Advanced Access Manager - Version 6.6.1

Version Description

  • Fixed Bug: register_rest_route was called incorrectly in WP 5.5 https://github.com/aamplugin/advanced-access-manager/issues/136
  • Fixed Bug: When AAM is active, the Password Protected cannot be set https://github.com/aamplugin/advanced-access-manager/issues/137
Download this release

Release Info

Developer vasyltech
Plugin Icon 128x128 Advanced Access Manager
Version 6.6.1
Comparing to
See all releases

Code changes from version 6.6.0 to 6.6.1

Files changed (5) hide show
  1. aam.php +2 -2
  2. application/Service/Content.php +10 -3
  3. application/Service/Jwt.php +26 -17
  4. application/Service/SecureLogin.php +11 -7
  5. readme.txt +6 -2
aam.php CHANGED
@@ -3,7 +3,7 @@
3
  /**
4
  * Plugin Name: Advanced Access Manager
5
  * Description: Collection of features to manage your WordPress website authentication, authorization and monitoring
6
- * Version: 6.6.0
7
  * Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  * Author URI: https://vasyltech.com
9
  * Text Domain: advanced-access-manager
@@ -264,7 +264,7 @@ if (defined('ABSPATH')) {
264
  //define few common constants
265
  define('AAM_MEDIA', plugins_url('/media', __FILE__));
266
  define('AAM_KEY', 'advanced-access-manager');
267
- define('AAM_VERSION', '6.6.0');
268
  define('AAM_BASEDIR', __DIR__);
269
 
270
  //load vendor
3
  /**
4
  * Plugin Name: Advanced Access Manager
5
  * Description: Collection of features to manage your WordPress website authentication, authorization and monitoring
6
+ * Version: 6.6.1
7
  * Author: Vasyl Martyniuk <vasyl@vasyltech.com>
8
  * Author URI: https://vasyltech.com
9
  * Text Domain: advanced-access-manager
264
  //define few common constants
265
  define('AAM_MEDIA', plugins_url('/media', __FILE__));
266
  define('AAM_KEY', 'advanced-access-manager');
267
+ define('AAM_VERSION', '6.6.1');
268
  define('AAM_BASEDIR', __DIR__);
269
 
270
  //load vendor
application/Service/Content.php CHANGED
@@ -10,6 +10,7 @@
10
  /**
11
  * Posts & Terms service
12
  *
 
13
  * @since 6.5.1 https://github.com/aamplugin/advanced-access-manager/issues/115
14
  * @since 6.4.0 Enhanced https://github.com/aamplugin/advanced-access-manager/issues/71
15
  * @since 6.2.0 Enhanced HIDDEN option with more granular access controls
@@ -21,7 +22,7 @@
21
  * @since 6.0.0 Initial implementation of the class
22
  *
23
  * @package AAM
24
- * @version 6.5.1
25
  */
26
  class AAM_Service_Content
27
  {
@@ -196,6 +197,7 @@ class AAM_Service_Content
196
  if (!is_admin()) {
197
  // Password protected filter
198
  add_filter('post_password_required', array($this, 'isPasswordRequired'), 10, 2);
 
199
  // Manage password check expiration
200
  add_filter('post_password_expires', array($this, 'checkPassExpiration'));
201
 
@@ -520,12 +522,13 @@ class AAM_Service_Content
520
  *
521
  * @return mixed
522
  *
 
523
  * @since 6.1.0 Fixed bug that causes fatal error when callback is Closure
524
  * @since 6.0.2 Making sure that get_post returns actual post object
525
  * @since 6.0.0 Initial implementation of the method
526
  *
527
  * @access public
528
- * @version 6.1.0
529
  */
530
  public function beforeDispatch($response, $handler, $request)
531
  {
@@ -544,7 +547,11 @@ class AAM_Service_Content
544
  $has_pass = isset($request['password']);
545
 
546
  // Honor the manually defined password on the post
547
- if (is_a($post, 'WP_Post') && empty($post->post_password) && $has_pass) {
 
 
 
 
548
  $request['_password'] = $request['password'];
549
  unset($request['password']);
550
  }
10
  /**
11
  * Posts & Terms service
12
  *
13
+ * @since 6.6.1 https://github.com/aamplugin/advanced-access-manager/issues/137
14
  * @since 6.5.1 https://github.com/aamplugin/advanced-access-manager/issues/115
15
  * @since 6.4.0 Enhanced https://github.com/aamplugin/advanced-access-manager/issues/71
16
  * @since 6.2.0 Enhanced HIDDEN option with more granular access controls
22
  * @since 6.0.0 Initial implementation of the class
23
  *
24
  * @package AAM
25
+ * @version 6.6.1
26
  */
27
  class AAM_Service_Content
28
  {
197
  if (!is_admin()) {
198
  // Password protected filter
199
  add_filter('post_password_required', array($this, 'isPasswordRequired'), 10, 2);
200
+
201
  // Manage password check expiration
202
  add_filter('post_password_expires', array($this, 'checkPassExpiration'));
203
 
522
  *
523
  * @return mixed
524
  *
525
+ * @since 6.6.1 https://github.com/aamplugin/advanced-access-manager/issues/137
526
  * @since 6.1.0 Fixed bug that causes fatal error when callback is Closure
527
  * @since 6.0.2 Making sure that get_post returns actual post object
528
  * @since 6.0.0 Initial implementation of the method
529
  *
530
  * @access public
531
+ * @version 6.6.1
532
  */
533
  public function beforeDispatch($response, $handler, $request)
534
  {
547
  $has_pass = isset($request['password']);
548
 
549
  // Honor the manually defined password on the post
550
+ if (is_a($post, 'WP_Post')
551
+ && empty($post->post_password)
552
+ && $has_pass
553
+ && ($request->get_method() === 'GET')
554
+ ) {
555
  $request['_password'] = $request['password'];
556
  unset($request['password']);
557
  }
application/Service/Jwt.php CHANGED
@@ -10,6 +10,7 @@
10
  /**
11
  * JWT Token service
12
  *
 
13
  * @since 6.6.0 https://github.com/aamplugin/advanced-access-manager/issues/129
14
  * https://github.com/aamplugin/advanced-access-manager/issues/100
15
  * https://github.com/aamplugin/advanced-access-manager/issues/118
@@ -24,7 +25,7 @@
24
  * @since 6.0.0 Initial implementation of the class
25
  *
26
  * @package AAM
27
- * @version 6.6.0
28
  */
29
  class AAM_Service_Jwt
30
  {
@@ -159,16 +160,20 @@ class AAM_Service_Jwt
159
  *
160
  * @return void
161
  *
 
 
 
162
  * @access public
163
- * @version 6.0.0
164
  */
165
  public function registerAPI()
166
  {
167
  // Validate JWT token
168
  register_rest_route('aam/v2', '/jwt/validate', array(
169
- 'methods' => 'POST',
170
- 'callback' => array($this, 'validateToken'),
171
- 'args' => array(
 
172
  'jwt' => array(
173
  'description' => __('JWT token.', AAM_KEY),
174
  'type' => 'string',
@@ -176,9 +181,10 @@ class AAM_Service_Jwt
176
  ),
177
  ));
178
  register_rest_route('aam/v1', '/validate-jwt', array(
179
- 'methods' => 'POST',
180
- 'callback' => array($this, 'validateTokenDeprecated'),
181
- 'args' => array(
 
182
  'jwt' => array(
183
  'description' => __('JWT token.', AAM_KEY),
184
  'type' => 'string',
@@ -188,9 +194,10 @@ class AAM_Service_Jwt
188
 
189
  // Refresh JWT token
190
  register_rest_route('aam/v2', '/jwt/refresh', array(
191
- 'methods' => 'POST',
192
- 'callback' => array($this, 'refreshToken'),
193
- 'args' => array(
 
194
  'jwt' => array(
195
  'description' => __('JWT token.', AAM_KEY),
196
  'type' => 'string',
@@ -198,9 +205,10 @@ class AAM_Service_Jwt
198
  ),
199
  ));
200
  register_rest_route('aam/v1', '/refresh-jwt', array(
201
- 'methods' => 'POST',
202
- 'callback' => array($this, 'refreshTokenDeprecated'),
203
- 'args' => array(
 
204
  'jwt' => array(
205
  'description' => __('JWT token.', AAM_KEY),
206
  'type' => 'string',
@@ -210,9 +218,10 @@ class AAM_Service_Jwt
210
 
211
  // Revoke JWT token
212
  register_rest_route('aam/v2', '/jwt/revoke', array(
213
- 'methods' => 'POST',
214
- 'callback' => array($this, 'revokeToken'),
215
- 'args' => array(
 
216
  'jwt' => array(
217
  'description' => __('JWT token.', AAM_KEY),
218
  'type' => 'string',
10
  /**
11
  * JWT Token service
12
  *
13
+ * @since 6.6.1 https://github.com/aamplugin/advanced-access-manager/issues/136
14
  * @since 6.6.0 https://github.com/aamplugin/advanced-access-manager/issues/129
15
  * https://github.com/aamplugin/advanced-access-manager/issues/100
16
  * https://github.com/aamplugin/advanced-access-manager/issues/118
25
  * @since 6.0.0 Initial implementation of the class
26
  *
27
  * @package AAM
28
+ * @version 6.6.1
29
  */
30
  class AAM_Service_Jwt
31
  {
160
  *
161
  * @return void
162
  *
163
+ * @since 6.6.1 Fixed https://github.com/aamplugin/advanced-access-manager/issues/136
164
+ * @since 6.0.0 Initial implementation of the method
165
+ *
166
  * @access public
167
+ * @version 6.6.1
168
  */
169
  public function registerAPI()
170
  {
171
  // Validate JWT token
172
  register_rest_route('aam/v2', '/jwt/validate', array(
173
+ 'methods' => 'POST',
174
+ 'callback' => array($this, 'validateToken'),
175
+ 'permission_callback' => '__return_true',
176
+ 'args' => array(
177
  'jwt' => array(
178
  'description' => __('JWT token.', AAM_KEY),
179
  'type' => 'string',
181
  ),
182
  ));
183
  register_rest_route('aam/v1', '/validate-jwt', array(
184
+ 'methods' => 'POST',
185
+ 'callback' => array($this, 'validateTokenDeprecated'),
186
+ 'permission_callback' => '__return_true',
187
+ 'args' => array(
188
  'jwt' => array(
189
  'description' => __('JWT token.', AAM_KEY),
190
  'type' => 'string',
194
 
195
  // Refresh JWT token
196
  register_rest_route('aam/v2', '/jwt/refresh', array(
197
+ 'methods' => 'POST',
198
+ 'callback' => array($this, 'refreshToken'),
199
+ 'permission_callback' => '__return_true',
200
+ 'args' => array(
201
  'jwt' => array(
202
  'description' => __('JWT token.', AAM_KEY),
203
  'type' => 'string',
205
  ),
206
  ));
207
  register_rest_route('aam/v1', '/refresh-jwt', array(
208
+ 'methods' => 'POST',
209
+ 'callback' => array($this, 'refreshTokenDeprecated'),
210
+ 'permission_callback' => '__return_true',
211
+ 'args' => array(
212
  'jwt' => array(
213
  'description' => __('JWT token.', AAM_KEY),
214
  'type' => 'string',
218
 
219
  // Revoke JWT token
220
  register_rest_route('aam/v2', '/jwt/revoke', array(
221
+ 'methods' => 'POST',
222
+ 'callback' => array($this, 'revokeToken'),
223
+ 'permission_callback' => '__return_true',
224
+ 'args' => array(
225
  'jwt' => array(
226
  'description' => __('JWT token.', AAM_KEY),
227
  'type' => 'string',
application/Service/SecureLogin.php CHANGED
@@ -10,6 +10,7 @@
10
  /**
11
  * Secure Login service
12
  *
 
13
  * @since 6.4.2 Enhanced https://github.com/aamplugin/advanced-access-manager/issues/91
14
  * @since 6.4.0 Enhanced https://github.com/aamplugin/advanced-access-manager/issues/16.
15
  * Enhanced https://github.com/aamplugin/advanced-access-manager/issues/71
@@ -18,7 +19,7 @@
18
  * @since 6.0.0 Initial implementation of the class
19
  *
20
  * @package AAM
21
- * @version 6.4.2
22
  */
23
  class AAM_Service_SecureLogin
24
  {
@@ -146,17 +147,19 @@ class AAM_Service_SecureLogin
146
  *
147
  * Register AAM authentication endpoint
148
  *
 
149
  * @since 6.4.2 Enhanced https://github.com/aamplugin/advanced-access-manager/issues/91
150
  * @since 6.0.0 Initial implementation of the method
151
  *
152
  * @return void
153
- * @version 6.4.2
154
  */
155
  public function registerRESTfulRoute()
156
  {
157
  $config = array(
158
- 'methods' => 'POST',
159
- 'callback' => array($this, 'authenticate'),
 
160
  'args' => apply_filters('aam_restful_authentication_args_filter', array(
161
  'username' => array(
162
  'description' => 'Valid username.',
@@ -185,9 +188,10 @@ class AAM_Service_SecureLogin
185
 
186
  // For backward compatibility, keep /v1/authenticate endpoint
187
  register_rest_route('aam/v1', '/authenticate', array(
188
- 'methods' => 'POST',
189
- 'callback' => array($this, 'legacyAuthenticate'),
190
- 'args' => array(
 
191
  'username' => array(
192
  'description' => __('Valid username.', AAM_KEY),
193
  'type' => 'string',
10
  /**
11
  * Secure Login service
12
  *
13
+ * @since 6.6.1 https://github.com/aamplugin/advanced-access-manager/issues/136
14
  * @since 6.4.2 Enhanced https://github.com/aamplugin/advanced-access-manager/issues/91
15
  * @since 6.4.0 Enhanced https://github.com/aamplugin/advanced-access-manager/issues/16.
16
  * Enhanced https://github.com/aamplugin/advanced-access-manager/issues/71
19
  * @since 6.0.0 Initial implementation of the class
20
  *
21
  * @package AAM
22
+ * @version 6.6.1
23
  */
24
  class AAM_Service_SecureLogin
25
  {
147
  *
148
  * Register AAM authentication endpoint
149
  *
150
+ * @since 6.6.1 https://github.com/aamplugin/advanced-access-manager/issues/136
151
  * @since 6.4.2 Enhanced https://github.com/aamplugin/advanced-access-manager/issues/91
152
  * @since 6.0.0 Initial implementation of the method
153
  *
154
  * @return void
155
+ * @version 6.6.1
156
  */
157
  public function registerRESTfulRoute()
158
  {
159
  $config = array(
160
+ 'methods' => 'POST',
161
+ 'callback' => array($this, 'authenticate'),
162
+ 'permission_callback' => '__return_true',
163
  'args' => apply_filters('aam_restful_authentication_args_filter', array(
164
  'username' => array(
165
  'description' => 'Valid username.',
188
 
189
  // For backward compatibility, keep /v1/authenticate endpoint
190
  register_rest_route('aam/v1', '/authenticate', array(
191
+ 'methods' => 'POST',
192
+ 'callback' => array($this, 'legacyAuthenticate'),
193
+ 'permission_callback' => '__return_true',
194
+ 'args' => array(
195
  'username' => array(
196
  'description' => __('Valid username.', AAM_KEY),
197
  'type' => 'string',
readme.txt CHANGED
@@ -3,8 +3,8 @@ Contributors: vasyltech
3
  Tags: access control, membership, backend menu, user role, restricted content, security, jwt
4
  Requires at least: 4.7.0
5
  Requires PHP: 5.6.0
6
- Tested up to: 5.4.2
7
- Stable tag: 6.6.0
8
 
9
  All you need to manage access to WordPress websites on the frontend, backend and API levels for any role, user or visitors.
10
 
@@ -91,6 +91,10 @@ We take security and privacy very seriously, that is why there are several non-n
91
 
92
  == Changelog ==
93
 
 
 
 
 
94
  = 6.6.0 =
95
  * Fixed Bug: No ability to "allow" API Route [https://github.com/aamplugin/advanced-access-manager/issues/131](https://github.com/aamplugin/advanced-access-manager/issues/131)
96
  * Fixed Bug: Passwordless login sets cookie that might logout issues [https://github.com/aamplugin/advanced-access-manager/issues/129](https://github.com/aamplugin/advanced-access-manager/issues/129)
3
  Tags: access control, membership, backend menu, user role, restricted content, security, jwt
4
  Requires at least: 4.7.0
5
  Requires PHP: 5.6.0
6
+ Tested up to: 5.5.0
7
+ Stable tag: 6.6.1
8
 
9
  All you need to manage access to WordPress websites on the frontend, backend and API levels for any role, user or visitors.
10
 
91
 
92
  == Changelog ==
93
 
94
+ = 6.6.1 =
95
+ * Fixed Bug: register_rest_route was called incorrectly in WP 5.5 [https://github.com/aamplugin/advanced-access-manager/issues/136](https://github.com/aamplugin/advanced-access-manager/issues/136)
96
+ * Fixed Bug: When AAM is active, the Password Protected cannot be set [https://github.com/aamplugin/advanced-access-manager/issues/137](https://github.com/aamplugin/advanced-access-manager/issues/137)
97
+
98
  = 6.6.0 =
99
  * Fixed Bug: No ability to "allow" API Route [https://github.com/aamplugin/advanced-access-manager/issues/131](https://github.com/aamplugin/advanced-access-manager/issues/131)
100
  * Fixed Bug: Passwordless login sets cookie that might logout issues [https://github.com/aamplugin/advanced-access-manager/issues/129](https://github.com/aamplugin/advanced-access-manager/issues/129)