);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
65
  }
66
 
 
 
 
 
 
 
 
 
 
67
  }
application/Core/Object/Toolbar.php CHANGED
@@ -5,133 +5,70 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Admin toolbar object
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Core_Object_Toolbar extends AAM_Core_Object {
 
17
 
18
  /**
19
- * Constructor
20
  *
21
- * @param AAM_Core_Subject $subject
22
- *
23
- * @return void
24
- *
25
- * @access public
 
 
26
  */
27
- public function __construct(AAM_Core_Subject $subject) {
28
- parent::__construct($subject);
29
-
30
  $option = $this->getSubject()->readOption('toolbar');
31
-
32
- if (!empty($option)) {
33
- $this->setOverwritten(true);
34
- }
35
-
36
- // Load settings from Access & Security Policy
37
- if (empty($option)) {
38
- $stms = AAM_Core_Policy_Factory::get($subject)->find("/^Toolbar:/i");
39
-
40
- foreach($stms as $key => $stm) {
41
- $chunks = explode(':', $key);
42
- $option[$chunks[1]] = ($stm['Effect'] === 'deny' ? 1 : 0);
43
- }
44
- }
45
-
46
  if (empty($option)) {
47
- $option = $this->getSubject()->inheritFromParent('toolbar');
 
 
48
  }
49
-
50
- $this->setOption($option);
51
  }
52
 
53
  /**
54
  * Check is item defined
55
- *
56
  * Check if toolbar item defined in options based on the id
57
- *
58
  * @param string $item
59
- *
60
  * @return boolean
61
- *
62
  * @access public
 
63
  */
64
- public function has($item, $both = false) {
 
65
  $options = $this->getOption();
66
-
67
  // Step #1. Check if toolbar item is directly restricted
68
  $direct = !empty($options[$item]);
69
-
70
  // Step #2. Check if whole branch is restricted
71
  $branch = ($both && !empty($options['toolbar-' . $item]));
72
-
73
- return $direct || $branch;
74
- }
75
-
76
- /**
77
- * Allow access to a specific menu
78
- *
79
- * @param string $menu
80
- *
81
- * @return boolean
82
- *
83
- * @access public
84
- */
85
- public function allow($menu) {
86
- return $this->save($menu, 0);
87
- }
88
-
89
- /**
90
- * Deny access to a specific menu
91
- *
92
- * @param string $menu
93
- *
94
- * @return boolean
95
- *
96
- * @access public
97
- */
98
- public function deny($menu) {
99
- return $this->save($menu, 1);
100
- }
101
 
102
- /**
103
- * Save menu option
104
- *
105
- * @return bool
106
- *
107
- * @access public
108
- */
109
- public function save($item = null, $value = null) {
110
- if (!is_null($item)) { // keep it compatible with main Manager.save
111
- $this->updateOptionItem($item, $value);
112
- }
113
-
114
- return $this->getSubject()->updateOption($this->getOption(), 'toolbar');
115
- }
116
-
117
- /**
118
- * Reset default settings
119
- *
120
- * @return bool
121
- *
122
- * @access public
123
- */
124
- public function reset() {
125
- return $this->getSubject()->deleteOption('toolbar');
126
- }
127
-
128
- /**
129
- *
130
- * @param type $external
131
- * @return type
132
- */
133
- public function mergeOption($external) {
134
- return AAM::api()->mergeSettings($external, $this->getOption(), 'toolbar');
135
  }
136
 
137
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Admin toolbar object
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Core_Object_Toolbar extends AAM_Core_Object
19
+ {
20
 
21
  /**
22
+ * Type of object
23
  *
24
+ * @version 6.0.0
25
+ */
26
+ const OBJECT_TYPE = 'toolbar';
27
+
28
+ /**
29
+ * @inheritdoc
30
+ * @version 6.0.0
31
  */
32
+ protected function initialize()
33
+ {
 
34
  $option = $this->getSubject()->readOption('toolbar');
35
+
36
+ $this->determineOverwritten($option);
37
+
38
+ // Trigger custom functionality that may populate the menu options. For
39
+ // example, this hooks is used by Access Policy service
 
 
 
 
 
 
 
 
 
 
40
  if (empty($option)) {
41
+ $option = apply_filters(
42
+ 'aam_toolbar_object_option_filter', $option, $this
43
+ );
44
  }
45
+
46
+ $this->setOption(is_array($option) ? $option : array());
47
  }
48
 
49
  /**
50
  * Check is item defined
51
+ *
52
  * Check if toolbar item defined in options based on the id
53
+ *
54
  * @param string $item
55
+ *
56
  * @return boolean
57
+ *
58
  * @access public
59
+ * @version 6.0.0
60
  */
61
+ public function isHidden($item, $both = false)
62
+ {
63
  $options = $this->getOption();
64
+
65
  // Step #1. Check if toolbar item is directly restricted
66
  $direct = !empty($options[$item]);
67
+
68
  // Step #2. Check if whole branch is restricted
69
  $branch = ($both && !empty($options['toolbar-' . $item]));
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
70
 
71
+ return $direct || $branch;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
72
  }
73
 
74
  }
application/Core/Object/Uri.php CHANGED
@@ -5,125 +5,83 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * URI object
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Core_Object_Uri extends AAM_Core_Object {
 
17
 
18
  /**
19
- * Constructor
20
  *
21
- * @param AAM_Core_Subject $subject
22
- *
23
- * @return void
24
- *
25
- * @access public
26
  */
27
- public function __construct(AAM_Core_Subject $subject) {
28
- parent::__construct($subject);
29
-
30
- $option = $this->getSubject()->readOption('uri');
31
-
32
- if (!empty($option)) {
33
- $this->setOverwritten(true);
34
- }
35
-
36
- if (empty($option)) {
37
- $stms = AAM_Core_Policy_Factory::get($subject)->find("/^URI:/i");
38
-
39
- foreach($stms as $key => $stm) {
40
- $chunks = explode(':', $key);
41
- $effect = ($stm['Effect'] === 'deny' ? 1 : 0);
42
- $type = $stm['Effect'];
43
- $destination = null;
44
- $code = null;
45
-
46
- if ($effect === 1 && !empty($stm['Metadata']['Redirect'])) {
47
- $redirect = $stm['Metadata']['Redirect'];
48
- $type = strtolower($redirect['Type']);
49
- $code = isset($redirect['Code']) ? $redirect['Code'] : 307;
50
-
51
- switch($type) {
52
- case 'message':
53
- $destination = $redirect['Message'];
54
- break;
55
-
56
- case 'page':
57
- if (isset($redirect['Id'])) {
58
- $destination = intval($redirect['Id']);
59
- } elseif (isset($redirect['Slug'])) {
60
- $page = get_page_by_path($redirect['Slug'], OBJECT);
61
- $destination = (is_a($page, 'WP_Post') ? $page->ID : 0);
62
- }
63
- break;
64
-
65
- case 'url':
66
- $destination = filter_var(
67
- $redirect['URL'],
68
- FILTER_VALIDATE_URL
69
- );
70
- if (empty($destination)) {
71
- $type = 'message';
72
- $destination = "Invalid URL: [{$redirect['URL']}]";
73
- }
74
- break;
75
-
76
- case 'callback':
77
- $destination = $redirect['Callback'];
78
- break;
79
- }
80
- }
81
-
82
- $option[crc32($chunks[1] . $type. $destination)] = array(
83
- 'uri' => $chunks[1],
84
- 'type' => $type,
85
- 'action' => $destination,
86
- 'code' => $code
87
- );
88
- }
89
- }
90
 
 
 
91
  if (empty($option)) {
92
- $option = $this->getSubject()->inheritFromParent('uri');
93
  }
94
-
95
- $this->setOption($option);
96
  }
97
-
98
  /**
99
- *
100
- * @param type $uri
101
- *
 
 
102
  * @return null|array
 
 
 
103
  */
104
- public function findMatch($s, $params = array()) {
105
- $match = null;
106
- $options = $this->getOption();
107
-
108
- if (!empty($options)) {
109
- foreach($options as $rule) {
110
- $uri = wp_parse_url($rule['uri']);
111
- $out = array();
112
-
113
- if (!empty($uri['query'])) {
114
- parse_str($uri['query'], $out);
115
- }
116
 
117
- // normalize the search and target URIs
118
- $s = rtrim($s, '/');
119
- $uri['path'] = rtrim((isset($uri['path']) ? $uri['path'] : ''), '/');
120
-
121
- $regex = '@^' . preg_quote($uri['path']) . '$@';
122
-
123
- if (apply_filters('aam-uri-match-filter', preg_match($regex, $s), $uri, $s)
124
- && (empty($out) || count(array_intersect_assoc($params, $out)) === count($out))) {
125
- $match = $rule;
126
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
127
  }
128
  }
129
 
@@ -131,78 +89,59 @@ class AAM_Core_Object_Uri extends AAM_Core_Object {
131
  }
132
 
133
  /**
134
- * Save menu option
135
- *
136
- * @return bool
137
- *
 
 
138
  * @access public
 
139
  */
140
- public function save($id, $uri, $type, $action = null, $code = 307) {
 
141
  $option = $this->getOption();
142
- $option[$id] = array(
143
- 'uri' => $uri,
144
- 'type' => $type,
145
- 'action' => $action,
146
- 'code' => $code
147
- );
148
- $this->setOption($option);
149
-
150
- return $this->getSubject()->updateOption($this->getOption(), 'uri');
151
- }
152
-
153
- /**
154
- *
155
- * @param type $id
156
- *
157
- * @return type
158
- */
159
- public function delete($id) {
160
- $option = $this->getOption();
161
- if (isset($option[$id])) {
162
- unset($option[$id]);
163
  }
164
- $this->setOption($option);
165
-
166
- return $this->getSubject()->updateOption($this->getOption(), 'uri');
167
  }
168
-
169
  /**
170
- * Reset default settings
171
- *
172
- * @return bool
173
- *
 
 
174
  * @access public
 
175
  */
176
- public function reset() {
177
- return $this->getSubject()->deleteOption('uri');
178
- }
179
-
180
- /**
181
- *
182
- * @param array $external
183
- *
184
- * @return type
185
- */
186
- public function mergeOption($external) {
187
- $combined = array_merge($external, $this->getOption());
188
- $merged = array();
189
-
190
- $preference = AAM::api()->getConfig(
191
- "core.settings.uri.merge.preference", 'deny'
192
- );
193
-
194
- foreach($combined as $key => $options) {
195
  // If merging preference is "deny" and at least one of the access
196
  // settings is checked, then final merged array will have it set
197
  // to checked
198
- if (!isset($merged[$options['uri']])) {
199
- $merged[$key] = $options;
200
  } else {
201
- if (($preference === 'deny') && ($options['type'] !== 'allow')) {
202
- $merged[$key] = $options;
203
  break;
204
- } elseif ($preference === 'allow' && ($options['type'] === 'allow')) {
205
- $merged[$key] = $options;
206
  break;
207
  }
208
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * URI object
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Core_Object_Uri extends AAM_Core_Object
19
+ {
20
 
21
  /**
22
+ * Type of object
23
  *
24
+ * @version 6.0.0
 
 
 
 
25
  */
26
+ const OBJECT_TYPE = 'uri';
27
+
28
+ /**
29
+ * @inheritdoc
30
+ * @version 6.0.0
31
+ */
32
+ protected function initialize()
33
+ {
34
+ $option = $this->getSubject()->readOption(self::OBJECT_TYPE);
35
+
36
+ $this->determineOverwritten($option);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
37
 
38
+ // Trigger custom functionality that may populate the menu options. For
39
+ // example, this hooks is used by Access Policy service
40
  if (empty($option)) {
41
+ $option = apply_filters('aam_uri_object_option_filter', $option, $this);
42
  }
43
+
44
+ $this->setOption(is_array($option) ? $option : array());
45
  }
46
+
47
  /**
48
+ * Find the match in the set of rules
49
+ *
50
+ * @param string $s
51
+ * @param array $params
52
+ *
53
  * @return null|array
54
+ *
55
+ * @access public
56
+ * @version 6.0.0
57
  */
58
+ public function findMatch($s, $params = array())
59
+ {
60
+ $match = null;
 
 
 
 
 
 
 
 
 
61
 
62
+ foreach ($this->getOption() as $uri => $rule) {
63
+ $meta = wp_parse_url($uri);
64
+ $out = array();
65
+
66
+ if (!empty($meta['query'])) {
67
+ parse_str($meta['query'], $out);
68
+ }
69
+
70
+ // Normalize the search and target URIs
71
+ $s = rtrim($s, '/');
72
+ $meta['path'] = rtrim(isset($meta['path']) ? $meta['path'] : '', '/');
73
+ $regex = '@^' . preg_quote($meta['path']) . '$@';
74
+
75
+ // Perform the initial match for the base URI
76
+ $uri_matched = apply_filters(
77
+ 'aam_uri_match_filter', preg_match($regex, $s), $uri, $s
78
+ );
79
+
80
+ // Perform the initial match for the query params if defined
81
+ $query_matched = empty($out) || (count(array_intersect_assoc($params, $out)) === count($out));
82
+
83
+ if ($uri_matched && $query_matched) {
84
+ $match = $rule;
85
  }
86
  }
87
 
89
  }
90
 
91
  /**
92
+ * Delete specified URI rule
93
+ *
94
+ * @param string $uri
95
+ *
96
+ * @return boolean
97
+ *
98
  * @access public
99
+ * @version 6.0.0
100
  */
101
+ public function delete($uri)
102
+ {
103
  $option = $this->getOption();
104
+
105
+ if (isset($option[$uri])) {
106
+ unset($option[$uri]);
107
+
108
+ $this->setOption($option);
109
+
110
+ $result = $this->getSubject()->updateOption(
111
+ $this->getOption(), self::OBJECT_TYPE
112
+ );
 
 
 
 
 
 
 
 
 
 
 
 
113
  }
114
+
115
+ return !empty($result);
 
116
  }
117
+
118
  /**
119
+ * Merge URI access settings
120
+ *
121
+ * @param array $options
122
+ *
123
+ * @return array
124
+ *
125
  * @access public
126
+ * @version 6.0.0
127
  */
128
+ public function mergeOption($options)
129
+ {
130
+ $merged = array();
131
+ $pref = AAM::api()->getConfig('core.settings.uri.merge.preference', 'deny');
132
+
133
+ foreach (array_merge($options, $this->getOption()) as $uri => $options) {
 
 
 
 
 
 
 
 
 
 
 
 
 
134
  // If merging preference is "deny" and at least one of the access
135
  // settings is checked, then final merged array will have it set
136
  // to checked
137
+ if (!isset($merged[$uri])) {
138
+ $merged[$uri] = $options;
139
  } else {
140
+ if (($pref === 'deny') && ($options['type'] !== 'allow')) {
141
+ $merged[$uri] = $options;
142
  break;
143
+ } elseif ($pref === 'allow' && ($options['type'] === 'allow')) {
144
+ $merged[$uri] = $options;
145
  break;
146
  }
147
  }
application/Core/Object/Visibility.php CHANGED
@@ -5,165 +5,156 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Post visibility object
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Core_Object_Visibility extends AAM_Core_Object {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
17
 
18
  /**
19
  * Constructor
20
  *
21
  * @param AAM_Core_Subject $subject
 
 
22
  *
23
  * @return void
24
  *
25
  * @access public
 
26
  */
27
- public function __construct(AAM_Core_Subject $subject) {
28
- parent::__construct($subject);
 
 
 
 
29
 
 
 
 
 
 
 
 
30
  $this->initialize();
31
  }
32
-
33
  /**
34
- *
35
- * @global type $wpdb
36
  */
37
- public function initialize() {
38
- global $wpdb;
39
-
40
- $subject = $this->getSubject();
41
-
42
- $query = "SELECT pm.`post_id`, pm.`meta_value`, p.`post_type` ";
43
- $query .= "FROM {$wpdb->postmeta} AS pm ";
44
- $query .= "LEFT JOIN {$wpdb->posts} AS p ON (pm.`post_id` = p.ID) ";
45
- $query .= "WHERE pm.`meta_key` = %s";
46
-
47
- if ($wpdb->query($wpdb->prepare($query, $this->getOptionName('post')))) {
48
- foreach($wpdb->last_result as $row) {
49
- $settings = maybe_unserialize($row->meta_value);
50
- $this->pushOptions('post', $row->post_id . '|' . $row->post_type, $settings);
51
- }
52
- }
53
-
54
- // Read all the settings from the Access & Security Policies
55
- $area = AAM_Core_Api_Area::get();
56
- $stms = AAM_Core_Policy_Factory::get($subject)->find("/^post:(.*):list$/");
57
-
58
- foreach($stms as $key => $stm) {
59
- $chunks = explode(':', $key);
60
-
61
- if (is_numeric($chunks[2])) {
62
- $postId = $chunks[2];
63
- } else {
64
- $post = get_page_by_path(
65
- $chunks[2], OBJECT, $chunks[1]
66
- );
67
- $postId = (is_a($post, 'WP_Post') ? $post->ID : 0);
68
- }
69
 
70
- // Cover the case when unknown slug is used
71
- if (!empty($postId)) {
72
- $this->pushOptions(
73
- 'post',
74
- "{$postId}|{$chunks[1]}",
75
- array(
76
- "{$area}.list" => ($stm['Effect'] === 'deny' ? 1 : 0)
77
- )
78
- );
79
- }
80
  }
81
 
82
- do_action('aam-visibility-initialize-action', $this);
83
-
84
- // inherit settings from parent
85
- $option = $subject->inheritFromParent('visibility', 0);
86
- if (!empty($option)) {
87
- $option = array_replace_recursive($option, $this->getOption());
88
- } else {
89
- $option = $this->getOption();
90
  }
91
-
92
- $this->setOption($option);
93
  }
94
-
95
  /**
96
- *
97
- * @param type $object
98
- * @param type $id
99
- * @param type $options
100
- * @return type
 
 
 
 
 
101
  */
102
- public function pushOptions($object, $id, $options) {
 
 
103
  $filtered = array();
104
- $listOptions = apply_filters(
105
- 'aam-post-list-options-filter',
106
- array('frontend.list', 'backend.list', 'api.list')
107
- );
108
-
109
- foreach($options as $key => $value) {
110
- if (in_array($key, $listOptions, true)) {
111
  $filtered[$key] = $value;
112
  }
113
  }
114
-
115
  if (empty($filtered)) {
116
  $filtered = array_combine(
117
- $listOptions,
118
- array_fill(0, count($listOptions), 0)
119
  );
120
  }
121
-
122
- $option = $this->getOption();
123
  if (!isset($option[$object][$id])) {
124
  $option[$object][$id] = $filtered;
 
 
125
  }
126
  $this->setOption($option);
127
-
128
  return $filtered;
129
  }
130
-
131
  /**
132
- *
133
- * @param type $object
134
- * @param type $id
135
- * @return type
 
 
 
 
136
  */
137
- public function has($object, $id = null) {
 
138
  $option = $this->getOption();
139
-
140
- return (is_null($id) ? isset($option[$object]) : isset($option[$object][$id]));
141
- }
142
-
143
- /**
144
- * Generate option name
145
- *
146
- * @return string
147
- *
148
- * @access protected
149
- */
150
- protected function getOptionName($object) {
151
- $subject = $this->getSubject();
152
-
153
- //prepare option name
154
- $meta_key = 'aam-' . $object . '-access-' . $subject->getUID();
155
- $meta_key .= ($subject->getId() ? $subject->getId() : '');
156
-
157
- return $meta_key;
158
  }
159
 
160
  /**
161
- *
162
- * @param type $external
163
- * @return type
 
 
 
 
 
164
  */
165
- public function mergeOption($external) {
166
- return AAM::api()->mergeSettings($external, $this->getOption(), 'post');
 
 
 
167
  }
168
 
169
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Post visibility object
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Core_Object_Visibility extends AAM_Core_Object
19
+ {
20
+
21
+ /**
22
+ * Type of object
23
+ *
24
+ * @version 6.0.0
25
+ */
26
+ const OBJECT_TYPE = 'visibility';
27
+
28
+ /**
29
+ * List of properties that are responsible for visibility
30
+ *
31
+ * @var array
32
+ *
33
+ * @access protected
34
+ * @version 6.0.0
35
+ */
36
+ protected $accessProperties = array();
37
 
38
  /**
39
  * Constructor
40
  *
41
  * @param AAM_Core_Subject $subject
42
+ * @param mixed $id
43
+ * @param boolean $setSuppressFilters
44
  *
45
  * @return void
46
  *
47
  * @access public
48
+ * @version 6.0.0
49
  */
50
+ public function __construct(
51
+ AAM_Core_Subject $subject, $id = null, $suppressFilters = false
52
+ ) {
53
+ $this->setSubject($subject);
54
+ $this->setId($id);
55
+ $this->setSuppressFilters($suppressFilters);
56
 
57
+ // Determine post access properties that are responsible for the post
58
+ // visibility
59
+ $this->accessProperties = apply_filters(
60
+ 'aam_visibility_options_filter', array('hidden')
61
+ );
62
+
63
+ // Initialize the object
64
  $this->initialize();
65
  }
66
+
67
  /**
68
+ * @inheritDoc
69
+ * @version 6.0.0
70
  */
71
+ protected function initialize()
72
+ {
73
+ $posts = $this->getSubject()->readOption(AAM_Core_Object_Post::OBJECT_TYPE);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
74
 
75
+ foreach ($posts as $id => $settings) {
76
+ $this->pushOptions('post', $id, $settings);
 
 
 
 
 
 
 
 
77
  }
78
 
79
+ if ($this->suppressFilters() === false) {
80
+ // Initialize post visibility option. This hooks is used by Access Policy
81
+ // service as well as Plus Package to populate visibility list
82
+ do_action('aam_visibility_object_init_action', $this);
 
 
 
 
83
  }
 
 
84
  }
85
+
86
  /**
87
+ * Push visibility option to the registry
88
+ *
89
+ * @param string $object
90
+ * @param mixed $id
91
+ * @param array $options
92
+ *
93
+ * @return array
94
+ *
95
+ * @access public
96
+ * @version 6.0.0
97
  */
98
+ public function pushOptions($object, $id, $options)
99
+ {
100
+ $option = $this->getOption();
101
  $filtered = array();
102
+
103
+ foreach ($options as $key => $value) {
104
+ if (in_array($key, $this->accessProperties, true)) {
 
 
 
 
105
  $filtered[$key] = $value;
106
  }
107
  }
108
+
109
  if (empty($filtered)) {
110
  $filtered = array_combine(
111
+ $this->accessProperties,
112
+ array_fill(0, count($this->accessProperties), false)
113
  );
114
  }
115
+
 
116
  if (!isset($option[$object][$id])) {
117
  $option[$object][$id] = $filtered;
118
+ } else {
119
+ $option[$object][$id] = array_replace($filtered, $option[$object][$id]);
120
  }
121
  $this->setOption($option);
122
+
123
  return $filtered;
124
  }
125
+
126
  /**
127
+ * Get visibility segment
128
+ *
129
+ * @param string $segment
130
+ *
131
+ * @return array
132
+ *
133
+ * @access public
134
+ * @version 6.0.0
135
  */
136
+ public function getSegment($segment)
137
+ {
138
  $option = $this->getOption();
139
+
140
+ return (isset($option[$segment]) ? $option[$segment] : array());
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
141
  }
142
 
143
  /**
144
+ * Merge visibility settings
145
+ *
146
+ * @param array $options
147
+ *
148
+ * @return array
149
+ *
150
+ * @access public
151
+ * @version 6.0.0
152
  */
153
+ public function mergeOption($options)
154
+ {
155
+ return AAM::api()->mergeSettings(
156
+ $options, $this->getOption(), AAM_Core_Object_Post::OBJECT_TYPE
157
+ );
158
  }
159
 
160
  }
application/Core/Policy/Condition.php CHANGED
@@ -5,34 +5,29 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * AAM core policy condition evaluator
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- * @since AAM v5.8.2
16
  */
17
- final class AAM_Core_Policy_Condition {
18
-
19
- /**
20
- * Single instance of itself
21
- *
22
- * @var AAM_Core_Policy_Condition
23
- *
24
- * @access protected
25
- * @static
26
- */
27
- protected static $instance = null;
28
-
29
  /**
30
  * Map between condition type and method that evaluates the
31
  * group of conditions
32
- *
33
  * @var array
34
- *
35
  * @access protected
 
36
  */
37
  protected $map = array(
38
  'between' => 'evaluateBetweenConditions',
@@ -48,374 +43,401 @@ final class AAM_Core_Policy_Condition {
48
  'notlike' => 'evaluateNotLikeConditions',
49
  'regex' => 'evaluateRegexConditions'
50
  );
51
-
52
- /**
53
- * Constructor
54
- *
55
- * @return void
56
- *
57
- * @access protected
58
- */
59
- protected function __construct() {}
60
-
61
  /**
62
  * Evaluate the group of conditions based on type
63
- *
64
  * @param array $conditions List of conditions
65
  * @param array $args Since 5.9 - Inline args for evaluation
66
- *
67
  * @return boolean
68
- *
69
  * @access public
 
70
  */
71
- public function evaluate($conditions, $args = array()) {
72
- $result = true;
 
73
 
74
- foreach($conditions as $type => $conditions) {
75
  $type = strtolower($type);
76
-
77
  if (isset($this->map[$type])) {
78
  $callback = array($this, $this->map[$type]);
79
-
80
  // Since v5.9.2 - if specific condition type is array, then combine
81
  // them with AND operation
82
- if (isset($conditions[0]) && is_array($conditions[0])) {
83
- foreach($conditions as $set) {
84
- $result = $result && call_user_func($callback, $set, $args);
85
  }
86
  } else {
87
- $result = $result && call_user_func($callback, $conditions, $args);
88
  }
89
  } else {
90
- $result = false;
91
  }
92
  }
93
 
94
- return $result;
95
  }
96
-
97
  /**
98
  * Evaluate group of BETWEEN conditions
99
- *
100
  * @param array $conditions
101
  * @param array $args
102
- *
103
  * @return boolean
104
- *
105
  * @access protected
 
106
  */
107
- protected function evaluateBetweenConditions($conditions, $args) {
 
108
  $result = false;
109
 
110
- foreach($this->prepareConditions($conditions, $args) as $condition) {
111
  // Convert the right condition into the array of array to cover more
112
  // complex between conditions like [[0,8],[13,15]]
113
- if (is_array($condition['right'][0])) {
114
- $right = $condition['right'];
115
  } else {
116
- $right = array($condition['right']);
117
  }
118
- foreach($right as $subset) {
119
  $min = (is_array($subset) ? array_shift($subset) : $subset);
120
  $max = (is_array($subset) ? end($subset) : $subset);
121
-
122
- $result = $result || ($condition['left'] >= $min && $condition['left'] <= $max);
123
  }
124
  }
125
 
126
  return $result;
127
  }
128
-
129
  /**
130
  * Evaluate group of EQUALS conditions
131
- *
132
  * The values have to be identical
133
- *
134
  * @param array $conditions
135
  * @param array $args
136
- *
137
  * @return boolean
138
- *
139
  * @access protected
 
140
  */
141
- protected function evaluateEqualsConditions($conditions, $args) {
 
142
  $result = false;
143
 
144
- foreach($this->prepareConditions($conditions, $args) as $condition) {
145
  $result = $result || ($condition['left'] === $condition['right']);
146
  }
147
 
148
  return $result;
149
  }
150
-
151
  /**
152
  * Evaluate group of NOT EQUALs conditions
153
- *
154
  * @param array $conditions
155
  * @param array $args
156
- *
157
  * @return boolean
158
- *
159
  * @access protected
 
160
  */
161
- protected function evaluateNotEqualsConditions($conditions, $args) {
 
162
  return !$this->evaluateEqualsConditions($conditions, $args);
163
  }
164
-
165
  /**
166
  * Evaluate group of GREATER THEN conditions
167
- *
168
  * @param array $conditions
169
  * @param array $args
170
- *
171
  * @return boolean
172
- *
173
  * @access protected
 
174
  */
175
- protected function evaluateGreaterConditions($conditions, $args) {
 
176
  $result = false;
177
-
178
- foreach($this->prepareConditions($conditions, $args) as $condition) {
179
  $result = $result || ($condition['left'] > $condition['right']);
180
  }
181
-
182
  return $result;
183
  }
184
-
185
  /**
186
  * Evaluate group of LESS THEN conditions
187
- *
188
  * @param array $conditions
189
  * @param array $args
190
- *
191
  * @return boolean
192
- *
193
  * @access protected
 
194
  */
195
- protected function evaluateLessConditions($conditions, $args) {
 
196
  $result = false;
197
-
198
- foreach($this->prepareConditions($conditions, $args) as $condition) {
199
  $result = $result || ($condition['left'] < $condition['right']);
200
  }
201
-
202
  return $result;
203
  }
204
-
205
  /**
206
  * Evaluate group of GREATER OR EQUALS THEN conditions
207
- *
208
  * @param array $conditions
209
  * @param array $args
210
- *
211
  * @return boolean
212
- *
213
  * @access protected
 
214
  */
215
- protected function evaluateGreaterOrEqualsConditions($conditions, $args) {
 
216
  $result = false;
217
-
218
- foreach($this->prepareConditions($conditions, $args) as $condition) {
219
  $result = $result || ($condition['left'] >= $condition['right']);
220
  }
221
-
222
  return $result;
223
  }
224
-
225
  /**
226
  * Evaluate group of LESS OR EQUALS THEN conditions
227
- *
228
  * @param array $conditions
229
  * @param array $args
230
- *
231
  * @return boolean
232
- *
233
  * @access protected
 
234
  */
235
- protected function evaluateLessOrEqualsConditions($conditions, $args) {
 
236
  $result = false;
237
-
238
- foreach($this->prepareConditions($conditions, $args) as $condition) {
239
  $result = $result || ($condition['left'] <= $condition['right']);
240
  }
241
-
242
  return $result;
243
  }
244
-
245
  /**
246
  * Evaluate group of IN conditions
247
- *
248
  * @param array $conditions
249
  * @param array $args
250
- *
251
  * @return boolean
252
- *
253
  * @access protected
 
254
  */
255
- protected function evaluateInConditions($conditions, $args) {
 
256
  $result = false;
257
 
258
- foreach($this->prepareConditions($conditions, $args) as $condition) {
259
- $result = $result || in_array($condition['left'], (array)$condition['right'], true);
260
  }
261
-
262
  return $result;
263
  }
264
-
265
  /**
266
  * Evaluate group of NOT IN conditions
267
- *
268
  * @param array $conditions
269
  * @param array $args
270
- *
271
  * @return boolean
272
- *
273
  * @access protected
 
274
  */
275
- protected function evaluateNotInConditions($conditions, $args) {
 
276
  return !$this->evaluateInConditions($conditions, $args);
277
  }
278
-
279
  /**
280
  * Evaluate group of LIKE conditions
281
- *
282
  * @param array $conditions
283
  * @param array $args
284
- *
285
  * @return boolean
286
- *
287
  * @access protected
 
288
  */
289
- protected function evaluateLikeConditions($conditions, $args) {
 
290
  $result = false;
291
-
292
- foreach($this->prepareConditions($conditions, $args) as $condition) {
293
- foreach((array)$condition['right'] as $el) {
294
- $sub = str_replace('\*', '.*', preg_quote($el));
295
- $result = $result || preg_match('@^' . $sub . '$@', $condition['left']);
 
 
296
  }
297
  }
298
-
299
  return $result;
300
  }
301
-
302
  /**
303
  * Evaluate group of NOT LIKE conditions
304
- *
305
  * @param array $conditions
306
  * @param array $args
307
- *
308
  * @return boolean
309
- *
310
  * @access protected
 
311
  */
312
- protected function evaluateNotLikeConditions($conditions, $args) {
 
313
  return !$this->evaluateLikeConditions($conditions, $args);
314
  }
315
-
316
  /**
317
  * Evaluate group of REGEX conditions
318
- *
319
  * @param array $conditions
320
  * @param array $args
321
- *
322
  * @return boolean
323
- *
324
  * @access protected
 
325
  */
326
- protected function evaluateRegexConditions($conditions, $args) {
 
327
  $result = false;
328
-
329
- foreach($this->prepareConditions($conditions, $args) as $condition) {
330
  $result = $result || preg_match($condition['right'], $condition['left']);
331
  }
332
-
333
  return $result;
334
  }
335
-
336
  /**
337
  * Prepare conditions by replacing all defined tokens
338
- *
339
  * @param array $conditions
340
  * @param array $args
341
- *
342
  * @return array
343
- *
344
  * @access protected
 
345
  */
346
- protected function prepareConditions($conditions, $args) {
 
347
  $result = array();
348
-
349
  if (is_array($conditions)) {
350
- foreach($conditions as $left => $right) {
351
  $result[] = array(
352
  'left' => $this->parseExpression($left, $args),
353
  'right' => $this->parseExpression($right, $args)
354
  );
355
  }
356
  }
357
-
358
  return $result;
359
  }
360
-
361
  /**
362
  * Parse condition and try to replace all defined tokens
363
- *
364
  * @param mixed $exp Part of the condition (either left or right)
365
  * @param array $args Inline arguments
366
- *
367
  * @return mixed Prepared part of the condition or false on failure
368
- *
369
  * @access protected
 
370
  */
371
- protected function parseExpression($exp, $args) {
 
372
  if (is_scalar($exp)) {
373
  if (preg_match_all('/(\$\{[^}]+\})/', $exp, $match)) {
374
  $exp = AAM_Core_Policy_Token::evaluate($exp, $match[1], $args);
375
  }
376
 
 
 
377
  // If there is type scaling, perform it too
378
- if (preg_match('/^\(\*(string|ip|int|boolean|bool|array|null)\)(.*)/i', $exp, $scale)) {
379
- $exp = $this->scaleValue($scale[2], $scale[1]);
380
  }
381
  } elseif (is_array($exp) || is_object($exp)) {
382
- foreach($exp as &$value) {
383
  $value = $this->parseExpression($value, $args);
384
  }
385
  } elseif (is_null($exp) === false) {
386
  $exp = false;
387
  }
388
-
389
  return $exp;
390
  }
391
-
392
  /**
393
- * Scale value to specific type
394
- *
395
  * @param mixed $value
396
  * @param string $type
397
- *
398
  * @return mixed
399
- *
400
  * @access protected
 
401
  */
402
- protected function scaleValue($value, $type) {
403
- switch(strtolower($type)) {
 
404
  case 'string':
405
- $value = (string)$value;
406
  break;
407
-
408
  case 'ip':
409
  $value = inet_pton($value);
410
  break;
411
-
412
  case 'int':
413
- $value = (int)$value;
414
  break;
415
-
416
  case 'boolean':
417
  case 'bool':
418
- $value = (bool)$value;
419
  break;
420
 
421
  case 'array':
@@ -425,25 +447,12 @@ final class AAM_Core_Policy_Condition {
425
  case 'null':
426
  $value = ($value === '' ? null : $value);
427
  break;
 
 
 
428
  }
429
-
430
  return $value;
431
  }
432
-
433
- /**
434
- * Get single instance of itself
435
- *
436
- * @return AAM_Core_Policy_Condition
437
- *
438
- * @access public
439
- * @static
440
- */
441
- public static function getInstance() {
442
- if (is_null(self::$instance)) {
443
- self::$instance = new self;
444
- }
445
-
446
- return self::$instance;
447
- }
448
-
449
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * AAM core policy condition evaluator
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
 
17
  */
18
+ class AAM_Core_Policy_Condition
19
+ {
20
+
21
+ use AAM_Core_Contract_SingletonTrait;
22
+
 
 
 
 
 
 
 
23
  /**
24
  * Map between condition type and method that evaluates the
25
  * group of conditions
26
+ *
27
  * @var array
28
+ *
29
  * @access protected
30
+ * @version 6.0.0
31
  */
32
  protected $map = array(
33
  'between' => 'evaluateBetweenConditions',
43
  'notlike' => 'evaluateNotLikeConditions',
44
  'regex' => 'evaluateRegexConditions'
45
  );
46
+
 
 
 
 
 
 
 
 
 
47
  /**
48
  * Evaluate the group of conditions based on type
49
+ *
50
  * @param array $conditions List of conditions
51
  * @param array $args Since 5.9 - Inline args for evaluation
52
+ *
53
  * @return boolean
54
+ *
55
  * @access public
56
+ * @version 6.0.0
57
  */
58
+ public function evaluate($conditions, $args = array())
59
+ {
60
+ $res = true;
61
 
62
+ foreach ($conditions as $type => $condition) {
63
  $type = strtolower($type);
64
+
65
  if (isset($this->map[$type])) {
66
  $callback = array($this, $this->map[$type]);
67
+
68
  // Since v5.9.2 - if specific condition type is array, then combine
69
  // them with AND operation
70
+ if (isset($condition[0]) && is_array($condition[0])) {
71
+ foreach ($condition as $set) {
72
+ $res = $res && call_user_func($callback, $set, $args);
73
  }
74
  } else {
75
+ $res = $res && call_user_func($callback, $condition, $args);
76
  }
77
  } else {
78
+ $res = false;
79
  }
80
  }
81
 
82
+ return $res;
83
  }
84
+
85
  /**
86
  * Evaluate group of BETWEEN conditions
87
+ *
88
  * @param array $conditions
89
  * @param array $args
90
+ *
91
  * @return boolean
92
+ *
93
  * @access protected
94
+ * @version 6.0.0
95
  */
96
+ protected function evaluateBetweenConditions($conditions, $args)
97
+ {
98
  $result = false;
99
 
100
+ foreach ($this->prepareConditions($conditions, $args) as $cnd) {
101
  // Convert the right condition into the array of array to cover more
102
  // complex between conditions like [[0,8],[13,15]]
103
+ if (is_array($cnd['right'][0])) {
104
+ $right = $cnd['right'];
105
  } else {
106
+ $right = array($cnd['right']);
107
  }
108
+ foreach ($right as $subset) {
109
  $min = (is_array($subset) ? array_shift($subset) : $subset);
110
  $max = (is_array($subset) ? end($subset) : $subset);
111
+
112
+ $result = $result || ($cnd['left'] >= $min && $cnd['left'] <= $max);
113
  }
114
  }
115
 
116
  return $result;
117
  }
118
+
119
  /**
120
  * Evaluate group of EQUALS conditions
121
+ *
122
  * The values have to be identical
123
+ *
124
  * @param array $conditions
125
  * @param array $args
126
+ *
127
  * @return boolean
128
+ *
129
  * @access protected
130
+ * @version 6.0.0
131
  */
132
+ protected function evaluateEqualsConditions($conditions, $args)
133
+ {
134
  $result = false;
135
 
136
+ foreach ($this->prepareConditions($conditions, $args) as $condition) {
137
  $result = $result || ($condition['left'] === $condition['right']);
138
  }
139
 
140
  return $result;
141
  }
142
+
143
  /**
144
  * Evaluate group of NOT EQUALs conditions
145
+ *
146
  * @param array $conditions
147
  * @param array $args
148
+ *
149
  * @return boolean
150
+ *
151
  * @access protected
152
+ * @version 6.0.0
153
  */
154
+ protected function evaluateNotEqualsConditions($conditions, $args)
155
+ {
156
  return !$this->evaluateEqualsConditions($conditions, $args);
157
  }
158
+
159
  /**
160
  * Evaluate group of GREATER THEN conditions
161
+ *
162
  * @param array $conditions
163
  * @param array $args
164
+ *
165
  * @return boolean
166
+ *
167
  * @access protected
168
+ * @version 6.0.0
169
  */
170
+ protected function evaluateGreaterConditions($conditions, $args)
171
+ {
172
  $result = false;
173
+
174
+ foreach ($this->prepareConditions($conditions, $args) as $condition) {
175
  $result = $result || ($condition['left'] > $condition['right']);
176
  }
177
+
178
  return $result;
179
  }
180
+
181
  /**
182
  * Evaluate group of LESS THEN conditions
183
+ *
184
  * @param array $conditions
185
  * @param array $args
186
+ *
187
  * @return boolean
188
+ *
189
  * @access protected
190
+ * @version 6.0.0
191
  */
192
+ protected function evaluateLessConditions($conditions, $args)
193
+ {
194
  $result = false;
195
+
196
+ foreach ($this->prepareConditions($conditions, $args) as $condition) {
197
  $result = $result || ($condition['left'] < $condition['right']);
198
  }
199
+
200
  return $result;
201
  }
202
+
203
  /**
204
  * Evaluate group of GREATER OR EQUALS THEN conditions
205
+ *
206
  * @param array $conditions
207
  * @param array $args
208
+ *
209
  * @return boolean
210
+ *
211
  * @access protected
212
+ * @version 6.0.0
213
  */
214
+ protected function evaluateGreaterOrEqualsConditions($conditions, $args)
215
+ {
216
  $result = false;
217
+
218
+ foreach ($this->prepareConditions($conditions, $args) as $condition) {
219
  $result = $result || ($condition['left'] >= $condition['right']);
220
  }
221
+
222
  return $result;
223
  }
224
+
225
  /**
226
  * Evaluate group of LESS OR EQUALS THEN conditions
227
+ *
228
  * @param array $conditions
229
  * @param array $args
230
+ *
231
  * @return boolean
232
+ *
233
  * @access protected
234
+ * @version 6.0.0
235
  */
236
+ protected function evaluateLessOrEqualsConditions($conditions, $args)
237
+ {
238
  $result = false;
239
+
240
+ foreach ($this->prepareConditions($conditions, $args) as $condition) {
241
  $result = $result || ($condition['left'] <= $condition['right']);
242
  }
243
+
244
  return $result;
245
  }
246
+
247
  /**
248
  * Evaluate group of IN conditions
249
+ *
250
  * @param array $conditions
251
  * @param array $args
252
+ *
253
  * @return boolean
254
+ *
255
  * @access protected
256
+ * @version 6.0.0
257
  */
258
+ protected function evaluateInConditions($conditions, $args)
259
+ {
260
  $result = false;
261
 
262
+ foreach ($this->prepareConditions($conditions, $args) as $cnd) {
263
+ $result = $result || in_array($cnd['left'], (array) $cnd['right'], true);
264
  }
265
+
266
  return $result;
267
  }
268
+
269
  /**
270
  * Evaluate group of NOT IN conditions
271
+ *
272
  * @param array $conditions
273
  * @param array $args
274
+ *
275
  * @return boolean
276
+ *
277
  * @access protected
278
+ * @version 6.0.0
279
  */
280
+ protected function evaluateNotInConditions($conditions, $args)
281
+ {
282
  return !$this->evaluateInConditions($conditions, $args);
283
  }
284
+
285
  /**
286
  * Evaluate group of LIKE conditions
287
+ *
288
  * @param array $conditions
289
  * @param array $args
290
+ *
291
  * @return boolean
292
+ *
293
  * @access protected
294
+ * @version 6.0.0
295
  */
296
+ protected function evaluateLikeConditions($conditions, $args)
297
+ {
298
  $result = false;
299
+
300
+ foreach ($this->prepareConditions($conditions, $args) as $cnd) {
301
+ foreach ((array) $cnd['right'] as $el) {
302
+ $sub = str_replace(
303
+ array('\*', '@'), array('.*', '\\@'), preg_quote($el)
304
+ );
305
+ $result = $result || preg_match('@^' . $sub . '$@', $cnd['left']);
306
  }
307
  }
308
+
309
  return $result;
310
  }
311
+
312
  /**
313
  * Evaluate group of NOT LIKE conditions
314
+ *
315
  * @param array $conditions
316
  * @param array $args
317
+ *
318
  * @return boolean
319
+ *
320
  * @access protected
321
+ * @version 6.0.0
322
  */
323
+ protected function evaluateNotLikeConditions($conditions, $args)
324
+ {
325
  return !$this->evaluateLikeConditions($conditions, $args);
326
  }
327
+
328
  /**
329
  * Evaluate group of REGEX conditions
330
+ *
331
  * @param array $conditions
332
  * @param array $args
333
+ *
334
  * @return boolean
335
+ *
336
  * @access protected
337
+ * @version 6.0.0
338
  */
339
+ protected function evaluateRegexConditions($conditions, $args)
340
+ {
341
  $result = false;
342
+
343
+ foreach ($this->prepareConditions($conditions, $args) as $condition) {
344
  $result = $result || preg_match($condition['right'], $condition['left']);
345
  }
346
+
347
  return $result;
348
  }
349
+
350
  /**
351
  * Prepare conditions by replacing all defined tokens
352
+ *
353
  * @param array $conditions
354
  * @param array $args
355
+ *
356
  * @return array
357
+ *
358
  * @access protected
359
+ * @version 6.0.0
360
  */
361
+ protected function prepareConditions($conditions, $args)
362
+ {
363
  $result = array();
364
+
365
  if (is_array($conditions)) {
366
+ foreach ($conditions as $left => $right) {
367
  $result[] = array(
368
  'left' => $this->parseExpression($left, $args),
369
  'right' => $this->parseExpression($right, $args)
370
  );
371
  }
372
  }
373
+
374
  return $result;
375
  }
376
+
377
  /**
378
  * Parse condition and try to replace all defined tokens
379
+ *
380
  * @param mixed $exp Part of the condition (either left or right)
381
  * @param array $args Inline arguments
382
+ *
383
  * @return mixed Prepared part of the condition or false on failure
384
+ *
385
  * @access protected
386
+ * @version 6.0.0
387
  */
388
+ protected function parseExpression($exp, $args)
389
+ {
390
  if (is_scalar($exp)) {
391
  if (preg_match_all('/(\$\{[^}]+\})/', $exp, $match)) {
392
  $exp = AAM_Core_Policy_Token::evaluate($exp, $match[1], $args);
393
  }
394
 
395
+ $types = 'string|ip|int|boolean|bool|array|null';
396
+
397
  // If there is type scaling, perform it too
398
+ if (preg_match('/^\(\*(' . $types . ')\)(.*)/i', $exp, $scale)) {
399
+ $exp = $this->castValue($scale[2], $scale[1]);
400
  }
401
  } elseif (is_array($exp) || is_object($exp)) {
402
+ foreach ($exp as &$value) {
403
  $value = $this->parseExpression($value, $args);
404
  }
405
  } elseif (is_null($exp) === false) {
406
  $exp = false;
407
  }
408
+
409
  return $exp;
410
  }
411
+
412
  /**
413
+ * Cast value to specific type
414
+ *
415
  * @param mixed $value
416
  * @param string $type
417
+ *
418
  * @return mixed
419
+ *
420
  * @access protected
421
+ * @version 6.0.0
422
  */
423
+ protected function castValue($value, $type)
424
+ {
425
+ switch (strtolower($type)) {
426
  case 'string':
427
+ $value = (string) $value;
428
  break;
429
+
430
  case 'ip':
431
  $value = inet_pton($value);
432
  break;
433
+
434
  case 'int':
435
+ $value = (int) $value;
436
  break;
437
+
438
  case 'boolean':
439
  case 'bool':
440
+ $value = filter_var($value, FILTER_VALIDATE_BOOLEAN);
441
  break;
442
 
443
  case 'array':
447
  case 'null':
448
  $value = ($value === '' ? null : $value);
449
  break;
450
+
451
+ default:
452
+ break;
453
  }
454
+
455
  return $value;
456
  }
457
+
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
458
  }
application/Core/Policy/Factory.php CHANGED
@@ -5,50 +5,68 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * AAM core policy manager factory
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- * @since AAM v5.7.2
16
  */
17
- final class AAM_Core_Policy_Factory {
18
-
 
19
  /**
20
- * Collection of instances
21
- *
22
- * @var array
23
- *
24
  * @access private
25
- * @static
26
  */
27
  private static $_instances = array();
28
-
29
  /**
30
- * Get single instance of itself
31
- *
32
  * @param AAM_Core_Subject $subject
33
- *
34
  * @return AAM_Core_Policy_Manager
35
- *
36
  * @access public
37
- * @static
38
  */
39
- public static function get(AAM_Core_Subject $subject = null) {
 
40
  if (is_null($subject)) {
41
  $subject = AAM::getUser();
42
  }
43
-
44
- $id = $subject->getId();
45
- $sid = $subject->getUID() . (empty($id) ? '' : '_' . $id);
46
 
47
  if (!isset(self::$_instances[$sid])) {
48
  self::$_instances[$sid] = new AAM_Core_Policy_Manager($subject);
 
 
49
  }
50
-
51
  return self::$_instances[$sid];
52
  }
53
-
 
 
 
 
 
 
 
 
 
 
 
 
 
54
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * AAM core policy manager factory
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
 
17
  */
18
+ final class AAM_Core_Policy_Factory
19
+ {
20
+
21
  /**
22
+ * Collection of policy manage instances
23
+ *
24
+ * @var array
25
+ *
26
  * @access private
27
+ * @version 6.0.0
28
  */
29
  private static $_instances = array();
30
+
31
  /**
32
+ * Get single instance of access manager
33
+ *
34
  * @param AAM_Core_Subject $subject
35
+ *
36
  * @return AAM_Core_Policy_Manager
37
+ *
38
  * @access public
39
+ * @version 6.0.0
40
  */
41
+ public static function get(AAM_Core_Subject $subject = null)
42
+ {
43
  if (is_null($subject)) {
44
  $subject = AAM::getUser();
45
  }
46
+
47
+ $id = $subject->getId();
48
+ $sid = $subject::UID . (empty($id) ? '' : '_' . $id);
49
 
50
  if (!isset(self::$_instances[$sid])) {
51
  self::$_instances[$sid] = new AAM_Core_Policy_Manager($subject);
52
+ // Parse all attached to the user policies
53
+ self::$_instances[$sid]->initialize();
54
  }
55
+
56
  return self::$_instances[$sid];
57
  }
58
+
59
+ /**
60
+ * Reset internal cache
61
+ *
62
+ * @return void
63
+ *
64
+ * @access public
65
+ * @version 6.0.0
66
+ */
67
+ public static function reset()
68
+ {
69
+ self::$_instances = array();
70
+ }
71
+
72
  }
application/Core/Policy/Manager.php CHANGED
@@ -5,424 +5,449 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
- * AAM core policy manager
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- * @since AAM v5.7.2
16
  */
17
- final class AAM_Core_Policy_Manager {
18
-
 
19
  /**
20
  * Policy core object
21
- *
22
  * @var AAM_Core_Object_Policy
23
- *
24
- * @access protected
 
25
  */
26
- protected $policyObject;
27
-
28
  /**
29
  * Current subject
30
- *
31
  * @var AAM_Core_Subject
32
- *
33
- * @access protected
 
34
  */
35
  protected $subject;
36
-
37
  /**
38
  * Parsed policy tree
39
- *
40
  * @var array
41
- *
42
- * @access protected
 
43
  */
44
- protected $tree = null;
45
-
 
 
 
46
  /**
47
  * Constructor
48
- *
49
  * @access protected
50
- *
51
  * @return void
 
52
  */
53
- public function __construct(AAM_Core_Subject $subject) {
54
- $this->policyObject = $subject->getObject('policy');
55
- $this->subject = $subject;
 
56
  }
57
 
58
  /**
59
- * Undocumented function
60
  *
61
- * @return void
62
- */
63
- public function initializePolicyTree() {
64
- $this->preparePolicyTree();
65
- }
66
-
67
- /**
68
- * Call policy object public methods
69
- *
70
  * @param string $name
71
  * @param array $args
72
- *
73
  * @return mixed
74
- *
75
  * @access public
 
76
  */
77
- public function __call($name, $args) {
78
- $result = null;
79
-
80
- if (method_exists($this->policyObject, $name)) {
81
- $result = call_user_func_array(array($this->policyObject, $name), $args);
 
 
 
 
 
 
 
 
 
 
 
82
  }
83
-
84
- return $result;
85
  }
86
-
87
  /**
88
- * Find all the matching policies
89
- *
90
- * @param string $s RegEx
91
- * @param array $args Inline arguments
92
- * @param bool $single Single record only - the last record
93
- *
94
  * @return array
95
- *
96
  * @access public
 
97
  */
98
- public function find($s, $args = array(), $single = false) {
99
- $statements = array();
100
- $tree = $this->preparePolicyTree();
101
-
102
- foreach($tree['Statement'] as $key => $stm) {
103
- if (preg_match($s, $key) && $this->isApplicable($stm, $args)) {
104
- $statements[$this->strToLower($key)] = $stm;
105
- }
106
  }
107
-
108
- return ($single ? end($statements) : $statements);
109
- }
110
-
111
- /**
112
- * Check if specified action is allowed for resource
113
- *
114
- * This method is working with "Statement" array.
115
- *
116
- * @param string $resource Resource name
117
- * @param array $args Args that will be injected during condition evaluation
118
- *
119
- * @return boolean|null
120
- *
121
- * @access public
122
- */
123
- public function isAllowed($resource, $args = array()) {
124
- $allowed = null;
125
- $tree = $this->preparePolicyTree();
126
- $id = $this->strToLower($resource);
127
-
128
- if (isset($tree['Statement'][$id])) {
129
- $stm = $tree['Statement'][$id];
130
-
131
- if ($this->isApplicable($stm, $args)) {
132
- $effect = strtolower($stm['Effect']);
133
- $allowed = ($effect === 'allow');
134
  }
135
  }
136
-
137
- return $allowed;
138
  }
139
 
140
  /**
141
- * Convert string to lowercase
 
 
 
 
142
  *
143
- * @param string $str
144
- *
145
- * @return string
146
- *
147
  * @access protected
 
148
  */
149
- protected function strToLower($str) {
150
- if (function_exists('mb_strtolower')) {
151
- $result = mb_strtolower($str);
152
- } else {
153
- $result = strtolower($str);
 
 
 
 
 
 
 
 
 
 
 
154
  }
155
 
156
- return $result;
157
  }
158
 
159
  /**
160
- * Determine if resource is the boundary
161
- *
162
- * The Boundary is type of resource that is denied and is enforced so no other
163
- * statements can override it. For example edit_posts capability can be boundary
164
- * for any statement that user Role resource
 
165
  *
166
- * @param string $resource
167
- * @param array $args
168
- *
169
- * @return boolean
170
- *
171
  * @access public
 
 
172
  */
173
- public function isBoundary($resource, $args = array()) {
174
- $denied = false;
175
- $tree = $this->preparePolicyTree();
176
- $id = $this->strToLower($resource);
177
-
178
- if (isset($tree['Statement'][$id])) {
179
- $stm = $tree['Statement'][$id];
180
-
181
- if ($this->isApplicable($stm, $args)) {
182
- $effect = strtolower($stm['Effect']);
183
- $denied = ($effect === 'deny' && !empty($stm['Enforce']));
184
  }
185
  }
186
-
187
- return $denied;
188
  }
189
-
190
  /**
191
- * Get Policy Param
192
- *
193
- * @param string $name
194
- * @param array $args
195
- *
196
- * @return mixed
197
- *
 
 
198
  * @access public
 
199
  */
200
- public function getParam($id, $args = array()) {
201
- $value = null;
 
 
202
 
203
- if (isset($this->tree['Param'][$id])) {
204
- $param = $this->tree['Param'][$id];
205
-
206
- if ($this->isApplicable($param, $args)) {
207
- if (preg_match_all('/(\$\{[^}]+\})/', $param['Value'], $match)) {
208
- $value = AAM_Core_Policy_Token::evaluate($param['Value'], $match[1]);
209
- } else {
210
- $value = $param['Value'];
211
- }
212
  }
213
  }
214
-
215
- return $value;
216
  }
217
-
218
  /**
219
- * Check if current subject can toggle specific policy
220
- *
221
- * Verify that policy can be attached/detached
222
- *
223
- * @param int $id Policy ID
224
- * @param string $action Either "attach" or "detach"
225
- *
226
- * @return bool
227
- *
228
  * @access public
229
- * @since v5.9
230
  */
231
- public function canTogglePolicy($id, $action) {
232
- $post = get_post($id);
233
-
234
- // Verify that current user can perform following action
235
- $stm = $this->find(
236
- "/^post:{$post->post_type}:({$post->post_name}|{$post->ID}):{$action}/i",
237
- array('post' => $post),
238
- true
239
- );
240
-
241
- return (empty($stm['Effect']) || $stm['Effect'] === 'allow');
242
  }
243
-
244
  /**
245
- * Check if policy block is applicable
246
- *
247
- * @param array $block
248
- * @param array $args
249
- *
250
- * @return boolean
251
- *
252
- * @access protected
253
  */
254
- protected function isApplicable($block, $args = array()) {
255
- $result = true;
256
-
257
- if (!empty($block['Condition']) && !is_scalar($block['Condition'])) {
258
- $result = AAM_Core_Policy_Condition::getInstance()->evaluate(
259
- $block['Condition'], $args
260
- );
 
 
 
 
 
 
 
 
 
 
261
  }
262
-
263
- return $result;
264
  }
265
-
266
  /**
267
- * Prepare policy tree
268
- *
269
- * This is the lazy load for the policy tree. If tree has not been initialized,
270
- * trigger the process of parsing and merging statements and settings.
271
- *
272
  * @return array
273
- *
274
  * @access protected
 
275
  */
276
- protected function preparePolicyTree() {
277
- if (is_null($this->tree)) {
278
- $this->tree = array(
279
- 'Statement' => array(),
280
- 'Param' => array()
281
- );
282
-
283
- $ids = array_filter(
284
- $this->policyObject->getOption(),
285
- function($state) {
286
- return !empty($state);
287
- }
288
- );
289
-
290
- if (count($ids)) {
291
- $policies = get_posts(array(
292
- 'include' => array_keys($ids),
293
- 'post_status' => 'publish',
294
- 'post_type' => 'aam_policy'
295
- ));
296
-
297
- foreach($policies as $policy) {
298
- $this->extendTree(
299
- $this->tree, $this->parsePolicy($policy->post_content)
300
- );
301
- }
302
- }
303
- }
304
-
305
- return $this->tree;
306
  }
307
-
308
  /**
309
- * Parse policy post and extract Statements and Params
310
- *
311
- * @param string $policy
312
- *
313
  * @return array
314
- *
315
  * @access protected
 
316
  */
317
- protected function parsePolicy($policy) {
318
- $val = json_decode($policy, true);
319
-
 
320
  // Do not load the policy if any errors
321
  if (json_last_error() === JSON_ERROR_NONE) {
322
  $tree = array(
323
- 'Statement' => isset($val['Statement']) ? (array) $val['Statement'] : array(),
324
- 'Param' => isset($val['Param']) ? (array) $val['Param'] : array(),
325
  );
326
  } else {
327
  $tree = array('Statement' => array(), 'Param' => array());
 
 
 
 
 
 
 
 
 
328
  }
329
-
330
  return $tree;
331
  }
332
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
333
  /**
334
  * Extend tree with additional statements and params
335
- *
336
  * @param array &$tree
337
  * @param array $addition
338
- *
339
  * @return array
340
- *
341
  * @access protected
 
342
  */
343
- protected function extendTree(&$tree, $addition) {
 
 
 
 
344
  // Step #1. If there are any statements, let's index them by resource:action
345
  // and insert into the list of statements
346
- foreach($addition['Statement'] as $stm) {
347
- $list = (isset($stm['Resource']) ? (array) $stm['Resource'] : array());
348
- $acts = (isset($stm['Action']) ? (array) $stm['Action'] : array(''));
349
-
350
- foreach($list as $res) {
351
- // Allow to build resource name dynamically.
352
  // e.g. "Term:category:${USERMETA.region}:posts"
353
  if (preg_match_all('/(\$\{[^}]+\})/', $res, $match)) {
354
  $res = AAM_Core_Policy_Token::evaluate($res, $match[1]);
355
  }
356
- foreach($acts as $act) {
357
- $id = $this->strToLower($res . (!empty($act) ? ":{$act}" : ''));
358
-
359
- if (!isset($tree['Statement'][$id]) || empty($tree['Statement'][$id]['Enforce'])) {
360
- $tree['Statement'][$id] = $this->removeKeys($stm, array('Resource', 'Action'));
 
361
  }
362
  }
363
  }
364
  }
365
 
 
 
366
  // Step #2. If there are any params, let's index them and insert into the list
367
- foreach($addition['Param'] as $param) {
368
  if (!empty($param['Key'])) {
369
- $id = $param['Key'];
 
 
 
 
 
 
370
 
371
- if (!isset($tree['Param'][$id]) || empty($tree['Param'][$id]['Enforce'])) {
372
- $tree['Param'][$id] = $this->removeKeys($param, array('Key'));
373
 
374
  if (strpos($id, 'option:') === 0) {
375
- add_filter('option_' . substr($id, 7), function($res, $option) {
376
- $param = $this->tree['Param']["option:{$option}"];
377
-
378
- if ($this->isApplicable($param)) {
379
- if (is_array($res) && is_array($param['Value'])) {
380
- $res = array_merge($res, $param['Value']);
381
- } else {
382
- $res = $param['Value'];
383
- }
384
- }
385
-
386
- return $res;
387
- }, 1, 2);
388
- } elseif (strpos($id, 'site_option:') === 0) {
389
- add_filter('site_option_' . substr($id, 12), function($res, $option) {
390
- $param = $this->tree['Param']["site_option:{$option}"];
391
-
392
- if ($this->isApplicable($param)) {
393
- if (is_array($res) && is_array($param['Value'])) {
394
- $res = array_merge($res, $param['Value']);
395
- } else {
396
- $res = $param['Value'];
397
- }
398
- }
399
-
400
- return $res;
401
- }, 1, 2);
402
  }
403
  }
404
  }
405
  }
406
  }
407
-
408
  /**
409
- * Remove unnecessary keys from array
410
- *
411
- * @param array $arr
412
- * @param array $keys
413
- *
414
- * @return array
415
- *
416
  * @access private
 
417
  */
418
- private function removeKeys($arr, $keys) {
419
- foreach($keys as $key) {
420
- if (isset($arr[$key])) {
421
- unset($arr[$key]);
 
 
 
 
422
  }
423
  }
424
-
425
- return $arr;
426
  }
427
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
428
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
+ * AAM policy manager for a specific subject
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
 
17
  */
18
+ class AAM_Core_Policy_Manager
19
+ {
20
+
21
  /**
22
  * Policy core object
23
+ *
24
  * @var AAM_Core_Object_Policy
25
+ *
26
+ * @access protected
27
+ * @version 6.0.0
28
  */
29
+ protected $object;
30
+
31
  /**
32
  * Current subject
33
+ *
34
  * @var AAM_Core_Subject
35
+ *
36
+ * @access protected
37
+ * @version 6.0.0
38
  */
39
  protected $subject;
40
+
41
  /**
42
  * Parsed policy tree
43
+ *
44
  * @var array
45
+ *
46
+ * @access protected
47
+ * @version 6.0.0
48
  */
49
+ protected $tree = array(
50
+ 'Statement' => array(),
51
+ 'Param' => array()
52
+ );
53
+
54
  /**
55
  * Constructor
56
+ *
57
  * @access protected
58
+ *
59
  * @return void
60
+ * @version 6.0.0
61
  */
62
+ public function __construct(AAM_Core_Subject $subject)
63
+ {
64
+ $this->object = $subject->getObject(AAM_Core_Object_Policy::OBJECT_TYPE);
65
+ $this->subject = $subject;
66
  }
67
 
68
  /**
69
+ * Get policy parameter
70
  *
 
 
 
 
 
 
 
 
 
71
  * @param string $name
72
  * @param array $args
73
+ *
74
  * @return mixed
75
+ *
76
  * @access public
77
+ * @version 6.0.0
78
  */
79
+ public function getParam($id, $args = array())
80
+ {
81
+ $value = null;
82
+
83
+ if (isset($this->tree['Param'][$id])) {
84
+ $param = $this->tree['Param'][$id];
85
+
86
+ if ($this->isApplicable($param, $args)) {
87
+ if (preg_match_all('/(\$\{[^}]+\})/', $param['Value'], $match)) {
88
+ $value = AAM_Core_Policy_Token::evaluate(
89
+ $param['Value'], $match[1]
90
+ );
91
+ } else {
92
+ $value = $param['Value'];
93
+ }
94
+ }
95
  }
96
+
97
+ return $value;
98
  }
99
+
100
  /**
101
+ * Find all statements that match provided resource of list of resources
102
+ *
103
+ * @param string|array $s
104
+ * @param array $args
105
+ *
 
106
  * @return array
107
+ *
108
  * @access public
109
+ * @version 6.0.0
110
  */
111
+ public function getResources($s, $args = array())
112
+ {
113
+ if (is_array($s)) {
114
+ $regex = '/^(' . implode('|', $s) . '):/i';
115
+ } else {
116
+ $regex = "/^{$s}:/i";
 
 
117
  }
118
+
119
+ $statements = array();
120
+
121
+ foreach ($this->tree['Statement'] as $key => $stm) {
122
+ if (preg_match($regex, $key) && $this->isApplicable($stm, $args)) {
123
+ // Remove the resource type to keep it clean
124
+ $statements[preg_replace($regex, '', $key)] = $stm;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
125
  }
126
  }
127
+
128
+ return $this->replaceTokens($statements);
129
  }
130
 
131
  /**
132
+ * Replace all the dynamic tokens recursively
133
+ *
134
+ * @param array $data
135
+ *
136
+ * @return array
137
  *
 
 
 
 
138
  * @access protected
139
+ * @version 6.0.0
140
  */
141
+ protected function replaceTokens($data)
142
+ {
143
+ $replaced = array();
144
+
145
+ foreach($data as $key => $value) {
146
+ if (preg_match_all('/(\$\{[^}]+\})/', $key, $match)) {
147
+ $key = AAM_Core_Policy_Token::evaluate($key, $match[1]);
148
+ }
149
+
150
+ if (is_array($value)) {
151
+ $replaced[$key] = $this->replaceTokens($value);
152
+ } elseif (preg_match_all('/(\$\{[^}]+\})/', $value, $match)) {
153
+ $replaced[$key] = AAM_Core_Policy_Token::evaluate($value, $match[1]);
154
+ } else {
155
+ $replaced[$key] = $value;
156
+ }
157
  }
158
 
159
+ return $replaced;
160
  }
161
 
162
  /**
163
+ * Hook into WP core function to override WP options
164
+ *
165
+ * @param mixed $res
166
+ * @param string $option
167
+ *
168
+ * @return mixed
169
  *
 
 
 
 
 
170
  * @access public
171
+ * @see AAM_Core_Policy_Manager::updatePolicyTree
172
+ * @version 6.0.0
173
  */
174
+ public function getOption($res, $option)
175
+ {
176
+ $param = $this->tree['Param']["option:{$option}"];
177
+
178
+ if ($this->isApplicable($param)) {
179
+ if (is_array($res) && is_array($param['Value'])) {
180
+ $res = array_merge($res, $param['Value']);
181
+ } else {
182
+ $res = $param['Value'];
 
 
183
  }
184
  }
185
+
186
+ return $res;
187
  }
188
+
189
  /**
190
+ * Check if specified action is allowed for resource
191
+ *
192
+ * This method is working with "Statement" array.
193
+ *
194
+ * @param string $resource Resource name
195
+ * @param array $args Args that will be injected during condition evaluation
196
+ *
197
+ * @return boolean|null
198
+ *
199
  * @access public
200
+ * @version 6.0.0
201
  */
202
+ public function isAllowed($resource, $args = array())
203
+ {
204
+ $allowed = null;
205
+ $id = strtolower($resource);
206
 
207
+ if (isset($this->tree['Statement'][$id])) {
208
+ $stm = $this->tree['Statement'][$id];
209
+
210
+ if ($this->isApplicable($stm, $args)) {
211
+ $allowed = (strtolower($stm['Effect']) === 'allow');
 
 
 
 
212
  }
213
  }
214
+
215
+ return $allowed;
216
  }
217
+
218
  /**
219
+ * Get parsed policy tree
220
+ *
221
+ * @return array
222
+ *
 
 
 
 
 
223
  * @access public
224
+ * @version 6.0.0
225
  */
226
+ public function getTree()
227
+ {
228
+ return $this->tree;
 
 
 
 
 
 
 
 
229
  }
230
+
231
  /**
232
+ * Parse all attached policies into the tree
233
+ *
234
+ * @return void
235
+ *
236
+ * @access public
237
+ * @version 6.0.0
 
 
238
  */
239
+ public function initialize()
240
+ {
241
+ // Get the list of all policies that are attached to the subject
242
+ $ids = array_filter($this->object->getOption(), function ($attached) {
243
+ return !empty($attached);
244
+ });
245
+
246
+ // If there is at least one policy attached and it is published, then
247
+ // parse into the tree
248
+ if (count($ids)) {
249
+ $policies = $this->fetchPolicies(array_keys($ids));
250
+
251
+ foreach ($policies as $policy) {
252
+ $this->updatePolicyTree($this->tree, $this->parsePolicy($policy));
253
+ }
254
+
255
+ $this->_cleanupTree();
256
  }
 
 
257
  }
258
+
259
  /**
260
+ * Fetch public policies by IDs
261
+ *
262
+ * @param array $ids
263
+ *
 
264
  * @return array
265
+ *
266
  * @access protected
267
+ * @version 6.0.0
268
  */
269
+ protected function fetchPolicies($ids)
270
+ {
271
+ return get_posts(array(
272
+ 'include' => $ids,
273
+ 'post_status' => 'publish',
274
+ 'suppress_filters' => true,
275
+ 'post_type' => AAM_Service_AccessPolicy::POLICY_CPT
276
+ ));
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
277
  }
278
+
279
  /**
280
+ * Parse JSON policy and extract statements and params
281
+ *
282
+ * @param WP_Post $policy
283
+ *
284
  * @return array
285
+ *
286
  * @access protected
287
+ * @version 6.0.0
288
  */
289
+ protected function parsePolicy($policy)
290
+ {
291
+ $val = json_decode($policy->post_content, true);
292
+
293
  // Do not load the policy if any errors
294
  if (json_last_error() === JSON_ERROR_NONE) {
295
  $tree = array(
296
+ 'Statement' => $this->_getArrayOfArrays($val, 'Statement'),
297
+ 'Param' => $this->_getArrayOfArrays($val, 'Param'),
298
  );
299
  } else {
300
  $tree = array('Statement' => array(), 'Param' => array());
301
+
302
+ // Make sure that this is noticed
303
+ _doing_it_wrong(
304
+ __CLASS__ . '::' . __METHOD__,
305
+ sprintf(
306
+ 'Access policy %d error %s', $policy->ID, json_last_error_msg()
307
+ ),
308
+ AAM_VERSION
309
+ );
310
  }
311
+
312
  return $tree;
313
  }
314
+
315
+ /**
316
+ * Get array of array for Statement and Param policy props
317
+ *
318
+ * @param array $input
319
+ * @param string $prop
320
+ *
321
+ * @return array
322
+ *
323
+ * @access private
324
+ * @version 6.0.0
325
+ */
326
+ private function _getArrayOfArrays($input, $prop)
327
+ {
328
+ $response = array();
329
+
330
+ // Parse Statements and determine if it is multidimensional
331
+ if (array_key_exists($prop, $input)) {
332
+ if (!isset($input[$prop][0]) || !is_array($input[$prop][0])) {
333
+ $response = array($input[$prop]);
334
+ } else {
335
+ $response = $input[$prop];
336
+ }
337
+ }
338
+
339
+ return $response;
340
+ }
341
+
342
  /**
343
  * Extend tree with additional statements and params
344
+ *
345
  * @param array &$tree
346
  * @param array $addition
347
+ *
348
  * @return array
349
+ *
350
  * @access protected
351
+ * @version 6.0.0
352
  */
353
+ protected function updatePolicyTree(&$tree, $addition)
354
+ {
355
+ $stmts = &$tree['Statement'];
356
+ $params = &$tree['Param'];
357
+
358
  // Step #1. If there are any statements, let's index them by resource:action
359
  // and insert into the list of statements
360
+ foreach ($addition['Statement'] as $stm) {
361
+ $resources = (isset($stm['Resource']) ? (array) $stm['Resource'] : array());
362
+ $actions = (isset($stm['Action']) ? (array) $stm['Action'] : array(''));
363
+
364
+ foreach ($resources as $res) {
365
+ // Allow to build resource name dynamically.
366
  // e.g. "Term:category:${USERMETA.region}:posts"
367
  if (preg_match_all('/(\$\{[^}]+\})/', $res, $match)) {
368
  $res = AAM_Core_Policy_Token::evaluate($res, $match[1]);
369
  }
370
+
371
+ foreach ($actions as $act) {
372
+ $id = strtolower($res . (!empty($act) ? ":{$act}" : ''));
373
+
374
+ if (!isset($stmts[$id]) || empty($stmts[$id]['Enforce'])) {
375
+ $stmts[$id] = $stm;
376
  }
377
  }
378
  }
379
  }
380
 
381
+ $callback = array($this, 'getOption'); // Callback that hooks into get_option
382
+
383
  // Step #2. If there are any params, let's index them and insert into the list
384
+ foreach ($addition['Param'] as $param) {
385
  if (!empty($param['Key'])) {
386
+ // Allow to build param name dynamically.
387
+ // e.g. "${USERMETA.region}_posts"
388
+ if (preg_match_all('/(\$\{[^}]+\})/', $param['Key'], $match)) {
389
+ $id = AAM_Core_Policy_Token::evaluate($param['Key'], $match[1]);
390
+ } else {
391
+ $id = $param['Key'];
392
+ }
393
 
394
+ if (!isset($params[$id]) || empty($params[$id]['Enforce'])) {
395
+ $params[$id] = $param;
396
 
397
  if (strpos($id, 'option:') === 0) {
398
+ $name = substr($id, 7);
399
+
400
+ // Hook into the core
401
+ add_filter('pre_option_' . $name, $callback, 1, 2);
402
+ add_filter('pre_site_option_' . $name, $callback, 1, 2);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
403
  }
404
  }
405
  }
406
  }
407
  }
408
+
409
  /**
410
+ * Perform some internal clean-up
411
+ *
412
+ * @return void
413
+ *
 
 
 
414
  * @access private
415
+ * @version 6.0.0
416
  */
417
+ private function _cleanupTree()
418
+ {
419
+ foreach($this->tree['Statement'] as $id => $stm) {
420
+ if (isset($stm['Resource'])) {
421
+ unset($this->tree['Statement'][$id]['Resource']);
422
+ }
423
+ if (isset($stm['Action'])) {
424
+ unset($this->tree['Statement'][$id]['Action']);
425
  }
426
  }
 
 
427
  }
428
+
429
+ /**
430
+ * Check if policy block is applicable
431
+ *
432
+ * @param array $block
433
+ * @param array $args
434
+ *
435
+ * @return boolean
436
+ *
437
+ * @access protected
438
+ * @version 6.0.0
439
+ */
440
+ protected function isApplicable($block, $args = array())
441
+ {
442
+ $result = true;
443
+
444
+ if (!empty($block['Condition']) && is_array($block['Condition'])) {
445
+ $result = AAM_Core_Policy_Condition::getInstance()->evaluate(
446
+ $block['Condition'], $args
447
+ );
448
+ }
449
+
450
+ return $result;
451
+ }
452
+
453
  }
application/Core/Policy/Resource.php ADDED
@@ -0,0 +1,89 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ */
9
+
10
+ /**
11
+ * AAM core policy resources
12
+ *
13
+ * @package AAM
14
+ * @version 6.0.0
15
+ */
16
+ class AAM_Core_Policy_Resource
17
+ {
18
+
19
+ /**
20
+ * Backend Menu resource
21
+ *
22
+ * @version 6.0.0
23
+ */
24
+ const MENU = 'BackendMenu';
25
+
26
+ /**
27
+ * Top admin bar resource
28
+ *
29
+ * @version 6.0.0
30
+ */
31
+ const TOOLBAR = 'Toolbar';
32
+
33
+ /**
34
+ * Backend & Frontend widget resource
35
+ *
36
+ * @version 6.0.0
37
+ */
38
+ const WIDGET = 'Widget';
39
+
40
+ /**
41
+ * Backend metabox resource
42
+ *
43
+ * @version 6.0.0
44
+ */
45
+ const METABOX = 'Metabox';
46
+
47
+ /**
48
+ * Capability resource
49
+ *
50
+ * @version 6.0.0
51
+ */
52
+ const CAPABILITY = 'Capability';
53
+
54
+ /**
55
+ * Role resource
56
+ *
57
+ * @version 6.0.0
58
+ */
59
+ const ROLE = 'Role';
60
+
61
+ /**
62
+ * Post resource
63
+ *
64
+ * @version 6.0.0
65
+ */
66
+ const POST = 'Post';
67
+
68
+ /**
69
+ * Uri resource
70
+ *
71
+ * @version 6.0.0
72
+ */
73
+ const URI = "URI";
74
+
75
+ /**
76
+ * Plugin resource
77
+ *
78
+ * @version 6.0.0
79
+ */
80
+ const PLUGIN = 'Plugin';
81
+
82
+ /**
83
+ * API Route resource
84
+ *
85
+ * @version 6.0.0
86
+ */
87
+ const ROUTE = 'Route';
88
+
89
+ }
application/Core/Policy/Token.php CHANGED
@@ -5,84 +5,91 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * AAM core policy token evaluator
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
- * @since AAM v5.8.2
16
  */
17
- final class AAM_Core_Policy_Token {
18
-
 
19
  /**
20
  * Literal map token's type to the executable method that returns actual value
21
- *
22
  * @var array
23
- *
24
  * @access protected
25
- * @static
26
  */
27
  protected static $map = array(
28
- 'USER' => 'AAM_Core_Policy_Token::getUserValue',
29
- 'USERMETA' => 'AAM_Core_Policy_Token::getUserMetaValue',
30
- 'DATETIME' => 'AAM_Core_Policy_Token::getDateTimeValue',
31
- 'GET' => 'AAM_Core_Request::get',
32
- 'QUERY' => 'AAM_Core_Request::get',
33
- 'POST' => 'AAM_Core_Request::post',
34
- 'WP_POSTMETA' => 'AAM_Core_Policy_Token::getCurrentPostMeta',
35
- 'COOKIE' => 'AAM_Core_Request::cookie',
36
- 'SERVER' => 'AAM_Core_Request::server',
37
- 'ARGS' => 'AAM_Core_Policy_Token::getArgValue',
38
- 'CONST' => 'AAM_Core_Policy_Token::defined'
 
 
39
  );
40
-
41
  /**
42
  * Evaluate collection of tokens and replace them with values
43
- *
44
  * @param string $part String with tokens
45
  * @param array $tokens Extracted token
46
- *
 
47
  * @return string
48
- *
49
  * @access public
50
- * @static
51
  */
52
- public static function evaluate($part, array $tokens, array $args = array()) {
53
- foreach($tokens as $token) {
 
54
  $val = self::getValue(
55
  preg_replace('/^\$\{([^}]+)\}$/', '${1}', $token),
56
  $args
57
  );
58
 
59
  $part = str_replace(
60
- $token,
61
- (is_scalar($val) || is_null($val) ? $val : json_encode($val)),
62
  $part
63
  );
64
  }
65
 
66
  return $part;
67
  }
68
-
69
  /**
70
  * Get token value
71
- *
72
  * @param string $token
73
  * @param array $args
74
- *
75
  * @return mixed
76
- *
77
  * @access protected
78
- * @static
79
  */
80
- protected static function getValue($token, $args) {
 
81
  $value = null;
82
  $parts = explode('.', $token);
83
 
84
  if (isset(self::$map[$parts[0]])) {
85
- if ($parts[0] === 'ARG') {
86
  $value = call_user_func(self::$map[$parts[0]], $parts[1], $args);
87
  } else {
88
  $value = call_user_func(self::$map[$parts[0]], $parts[1]);
@@ -93,138 +100,145 @@ final class AAM_Core_Policy_Token {
93
 
94
  return $value;
95
  }
96
-
97
  /**
98
  * Get USER's value
99
- *
100
  * @param string $prop
101
- *
102
  * @return mixed
103
- *
104
  * @access protected
105
- * @static
106
  */
107
- protected static function getUserValue($prop) {
108
- $user = AAM::api()->getUser();
109
-
110
- switch(strtolower($prop)) {
 
111
  case 'ip':
112
  case 'ipaddress':
113
  $value = AAM_Core_Request::server('REMOTE_ADDR');
114
  break;
115
-
116
  case 'authenticated':
117
  case 'isauthenticated':
118
- $value = $user->isVisitor() ? false : true;
119
  break;
120
 
121
  case 'capabilities':
122
  case 'caps':
123
- $value = array();
124
- foreach((array) $user->allcaps as $cap => $effect) {
125
  if (!empty($effect)) {
126
  $value[] = $cap;
127
  }
128
  }
129
  break;
130
-
131
  default:
132
  $value = $user->{$prop};
133
  break;
134
  }
135
-
136
  return $value;
137
  }
138
 
139
  /**
140
- * Get user meta value(s)
 
 
141
  *
142
- * @param string $metakey
143
- *
144
  * @return void
145
- *
146
  * @access protected
147
- * @static
148
  */
149
- protected static function getUserMetaValue($metakey) {
 
150
  $value = null;
151
  $id = get_current_user_id();
152
 
153
  if (!empty($id)) { // Only authenticated users have some sort of meta
154
- $meta = get_user_meta($id, $metakey);
155
-
156
- // If $meta has only one value in the array, then extract it, otherwise
157
- // return the array of values
158
- if (count($meta) === 1) {
159
- $value = array_shift($meta);
160
- } else {
161
- $value = array_values($meta);
162
- }
163
  }
164
 
165
  return $value;
166
  }
167
 
168
  /**
169
- * Undocumented function
 
 
170
  *
171
- * @param [type] $metakey
172
  * @return void
 
 
 
173
  */
174
- protected static function getCurrentPostMeta($metakey)
175
  {
176
- $post = AAM_Core_API::getCurrentPost(true);
 
 
 
 
177
 
178
- if (is_a($post, 'WP_Post')) {
179
- $meta = get_post_meta($post->ID, $metakey, true);
180
- } else {
181
- $meta = null;
 
 
 
182
  }
183
 
184
- return $meta;
185
  }
186
-
187
  /**
188
  * Get inline argument
189
- *
190
  * @param string $prop
191
  * @param array $args
192
- *
193
  * @return mixed
194
- *
195
  * @access protected
196
- * @static
197
  */
198
- protected static function getArgValue($prop, $args) {
 
199
  return (isset($args[$prop]) ? $args[$prop] : null);
200
  }
201
-
202
  /**
203
- * Get current datetime value
204
- *
205
  * @param string $prop
206
- *
207
- * @return string
208
- *
209
  * @access protected
210
- * @static
211
  */
212
- protected static function getDateTimeValue($prop) {
213
- return date($prop);
 
214
  }
215
-
216
  /**
217
  * Get a value for the defined constant
218
  *
219
  * @param string $const
220
- *
221
  * @return mixed
222
- *
223
  * @access protected
224
- * @static
225
  */
226
- protected static function defined($const) {
 
227
  return (defined($const) ? constant($const) : null);
228
  }
229
-
230
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * AAM core policy token evaluator
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
 
17
  */
18
+ class AAM_Core_Policy_Token
19
+ {
20
+
21
  /**
22
  * Literal map token's type to the executable method that returns actual value
23
+ *
24
  * @var array
25
+ *
26
  * @access protected
27
+ * @version 6.0.0
28
  */
29
  protected static $map = array(
30
+ 'USER' => 'AAM_Core_Policy_Token::getUserValue',
31
+ 'USER_OPTION' => 'AAM_Core_Policy_Token::getUserOptionValue',
32
+ 'USER_META' => 'AAM_Core_Policy_Token::getUserMetaValue',
33
+ 'DATETIME' => 'date',
34
+ 'HTTP_GET' => 'AAM_Core_Request::get',
35
+ 'HTTP_QUERY' => 'AAM_Core_Request::get',
36
+ 'HTTP_POST' => 'AAM_Core_Request::post',
37
+ 'HTTP_COOKIE' => 'AAM_Core_Request::cookie',
38
+ 'PHP_SERVER' => 'AAM_Core_Request::server',
39
+ 'ARGS' => 'AAM_Core_Policy_Token::getArgValue',
40
+ 'CONST' => 'AAM_Core_Policy_Token::getConstant',
41
+ 'WP_OPTION' => 'AAM_Core_API::getOption',
42
+ 'JWT' => 'AAM_Core_Policy_Token::getJwtClaim'
43
  );
44
+
45
  /**
46
  * Evaluate collection of tokens and replace them with values
47
+ *
48
  * @param string $part String with tokens
49
  * @param array $tokens Extracted token
50
+ * @param array $args Inline arguments
51
+ *
52
  * @return string
53
+ *
54
  * @access public
55
+ * @version 6.0.0
56
  */
57
+ public static function evaluate($part, array $tokens, array $args = array())
58
+ {
59
+ foreach ($tokens as $token) {
60
  $val = self::getValue(
61
  preg_replace('/^\$\{([^}]+)\}$/', '${1}', $token),
62
  $args
63
  );
64
 
65
  $part = str_replace(
66
+ $token,
67
+ (is_scalar($val) || is_null($val) ? $val : json_encode($val)),
68
  $part
69
  );
70
  }
71
 
72
  return $part;
73
  }
74
+
75
  /**
76
  * Get token value
77
+ *
78
  * @param string $token
79
  * @param array $args
80
+ *
81
  * @return mixed
82
+ *
83
  * @access protected
84
+ * @version 6.0.0
85
  */
86
+ protected static function getValue($token, $args)
87
+ {
88
  $value = null;
89
  $parts = explode('.', $token);
90
 
91
  if (isset(self::$map[$parts[0]])) {
92
+ if ($parts[0] === 'ARGS') {
93
  $value = call_user_func(self::$map[$parts[0]], $parts[1], $args);
94
  } else {
95
  $value = call_user_func(self::$map[$parts[0]], $parts[1]);
100
 
101
  return $value;
102
  }
103
+
104
  /**
105
  * Get USER's value
106
+ *
107
  * @param string $prop
108
+ *
109
  * @return mixed
110
+ *
111
  * @access protected
112
+ * @version 6.0.0
113
  */
114
+ protected static function getUserValue($prop)
115
+ {
116
+ $user = AAM::getUser();
117
+
118
+ switch (strtolower($prop)) {
119
  case 'ip':
120
  case 'ipaddress':
121
  $value = AAM_Core_Request::server('REMOTE_ADDR');
122
  break;
123
+
124
  case 'authenticated':
125
  case 'isauthenticated':
126
+ $value = is_user_logged_in();
127
  break;
128
 
129
  case 'capabilities':
130
  case 'caps':
131
+ foreach ((array) $user->allcaps as $cap => $effect) {
 
132
  if (!empty($effect)) {
133
  $value[] = $cap;
134
  }
135
  }
136
  break;
137
+
138
  default:
139
  $value = $user->{$prop};
140
  break;
141
  }
142
+
143
  return $value;
144
  }
145
 
146
  /**
147
+ * Get user option value(s)
148
+ *
149
+ * @param string $option_name
150
  *
 
 
151
  * @return void
152
+ *
153
  * @access protected
154
+ * @version 6.0.0
155
  */
156
+ protected static function getUserOptionValue($option_name)
157
+ {
158
  $value = null;
159
  $id = get_current_user_id();
160
 
161
  if (!empty($id)) { // Only authenticated users have some sort of meta
162
+ $value = get_user_option($option_name, $id);
 
 
 
 
 
 
 
 
163
  }
164
 
165
  return $value;
166
  }
167
 
168
  /**
169
+ * Get user meta value(s)
170
+ *
171
+ * @param string $meta_key
172
  *
 
173
  * @return void
174
+ *
175
+ * @access protected
176
+ * @version 6.0.0
177
  */
178
+ protected static function getUserMetaValue($meta_key)
179
  {
180
+ $value = null;
181
+ $id = get_current_user_id();
182
+
183
+ if (!empty($id)) { // Only authenticated users have some sort of meta
184
+ $meta = get_user_meta($id, $meta_key);
185
 
186
+ // If $meta has only one value in the array, then extract it, otherwise
187
+ // return the array of values
188
+ if (count($meta) === 1) {
189
+ $value = array_shift($meta);
190
+ } else {
191
+ $value = array_values($meta);
192
+ }
193
  }
194
 
195
+ return $value;
196
  }
197
+
198
  /**
199
  * Get inline argument
200
+ *
201
  * @param string $prop
202
  * @param array $args
203
+ *
204
  * @return mixed
205
+ *
206
  * @access protected
207
+ * @version 6.0.0
208
  */
209
+ protected static function getArgValue($prop, $args)
210
+ {
211
  return (isset($args[$prop]) ? $args[$prop] : null);
212
  }
213
+
214
  /**
215
+ * Get JWT claim property
216
+ *
217
  * @param string $prop
218
+ *
219
+ * @return mixed
220
+ *
221
  * @access protected
222
+ * @version 6.0.0
223
  */
224
+ protected static function getJwtClaim($prop)
225
+ {
226
+ return apply_filters('aam_get_jwt_claim', null, $prop);
227
  }
228
+
229
  /**
230
  * Get a value for the defined constant
231
  *
232
  * @param string $const
233
+ *
234
  * @return mixed
235
+ *
236
  * @access protected
237
+ * @version 6.0.0
238
  */
239
+ protected static function getConstant($const)
240
+ {
241
  return (defined($const) ? constant($const) : null);
242
  }
243
+
244
  }
application/Core/Policy/Validator.php CHANGED
@@ -5,122 +5,150 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  use Composer\Semver\Semver;
11
 
12
  /**
13
- * AAM core policy validator
14
- *
15
  * @package AAM
16
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
17
- * @since AAM v5.7.3
18
  */
19
- class AAM_Core_Policy_Validator {
20
-
 
21
  /**
22
  * Raw policy text
23
- *
24
  * @var string
25
- *
26
- * @access protected
 
27
  */
28
  protected $policy;
29
-
30
  /**
31
  * Parsed JSON document
32
- *
33
  * @var array
34
- *
35
- * @access protected
 
36
  */
37
  protected $json;
38
-
39
  /**
40
  * Collection of errors
41
- *
42
  * @var array
43
- *
44
- * @access protected
 
45
  */
46
  protected $errors = array();
47
-
48
  /**
49
  * Constructor
50
- *
51
  * @param string $policy
52
- *
 
 
53
  * @access public
 
54
  */
55
- public function __construct($policy) {
 
56
  $this->policy = trim($policy);
57
  $this->json = json_decode($policy, true);
58
  }
59
-
60
  /**
61
- * Validate the policy
62
- *
63
  * @return array
64
- *
65
  * @access public
 
66
  */
67
- public function validate() {
 
68
  $steps = array(
69
  'isJSON', // #1. Check if policy is valid JSON
70
  'isNotEmpty', // #2. Check if policy is not empty
71
  'isValidDependency', // #3. Check if all dependencies are defined properly
72
  );
73
-
74
- foreach($steps as $step) {
75
  if (call_user_func(array($this, $step)) === false) {
76
  break;
77
  }
78
  }
79
-
80
  return $this->errors;
81
  }
82
-
83
  /**
84
  * Check if policy is valid JSON
85
- *
86
  * @return boolean
87
- *
88
- * @access public
 
89
  */
90
- public function isJSON() {
 
91
  $result = is_array($this->json);
92
-
93
  if ($result === false) {
94
  $this->errors[] = __('The policy is not valid JSON object', AAM_KEY);
95
  }
96
-
97
  return $result;
98
  }
99
-
100
  /**
101
  * Check if policy is empty
102
- *
103
  * @return boolean
104
- *
105
- * @access public
 
106
  */
107
- public function isNotEmpty() {
 
108
  $result = !empty($this->policy) && !empty($this->json);
109
-
110
  if ($result === false) {
111
  $this->errors[] = __('The policy document is empty', AAM_KEY);
112
  }
113
-
114
  return $result;
115
  }
116
-
117
- public function isValidDependency() {
 
 
 
 
 
 
 
 
 
 
 
118
  if (!empty($this->json['Dependency'])) {
119
- foreach($this->json['Dependency'] as $app => $constraints) {
120
  try {
121
  $satisfies = Semver::satisfies(
122
- $this->getAppVersion(strtolower($app)), $constraints
 
123
  );
 
124
  if ($satisfies === false) {
125
  throw new Exception(
126
  AAM_Backend_View_Helper::preparePhrase(
@@ -135,38 +163,63 @@ class AAM_Core_Policy_Validator {
135
  }
136
  }
137
  }
138
-
139
- protected function getAppVersion($app) {
 
 
 
 
 
 
 
 
 
 
 
140
  global $wp_version;
141
-
142
- if ($app === 'wordpress') {
 
 
143
  $version = $wp_version;
144
  } else {
145
- $version = $this->getPluginVersion($app);
146
  }
147
-
148
  return $version;
149
  }
150
-
151
- protected function getPluginVersion($slug) {
 
 
 
 
 
 
 
 
 
 
 
 
152
  static $plugins = null;
153
-
154
  if (is_null($plugins)) {
155
  if (file_exists(ABSPATH . 'wp-admin/includes/plugin.php')) {
156
  require_once ABSPATH . 'wp-admin/includes/plugin.php';
157
  }
158
-
159
  $plugins = get_plugins();
160
  }
161
-
162
  $version = null;
163
-
164
- foreach($plugins as $plugin => $data) {
165
  if (stripos($plugin, $slug . '/') === 0) {
166
  $version = $data['Version'];
167
  }
168
  }
169
-
170
  if (is_null($version)) {
171
  throw new Exception(
172
  AAM_Backend_View_Helper::preparePhrase(
@@ -175,7 +228,8 @@ class AAM_Core_Policy_Validator {
175
  )
176
  );
177
  }
178
-
179
  return $version;
180
  }
 
181
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  use Composer\Semver\Semver;
13
 
14
  /**
15
+ * AAM access policy validator
16
+ *
17
  * @package AAM
18
+ * @version 6.0.0
 
19
  */
20
+ class AAM_Core_Policy_Validator
21
+ {
22
+
23
  /**
24
  * Raw policy text
25
+ *
26
  * @var string
27
+ *
28
+ * @access protected
29
+ * @version 6.0.0
30
  */
31
  protected $policy;
32
+
33
  /**
34
  * Parsed JSON document
35
+ *
36
  * @var array
37
+ *
38
+ * @access protected
39
+ * @version 6.0.0
40
  */
41
  protected $json;
42
+
43
  /**
44
  * Collection of errors
45
+ *
46
  * @var array
47
+ *
48
+ * @access protected
49
+ * @version 6.0.0
50
  */
51
  protected $errors = array();
52
+
53
  /**
54
  * Constructor
55
+ *
56
  * @param string $policy
57
+ *
58
+ * @return void
59
+ *
60
  * @access public
61
+ * @version 6.0.0
62
  */
63
+ public function __construct($policy)
64
+ {
65
  $this->policy = trim($policy);
66
  $this->json = json_decode($policy, true);
67
  }
68
+
69
  /**
70
+ * Validate the policy by invoking several validation steps
71
+ *
72
  * @return array
73
+ *
74
  * @access public
75
+ * @version 6.0.0
76
  */
77
+ public function validate()
78
+ {
79
  $steps = array(
80
  'isJSON', // #1. Check if policy is valid JSON
81
  'isNotEmpty', // #2. Check if policy is not empty
82
  'isValidDependency', // #3. Check if all dependencies are defined properly
83
  );
84
+
85
+ foreach ($steps as $step) {
86
  if (call_user_func(array($this, $step)) === false) {
87
  break;
88
  }
89
  }
90
+
91
  return $this->errors;
92
  }
93
+
94
  /**
95
  * Check if policy is valid JSON
96
+ *
97
  * @return boolean
98
+ *
99
+ * @access protected
100
+ * @version 6.0.0
101
  */
102
+ protected function isJSON()
103
+ {
104
  $result = is_array($this->json);
105
+
106
  if ($result === false) {
107
  $this->errors[] = __('The policy is not valid JSON object', AAM_KEY);
108
  }
109
+
110
  return $result;
111
  }
112
+
113
  /**
114
  * Check if policy is empty
115
+ *
116
  * @return boolean
117
+ *
118
+ * @access protected
119
+ * @version 6.0.0
120
  */
121
+ protected function isNotEmpty()
122
+ {
123
  $result = !empty($this->policy) && !empty($this->json);
124
+
125
  if ($result === false) {
126
  $this->errors[] = __('The policy document is empty', AAM_KEY);
127
  }
128
+
129
  return $result;
130
  }
131
+
132
+ /**
133
+ * Check for the policy dependencies
134
+ *
135
+ * Make sure that depending plugins are installed and have proper versions
136
+ *
137
+ * @return void
138
+ *
139
+ * @access protected
140
+ * @version 6.0.0
141
+ */
142
+ protected function isValidDependency()
143
+ {
144
  if (!empty($this->json['Dependency'])) {
145
+ foreach ($this->json['Dependency'] as $app => $constraints) {
146
  try {
147
  $satisfies = Semver::satisfies(
148
+ $this->getAppVersion($app),
149
+ $constraints
150
  );
151
+
152
  if ($satisfies === false) {
153
  throw new Exception(
154
  AAM_Backend_View_Helper::preparePhrase(
163
  }
164
  }
165
  }
166
+
167
+ /**
168
+ * Get dependency's version
169
+ *
170
+ * @param string $app
171
+ *
172
+ * @return void
173
+ *
174
+ * @access protected
175
+ * @version 6.0.0
176
+ */
177
+ protected function getAppVersion($app)
178
+ {
179
  global $wp_version;
180
+
181
+ $slug = strtolower($app);
182
+
183
+ if ($slug === 'wordpress') {
184
  $version = $wp_version;
185
  } else {
186
+ $version = $this->getPluginVersion($slug);
187
  }
188
+
189
  return $version;
190
  }
191
+
192
+ /**
193
+ * Get plugin's version
194
+ *
195
+ * @param string $slug
196
+ *
197
+ * @return string
198
+ *
199
+ * @access protected
200
+ * @throws Exception
201
+ * @version 6.0.0
202
+ */
203
+ protected function getPluginVersion($slug)
204
+ {
205
  static $plugins = null;
206
+
207
  if (is_null($plugins)) {
208
  if (file_exists(ABSPATH . 'wp-admin/includes/plugin.php')) {
209
  require_once ABSPATH . 'wp-admin/includes/plugin.php';
210
  }
211
+
212
  $plugins = get_plugins();
213
  }
214
+
215
  $version = null;
216
+
217
+ foreach ($plugins as $plugin => $data) {
218
  if (stripos($plugin, $slug . '/') === 0) {
219
  $version = $data['Version'];
220
  }
221
  }
222
+
223
  if (is_null($version)) {
224
  throw new Exception(
225
  AAM_Backend_View_Helper::preparePhrase(
228
  )
229
  );
230
  }
231
+
232
  return $version;
233
  }
234
+
235
  }
application/Core/Redirect.php ADDED
@@ -0,0 +1,156 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
+ */
11
+
12
+ /**
13
+ * Core AAM redirect handler
14
+ *
15
+ * @package AAM
16
+ * @version 6.0.0
17
+ */
18
+ class AAM_Core_Redirect
19
+ {
20
+ /**
21
+ * Collection of redirect types
22
+ *
23
+ * @var array
24
+ *
25
+ * @access protected
26
+ * @version 6.0.0
27
+ */
28
+ protected static $redirectTypes = array(
29
+ 'login' => __CLASS__ . '::doLoginRedirect',
30
+ 'page' => __CLASS__ . '::doPageRedirect',
31
+ 'message' => __CLASS__ . '::printMessage',
32
+ 'default' => __CLASS__ . '::printMessage',
33
+ 'url' => __CLASS__ . '::doUrlRedirect',
34
+ 'callback' => __CLASS__ . '::triggerCallback'
35
+ );
36
+
37
+ /**
38
+ * Execute redirect
39
+ *
40
+ * @param string $type
41
+ * @param array $metadata
42
+ * @param boolean $halt
43
+ *
44
+ * @return void
45
+ *
46
+ * @access public
47
+ * @version 6.0.0
48
+ */
49
+ public static function execute($type, $metadata, $halt = false)
50
+ {
51
+ if (isset(self::$redirectTypes[$type])) {
52
+ call_user_func(self::$redirectTypes[$type], $metadata);
53
+ }
54
+
55
+ // Halt the execution. Redirect should carry user away if this is not
56
+ // a CLI execution (e.g. Unit Test)
57
+ if (php_sapi_name() !== 'cli' && ($halt === true)) {
58
+ exit;
59
+ }
60
+ }
61
+
62
+ /**
63
+ * Display WP Die message
64
+ *
65
+ * @param array $meta
66
+ *
67
+ * @return void
68
+ *
69
+ * @access public
70
+ * @version 6.0.0
71
+ */
72
+ public static function printMessage($meta)
73
+ {
74
+ $title = __('Access Denied', AAM_KEY);
75
+ $message = !empty($meta['message']) ? $meta['message'] : $title;
76
+ $args = !empty($meta['args']) ? $meta['args'] : array();
77
+
78
+ wp_die($message, $title, $args);
79
+ }
80
+
81
+ /**
82
+ * Redirect to the login page
83
+ *
84
+ * @return void
85
+ *
86
+ * @access public
87
+ * @version 6.0.0
88
+ */
89
+ public static function doLoginRedirect()
90
+ {
91
+ wp_safe_redirect(add_query_arg(
92
+ array('reason' => 'restricted'),
93
+ wp_login_url(AAM_Core_Request::server('REQUEST_URI'))
94
+ ));
95
+ }
96
+
97
+ /**
98
+ * Redirect to the existing page
99
+ *
100
+ * @param array $meta
101
+ *
102
+ * @return void
103
+ *
104
+ * @access public
105
+ * @version 6.0.0
106
+ */
107
+ public static function doPageRedirect($meta)
108
+ {
109
+ $current = AAM_Core_API::getCurrentPost();
110
+ $dest = isset($meta['page']) ? $meta['page'] : null;
111
+ $code = isset($meta['code']) ? $meta['code'] : null;
112
+
113
+ if (!empty($dest) && (empty($current) || ($current->ID !== intval($dest)))) {
114
+ wp_safe_redirect(get_page_link($dest), $code);
115
+ }
116
+ }
117
+
118
+ /**
119
+ * Redirect safely to any URL
120
+ *
121
+ * @param array $meta
122
+ *
123
+ * @return void
124
+ *
125
+ * @access public
126
+ * @version 6.0.0
127
+ */
128
+ public static function doUrlRedirect($meta)
129
+ {
130
+ $current = AAM_Core_Request::server('REQUEST_URI');
131
+ $dest = isset($meta['url']) ? $meta['url'] : null;
132
+ $code = isset($meta['code']) ? $meta['code'] : null;
133
+
134
+ if (stripos($dest, $current) === false) {
135
+ wp_safe_redirect($dest, $code);
136
+ }
137
+ }
138
+
139
+ /**
140
+ * Trigger callback function that will handle redirect
141
+ *
142
+ * @param array $meta
143
+ *
144
+ * @return void
145
+ *
146
+ * @access public
147
+ * @version 6.0.0
148
+ */
149
+ public static function triggerCallback($meta)
150
+ {
151
+ if (is_callable($meta['callback'])) {
152
+ call_user_func($meta['callback']);
153
+ }
154
+ }
155
+
156
+ }
application/Core/Request.php CHANGED
@@ -5,15 +5,18 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * HTTP request layer
12
- *
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- class AAM_Core_Request {
 
17
 
18
  /**
19
  * Get parameter from global _GET array
@@ -24,8 +27,10 @@ class AAM_Core_Request {
24
  * @return mixed
25
  *
26
  * @access public
 
27
  */
28
- public static function get($param = null, $default = null) {
 
29
  return self::readArray($_GET, $param, $default);
30
  }
31
 
@@ -38,8 +43,10 @@ class AAM_Core_Request {
38
  * @return mixed
39
  *
40
  * @access public
 
41
  */
42
- public static function post($param = null, $default = null) {
 
43
  return self::readArray($_POST, $param, $default);
44
  }
45
 
@@ -52,12 +59,13 @@ class AAM_Core_Request {
52
  * @return mixed
53
  *
54
  * @access public
55
- * @static
56
  */
57
- public static function request($param = null, $default = null) {
 
58
  return self::readArray($_REQUEST, $param, $default);
59
  }
60
-
61
  /**
62
  * Get parameter from global _SERVER array
63
  *
@@ -67,12 +75,13 @@ class AAM_Core_Request {
67
  * @return mixed
68
  *
69
  * @access public
70
- * @static
71
  */
72
- public static function server($param = null, $default = null) {
 
73
  return self::readArray($_SERVER, $param, $default);
74
  }
75
-
76
  /**
77
  * Get parameter from global _COOKIE array
78
  *
@@ -82,9 +91,10 @@ class AAM_Core_Request {
82
  * @return mixed
83
  *
84
  * @access public
85
- * @static
86
  */
87
- public static function cookie($param = null, $default = null) {
 
88
  return self::readArray($_COOKIE, $param, $default);
89
  }
90
 
@@ -99,9 +109,10 @@ class AAM_Core_Request {
99
  * @return mixed
100
  *
101
  * @access protected
102
- * @static
103
  */
104
- protected static function readArray($array, $param, $default) {
 
105
  $value = $default;
106
  if (is_null($param)) {
107
  $value = $array;
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
  * HTTP request layer
14
+ *
15
  * @package AAM
16
+ * @version 6.0.0
17
  */
18
+ class AAM_Core_Request
19
+ {
20
 
21
  /**
22
  * Get parameter from global _GET array
27
  * @return mixed
28
  *
29
  * @access public
30
+ * @version 6.0.0
31
  */
32
+ public static function get($param = null, $default = null)
33
+ {
34
  return self::readArray($_GET, $param, $default);
35
  }
36
 
43
  * @return mixed
44
  *
45
  * @access public
46
+ * @version 6.0.0
47
  */
48
+ public static function post($param = null, $default = null)
49
+ {
50
  return self::readArray($_POST, $param, $default);
51
  }
52
 
59
  * @return mixed
60
  *
61
  * @access public
62
+ * @version 6.0.0
63
  */
64
+ public static function request($param = null, $default = null)
65
+ {
66
  return self::readArray($_REQUEST, $param, $default);
67
  }
68
+
69
  /**
70
  * Get parameter from global _SERVER array
71
  *
75
  * @return mixed
76
  *
77
  * @access public
78
+ * @version 6.0.0
79
  */
80
+ public static function server($param = null, $default = null)
81
+ {
82
  return self::readArray($_SERVER, $param, $default);
83
  }
84
+
85
  /**
86
  * Get parameter from global _COOKIE array
87
  *
91
  * @return mixed
92
  *
93
  * @access public
94
+ * @version 6.0.0
95
  */
96
+ public static function cookie($param = null, $default = null)
97
+ {
98
  return self::readArray($_COOKIE, $param, $default);
99
  }
100
 
109
  * @return mixed
110
  *
111
  * @access protected
112
+ * @version 6.0.0
113
  */
114
+ protected static function readArray($array, $param, $default)
115
+ {
116
  $value = $default;
117
  if (is_null($param)) {
118
  $value = $array;
application/Core/Server.php DELETED
@@ -1,116 +0,0 @@
1
- <?php
2
-
3
- /**
4
- * ======================================================================
5
- * LICENSE: This file is subject to the terms and conditions defined in *
6
- * file 'license.txt', which is part of this source code package. *
7
- * ======================================================================
8
- */
9
-
10
- /**
11
- * AAM server
12
- *
13
- * Connection to the external AAM server.
14
- *
15
- * @package AAM
16
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
17
- */
18
- final class AAM_Core_Server {
19
-
20
- /**
21
- * Server endpoint
22
- */
23
- const SERVER_V1_URL = 'https://aamplugin.com/api/v1';
24
- const SERVER_V2_URL = 'https://api.aamplugin.com/v2';
25
-
26
- /**
27
- * Fetch the extension list
28
- *
29
- * Fetch the extension list with versions from the server
30
- *
31
- * @return array
32
- *
33
- * @access public
34
- */
35
- public static function check() {
36
- $repository = AAM_Extension_Repository::getInstance();
37
-
38
- //prepare check params
39
- $params = array(
40
- 'domain' => wp_parse_url(site_url(), PHP_URL_HOST),
41
- 'version' => AAM_Core_API::version(),
42
- 'uid' => AAM_Core_API::getOption('aam-uid', null, 'site'),
43
- 'licenses' => $repository->getCommercialLicenses(false)
44
- );
45
-
46
- $response = self::send('/check', $params);
47
- $result = array();
48
-
49
- if (!is_wp_error($response) && is_object($response)) {
50
- //WP Error Fix bug report
51
- if ($response->error !== true && !empty($response->products)) {
52
- $result = $response->products;
53
- }
54
- }
55
-
56
- return $result;
57
- }
58
-
59
- /**
60
- * Undocumented function
61
- *
62
- * @param string $v
63
- * @return void
64
- */
65
- public static function getEndpoint($v = 'V1') {
66
- $endpoint = getenv("AAM_API_{$v}_ENDPOINT");
67
-
68
- if (empty($endpoint)) {
69
- $endpoint = ($v === 'V1' ? self::SERVER_V1_URL : self::SERVER_V2_URL);
70
- }
71
-
72
- return $endpoint;
73
- }
74
-
75
- /**
76
- * Send request
77
- *
78
- * @param string $request
79
- *
80
- * @return stdClass|WP_Error
81
- *
82
- * @access protected
83
- */
84
- protected static function send($request, $params, $timeout = 10) {
85
- $response = self::parseResponse(
86
- AAM_Core_API::cURL(
87
- self::getEndpoint('V1') . $request, $params, $timeout
88
- )
89
- );
90
-
91
- return $response;
92
- }
93
-
94
- /**
95
- *
96
- * @param type $response
97
- */
98
- protected static function parseResponse($response) {
99
- if (!is_wp_error($response)) {
100
- if (intval($response['response']['code']) === 200) {
101
- $response = json_decode($response['body']);
102
- if (isset($response->uid)) {
103
- AAM_Core_API::updateOption('aam-uid', $response->uid, 'site');
104
- }
105
- } else {
106
- $response = new WP_Error(
107
- $response['response']['code'],
108
- $response['response']['message'] . ':' . $response['body']
109
- );
110
- }
111
- }
112
-
113
- return $response;
114
- }
115
-
116
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
application/Core/Subject.php CHANGED
@@ -5,15 +5,34 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
- * Abstract subject
12
- *
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
13
  * @package AAM
14
- * @author Vasyl Martyniuk <vasyl@vasyltech.com>
15
  */
16
- abstract class AAM_Core_Subject {
 
17
 
18
  /**
19
  * Subject ID
@@ -23,28 +42,31 @@ abstract class AAM_Core_Subject {
23
  * @var string|int
24
  *
25
  * @access private
 
26
  */
27
  private $_id;
28
 
29
  /**
30
- * WordPres Subject
31
  *
32
  * It can be WP_User or WP_Role, based on what class has been used
33
  *
34
  * @var WP_Role|WP_User
35
  *
36
  * @access private
 
37
  */
38
- private $_subject;
39
-
40
  /**
41
- * Covering the scenario of multi-subjects
42
- *
43
  * For example this is quite typical for the multi-roles
44
- *
45
  * @var array
46
- *
47
- * @access private
 
48
  */
49
  private $_siblings = array();
50
 
@@ -56,32 +78,12 @@ abstract class AAM_Core_Subject {
56
  * @var array
57
  *
58
  * @access private
 
59
  */
60
  private $_objects = array();
61
 
62
  /**
63
- * Constructor
64
- *
65
- * @param string|int $id
66
- *
67
- * @return void
68
- *
69
- * @access public
70
- */
71
- public function __construct($id = '') {
72
- //set subject
73
- $this->setId($id);
74
- //retrieve and set subject itself
75
- $this->setSubject($this->retrieveSubject());
76
- }
77
-
78
- /**
79
- *
80
- */
81
- public function initialize() { }
82
-
83
- /**
84
- * Trigger Subject native methods
85
  *
86
  * @param string $name
87
  * @param array $args
@@ -89,308 +91,373 @@ abstract class AAM_Core_Subject {
89
  * @return mixed
90
  *
91
  * @access public
 
92
  */
93
- public function __call($name, $args) {
94
- $subject = $this->getSubject();
95
-
96
- //make sure that method is callable
97
- if (method_exists($subject, $name)) {
98
- $response = call_user_func_array(array($subject, $name), $args);
 
 
99
  } else {
100
- $response = null;
 
 
 
 
101
  }
102
 
103
  return $response;
104
  }
105
 
106
  /**
107
- * Get Subject's native properties
108
  *
109
  * @param string $name
110
  *
111
  * @return mixed
112
  *
113
  * @access public
 
114
  */
115
- public function __get($name) {
116
- $subject = $this->getSubject();
117
-
118
- return (!empty($subject->$name) ? $subject->$name : null);
119
  }
120
 
121
  /**
122
- * Set Subject's native properties
123
  *
124
  * @param string $name
125
  *
126
  * @return mixed
127
  *
128
  * @access public
 
129
  */
130
- public function __set($name, $value) {
131
- $subject = $this->getSubject();
132
-
133
- if ($subject) {
134
- $subject->$name = $value;
135
- }
136
  }
137
 
138
  /**
139
- * Set Subject ID
140
  *
141
  * @param string|int
142
  *
143
  * @return void
144
  *
145
  * @access public
 
146
  */
147
- public function setId($id) {
 
148
  $this->_id = $id;
149
  }
150
 
151
  /**
152
- * Get Subject ID
153
  *
154
  * @return string|int
155
  *
156
  * @access public
 
157
  */
158
- public function getId() {
 
159
  return $this->_id;
160
  }
161
-
162
  /**
163
  * Get subject name
164
- *
165
  * @return string
166
- *
167
  * @access public
 
168
  */
169
- public function getName() {
170
- return '';
171
- }
172
-
173
  /**
174
- *
 
175
  * @return int
 
 
 
176
  */
177
- public function getMaxLevel() {
 
178
  return 0;
179
  }
180
 
181
  /**
182
- * Get Subject
183
  *
184
  * @return WP_Role|WP_User
185
  *
186
  * @access public
 
187
  */
188
- public function getSubject() {
189
- return $this->_subject;
 
190
  }
191
 
192
  /**
193
- * Set Subject
194
  *
195
- * @param WP_Role|WP_User $subject
196
  *
197
  * @return void
198
  *
199
  * @access public
 
200
  */
201
- public function setSubject($subject) {
202
- $this->_subject = $subject;
 
203
  }
204
-
205
  /**
206
- *
207
- * @param type $siblings
 
 
 
 
 
 
208
  */
209
- public function setSiblings($siblings) {
 
210
  $this->_siblings = $siblings;
211
  }
212
-
213
  /**
214
- *
215
- * @return type
 
 
 
 
216
  */
217
- public function hasSiblings() {
218
- return count($this->_siblings) ? true : false;
 
219
  }
220
-
221
  /**
222
- *
223
- * @return type
 
 
 
 
224
  */
225
- public function getSiblings() {
 
226
  return $this->_siblings;
227
  }
228
 
229
  /**
230
- * Get Individual Object
231
  *
232
- * @param string $type
233
- * @param mixed $id
 
 
 
 
234
  *
235
  * @return AAM_Core_Object
236
  *
237
  * @access public
 
238
  */
239
- public function getObject($type, $id = 0, $param = null) {
240
- $object = null;
241
-
242
- //performance optimization
243
- $id = (is_scalar($id) ? $id : 'none'); //prevent from any surprises
244
-
245
- //check if there is an object with specified ID
246
- if (!isset($this->_objects[$type][$id])) {
247
- $classname = 'AAM_Core_Object_' . ucfirst($type);
248
-
249
- if (class_exists($classname)) {
250
- $object = new $classname($this, $id, $param);
251
  }
252
-
253
- $object = apply_filters('aam-object-filter', $object, $type, $id, $this);
254
-
 
 
 
 
255
  if (is_a($object, 'AAM_Core_Object')) {
256
- $this->_objects[$type][$id] = $object;
 
 
 
 
 
 
257
  }
258
  } else {
259
- $object = $this->_objects[$type][$id];
260
  }
261
 
262
  return $object;
263
  }
264
 
265
  /**
266
- * Check if subject has capability
267
- *
268
- * @param string $capability
269
- *
270
- * @return boolean
271
- *
272
- * @access public
273
- */
274
- public function hasCapability($capability) {
275
- $subject = $this->getSubject();
276
-
277
- return ($subject ? $subject->has_cap($capability) : false);
278
- }
279
-
280
- /**
281
- * Save option
282
- *
283
- * @param string $param
284
- * @param mixed $value
285
- * @param string $object
286
- * @param mixed $objectId
287
- *
288
- * @return boolean
289
- *
290
- * @access public
291
  */
292
- public function save($param, $value, $object, $objectId = 0) {
293
- return $this->getObject($object, $objectId)->save($param, $value);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
294
  }
295
 
296
  /**
297
- * Reset object
 
 
 
 
298
  *
299
- * @param string $object
300
- *
301
- * @return boolean
302
- *
303
  * @access public
 
304
  */
305
- public function resetObject($object) {
306
- return $this->deleteOption($object);
307
- }
308
-
309
  /**
310
- * Delete opti
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
+ *
9
+ * @version 6.0.0
10
  */
11
 
12
  /**
13
+ * Abstract subject class
14
+ *
15
+ * Subject is a user or thing that invokes WordPress resources like posts, menus,
16
+ * URIs, etc. In other words, subject is the abstract access and security layer that
17
+ * contains set of options that define how end user or visitor access a requested
18
+ * resource.
19
+ *
20
+ * Subjects are related in the hierarchical way where "Default" subject supersede all
21
+ * other subjects and access & security settings are propagated down the tree.
22
+ *
23
+ * Subject sibling is thing that is located on the same hierarchical level and access
24
+ * settings get merged based on predefined preference. The example of sibling is a
25
+ * user that has two or more roles. In this case the first role is primary while all
26
+ * other roles are siblings to it.
27
+ *
28
+ * Subject principal is underlying WordPress core user or role. Not all Subjects have
29
+ * principals (e.g. Visitor or Default).
30
+ *
31
  * @package AAM
32
+ * @version 6.0.0
33
  */
34
+ abstract class AAM_Core_Subject
35
+ {
36
 
37
  /**
38
  * Subject ID
42
  * @var string|int
43
  *
44
  * @access private
45
+ * @version 6.0.0
46
  */
47
  private $_id;
48
 
49
  /**
50
+ * WordPres core principal
51
  *
52
  * It can be WP_User or WP_Role, based on what class has been used
53
  *
54
  * @var WP_Role|WP_User
55
  *
56
  * @access private
57
+ * @version 6.0.0
58
  */
59
+ private $_principal;
60
+
61
  /**
62
+ * Principal's siblings
63
+ *
64
  * For example this is quite typical for the multi-roles
65
+ *
66
  * @var array
67
+ *
68
+ * @access private
69
+ * @version 6.0.0
70
  */
71
  private $_siblings = array();
72
 
78
  * @var array
79
  *
80
  * @access private
81
+ * @version 6.0.0
82
  */
83
  private $_objects = array();
84
 
85
  /**
86
+ * Fallback for any principal native methods
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
87
  *
88
  * @param string $name
89
  * @param array $args
91
  * @return mixed
92
  *
93
  * @access public
94
+ * @version 6.0.0
95
  */
96
+ public function __call($name, $args)
97
+ {
98
+ $response = null;
99
+ $principal = $this->getPrincipal();
100
+
101
+ // Make sure that method is callable
102
+ if (method_exists($principal, $name)) {
103
+ $response = call_user_func_array(array($principal, $name), $args);
104
  } else {
105
+ _doing_it_wrong(
106
+ static::class . '::' . $name,
107
+ 'Subject does not have method defined',
108
+ AAM_VERSION
109
+ );
110
  }
111
 
112
  return $response;
113
  }
114
 
115
  /**
116
+ * Fallback for the principal native properties
117
  *
118
  * @param string $name
119
  *
120
  * @return mixed
121
  *
122
  * @access public
123
+ * @version 6.0.0
124
  */
125
+ public function __get($name)
126
+ {
127
+ return $this->getPrincipal()->$name;
 
128
  }
129
 
130
  /**
131
+ * Fallback for the principal native properties
132
  *
133
  * @param string $name
134
  *
135
  * @return mixed
136
  *
137
  * @access public
138
+ * @version 6.0.0
139
  */
140
+ public function __set($name, $value)
141
+ {
142
+ $principal = $this->getPrincipal();
143
+ $principal->$name = $value;
 
 
144
  }
145
 
146
  /**
147
+ * Set subject ID
148
  *
149
  * @param string|int
150
  *
151
  * @return void
152
  *
153
  * @access public
154
+ * @version 6.0.0
155
  */
156
+ public function setId($id)
157
+ {
158
  $this->_id = $id;
159
  }
160
 
161
  /**
162
+ * Get subject ID
163
  *
164
  * @return string|int
165
  *
166
  * @access public
167
+ * @version 6.0.0
168
  */
169
+ public function getId()
170
+ {
171
  return $this->_id;
172
  }
173
+
174
  /**
175
  * Get subject name
176
+ *
177
  * @return string
178
+ *
179
  * @access public
180
+ * @version 6.0.0
181
  */
182
+ abstract public function getName();
183
+
 
 
184
  /**
185
+ * Get maximum subject User level
186
+ *
187
  * @return int
188
+ *
189
+ * @access public
190
+ * @version 6.0.0
191
  */
192
+ public function getMaxLevel()
193
+ {
194
  return 0;
195
  }
196
 
197
  /**
198
+ * Get WP core principal
199
  *
200
  * @return WP_Role|WP_User
201
  *
202
  * @access public
203
+ * @version 6.0.0
204
  */
205
+ public function getPrincipal()
206
+ {
207
+ return $this->_principal;
208
  }
209
 
210
  /**
211
+ * Set WP core principal
212
  *
213
+ * @param WP_Role|WP_User $principal
214
  *
215
  * @return void
216
  *
217
  * @access public
218
+ * @version 6.0.0
219
  */
220
+ public function setPrincipal($principal)
221
+ {
222
+ $this->_principal = $principal;
223
  }
224
+
225
  /**
226
+ * Get subject siblings
227
+ *
228
+ * @param array $siblings
229
+ *
230
+ * @return void
231
+ *
232
+ * @access public
233
+ * @version 6.0.0
234
  */
235
+ public function setSiblings(array $siblings)
236
+ {
237
  $this->_siblings = $siblings;
238
  }
239
+
240
  /**
241
+ * Check if subject has siblings
242
+ *
243
+ * @return boolean
244
+ *
245
+ * @access public
246
+ * @version 6.0.0
247
  */
248
+ public function hasSiblings()
249
+ {
250
+ return (count($this->_siblings) > 0);
251
  }
252
+
253
  /**
254
+ * Get list of subject siblings
255
+ *
256
+ * @return array
257
+ *
258
+ * @access public
259
+ * @version 6.0.0
260
  */
261
+ public function getSiblings()
262
+ {
263
  return $this->_siblings;
264
  }
265
 
266
  /**
267
+ * Get AAM core object
268
  *
269
+ * This method will instantiate requested AAM core object with pre-populated
270
+ * access settings for the subject that requested the object.
271
+ *
272
+ * @param string $type
273
+ * @param mixed $id
274
+ * @param boolean $skipInheritance
275
  *
276
  * @return AAM_Core_Object
277
  *
278
  * @access public
279
+ * @version 6.0.0
280
  */
281
+ public function getObject($type, $id = null, $skipInheritance = false)
282
+ {
283
+ // Check if there is an object with specified ID
284
+ if (!isset($this->_objects[$type . $id])) {
285
+ $class_name = 'AAM_Core_Object_' . ucfirst($type);
286
+
287
+ // If requested object is part of the core, instantiate it
288
+ if (class_exists($class_name)) {
289
+ $object = new $class_name($this, $id, $skipInheritance);
290
+ } else {
291
+ $object = null;
 
292
  }
293
+
294
+ // Run the object through the filter so other plugins can attach to its
295
+ // initialization
296
+ $object = apply_filters(
297
+ 'aam_object_filter', $object, $this, $type, $id, $skipInheritance
298
+ );
299
+
300
  if (is_a($object, 'AAM_Core_Object')) {
301
+ // Kick in the inheritance chain if needed
302
+ if ($skipInheritance === false) {
303
+ $this->inheritFromParent($object);
304
+ }
305
+
306
+ // Finally cache the object
307
+ $this->_objects[$type . $id] = $object;
308
  }
309
  } else {
310
+ $object = $this->_objects[$type . $id];
311
  }
312
 
313
  return $object;
314
  }
315
 
316
  /**
317
+ * Inherit access settings for provided object from the parent subject(s)
318
+ *
319
+ * @param AAM_Core_Object $object
320
+ *
321
+ * @return array
322
+ *
323
+ * @access protected
324
+ * @version 6.0.0
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
325
  */
326
+ protected function inheritFromParent(AAM_Core_Object $object)
327
+ {
328
+ $subject = $this->getParent();
329
+
330
+ if (is_a($subject, 'AAM_Core_Subject')) {
331
+ $option = $subject->getObject(
332
+ $object::OBJECT_TYPE,
333
+ $object->getId()
334
+ )->getOption();
335
+
336
+ // Merge access settings while reading hierarchical chain
337
+ $option = array_replace_recursive($option, $object->getOption());
338
+
339
+ // Merge access settings if multi-roles option is enabled
340
+ $multi = AAM::api()->getConfig('core.settings.multiSubject', false);
341
+
342
+ if ($multi && $subject->hasSiblings()) {
343
+ foreach ($subject->getSiblings() as $sibling) {
344
+ $option = $sibling->getObject(
345
+ $object::OBJECT_TYPE,
346
+ $object->getId()
347
+ )->mergeOption(
348
+ $option
349
+ );
350
+ }
351
+ }
352
+
353
+ // Finally set the option for provided object
354
+ $object->setOption($option);
355
+ }
356
+
357
+ return $object->getOption();
358
  }
359
 
360
  /**
361
+ * Retrieve parent subject
362
+ *
363
+ * If there is no parent subject, return null
364
+ *
365
+ * @return AAM_Core_Subject|null
366
  *
 
 
 
 
367
  * @access public
368
+ * @version 6.0.0
369
  */
370
+ abstract public function getParent();
371
+
 
 
372
  /**