Advanced Access Manager - Version 6.1.1

Version Description

  • Fixed Bug: Unnecessary backslashes before displaying the access policy https://forum.aamplugin.com/d/432-access-policy-ui-escaping-slashes
  • Fixed Bug: aam_access_dashboard custom capability caused "Access Denied"
  • Change: Enforcing default 307 Temporary Redirect code if none is provided for any AAM redirect functionality
  • Change: Persisting the last managed role, user or visitor on the AAM page
  • Change: Improved safety by using the last role on the list instead of the default Administrator role
  • Change: Optimized access policy service. Changed the way it is applied to any given object
  • Added New: Migration script that clears previously detected migration errors
Download this release

Release Info

Developer vasyltech
Plugin Icon 128x128 Advanced Access Manager
Version 6.1.1
Comparing to
See all releases

Code changes from version 6.1.0 to 6.1.1

Files changed (13) hide show
  1. aam.php +2 -2
  2. application/Backend/Subject.php +9 -5
  3. application/Backend/tmpl/metabox/policy-metabox.php +9 -1
  4. application/Backend/tmpl/metabox/policy-principal-metabox.php +2 -0
  5. application/Core/Redirect.php +5 -2
  6. application/Migration/2019_06_30-base.php +5 -6
  7. application/Migration/2019_12_01-base.php +2 -2
  8. application/Migration/2019_12_16-base.php +41 -0
  9. application/Service/AccessPolicy.php +240 -175
  10. application/Service/ExtendedCapabilities.php +4 -1
  11. media/css/aam.css +1 -1
  12. media/js/aam.js +11 -0
  13. readme.txt +11 -2
aam.php CHANGED
@@ -3,7 +3,7 @@
3
  /**
4
  * Plugin Name: Advanced Access Manager
5
  * Description: Collection of features to manage your WordPress website authentication, authorization and monitoring
6
- * Version: 6.1.0
7
  * Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  * Author URI: https://vasyltech.com
9
  * Text Domain: advanced-access-manager
@@ -264,7 +264,7 @@ if (defined('ABSPATH')) {
264
  //define few common constants
265
  define('AAM_MEDIA', plugins_url('/media', __FILE__));
266
  define('AAM_KEY', 'advanced-access-manager');
267
- define('AAM_VERSION', '6.1.0');
268
  define('AAM_BASEDIR', __DIR__);
269
 
270
  //load vendor
3
  /**
4
  * Plugin Name: Advanced Access Manager
5
  * Description: Collection of features to manage your WordPress website authentication, authorization and monitoring
6
+ * Version: 6.1.1
7
  * Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  * Author URI: https://vasyltech.com
9
  * Text Domain: advanced-access-manager
264
  //define few common constants
265
  define('AAM_MEDIA', plugins_url('/media', __FILE__));
266
  define('AAM_KEY', 'advanced-access-manager');
267
+ define('AAM_VERSION', '6.1.1');
268
  define('AAM_BASEDIR', __DIR__);
269
 
270
  //load vendor
application/Backend/Subject.php CHANGED
@@ -5,8 +5,6 @@
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
8
- *
9
- * @version 6.0.0
10
  */
11
 
12
  /**
@@ -15,8 +13,11 @@
15
  * Currently managed subject. Based on the HTTP request data, define what subject
16
  * is currently managed with AAM UI.
17
  *
 
 
 
18
  * @package AAM
19
- * @version 6.0.0
20
  */
21
  class AAM_Backend_Subject
22
  {
@@ -155,15 +156,18 @@ class AAM_Backend_Subject
155
  *
156
  * @return void
157
  *
 
 
 
158
  * @access protected
159
- * @version 6.0.0
160
  */
161
  protected function initDefaultSubject()
162
  {
163
  if (current_user_can('aam_manage_roles')) {
164
  $roles = array_keys(get_editable_roles());
165
  $this->initRequestedSubject(
166
- AAM_Core_Subject_Role::UID, array_shift($roles)
167
  );
168
  } elseif (current_user_can('aam_manage_users')) {
169
  $this->initRequestedSubject(
5
  * LICENSE: This file is subject to the terms and conditions defined in *
6
  * file 'license.txt', which is part of this source code package. *
7
  * ======================================================================
 
 
8
  */
9
 
10
  /**
13
  * Currently managed subject. Based on the HTTP request data, define what subject
14
  * is currently managed with AAM UI.
15
  *
16
+ * @since 6.1.1 Improved safety by using a last role as default
17
+ * @since 6.0.0 Initial implementation of the class
18
+ *
19
  * @package AAM
20
+ * @version 6.1.1
21
  */
22
  class AAM_Backend_Subject
23
  {
156
  *
157
  * @return void
158
  *
159
+ * @since 6.1.1 For safety reasons, using the last role as the default
160
+ * @since 6.0.0 Initial implementation of the method
161
+ *
162
  * @access protected
163
+ * @version 6.1.1
164
  */
165
  protected function initDefaultSubject()
166
  {
167
  if (current_user_can('aam_manage_roles')) {
168
  $roles = array_keys(get_editable_roles());
169
  $this->initRequestedSubject(
170
+ AAM_Core_Subject_Role::UID, array_pop($roles)
171
  );
172
  } elseif (current_user_can('aam_manage_users')) {
173
  $this->initRequestedSubject(
application/Backend/tmpl/metabox/policy-metabox.php CHANGED
@@ -1,3 +1,11 @@
 
 
 
 
 
 
 
 
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <div>
3
  <style type="text/css">.CodeMirror{font-family:monospace;height:300px;color:#000;direction:ltr;border:1px solid #eee;padding:5px}.CodeMirror-lines{padding:4px 0}.CodeMirror pre{padding:0 4px}.CodeMirror-gutter-filler,.CodeMirror-scrollbar-filler{background-color:#fff}.CodeMirror-gutters{white-space:nowrap}.CodeMirror-linenumber{padding:0 3px 0 0;min-width:15px;text-align:right;color:#999;white-space:nowrap}.CodeMirror-guttermarker{color:#000}.CodeMirror-guttermarker-subtle{color:#999}.CodeMirror-cursor{border-left:1px solid #000;border-right:none;width:0}.CodeMirror div.CodeMirror-secondarycursor{border-left:1px solid silver}.cm-fat-cursor .CodeMirror-cursor{width:auto;border:0!important;background:#7e7}.cm-fat-cursor div.CodeMirror-cursors{z-index:1}.cm-fat-cursor-mark{background-color:rgba(20,255,20,.5);-webkit-animation:blink 1.06s steps(1) infinite;-moz-animation:blink 1.06s steps(1) infinite;animation:blink 1.06s steps(1) infinite}.cm-animate-fat-cursor{width:auto;border:0;-webkit-animation:blink 1.06s steps(1) infinite;-moz-animation:blink 1.06s steps(1) infinite;animation:blink 1.06s steps(1) infinite;background-color:#7e7}@-moz-keyframes blink{50%{background-color:transparent}}@-webkit-keyframes blink{50%{background-color:transparent}}@keyframes blink{50%{background-color:transparent}}.cm-tab{display:inline-block;text-decoration:inherit}.CodeMirror-rulers{position:absolute;left:0;right:0;top:-50px;bottom:-20px;overflow:hidden}.CodeMirror-ruler{border-left:1px solid #ccc;top:0;bottom:0;position:absolute}.cm-s-default .cm-header{color:#00f}.cm-s-default .cm-quote{color:#090}.cm-negative{color:#d44}.cm-positive{color:#292}.cm-header,.cm-strong{font-weight:700}.cm-em{font-style:italic}.cm-link{text-decoration:underline}.cm-strikethrough{text-decoration:line-through}.cm-s-default .cm-keyword{color:#708}.cm-s-default .cm-atom{color:#219}.cm-s-default .cm-number{color:#164}.cm-s-default .cm-def{color:#00f}.cm-s-default .cm-variable-2{color:#05a}.cm-s-default .cm-type,.cm-s-default .cm-variable-3{color:#085}.cm-s-default .cm-comment{color:#a50}.cm-s-default .cm-string{color:#a11}.cm-s-default .cm-string-2{color:#f50}.cm-s-default .cm-meta{color:#555}.cm-s-default .cm-qualifier{color:#555}.cm-s-default .cm-builtin{color:#30a}.cm-s-default .cm-bracket{color:#997}.cm-s-default .cm-tag{color:#170}.cm-s-default .cm-attribute{color:#00c}.cm-s-default .cm-hr{color:#999}.cm-s-default .cm-link{color:#00c}.cm-s-default .cm-error{color:red}.cm-invalidchar{color:red}.CodeMirror-composing{border-bottom:2px solid}div.CodeMirror span.CodeMirror-matchingbracket{color:#0b0}div.CodeMirror span.CodeMirror-nonmatchingbracket{color:#a22}.CodeMirror-matchingtag{background:rgba(255,150,0,.3)}.CodeMirror-activeline-background{background:#e8f2ff}.CodeMirror{position:relative;overflow:hidden;background:#fff}.CodeMirror-scroll{overflow:scroll!important;margin-bottom:-30px;margin-right:-30px;padding-bottom:30px;height:100%;outline:0;position:relative}.CodeMirror-sizer{position:relative;border-right:30px solid transparent}.CodeMirror-gutter-filler,.CodeMirror-hscrollbar,.CodeMirror-scrollbar-filler,.CodeMirror-vscrollbar{position:absolute;z-index:6;display:none}.CodeMirror-vscrollbar{right:0;top:0;overflow-x:hidden;overflow-y:scroll}.CodeMirror-hscrollbar{bottom:0;left:0;overflow-y:hidden;overflow-x:scroll}.CodeMirror-scrollbar-filler{right:0;bottom:0}.CodeMirror-gutter-filler{left:0;bottom:0}.CodeMirror-gutters{position:absolute;left:0;top:0;min-height:100%;z-index:3}.CodeMirror-gutter{white-space:normal;height:100%;display:inline-block;vertical-align:top;margin-bottom:-30px}.CodeMirror-gutter-wrapper{position:absolute;z-index:4;background:0 0!important;border:none!important}.CodeMirror-gutter-background{position:absolute;top:0;bottom:0;z-index:4}.CodeMirror-gutter-elt{position:absolute;cursor:default;z-index:4}.CodeMirror-gutter-wrapper ::selection{background-color:transparent}.CodeMirror-gutter-wrapper ::-moz-selection{background-color:transparent}.CodeMirror-lines{cursor:text;min-height:1px}.CodeMirror pre{-moz-border-radius:0;-webkit-border-radius:0;border-radius:0;border-width:0;background:0 0;font-family:inherit;font-size:inherit;margin:0;white-space:pre;word-wrap:normal;line-height:inherit;color:inherit;z-index:2;position:relative;overflow:visible;-webkit-tap-highlight-color:transparent;-webkit-font-variant-ligatures:contextual;font-variant-ligatures:contextual}#policy-model .CodeMirror pre{padding-left:20px}.CodeMirror-wrap pre{word-wrap:break-word;white-space:pre-wrap;word-break:normal}.CodeMirror-linebackground{position:absolute;left:0;right:0;top:0;bottom:0;z-index:0}.CodeMirror-linewidget{position:relative;z-index:2;padding:.1px}.CodeMirror-rtl pre{direction:rtl}.CodeMirror-code{outline:0}.CodeMirror-gutter,.CodeMirror-gutters,.CodeMirror-linenumber,.CodeMirror-scroll,.CodeMirror-sizer{-moz-box-sizing:content-box;box-sizing:content-box}.CodeMirror-measure{position:absolute;width:100%;height:0;overflow:hidden;visibility:hidden}.CodeMirror-cursor{position:absolute;pointer-events:none}.CodeMirror-measure pre{position:static}div.CodeMirror-cursors{visibility:hidden;position:relative;z-index:3}div.CodeMirror-dragcursors{visibility:visible}.CodeMirror-focused div.CodeMirror-cursors{visibility:visible}.CodeMirror-selected{background:#d9d9d9}.CodeMirror-focused .CodeMirror-selected{background:#d7d4f0}.CodeMirror-crosshair{cursor:crosshair}.CodeMirror-line::selection,.CodeMirror-line>span::selection,.CodeMirror-line>span>span::selection{background:#d7d4f0}.CodeMirror-line::-moz-selection,.CodeMirror-line>span::-moz-selection,.CodeMirror-line>span>span::-moz-selection{background:#d7d4f0}.cm-searching{background-color:#ffa;background-color:rgba(255,255,0,.4)}.cm-force-border{padding-right:.1px}@media print{.CodeMirror div.CodeMirror-cursors{visibility:hidden}}.cm-tab-wrap-hack:after{content:''}span.CodeMirror-selectedtext{background:0 0}.aam-alert-danger{border-radius:0;margin:10px 0;color:#a94442;background-color:#f2dede;border-color:#ebccd1;padding:15px;border:1px solid transparent}.aam-infobox{border-left:5px solid #257fad;padding:20px;background-color:#d9edf7;margin-bottom:0}</style>
@@ -17,7 +25,7 @@
17
  <?php echo implode('<br/>', $errors); ?>
18
  </div>
19
 
20
- <textarea id="aam-policy-editor" name="aam-policy" class="policy-editor" rows="10"><?php echo $params->post->post_content; ?></textarea>
21
 
22
  <p class="aam-infobox">
23
  <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('To learn more about Access &amp; Security policy document, please check [%sAccess &amp; Security Policy%s] page.', 'b'), '<a href="https://aamplugin.com/reference/policy" target="_blank">', '</a>'); ?>
1
+ <?php
2
+ /**
3
+ * @since 6.1.1 Removing the backslashes before displaying the policy
4
+ * @since 6.0.0 Initial implementation of the template
5
+ *
6
+ * @version 6.1.1
7
+ */
8
+ ?>
9
  <?php if (defined('AAM_KEY')) { ?>
10
  <div>
11
  <style type="text/css">.CodeMirror{font-family:monospace;height:300px;color:#000;direction:ltr;border:1px solid #eee;padding:5px}.CodeMirror-lines{padding:4px 0}.CodeMirror pre{padding:0 4px}.CodeMirror-gutter-filler,.CodeMirror-scrollbar-filler{background-color:#fff}.CodeMirror-gutters{white-space:nowrap}.CodeMirror-linenumber{padding:0 3px 0 0;min-width:15px;text-align:right;color:#999;white-space:nowrap}.CodeMirror-guttermarker{color:#000}.CodeMirror-guttermarker-subtle{color:#999}.CodeMirror-cursor{border-left:1px solid #000;border-right:none;width:0}.CodeMirror div.CodeMirror-secondarycursor{border-left:1px solid silver}.cm-fat-cursor .CodeMirror-cursor{width:auto;border:0!important;background:#7e7}.cm-fat-cursor div.CodeMirror-cursors{z-index:1}.cm-fat-cursor-mark{background-color:rgba(20,255,20,.5);-webkit-animation:blink 1.06s steps(1) infinite;-moz-animation:blink 1.06s steps(1) infinite;animation:blink 1.06s steps(1) infinite}.cm-animate-fat-cursor{width:auto;border:0;-webkit-animation:blink 1.06s steps(1) infinite;-moz-animation:blink 1.06s steps(1) infinite;animation:blink 1.06s steps(1) infinite;background-color:#7e7}@-moz-keyframes blink{50%{background-color:transparent}}@-webkit-keyframes blink{50%{background-color:transparent}}@keyframes blink{50%{background-color:transparent}}.cm-tab{display:inline-block;text-decoration:inherit}.CodeMirror-rulers{position:absolute;left:0;right:0;top:-50px;bottom:-20px;overflow:hidden}.CodeMirror-ruler{border-left:1px solid #ccc;top:0;bottom:0;position:absolute}.cm-s-default .cm-header{color:#00f}.cm-s-default .cm-quote{color:#090}.cm-negative{color:#d44}.cm-positive{color:#292}.cm-header,.cm-strong{font-weight:700}.cm-em{font-style:italic}.cm-link{text-decoration:underline}.cm-strikethrough{text-decoration:line-through}.cm-s-default .cm-keyword{color:#708}.cm-s-default .cm-atom{color:#219}.cm-s-default .cm-number{color:#164}.cm-s-default .cm-def{color:#00f}.cm-s-default .cm-variable-2{color:#05a}.cm-s-default .cm-type,.cm-s-default .cm-variable-3{color:#085}.cm-s-default .cm-comment{color:#a50}.cm-s-default .cm-string{color:#a11}.cm-s-default .cm-string-2{color:#f50}.cm-s-default .cm-meta{color:#555}.cm-s-default .cm-qualifier{color:#555}.cm-s-default .cm-builtin{color:#30a}.cm-s-default .cm-bracket{color:#997}.cm-s-default .cm-tag{color:#170}.cm-s-default .cm-attribute{color:#00c}.cm-s-default .cm-hr{color:#999}.cm-s-default .cm-link{color:#00c}.cm-s-default .cm-error{color:red}.cm-invalidchar{color:red}.CodeMirror-composing{border-bottom:2px solid}div.CodeMirror span.CodeMirror-matchingbracket{color:#0b0}div.CodeMirror span.CodeMirror-nonmatchingbracket{color:#a22}.CodeMirror-matchingtag{background:rgba(255,150,0,.3)}.CodeMirror-activeline-background{background:#e8f2ff}.CodeMirror{position:relative;overflow:hidden;background:#fff}.CodeMirror-scroll{overflow:scroll!important;margin-bottom:-30px;margin-right:-30px;padding-bottom:30px;height:100%;outline:0;position:relative}.CodeMirror-sizer{position:relative;border-right:30px solid transparent}.CodeMirror-gutter-filler,.CodeMirror-hscrollbar,.CodeMirror-scrollbar-filler,.CodeMirror-vscrollbar{position:absolute;z-index:6;display:none}.CodeMirror-vscrollbar{right:0;top:0;overflow-x:hidden;overflow-y:scroll}.CodeMirror-hscrollbar{bottom:0;left:0;overflow-y:hidden;overflow-x:scroll}.CodeMirror-scrollbar-filler{right:0;bottom:0}.CodeMirror-gutter-filler{left:0;bottom:0}.CodeMirror-gutters{position:absolute;left:0;top:0;min-height:100%;z-index:3}.CodeMirror-gutter{white-space:normal;height:100%;display:inline-block;vertical-align:top;margin-bottom:-30px}.CodeMirror-gutter-wrapper{position:absolute;z-index:4;background:0 0!important;border:none!important}.CodeMirror-gutter-background{position:absolute;top:0;bottom:0;z-index:4}.CodeMirror-gutter-elt{position:absolute;cursor:default;z-index:4}.CodeMirror-gutter-wrapper ::selection{background-color:transparent}.CodeMirror-gutter-wrapper ::-moz-selection{background-color:transparent}.CodeMirror-lines{cursor:text;min-height:1px}.CodeMirror pre{-moz-border-radius:0;-webkit-border-radius:0;border-radius:0;border-width:0;background:0 0;font-family:inherit;font-size:inherit;margin:0;white-space:pre;word-wrap:normal;line-height:inherit;color:inherit;z-index:2;position:relative;overflow:visible;-webkit-tap-highlight-color:transparent;-webkit-font-variant-ligatures:contextual;font-variant-ligatures:contextual}#policy-model .CodeMirror pre{padding-left:20px}.CodeMirror-wrap pre{word-wrap:break-word;white-space:pre-wrap;word-break:normal}.CodeMirror-linebackground{position:absolute;left:0;right:0;top:0;bottom:0;z-index:0}.CodeMirror-linewidget{position:relative;z-index:2;padding:.1px}.CodeMirror-rtl pre{direction:rtl}.CodeMirror-code{outline:0}.CodeMirror-gutter,.CodeMirror-gutters,.CodeMirror-linenumber,.CodeMirror-scroll,.CodeMirror-sizer{-moz-box-sizing:content-box;box-sizing:content-box}.CodeMirror-measure{position:absolute;width:100%;height:0;overflow:hidden;visibility:hidden}.CodeMirror-cursor{position:absolute;pointer-events:none}.CodeMirror-measure pre{position:static}div.CodeMirror-cursors{visibility:hidden;position:relative;z-index:3}div.CodeMirror-dragcursors{visibility:visible}.CodeMirror-focused div.CodeMirror-cursors{visibility:visible}.CodeMirror-selected{background:#d9d9d9}.CodeMirror-focused .CodeMirror-selected{background:#d7d4f0}.CodeMirror-crosshair{cursor:crosshair}.CodeMirror-line::selection,.CodeMirror-line>span::selection,.CodeMirror-line>span>span::selection{background:#d7d4f0}.CodeMirror-line::-moz-selection,.CodeMirror-line>span::-moz-selection,.CodeMirror-line>span>span::-moz-selection{background:#d7d4f0}.cm-searching{background-color:#ffa;background-color:rgba(255,255,0,.4)}.cm-force-border{padding-right:.1px}@media print{.CodeMirror div.CodeMirror-cursors{visibility:hidden}}.cm-tab-wrap-hack:after{content:''}span.CodeMirror-selectedtext{background:0 0}.aam-alert-danger{border-radius:0;margin:10px 0;color:#a94442;background-color:#f2dede;border-color:#ebccd1;padding:15px;border:1px solid transparent}.aam-infobox{border-left:5px solid #257fad;padding:20px;background-color:#d9edf7;margin-bottom:0}</style>
25
  <?php echo implode('<br/>', $errors); ?>
26
  </div>
27
 
28
+ <textarea id="aam-policy-editor" name="aam-policy" class="policy-editor" rows="10"><?php echo stripslashes($params->post->post_content); ?></textarea>
29
 
30
  <p class="aam-infobox">
31
  <?php echo sprintf(AAM_Backend_View_Helper::preparePhrase('To learn more about Access &amp; Security policy document, please check [%sAccess &amp; Security Policy%s] page.', 'b'), '<a href="https://aamplugin.com/reference/policy" target="_blank">', '</a>'); ?>
application/Backend/tmpl/metabox/policy-principal-metabox.php CHANGED
@@ -1,3 +1,5 @@
 
 
1
  <?php if (defined('AAM_KEY')) { ?>
2
  <iframe src="<?php echo admin_url('admin.php?page=aam&aamframe=principal&id=' . $params->post->ID); ?>" width="100%" height="450" style="border: 0; margin-top:0;" id="policy-principal"></iframe>
3
  <?php }
1
+ <?php /** @version 6.0.0 */ ?>
2
+
3
  <?php if (defined('AAM_KEY')) { ?>
4
  <iframe src="<?php echo admin_url('admin.php?page=aam&aamframe=principal&id=' . $params->post->ID); ?>" width="100%" height="450" style="border: 0; margin-top:0;" id="policy-principal"></iframe>
5
  <?php }
application/Core/Redirect.php CHANGED
@@ -104,14 +104,17 @@ class AAM_Core_Redirect
104
  *
105
  * @return void
106
  *
 
 
 
107
  * @access public
108
- * @version 6.0.0
109
  */
110
  public static function doPageRedirect($meta)
111
  {
112
  $current = AAM_Core_API::getCurrentPost();
113
  $dest = isset($meta['page']) ? $meta['page'] : null;
114
- $code = isset($meta['code']) ? $meta['code'] : null;
115
 
116
  if (!empty($dest) && (empty($current) || ($current->ID !== intval($dest)))) {
117
  wp_safe_redirect(get_page_link($dest), $code);
104
  *
105
  * @return void
106
  *
107
+ * @since 6.1.1 Defining default redirect code `307` if none provided
108
+ * @since 6.0.0 Initial implementation of the method
109
+ *
110
  * @access public
111
+ * @version 6.1.1
112
  */
113
  public static function doPageRedirect($meta)
114
  {
115
  $current = AAM_Core_API::getCurrentPost();
116
  $dest = isset($meta['page']) ? $meta['page'] : null;
117
+ $code = isset($meta['code']) ? $meta['code'] : 307;
118
 
119
  if (!empty($dest) && (empty($current) || ($current->ID !== intval($dest)))) {
120
  wp_safe_redirect(get_page_link($dest), $code);
application/Migration/2019_06_30-base.php CHANGED
@@ -28,6 +28,7 @@ use WP_Error,
28
  *
29
  * The main purpose for this class is to eliminate AAM_Core_Compatibility
30
  *
 
31
  * @since 6.0.5 Keep improving migration process by excluding other legacy options
32
  * @since 6.0.2 Bug fixing
33
  * @since 6.0.1 Slightly refactored the way errors are collected during the migration
@@ -36,7 +37,7 @@ use WP_Error,
36
  * @since 6.0.0 Initial implementation of the class
37
  *
38
  * @package AAM
39
- * @version 6.0.5
40
  */
41
  class Migration600 implements AAM_Core_Contract_MigrationInterface
42
  {
@@ -92,13 +93,14 @@ class Migration600 implements AAM_Core_Contract_MigrationInterface
92
  /**
93
  * @inheritdoc
94
  *
 
95
  * @since 6.0.1 Changed the way `errors` are collected. Now any method pushes
96
  * directly to the $this->errors array to avoid passing $errors
97
  * array to multiple methods. Also, invoking cache clearing prior to
98
  * fetching settings
99
  * @since 6.0.0 Initial implementation of the method
100
  *
101
- * @version 6.0.1
102
  */
103
  public function run()
104
  {
@@ -132,10 +134,7 @@ class Migration600 implements AAM_Core_Contract_MigrationInterface
132
  // Finally store this script as completed
133
  AAM_Core_Migration::storeCompletedScript(basename(__FILE__));
134
 
135
- return array(
136
- 'errors' => $this->errors,
137
- 'dump' => $settings
138
- );
139
  }
140
 
141
  /**
28
  *
29
  * The main purpose for this class is to eliminate AAM_Core_Compatibility
30
  *
31
+ * @since 6.1.1 Removing all the error notifications. We covered all the edge cases
32
  * @since 6.0.5 Keep improving migration process by excluding other legacy options
33
  * @since 6.0.2 Bug fixing
34
  * @since 6.0.1 Slightly refactored the way errors are collected during the migration
37
  * @since 6.0.0 Initial implementation of the class
38
  *
39
  * @package AAM
40
+ * @version 6.1.1
41
  */
42
  class Migration600 implements AAM_Core_Contract_MigrationInterface
43
  {
93
  /**
94
  * @inheritdoc
95
  *
96
+ * @since 6.1.1 Removing all the error notifications
97
  * @since 6.0.1 Changed the way `errors` are collected. Now any method pushes
98
  * directly to the $this->errors array to avoid passing $errors
99
  * array to multiple methods. Also, invoking cache clearing prior to
100
  * fetching settings
101
  * @since 6.0.0 Initial implementation of the method
102
  *
103
+ * @version 6.1.1
104
  */
105
  public function run()
106
  {
134
  // Finally store this script as completed
135
  AAM_Core_Migration::storeCompletedScript(basename(__FILE__));
136
 
137
+ return array('errors' => array());
 
 
 
138
  }
139
 
140
  /**
application/Migration/2019_12_01-base.php CHANGED
@@ -18,7 +18,7 @@ use AAM_Core_API,
18
  * This migration class that converts add-ons registry
19
  *
20
  * @package AAM
21
- * @version 6.0.5
22
  */
23
  class Migration610 implements AAM_Core_Contract_MigrationInterface
24
  {
@@ -26,7 +26,7 @@ class Migration610 implements AAM_Core_Contract_MigrationInterface
26
  /**
27
  * @inheritdoc
28
  *
29
- * @version 6.0.5
30
  */
31
  public function run()
32
  {
18
  * This migration class that converts add-ons registry
19
  *
20
  * @package AAM
21
+ * @version 6.1.0
22
  */
23
  class Migration610 implements AAM_Core_Contract_MigrationInterface
24
  {
26
  /**
27
  * @inheritdoc
28
  *
29
+ * @version 6.1.0
30
  */
31
  public function run()
32
  {
application/Migration/2019_12_16-base.php ADDED
@@ -0,0 +1,41 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * ======================================================================
5
+ * LICENSE: This file is subject to the terms and conditions defined in *
6
+ * file 'license.txt', which is part of this source code package. *
7
+ * ======================================================================
8
+ */
9
+
10
+ namespace AAM\Migration;
11
+
12
+ use AAM_Core_Migration,
13
+ AAM_Core_Contract_MigrationInterface;
14
+
15
+ /**
16
+ * This migration class that just clears all the errors
17
+ *
18
+ * @package AAM
19
+ * @version 6.1.1
20
+ */
21
+ class Migration611 implements AAM_Core_Contract_MigrationInterface
22
+ {
23
+
24
+ /**
25
+ * @inheritdoc
26
+ *
27
+ * @version 6.1.1
28
+ */
29
+ public function run()
30
+ {
31
+ // Reset failure log
32
+ AAM_Core_Migration::resetFailureLog();
33
+
34
+ return array('errors' => array());
35
+ }
36
+
37
+ }
38
+
39
+ if (defined('AAM_KEY')) {
40
+ return (new Migration611())->run();
41
+ }
application/Service/AccessPolicy.php CHANGED
@@ -157,8 +157,11 @@ class AAM_Service_AccessPolicy
157
  *
158
  * @return void
159
  *
 
 
 
160
  * @access protected
161
- * @version 6.0.0
162
  */
163
  protected function initializeHooks()
164
  {
@@ -195,13 +198,19 @@ class AAM_Service_AccessPolicy
195
  });
196
 
197
  // Hook into AAM core objects initialization
198
- add_filter('aam_menu_object_option_filter', array($this, 'initializeMenu'), 10, 2);
199
- add_filter('aam_metabox_object_option_filter', array($this, 'initializeMetabox'), 10, 2);
200
- add_filter('aam_toolbar_object_option_filter', array($this, 'initializeToolbar'), 10, 2);
201
- add_filter('aam_post_object_option_filter', array($this, 'initializePost'), 10, 2);
202
- add_action('aam_visibility_object_init_action', array($this, 'initializeVisibility'));
203
- add_filter('aam_uri_object_option_filter', array($this, 'initializeUri'), 10, 2);
204
- add_filter('aam_route_object_option_filter', array($this, 'initializeRoute'), 10, 2);
 
 
 
 
 
 
205
 
206
  // Allow third-party to hook into Post resource conversion
207
  add_filter('aam_post_resource_filter', array($this, 'convertPostStatement'), 10, 4);
@@ -215,6 +224,54 @@ class AAM_Service_AccessPolicy
215
  add_filter('all_plugins', array($this, 'filterPlugins'));
216
  }
217
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
218
  /**
219
  * Initialize Admin Menu Object options
220
  *
@@ -223,16 +280,17 @@ class AAM_Service_AccessPolicy
223
  *
224
  * @return array
225
  *
 
226
  * @since 6.1.0 Changed the way access policy manage is obtained
227
  * @since 6.0.0 Initial implementation of the method
228
  *
229
- * @access public
230
  * @see https://aamplugin.com/reference/policy#backendmenu
231
- * @version 6.1.0
232
  */
233
- public function initializeMenu($option, AAM_Core_Object_Menu $object)
234
  {
235
- $manager = AAM::api()->getAccessPolicyManager($object->getSubject(), true);
236
  $found = $manager->getResources(AAM_Core_Policy_Resource::MENU);
237
  $parsed = array();
238
 
@@ -251,16 +309,17 @@ class AAM_Service_AccessPolicy
251
  *
252
  * @return array
253
  *
 
254
  * @since 6.1.0 Changed the way access policy manage is obtained
255
  * @since 6.0.0 Initial implementation of the method
256
  *
257
- * @access public
258
  * @see https://aamplugin.com/reference/policy#toolbar
259
- * @version 6.1.0
260
  */
261
- public function initializeToolbar($option, AAM_Core_Object_Toolbar $object)
262
  {
263
- $manager = AAM::api()->getAccessPolicyManager($object->getSubject(), true);
264
  $found = $manager->getResources(AAM_Core_Policy_Resource::TOOLBAR);
265
  $parsed = array();
266
 
@@ -279,16 +338,17 @@ class AAM_Service_AccessPolicy
279
  *
280
  * @return array
281
  *
 
282
  * @since 6.1.0 Changed the way access policy manage is obtained
283
  * @since 6.0.0 Initial implementation of the method
284
  *
285
  * @access public
286
  * @see https://aamplugin.com/reference/policy#metabox
287
- * @version 6.1.0
288
  */
289
- public function initializeMetabox($option, AAM_Core_Object_Metabox $object)
290
  {
291
- $manager = AAM::api()->getAccessPolicyManager($object->getSubject(), true);
292
  $found = $manager->getResources(array(
293
  AAM_Core_Policy_Resource::METABOX, AAM_Core_Policy_Resource::WIDGET
294
  ));
@@ -302,6 +362,164 @@ class AAM_Service_AccessPolicy
302
  return array_replace($option, $parsed); // First-class citizen
303
  }
304
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
305
  /**
306
  * Check if specified action is allowed upon capability
307
  *
@@ -311,16 +529,17 @@ class AAM_Service_AccessPolicy
311
  *
312
  * @return boolean
313
  *
 
314
  * @since 6.1.0 Changed the way access policy manage is obtained
315
  * @since 6.0.0 Initial implementation of the method
316
  *
317
  * @access public
318
  * @link https://aamplugin.com/reference/policy#capability
319
- * @version 6.1.0
320
  */
321
  public function isCapabilityAllowed($allowed, $cap, $action)
322
  {
323
- $manager = AAM::api()->getAccessPolicyManager(AAM::getUser(), true);
324
  $result = $manager->isAllowed("Capability:{$cap}:AAM:{$action}");
325
 
326
  return ($result === null ? $allowed : $result);
@@ -399,41 +618,6 @@ class AAM_Service_AccessPolicy
399
  );
400
  }
401
 
402
- /**
403
- * Initialize Post Object options
404
- *
405
- * @param array $option
406
- * @param AAM_Core_Object_Post $object
407
- *
408
- * @return array
409
- *
410
- * @since 6.1.0 Changed the way access policy manage is obtained
411
- * @since 6.0.0 Initial implementation of the method
412
- *
413
- * @access public
414
- * @see https://aamplugin.com/reference/policy#post
415
- * @version 6.1.0
416
- */
417
- public function initializePost($option, AAM_Core_Object_Post $object)
418
- {
419
- $manager = AAM::api()->getAccessPolicyManager($object->getSubject(), true);
420
- $found = $manager->getResources(sprintf(
421
- '%s:%s:(%d|%s)',
422
- AAM_Core_Policy_Resource::POST,
423
- $object->post_type,
424
- $object->ID,
425
- $object->post_name
426
- ));
427
-
428
- $parsed = array();
429
-
430
- foreach($found as $action => $stmt) {
431
- $parsed = $this->convertPostStatement($parsed, $action, $stmt);
432
- }
433
-
434
- return array_replace_recursive($option, $parsed); // First-class citizen
435
- }
436
-
437
  /**
438
  * Convert Post resource statement
439
  *
@@ -575,125 +759,6 @@ class AAM_Service_AccessPolicy
575
  return $response;
576
  }
577
 
578
- /**
579
- * Initialize post visibility options
580
- *
581
- * @param AAM_Core_Object_Visibility $visibility
582
- *
583
- * @return void
584
- *
585
- * @since 6.1.0 Changed the way access policy manage is obtained
586
- * @since 6.0.0 Initial implementation of the method
587
- *
588
- * @access public
589
- * @version 6.1.0
590
- */
591
- public function initializeVisibility(AAM_Core_Object_Visibility $visibility)
592
- {
593
- $manager = AAM::api()->getAccessPolicyManager($visibility->getSubject(), true);
594
- $found = $manager->getResources(AAM_Core_Policy_Resource::POST);
595
-
596
- foreach($found as $resource => $stm) {
597
- $chunks = explode(':', $resource);
598
- $effect = (strtolower($stm['Effect']) === 'allow' ? false : true);
599
-
600
- // Allow other plugins to determine what access options should be
601
- // considered during visibility check. For example Plus Package uses
602
- // HIDDEN TO OTHERS options
603
- $map = apply_filters('aam_policy_post_visibility_map_filter', array(
604
- 'list' => 'hidden'
605
- ));
606
-
607
- // Take in consideration only visibility properties
608
- if (array_key_exists($chunks[2], $map)) {
609
- if (is_numeric($chunks[1])) {
610
- $id = intval($chunks[1]);
611
- } else {
612
- $post = get_page_by_path($chunks[1], OBJECT, $chunks[0]);
613
- $id = (is_a($post, 'WP_Post') ? $post->ID : null);
614
- }
615
-
616
- // Making sure that we have at least numeric post ID
617
- if (!empty($id)) {
618
- $visibility->pushOptions('post', "{$id}|{$chunks[0]}", array(
619
- $map[$chunks[2]] => $effect
620
- ));
621
- }
622
- }
623
- }
624
- }
625
-
626
- /**
627
- * Initialize URI Object options
628
- *
629
- * @param array $option
630
- * @param AAM_Core_Object_Uri $object
631
- *
632
- * @return array
633
- *
634
- * @since 6.1.0 Changed the way access policy manage is obtained
635
- * @since 6.0.0 Initial implementation of the method
636
- *
637
- * @access public
638
- * @see https://aamplugin.com/reference/policy#uri
639
- * @version 6.1.0
640
- */
641
- public function initializeUri($option, AAM_Core_Object_Uri $object)
642
- {
643
- $manager = AAM::api()->getAccessPolicyManager($object->getSubject(), true);
644
- $found = $manager->getResources(AAM_Core_Policy_Resource::URI);
645
- $parsed = array();
646
-
647
- foreach($found as $uri => $stm) {
648
- $uri = rtrim($uri, '/'); // No need to honor the trailing forward slash
649
- $effect = (strtolower($stm['Effect']) === 'allow' ? false : true);
650
-
651
- if ($effect === false) {
652
- $parsed[$uri] = array(
653
- 'type' => 'allow'
654
- );
655
- } elseif(isset($stm['Metadata']['Redirect'])) {
656
- $option[$uri] = $this->convertUriAction($stm['Metadata']['Redirect']);
657
- } else {
658
- $option[$uri] = array(
659
- 'type' => 'default',
660
- 'action' => null
661
- );
662
- }
663
- }
664
-
665
- return array_merge($option, $parsed); //First-class citizen
666
- }
667
-
668
- /**
669
- * Initialize Route Object options
670
- *
671
- * @param array $option
672
- * @param AAM_Core_Object_Route $object
673
- *
674
- * @return array
675
- *
676
- * @since 6.1.0 Changed the way access policy manage is obtained
677
- * @since 6.0.0 Initial implementation of the method
678
- *
679
- * @access public
680
- * @see https://aamplugin.com/reference/policy#route
681
- * @version 6.1.0
682
- */
683
- public function initializeRoute($option, AAM_Core_Object_Route $object)
684
- {
685
- $manager = AAM::api()->getAccessPolicyManager($object->getSubject(), true);
686
- $found = $manager->getResources(AAM_Core_Policy_Resource::ROUTE);
687
- $parsed = array();
688
-
689
- foreach($found as $route => $stm) {
690
- $effect = (strtolower($stm['Effect']) === 'allow' ? false : true);
691
- $parsed[strtolower(str_replace(':', '|', $route))] = $effect;
692
- }
693
-
694
- return array_merge($option, $parsed); //First-class citizen
695
- }
696
-
697
  /**
698
  * Convert URI metadata to the URI access option
699
  *
157
  *
158
  * @return void
159
  *
160
+ * @since 6.1.1 Refactored the way access policy is applied to object
161
+ * @since 6.0.0 Initial implementation of the method
162
+ *
163
  * @access protected
164
+ * @version 6.1.1
165
  */
166
  protected function initializeHooks()
167
  {
198
  });
199
 
200
  // Hook into AAM core objects initialization
201
+ add_filter('aam_menu_object_option_filter', array($this, 'applyAccessPolicyToObject'), 10, 2);
202
+ add_filter('aam_metabox_object_option_filter', array($this, 'applyAccessPolicyToObject'), 10, 2);
203
+ add_filter('aam_toolbar_object_option_filter', array($this, 'applyAccessPolicyToObject'), 10, 2);
204
+ add_filter('aam_post_object_option_filter', array($this, 'applyAccessPolicyToObject'), 10, 2);
205
+ add_action('aam_visibility_object_init_action', function(AAM_Core_Object_Visibility $object) {
206
+ $subject = $object->getSubject();
207
+
208
+ if ($subject::UID === AAM_Core_Subject_User::UID) {
209
+ $this->initializeVisibility($object);
210
+ }
211
+ });
212
+ add_filter('aam_uri_object_option_filter', array($this, 'applyAccessPolicyToObject'), 10, 2);
213
+ add_filter('aam_route_object_option_filter', array($this, 'applyAccessPolicyToObject'), 10, 2);
214
 
215
  // Allow third-party to hook into Post resource conversion
216
  add_filter('aam_post_resource_filter', array($this, 'convertPostStatement'), 10, 4);
224
  add_filter('all_plugins', array($this, 'filterPlugins'));
225
  }
226
 
227
+ /**
228
+ * Apply access policy statements to passed object
229
+ *
230
+ * @param array $options
231
+ * @param AAM_Core_Object $object
232
+ *
233
+ * @return array
234
+ *
235
+ * @access public
236
+ * @version 6.1.1
237
+ */
238
+ public function applyAccessPolicyToObject($options, AAM_Core_Object $object)
239
+ {
240
+ $subject = $object->getSubject();
241
+
242
+ if ($subject::UID === AAM_Core_Subject_User::UID) {
243
+ switch($object::OBJECT_TYPE) {
244
+ case AAM_Core_Object_Menu::OBJECT_TYPE:
245
+ $options = $this->initializeMenu($options, $object);
246
+ break;
247
+
248
+ case AAM_Core_Object_Toolbar::OBJECT_TYPE:
249
+ $options = $this->initializeToolbar($options, $object);
250
+ break;
251
+
252
+ case AAM_Core_Object_Metabox::OBJECT_TYPE:
253
+ $options = $this->initializeMetabox($options, $object);
254
+ break;
255
+
256
+ case AAM_Core_Object_Post::OBJECT_TYPE:
257
+ $options = $this->initializePost($options, $object);
258
+ break;
259
+
260
+ case AAM_Core_Object_Uri::OBJECT_TYPE:
261
+ $options = $this->initializeUri($options, $object);
262
+ break;
263
+ case AAM_Core_Object_Route::OBJECT_TYPE:
264
+ $options = $this->initializeRoute($options, $object);
265
+ break;
266
+
267
+ default:
268
+ break;
269
+ }
270
+ }
271
+
272
+ return $options;
273
+ }
274
+
275
  /**
276
  * Initialize Admin Menu Object options
277
  *
280
  *
281
  * @return array
282
  *
283
+ * @since 6.1.1 Method becomes protected
284
  * @since 6.1.0 Changed the way access policy manage is obtained
285
  * @since 6.0.0 Initial implementation of the method
286
  *
287
+ * @access protected
288
  * @see https://aamplugin.com/reference/policy#backendmenu
289
+ * @version 6.1.1
290
  */
291
+ protected function initializeMenu($option, AAM_Core_Object_Menu $object)
292
  {
293
+ $manager = AAM::api()->getAccessPolicyManager();
294
  $found = $manager->getResources(AAM_Core_Policy_Resource::MENU);
295
  $parsed = array();
296
 
309
  *
310
  * @return array
311
  *
312
+ * @since 6.1.1 Method becomes protected
313
  * @since 6.1.0 Changed the way access policy manage is obtained
314
  * @since 6.0.0 Initial implementation of the method
315
  *
316
+ * @access protected
317
  * @see https://aamplugin.com/reference/policy#toolbar
318
+ * @version 6.1.1
319
  */
320
+ protected function initializeToolbar($option, AAM_Core_Object_Toolbar $object)
321
  {
322
+ $manager = AAM::api()->getAccessPolicyManager();
323
  $found = $manager->getResources(AAM_Core_Policy_Resource::TOOLBAR);
324
  $parsed = array();
325
 
338
  *
339
  * @return array
340
  *
341
+ * @since 6.1.1 Method becomes protected
342
  * @since 6.1.0 Changed the way access policy manage is obtained
343
  * @since 6.0.0 Initial implementation of the method
344
  *
345
  * @access public
346
  * @see https://aamplugin.com/reference/policy#metabox
347
+ * @version 6.1.1
348
  */
349
+ protected function initializeMetabox($option, AAM_Core_Object_Metabox $object)
350
  {
351
+ $manager = AAM::api()->getAccessPolicyManager();
352
  $found = $manager->getResources(array(
353
  AAM_Core_Policy_Resource::METABOX, AAM_Core_Policy_Resource::WIDGET
354
  ));
362
  return array_replace($option, $parsed); // First-class citizen
363
  }
364
 
365
+ /**
366
+ * Initialize Post Object options
367
+ *
368
+ * @param array $option
369
+ * @param AAM_Core_Object_Post $object
370
+ *
371
+ * @return array
372
+ *
373
+ * @since 6.1.1 Method becomes protected
374
+ * @since 6.1.0 Changed the way access policy manage is obtained
375
+ * @since 6.0.0 Initial implementation of the method
376
+ *
377
+ * @access protected
378
+ * @see https://aamplugin.com/reference/policy#post
379
+ * @version 6.1.1
380
+ */
381
+ protected function initializePost($option, AAM_Core_Object_Post $object)
382
+ {
383
+ $manager = AAM::api()->getAccessPolicyManager();
384
+ $found = $manager->getResources(sprintf(
385
+ '%s:%s:(%d|%s)',
386
+ AAM_Core_Policy_Resource::POST,
387
+ $object->post_type,
388
+ $object->ID,
389
+ $object->post_name
390
+ ));
391
+
392
+ $parsed = array();
393
+
394
+ foreach($found as $action => $stmt) {
395
+ $parsed = $this->convertPostStatement($parsed, $action, $stmt);
396
+ }
397
+
398
+ return array_replace_recursive($option, $parsed); // First-class citizen
399
+ }
400
+
401
+ /**
402
+ * Initialize post visibility options
403
+ *
404
+ * @param AAM_Core_Object_Visibility $visibility
405
+ *
406
+ * @return void
407
+ *
408
+ * @since 6.1.1 Method becomes protected
409
+ * @since 6.1.0 Changed the way access policy manage is obtained
410
+ * @since 6.0.0 Initial implementation of the method
411
+ *
412
+ * @access protected
413
+ * @version 6.1.1
414
+ */
415
+ protected function initializeVisibility(AAM_Core_Object_Visibility $visibility)
416
+ {
417
+ $manager = AAM::api()->getAccessPolicyManager();
418
+ $found = $manager->getResources(AAM_Core_Policy_Resource::POST);
419
+
420
+ foreach($found as $resource => $stm) {
421
+ $chunks = explode(':', $resource);
422
+ $effect = (strtolower($stm['Effect']) === 'allow' ? false : true);
423
+
424
+ // Allow other plugins to determine what access options should be
425
+ // considered during visibility check. For example Plus Package uses
426
+ // HIDDEN TO OTHERS options
427
+ $map = apply_filters('aam_policy_post_visibility_map_filter', array(
428
+ 'list' => 'hidden'
429
+ ));
430
+
431
+ // Take in consideration only visibility properties
432
+ if (array_key_exists($chunks[2], $map)) {
433
+ if (is_numeric($chunks[1])) {
434
+ $id = intval($chunks[1]);
435
+ } else {
436
+ $post = get_page_by_path($chunks[1], OBJECT, $chunks[0]);
437
+ $id = (is_a($post, 'WP_Post') ? $post->ID : null);
438
+ }
439
+
440
+ // Making sure that we have at least numeric post ID
441
+ if (!empty($id)) {
442
+ $visibility->pushOptions('post', "{$id}|{$chunks[0]}", array(
443
+ $map[$chunks[2]] => $effect
444
+ ));
445
+ }
446
+ }
447
+ }
448
+ }
449
+
450
+ /**
451
+ * Initialize URI Object options
452
+ *
453
+ * @param array $option
454
+ * @param AAM_Core_Object_Uri $object
455
+ *
456
+ * @return array
457
+ *
458
+ * @since 6.1.1 Method becomes protected
459
+ * @since 6.1.0 Changed the way access policy manage is obtained
460
+ * @since 6.0.0 Initial implementation of the method
461
+ *
462
+ * @access protected
463
+ * @see https://aamplugin.com/reference/policy#uri
464
+ * @version 6.1.1
465
+ */
466
+ protected function initializeUri($option, AAM_Core_Object_Uri $object)
467
+ {
468
+ $manager = AAM::api()->getAccessPolicyManager();
469
+ $found = $manager->getResources(AAM_Core_Policy_Resource::URI);
470
+ $parsed = array();
471
+
472
+ foreach($found as $uri => $stm) {
473
+ $uri = rtrim($uri, '/'); // No need to honor the trailing forward slash
474
+ $effect = (strtolower($stm['Effect']) === 'allow' ? false : true);
475
+
476
+ if ($effect === false) {
477
+ $parsed[$uri] = array(
478
+ 'type' => 'allow'
479
+ );
480
+ } elseif(isset($stm['Metadata']['Redirect'])) {
481
+ $option[$uri] = $this->convertUriAction($stm['Metadata']['Redirect']);
482
+ } else {
483
+ $option[$uri] = array(
484
+ 'type' => 'default',
485
+ 'action' => null
486
+ );
487
+ }
488
+ }
489
+
490
+ return array_merge($option, $parsed); //First-class citizen
491
+ }
492
+
493
+ /**
494
+ * Initialize Route Object options
495
+ *
496
+ * @param array $option
497
+ * @param AAM_Core_Object_Route $object
498
+ *
499
+ * @return array
500
+ *
501
+ * @since 6.1.1 Method becomes protected
502
+ * @since 6.1.0 Changed the way access policy manage is obtained
503
+ * @since 6.0.0 Initial implementation of the method
504
+ *
505
+ * @access protected
506
+ * @see https://aamplugin.com/reference/policy#route
507
+ * @version 6.1.1
508
+ */
509
+ protected function initializeRoute($option, AAM_Core_Object_Route $object)
510
+ {
511
+ $manager = AAM::api()->getAccessPolicyManager();
512
+ $found = $manager->getResources(AAM_Core_Policy_Resource::ROUTE);
513
+ $parsed = array();
514
+
515
+ foreach($found as $route => $stm) {
516
+ $effect = (strtolower($stm['Effect']) === 'allow' ? false : true);
517
+ $parsed[strtolower(str_replace(':', '|', $route))] = $effect;
518
+ }
519
+
520
+ return array_merge($option, $parsed); //First-class citizen
521
+ }
522
+
523
  /**
524
  * Check if specified action is allowed upon capability
525
  *
529
  *
530
  * @return boolean
531
  *
532
+ * @since 6.1.1 Fixed bug with access policy inheritance
533
  * @since 6.1.0 Changed the way access policy manage is obtained
534
  * @since 6.0.0 Initial implementation of the method
535
  *
536
  * @access public
537
  * @link https://aamplugin.com/reference/policy#capability
538
+ * @version 6.1.1
539
  */
540
  public function isCapabilityAllowed($allowed, $cap, $action)
541
  {
542
+ $manager = AAM::api()->getAccessPolicyManager();
543
  $result = $manager->isAllowed("Capability:{$cap}:AAM:{$action}");
544
 
545
  return ($result === null ? $allowed : $result);
618
  );
619
  }
620
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
621
  /**
622
  * Convert Post resource statement
623
  *
759
  return $response;
760
  }
761
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
762
  /**
763
  * Convert URI metadata to the URI access option
764
  *
application/Service/ExtendedCapabilities.php CHANGED
@@ -99,7 +99,10 @@ class AAM_Service_ExtendedCapabilities
99
  add_action('init', function() {
100
  if (is_user_logged_in()) {
101
  // Check if user is allowed to see backend
102
- if (!AAM_Core_API::isAAMCapabilityAllowed('aam_access_dashboard')) {
 
 
 
103
  // If this is the AJAX call, still allow it because it will break a lot
104
  // of frontend stuff that depends on it
105
  if (!defined('DOING_AJAX')) {
99
  add_action('init', function() {
100
  if (is_user_logged_in()) {
101
  // Check if user is allowed to see backend
102
+ if (
103
+ is_admin()
104
+ && !AAM_Core_API::isAAMCapabilityAllowed('aam_access_dashboard')
105
+ ) {
106
  // If this is the AJAX call, still allow it because it will break a lot
107
  // of frontend stuff that depends on it
108
  if (!defined('DOING_AJAX')) {
media/css/aam.css CHANGED
@@ -743,7 +743,7 @@ input[type=radio]:checked + label:before {
743
  .aam-overwrite .btn {
744
  margin-top: -5px;
745
  border: 0;
746
- padding: 5px 10px;
747
  }
748
 
749
  .row.aam-bordered {
743
  .aam-overwrite .btn {
744
  margin-top: -5px;
745
  border: 0;
746
+ padding: 6px 10px;
747
  }
748
 
749
  .row.aam-bordered {
media/js/aam.js CHANGED
@@ -4570,6 +4570,14 @@
4570
  $('#aam-subject-name').val(),
4571
  $('#aam-subject-level').val()
4572
  );
 
 
 
 
 
 
 
 
4573
  } else if (getLocal().subject.type) {
4574
  this.setSubject(
4575
  getLocal().subject.type,
@@ -4674,6 +4682,9 @@
4674
  level: level
4675
  };
4676
 
 
 
 
4677
  //update the header
4678
  // First set the type of the subject
4679
  $('.aam-current-subject').text(
4570
  $('#aam-subject-name').val(),
4571
  $('#aam-subject-level').val()
4572
  );
4573
+ } else if (window.localStorage.getItem('aam-subject')) {
4574
+ const subject = JSON.parse(window.localStorage.getItem('aam-subject'));
4575
+ this.setSubject(
4576
+ subject.type,
4577
+ subject.id,
4578
+ subject.name,
4579
+ subject.level
4580
+ );
4581
  } else if (getLocal().subject.type) {
4582
  this.setSubject(
4583
  getLocal().subject.type,
4682
  level: level
4683
  };
4684
 
4685
+ // Persist the subject in the local storage
4686
+ window.localStorage.setItem('aam-subject', JSON.stringify(this.subject));
4687
+
4688
  //update the header
4689
  // First set the type of the subject
4690
  $('.aam-current-subject').text(
readme.txt CHANGED
@@ -3,8 +3,8 @@ Contributors: vasyltech
3
  Tags: access control, membership, backend menu, user role, restricted content, security, jwt
4
  Requires at least: 4.7.0
5
  Requires PHP: 5.6.0
6
- Tested up to: 5.3
7
- Stable tag: 6.1.0
8
 
9
  All you need to manage access to WordPress websites on the frontend, backend and API levels for any role, user or visitors.
10
 
@@ -91,6 +91,15 @@ We take security and privacy very seriously, that is why there are several non-n
91
 
92
  == Changelog ==
93
 
 
 
 
 
 
 
 
 
 
94
  = 6.1.0 =
95
  * Fixed Bug: Access Policy UI - the "Attach to Default" button was not rendering correctly
96
  * Fixed Bug: Role Management UI - the PHP notice where `Undefined variable: parent`
3
  Tags: access control, membership, backend menu, user role, restricted content, security, jwt
4
  Requires at least: 4.7.0
5
  Requires PHP: 5.6.0
6
+ Tested up to: 5.3.1
7
+ Stable tag: 6.1.1
8
 
9
  All you need to manage access to WordPress websites on the frontend, backend and API levels for any role, user or visitors.
10
 
91
 
92
  == Changelog ==
93
 
94
+ = 6.1.1 =
95
+ * Fixed Bug: Unnecessary backslashes before displaying the access policy [https://forum.aamplugin.com/d/432-access-policy-ui-escaping-slashes](https://forum.aamplugin.com/d/432-access-policy-ui-escaping-slashes)
96
+ * Fixed Bug: aam_access_dashboard custom capability caused "Access Denied"
97
+ * Change: Enforcing default `307` Temporary Redirect code if none is provided for any AAM redirect functionality
98
+ * Change: Persisting the last managed role, user or visitor on the AAM page
99
+ * Change: Improved safety by using the last role on the list instead of the default Administrator role
100
+ * Change: Optimized access policy service. Changed the way it is applied to any given object
101
+ * Added New: Migration script that clears previously detected migration errors
102
+
103
  = 6.1.0 =
104
  * Fixed Bug: Access Policy UI - the "Attach to Default" button was not rendering correctly
105
  * Fixed Bug: Role Management UI - the PHP notice where `Undefined variable: parent`