Advanced Access Manager - Version 6.4.2

Version Description

  • Fixed Bug: Plus Package add-on: Call to undefined function wp_parse_list() https://github.com/aamplugin/advanced-access-manager/issues/87
  • Added New: Backward compatibility, return v1/authenticate endpoint https://github.com/aamplugin/advanced-access-manager/issues/91
  • Added New: Implement "New update is available" feature https://github.com/aamplugin/advanced-access-manager/issues/88
Download this release

Release Info

Developer vasyltech
Plugin Icon 128x128 Advanced Access Manager
Version 6.4.2
Comparing to
See all releases

Code changes from version 6.4.1 to 6.4.2

Files changed (9) hide show
  1. aam.php +2 -2
  2. application/Addon/Repository.php +29 -10
  3. application/Backend/Manager.php +32 -1
  4. application/Backend/tmpl/metabox/main-iframe.php +3 -2
  5. application/Service/Jwt.php +0 -1
  6. application/Service/SecureLogin.php +67 -4
  7. lang/advanced-access-manager-en_US.po +0 -8
  8. media/css/aam.css +31 -2
  9. readme.txt +6 -1
aam.php CHANGED
@@ -3,7 +3,7 @@
3
  /**
4
  * Plugin Name: Advanced Access Manager
5
  * Description: Collection of features to manage your WordPress website authentication, authorization and monitoring
6
- * Version: 6.4.1
7
  * Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  * Author URI: https://vasyltech.com
9
  * Text Domain: advanced-access-manager
@@ -264,7 +264,7 @@ if (defined('ABSPATH')) {
264
  //define few common constants
265
  define('AAM_MEDIA', plugins_url('/media', __FILE__));
266
  define('AAM_KEY', 'advanced-access-manager');
267
- define('AAM_VERSION', '6.4.1');
268
  define('AAM_BASEDIR', __DIR__);
269
 
270
  //load vendor
3
  /**
4
  * Plugin Name: Advanced Access Manager
5
  * Description: Collection of features to manage your WordPress website authentication, authorization and monitoring
6
+ * Version: 6.4.2
7
  * Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  * Author URI: https://vasyltech.com
9
  * Text Domain: advanced-access-manager
264
  //define few common constants
265
  define('AAM_MEDIA', plugins_url('/media', __FILE__));
266
  define('AAM_KEY', 'advanced-access-manager');
267
+ define('AAM_VERSION', '6.4.2');
268
  define('AAM_BASEDIR', __DIR__);
269
 
270
  //load vendor
application/Addon/Repository.php CHANGED
@@ -10,7 +10,8 @@
10
  /**
11
  * Addon repository
12
  *
13
- * @since 6.4.2 Fixed https://github.com/aamplugin/advanced-access-manager/issues/81
 
14
  * @since 6.2.0 Bug fixing that is related to unwanted PHP notices
15
  * @since 6.0.5 Refactored the license managements. Fixed couple bugs with license
16
  * information displaying
@@ -128,8 +129,11 @@ class AAM_Addon_Repository
128
  *
129
  * @return array
130
  *
 
 
 
131
  * @access public
132
- * @version 6.0.0
133
  */
134
  public function getList()
135
  {
@@ -137,17 +141,20 @@ class AAM_Addon_Repository
137
  'aam-plus-package' => $this->buildAddonObject(
138
  'Plus Package',
139
  'plus-package',
140
- __('Manage access to your WordPress website posts, pages, media, custom post types, categories, tags and custom taxonomies for any role, individual user, visitors or even define default access for everybody; and do this separately for frontend, backend or API levels.', AAM_KEY)
 
141
  ),
142
  'aam-ip-check' => $this->buildAddonObject(
143
  'IP Check',
144
  'ip-check',
145
- __('Manage access to your WordPress website by users IP address or referred host and completely lock down the entire website if necessary. Define the unlimited number of whitelisted or blacklisted IPs or hosts.', AAM_KEY)
 
146
  ),
147
  'aam-role-hierarchy' => $this->buildAddonObject(
148
  'Role Hierarchy',
149
  'role-hierarchy',
150
- __('Define and manage complex WordPress role hierarchy where all the access settings are propagated down the tree with the ability to override any settings for any specific role.', AAM_KEY)
 
151
  ),
152
  /**
153
  * TODO: Release this extension after AAM 6.0.0. Enhance it with
@@ -162,7 +169,8 @@ class AAM_Addon_Repository
162
  'aam-complete-package' => $this->buildAddonObject(
163
  'Complete Package',
164
  'complete-package',
165
- __('Get the complete list of all premium AAM addons in one package and all future premium addons will be included for now additional cost.', AAM_KEY)
 
166
  )
167
  );
168
  }
@@ -173,23 +181,34 @@ class AAM_Addon_Repository
173
  * @param string $title
174
  * @param string $slug
175
  * @param string $description
 
176
  *
177
  * @return array
178
  *
 
179
  * @since 6.0.5 Added new `hasUpdate` flag
180
  * @since 6.0.0 Initial implementation of the method
181
  *
182
  * @access protected
183
- * @version 6.0.5
184
  */
185
- protected function buildAddonObject($title, $slug, $description)
186
  {
 
 
 
 
 
 
 
 
 
187
  return array(
188
  'title' => $title,
189
- 'version' => $this->getPluginVersion("aam-{$slug}/bootstrap.php"),
190
  'isActive' => $this->isPluginActive("aam-{$slug}/bootstrap.php"),
191
  'expires' => $this->getExpirationDate("aam-{$slug}"),
192
- 'hasUpdate' => $this->hasPluginUpdate("aam-{$slug}/bootstrap.php"),
193
  'license' => $this->getPluginLicense("aam-{$slug}"),
194
  'type' => 'commercial',
195
  'description' => $description,
10
  /**
11
  * Addon repository
12
  *
13
+ * @since 6.4.2 Implemented https://github.com/aamplugin/advanced-access-manager/issues/88
14
+ * @since 6.4.1 Fixed https://github.com/aamplugin/advanced-access-manager/issues/81
15
  * @since 6.2.0 Bug fixing that is related to unwanted PHP notices
16
  * @since 6.0.5 Refactored the license managements. Fixed couple bugs with license
17
  * information displaying
129
  *
130
  * @return array
131
  *
132
+ * @since 6.4.2 Added https://github.com/aamplugin/advanced-access-manager/issues/88
133
+ * @since 6.0.0 Initial implementation of the method
134
+ *
135
  * @access public
136
+ * @version 6.4.2
137
  */
138
  public function getList()
139
  {
141
  'aam-plus-package' => $this->buildAddonObject(
142
  'Plus Package',
143
  'plus-package',
144
+ __('Manage access to your WordPress website posts, pages, media, custom post types, categories, tags and custom taxonomies for any role, individual user, visitors or even define default access for everybody; and do this separately for frontend, backend or API levels.', AAM_KEY),
145
+ '5.3.2'
146
  ),
147
  'aam-ip-check' => $this->buildAddonObject(
148
  'IP Check',
149
  'ip-check',
150
+ __('Manage access to your WordPress website by users IP address or referred host and completely lock down the entire website if necessary. Define the unlimited number of whitelisted or blacklisted IPs or hosts.', AAM_KEY),
151
+ '4.1.2'
152
  ),
153
  'aam-role-hierarchy' => $this->buildAddonObject(
154
  'Role Hierarchy',
155
  'role-hierarchy',
156
+ __('Define and manage complex WordPress role hierarchy where all the access settings are propagated down the tree with the ability to override any settings for any specific role.', AAM_KEY),
157
+ '3.0.1'
158
  ),
159
  /**
160
  * TODO: Release this extension after AAM 6.0.0. Enhance it with
169
  'aam-complete-package' => $this->buildAddonObject(
170
  'Complete Package',
171
  'complete-package',
172
+ __('Get the complete list of all premium AAM addons in one package and all future premium addons will be included for now additional cost.', AAM_KEY),
173
+ '5.2.2'
174
  )
175
  );
176
  }
181
  * @param string $title
182
  * @param string $slug
183
  * @param string $description
184
+ * @param string $version
185
  *
186
  * @return array
187
  *
188
+ * @since 6.4.2 Added https://github.com/aamplugin/advanced-access-manager/issues/88
189
  * @since 6.0.5 Added new `hasUpdate` flag
190
  * @since 6.0.0 Initial implementation of the method
191
  *
192
  * @access protected
193
+ * @version 6.4.2
194
  */
195
+ protected function buildAddonObject($title, $slug, $description, $version = null)
196
  {
197
+ // Determining if there is newer version
198
+ $current_version = $this->getPluginVersion("aam-{$slug}/bootstrap.php");
199
+
200
+ if (version_compare($current_version, $version) === -1) {
201
+ $hasUpdate = true;
202
+ } else {
203
+ $hasUpdate = $this->hasPluginUpdate("aam-{$slug}/bootstrap.php");
204
+ }
205
+
206
  return array(
207
  'title' => $title,
208
+ 'version' => $current_version,
209
  'isActive' => $this->isPluginActive("aam-{$slug}/bootstrap.php"),
210
  'expires' => $this->getExpirationDate("aam-{$slug}"),
211
+ 'hasUpdate' => $hasUpdate,
212
  'license' => $this->getPluginLicense("aam-{$slug}"),
213
  'type' => 'commercial',
214
  'description' => $description,
application/Backend/Manager.php CHANGED
@@ -29,8 +29,11 @@ class AAM_Backend_Manager
29
  *
30
  * @return void
31
  *
 
 
 
32
  * @access protected
33
- * @version 6.0.0
34
  */
35
  protected function __construct()
36
  {
@@ -72,6 +75,7 @@ class AAM_Backend_Manager
72
  // Check for pending migration scripts
73
  if (current_user_can('update_plugins')) {
74
  $this->checkMigrationStatus();
 
75
  }
76
  }
77
 
@@ -117,6 +121,33 @@ class AAM_Backend_Manager
117
  }
118
  }
119
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
120
  /**
121
  * Print all the necessary JS assets for the AAM UI
122
  *
29
  *
30
  * @return void
31
  *
32
+ * @since 6.4.2 Added https://github.com/aamplugin/advanced-access-manager/issues/88
33
+ * @since 6.0.0 Initial implementation of the method
34
+ *
35
  * @access protected
36
+ * @version 6.4.2
37
  */
38
  protected function __construct()
39
  {
75
  // Check for pending migration scripts
76
  if (current_user_can('update_plugins')) {
77
  $this->checkMigrationStatus();
78
+ $this->checkAddonUpdates();
79
  }
80
  }
81
 
121
  }
122
  }
123
 
124
+ /**
125
+ * Display notification if new version is available
126
+ *
127
+ * @return void
128
+ *
129
+ * @access protected
130
+ * @version 6.4.2
131
+ */
132
+ protected function checkAddonUpdates()
133
+ {
134
+ $list = AAM_Addon_Repository::getInstance()->getList();
135
+ $url = 'https://forum.aamplugin.com/d/530-the-new-version-of-is-available-for-download';
136
+
137
+ foreach($list as $addon) {
138
+ if ($addon['hasUpdate'] === true) {
139
+ AAM_Core_Console::add(
140
+ sprintf(
141
+ 'The new version of ["%s"] is available for download. %s',
142
+ $addon['title'],
143
+ '<a href="' . $url . '" target="_blank">' . __('Learn more', AAM_KEY) . '</a>;'
144
+ ),
145
+ 'strong'
146
+ );
147
+ }
148
+ }
149
+ }
150
+
151
  /**
152
  * Print all the necessary JS assets for the AAM UI
153
  *
application/Backend/tmpl/metabox/main-iframe.php CHANGED
@@ -1,9 +1,10 @@
1
  <?php
2
  /**
 
3
  * @since 6.2.0 Added support & import/export modals
4
  * @since 6.0.0 Initial implementation of the template
5
  *
6
- * @version 6.2.0
7
  * */
8
  ?>
9
 
@@ -28,7 +29,7 @@
28
 
29
  <div class="col-xs-12 col-md-4 aam-sidebar">
30
  <?php if (AAM_Core_Console::count() && current_user_can('aam_show_notifications')) { ?>
31
- <div class="metabox-holder shared-metabox">
32
  <div class="postbox">
33
  <h3 class="hndle text-danger">
34
  <i class='icon-attention-circled'></i> <span><?php echo __('Notifications', AAM_KEY); ?></span>
1
  <?php
2
  /**
3
+ * @since 6.4.2 Styling notification metabox
4
  * @since 6.2.0 Added support & import/export modals
5
  * @since 6.0.0 Initial implementation of the template
6
  *
7
+ * @version 6.4.2
8
  * */
9
  ?>
10
 
29
 
30
  <div class="col-xs-12 col-md-4 aam-sidebar">
31
  <?php if (AAM_Core_Console::count() && current_user_can('aam_show_notifications')) { ?>
32
+ <div class="metabox-holder shared-metabox aam-notification-metabox">
33
  <div class="postbox">
34
  <h3 class="hndle text-danger">
35
  <i class='icon-attention-circled'></i> <span><?php echo __('Notifications', AAM_KEY); ?></span>
application/Service/Jwt.php CHANGED
@@ -239,7 +239,6 @@ class AAM_Service_Jwt
239
  *
240
  * @return WP_REST_Response
241
  * @version 6.0.0
242
- * @todo Remove in 6.5.0
243
  */
244
  public function validateTokenDeprecated(WP_REST_Request $request)
245
  {
239
  *
240
  * @return WP_REST_Response
241
  * @version 6.0.0
 
242
  */
243
  public function validateTokenDeprecated(WP_REST_Request $request)
244
  {
application/Service/SecureLogin.php CHANGED
@@ -10,6 +10,7 @@
10
  /**
11
  * Secure Login service
12
  *
 
13
  * @since 6.4.0 Enhanced https://github.com/aamplugin/advanced-access-manager/issues/16.
14
  * Enhanced https://github.com/aamplugin/advanced-access-manager/issues/71
15
  * @since 6.3.1 Fixed bug with not being able to lock user
@@ -17,7 +18,7 @@
17
  * @since 6.0.0 Initial implementation of the class
18
  *
19
  * @package AAM
20
- * @version 6.4.0
21
  */
22
  class AAM_Service_SecureLogin
23
  {
@@ -145,8 +146,11 @@ class AAM_Service_SecureLogin
145
  *
146
  * Register AAM authentication endpoint
147
  *
 
 
 
148
  * @return void
149
- * @version 6.0.0
150
  */
151
  public function registerRESTfulRoute()
152
  {
@@ -178,6 +182,22 @@ class AAM_Service_SecureLogin
178
  );
179
 
180
  register_rest_route('aam/v2', '/authenticate', $config);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
181
  }
182
 
183
  /**
@@ -187,12 +207,13 @@ class AAM_Service_SecureLogin
187
  *
188
  * @return WP_REST_Response
189
  *
190
- * @since 6.4.0 Enhanced to support https://github.com/aamplugin/advanced-access-manager/issues/16
 
191
  * @since 6.1.0 Enriched error response with more details
192
  * @since 6.0.0 Initial implementation of the method
193
  *
194
  * @access public
195
- * @version 6.4.0
196
  */
197
  public function authenticate(WP_REST_Request $request)
198
  {
@@ -232,6 +253,48 @@ class AAM_Service_SecureLogin
232
  return new WP_REST_Response($result, $status);
233
  }
234
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
235
  /**
236
  * Intercept auth token generation and enhance security
237
  *
10
  /**
11
  * Secure Login service
12
  *
13
+ * @since 6.4.2 Enhanced https://github.com/aamplugin/advanced-access-manager/issues/91
14
  * @since 6.4.0 Enhanced https://github.com/aamplugin/advanced-access-manager/issues/16.
15
  * Enhanced https://github.com/aamplugin/advanced-access-manager/issues/71
16
  * @since 6.3.1 Fixed bug with not being able to lock user
18
  * @since 6.0.0 Initial implementation of the class
19
  *
20
  * @package AAM
21
+ * @version 6.4.2
22
  */
23
  class AAM_Service_SecureLogin
24
  {
146
  *
147
  * Register AAM authentication endpoint
148
  *
149
+ * @since 6.4.2 Enhanced https://github.com/aamplugin/advanced-access-manager/issues/91
150
+ * @since 6.0.0 Initial implementation of the method
151
+ *
152
  * @return void
153
+ * @version 6.4.2
154
  */
155
  public function registerRESTfulRoute()
156
  {
182
  );
183
 
184
  register_rest_route('aam/v2', '/authenticate', $config);
185
+
186
+ // For backward compatibility, keep /v1/authenticate endpoint
187
+ register_rest_route('aam/v1', '/authenticate', array(
188
+ 'methods' => 'POST',
189
+ 'callback' => array($this, 'legacyAuthenticate'),
190
+ 'args' => array(
191
+ 'username' => array(
192
+ 'description' => __('Valid username.', AAM_KEY),
193
+ 'type' => 'string',
194
+ ),
195
+ 'password' => array(
196
+ 'description' => __('Valid password.', AAM_KEY),
197
+ 'type' => 'string',
198
+ )
199
+ ),
200
+ ));
201
  }
202
 
203
  /**
207
  *
208
  * @return WP_REST_Response
209
  *
210
+ * @since 6.4.2 Enhanced https://github.com/aamplugin/advanced-access-manager/issues/91
211
+ * @since 6.4.0 Enhanced https://github.com/aamplugin/advanced-access-manager/issues/16
212
  * @since 6.1.0 Enriched error response with more details
213
  * @since 6.0.0 Initial implementation of the method
214
  *
215
  * @access public
216
+ * @version 6.4.2
217
  */
218
  public function authenticate(WP_REST_Request $request)
219
  {
253
  return new WP_REST_Response($result, $status);
254
  }
255
 
256
+ /**
257
+ * Authenticate user
258
+ *
259
+ * @param WP_REST_Request $request
260
+ *
261
+ * @return WP_REST_Response
262
+ *
263
+ * @access public
264
+ * @version 6.4.2
265
+ */
266
+ public function legacyAuthenticate(WP_REST_Request $request)
267
+ {
268
+ _deprecated_function('aam/v1/authenticate', '6.4.2', 'aam/v2/authenticate');
269
+
270
+ $user = wp_signon(array(
271
+ 'user_login' => $request->get_param('username'),
272
+ 'user_password' => $request->get_param('password')
273
+ ));
274
+
275
+ if (is_a($user, 'WP_User')) {
276
+ $status = 200;
277
+
278
+ // Making sure that token is issued
279
+ $request->set_param('issueJWT', true);
280
+
281
+ $data = apply_filters(
282
+ 'aam_auth_response_filter',
283
+ array('user' => $user),
284
+ $request
285
+ );
286
+ $result = array_merge(array('user' => $user), $data['jwt']);
287
+ } else {
288
+ $status = 403;
289
+ $result = new WP_Error(
290
+ 'rest_jwt_auth_failure',
291
+ strip_tags($user->get_error_message())
292
+ );
293
+ }
294
+
295
+ return new WP_REST_Response($result, $status);
296
+ }
297
+
298
  /**
299
  * Intercept auth token generation and enhance security
300
  *
lang/advanced-access-manager-en_US.po CHANGED
@@ -2782,11 +2782,3 @@ msgstr ""
2782
  #: tests/Addon/PlusPackage/ContentAccessTest.php:137
2783
  msgid "AAM Test"
2784
  msgstr ""
2785
-
2786
- #: tests/Addon/PlusPackage/ContentAccessTest.php:138
2787
- msgid "Just for testing purposes"
2788
- msgstr ""
2789
-
2790
- #: tests/Service/Core/CoreServiceTest.php:37
2791
- msgid "<script>alert(1);</script>"
2792
- msgstr ""
2782
  #: tests/Addon/PlusPackage/ContentAccessTest.php:137
2783
  msgid "AAM Test"
2784
  msgstr ""
 
 
 
 
 
 
 
 
media/css/aam.css CHANGED
@@ -1115,12 +1115,41 @@ input[type=radio]:checked + label:before {
1115
  font-weight: 700;
1116
  }
1117
 
 
 
 
 
 
 
 
 
 
 
1118
  .aam-error-list {
1119
- padding: 15px;
1120
- list-style: disc;
1121
  margin-bottom: 0;
1122
  }
1123
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1124
  .aam-menu-capability, .aam-metabox-details {
1125
  color: #777777;
1126
  font-weight: 400;
1115
  font-weight: 700;
1116
  }
1117
 
1118
+ .aam-notification-metabox {
1119
+ background-color: #CB413A;
1120
+ color: #FFFFFF;
1121
+ letter-spacing: 0.5px;
1122
+ }
1123
+
1124
+ .aam-notification-metabox .postbox {
1125
+ border: 0;
1126
+ }
1127
+
1128
  .aam-error-list {
1129
+ padding: 15px 25px 10px 25px;
1130
+ list-style: none;
1131
  margin-bottom: 0;
1132
  }
1133
 
1134
+ .aam-error-list > li::before {
1135
+ content: "\2022";
1136
+ color: #FFFFFF;
1137
+ font-weight: 700;
1138
+ display: inline-block;
1139
+ width: 1em;
1140
+ margin-left: -1em;
1141
+ }
1142
+
1143
+ .aam-error-list a {
1144
+ color: #FFFFFF !important;
1145
+ text-decoration: none;
1146
+ font-weight: 700;
1147
+ }
1148
+
1149
+ .aam-error-list a:hover {
1150
+ color: #F0F0F0 !important;
1151
+ }
1152
+
1153
  .aam-menu-capability, .aam-metabox-details {
1154
  color: #777777;
1155
  font-weight: 400;
readme.txt CHANGED
@@ -4,7 +4,7 @@ Tags: access control, membership, backend menu, user role, restricted content, s
4
  Requires at least: 4.7.0
5
  Requires PHP: 5.6.0
6
  Tested up to: 5.3.2
7
- Stable tag: 6.4.1
8
 
9
  All you need to manage access to WordPress websites on the frontend, backend and API levels for any role, user or visitors.
10
 
@@ -91,6 +91,11 @@ We take security and privacy very seriously, that is why there are several non-n
91
 
92
  == Changelog ==
93
 
 
 
 
 
 
94
  = 6.4.1 =
95
  * Fixed Bug: Access Policy does not allow to use token in the param's value [https://github.com/aamplugin/advanced-access-manager/issues/84](https://github.com/aamplugin/advanced-access-manager/issues/84)
96
  * Fixed Bug: Warning: count(): Parameter must be an array or an object that implements Countable [https://github.com/aamplugin/advanced-access-manager/issues/82](https://github.com/aamplugin/advanced-access-manager/issues/82)
4
  Requires at least: 4.7.0
5
  Requires PHP: 5.6.0
6
  Tested up to: 5.3.2
7
+ Stable tag: 6.4.2
8
 
9
  All you need to manage access to WordPress websites on the frontend, backend and API levels for any role, user or visitors.
10
 
91
 
92
  == Changelog ==
93
 
94
+ = 6.4.2 =
95
+ * Fixed Bug: Plus Package add-on: Call to undefined function wp_parse_list() [https://github.com/aamplugin/advanced-access-manager/issues/87](https://github.com/aamplugin/advanced-access-manager/issues/87)
96
+ * Added New: Backward compatibility, return v1/authenticate endpoint [https://github.com/aamplugin/advanced-access-manager/issues/91](https://github.com/aamplugin/advanced-access-manager/issues/91)
97
+ * Added New: Implement "New update is available" feature [https://github.com/aamplugin/advanced-access-manager/issues/88](https://github.com/aamplugin/advanced-access-manager/issues/88)
98
+
99
  = 6.4.1 =
100
  * Fixed Bug: Access Policy does not allow to use token in the param's value [https://github.com/aamplugin/advanced-access-manager/issues/84](https://github.com/aamplugin/advanced-access-manager/issues/84)
101
  * Fixed Bug: Warning: count(): Parameter must be an array or an object that implements Countable [https://github.com/aamplugin/advanced-access-manager/issues/82](https://github.com/aamplugin/advanced-access-manager/issues/82)