Advanced Access Manager - Version 6.1.0

Version Description

  • Fixed Bug: Access Policy UI - the "Attach to Default" button was not rendering correctly
  • Fixed Bug: Role Management UI - the PHP notice where Undefined variable: parent
  • Fixed Bug: AAM UI page - improperly compressed HTML response if server config does not match PHP executable INI settings
  • Fixed Bug: Login Redirect Settings - incorrectly merged settings for multi-role support
  • Fixed Bug: Logout Redirect Settings - incorrectly merged settings for multi-role support
  • Fixed Bug: Access Denied Redirect Settings - incorrectly merged settings for multi-role support
  • Fixed Bug: API Route Settings - incorrectly halted inheritance mechanism
  • Fixed Bug: Admin Toolbar Settings - incorrectly halted inheritance mechanism
  • Fixed Bug: URI Access Settings - incorrectly halted inheritance mechanism
  • Fixed Bug: Content Visibility Settings - incorrectly merged settings for multi-role support
  • Fixed Bug: Access Policy Core - incorrectly managed internal cache
  • Fixed Bug: AAM Core - incorrectly managed internal object cache
  • Fixed Bug: Content Service - incorrectly mapped do_not_allow capability if any of the registered post types have it
  • Fixed Bug: Content Service - fatal error Cannot use object of type Closure as array https://forum.aamplugin.com/d/354-php-fatal-error-cannot-use-object-of-type-closure-as-array
  • Fixed Bug: The aam_show_toolbar capability was not taken in consideration
  • Fixed Bug: Logout Redirect Service - White screen occurs if "Default" option is explicitly selected https://wordpress.org/support/topic/blank-log-out-page-on-6-0-5/
  • Change: Refactored internal inheritance mechanism where AAM objects no longer responsible to check for inheritance flag. This eliminates several constrains that we discovered recently.
  • Change: Multiple minor changes to the codebase to consume internal AAM API in more consistent way
  • Change: JWT & Secure Login Services - enriched RESTful API error responses with more details about an error
  • Change: Content Service - optimization improvements
  • Added New: Implemented new filter aam_token_typecast_filter for Access Policy for custom type casting
  • Added New: Implemented support for the => (map to) operator for the Access Policy
  • Added New: Implemented support for the AAM_CONFIG marker for the Access Policy
Download this release

Release Info

Developer vasyltech
Plugin Icon 128x128 Advanced Access Manager
Version 6.1.0
Comparing to
See all releases

Code changes from version 6.0.5 to 6.1.0

Files changed (30) hide show
  1. aam.php +2 -2
  2. application/Backend/Feature/Main/Policy.php +10 -8
  3. application/Backend/Feature/Subject/Role.php +9 -4
  4. application/Backend/Manager.php +10 -6
  5. application/Backend/tmpl/partial/visitor-principal-subject-tab.php +15 -4
  6. application/Core/Gateway.php +13 -6
  7. application/Core/Jwt/Issuer.php +12 -4
  8. application/Core/Object.php +87 -66
  9. application/Core/Object/LoginRedirect.php +21 -3
  10. application/Core/Object/LogoutRedirect.php +21 -3
  11. application/Core/Object/Post.php +26 -19
  12. application/Core/Object/Redirect.php +21 -3
  13. application/Core/Object/Route.php +10 -7
  14. application/Core/Object/Toolbar.php +10 -7
  15. application/Core/Object/Uri.php +10 -7
  16. application/Core/Object/Visibility.php +64 -26
  17. application/Core/Policy/Condition.php +21 -10
  18. application/Core/Policy/Factory.php +18 -8
  19. application/Core/Policy/Manager.php +40 -13
  20. application/Core/Policy/Token.php +38 -14
  21. application/Core/Subject.php +14 -7
  22. application/Service/AccessPolicy.php +59 -26
  23. application/Service/Content.php +24 -9
  24. application/Service/ExtendedCapabilities.php +28 -22
  25. application/Service/Jwt.php +36 -22
  26. application/Service/LogoutRedirect.php +7 -3
  27. application/Service/SecureLogin.php +23 -20
  28. application/Service/Uri.php +7 -2
  29. lang/advanced-access-manager-en_US.po +53 -54
  30. readme.txt +28 -3
aam.php CHANGED
@@ -3,7 +3,7 @@
3
  /**
4
  * Plugin Name: Advanced Access Manager
5
  * Description: Collection of features to manage your WordPress website authentication, authorization and monitoring
6
- * Version: 6.0.5
7
  * Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  * Author URI: https://vasyltech.com
9
  * Text Domain: advanced-access-manager
@@ -264,7 +264,7 @@ if (defined('ABSPATH')) {
264
  //define few common constants
265
  define('AAM_MEDIA', plugins_url('/media', __FILE__));
266
  define('AAM_KEY', 'advanced-access-manager');
267
- define('AAM_VERSION', '6.0.5');
268
  define('AAM_BASEDIR', __DIR__);
269
 
270
  //load vendor
3
  /**
4
  * Plugin Name: Advanced Access Manager
5
  * Description: Collection of features to manage your WordPress website authentication, authorization and monitoring
6
+ * Version: 6.1.0
7
  * Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  * Author URI: https://vasyltech.com
9
  * Text Domain: advanced-access-manager
264
  //define few common constants
265
  define('AAM_MEDIA', plugins_url('/media', __FILE__));
266
  define('AAM_KEY', 'advanced-access-manager');
267
+ define('AAM_VERSION', '6.1.0');
268
  define('AAM_BASEDIR', __DIR__);
269
 
270
  //load vendor
application/Backend/Feature/Main/Policy.php CHANGED
@@ -5,15 +5,16 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Access Policy UI manager
14
  *
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  class AAM_Backend_Feature_Main_Policy
19
  extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAware
@@ -47,8 +48,12 @@ extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAwar
47
  *
48
  * @return void
49
  *
 
 
 
 
50
  * @access public
51
- * @version 6.0.0
52
  */
53
  public function __construct()
54
  {
@@ -68,10 +73,7 @@ extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAwar
68
  }, 10, 2);
69
 
70
  add_filter('aam_default_subject_tab_filter', function ($content, $params) {
71
- global $post;
72
-
73
- if (is_a($post, 'WP_Post')
74
- && ($post->post_type === AAM_Service_AccessPolicy::POLICY_CPT)) {
75
  $content = AAM_Backend_View::getInstance()->loadPartial(
76
  'default-principal-subject-tab',
77
  $params
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Access Policy UI manager
12
  *
13
+ * @since 6.1.0 Fixed bug with "Attach to Default" button
14
+ * @since 6.0.0 Initial implementation of the class
15
+ *
16
  * @package AAM
17
+ * @version 6.1.0
18
  */
19
  class AAM_Backend_Feature_Main_Policy
20
  extends AAM_Backend_Feature_Abstract implements AAM_Backend_Feature_ISubjectAware
48
  *
49
  * @return void
50
  *
51
+ * @since 6.1.0 Fixed the bug where "Attach to Default" button was not showing at
52
+ * all
53
+ * @since 6.0.0 Initial implementation of the method
54
+ *
55
  * @access public
56
+ * @version 6.1.0
57
  */
58
  public function __construct()
59
  {
73
  }, 10, 2);
74
 
75
  add_filter('aam_default_subject_tab_filter', function ($content, $params) {
76
+ if ($this->getFromQuery('aamframe') === 'principal') {
 
 
 
77
  $content = AAM_Backend_View::getInstance()->loadPartial(
78
  'default-principal-subject-tab',
79
  $params
application/Backend/Feature/Subject/Role.php CHANGED
@@ -5,15 +5,16 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Role view manager
14
  *
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  class AAM_Backend_Feature_Subject_Role
19
  {
@@ -178,8 +179,11 @@ class AAM_Backend_Feature_Subject_Role
178
  *
179
  * @return array
180
  *
 
 
 
181
  * @access private
182
- * @version 6.0.0
183
  */
184
  private function _create()
185
  {
@@ -200,6 +204,7 @@ class AAM_Backend_Feature_Subject_Role
200
  $caps = ($parent ? $parent->capabilities : array());
201
  } else {
202
  $caps = array();
 
203
  }
204
 
205
  if ($role = $roles->add_role($role_id, $name, $caps)) {
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Role view manager
12
  *
13
+ * @since 6.1.0 Fixed bug with role creation process that caused PHP warning
14
+ * @since 6.0.0 Initial implementation of the class
15
+ *
16
  * @package AAM
17
+ * @version 6.1.0
18
  */
19
  class AAM_Backend_Feature_Subject_Role
20
  {
179
  *
180
  * @return array
181
  *
182
+ * @since 6.1.0 Fixed the PHP notice where `Undefined variable: parent`
183
+ * @since 6.0.0 Initial implementation of the method
184
+ *
185
  * @access private
186
+ * @version 6.1.0
187
  */
188
  private function _create()
189
  {
204
  $caps = ($parent ? $parent->capabilities : array());
205
  } else {
206
  $caps = array();
207
+ $parent = null;
208
  }
209
 
210
  if ($role = $roles->add_role($role_id, $name, $caps)) {
application/Backend/Manager.php CHANGED
@@ -5,15 +5,16 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Backend manager
14
  *
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  class AAM_Backend_Manager
19
  {
@@ -307,8 +308,12 @@ class AAM_Backend_Manager
307
  *
308
  * @return void
309
  *
 
 
 
 
310
  * @access public
311
- * @version 6.0.0
312
  */
313
  public function renderContent()
314
  {
@@ -325,13 +330,12 @@ class AAM_Backend_Manager
325
  $accept = AAM_Core_Request::server('HTTP_ACCEPT_ENCODING');
326
  header('Content-Type: text/html; charset=UTF-8');
327
 
328
- $zlib = strtolower(ini_get('zlib.output_compression'));
329
  $compressed = count(array_intersect(
330
  array('zlib output compression', 'ob_gzhandler'),
331
  ob_list_handlers()
332
  )) > 0;
333
 
334
- if (in_array($zlib, array('1', 'on'), true) && !empty($accept)) {
335
  header('Vary: Accept-Encoding'); // Handle proxies
336
 
337
  if (false !== stripos($accept, 'gzip') && function_exists('gzencode')) {
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Backend manager
12
  *
13
+ * @since 6.1.0 Fixed bug with HTML compression
14
+ * @since 6.0.0 Initial implementation of the class
15
+ *
16
  * @package AAM
17
+ * @version 6.1.0
18
  */
19
  class AAM_Backend_Manager
20
  {
308
  *
309
  * @return void
310
  *
311
+ * @since 6.1.0 Fixed bug with improper response if server config does not match
312
+ * PHP executable INI settings
313
+ * @since 6.0.0 Initial implementation of the method
314
+ *
315
  * @access public
316
+ * @version 6.1.0
317
  */
318
  public function renderContent()
319
  {
330
  $accept = AAM_Core_Request::server('HTTP_ACCEPT_ENCODING');
331
  header('Content-Type: text/html; charset=UTF-8');
332
 
 
333
  $compressed = count(array_intersect(
334
  array('zlib output compression', 'ob_gzhandler'),
335
  ob_list_handlers()
336
  )) > 0;
337
 
338
+ if (!empty($accept)) {
339
  header('Vary: Accept-Encoding'); // Handle proxies
340
 
341
  if (false !== stripos($accept, 'gzip') && function_exists('gzencode')) {
application/Backend/tmpl/partial/visitor-principal-subject-tab.php CHANGED
@@ -1,13 +1,24 @@
1
- <?php /** @version 6.0.0 */ ?>
 
 
 
 
 
 
 
 
2
 
3
  <?php if (defined('AAM_KEY')) { ?>
4
  <div class="visitor-message">
5
  <span class="aam-bordered"><?php echo __('Attach current access &amp; security policy to visitors (any user that is not authenticated)', AAM_KEY); ?>.</span>
6
  <?php
7
- $visitor = new AAM_Core_Subject_Visitor();
8
- $hasPolicy = $visitor->getObject(AAM_Core_Object_Policy::OBJECT_TYPE)->has($params->policyId);
 
 
9
  $btnStatus = $hasPolicy ? 'detach' : 'attach';
10
- ?>
 
11
  <?php if ($hasPolicy) { ?>
12
  <button class="btn btn-primary btn-block" id="attach-policy-visitor" data-has="1" <?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Detach Policy From Visitors', AAM_KEY); ?></button>
13
  <?php } else { ?>
1
+ <?php
2
+ /**
3
+ *
4
+ * @since 6.1.0 Switched to use AAM API to obtain visitor subject
5
+ * @since 6.0.0 Initial implementation of the template
6
+ *
7
+ * @version 6.1.0
8
+ * */
9
+ ?>
10
 
11
  <?php if (defined('AAM_KEY')) { ?>
12
  <div class="visitor-message">
13
  <span class="aam-bordered"><?php echo __('Attach current access &amp; security policy to visitors (any user that is not authenticated)', AAM_KEY); ?>.</span>
14
  <?php
15
+ $hasPolicy = AAM::api()->getVisitor()->getObject(
16
+ AAM_Core_Object_Policy::OBJECT_TYPE
17
+ )->has($params->policyId);
18
+
19
  $btnStatus = $hasPolicy ? 'detach' : 'attach';
20
+ ?>
21
+
22
  <?php if ($hasPolicy) { ?>
23
  <button class="btn btn-primary btn-block" id="attach-policy-visitor" data-has="1" <?php echo ($btnStatus ? '' : ' disabled'); ?>><?php echo __('Detach Policy From Visitors', AAM_KEY); ?></button>
24
  <?php } else { ?>
application/Core/Gateway.php CHANGED
@@ -5,15 +5,16 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
13
  * AAM core API gateway
14
  *
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  final class AAM_Core_Gateway
19
  {
@@ -176,20 +177,26 @@ final class AAM_Core_Gateway
176
  * Prepare Access Policy manager but only if service is enabled
177
  *
178
  * @param AAM_Core_Subject $subject
 
179
  *
180
  * @return AAM_Core_Policy_Manager|null
181
  *
 
 
 
182
  * @access public
183
- * @version 6.0.0
184
  */
185
- public function getAccessPolicyManager(AAM_Core_Subject $subject = null)
 
 
186
  {
187
  if (is_null($subject)) {
188
  $subject = AAM::getUser();
189
  }
190
 
191
  if (AAM_Core_Config::get(AAM_Service_AccessPolicy::FEATURE_FLAG, true)) {
192
- $manager = AAM_Core_Policy_Factory::get($subject);
193
  } else {
194
  $manager = null;
195
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * AAM core API gateway
12
  *
13
+ * @since 6.1.0 Significant improvement of the inheritance mechanism
14
+ * @since 6.0.0 Initial implementation of the class
15
+ *
16
  * @package AAM
17
+ * @version 6.1.0
18
  */
19
  final class AAM_Core_Gateway
20
  {
177
  * Prepare Access Policy manager but only if service is enabled
178
  *
179
  * @param AAM_Core_Subject $subject
180
+ * @param boolean $skipInheritance
181
  *
182
  * @return AAM_Core_Policy_Manager|null
183
  *
184
+ * @since 6.1.0 Added $skipInheritance flag to insure proper settings inheritance
185
+ * @since 6.0.0 Initial implementation of the method
186
+ *
187
  * @access public
188
+ * @version 6.1.0
189
  */
190
+ public function getAccessPolicyManager(
191
+ AAM_Core_Subject $subject = null, $skipInheritance = false
192
+ )
193
  {
194
  if (is_null($subject)) {
195
  $subject = AAM::getUser();
196
  }
197
 
198
  if (AAM_Core_Config::get(AAM_Service_AccessPolicy::FEATURE_FLAG, true)) {
199
+ $manager = AAM_Core_Policy_Factory::get($subject, $skipInheritance);
200
  } else {
201
  $manager = null;
202
  }
application/Core/Jwt/Issuer.php CHANGED
@@ -10,11 +10,13 @@
10
  /**
11
  * AAM JWT Issuer
12
  *
 
13
  * @since 6.0.4 Bug fixing. Timezone was handled incorrectly and ttl did not take in
14
  * consideration numeric "in seconds" value
15
  * @since 6.0.0 Initial implementation of the class
 
16
  * @package AAM
17
- * @version 6.0.4
18
  */
19
  class AAM_Core_Jwt_Issuer
20
  {
@@ -28,11 +30,12 @@ class AAM_Core_Jwt_Issuer
28
  *
29
  * @return object
30
  *
 
31
  * @since 6.0.4 Making sure that JWT expiration is checked with UTC timezone
32
  * @since 6.0.0 Initial implementation of the method
33
  *
34
  * @access public
35
- * @version 6.0.4
36
  */
37
  public function validateToken($token)
38
  {
@@ -66,15 +69,20 @@ class AAM_Core_Jwt_Issuer
66
  );
67
 
68
  if (!is_array($tokens) || !in_array($token, $tokens, true)) {
69
- throw new Exception(__('Token has been revoked', AAM_KEY));
 
 
 
70
  }
71
  }
72
 
73
  $response->isValid = true;
74
  } catch (Exception $ex) {
 
75
  $response = array(
76
  'isValid' => false,
77
- 'reason' => $ex->getMessage()
 
78
  );
79
  }
80
 
10
  /**
11
  * AAM JWT Issuer
12
  *
13
+ * @since 6.1.0 Enriched error response with more details
14
  * @since 6.0.4 Bug fixing. Timezone was handled incorrectly and ttl did not take in
15
  * consideration numeric "in seconds" value
16
  * @since 6.0.0 Initial implementation of the class
17
+ *
18
  * @package AAM
19
+ * @version 6.1.0
20
  */
21
  class AAM_Core_Jwt_Issuer
22
  {
30
  *
31
  * @return object
32
  *
33
+ * @since 6.1.0 Enriched error response with more details
34
  * @since 6.0.4 Making sure that JWT expiration is checked with UTC timezone
35
  * @since 6.0.0 Initial implementation of the method
36
  *
37
  * @access public
38
+ * @version 6.1.0
39
  */
40
  public function validateToken($token)
41
  {
69
  );
70
 
71
  if (!is_array($tokens) || !in_array($token, $tokens, true)) {
72
+ throw new Exception(
73
+ __('Token has been revoked', AAM_KEY),
74
+ 410
75
+ );
76
  }
77
  }
78
 
79
  $response->isValid = true;
80
  } catch (Exception $ex) {
81
+ $status = $ex->getCode();
82
  $response = array(
83
  'isValid' => false,
84
+ 'reason' => $ex->getMessage(),
85
+ 'status' => (!empty($status) ? $status : 400)
86
  );
87
  }
88
 
application/Core/Object.php CHANGED
@@ -8,13 +8,22 @@
8
  */
9
 
10
  /**
11
- * Abstract object class
12
  *
 
 
 
 
 
 
 
 
 
13
  * @since 6.0.5 Added `getExplicitOption` method
14
  * @since 6.0.0 Initial implementation of the class
15
  *
16
  * @package AAM
17
- * @version 6.0.5
18
  */
19
  abstract class AAM_Core_Object
20
  {
@@ -22,6 +31,8 @@ abstract class AAM_Core_Object
22
  /**
23
  * Core object slug
24
  *
 
 
25
  * @version 6.0.0
26
  */
27
  const OBJECT_TYPE = null;
@@ -29,6 +40,8 @@ abstract class AAM_Core_Object
29
  /**
30
  * Subject
31
  *
 
 
32
  * @var AAM_Core_Subject
33
  *
34
  * @access private
@@ -39,7 +52,11 @@ abstract class AAM_Core_Object
39
  /**
40
  * Object Id
41
  *
42
- * @var mixed
 
 
 
 
43
  *
44
  * @access private
45
  * @version 6.0.0
@@ -47,7 +64,11 @@ abstract class AAM_Core_Object
47
  private $_id = null;
48
 
49
  /**
50
- * Object options
 
 
 
 
51
  *
52
  * @var array
53
  *
@@ -59,6 +80,11 @@ abstract class AAM_Core_Object
59
  /**
60
  * Explicit options (not inherited from parent subjects)
61
  *
 
 
 
 
 
62
  * @var array
63
  *
64
  * @access private
@@ -79,43 +105,29 @@ abstract class AAM_Core_Object
79
  */
80
  private $_overwritten = false;
81
 
82
- /**
83
- * Suppress any filters that may alter option
84
- *
85
- * This is used to suppress the inheritance chain that invokes when object has
86
- * hierarchical relationships.
87
- *
88
- * @var boolean
89
- *
90
- * @access private
91
- * @version 6.0.0
92
- */
93
- private $_suppressFilters = false;
94
-
95
  /**
96
  * Constructor
97
  *
98
- * @param AAM_Core_Subject $subject
99
- * @param mixed $id
100
- * @param boolean $setSuppressFilters
101
  *
102
  * @return void
103
  *
 
 
 
104
  * @access public
105
  * @version 6.0.0
106
  */
107
- public function __construct(
108
- AAM_Core_Subject $subject, $id = null, $suppressFilters = false
109
- ) {
110
  $this->setSubject($subject);
111
  $this->setId($id);
112
- $this->setSuppressFilters($suppressFilters);
113
-
114
  $this->initialize();
115
  }
116
 
117
  /**
118
- * Initialize access settings
119
  *
120
  * @return void
121
  *
@@ -127,19 +139,26 @@ abstract class AAM_Core_Object
127
  /**
128
  * Fallback to avoid any issues with previous versions
129
  *
130
- * @param string $function
131
- * @param array $args
 
 
 
132
  *
133
  * @return void
134
  *
 
 
 
 
135
  * @access public
136
- * @version 6.0.0
137
  */
138
  public function __call($function, $args)
139
  {
140
  _doing_it_wrong(
141
  $function,
142
- sprintf(__('AAM object function %s is not defined', AAM_KEY), $function),
143
  AAM_VERSION
144
  );
145
  }
@@ -241,7 +260,7 @@ abstract class AAM_Core_Object
241
  * @return mixed
242
  *
243
  * @access public
244
- * @version 5.0.0
245
  */
246
  public function get($property, $default = null)
247
  {
@@ -289,12 +308,16 @@ abstract class AAM_Core_Object
289
  *
290
  * @return AAM_Core_Object
291
  *
 
 
 
 
292
  * @access public
293
- * @version 6.0.0
294
  */
295
  public function updateOptionItem($item, $value)
296
  {
297
- $option = $this->getOption();
298
 
299
  if (isset($option[$item]) && is_array($option[$item])) {
300
  $option[$item] = array_replace_recursive($option[$item], $value);
@@ -302,7 +325,10 @@ abstract class AAM_Core_Object
302
  $option[$item] = $value;
303
  }
304
 
305
- $this->setOption($option);
 
 
 
306
 
307
  return $this;
308
  }
@@ -314,13 +340,17 @@ abstract class AAM_Core_Object
314
  *
315
  * @return void
316
  *
 
 
 
 
317
  * @access public
318
- * @version 6.0.0
319
  */
320
  public function determineOverwritten($option)
321
  {
322
  $this->_overwritten = !empty($option);
323
- $this->_explicitOption = $option;
324
  }
325
 
326
  /**
@@ -369,6 +399,21 @@ abstract class AAM_Core_Object
369
  return $this->_explicitOption;
370
  }
371
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
372
  /**
373
  * Check if options are overwritten
374
  *
@@ -387,13 +432,17 @@ abstract class AAM_Core_Object
387
  *
388
  * @return boolean
389
  *
 
 
 
 
390
  * @access public
391
- * @version 6.0.0
392
  */
393
  public function save()
394
  {
395
  return $this->getSubject()->updateOption(
396
- $this->getOption(),
397
  static::OBJECT_TYPE,
398
  $this->getId()
399
  );
@@ -415,32 +464,4 @@ abstract class AAM_Core_Object
415
  );
416
  }
417
 
418
- /**
419
- * Suppress filters flag
420
- *
421
- * @param boolean $setSuppressFilters
422
- *
423
- * @return void
424
- *
425
- * @access protected
426
- * @version 6.0.0
427
- */
428
- protected function setSuppressFilters($setSuppressFilters)
429
- {
430
- $this->_suppressFilters = $setSuppressFilters;
431
- }
432
-
433
- /**
434
- * Get suppress filters flag
435
- *
436
- * @return boolean
437
- *
438
- * @access public
439
- * @version 6.0.0
440
- */
441
- public function suppressFilters()
442
- {
443
- return $this->_suppressFilters;
444
- }
445
-
446
  }
8
  */
9
 
10
  /**
11
+ * Abstract class that represents AAM object concept
12
  *
13
+ * AAM Object is a website resource that you manage access to for users, roles or
14
+ * visitors. For example, it can be any website post, page, term, backend menu etc.
15
+ *
16
+ * On another hand, AAM Object is a “container” with specific settings for any user,
17
+ * role or visitor. For example login, logout redirect, default category or access
18
+ * denied redirect rules.
19
+ *
20
+ * @since 6.1.0 Significant improvement to the inheritance mechanism. Documented
21
+ * the class
22
  * @since 6.0.5 Added `getExplicitOption` method
23
  * @since 6.0.0 Initial implementation of the class
24
  *
25
  * @package AAM
26
+ * @version 6.1.0
27
  */
28
  abstract class AAM_Core_Object
29
  {
31
  /**
32
  * Core object slug
33
  *
34
+ * The slug should be unique identifier for the type of object (e.g. menu, post)
35
+ *
36
  * @version 6.0.0
37
  */
38
  const OBJECT_TYPE = null;
40
  /**
41
  * Subject
42
  *
43
+ * Current subject access settings belong to
44
+ *
45
  * @var AAM_Core_Subject
46
  *
47
  * @access private
52
  /**
53
  * Object Id
54
  *
55
+ * Some objects may have unique identifier like each post or term has unique
56
+ * auto-incremented ID, or post type - unique slug. Other objects, like menu,
57
+ * toolbar, do not have unique.
58
+ *
59
+ * @var int|string|null
60
  *
61
  * @access private
62
  * @version 6.0.0
64
  private $_id = null;
65
 
66
  /**
67
+ * Object access options
68
+ *
69
+ * Array of access options or settings. Depending on object, the structure of
70
+ * options may vary. Typically it is an associated array of key/value pairs,
71
+ * however in some cases it is multi-dimensional array of settings.
72
  *
73
  * @var array
74
  *
80
  /**
81
  * Explicit options (not inherited from parent subjects)
82
  *
83
+ * When object is obtained through AAM_Core_Subject::getObject method, it already
84
+ * contains the final set of the settings, inherited from the parent subjects.
85
+ * This properly contains access settings that are explicitly defined for current
86
+ * subject.
87
+ *
88
  * @var array
89
  *
90
  * @access private
105
  */
106
  private $_overwritten = false;
107
 
 
 
 
 
 
 
 
 
 
 
 
 
 
108
  /**
109
  * Constructor
110
  *
111
+ * @param AAM_Core_Subject $subject Requested subject
112
+ * @param mixed $id Object ID if applicable
 
113
  *
114
  * @return void
115
  *
116
+ * @since 6.1.0 Removed $suppressFilters param
117
+ * @since 6.0.0 Initial implementation of the method
118
+ *
119
  * @access public
120
  * @version 6.0.0
121
  */
122
+ public function __construct(AAM_Core_Subject $subject, $id = null)
123
+ {
 
124
  $this->setSubject($subject);
125
  $this->setId($id);
 
 
126
  $this->initialize();
127
  }
128
 
129
  /**
130
+ * Initialize access options
131
  *
132
  * @return void
133
  *
139
  /**
140
  * Fallback to avoid any issues with previous versions
141
  *
142
+ * If DEBUG mode is enabled, the error message states that invoking method does
143
+ * not exist
144
+ *
145
+ * @param string $function Invoking method
146
+ * @param array $args Method's arguments
147
  *
148
  * @return void
149
  *
150
+ * @since 6.1.0 Do not localize internal error message
151
+ * @since 6.0.0 Initial implementation of the method
152
+ *
153
+ * @see _doing_it_wrong
154
  * @access public
155
+ * @version 6.1.0
156
  */
157
  public function __call($function, $args)
158
  {
159
  _doing_it_wrong(
160
  $function,
161
+ sprintf('AAM object function %s is not defined', $function),
162
  AAM_VERSION
163
  );
164
  }
260
  * @return mixed
261
  *
262
  * @access public
263
+ * @version 6.0.0
264
  */
265
  public function get($property, $default = null)
266
  {
308
  *
309
  * @return AAM_Core_Object
310
  *
311
+ * @since 6.1.0 Using explicitOptions to add new access setting instead of
312
+ * final options
313
+ * @since 6.0.0 Initial implementation of the method
314
+ *
315
  * @access public
316
+ * @version 6.1.0
317
  */
318
  public function updateOptionItem($item, $value)
319
  {
320
+ $option = $this->getExplicitOption();
321
 
322
  if (isset($option[$item]) && is_array($option[$item])) {
323
  $option[$item] = array_replace_recursive($option[$item], $value);
325
  $option[$item] = $value;
326
  }
327
 
328
+ // Override current set of final options to keep consistency
329
+ $this->setOption(array_replace_recursive($this->getOption(), $option));
330
+
331
+ $this->setExplicitOption($option);
332
 
333
  return $this;
334
  }
340
  *
341
  * @return void
342
  *
343
+ * @since 6.1.0 Using explicitOptions to determine override flag instead of
344
+ * final options
345
+ * @since 6.0.0 Initial implementation of the method
346
+ *
347
  * @access public
348
+ * @version 6.1.0
349
  */
350
  public function determineOverwritten($option)
351
  {
352
  $this->_overwritten = !empty($option);
353
+ $this->setExplicitOption(is_array($option) ? $option : array());
354
  }
355
 
356
  /**
399
  return $this->_explicitOption;
400
  }
401
 
402
+ /**
403
+ * Set explicit object option
404
+ *
405
+ * @param array $option
406
+ *
407
+ * @return void
408
+ *
409
+ * @access protected
410
+ * @version 6.1.0
411
+ */
412
+ protected function setExplicitOption($option)
413
+ {
414
+ $this->_explicitOption = $option;
415
+ }
416
+
417
  /**
418
  * Check if options are overwritten
419
  *
432
  *
433
  * @return boolean
434
  *
435
+ * @since 6.1.0 Using explicitOptions to save access setting instead of
436
+ * final options
437
+ * @since 6.0.0 Initial implementation of the method
438
+ *
439
  * @access public
440
+ * @version 6.1.0
441
  */
442
  public function save()
443
  {
444
  return $this->getSubject()->updateOption(
445
+ $this->getExplicitOption(),
446
  static::OBJECT_TYPE,
447
  $this->getId()
448
  );
464
  );
465
  }
466
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
467
  }
application/Core/Object/LoginRedirect.php CHANGED
@@ -5,15 +5,16 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Login redirect object
14
  *
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  class AAM_Core_Object_LoginRedirect extends AAM_Core_Object
19
  {
@@ -40,4 +41,21 @@ class AAM_Core_Object_LoginRedirect extends AAM_Core_Object
40
  $this->setOption(is_array($option) ? $option : array());
41
  }
42
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
43
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Login redirect object
12
  *
13
+ * @since 6.1.0 Fixed bug with incorrectly merged settings
14
+ * @since 6.0.0 Initial implementation of the class
15
+ *
16
  * @package AAM
17
+ * @version 6.1.0
18
  */
19
  class AAM_Core_Object_LoginRedirect extends AAM_Core_Object
20
  {
41
  $this->setOption(is_array($option) ? $option : array());
42
  }
43
 
44
+ /**
45
+ * Merge settings
46
+ *
47
+ * The last subject overrides previous
48
+ *
49
+ * @param array $options
50
+ *
51
+ * @return array
52
+ *
53
+ * @access public
54
+ * @version 6.1.0
55
+ */
56
+ public function mergeOption($options)
57
+ {
58
+ return array_replace_recursive($options, $this->getOption());
59
+ }
60
+
61
  }
application/Core/Object/LogoutRedirect.php CHANGED
@@ -5,15 +5,16 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Logout redirect object
14
  *
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  class AAM_Core_Object_LogoutRedirect extends AAM_Core_Object
19
  {
@@ -40,4 +41,21 @@ class AAM_Core_Object_LogoutRedirect extends AAM_Core_Object
40
  $this->setOption(is_array($option) ? $option : array());
41
  }
42
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
43
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Logout redirect object
12
  *
13
+ * @since 6.1.0 Fixed bug with incorrectly merged settings
14
+ * @since 6.0.0 Initial implementation of the class
15
+ *
16
  * @package AAM
17
+ * @version 6.1.0
18
  */
19
  class AAM_Core_Object_LogoutRedirect extends AAM_Core_Object
20
  {
41
  $this->setOption(is_array($option) ? $option : array());
42
  }
43
 
44
+ /**
45
+ * Merge settings
46
+ *
47
+ * The last subject overrides previous
48
+ *
49
+ * @param array $options
50
+ *
51
+ * @return array
52
+ *
53
+ * @access public
54
+ * @version 6.1.0
55
+ */
56
+ public function mergeOption($options)
57
+ {
58
+ return array_replace_recursive($options, $this->getOption());
59
+ }
60
+
61
  }
application/Core/Object/Post.php CHANGED
@@ -10,12 +10,13 @@
10
  /**
11
  * Post object
12
  *
 
13
  * @since 6.0.1 Added new method isDefined that is used to determine if access option
14
  * is defined
15
  * @since 6.0.0 Initial implementation of the class
16
  *
17
  * @package AAM
18
- * @version 6.0.1
19
  */
20
  class AAM_Core_Object_Post extends AAM_Core_Object
21
  {
@@ -42,18 +43,18 @@ class AAM_Core_Object_Post extends AAM_Core_Object
42
  *
43
  * @param AAM_Core_Subject $subject
44
  * @param WP_Post|Int $post
45
- * @param boolean $suppressFilters
46
  *
47
  * @return void
48
  *
 
 
 
49
  * @access public
50
- * @version 6.0.0
51
  */
52
- public function __construct(
53
- AAM_Core_Subject $subject, $post, $suppressFilters = false
54
- ) {
55
  $this->setSubject($subject);
56
- $this->setSuppressFilters($suppressFilters);
57
 
58
  // Make sure that we are dealing with WP_Post object
59
  // This is done to remove redundant calls to the database on the backend view
@@ -93,7 +94,11 @@ class AAM_Core_Object_Post extends AAM_Core_Object
93
 
94
  /**
95
  * @inheritDoc
96
- * @version 6.0.0
 
 
 
 
97
  */
98
  protected function initialize()
99
  {
@@ -105,15 +110,12 @@ class AAM_Core_Object_Post extends AAM_Core_Object
105
 
106
  $this->determineOverwritten($option);
107
 
108
- if ($this->suppressFilters() === false) {
109
- // Trigger custom functionality that may populate the post access options
110
- // after initial setup. Typically is used by third party functionality and
111
- // premium AAM plugins.
112
- $option = apply_filters('aam_post_object_option_filter', $option, $this);
113
- }
114
-
115
- // Finally set the option for this object
116
- $this->setOption($option);
117
  }
118
 
119
  /**
@@ -234,13 +236,18 @@ class AAM_Core_Object_Post extends AAM_Core_Object
234
  *
235
  * @return boolean
236
  *
 
 
 
237
  * @access public
238
- * @version 6.0.0
239
  */
240
  public function save()
241
  {
242
  return $this->getSubject()->updateOption(
243
- $this->getOption(), self::OBJECT_TYPE, $this->ID . '|' . $this->post_type
 
 
244
  );
245
  }
246
 
10
  /**
11
  * Post object
12
  *
13
+ * @since 6.1.0 Removed support for the $suppressFilters flag
14
  * @since 6.0.1 Added new method isDefined that is used to determine if access option
15
  * is defined
16
  * @since 6.0.0 Initial implementation of the class
17
  *
18
  * @package AAM
19
+ * @version 6.1.0
20
  */
21
  class AAM_Core_Object_Post extends AAM_Core_Object
22
  {
43
  *
44
  * @param AAM_Core_Subject $subject
45
  * @param WP_Post|Int $post
 
46
  *
47
  * @return void
48
  *
49
+ * @since 6.1.0 Removed support for the $suppressFilters flag
50
+ * @since 6.0.0 Initial implementation of the method
51
+ *
52
  * @access public
53
+ * @version 6.1.0
54
  */
55
+ public function __construct(AAM_Core_Subject $subject, $post)
56
+ {
 
57
  $this->setSubject($subject);
 
58
 
59
  // Make sure that we are dealing with WP_Post object
60
  // This is done to remove redundant calls to the database on the backend view
94
 
95
  /**
96
  * @inheritDoc
97
+ *
98
+ * @since 6.1.0 Removed support for the $suppressFilters flag
99
+ * @since 6.0.0 Initial implementation of the method
100
+ *
101
+ * @version 6.1.0
102
  */
103
  protected function initialize()
104
  {
110
 
111
  $this->determineOverwritten($option);
112
 
113
+ // Trigger custom functionality that may populate the post access options
114
+ // after initial setup. Typically is used by third party functionality and
115
+ // premium AAM plugins.
116
+ $this->setOption(
117
+ apply_filters('aam_post_object_option_filter', $option, $this)
118
+ );
 
 
 
119
  }
120
 
121
  /**
236
  *
237
  * @return boolean
238
  *
239
+ * @since 6.1.0 Using explicit options to store settings
240
+ * @since 6.0.0 Initial implementation of the method
241
+ *
242
  * @access public
243
+ * @version 6.1.0
244
  */
245
  public function save()
246
  {
247
  return $this->getSubject()->updateOption(
248
+ $this->getExplicitOption(),
249
+ self::OBJECT_TYPE,
250
+ $this->ID . '|' . $this->post_type
251
  );
252
  }
253
 
application/Core/Object/Redirect.php CHANGED
@@ -5,15 +5,16 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Access denied redirect object
14
  *
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  class AAM_Core_Object_Redirect extends AAM_Core_Object
19
  {
@@ -56,4 +57,21 @@ class AAM_Core_Object_Redirect extends AAM_Core_Object
56
  return isset($option[$param]) ? $option[$param] : $default;
57
  }
58
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
59
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Access denied redirect object
12
  *
13
+ * @since 6.1.0 Fixed bug with incorrectly merged settings
14
+ * @since 6.0.0 Initial implementation of the class
15
+ *
16
  * @package AAM
17
+ * @version 6.1.0
18
  */
19
  class AAM_Core_Object_Redirect extends AAM_Core_Object
20
  {
57
  return isset($option[$param]) ? $option[$param] : $default;
58
  }
59
 
60
+ /**
61
+ * Merge settings
62
+ *
63
+ * The last subject overrides previous
64
+ *
65
+ * @param array $options
66
+ *
67
+ * @return array
68
+ *
69
+ * @access public
70
+ * @version 6.1.0
71
+ */
72
+ public function mergeOption($options)
73
+ {
74
+ return array_replace_recursive($options, $this->getOption());
75
+ }
76
+
77
  }
application/Core/Object/Route.php CHANGED
@@ -5,15 +5,16 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
13
  * API route object
14
  *
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  class AAM_Core_Object_Route extends AAM_Core_Object
19
  {
@@ -27,7 +28,11 @@ class AAM_Core_Object_Route extends AAM_Core_Object
27
 
28
  /**
29
  * @inheritdoc
30
- * @version 6.0.0
 
 
 
 
31
  */
32
  protected function initialize()
33
  {
@@ -37,9 +42,7 @@ class AAM_Core_Object_Route extends AAM_Core_Object
37
 
38
  // Trigger custom functionality that may populate the menu options. For
39
  // example, this hooks is used by Access Policy service
40
- if (empty($option)) {
41
- $option = apply_filters('aam_route_object_option_filter', $option, $this);
42
- }
43
 
44
  $this->setOption(is_array($option) ? $option : array());
45
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * API route object
12
  *
13
+ * @since 6.1.0 Fixed bug with incorrectly halted inheritance mechanism
14
+ * @since 6.0.0 Initial implementation of the class
15
+ *
16
  * @package AAM
17
+ * @version 6.1.0
18
  */
19
  class AAM_Core_Object_Route extends AAM_Core_Object
20
  {
28
 
29
  /**
30
  * @inheritdoc
31
+ *
32
+ * @since 6.1.0 Fixed bug with incorrectly halted inheritance mechanism
33
+ * @since 6.0.0 Initial implementation of the method
34
+ *
35
+ * @version 6.1.0
36
  */
37
  protected function initialize()
38
  {
42
 
43
  // Trigger custom functionality that may populate the menu options. For
44
  // example, this hooks is used by Access Policy service
45
+ $option = apply_filters('aam_route_object_option_filter', $option, $this);
 
 
46
 
47
  $this->setOption(is_array($option) ? $option : array());
48
  }
application/Core/Object/Toolbar.php CHANGED
@@ -12,8 +12,11 @@
12
  /**
13
  * Admin toolbar object
14
  *
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  class AAM_Core_Object_Toolbar extends AAM_Core_Object
19
  {
@@ -27,7 +30,11 @@ class AAM_Core_Object_Toolbar extends AAM_Core_Object
27
 
28
  /**
29
  * @inheritdoc
30
- * @version 6.0.0
 
 
 
 
31
  */
32
  protected function initialize()
33
  {
@@ -37,11 +44,7 @@ class AAM_Core_Object_Toolbar extends AAM_Core_Object
37
 
38
  // Trigger custom functionality that may populate the menu options. For
39
  // example, this hooks is used by Access Policy service
40
- if (empty($option)) {
41
- $option = apply_filters(
42
- 'aam_toolbar_object_option_filter', $option, $this
43
- );
44
- }
45
 
46
  $this->setOption(is_array($option) ? $option : array());
47
  }
12
  /**
13
  * Admin toolbar object
14
  *
15
+ * @since 6.1.0 Fixed bug with incorrectly halted inheritance mechanism
16
+ * @since 6.0.0 Initial implementation of the class
17
+ *
18
  * @package AAM
19
+ * @version 6.1.0
20
  */
21
  class AAM_Core_Object_Toolbar extends AAM_Core_Object
22
  {
30
 
31
  /**
32
  * @inheritdoc
33
+ *
34
+ * @since 6.1.0 Fixed bug with incorrectly halted inheritance mechanism
35
+ * @since 6.0.0 Initial implementation of the method
36
+ *
37
+ * @version 6.1.0
38
  */
39
  protected function initialize()
40
  {
44
 
45
  // Trigger custom functionality that may populate the menu options. For
46
  // example, this hooks is used by Access Policy service
47
+ $option = apply_filters('aam_toolbar_object_option_filter', $option, $this);
 
 
 
 
48
 
49
  $this->setOption(is_array($option) ? $option : array());
50
  }
application/Core/Object/Uri.php CHANGED
@@ -5,15 +5,16 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
13
  * URI object
14
  *
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  class AAM_Core_Object_Uri extends AAM_Core_Object
19
  {
@@ -27,7 +28,11 @@ class AAM_Core_Object_Uri extends AAM_Core_Object
27
 
28
  /**
29
  * @inheritdoc
30
- * @version 6.0.0
 
 
 
 
31
  */
32
  protected function initialize()
33
  {
@@ -37,9 +42,7 @@ class AAM_Core_Object_Uri extends AAM_Core_Object
37
 
38
  // Trigger custom functionality that may populate the menu options. For
39
  // example, this hooks is used by Access Policy service
40
- if (empty($option)) {
41
- $option = apply_filters('aam_uri_object_option_filter', $option, $this);
42
- }
43
 
44
  $this->setOption(is_array($option) ? $option : array());
45
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * URI object
12
  *
13
+ * @since 6.1.0 Fixed bug with incorrectly halted inheritance mechanism
14
+ * @since 6.0.0 Initial implementation of the class
15
+ *
16
  * @package AAM
17
+ * @version 6.1.0
18
  */
19
  class AAM_Core_Object_Uri extends AAM_Core_Object
20
  {
28
 
29
  /**
30
  * @inheritdoc
31
+ *
32
+ * @since 6.1.0 Fixed bug with incorrectly halted inheritance mechanism
33
+ * @since 6.0.0 Initial implementation of the method
34
+ *
35
+ * @version 6.1.0
36
  */
37
  protected function initialize()
38
  {
42
 
43
  // Trigger custom functionality that may populate the menu options. For
44
  // example, this hooks is used by Access Policy service
45
+ $option = apply_filters('aam_uri_object_option_filter', $option, $this);
 
 
46
 
47
  $this->setOption(is_array($option) ? $option : array());
48
  }
application/Core/Object/Visibility.php CHANGED
@@ -5,15 +5,17 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Post visibility object
14
  *
 
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  class AAM_Core_Object_Visibility extends AAM_Core_Object
19
  {
@@ -40,19 +42,19 @@ class AAM_Core_Object_Visibility extends AAM_Core_Object
40
  *
41
  * @param AAM_Core_Subject $subject
42
  * @param mixed $id
43
- * @param boolean $setSuppressFilters
44
  *
45
  * @return void
46
  *
 
 
 
47
  * @access public
48
- * @version 6.0.0
49
  */
50
- public function __construct(
51
- AAM_Core_Subject $subject, $id = null, $suppressFilters = false
52
- ) {
53
  $this->setSubject($subject);
54
  $this->setId($id);
55
- $this->setSuppressFilters($suppressFilters);
56
 
57
  // Determine post access properties that are responsible for the post
58
  // visibility
@@ -66,7 +68,11 @@ class AAM_Core_Object_Visibility extends AAM_Core_Object
66
 
67
  /**
68
  * @inheritDoc
69
- * @version 6.0.0
 
 
 
 
70
  */
71
  protected function initialize()
72
  {
@@ -76,11 +82,9 @@ class AAM_Core_Object_Visibility extends AAM_Core_Object
76
  $this->pushOptions('post', $id, $settings);
77
  }
78
 
79
- if ($this->suppressFilters() === false) {
80
- // Initialize post visibility option. This hooks is used by Access Policy
81
- // service as well as Plus Package to populate visibility list
82
- do_action('aam_visibility_object_init_action', $this);
83
- }
84
  }
85
 
86
  /**
@@ -92,8 +96,12 @@ class AAM_Core_Object_Visibility extends AAM_Core_Object
92
  *
93
  * @return array
94
  *
 
 
 
 
95
  * @access public
96
- * @version 6.0.0
97
  */
98
  public function pushOptions($object, $id, $options)
99
  {
@@ -113,10 +121,12 @@ class AAM_Core_Object_Visibility extends AAM_Core_Object
113
  );
114
  }
115
 
116
- if (!isset($option[$object][$id])) {
117
- $option[$object][$id] = $filtered;
118
  } else {
119
- $option[$object][$id] = array_replace($filtered, $option[$object][$id]);
 
 
120
  }
121
  $this->setOption($option);
122
 
@@ -130,14 +140,24 @@ class AAM_Core_Object_Visibility extends AAM_Core_Object
130
  *
131
  * @return array
132
  *
 
 
 
 
133
  * @access public
134
- * @version 6.0.0
135
  */
136
  public function getSegment($segment)
137
  {
138
- $option = $this->getOption();
 
 
 
 
 
 
139
 
140
- return (isset($option[$segment]) ? $option[$segment] : array());
141
  }
142
 
143
  /**
@@ -147,14 +167,32 @@ class AAM_Core_Object_Visibility extends AAM_Core_Object
147
  *
148
  * @return array
149
  *
 
 
 
 
150
  * @access public
151
- * @version 6.0.0
152
  */
153
  public function mergeOption($options)
154
  {
155
- return AAM::api()->mergeSettings(
156
- $options, $this->getOption(), AAM_Core_Object_Post::OBJECT_TYPE
157
- );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
158
  }
159
 
160
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Post visibility object
12
  *
13
+ * @since 6.1.0 Refactored implementation to fix merging bugs and improve inheritance
14
+ * mechanism
15
+ * @since 6.0.0 Initial implementation of the class
16
+ *
17
  * @package AAM
18
+ * @version 6.1.0
19
  */
20
  class AAM_Core_Object_Visibility extends AAM_Core_Object
21
  {
42
  *
43
  * @param AAM_Core_Subject $subject
44
  * @param mixed $id
 
45
  *
46
  * @return void
47
  *
48
+ * @since 6.1.0 Removed support for the $suppressFilters flag
49
+ * @since 6.0.0 Initial implementation of the method
50
+ *
51
  * @access public
52
+ * @version 6.1.0
53
  */
54
+ public function __construct(AAM_Core_Subject $subject, $id = null)
55
+ {
 
56
  $this->setSubject($subject);
57
  $this->setId($id);
 
58
 
59
  // Determine post access properties that are responsible for the post
60
  // visibility
68
 
69
  /**
70
  * @inheritDoc
71
+ *
72
+ * @since 6.1.0 Removed support for the $suppressFilters flag
73
+ * @since 6.0.0 Initial implementation of the method
74
+ *
75
+ * @version 6.1.0
76
  */
77
  protected function initialize()
78
  {
82
  $this->pushOptions('post', $id, $settings);
83
  }
84
 
85
+ // Initialize post visibility option. This hooks is used by Access Policy
86
+ // service as well as Plus Package to populate visibility list
87
+ do_action('aam_visibility_object_init_action', $this);
 
 
88
  }
89
 
90
  /**
96
  *
97
  * @return array
98
  *
99
+ * @since 6.1.0 Changed the way visibility options are indexed (used to be as
100
+ * multi-dimensional array and now it is key/value pairs)
101
+ * @since 6.0.0 Initial implementation of the method
102
+ *
103
  * @access public
104
+ * @version 6.1.0
105
  */
106
  public function pushOptions($object, $id, $options)
107
  {
121
  );
122
  }
123
 
124
+ if (!isset($option["{$object}/{$id}"])) {
125
+ $option["{$object}/{$id}"] = $filtered;
126
  } else {
127
+ $option["{$object}/{$id}"] = array_replace(
128
+ $filtered, $option["{$object}/{$id}"]
129
+ );
130
  }
131
  $this->setOption($option);
132
 
140
  *
141
  * @return array
142
  *
143
+ * @since 6.1.0 Changed the way visibility options are fetched (used to be as
144
+ * multi-dimensional array and now it is key/value pairs)
145
+ * @since 6.0.0 Initial implementation of the method
146
+ *
147
  * @access public
148
+ * @version 6.1.0
149
  */
150
  public function getSegment($segment)
151
  {
152
+ $response = array();
153
+
154
+ foreach($this->getOption() as $key => $value) {
155
+ if (strpos($key, "{$segment}/") === 0) {
156
+ $response[str_replace("{$segment}/", '', $key)] = $value;
157
+ }
158
+ }
159
 
160
+ return $response;
161
  }
162
 
163
  /**
167
  *
168
  * @return array
169
  *
170
+ * @since 6.1.0 Fixed bug with incorrectly merged settings for users with multiple
171
+ * roles
172
+ * @since 6.0.0 Initial implementation of the method
173
+ *
174
  * @access public
175
+ * @version 6.1.0
176
  */
177
  public function mergeOption($options)
178
  {
179
+ $these_options = $this->getOption();
180
+ $keys = array_unique(array_merge(
181
+ array_keys($options), array_keys($this->getOption())
182
+ ));
183
+
184
+ $merged = array();
185
+
186
+ // Iterate over each unique key end merge settings accordingly
187
+ foreach($keys as $key) {
188
+ $merged[$key] = AAM::api()->mergeSettings(
189
+ (isset($options[$key]) ? $options[$key] : array()),
190
+ (isset($these_options[$key]) ? $these_options[$key] : array()),
191
+ AAM_Core_Object_Post::OBJECT_TYPE
192
+ );
193
+ }
194
+
195
+ return $merged;
196
  }
197
 
198
  }
application/Core/Policy/Condition.php CHANGED
@@ -5,15 +5,16 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
13
  * AAM core policy condition evaluator
14
  *
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  class AAM_Core_Policy_Condition
19
  {
@@ -382,10 +383,13 @@ class AAM_Core_Policy_Condition
382
  *
383
  * @return mixed Prepared part of the condition or false on failure
384
  *
 
 
 
385
  * @access protected
386
- * @version 6.0.0
387
  */
388
- protected function parseExpression($exp, $args)
389
  {
390
  if (is_scalar($exp)) {
391
  if (preg_match_all('/(\$\{[^}]+\})/', $exp, $match)) {
@@ -394,9 +398,12 @@ class AAM_Core_Policy_Condition
394
 
395
  $types = 'string|ip|int|boolean|bool|array|null';
396
 
397
- // If there is type scaling, perform it too
 
 
 
398
  if (preg_match('/^\(\*(' . $types . ')\)(.*)/i', $exp, $scale)) {
399
- $exp = $this->castValue($scale[2], $scale[1]);
400
  }
401
  } elseif (is_array($exp) || is_object($exp)) {
402
  foreach ($exp as &$value) {
@@ -417,10 +424,14 @@ class AAM_Core_Policy_Condition
417
  *
418
  * @return mixed
419
  *
 
 
 
 
420
  * @access protected
421
- * @version 6.0.0
422
  */
423
- protected function castValue($value, $type)
424
  {
425
  switch (strtolower($type)) {
426
  case 'string':
@@ -449,10 +460,10 @@ class AAM_Core_Policy_Condition
449
  break;
450
 
451
  default:
 
452
  break;
453
  }
454
 
455
  return $value;
456
  }
457
-
458
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * AAM core policy condition evaluator
12
  *
13
+ * @since 6.1.0 Improved type casting functionality
14
+ * @since 6.0.0 Initial implementation of the class
15
+ *
16
  * @package AAM
17
+ * @version 6.1.0
18
  */
19
  class AAM_Core_Policy_Condition
20
  {
383
  *
384
  * @return mixed Prepared part of the condition or false on failure
385
  *
386
+ * @since 6.1.0 Improved type casing functionality
387
+ * @since 6.0.0 Initial implementation of the method
388
+ *
389
  * @access protected
390
+ * @version 6.1.0
391
  */
392
+ public function parseExpression($exp, $args)
393
  {
394
  if (is_scalar($exp)) {
395
  if (preg_match_all('/(\$\{[^}]+\})/', $exp, $match)) {
398
 
399
  $types = 'string|ip|int|boolean|bool|array|null';
400
 
401
+ // Note! It make no sense to have multiple type casting for one expression
402
+ // due to the fact that they all would have to be concatenated as a string
403
+
404
+ // If there is type casting, perform it too
405
  if (preg_match('/^\(\*(' . $types . ')\)(.*)/i', $exp, $scale)) {
406
+ $exp = $this->_typecast($scale[2], $scale[1]);
407
  }
408
  } elseif (is_array($exp) || is_object($exp)) {
409
  foreach ($exp as &$value) {
424
  *
425
  * @return mixed
426
  *
427
+ * @version 6.1.0 Renamed the method from `castValue` to `_typecast`. Added new
428
+ * filter `aam_token_typecast_filter`
429
+ * @version 6.0.0 Initial implementation of the method
430
+ *
431
  * @access protected
432
+ * @version 6.1.0
433
  */
434
+ private function _typecast($value, $type)
435
  {
436
  switch (strtolower($type)) {
437
  case 'string':
460
  break;
461
 
462
  default:
463
+ $value = apply_filters('aam_token_typecast_filter', $value, $type);
464
  break;
465
  }
466
 
467
  return $value;
468
  }
 
469
  }
application/Core/Policy/Factory.php CHANGED
@@ -5,15 +5,16 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
13
  * AAM core policy manager factory
14
  *
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  final class AAM_Core_Policy_Factory
19
  {
@@ -32,23 +33,32 @@ final class AAM_Core_Policy_Factory
32
  * Get single instance of access manager
33
  *
34
  * @param AAM_Core_Subject $subject
 
35
  *
36
  * @return AAM_Core_Policy_Manager
37
  *
 
 
 
38
  * @access public
39
- * @version 6.0.0
40
  */
41
- public static function get(AAM_Core_Subject $subject = null)
42
  {
43
  if (is_null($subject)) {
44
  $subject = AAM::getUser();
45
  }
46
 
47
- $id = $subject->getId();
48
- $sid = $subject::UID . (empty($id) ? '' : '_' . $id);
 
 
49
 
50
  if (!isset(self::$_instances[$sid])) {
51
- self::$_instances[$sid] = new AAM_Core_Policy_Manager($subject);
 
 
 
52
  // Parse all attached to the user policies
53
  self::$_instances[$sid]->initialize();
54
  }
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * AAM core policy manager factory
12
  *
13
+ * @since 6.1.0 Fixed bug with incorrectly managed internal cache
14
+ * @since 6.0.0 Initial implementation of the class
15
+ *
16
  * @package AAM
17
+ * @version 6.1.0
18
  */
19
  final class AAM_Core_Policy_Factory
20
  {
33
  * Get single instance of access manager
34
  *
35
  * @param AAM_Core_Subject $subject
36
+ * @param boolean $skipInheritance
37
  *
38
  * @return AAM_Core_Policy_Manager
39
  *
40
+ * @since 6.1.0 Fixed bug with incorrectly managed internal caching
41
+ * @since 6.0.0 Initial implementation of the method
42
+ *
43
  * @access public
44
+ * @version 6.1.0
45
  */
46
+ public static function get(AAM_Core_Subject $subject = null, $skipInheritance)
47
  {
48
  if (is_null($subject)) {
49
  $subject = AAM::getUser();
50
  }
51
 
52
+ $id = $subject->getId();
53
+
54
+ $sid = $subject::UID . (empty($id) ? '' : '_' . $id);
55
+ $sid .= ($skipInheritance ? '_direct' : '_complete');
56
 
57
  if (!isset(self::$_instances[$sid])) {
58
+ self::$_instances[$sid] = new AAM_Core_Policy_Manager(
59
+ $subject, $skipInheritance
60
+ );
61
+
62
  // Parse all attached to the user policies
63
  self::$_instances[$sid]->initialize();
64
  }
application/Core/Policy/Manager.php CHANGED
@@ -10,11 +10,12 @@
10
  /**
11
  * AAM policy manager for a specific subject
12
  *
 
13
  * @since 6.0.4 Potential bug fix with improperly merged Param option:* values
14
  * @since 6.0.0 Initial implementation of the class
15
  *
16
  * @package AAM
17
- * @version 6.0.4
18
  */
19
  class AAM_Core_Policy_Manager
20
  {
@@ -55,14 +56,23 @@ class AAM_Core_Policy_Manager
55
  /**
56
  * Constructor
57
  *
 
 
 
58
  * @access protected
59
  *
 
 
 
60
  * @return void
61
- * @version 6.0.0
62
  */
63
- public function __construct(AAM_Core_Subject $subject)
64
  {
65
- $this->object = $subject->getObject(AAM_Core_Object_Policy::OBJECT_TYPE);
 
 
 
66
  $this->subject = $subject;
67
  }
68
 
@@ -382,8 +392,11 @@ class AAM_Core_Policy_Manager
382
  *
383
  * @return array
384
  *
 
 
 
385
  * @access protected
386
- * @version 6.0.0
387
  */
388
  protected function updatePolicyTree(&$tree, $addition)
389
  {
@@ -397,17 +410,31 @@ class AAM_Core_Policy_Manager
397
  $actions = (isset($stm['Action']) ? (array) $stm['Action'] : array(''));
398
 
399
  foreach ($resources as $res) {
 
 
400
  // Allow to build resource name dynamically.
401
- // e.g. "Term:category:${USERMETA.region}:posts"
402
- if (preg_match_all('/(\$\{[^}]+\})/', $res, $match)) {
403
- $res = AAM_Core_Policy_Token::evaluate($res, $match[1]);
 
 
 
 
 
 
 
 
 
 
404
  }
405
 
406
- foreach ($actions as $act) {
407
- $id = strtolower($res . (!empty($act) ? ":{$act}" : ''));
 
408
 
409
- if (!isset($stmts[$id]) || empty($stmts[$id]['Enforce'])) {
410
- $stmts[$id] = $stm;
 
411
  }
412
  }
413
  }
@@ -419,7 +446,7 @@ class AAM_Core_Policy_Manager
419
  foreach ($addition['Param'] as $param) {
420
  if (!empty($param['Key'])) {
421
  // Allow to build param name dynamically.
422
- // e.g. "${USERMETA.region}_posts"
423
  if (preg_match_all('/(\$\{[^}]+\})/', $param['Key'], $match)) {
424
  $id = AAM_Core_Policy_Token::evaluate($param['Key'], $match[1]);
425
  } else {
10
  /**
11
  * AAM policy manager for a specific subject
12
  *
13
+ * @since 6.1.0 Implemented `=>` operator. Improved inheritance mechanism
14
  * @since 6.0.4 Potential bug fix with improperly merged Param option:* values
15
  * @since 6.0.0 Initial implementation of the class
16
  *
17
  * @package AAM
18
+ * @version 6.1.0
19
  */
20
  class AAM_Core_Policy_Manager
21
  {
56
  /**
57
  * Constructor
58
  *
59
+ * @param AAM_Core_Subject $subject
60
+ * @param boolean $skipInheritance
61
+ *
62
  * @access protected
63
  *
64
+ * @since 6.1.0 Added new `$skipInheritance` mandatory argument
65
+ * @since 6.0.0 Initial implementation of the method
66
+ *
67
  * @return void
68
+ * @version 6.1.0
69
  */
70
+ public function __construct(AAM_Core_Subject $subject, $skipInheritance)
71
  {
72
+ $this->object = $subject->getObject(
73
+ AAM_Core_Object_Policy::OBJECT_TYPE, null, $skipInheritance
74
+ );
75
+
76
  $this->subject = $subject;
77
  }
78
 
392
  *
393
  * @return array
394
  *
395
+ * @since 6.1.0 Added support for the `=>` (map to) operator
396
+ * @since 6.0.0 Initial implementation of the method
397
+ *
398
  * @access protected
399
+ * @version 6.1.0
400
  */
401
  protected function updatePolicyTree(&$tree, $addition)
402
  {
410
  $actions = (isset($stm['Action']) ? (array) $stm['Action'] : array(''));
411
 
412
  foreach ($resources as $res) {
413
+ $map = array(); // Reset map
414
+
415
  // Allow to build resource name dynamically.
416
+ if (preg_match('/^(.*)[\s]+(map to|=>)[\s]+(.*)$/i', $res, $match)) {
417
+ // e.g. "Term:category:%s:posts => ${USER_META.regions}"
418
+ $values = (array) AAM_Core_Policy_Token::getTokenValue($match[3]);
419
+
420
+ // Create the map of resources and replace
421
+ foreach($values as $value) {
422
+ $map[] = sprintf($match[1], $value);
423
+ }
424
+ } elseif (preg_match_all('/(\$\{[^}]+\})/', $res, $match)) {
425
+ // e.g. "Term:category:${USER_META.region}:posts"
426
+ $map = array(AAM_Core_Policy_Token::evaluate($res, $match[1]));
427
+ } else {
428
+ $map = array($res);
429
  }
430
 
431
+ foreach($map as $resource) {
432
+ foreach ($actions as $act) {
433
+ $id = strtolower($resource . (!empty($act) ? ":{$act}" : ''));
434
 
435
+ if (!isset($stmts[$id]) || empty($stmts[$id]['Enforce'])) {
436
+ $stmts[$id] = $stm;
437
+ }
438
  }
439
  }
440
  }
446
  foreach ($addition['Param'] as $param) {
447
  if (!empty($param['Key'])) {
448
  // Allow to build param name dynamically.
449
+ // e.g. "${USER_META.region}_posts"
450
  if (preg_match_all('/(\$\{[^}]+\})/', $param['Key'], $match)) {
451
  $id = AAM_Core_Policy_Token::evaluate($param['Key'], $match[1]);
452
  } else {
application/Core/Policy/Token.php CHANGED
@@ -12,8 +12,11 @@
12
  /**
13
  * AAM core policy token evaluator
14
  *
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  class AAM_Core_Policy_Token
19
  {
@@ -23,8 +26,11 @@ class AAM_Core_Policy_Token
23
  *
24
  * @var array
25
  *
 
 
 
26
  * @access protected
27
- * @version 6.0.0
28
  */
29
  protected static $map = array(
30
  'USER' => 'AAM_Core_Policy_Token::getUserValue',
@@ -40,7 +46,8 @@ class AAM_Core_Policy_Token
40
  'ENV' => 'getenv',
41
  'CONST' => 'AAM_Core_Policy_Token::getConstant',
42
  'WP_OPTION' => 'AAM_Core_API::getOption',
43
- 'JWT' => 'AAM_Core_Policy_Token::getJwtClaim'
 
44
  );
45
 
46
  /**
@@ -52,17 +59,16 @@ class AAM_Core_Policy_Token
52
  *
53
  * @return string
54
  *
 
 
 
55
  * @access public
56
- * @version 6.0.0
57
  */
58
  public static function evaluate($part, array $tokens, array $args = array())
59
  {
60
  foreach ($tokens as $token) {
61
- $val = self::getValue(
62
- preg_replace('/^\$\{([^}]+)\}$/', '${1}', $token),
63
- $args
64
- );
65
-
66
  $part = str_replace(
67
  $token,
68
  (is_scalar($val) || is_null($val) ? $val : json_encode($val)),
@@ -81,13 +87,12 @@ class AAM_Core_Policy_Token
81
  *
82
  * @return mixed
83
  *
84
- * @access protected
85
- * @version 6.0.0
86
  */
87
- protected static function getValue($token, $args)
88
  {
89
- $value = null;
90
- $parts = explode('.', $token);
91
 
92
  if (isset(self::$map[$parts[0]])) {
93
  if ($parts[0] === 'ARGS') {
@@ -97,6 +102,10 @@ class AAM_Core_Policy_Token
97
  }
98
  } elseif ($parts[0] === 'CALLBACK') {
99
  $value = is_callable($parts[1]) ? call_user_func($parts[1], $args) : null;
 
 
 
 
100
  }
101
 
102
  return $value;
@@ -242,4 +251,19 @@ class AAM_Core_Policy_Token
242
  return (defined($const) ? constant($const) : null);
243
  }
244
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
245
  }
12
  /**
13
  * AAM core policy token evaluator
14
  *
15
+ * @since 6.1.0 Added support for the new token `AAM_CONFIG`
16
+ * @since 6.0.0 Initial implementation of the class
17
+ *
18
  * @package AAM
19
+ * @version 6.1.0
20
  */
21
  class AAM_Core_Policy_Token
22
  {
26
  *
27
  * @var array
28
  *
29
+ * @since 6.1.0 Added `AAM_CONFIG` token
30
+ * @since 6.0.0 Initial implementation of the property
31
+ *
32
  * @access protected
33
+ * @version 6.1.0
34
  */
35
  protected static $map = array(
36
  'USER' => 'AAM_Core_Policy_Token::getUserValue',
46
  'ENV' => 'getenv',
47
  'CONST' => 'AAM_Core_Policy_Token::getConstant',
48
  'WP_OPTION' => 'AAM_Core_API::getOption',
49
+ 'JWT' => 'AAM_Core_Policy_Token::getJwtClaim',
50
+ 'AAM_CONFIG' => 'AAM_Core_Policy_Token::getConfig'
51
  );
52
 
53
  /**
59
  *
60
  * @return string
61
  *
62
+ * @since 6.1.0 Changed `getValue` method to `getTokenValue`
63
+ * @since 6.0.0 Initial implementation of the method
64
+ *
65
  * @access public
66
+ * @version 6.1.0
67
  */
68
  public static function evaluate($part, array $tokens, array $args = array())
69
  {
70
  foreach ($tokens as $token) {
71
+ $val = self::getTokenValue($token, $args);
 
 
 
 
72
  $part = str_replace(
73
  $token,
74
  (is_scalar($val) || is_null($val) ? $val : json_encode($val)),
87
  *
88
  * @return mixed
89
  *
90
+ * @access public
91
+ * @version 6.1.0
92
  */
93
+ public static function getTokenValue($token, $args = array())
94
  {
95
+ $parts = explode('.', preg_replace('/^\$\{([^}]+)\}$/', '${1}', $token), 2);
 
96
 
97
  if (isset(self::$map[$parts[0]])) {
98
  if ($parts[0] === 'ARGS') {
102
  }
103
  } elseif ($parts[0] === 'CALLBACK') {
104
  $value = is_callable($parts[1]) ? call_user_func($parts[1], $args) : null;
105
+ } else {
106
+ $value = apply_filters(
107
+ 'aam_get_policy_token_value_filter', $parts[0], $parts[1], $args
108
+ );
109
  }
110
 
111
  return $value;
251
  return (defined($const) ? constant($const) : null);
252
  }
253
 
254
+ /**
255
+ * Get AAM configuration
256
+ *
257
+ * @param string $config
258
+ *
259
+ * @return mixed
260
+ *
261
+ * @access protected
262
+ * @version 6.1.0
263
+ */
264
+ protected static function getConfig($config)
265
+ {
266
+ return AAM::api()->getConfig($config);
267
+ }
268
+
269
  }
application/Core/Subject.php CHANGED
@@ -5,8 +5,6 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
@@ -28,8 +26,11 @@
28
  * Subject principal is underlying WordPress core user or role. Not all Subjects have
29
  * principals (e.g. Visitor or Default).
30
  *
 
 
 
31
  * @package AAM
32
- * @version 6.0.0
33
  */
34
  abstract class AAM_Core_Subject
35
  {
@@ -275,13 +276,19 @@ abstract class AAM_Core_Subject
275
  *
276
  * @return AAM_Core_Object
277
  *
 
 
 
 
278
  * @access public
279
- * @version 6.0.0
280
  */
281
  public function getObject($type, $id = null, $skipInheritance = false)
282
  {
 
 
283
  // Check if there is an object with specified ID
284
- if (!isset($this->_objects[$type . $id])) {
285
  $class_name = 'AAM_Core_Object_' . ucfirst($type);
286
 
287
  // If requested object is part of the core, instantiate it
@@ -304,10 +311,10 @@ abstract class AAM_Core_Subject
304
  }
305
 
306
  // Finally cache the object
307
- $this->_objects[$type . $id] = $object;
308
  }
309
  } else {
310
- $object = $this->_objects[$type . $id];
311
  }
312
 
313
  return $object;
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
26
  * Subject principal is underlying WordPress core user or role. Not all Subjects have
27
  * principals (e.g. Visitor or Default).
28
  *
29
+ * @since 6.1.0 Fixed bug with incorrectly managed internal cache
30
+ * @since 6.0.0 Initial implementation of the class
31
+ *
32
  * @package AAM
33
+ * @version 6.1.0
34
  */
35
  abstract class AAM_Core_Subject
36
  {
276
  *
277
  * @return AAM_Core_Object
278
  *
279
+ * @since 6.1.0 Fixed the bug where initialize object was not cached correctly
280
+ * due to $skipInheritance flag
281
+ * @since 6.0.0 Initial implementation of the method
282
+ *
283
  * @access public
284
+ * @version 6.1.0
285
  */
286
  public function getObject($type, $id = null, $skipInheritance = false)
287
  {
288
+ $suffix = ($skipInheritance ? '_direct' : '_full');
289
+
290
  // Check if there is an object with specified ID
291
+ if (!isset($this->_objects[$type . $id . $suffix])) {
292
  $class_name = 'AAM_Core_Object_' . ucfirst($type);
293
 
294
  // If requested object is part of the core, instantiate it
311
  }
312
 
313
  // Finally cache the object
314
+ $this->_objects[$type . $id . $suffix] = $object;
315
  }
316
  } else {
317
+ $object = $this->_objects[$type . $id . $suffix];
318
  }
319
 
320
  return $object;
application/Service/AccessPolicy.php CHANGED
@@ -5,15 +5,16 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Access Policy service
14
  *
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  class AAM_Service_AccessPolicy
19
  {
@@ -222,13 +223,16 @@ class AAM_Service_AccessPolicy
222
  *
223
  * @return array
224
  *
 
 
 
225
  * @access public
226
  * @see https://aamplugin.com/reference/policy#backendmenu
227
- * @version 6.0.0
228
  */
229
  public function initializeMenu($option, AAM_Core_Object_Menu $object)
230
  {
231
- $manager = AAM_Core_Policy_Factory::get($object->getSubject());
232
  $found = $manager->getResources(AAM_Core_Policy_Resource::MENU);
233
  $parsed = array();
234
 
@@ -247,13 +251,16 @@ class AAM_Service_AccessPolicy
247
  *
248
  * @return array
249
  *
 
 
 
250
  * @access public
251
  * @see https://aamplugin.com/reference/policy#toolbar
252
- * @version 6.0.0
253
  */
254
  public function initializeToolbar($option, AAM_Core_Object_Toolbar $object)
255
  {
256
- $manager = AAM_Core_Policy_Factory::get($object->getSubject());
257
  $found = $manager->getResources(AAM_Core_Policy_Resource::TOOLBAR);
258
  $parsed = array();
259
 
@@ -272,13 +279,16 @@ class AAM_Service_AccessPolicy
272
  *
273
  * @return array
274
  *
 
 
 
275
  * @access public
276
  * @see https://aamplugin.com/reference/policy#metabox
277
- * @version 6.0.0
278
  */
279
  public function initializeMetabox($option, AAM_Core_Object_Metabox $object)
280
  {
281
- $manager = AAM_Core_Policy_Factory::get($object->getSubject());
282
  $found = $manager->getResources(array(
283
  AAM_Core_Policy_Resource::METABOX, AAM_Core_Policy_Resource::WIDGET
284
  ));
@@ -301,13 +311,16 @@ class AAM_Service_AccessPolicy
301
  *
302
  * @return boolean
303
  *
 
 
 
304
  * @access public
305
  * @link https://aamplugin.com/reference/policy#capability
306
- * @version 6.0.0
307
  */
308
  public function isCapabilityAllowed($allowed, $cap, $action)
309
  {
310
- $manager = AAM_Core_Policy_Factory::get(AAM::getUser());
311
  $result = $manager->isAllowed("Capability:{$cap}:AAM:{$action}");
312
 
313
  return ($result === null ? $allowed : $result);
@@ -320,14 +333,17 @@ class AAM_Service_AccessPolicy
320
  *
321
  * @return void
322
  *
 
 
 
323
  * @access public
324
  * @link https://aamplugin.com/reference/policy#capability
325
  * @link https://aamplugin.com/reference/policy#role
326
- * @version 6.0.0
327
  */
328
  public function initializeUser(AAM_Core_Subject_User $subject)
329
  {
330
- $manager = AAM_Core_Policy_Factory::get($subject);
331
  $wp_user = $subject->getPrincipal();
332
 
333
  // Update user's list of roles if policy states so
@@ -391,14 +407,16 @@ class AAM_Service_AccessPolicy
391
  *
392
  * @return array
393
  *
 
 
 
394
  * @access public
395
  * @see https://aamplugin.com/reference/policy#post
396
- * @version 6.0.0
397
  */
398
  public function initializePost($option, AAM_Core_Object_Post $object)
399
  {
400
- $manager = AAM_Core_Policy_Factory::get($object->getSubject());
401
-
402
  $found = $manager->getResources(sprintf(
403
  '%s:%s:(%d|%s)',
404
  AAM_Core_Policy_Resource::POST,
@@ -564,12 +582,15 @@ class AAM_Service_AccessPolicy
564
  *
565
  * @return void
566
  *
 
 
 
567
  * @access public
568
- * @version 6.0.0
569
  */
570
  public function initializeVisibility(AAM_Core_Object_Visibility $visibility)
571
  {
572
- $manager = AAM_Core_Policy_Factory::get($visibility->getSubject());
573
  $found = $manager->getResources(AAM_Core_Policy_Resource::POST);
574
 
575
  foreach($found as $resource => $stm) {
@@ -610,13 +631,16 @@ class AAM_Service_AccessPolicy
610
  *
611
  * @return array
612
  *
 
 
 
613
  * @access public
614
  * @see https://aamplugin.com/reference/policy#uri
615
- * @version 6.0.0
616
  */
617
  public function initializeUri($option, AAM_Core_Object_Uri $object)
618
  {
619
- $manager = AAM_Core_Policy_Factory::get($object->getSubject());
620
  $found = $manager->getResources(AAM_Core_Policy_Resource::URI);
621
  $parsed = array();
622
 
@@ -649,13 +673,16 @@ class AAM_Service_AccessPolicy
649
  *
650
  * @return array
651
  *
 
 
 
652
  * @access public
653
  * @see https://aamplugin.com/reference/policy#route
654
- * @version 6.0.0
655
  */
656
  public function initializeRoute($option, AAM_Core_Object_Route $object)
657
  {
658
- $manager = AAM_Core_Policy_Factory::get($object->getSubject());
659
  $found = $manager->getResources(AAM_Core_Policy_Resource::ROUTE);
660
  $parsed = array();
661
 
@@ -729,13 +756,16 @@ class AAM_Service_AccessPolicy
729
  *
730
  * @return boolean
731
  *
 
 
 
732
  * @access public
733
  * @link https://aamplugin.com/reference/policy#plugin
734
- * @version 6.0.0
735
  */
736
  public function isPluginActionAllowed($allowed, $action, $slug = null)
737
  {
738
- $manager = AAM_Core_Policy_Factory::get(AAM::getUser());
739
 
740
  if ($slug === null) {
741
  $id = AAM_Core_Policy_Resource::PLUGIN . ":WP:{$action}";
@@ -753,12 +783,15 @@ class AAM_Service_AccessPolicy
753
  *
754
  * @return array
755
  *
 
 
 
756
  * @access public
757
- * @version 6.0.0
758
  */
759
  public function filterPlugins($plugins)
760
  {
761
- $manager = AAM_Core_Policy_Factory::get(AAM::getUser());
762
  $filtered = array();
763
 
764
  foreach($plugins as $id => $plugin) {
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Access Policy service
12
  *
13
+ * @since 6.1.0 Changed the way access policy manager is obtained
14
+ * @since 6.0.0 Initial implementation of the class
15
+ *
16
  * @package AAM
17
+ * @version 6.1.0
18
  */
19
  class AAM_Service_AccessPolicy
20
  {
223
  *
224
  * @return array
225
  *
226
+ * @since 6.1.0 Changed the way access policy manage is obtained
227
+ * @since 6.0.0 Initial implementation of the method
228
+ *
229
  * @access public
230
  * @see https://aamplugin.com/reference/policy#backendmenu
231
+ * @version 6.1.0
232
  */
233
  public function initializeMenu($option, AAM_Core_Object_Menu $object)
234
  {
235
+ $manager = AAM::api()->getAccessPolicyManager($object->getSubject(), true);
236
  $found = $manager->getResources(AAM_Core_Policy_Resource::MENU);
237
  $parsed = array();
238
 
251
  *
252
  * @return array
253
  *
254
+ * @since 6.1.0 Changed the way access policy manage is obtained
255
+ * @since 6.0.0 Initial implementation of the method
256
+ *
257
  * @access public
258
  * @see https://aamplugin.com/reference/policy#toolbar
259
+ * @version 6.1.0
260
  */
261
  public function initializeToolbar($option, AAM_Core_Object_Toolbar $object)
262
  {
263
+ $manager = AAM::api()->getAccessPolicyManager($object->getSubject(), true);
264
  $found = $manager->getResources(AAM_Core_Policy_Resource::TOOLBAR);
265
  $parsed = array();
266
 
279
  *
280
  * @return array
281
  *
282
+ * @since 6.1.0 Changed the way access policy manage is obtained
283
+ * @since 6.0.0 Initial implementation of the method
284
+ *
285
  * @access public
286
  * @see https://aamplugin.com/reference/policy#metabox
287
+ * @version 6.1.0
288
  */
289
  public function initializeMetabox($option, AAM_Core_Object_Metabox $object)
290
  {
291
+ $manager = AAM::api()->getAccessPolicyManager($object->getSubject(), true);
292
  $found = $manager->getResources(array(
293
  AAM_Core_Policy_Resource::METABOX, AAM_Core_Policy_Resource::WIDGET
294
  ));
311
  *
312
  * @return boolean
313
  *
314
+ * @since 6.1.0 Changed the way access policy manage is obtained
315
+ * @since 6.0.0 Initial implementation of the method
316
+ *
317
  * @access public
318
  * @link https://aamplugin.com/reference/policy#capability
319
+ * @version 6.1.0
320
  */
321
  public function isCapabilityAllowed($allowed, $cap, $action)
322
  {
323
+ $manager = AAM::api()->getAccessPolicyManager(AAM::getUser(), true);
324
  $result = $manager->isAllowed("Capability:{$cap}:AAM:{$action}");
325
 
326
  return ($result === null ? $allowed : $result);
333
  *
334
  * @return void
335
  *
336
+ * @since 6.1.0 Changed the way access policy manage is obtained
337
+ * @since 6.0.0 Initial implementation of the method
338
+ *
339
  * @access public
340
  * @link https://aamplugin.com/reference/policy#capability
341
  * @link https://aamplugin.com/reference/policy#role
342
+ * @version 6.1.0
343
  */
344
  public function initializeUser(AAM_Core_Subject_User $subject)
345
  {
346
+ $manager = AAM::api()->getAccessPolicyManager($subject);
347
  $wp_user = $subject->getPrincipal();
348
 
349
  // Update user's list of roles if policy states so
407
  *
408
  * @return array
409
  *
410
+ * @since 6.1.0 Changed the way access policy manage is obtained
411
+ * @since 6.0.0 Initial implementation of the method
412
+ *
413
  * @access public
414
  * @see https://aamplugin.com/reference/policy#post
415
+ * @version 6.1.0
416
  */
417
  public function initializePost($option, AAM_Core_Object_Post $object)
418
  {
419
+ $manager = AAM::api()->getAccessPolicyManager($object->getSubject(), true);
 
420
  $found = $manager->getResources(sprintf(
421
  '%s:%s:(%d|%s)',
422
  AAM_Core_Policy_Resource::POST,
582
  *
583
  * @return void
584
  *
585
+ * @since 6.1.0 Changed the way access policy manage is obtained
586
+ * @since 6.0.0 Initial implementation of the method
587
+ *
588
  * @access public
589
+ * @version 6.1.0
590
  */
591
  public function initializeVisibility(AAM_Core_Object_Visibility $visibility)
592
  {
593
+ $manager = AAM::api()->getAccessPolicyManager($visibility->getSubject(), true);
594
  $found = $manager->getResources(AAM_Core_Policy_Resource::POST);
595
 
596
  foreach($found as $resource => $stm) {
631
  *
632
  * @return array
633
  *
634
+ * @since 6.1.0 Changed the way access policy manage is obtained
635
+ * @since 6.0.0 Initial implementation of the method
636
+ *
637
  * @access public
638
  * @see https://aamplugin.com/reference/policy#uri
639
+ * @version 6.1.0
640
  */
641
  public function initializeUri($option, AAM_Core_Object_Uri $object)
642
  {
643
+ $manager = AAM::api()->getAccessPolicyManager($object->getSubject(), true);
644
  $found = $manager->getResources(AAM_Core_Policy_Resource::URI);
645
  $parsed = array();
646
 
673
  *
674
  * @return array
675
  *
676
+ * @since 6.1.0 Changed the way access policy manage is obtained
677
+ * @since 6.0.0 Initial implementation of the method
678
+ *
679
  * @access public
680
  * @see https://aamplugin.com/reference/policy#route
681
+ * @version 6.1.0
682
  */
683
  public function initializeRoute($option, AAM_Core_Object_Route $object)
684
  {
685
+ $manager = AAM::api()->getAccessPolicyManager($object->getSubject(), true);
686
  $found = $manager->getResources(AAM_Core_Policy_Resource::ROUTE);
687
  $parsed = array();
688
 
756
  *
757
  * @return boolean
758
  *
759
+ * @since 6.1.0 Changed the way access policy manage is obtained
760
+ * @since 6.0.0 Initial implementation of the method
761
+ *
762
  * @access public
763
  * @link https://aamplugin.com/reference/policy#plugin
764
+ * @version 6.1.0
765
  */
766
  public function isPluginActionAllowed($allowed, $action, $slug = null)
767
  {
768
+ $manager = AAM::api()->getAccessPolicyManager();
769
 
770
  if ($slug === null) {
771
  $id = AAM_Core_Policy_Resource::PLUGIN . ":WP:{$action}";
783
  *
784
  * @return array
785
  *
786
+ * @since 6.1.0 Changed the way access policy manage is obtained
787
+ * @since 6.0.0 Initial implementation of the method
788
+ *
789
  * @access public
790
+ * @version 6.1.0
791
  */
792
  public function filterPlugins($plugins)
793
  {
794
+ $manager = AAM::api()->getAccessPolicyManager();
795
  $filtered = array();
796
 
797
  foreach($plugins as $id => $plugin) {
application/Service/Content.php CHANGED
@@ -10,6 +10,7 @@
10
  /**
11
  * Posts & Terms service
12
  *
 
13
  * @since 6.0.4 Fixed incompatibility with some quite aggressive plugins
14
  * @since 6.0.2 Refactored the way access to posts is managed. No more pseudo caps
15
  * aam|...
@@ -17,7 +18,7 @@
17
  * @since 6.0.0 Initial implementation of the class
18
  *
19
  * @package AAM
20
- * @version 6.0.4
21
  */
22
  class AAM_Service_Content
23
  {
@@ -153,12 +154,14 @@ class AAM_Service_Content
153
  *
154
  * @return void
155
  *
 
 
156
  * @since 6.0.2 Removed invocation for the pseudo-cap mapping for post types
157
  * @since 6.0.1 Fixed bug related to enabling commenting on all posts
158
  * @since 6.0.0 Initial implementation of the method
159
  *
160
  * @access protected
161
- * @version 6.0.1
162
  */
163
  protected function initializeHooks()
164
  {
@@ -224,7 +227,10 @@ class AAM_Service_Content
224
 
225
  // Populate the collection of post type caps
226
  foreach($obj->cap as $cap) {
227
- if (!in_array($cap, $this->postTypeCaps, true)) {
 
 
 
228
  $this->postTypeCaps[] = $cap;
229
  }
230
  }
@@ -240,11 +246,12 @@ class AAM_Service_Content
240
  *
241
  * @return mixed
242
  *
 
243
  * @since 6.0.2 Making sure that get_post returns actual post object
244
  * @since 6.0.0 Initial implementation of the method
245
  *
246
  * @access public
247
- * @version 6.0.2
248
  */
249
  public function beforeDispatch($response, $handler, $request)
250
  {
@@ -254,10 +261,11 @@ class AAM_Service_Content
254
  }
255
 
256
  // Override the password authentication handling ONLY for posts
257
- $attrs = $request->get_attributes();
258
- $callback = (!empty($attrs['callback'][0]) ? $attrs['callback'][0] : null);
 
259
 
260
- if (is_a($callback, 'WP_REST_Posts_Controller')) {
261
  $post = get_post($request['id']);
262
  $has_pass = isset($request['password']);
263
 
@@ -607,6 +615,8 @@ class AAM_Service_Content
607
  *
608
  * @return array
609
  *
 
 
610
  * @since 6.0.2 Completely rewrote this method to fixed loop caused by mapped
611
  * aam|... post type capability
612
  * @since 6.0.0 Initial implementation of the method
@@ -614,10 +624,13 @@ class AAM_Service_Content
614
  * @link https://forum.aamplugin.com/d/378-aam-6-0-1-conflict-with-acf-advanced-custom-fields
615
  *
616
  * @access public
617
- * @version 6.0.0
618
  */
619
  public function filterMetaMaps($caps, $cap, $user_id, $args)
620
  {
 
 
 
621
  global $post;
622
 
623
  // For optimization reasons, check only caps that belong to registered post
@@ -635,7 +648,7 @@ class AAM_Service_Content
635
 
636
  // If object ID is not empty, then, potentially we are checking for perms
637
  // to perform one of the action against a post
638
- if (!empty($objectId)) {
639
  $requested = get_post($objectId);
640
 
641
  if (is_a($requested, 'WP_Post')) {
@@ -646,6 +659,8 @@ class AAM_Service_Content
646
  $post_type, $cap, $caps, $requested, $args
647
  );
648
  }
 
 
649
  }
650
  }
651
  }
10
  /**
11
  * Posts & Terms service
12
  *
13
+ * @since 6.1.0 Multiple bug fixed
14
  * @since 6.0.4 Fixed incompatibility with some quite aggressive plugins
15
  * @since 6.0.2 Refactored the way access to posts is managed. No more pseudo caps
16
  * aam|...
18
  * @since 6.0.0 Initial implementation of the class
19
  *
20
  * @package AAM
21
+ * @version 6.1.0
22
  */
23
  class AAM_Service_Content
24
  {
154
  *
155
  * @return void
156
  *
157
+ * @since 6.1.0 Fixed the bug where `do_not_allow` capability was mapped to the
158
+ * list of post type capabilities
159
  * @since 6.0.2 Removed invocation for the pseudo-cap mapping for post types
160
  * @since 6.0.1 Fixed bug related to enabling commenting on all posts
161
  * @since 6.0.0 Initial implementation of the method
162
  *
163
  * @access protected
164
+ * @version 6.1.0
165
  */
166
  protected function initializeHooks()
167
  {
227
 
228
  // Populate the collection of post type caps
229
  foreach($obj->cap as $cap) {
230
+ if (
231
+ !in_array($cap, $this->postTypeCaps, true)
232
+ && ($cap !== 'do_not_allow')
233
+ ) {
234
  $this->postTypeCaps[] = $cap;
235
  }
236
  }
246
  *
247
  * @return mixed
248
  *
249
+ * @since 6.1.0 Fixed bug that causes fatal error when callback is Closure
250
  * @since 6.0.2 Making sure that get_post returns actual post object
251
  * @since 6.0.0 Initial implementation of the method
252
  *
253
  * @access public
254
+ * @version 6.1.0
255
  */
256
  public function beforeDispatch($response, $handler, $request)
257
  {
261
  }
262
 
263
  // Override the password authentication handling ONLY for posts
264
+ $attrs = $request->get_attributes();
265
+ $callback = $attrs['callback'];
266
+ $controller = (is_array($callback) ? array_shift($callback) : null);
267
 
268
+ if (is_a($controller, 'WP_REST_Posts_Controller')) {
269
  $post = get_post($request['id']);
270
  $has_pass = isset($request['password']);
271
 
615
  *
616
  * @return array
617
  *
618
+ * @since 6.1.0 Added internal cache to optimize performance for posts that no
619
+ * longer exist but still referenced one way or another
620
  * @since 6.0.2 Completely rewrote this method to fixed loop caused by mapped
621
  * aam|... post type capability
622
  * @since 6.0.0 Initial implementation of the method
624
  * @link https://forum.aamplugin.com/d/378-aam-6-0-1-conflict-with-acf-advanced-custom-fields
625
  *
626
  * @access public
627
+ * @version 6.1.0
628
  */
629
  public function filterMetaMaps($caps, $cap, $user_id, $args)
630
  {
631
+ // Internal cache to optimize search for no longer existing posts
632
+ static $post_cache = array();
633
+
634
  global $post;
635
 
636
  // For optimization reasons, check only caps that belong to registered post
648
 
649
  // If object ID is not empty, then, potentially we are checking for perms
650
  // to perform one of the action against a post
651
+ if (!empty($objectId) && !in_array($objectId, $post_cache, true)) {
652
  $requested = get_post($objectId);
653
 
654
  if (is_a($requested, 'WP_Post')) {
659
  $post_type, $cap, $caps, $requested, $args
660
  );
661
  }
662
+ } else {
663
+ $post_cache[] = $objectId;
664
  }
665
  }
666
  }
application/Service/ExtendedCapabilities.php CHANGED
@@ -5,8 +5,6 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
@@ -14,8 +12,12 @@
14
  *
15
  * Add custom capabilities support that enhance AAM functionality
16
  *
 
 
 
 
17
  * @package AAM
18
- * @version 6.0.0
19
  */
20
  class AAM_Service_ExtendedCapabilities
21
  {
@@ -65,30 +67,16 @@ class AAM_Service_ExtendedCapabilities
65
  *
66
  * @return void
67
  *
 
 
 
 
68
  * @access public
69
- * @version 6.0.0
70
  */
71
  protected function initializeHooks()
72
  {
73
  if (is_admin()) {
74
- add_action('init', function() {
75
- if (is_user_logged_in()) {
76
- // Check if user is allowed to see backend
77
- if (!AAM_Core_API::isAAMCapabilityAllowed('aam_access_dashboard')) {
78
- // If this is the AJAX call, still allow it because it will break a lot
79
- // of frontend stuff that depends on it
80
- if (!defined('DOING_AJAX')) {
81
- wp_die(__('Access Denied', AAM_KEY), 'aam_access_denied');
82
- }
83
- }
84
-
85
- // Check if we need to show admin bar for the current user
86
- if (AAM_Core_API::isAAMCapabilityAllowed('aam_show_toolbar') === false) {
87
- add_filter('show_admin_bar', '__return_false', PHP_INT_MAX);
88
- }
89
- }
90
- }, 1);
91
-
92
  // Control admin area
93
  add_action('admin_notices', array($this, 'controlAdminNotifications'), -1);
94
  add_action('network_admin_notices', array($this, 'controlAdminNotifications'), -1);
@@ -108,6 +96,24 @@ class AAM_Service_ExtendedCapabilities
108
  });
109
  }
110
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
111
  // Password reset feature
112
  add_filter('show_password_fields', array($this, 'canChangePassword'), 10, 2);
113
  add_action('check_passwords', array($this, 'canUpdatePassword'), 10, 3);
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
12
  *
13
  * Add custom capabilities support that enhance AAM functionality
14
  *
15
+ * @since 6.1.0 Fixed the bug where aam_show_toolbar was not taken in consideration
16
+ * due to incorrect placement
17
+ * @since 6.0.0 Initial implementation of the class
18
+ *
19
  * @package AAM
20
+ * @version 6.1.0
21
  */
22
  class AAM_Service_ExtendedCapabilities
23
  {
67
  *
68
  * @return void
69
  *
70
+ * @since 6.1.0 Fixed the bug where aam_show_toolbar was not taken in
71
+ * consideration due to incorrect placement
72
+ * @since 6.0.0 Initial implementation of the method
73
+ *
74
  * @access public
75
+ * @version 6.1.0
76
  */
77
  protected function initializeHooks()
78
  {
79
  if (is_admin()) {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
80
  // Control admin area
81
  add_action('admin_notices', array($this, 'controlAdminNotifications'), -1);
82
  add_action('network_admin_notices', array($this, 'controlAdminNotifications'), -1);
96
  });
97
  }
98
 
99
+ add_action('init', function() {
100
+ if (is_user_logged_in()) {
101
+ // Check if user is allowed to see backend
102
+ if (!AAM_Core_API::isAAMCapabilityAllowed('aam_access_dashboard')) {
103
+ // If this is the AJAX call, still allow it because it will break a lot
104
+ // of frontend stuff that depends on it
105
+ if (!defined('DOING_AJAX')) {
106
+ wp_die(__('Access Denied', AAM_KEY), 'aam_access_denied');
107
+ }
108
+ }
109
+
110
+ // Check if we need to show admin bar for the current user
111
+ if (AAM_Core_API::isAAMCapabilityAllowed('aam_show_toolbar') === false) {
112
+ add_filter('show_admin_bar', '__return_false', PHP_INT_MAX);
113
+ }
114
+ }
115
+ }, 1);
116
+
117
  // Password reset feature
118
  add_filter('show_password_fields', array($this, 'canChangePassword'), 10, 2);
119
  add_action('check_passwords', array($this, 'canUpdatePassword'), 10, 3);
application/Service/Jwt.php CHANGED
@@ -5,15 +5,16 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
13
  * JWT Token service
14
  *
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  class AAM_Service_Jwt
19
  {
@@ -232,8 +233,11 @@ class AAM_Service_Jwt
232
  *
233
  * @return WP_REST_Response
234
  *
 
 
 
235
  * @access public
236
- * @version 6.0.0
237
  */
238
  public function validateToken(WP_REST_Request $request)
239
  {
@@ -243,9 +247,10 @@ class AAM_Service_Jwt
243
  if ($result->isValid === true) {
244
  $response = new WP_REST_Response($result);
245
  } else {
246
- $response = new WP_REST_Response(new WP_Error(
247
- 'rest_jwt_validation_failure', $result->reason
248
- ), 400);
 
249
  }
250
 
251
  return $response;
@@ -276,8 +281,11 @@ class AAM_Service_Jwt
276
  *
277
  * @return WP_REST_Response
278
  *
 
 
 
279
  * @access public
280
- * @version 6.0.0
281
  */
282
  public function refreshToken(WP_REST_Request $request)
283
  {
@@ -301,15 +309,16 @@ class AAM_Service_Jwt
301
  'token_expires' => $new->claims['exp'],
302
  ));
303
  } else {
304
- $response = new WP_REST_Response(new WP_Error(
305
- 'rest_jwt_validation_failure',
306
- __('JWT token is not refreshable', AAM_KEY)
307
- ), 400);
308
  }
309
  } else {
310
- $response = new WP_REST_Response(new WP_Error(
311
- 'rest_jwt_validation_failure', $result->reason
312
- ), 400);
 
313
  }
314
 
315
  return $response;
@@ -322,8 +331,11 @@ class AAM_Service_Jwt
322
  *
323
  * @return WP_REST_Response
324
  *
 
 
 
325
  * @access public
326
- * @version 6.0.0
327
  */
328
  public function revokeToken(WP_REST_Request $request)
329
  {
@@ -336,14 +348,16 @@ class AAM_Service_Jwt
336
  array('message' => 'Token revoked successfully'), 200
337
  );
338
  } else {
339
- $response = new WP_REST_Response(new WP_Error(
340
- 'rest_jwt_revoking_failure', 'Failed to revoke provided token'
341
- ), 404);
 
342
  }
343
  } else {
344
- $response = new WP_REST_Response(new WP_Error(
345
- 'rest_jwt_validation_failure', $claims->reason
346
- ), 400);
 
347
  }
348
 
349
  return $response;
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * JWT Token service
12
  *
13
+ * @since 6.1.0 Enriched error response with more details
14
+ * @since 6.0.0 Initial implementation of the class
15
+ *
16
  * @package AAM
17
+ * @version 6.1.0
18
  */
19
  class AAM_Service_Jwt
20
  {
233
  *
234
  * @return WP_REST_Response
235
  *
236
+ * @since 6.1.0 Enriched error response with more details
237
+ * @since 6.0.0 Initial implementation of the method
238
+ *
239
  * @access public
240
+ * @version 6.1.0
241
  */
242
  public function validateToken(WP_REST_Request $request)
243
  {
247
  if ($result->isValid === true) {
248
  $response = new WP_REST_Response($result);
249
  } else {
250
+ $response = new WP_REST_Response(array(
251
+ 'code' => 'rest_jwt_validation_failure',
252
+ 'reason' => $result->reason
253
+ ), $result->status);
254
  }
255
 
256
  return $response;
281
  *
282
  * @return WP_REST_Response
283
  *
284
+ * @since 6.1.0 Enriched error response with more details
285
+ * @since 6.0.0 Initial implementation of the method
286
+ *
287
  * @access public
288
+ * @version 6.1.0
289
  */
290
  public function refreshToken(WP_REST_Request $request)
291
  {
309
  'token_expires' => $new->claims['exp'],
310
  ));
311
  } else {
312
+ $response = new WP_REST_Response(array(
313
+ 'code' => 'rest_jwt_validation_failure',
314
+ 'reason' =>__('JWT token is not refreshable', AAM_KEY)
315
+ ), 405);
316
  }
317
  } else {
318
+ $response = new WP_REST_Response(array(
319
+ 'code' => 'rest_jwt_validation_failure',
320
+ 'reason' => $result->reason
321
+ ), $result->status);
322
  }
323
 
324
  return $response;
331
  *
332
  * @return WP_REST_Response
333
  *
334
+ * @since 6.1.0 Enriched error response with more details
335
+ * @since 6.0.0 Initial implementation of the method
336
+ *
337
  * @access public
338
+ * @version 6.1.0
339
  */
340
  public function revokeToken(WP_REST_Request $request)
341
  {
348
  array('message' => 'Token revoked successfully'), 200
349
  );
350
  } else {
351
+ $response = new WP_REST_Response(array(
352
+ 'code' => 'rest_jwt_revoking_failure',
353
+ 'reason' => __('Failed to revoke provided token', AAM_KEY)
354
+ ), 409);
355
  }
356
  } else {
357
+ $response = new WP_REST_Response(array(
358
+ 'code' => 'rest_jwt_validation_failure',
359
+ 'reason' => $claims->reason
360
+ ), $claims->status);
361
  }
362
 
363
  return $response;
application/Service/LogoutRedirect.php CHANGED
@@ -10,11 +10,13 @@
10
  /**
11
  * Logout Redirect service
12
  *
 
 
13
  * @since 6.0.5 Fixed the bug with logout redirect
14
  * @since 6.0.0 Initial implementation of the class
15
  *
16
  * @package AAM
17
- * @version 6.0.5
18
  */
19
  class AAM_Service_LogoutRedirect
20
  {
@@ -79,12 +81,14 @@ class AAM_Service_LogoutRedirect
79
  *
80
  * @return void
81
  *
 
 
82
  * @since 6.0.5 Fixed bug where user was not redirected properly after logout
83
  * because AAM was already hooking into `set_current_user`.
84
  * @since 6.0.0 Initial implementation of the method
85
  *
86
  * @access protected
87
- * @version 6.0.5
88
  */
89
  protected function initializeHooks()
90
  {
@@ -111,7 +115,7 @@ class AAM_Service_LogoutRedirect
111
 
112
  // Halt the execution. Redirect should carry user away if this is not
113
  // a CLI execution (e.g. Unit Test)
114
- if (php_sapi_name() !== 'cli') {
115
  exit;
116
  }
117
  }, PHP_INT_MAX);
10
  /**
11
  * Logout Redirect service
12
  *
13
+ * @since 6.1.0 Fixed bug where white screen occurs if "Default" option is
14
+ * explicitly selected
15
  * @since 6.0.5 Fixed the bug with logout redirect
16
  * @since 6.0.0 Initial implementation of the class
17
  *
18
  * @package AAM
19
+ * @version 6.1.0
20
  */
21
  class AAM_Service_LogoutRedirect
22
  {
81
  *
82
  * @return void
83
  *
84
+ * @since 6.1.0 Fixed bug where white screen occurs if "Default" option is
85
+ * explicitly selected
86
  * @since 6.0.5 Fixed bug where user was not redirected properly after logout
87
  * because AAM was already hooking into `set_current_user`.
88
  * @since 6.0.0 Initial implementation of the method
89
  *
90
  * @access protected
91
+ * @version 6.1.0
92
  */
93
  protected function initializeHooks()
94
  {
115
 
116
  // Halt the execution. Redirect should carry user away if this is not
117
  // a CLI execution (e.g. Unit Test)
118
+ if (php_sapi_name() !== 'cli' && $type !== 'default') {
119
  exit;
120
  }
121
  }, PHP_INT_MAX);
application/Service/SecureLogin.php CHANGED
@@ -5,15 +5,16 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
13
  * Secure Login service
14
  *
 
 
 
15
  * @package AAM
16
- * @version 6.0.0
17
  */
18
  class AAM_Service_SecureLogin
19
  {
@@ -168,36 +169,38 @@ class AAM_Service_SecureLogin
168
  *
169
  * @return WP_REST_Response
170
  *
 
 
 
171
  * @access public
172
- * @version 6.0.0
173
  */
174
  public function authenticate(WP_REST_Request $request)
175
  {
176
  $status = 200;
177
 
178
- try {
179
- // No need to generate Auth cookies, unless explicitly stated so
180
- if ($request->get_param('returnAuthCookies') !== true) {
181
- add_filter('send_auth_cookies', '__return_false');
182
- }
183
-
184
- $user = wp_signon(array(
185
- 'user_login' => $request->get_param('username'),
186
- 'user_password' => $request->get_param('password'),
187
- 'remember' => $request->get_param('remember')
188
- ));
189
 
190
- if (is_wp_error($user)) {
191
- throw new Exception($user->get_error_message());
192
- }
 
 
193
 
 
194
  $result = apply_filters('aam_auth_response_filter', array(
195
  'user' => $user,
196
  'redirect' => $request->get_param('redirect')
197
  ), $request);
198
- } catch (Exception $ex) {
199
  $status = 403;
200
- $result = array('reason' => $ex->getMessage());
 
 
 
201
  }
202
 
203
  return new WP_REST_Response($result, $status);
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
11
  * Secure Login service
12
  *
13
+ * @since 6.1.0 Enriched error response with more details
14
+ * @since 6.0.0 Initial implementation of the class
15
+ *
16
  * @package AAM
17
+ * @version 6.1.0
18
  */
19
  class AAM_Service_SecureLogin
20
  {
169
  *
170
  * @return WP_REST_Response
171
  *
172
+ * @since 6.1.0 Enriched error response with more details
173
+ * @since 6.0.0 Initial implementation of the method
174
+ *
175
  * @access public
176
+ * @version 6.1.0
177
  */
178
  public function authenticate(WP_REST_Request $request)
179
  {
180
  $status = 200;
181
 
182
+ // No need to generate Auth cookies, unless explicitly stated so
183
+ if ($request->get_param('returnAuthCookies') !== true) {
184
+ add_filter('send_auth_cookies', '__return_false');
185
+ }
 
 
 
 
 
 
 
186
 
187
+ $user = wp_signon(array(
188
+ 'user_login' => $request->get_param('username'),
189
+ 'user_password' => $request->get_param('password'),
190
+ 'remember' => $request->get_param('remember')
191
+ ));
192
 
193
+ if (!is_wp_error($user)) {
194
  $result = apply_filters('aam_auth_response_filter', array(
195
  'user' => $user,
196
  'redirect' => $request->get_param('redirect')
197
  ), $request);
198
+ } else {
199
  $status = 403;
200
+ $result = array(
201
+ 'code' => $user->get_error_code(),
202
+ 'reason' => $user->get_error_message()
203
+ );
204
  }
205
 
206
  return new WP_REST_Response($result, $status);
application/Service/Uri.php CHANGED
@@ -80,10 +80,13 @@ class AAM_Service_Uri
80
  /**
81
  * Authorize access to current URI
82
  *
83
- * @return void
 
 
 
84
  *
85
  * @access public
86
- * @version 6.0.0
87
  */
88
  public function authorizeUri()
89
  {
@@ -107,6 +110,8 @@ class AAM_Service_Uri
107
  );
108
  }
109
  }
 
 
110
  }
111
 
112
  }
80
  /**
81
  * Authorize access to current URI
82
  *
83
+ * @return boolean
84
+ *
85
+ * @since 6.1.0 The method return boolean `true` if no matches found
86
+ * @since 6.0.0 Initial implementation of the method
87
  *
88
  * @access public
89
+ * @version 6.1.0
90
  */
91
  public function authorizeUri()
92
  {
110
  );
111
  }
112
  }
113
+
114
+ return true;
115
  }
116
 
117
  }
lang/advanced-access-manager-en_US.po CHANGED
@@ -1,7 +1,7 @@
1
  msgid ""
2
  msgstr ""
3
  "Project-Id-Version: Advanced Access Manager\n"
4
- "POT-Creation-Date: 2019-12-01 21:02-0500\n"
5
  "PO-Revision-Date: \n"
6
  "Last-Translator: \n"
7
  "Language-Team: AAMPlugin <support@aamplugin.com>\n"
@@ -107,7 +107,7 @@ msgstr ""
107
  msgid "Token is no longer valid"
108
  msgstr ""
109
 
110
- #: application/Backend/Feature/Main/Jwt.php:227 application/Service/Jwt.php:60
111
  msgid "JWT Tokens"
112
  msgstr ""
113
 
@@ -117,7 +117,7 @@ msgid "Login Redirect"
117
  msgstr ""
118
 
119
  #: application/Backend/Feature/Main/LogoutRedirect.php:75
120
- #: application/Service/LogoutRedirect.php:63
121
  msgid "Logout Redirect"
122
  msgstr ""
123
 
@@ -130,13 +130,13 @@ msgstr ""
130
  msgid "Metaboxes & Widgets"
131
  msgstr ""
132
 
133
- #: application/Backend/Feature/Main/Policy.php:211
134
  msgid "(no title)"
135
  msgstr ""
136
 
137
- #: application/Backend/Feature/Main/Policy.php:304
138
- #: application/Service/AccessPolicy.php:66
139
- #: application/Service/AccessPolicy.php:169
140
  msgid "Access Policies"
141
  msgstr ""
142
 
@@ -174,7 +174,7 @@ msgid "Login page"
174
  msgstr ""
175
 
176
  #: application/Backend/Feature/Main/Post.php:1025
177
- #: application/Service/Content.php:92
178
  msgid "Posts & Terms"
179
  msgstr ""
180
 
@@ -277,15 +277,15 @@ msgstr ""
277
  msgid "Services"
278
  msgstr ""
279
 
280
- #: application/Backend/Feature/Subject/Role.php:118
281
- #: application/Backend/Feature/Subject/Role.php:187
282
- #: application/Backend/Feature/Subject/Role.php:271
283
- #: application/Backend/Feature/Subject/Role.php:297
284
  #: application/Backend/Feature/Subject/User.php:80
285
  msgid "Unauthorized operation"
286
  msgstr ""
287
 
288
- #: application/Backend/Feature/Subject/Role.php:294
289
  msgid "Failed to delete the role"
290
  msgstr ""
291
 
@@ -299,7 +299,7 @@ msgstr ""
299
  msgid "Unexpected application error"
300
  msgstr ""
301
 
302
- #: application/Backend/Manager.php:114
303
  #, php-format
304
  msgid ""
305
  "There was at least one error detected with the automated migration script. "
@@ -307,7 +307,7 @@ msgid ""
307
  "%ssupport@aamplugin.com%s for further assistance."
308
  msgstr ""
309
 
310
- #: application/Backend/Manager.php:254
311
  msgid "[Help us] to be more noticeable and submit your review"
312
  msgstr ""
313
 
@@ -497,13 +497,13 @@ msgid "Failed to apply policy changes"
497
  msgstr ""
498
 
499
  #: application/Backend/View/Localization.php:70
500
- #: application/Backend/tmpl/partial/visitor-principal-subject-tab.php:14
501
  #: media/js/aam.js:1151 media/js/aam.js:1160
502
  msgid "Attach Policy To Visitors"
503
  msgstr ""
504
 
505
  #: application/Backend/View/Localization.php:71
506
- #: application/Backend/tmpl/partial/visitor-principal-subject-tab.php:12
507
  #: media/js/aam.js:1149 media/js/aam.js:1162
508
  msgid "Detach Policy From Visitors"
509
  msgstr ""
@@ -635,7 +635,7 @@ msgid "Revoke Policy"
635
  msgstr ""
636
 
637
  #: application/Backend/View/Localization.php:99
638
- #: application/Service/AccessPolicy.php:170 media/js/aam.js:1376
639
  msgid "Edit Policy"
640
  msgstr ""
641
 
@@ -1534,7 +1534,7 @@ msgid ""
1534
  "feature is available only with the premium %s[Plus Package]%s add-on."
1535
  msgstr ""
1536
 
1537
- #: application/Backend/tmpl/partial/visitor-principal-subject-tab.php:5
1538
  msgid ""
1539
  "Attach current access &amp; security policy to visitors (any user that is "
1540
  "not authenticated)"
@@ -1894,7 +1894,7 @@ msgid "Reset To Default"
1894
  msgstr ""
1895
 
1896
  #: application/Backend/tmpl/service/policy.php:27
1897
- #: application/Service/AccessPolicy.php:171
1898
  msgid "Policy"
1899
  msgstr ""
1900
 
@@ -2179,15 +2179,10 @@ msgstr ""
2179
  msgid "Log Out"
2180
  msgstr ""
2181
 
2182
- #: application/Core/Jwt/Issuer.php:69
2183
  msgid "Token has been revoked"
2184
  msgstr ""
2185
 
2186
- #: application/Core/Object.php:142
2187
- #, php-format
2188
- msgid "AAM object function %s is not defined"
2189
- msgstr ""
2190
-
2191
  #: application/Core/Policy/Validator.php:107
2192
  #: tests/Service/AccessPolicy/PolicyValidationTest.php:54
2193
  msgid "The policy is not valid JSON object"
@@ -2199,39 +2194,39 @@ msgid "The policy document is empty"
2199
  msgstr ""
2200
 
2201
  #: application/Core/Redirect.php:77
2202
- #: application/Service/ExtendedCapabilities.php:81
2203
  #: application/Service/Route.php:171
2204
  msgid "Access Denied"
2205
  msgstr ""
2206
 
2207
- #: application/Service/AccessPolicy.php:67
2208
  msgid ""
2209
  "Manage access to the website with well documented JSON access policies for "
2210
  "any user, role or visitors. Keep the paper-trail of all the access changes "
2211
  "with policy revisions."
2212
  msgstr ""
2213
 
2214
- #: application/Service/AccessPolicy.php:97
2215
  msgid "Access Policy Document"
2216
  msgstr ""
2217
 
2218
- #: application/Service/AccessPolicy.php:108
2219
  msgid "Access Policy Assignee"
2220
  msgstr ""
2221
 
2222
- #: application/Service/AccessPolicy.php:167
2223
  msgid "Access Policy"
2224
  msgstr ""
2225
 
2226
- #: application/Service/AccessPolicy.php:172
2227
  msgid "Add New Policy"
2228
  msgstr ""
2229
 
2230
- #: application/Service/AccessPolicy.php:173
2231
  msgid "New Policy"
2232
  msgstr ""
2233
 
2234
- #: application/Service/AccessPolicy.php:175
2235
  msgid "Access and security policy"
2236
  msgstr ""
2237
 
@@ -2258,22 +2253,22 @@ msgid ""
2258
  "user/role access management."
2259
  msgstr ""
2260
 
2261
- #: application/Service/Content.php:93
2262
  msgid ""
2263
  "Manage access to your website content for any user, role or visitor. This "
2264
  "include access to posts, pages, media attachment, custom post types, "
2265
  "categories, tags, custom taxonomies and terms."
2266
  msgstr ""
2267
 
2268
- #: application/Service/Content.php:138
2269
  msgid "Access Manager"
2270
  msgstr ""
2271
 
2272
- #: application/Service/Content.php:216
2273
  msgid "You are not allowed to publish this content"
2274
  msgstr ""
2275
 
2276
- #: application/Service/Content.php:582
2277
  msgid "[No teaser message provided]"
2278
  msgstr ""
2279
 
@@ -2284,44 +2279,48 @@ msgid ""
2284
  "function and redirect any frontend or backend denied requests accordingly."
2285
  msgstr ""
2286
 
2287
- #: application/Service/ExtendedCapabilities.php:48
2288
  msgid "Additional Caps"
2289
  msgstr ""
2290
 
2291
- #: application/Service/ExtendedCapabilities.php:49
2292
  msgid ""
2293
  "Extend the WordPress core collection of capabilities that allow more "
2294
  "granular access control to the backend core features."
2295
  msgstr ""
2296
 
2297
- #: application/Service/Jwt.php:61
2298
  msgid ""
2299
  "Manage the website authentication with JWT Bearer token. The service "
2300
  "facilitates the ability to manage the list of issued JWT token for any user, "
2301
  "revoke them or issue new on demand."
2302
  msgstr ""
2303
 
2304
- #: application/Service/Jwt.php:109
2305
  msgid "Issue JWT Token"
2306
  msgstr ""
2307
 
2308
- #: application/Service/Jwt.php:159 application/Service/Jwt.php:169
2309
- #: application/Service/Jwt.php:181 application/Service/Jwt.php:191
2310
- #: application/Service/Jwt.php:203
2311
  msgid "JWT token."
2312
  msgstr ""
2313
 
2314
- #: application/Service/Jwt.php:306
2315
  msgid "JWT token is not refreshable"
2316
  msgstr ""
2317
 
 
 
 
 
2318
  #: application/Service/LoginRedirect.php:53
2319
  msgid ""
2320
  "Manage login redirect for any group of users or individual user when "
2321
  "authentication is completed successfully."
2322
  msgstr ""
2323
 
2324
- #: application/Service/LogoutRedirect.php:64
2325
  msgid ""
2326
  "Manage logout redirect for any group of users or individual user after user "
2327
  "logged out successfully."
@@ -2374,30 +2373,30 @@ msgstr ""
2374
  msgid "RESTful API is disabled"
2375
  msgstr ""
2376
 
2377
- #: application/Service/SecureLogin.php:46
2378
  msgid "Secure Login"
2379
  msgstr ""
2380
 
2381
- #: application/Service/SecureLogin.php:47
2382
  msgid ""
2383
  "Enhance default WordPress authentication process with more secure login "
2384
  "mechanism. The service registers frontend AJAX Login widget as well as "
2385
  "additional endpoints for the RESTful API authentication."
2386
  msgstr ""
2387
 
2388
- #: application/Service/SecureLogin.php:108
2389
  msgid "Block User Account"
2390
  msgstr ""
2391
 
2392
- #: application/Service/SecureLogin.php:324
2393
  msgid "Exceeded maximum number for authentication attempts. Try again later."
2394
  msgstr ""
2395
 
2396
- #: application/Service/SecureLogin.php:351
2397
  msgid "[ERROR]: User is locked. Contact website administrator."
2398
  msgstr ""
2399
 
2400
- #: application/Service/SecureLogin.php:374
2401
  #, php-format
2402
  msgid "%sAccess is restricted. Login to get access.%s"
2403
  msgstr ""
@@ -2503,6 +2502,6 @@ msgid ""
2503
  "requirement by the policy"
2504
  msgstr ""
2505
 
2506
- #: tests/Service/Core/CoreServiceTest.php:39
2507
  msgid "<script>alert(1);</script>"
2508
  msgstr ""
1
  msgid ""
2
  msgstr ""
3
  "Project-Id-Version: Advanced Access Manager\n"
4
+ "POT-Creation-Date: 2019-12-11 16:44-0500\n"
5
  "PO-Revision-Date: \n"
6
  "Last-Translator: \n"
7
  "Language-Team: AAMPlugin <support@aamplugin.com>\n"
107
  msgid "Token is no longer valid"
108
  msgstr ""
109
 
110
+ #: application/Backend/Feature/Main/Jwt.php:227 application/Service/Jwt.php:61
111
  msgid "JWT Tokens"
112
  msgstr ""
113
 
117
  msgstr ""
118
 
119
  #: application/Backend/Feature/Main/LogoutRedirect.php:75
120
+ #: application/Service/LogoutRedirect.php:65
121
  msgid "Logout Redirect"
122
  msgstr ""
123
 
130
  msgid "Metaboxes & Widgets"
131
  msgstr ""
132
 
133
+ #: application/Backend/Feature/Main/Policy.php:213
134
  msgid "(no title)"
135
  msgstr ""
136
 
137
+ #: application/Backend/Feature/Main/Policy.php:306
138
+ #: application/Service/AccessPolicy.php:67
139
+ #: application/Service/AccessPolicy.php:170
140
  msgid "Access Policies"
141
  msgstr ""
142
 
174
  msgstr ""
175
 
176
  #: application/Backend/Feature/Main/Post.php:1025
177
+ #: application/Service/Content.php:93
178
  msgid "Posts & Terms"
179
  msgstr ""
180
 
277
  msgid "Services"
278
  msgstr ""
279
 
280
+ #: application/Backend/Feature/Subject/Role.php:119
281
+ #: application/Backend/Feature/Subject/Role.php:191
282
+ #: application/Backend/Feature/Subject/Role.php:276
283
+ #: application/Backend/Feature/Subject/Role.php:302
284
  #: application/Backend/Feature/Subject/User.php:80
285
  msgid "Unauthorized operation"
286
  msgstr ""
287
 
288
+ #: application/Backend/Feature/Subject/Role.php:299
289
  msgid "Failed to delete the role"
290
  msgstr ""
291
 
299
  msgid "Unexpected application error"
300
  msgstr ""
301
 
302
+ #: application/Backend/Manager.php:115
303
  #, php-format
304
  msgid ""
305
  "There was at least one error detected with the automated migration script. "
307
  "%ssupport@aamplugin.com%s for further assistance."
308
  msgstr ""
309
 
310
+ #: application/Backend/Manager.php:255
311
  msgid "[Help us] to be more noticeable and submit your review"
312
  msgstr ""
313
 
497
  msgstr ""
498
 
499
  #: application/Backend/View/Localization.php:70
500
+ #: application/Backend/tmpl/partial/visitor-principal-subject-tab.php:25
501
  #: media/js/aam.js:1151 media/js/aam.js:1160
502
  msgid "Attach Policy To Visitors"
503
  msgstr ""
504
 
505
  #: application/Backend/View/Localization.php:71
506
+ #: application/Backend/tmpl/partial/visitor-principal-subject-tab.php:23
507
  #: media/js/aam.js:1149 media/js/aam.js:1162
508
  msgid "Detach Policy From Visitors"
509
  msgstr ""
635
  msgstr ""
636
 
637
  #: application/Backend/View/Localization.php:99
638
+ #: application/Service/AccessPolicy.php:171 media/js/aam.js:1376
639
  msgid "Edit Policy"
640
  msgstr ""
641
 
1534
  "feature is available only with the premium %s[Plus Package]%s add-on."
1535
  msgstr ""
1536
 
1537
+ #: application/Backend/tmpl/partial/visitor-principal-subject-tab.php:13
1538
  msgid ""
1539
  "Attach current access &amp; security policy to visitors (any user that is "
1540
  "not authenticated)"
1894
  msgstr ""
1895
 
1896
  #: application/Backend/tmpl/service/policy.php:27
1897
+ #: application/Service/AccessPolicy.php:172
1898
  msgid "Policy"
1899
  msgstr ""
1900
 
2179
  msgid "Log Out"
2180
  msgstr ""
2181
 
2182
+ #: application/Core/Jwt/Issuer.php:73
2183
  msgid "Token has been revoked"
2184
  msgstr ""
2185
 
 
 
 
 
 
2186
  #: application/Core/Policy/Validator.php:107
2187
  #: tests/Service/AccessPolicy/PolicyValidationTest.php:54
2188
  msgid "The policy is not valid JSON object"
2194
  msgstr ""
2195
 
2196
  #: application/Core/Redirect.php:77
2197
+ #: application/Service/ExtendedCapabilities.php:106
2198
  #: application/Service/Route.php:171
2199
  msgid "Access Denied"
2200
  msgstr ""
2201
 
2202
+ #: application/Service/AccessPolicy.php:68
2203
  msgid ""
2204
  "Manage access to the website with well documented JSON access policies for "
2205
  "any user, role or visitors. Keep the paper-trail of all the access changes "
2206
  "with policy revisions."
2207
  msgstr ""
2208
 
2209
+ #: application/Service/AccessPolicy.php:98
2210
  msgid "Access Policy Document"
2211
  msgstr ""
2212
 
2213
+ #: application/Service/AccessPolicy.php:109
2214
  msgid "Access Policy Assignee"
2215
  msgstr ""
2216
 
2217
+ #: application/Service/AccessPolicy.php:168
2218
  msgid "Access Policy"
2219
  msgstr ""
2220
 
2221
+ #: application/Service/AccessPolicy.php:173
2222
  msgid "Add New Policy"
2223
  msgstr ""
2224
 
2225
+ #: application/Service/AccessPolicy.php:174
2226
  msgid "New Policy"
2227
  msgstr ""
2228
 
2229
+ #: application/Service/AccessPolicy.php:176
2230
  msgid "Access and security policy"
2231
  msgstr ""
2232
 
2253
  "user/role access management."
2254
  msgstr ""
2255
 
2256
+ #: application/Service/Content.php:94
2257
  msgid ""
2258
  "Manage access to your website content for any user, role or visitor. This "
2259
  "include access to posts, pages, media attachment, custom post types, "
2260
  "categories, tags, custom taxonomies and terms."
2261
  msgstr ""
2262
 
2263
+ #: application/Service/Content.php:139
2264
  msgid "Access Manager"
2265
  msgstr ""
2266
 
2267
+ #: application/Service/Content.php:219
2268
  msgid "You are not allowed to publish this content"
2269
  msgstr ""
2270
 
2271
+ #: application/Service/Content.php:590
2272
  msgid "[No teaser message provided]"
2273
  msgstr ""
2274
 
2279
  "function and redirect any frontend or backend denied requests accordingly."
2280
  msgstr ""
2281
 
2282
+ #: application/Service/ExtendedCapabilities.php:50
2283
  msgid "Additional Caps"
2284
  msgstr ""
2285
 
2286
+ #: application/Service/ExtendedCapabilities.php:51
2287
  msgid ""
2288
  "Extend the WordPress core collection of capabilities that allow more "
2289
  "granular access control to the backend core features."
2290
  msgstr ""
2291
 
2292
+ #: application/Service/Jwt.php:62
2293
  msgid ""
2294
  "Manage the website authentication with JWT Bearer token. The service "
2295
  "facilitates the ability to manage the list of issued JWT token for any user, "
2296
  "revoke them or issue new on demand."
2297
  msgstr ""
2298
 
2299
+ #: application/Service/Jwt.php:110
2300
  msgid "Issue JWT Token"
2301
  msgstr ""
2302
 
2303
+ #: application/Service/Jwt.php:160 application/Service/Jwt.php:170
2304
+ #: application/Service/Jwt.php:182 application/Service/Jwt.php:192
2305
+ #: application/Service/Jwt.php:204
2306
  msgid "JWT token."
2307
  msgstr ""
2308
 
2309
+ #: application/Service/Jwt.php:314
2310
  msgid "JWT token is not refreshable"
2311
  msgstr ""
2312
 
2313
+ #: application/Service/Jwt.php:353
2314
+ msgid "Failed to revoke provided token"
2315
+ msgstr ""
2316
+
2317
  #: application/Service/LoginRedirect.php:53
2318
  msgid ""
2319
  "Manage login redirect for any group of users or individual user when "
2320
  "authentication is completed successfully."
2321
  msgstr ""
2322
 
2323
+ #: application/Service/LogoutRedirect.php:66
2324
  msgid ""
2325
  "Manage logout redirect for any group of users or individual user after user "
2326
  "logged out successfully."
2373
  msgid "RESTful API is disabled"
2374
  msgstr ""
2375
 
2376
+ #: application/Service/SecureLogin.php:47
2377
  msgid "Secure Login"
2378
  msgstr ""
2379
 
2380
+ #: application/Service/SecureLogin.php:48
2381
  msgid ""
2382
  "Enhance default WordPress authentication process with more secure login "
2383
  "mechanism. The service registers frontend AJAX Login widget as well as "
2384
  "additional endpoints for the RESTful API authentication."
2385
  msgstr ""
2386
 
2387
+ #: application/Service/SecureLogin.php:109
2388
  msgid "Block User Account"
2389
  msgstr ""
2390
 
2391
+ #: application/Service/SecureLogin.php:327
2392
  msgid "Exceeded maximum number for authentication attempts. Try again later."
2393
  msgstr ""
2394
 
2395
+ #: application/Service/SecureLogin.php:354
2396
  msgid "[ERROR]: User is locked. Contact website administrator."
2397
  msgstr ""
2398
 
2399
+ #: application/Service/SecureLogin.php:377
2400
  #, php-format
2401
  msgid "%sAccess is restricted. Login to get access.%s"
2402
  msgstr ""
2502
  "requirement by the policy"
2503
  msgstr ""
2504
 
2505
+ #: tests/Service/Core/CoreServiceTest.php:37
2506
  msgid "<script>alert(1);</script>"
2507
  msgstr ""
readme.txt CHANGED
@@ -4,7 +4,7 @@ Tags: access control, membership, backend menu, user role, restricted content, s
4
  Requires at least: 4.7.0
5
  Requires PHP: 5.6.0
6
  Tested up to: 5.3
7
- Stable tag: 6.0.5
8
 
9
  All you need to manage access to WordPress websites on the frontend, backend and API levels for any role, user or visitors.
10
 
@@ -91,6 +91,31 @@ We take security and privacy very seriously, that is why there are several non-n
91
 
92
  == Changelog ==
93
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
94
  = 6.0.5 =
95
  * Fixed Bug: Refactored the license managements. Fixed bugs with license registration https://forum.aamplugin.com/d/356-unregistered-version-message
96
  * Fixed Bug: Some servers do not allow WP core string concatenation. This was causing 403 https://forum.aamplugin.com/d/389-message-loading-aam-ui-please-wait-403-forbidden
@@ -106,8 +131,8 @@ We take security and privacy very seriously, that is why there are several non-n
106
  * Change: Merge internal Settings service with Core service
107
  * Change: Added new migration script that fixed issues with legacy names for premium add-ons
108
  * Change: Added new internal AddOn manager class
109
- * New: Added the ability to check for new add-on updates from the Add-ons area
110
- * New: Published free AAM add-on AAM Protected Media Files https://wordpress.org/plugins/aam-protected-media-files/
111
 
112
  = 6.0.4 =
113
  * Fixed Bug: https://forum.aamplugin.com/d/367-authentication-jwt-expires-fatal-error
4
  Requires at least: 4.7.0
5
  Requires PHP: 5.6.0
6
  Tested up to: 5.3
7
+ Stable tag: 6.1.0
8
 
9
  All you need to manage access to WordPress websites on the frontend, backend and API levels for any role, user or visitors.
10
 
91
 
92
  == Changelog ==
93
 
94
+ = 6.1.0 =
95
+ * Fixed Bug: Access Policy UI - the "Attach to Default" button was not rendering correctly
96
+ * Fixed Bug: Role Management UI - the PHP notice where `Undefined variable: parent`
97
+ * Fixed Bug: AAM UI page - improperly compressed HTML response if server config does not match PHP executable INI settings
98
+ * Fixed Bug: Login Redirect Settings - incorrectly merged settings for multi-role support
99
+ * Fixed Bug: Logout Redirect Settings - incorrectly merged settings for multi-role support
100
+ * Fixed Bug: Access Denied Redirect Settings - incorrectly merged settings for multi-role support
101
+ * Fixed Bug: API Route Settings - incorrectly halted inheritance mechanism
102
+ * Fixed Bug: Admin Toolbar Settings - incorrectly halted inheritance mechanism
103
+ * Fixed Bug: URI Access Settings - incorrectly halted inheritance mechanism
104
+ * Fixed Bug: Content Visibility Settings - incorrectly merged settings for multi-role support
105
+ * Fixed Bug: Access Policy Core - incorrectly managed internal cache
106
+ * Fixed Bug: AAM Core - incorrectly managed internal object cache
107
+ * Fixed Bug: Content Service - incorrectly mapped `do_not_allow` capability if any of the registered post types have it
108
+ * Fixed Bug: Content Service - fatal error `Cannot use object of type Closure as array` [https://forum.aamplugin.com/d/354-php-fatal-error-cannot-use-object-of-type-closure-as-array](https://forum.aamplugin.com/d/354-php-fatal-error-cannot-use-object-of-type-closure-as-array)
109
+ * Fixed Bug: The `aam_show_toolbar` capability was not taken in consideration
110
+ * Fixed Bug: Logout Redirect Service - White screen occurs if "Default" option is explicitly selected [https://wordpress.org/support/topic/blank-log-out-page-on-6-0-5/](https://wordpress.org/support/topic/blank-log-out-page-on-6-0-5/)
111
+ * Change: Refactored internal inheritance mechanism where AAM objects no longer responsible to check for inheritance flag. This eliminates several constrains that we discovered recently.
112
+ * Change: Multiple minor changes to the codebase to consume internal AAM API in more consistent way
113
+ * Change: JWT & Secure Login Services - enriched RESTful API error responses with more details about an error
114
+ * Change: Content Service - optimization improvements
115
+ * Added New: Implemented new filter `aam_token_typecast_filter` for Access Policy for custom type casting
116
+ * Added New: Implemented support for the `=>` (map to) operator for the Access Policy
117
+ * Added New: Implemented support for the AAM_CONFIG marker for the Access Policy
118
+
119
  = 6.0.5 =
120
  * Fixed Bug: Refactored the license managements. Fixed bugs with license registration https://forum.aamplugin.com/d/356-unregistered-version-message
121
  * Fixed Bug: Some servers do not allow WP core string concatenation. This was causing 403 https://forum.aamplugin.com/d/389-message-loading-aam-ui-please-wait-403-forbidden
131
  * Change: Merge internal Settings service with Core service
132
  * Change: Added new migration script that fixed issues with legacy names for premium add-ons
133
  * Change: Added new internal AddOn manager class
134
+ * Added New: Added the ability to check for new add-on updates from the Add-ons area
135
+ * Added New: Published free AAM add-on AAM Protected Media Files https://wordpress.org/plugins/aam-protected-media-files/
136
 
137
  = 6.0.4 =
138
  * Fixed Bug: https://forum.aamplugin.com/d/367-authentication-jwt-expires-fatal-error