Version Description
- 1 May 2019 =
- Fixed : On some sites, capabilities added dynamically by other code were forced into stored role definition (and could not be removed).
- Fixed : Negative role capabilities could not be directly unset (had to be checked, saved, then unchecked).
Download this release
Release Info
| Developer | kevinB |
| Plugin |  Capability Manager Enhanced |
| Version | 1.7.4 |
| Comparing to | |
| See all releases | |
Code changes from version 1.7.3 to 1.7.4
- capsman-enhanced.php +4 -4
- includes/handler.php +4 -1
- includes/manager.php +28 -21
- readme.txt +7 -3
capsman-enhanced.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
* Plugin Name: Capability Manager Enhanced
|
| 4 |
* Plugin URI: https://publishpress.com
|
| 5 |
* Description: Manage WordPress role definitions, per-site or network-wide. Organizes post capabilities by post type and operation.
|
| 6 |
-
* Version: 1.7.
|
| 7 |
* Author: PublishPress
|
| 8 |
* Author URI: https://publishpress.com
|
| 9 |
* Text Domain: capsman-enhanced
|
|
@@ -23,12 +23,12 @@
|
|
| 23 |
* @copyright Copyright (C) 2009, 2010 Jordi Canals; modifications Copyright (C) 2019 PublishPress
|
| 24 |
* @license GNU General Public License version 3
|
| 25 |
* @link https://publishpress.com
|
| 26 |
-
* @version 1.7.
|
| 27 |
*/
|
| 28 |
|
| 29 |
if ( ! defined( 'CAPSMAN_VERSION' ) ) {
|
| 30 |
-
define( 'CAPSMAN_VERSION', '1.7.
|
| 31 |
-
define( 'CAPSMAN_ENH_VERSION', '1.7.
|
| 32 |
}
|
| 33 |
|
| 34 |
if ( cme_is_plugin_active( 'capsman.php' ) ) {
|
| 3 |
* Plugin Name: Capability Manager Enhanced
|
| 4 |
* Plugin URI: https://publishpress.com
|
| 5 |
* Description: Manage WordPress role definitions, per-site or network-wide. Organizes post capabilities by post type and operation.
|
| 6 |
+
* Version: 1.7.4
|
| 7 |
* Author: PublishPress
|
| 8 |
* Author URI: https://publishpress.com
|
| 9 |
* Text Domain: capsman-enhanced
|
| 23 |
* @copyright Copyright (C) 2009, 2010 Jordi Canals; modifications Copyright (C) 2019 PublishPress
|
| 24 |
* @license GNU General Public License version 3
|
| 25 |
* @link https://publishpress.com
|
| 26 |
+
* @version 1.7.4
|
| 27 |
*/
|
| 28 |
|
| 29 |
if ( ! defined( 'CAPSMAN_VERSION' ) ) {
|
| 30 |
+
define( 'CAPSMAN_VERSION', '1.7.4' );
|
| 31 |
+
define( 'CAPSMAN_ENH_VERSION', '1.7.4' );
|
| 32 |
}
|
| 33 |
|
| 34 |
if ( cme_is_plugin_active( 'capsman.php' ) ) {
|
includes/handler.php
CHANGED
|
@@ -182,6 +182,7 @@ class CapsmanHandler
|
|
| 182 |
$role->name = $role_name;
|
| 183 |
|
| 184 |
$stored_role_caps = ( ! empty($role->capabilities) && is_array($role->capabilities) ) ? array_intersect( $role->capabilities, array(true, 1) ) : array();
|
|
|
|
| 185 |
|
| 186 |
$old_caps = array_intersect_key( $stored_role_caps, $this->cm->capabilities);
|
| 187 |
$new_caps = ( is_array($caps) ) ? array_map('boolval', $caps) : array();
|
|
@@ -189,7 +190,7 @@ class CapsmanHandler
|
|
| 189 |
|
| 190 |
// Find caps to add and remove
|
| 191 |
$add_caps = array_diff_key($new_caps, $old_caps);
|
| 192 |
-
$del_caps = array_diff_key($old_caps, $new_caps);
|
| 193 |
|
| 194 |
$changed_caps = array();
|
| 195 |
foreach( array_intersect_key( $new_caps, $old_caps ) as $cap_name => $cap_val ) {
|
|
@@ -226,6 +227,8 @@ class CapsmanHandler
|
|
| 226 |
$role->remove_cap($cap);
|
| 227 |
}
|
| 228 |
|
|
|
|
|
|
|
| 229 |
if ( is_multisite() && is_super_admin() && ( 1 == get_current_blog_id() ) ) {
|
| 230 |
if ( ! $autocreate_roles = get_site_option( 'cme_autocreate_roles' ) )
|
| 231 |
$autocreate_roles = array();
|
| 182 |
$role->name = $role_name;
|
| 183 |
|
| 184 |
$stored_role_caps = ( ! empty($role->capabilities) && is_array($role->capabilities) ) ? array_intersect( $role->capabilities, array(true, 1) ) : array();
|
| 185 |
+
$stored_negative_role_caps = ( ! empty($role->capabilities) && is_array($role->capabilities) ) ? array_intersect( $role->capabilities, array(false) ) : array();
|
| 186 |
|
| 187 |
$old_caps = array_intersect_key( $stored_role_caps, $this->cm->capabilities);
|
| 188 |
$new_caps = ( is_array($caps) ) ? array_map('boolval', $caps) : array();
|
| 190 |
|
| 191 |
// Find caps to add and remove
|
| 192 |
$add_caps = array_diff_key($new_caps, $old_caps);
|
| 193 |
+
$del_caps = array_diff_key(array_merge($old_caps, $stored_negative_role_caps), $new_caps);
|
| 194 |
|
| 195 |
$changed_caps = array();
|
| 196 |
foreach( array_intersect_key( $new_caps, $old_caps ) as $cap_name => $cap_val ) {
|
| 227 |
$role->remove_cap($cap);
|
| 228 |
}
|
| 229 |
|
| 230 |
+
$this->cm->log_db_roles();
|
| 231 |
+
|
| 232 |
if ( is_multisite() && is_super_admin() && ( 1 == get_current_blog_id() ) ) {
|
| 233 |
if ( ! $autocreate_roles = get_site_option( 'cme_autocreate_roles' ) )
|
| 234 |
$autocreate_roles = array();
|
includes/manager.php
CHANGED
|
@@ -183,29 +183,34 @@ class CapabilityManager
|
|
| 183 |
// Users with roles that cannot be managed, are not allowed to be edited.
|
| 184 |
add_filter('map_meta_cap', array(&$this, 'filterUserEdit'), 10, 4);
|
| 185 |
|
| 186 |
-
// ensure storage, retrieval of db-stored customizations to
|
| 187 |
-
|
| 188 |
-
|
| 189 |
-
|
| 190 |
-
|
|
|
|
|
|
|
| 191 |
|
| 192 |
add_filter( 'plugins_loaded', array( &$this, 'processRoleUpdate' ) );
|
| 193 |
}
|
| 194 |
-
|
| 195 |
-
function log_db_roles( $passthru_roles ) {
|
| 196 |
-
global $wp_roles;
|
| 197 |
|
| 198 |
-
|
| 199 |
-
|
|
|
|
| 200 |
|
| 201 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 202 |
}
|
| 203 |
-
|
| 204 |
// note: this is only applied when accessing the cme role edit form
|
| 205 |
function reinstate_db_roles( $passthru_roles = array() ) {
|
| 206 |
global $wp_roles;
|
| 207 |
|
| 208 |
-
if ( $this->log_db_role_objects ) {
|
| 209 |
$intersect = array_intersect_key( $wp_roles->role_objects, $this->log_db_role_objects );
|
| 210 |
foreach( array_keys( $intersect ) as $key ) {
|
| 211 |
if ( ! empty( $this->log_db_role_objects[$key]->capabilities ) )
|
|
@@ -351,18 +356,16 @@ class CapabilityManager
|
|
| 351 |
}
|
| 352 |
|
| 353 |
function processRoleUpdate() {
|
| 354 |
-
$this->current = get_option('default_role'); // By default we manage the default role.
|
| 355 |
-
|
| 356 |
if ( 'POST' == $_SERVER['REQUEST_METHOD'] && ( ! empty($_REQUEST['SaveRole']) || ! empty($_REQUEST['AddCap']) ) ) {
|
| 357 |
if ( ! current_user_can('manage_capabilities') && ! current_user_can('administrator') ) {
|
| 358 |
// TODO: Implement exceptions.
|
| 359 |
wp_die('<strong>' .__('What do you think you\'re doing?!?', 'capsman-enhanced') . '</strong>');
|
| 360 |
}
|
| 361 |
|
| 362 |
-
|
| 363 |
-
|
| 364 |
-
|
| 365 |
-
|
| 366 |
}
|
| 367 |
}
|
| 368 |
|
|
@@ -397,11 +400,15 @@ class CapabilityManager
|
|
| 397 |
$capsman_modify = new CapsmanHandler( $this );
|
| 398 |
$capsman_modify->adminDeleteRole();
|
| 399 |
}
|
| 400 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 401 |
if ( ! in_array($this->current, $roles) ) { // Current role has been deleted.
|
| 402 |
$this->current = array_shift($roles);
|
| 403 |
}
|
| 404 |
-
|
| 405 |
include ( dirname(CME_FILE) . '/includes/admin.php' );
|
| 406 |
}
|
| 407 |
|
| 183 |
// Users with roles that cannot be managed, are not allowed to be edited.
|
| 184 |
add_filter('map_meta_cap', array(&$this, 'filterUserEdit'), 10, 4);
|
| 185 |
|
| 186 |
+
// ensure storage, retrieval of db-stored customizations to dynamic roles
|
| 187 |
+
if ( isset($_REQUEST['page']) && in_array( $_REQUEST['page'], array( 'capsman', 'capsman-tool' ) ) ) {
|
| 188 |
+
global $wpdb;
|
| 189 |
+
$role_key = $wpdb->prefix . 'user_roles';
|
| 190 |
+
$this->log_db_roles();
|
| 191 |
+
add_filter( 'option_' . $role_key, array( &$this, 'reinstate_db_roles' ), PHP_INT_MAX );
|
| 192 |
+
}
|
| 193 |
|
| 194 |
add_filter( 'plugins_loaded', array( &$this, 'processRoleUpdate' ) );
|
| 195 |
}
|
|
|
|
|
|
|
|
|
|
| 196 |
|
| 197 |
+
// Direct query of stored role definitions
|
| 198 |
+
function log_db_roles( $legacy_arg = '' ) {
|
| 199 |
+
global $wpdb;
|
| 200 |
|
| 201 |
+
$results = (array) maybe_unserialize( $wpdb->get_var("SELECT option_value FROM $wpdb->options WHERE option_name = '{$wpdb->prefix}user_roles' LIMIT 1") );
|
| 202 |
+
foreach( $results as $_role_name => $_role ) {
|
| 203 |
+
$this->log_db_role_objects[$_role_name] = (object) $_role;
|
| 204 |
+
}
|
| 205 |
+
|
| 206 |
+
return $legacy_arg;
|
| 207 |
}
|
| 208 |
+
|
| 209 |
// note: this is only applied when accessing the cme role edit form
|
| 210 |
function reinstate_db_roles( $passthru_roles = array() ) {
|
| 211 |
global $wp_roles;
|
| 212 |
|
| 213 |
+
if ( isset($wp_roles) && $this->log_db_role_objects ) {
|
| 214 |
$intersect = array_intersect_key( $wp_roles->role_objects, $this->log_db_role_objects );
|
| 215 |
foreach( array_keys( $intersect ) as $key ) {
|
| 216 |
if ( ! empty( $this->log_db_role_objects[$key]->capabilities ) )
|
| 356 |
}
|
| 357 |
|
| 358 |
function processRoleUpdate() {
|
|
|
|
|
|
|
| 359 |
if ( 'POST' == $_SERVER['REQUEST_METHOD'] && ( ! empty($_REQUEST['SaveRole']) || ! empty($_REQUEST['AddCap']) ) ) {
|
| 360 |
if ( ! current_user_can('manage_capabilities') && ! current_user_can('administrator') ) {
|
| 361 |
// TODO: Implement exceptions.
|
| 362 |
wp_die('<strong>' .__('What do you think you\'re doing?!?', 'capsman-enhanced') . '</strong>');
|
| 363 |
}
|
| 364 |
|
| 365 |
+
if ( ! empty($_REQUEST['current']) ) { // don't process role update unless form variable is received
|
| 366 |
+
check_admin_referer('capsman-general-manager');
|
| 367 |
+
$this->processAdminGeneral();
|
| 368 |
+
}
|
| 369 |
}
|
| 370 |
}
|
| 371 |
|
| 400 |
$capsman_modify = new CapsmanHandler( $this );
|
| 401 |
$capsman_modify->adminDeleteRole();
|
| 402 |
}
|
| 403 |
+
|
| 404 |
+
if ( ! isset($this->current) ) { // By default, we manage the default role
|
| 405 |
+
$this->current = get_option('default_role');
|
| 406 |
+
}
|
| 407 |
+
|
| 408 |
if ( ! in_array($this->current, $roles) ) { // Current role has been deleted.
|
| 409 |
$this->current = array_shift($roles);
|
| 410 |
}
|
| 411 |
+
|
| 412 |
include ( dirname(CME_FILE) . '/includes/admin.php' );
|
| 413 |
}
|
| 414 |
|
readme.txt
CHANGED
|
@@ -1,9 +1,9 @@
|
|
| 1 |
=== Capability Manager Enhanced===
|
| 2 |
Contributors: publishpress, kevinB, stevejburge, andergmartins
|
| 3 |
-
Tags:
|
| 4 |
Requires at least: 4.1
|
| 5 |
-
Tested up to: 5.
|
| 6 |
-
Stable tag: 1.7.
|
| 7 |
License: GPLv3
|
| 8 |
License URI: https://www.gnu.org/licenses/gpl-3.0.html
|
| 9 |
|
|
@@ -70,6 +70,10 @@ Keep in mind that this plugin's main purpose is to expose switches (defined capa
|
|
| 70 |
|
| 71 |
== Changelog ==
|
| 72 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 73 |
= 1.7.3 - 9 Apr 2019 =
|
| 74 |
* Fixed : Work around WP quirk of completely blocking admin page access for a post type if user lacks create capability for the post type and there are no other accessible items on the menu.
|
| 75 |
* Fixed : PHP Notices on Roles and Capabilities screen for non-Administrator with WooCommerce active
|
| 1 |
=== Capability Manager Enhanced===
|
| 2 |
Contributors: publishpress, kevinB, stevejburge, andergmartins
|
| 3 |
+
Tags: role, capabilities, post types, taxonomies, editor, network, multisite
|
| 4 |
Requires at least: 4.1
|
| 5 |
+
Tested up to: 5.2
|
| 6 |
+
Stable tag: 1.7.4
|
| 7 |
License: GPLv3
|
| 8 |
License URI: https://www.gnu.org/licenses/gpl-3.0.html
|
| 9 |
|
| 70 |
|
| 71 |
== Changelog ==
|
| 72 |
|
| 73 |
+
= 1.7.4 - 1 May 2019 =
|
| 74 |
+
* Fixed : On some sites, capabilities added dynamically by other code were forced into stored role definition (and could not be removed).
|
| 75 |
+
* Fixed : Negative role capabilities could not be directly unset (had to be checked, saved, then unchecked).
|
| 76 |
+
|
| 77 |
= 1.7.3 - 9 Apr 2019 =
|
| 78 |
* Fixed : Work around WP quirk of completely blocking admin page access for a post type if user lacks create capability for the post type and there are no other accessible items on the menu.
|
| 79 |
* Fixed : PHP Notices on Roles and Capabilities screen for non-Administrator with WooCommerce active
|
