Groups - Version 1.4.3

Version Description

  • Added: Bulk editing (add/remove) of post access restriction capabilities.
  • Fixed: A typo in the Access Restriction column's tooltip text.
  • Fixed: Validation of access restriction capabilities when saved on options admin screen.
  • Changed: Users must now have the groups_access capability to be able to use the access restriction meta box on posts.
Download this release

Release Info

Developer itthinx
Plugin Icon 128x128 Groups
Version 1.4.3
Comparing to
See all releases

Code changes from version 1.4.2 to 1.4.3

Files changed (6) hide show
  1. groups.php +2 -2
  2. lib/access/class-groups-access-meta-boxes.php +17 -10
  3. lib/admin/class-groups-admin-post-columns.php +1 -1
  4. lib/admin/class-groups-admin-posts.php +113 -6
  5. lib/admin/groups-admin-options.php +4 -2
  6. readme.txt +10 -1
groups.php CHANGED
@@ -21,13 +21,13 @@
21
  * Plugin Name: Groups
22
  * Plugin URI: http://www.itthinx.com/plugins/groups
23
  * Description: Groups provides group-based user membership management, group-based capabilities and content access control.
24
- * Version: 1.4.2
25
  * Author: itthinx
26
  * Author URI: http://www.itthinx.com
27
  * Donate-Link: http://www.itthinx.com
28
  * License: GPLv3
29
  */
30
- define( 'GROUPS_CORE_VERSION', '1.4.2' );
31
  define( 'GROUPS_FILE', __FILE__ );
32
  if ( !defined( 'GROUPS_CORE_DIR' ) ) {
33
  define( 'GROUPS_CORE_DIR', WP_PLUGIN_DIR . '/groups' );
21
  * Plugin Name: Groups
22
  * Plugin URI: http://www.itthinx.com/plugins/groups
23
  * Description: Groups provides group-based user membership management, group-based capabilities and content access control.
24
+ * Version: 1.4.3
25
  * Author: itthinx
26
  * Author URI: http://www.itthinx.com
27
  * Donate-Link: http://www.itthinx.com
28
  * License: GPLv3
29
  */
30
+ define( 'GROUPS_CORE_VERSION', '1.4.3' );
31
  define( 'GROUPS_FILE', __FILE__ );
32
  if ( !defined( 'GROUPS_CORE_DIR' ) ) {
33
  define( 'GROUPS_CORE_DIR', WP_PLUGIN_DIR . '/groups' );
lib/access/class-groups-access-meta-boxes.php CHANGED
@@ -33,19 +33,26 @@ class Groups_Access_Meta_Boxes {
33
  const SHOW_GROUPS = 'access-meta-box-show-groups';
34
 
35
  /**
36
- * Hooks for capabilities meta box and saving options.
37
  */
38
  public static function init() {
 
 
39
 
40
- require_once GROUPS_VIEWS_LIB . '/class-groups-uie.php';
41
-
42
- add_action( 'add_meta_boxes', array( __CLASS__, "add_meta_boxes" ), 10, 2 );
43
- add_action( 'save_post', array( __CLASS__, "save_post" ), 10, 2 );
44
- add_filter( 'wp_insert_post_empty_content', array( __CLASS__, 'wp_insert_post_empty_content' ), 10, 2 );
 
45
 
46
- add_action( 'attachment_fields_to_edit', array( __CLASS__, 'attachment_fields_to_edit' ), 10, 2 );
47
- add_action( 'attachment_fields_to_save', array( __CLASS__, 'attachment_fields_to_save' ), 10, 2 );
 
48
 
 
 
 
49
  }
50
 
51
  /**
@@ -603,7 +610,7 @@ class Groups_Access_Meta_Boxes {
603
  * that can be used to restrict access to posts.
604
  * @return boolean
605
  */
606
- private static function user_can_restrict() {
607
  $has_read_cap = false;
608
  $user = new Groups_User( get_current_user_id() );
609
  $valid_read_caps = Groups_Options::get_option( Groups_Post_Access::READ_POST_CAPABILITIES, array( Groups_Post_Access::READ_POST_CAPABILITY ) );
@@ -621,7 +628,7 @@ class Groups_Access_Meta_Boxes {
621
  /**
622
  * @return array of valid read capabilities for the current or given user
623
  */
624
- private static function get_valid_read_caps_for_user( $user_id = null ) {
625
  $result = array();
626
  $user = new Groups_User( $user_id === null ? get_current_user_id() : $user_id );
627
  $valid_read_caps = Groups_Options::get_option( Groups_Post_Access::READ_POST_CAPABILITIES, array( Groups_Post_Access::READ_POST_CAPABILITY ) );
33
  const SHOW_GROUPS = 'access-meta-box-show-groups';
34
 
35
  /**
36
+ * Sets up an init hook where actions and filters are added.
37
  */
38
  public static function init() {
39
+ add_action( 'init', array( __CLASS__, 'wp_init' ) );
40
+ }
41
 
42
+ /**
43
+ * Hooks for capabilities meta box and saving options.
44
+ */
45
+ public static function wp_init() {
46
+ if ( current_user_can( GROUPS_ACCESS_GROUPS ) ) {
47
+ require_once GROUPS_VIEWS_LIB . '/class-groups-uie.php';
48
 
49
+ add_action( 'add_meta_boxes', array( __CLASS__, "add_meta_boxes" ), 10, 2 );
50
+ add_action( 'save_post', array( __CLASS__, "save_post" ), 10, 2 );
51
+ add_filter( 'wp_insert_post_empty_content', array( __CLASS__, 'wp_insert_post_empty_content' ), 10, 2 );
52
 
53
+ add_action( 'attachment_fields_to_edit', array( __CLASS__, 'attachment_fields_to_edit' ), 10, 2 );
54
+ add_action( 'attachment_fields_to_save', array( __CLASS__, 'attachment_fields_to_save' ), 10, 2 );
55
+ }
56
  }
57
 
58
  /**
610
  * that can be used to restrict access to posts.
611
  * @return boolean
612
  */
613
+ public static function user_can_restrict() {
614
  $has_read_cap = false;
615
  $user = new Groups_User( get_current_user_id() );
616
  $valid_read_caps = Groups_Options::get_option( Groups_Post_Access::READ_POST_CAPABILITIES, array( Groups_Post_Access::READ_POST_CAPABILITY ) );
628
  /**
629
  * @return array of valid read capabilities for the current or given user
630
  */
631
+ public static function get_valid_read_caps_for_user( $user_id = null ) {
632
  $result = array();
633
  $user = new Groups_User( $user_id === null ? get_current_user_id() : $user_id );
634
  $valid_read_caps = Groups_Options::get_option( Groups_Post_Access::READ_POST_CAPABILITIES, array( Groups_Post_Access::READ_POST_CAPABILITY ) );
lib/admin/class-groups-admin-post-columns.php CHANGED
@@ -70,7 +70,7 @@ class Groups_Admin_Post_Columns {
70
  public static function columns( $column_headers ) {
71
  $column_headers[self::CAPABILITIES] = sprintf(
72
  __( '<span title="%s">Access Restrictions</span>', GROUPS_PLUGIN_DOMAIN ),
73
- esc_attr( __( 'One ore more capabilities required to read the entry.', GROUPS_PLUGIN_DOMAIN ) )
74
  );
75
  return $column_headers;
76
  }
70
  public static function columns( $column_headers ) {
71
  $column_headers[self::CAPABILITIES] = sprintf(
72
  __( '<span title="%s">Access Restrictions</span>', GROUPS_PLUGIN_DOMAIN ),
73
+ esc_attr( __( 'One or more capabilities required to read the entry.', GROUPS_PLUGIN_DOMAIN ) )
74
  );
75
  return $column_headers;
76
  }
lib/admin/class-groups-admin-posts.php CHANGED
@@ -43,6 +43,9 @@ class Groups_Admin_Posts {
43
  add_action( 'admin_head', array( __CLASS__, 'admin_head' ) );
44
  add_action( 'restrict_manage_posts', array( __CLASS__, 'restrict_manage_posts' ) );
45
  add_filter( 'parse_query', array( __CLASS__, 'parse_query' ) );
 
 
 
46
  }
47
  }
48
 
@@ -53,12 +56,12 @@ class Groups_Admin_Posts {
53
 
54
  global $pagenow;
55
 
56
- if ( $pagenow == 'edit.php' ) {
57
- $post_type = isset( $_GET['post_type'] ) ? $_GET['post_type'] : 'post';
58
- $post_types_option = Groups_Options::get_option( Groups_Post_Access::POST_TYPES, array() );
59
- if ( !isset( $post_types_option[$post_type]['add_meta_box'] ) || $post_types_option[$post_type]['add_meta_box'] ) {
60
- Groups_UIE::enqueue( 'select' );
61
- }
62
  }
63
  }
64
 
@@ -83,6 +86,7 @@ class Groups_Admin_Posts {
83
  echo '.groups-capabilities-container .selectize-input input[type="text"] { font-size: inherit; vertical-align: middle; }';
84
  echo '.groups-capabilities-container input.button { margin-top: 1px; vertical-align: top; }';
85
  echo '.tablenav .actions { overflow: visible; }'; // this is important so that the selectize options aren't hidden
 
86
  echo '</style>';
87
  }
88
  }
@@ -142,6 +146,109 @@ class Groups_Admin_Posts {
142
 
143
  }
144
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
145
  /**
146
  * Query modifier to take the selected access restriction capability into
147
  * account.
43
  add_action( 'admin_head', array( __CLASS__, 'admin_head' ) );
44
  add_action( 'restrict_manage_posts', array( __CLASS__, 'restrict_manage_posts' ) );
45
  add_filter( 'parse_query', array( __CLASS__, 'parse_query' ) );
46
+
47
+ add_action( 'bulk_edit_custom_box', array( __CLASS__, 'bulk_edit_custom_box' ), 10, 2);
48
+ add_action( 'save_post', array( __CLASS__, 'save_post' ) );
49
  }
50
  }
51
 
56
 
57
  global $pagenow;
58
 
59
+ if ( $pagenow == 'edit.php' ) {
60
+ $post_type = isset( $_GET['post_type'] ) ? $_GET['post_type'] : 'post';
61
+ $post_types_option = Groups_Options::get_option( Groups_Post_Access::POST_TYPES, array() );
62
+ if ( !isset( $post_types_option[$post_type]['add_meta_box'] ) || $post_types_option[$post_type]['add_meta_box'] ) {
63
+ Groups_UIE::enqueue( 'select' );
64
+ }
65
  }
66
  }
67
 
86
  echo '.groups-capabilities-container .selectize-input input[type="text"] { font-size: inherit; vertical-align: middle; }';
87
  echo '.groups-capabilities-container input.button { margin-top: 1px; vertical-align: top; }';
88
  echo '.tablenav .actions { overflow: visible; }'; // this is important so that the selectize options aren't hidden
89
+ echo '.wp-list-table td { overflow: visible; }'; // idem for bulk actions
90
  echo '</style>';
91
  }
92
  }
146
 
147
  }
148
 
149
+ /**
150
+ * Bulk-edit access restriction capabilities.
151
+ *
152
+ * @param string $column_name
153
+ * @param string $post_type
154
+ */
155
+ public static function bulk_edit_custom_box( $column_name, $post_type ) {
156
+
157
+ global $pagenow, $wpdb;
158
+
159
+ if ( $column_name == 'capabilities' ) {
160
+
161
+ if ( $pagenow == 'edit.php' ) { // check that we're on the right screen
162
+
163
+ $post_type = isset( $_GET['post_type'] ) ? $_GET['post_type'] : 'post';
164
+ $post_types_option = Groups_Options::get_option( Groups_Post_Access::POST_TYPES, array() );
165
+
166
+ if ( !isset( $post_types_option[$post_type]['add_meta_box'] ) || $post_types_option[$post_type]['add_meta_box'] ) {
167
+
168
+ $output = '<fieldset class="inline-edit-col-right">';
169
+ $output .= '<div class="bulk-edit-groups">';
170
+
171
+ // capability/access restriction bulk actions added through extra_tablenav()
172
+ $output .= '<div id="capability-bulk-actions" class="capabilities-bulk-container" style="display:inline">';
173
+
174
+ $output .= '<label style="display:inline;">';
175
+ $output .= '<span class="title">';
176
+ $output .= __( 'Access Restrictions', GROUPS_PLUGIN_DOMAIN );
177
+ $output .= '</span>';
178
+ $output .= '<select class="capabilities-action" name="capabilities-action">';
179
+ $output .= '<option selected="selected" value="-1">' . __( '&mdash; No Change &mdash;', GROUPS_PLUGIN_DOMAIN ) . '</option>';
180
+ $output .= '<option value="add-capability">' . __( 'Add restriction', GROUPS_PLUGIN_DOMAIN ) . '</option>';
181
+ $output .= '<option value="remove-capability">' . __( 'Remove restriction', GROUPS_PLUGIN_DOMAIN ) . '</option>';
182
+ $output .= '</select>';
183
+ $output .= '</label>';
184
+
185
+ $output .= '<div class="groups-capabilities-container">';
186
+ $valid_read_caps = Groups_Access_Meta_Boxes::get_valid_read_caps_for_user();
187
+ $output .= sprintf(
188
+ '<select class="select bulk-capability" name="%s[]" multiple="multiple" placeholder="%s" data-placeholder="%s">',
189
+ esc_attr( Groups_Post_Access::POSTMETA_PREFIX . 'bulk-' . Groups_Post_Access::READ_POST_CAPABILITY ),
190
+ esc_attr( __( 'Choose access restrictions &hellip;', GROUPS_PLUGIN_DOMAIN ) ) ,
191
+ esc_attr( __( 'Choose access restrictions &hellip;', GROUPS_PLUGIN_DOMAIN ) )
192
+ );
193
+
194
+ foreach( $valid_read_caps as $capability ) {
195
+ $output .= sprintf( '<option value="%s" >%s</option>', esc_attr( $capability ), wp_filter_nohtml_kses( $capability ) );
196
+ }
197
+ $output .= '</select>';
198
+ $output .= '</div>'; // .groups-capabilities-container
199
+ $output .= Groups_UIE::render_select( '.select.bulk-capability' );
200
+
201
+ $output .= '</div>'; // .capabilities-bulk-container
202
+
203
+ $output .= '</div>'; // .bulk-edit-groups
204
+ $output .= '</fieldset>'; // .inline-edit-col-right
205
+
206
+ $output .= wp_nonce_field( 'post-capability', 'bulk-post-capability-nonce', true, false );
207
+
208
+ echo $output;
209
+ }
210
+ }
211
+ }
212
+ }
213
+
214
+ /**
215
+ * Handles access restriction capability modifications from bulk-editing.
216
+ * This is called once for each post that is included in bulk-editing.
217
+ * The fields that are handled here are rendered through the
218
+ * bulk_edit_custom_box() method in this class.
219
+ *
220
+ * @param int $post_id
221
+ */
222
+ public static function save_post( $post_id ) {
223
+ if ( isset( $_REQUEST['capabilities-action'] ) ) {
224
+ if ( wp_verify_nonce( $_REQUEST['bulk-post-capability-nonce'], 'post-capability' ) ) {
225
+ $field = Groups_Post_Access::POSTMETA_PREFIX . 'bulk-' . Groups_Post_Access::READ_POST_CAPABILITY;
226
+ if ( !empty( $_REQUEST[$field] ) && is_array( $_REQUEST[$field] ) ) {
227
+ if ( Groups_Access_Meta_Boxes::user_can_restrict() ) {
228
+ $valid_read_caps = Groups_Access_Meta_Boxes::get_valid_read_caps_for_user();
229
+ foreach( $_REQUEST[$field] as $capability_name ) {
230
+ if ( $capability = Groups_Capability::read_by_capability( $capability_name ) ) {
231
+ if ( in_array( $capability->capability, $valid_read_caps ) ) {
232
+ switch( $_REQUEST['capabilities-action'] ) {
233
+ case 'add-capability' :
234
+ Groups_Post_Access::create( array(
235
+ 'post_id' => $post_id,
236
+ 'capability' => $capability->capability
237
+ ) );
238
+ break;
239
+ case 'remove-capability' :
240
+ Groups_Post_Access::delete( $post_id, $capability->capability );
241
+ break;
242
+ }
243
+ }
244
+ }
245
+ }
246
+ }
247
+ }
248
+ }
249
+ }
250
+ }
251
+
252
  /**
253
  * Query modifier to take the selected access restriction capability into
254
  * account.
lib/admin/groups-admin-options.php CHANGED
@@ -84,8 +84,10 @@ function groups_admin_options() {
84
  if ( !empty( $_POST[GROUPS_READ_POST_CAPABILITIES] ) ) {
85
  $read_caps = $_POST[GROUPS_READ_POST_CAPABILITIES];
86
  foreach( $read_caps as $read_cap ) {
87
- if ( !in_array( $read_cap, $valid_read_caps ) && ( $valid_cap = Groups_Capability::read( $read_cap ) ) ) {
88
- $valid_read_caps[] = $valid_cap->capability;
 
 
89
  }
90
  }
91
  }
84
  if ( !empty( $_POST[GROUPS_READ_POST_CAPABILITIES] ) ) {
85
  $read_caps = $_POST[GROUPS_READ_POST_CAPABILITIES];
86
  foreach( $read_caps as $read_cap ) {
87
+ if ( $valid_cap = Groups_Capability::read( $read_cap ) ) {
88
+ if ( !in_array( $valid_cap->capability, $valid_read_caps ) ) {
89
+ $valid_read_caps[] = $valid_cap->capability;
90
+ }
91
  }
92
  }
93
  }
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: http://www.itthinx.com/plugins/groups
4
  Tags: access, access control, capability, capabilities, content, download, downloads, file, file access, files, group, groups, member, members, membership, memberships, paypal, permission, permissions, subscription, subscriptions, woocommerce
5
  Requires at least: 3.5
6
  Tested up to: 3.7.1
7
- Stable tag: 1.4.2
8
  License: GPLv3
9
 
10
  Groups is an efficient and powerful solution, providing group-based user membership management, group-based capabilities and content access control.
@@ -177,6 +177,12 @@ See also [Groups](http://www.itthinx.com/plugins/groups/)
177
 
178
  == Changelog ==
179
 
 
 
 
 
 
 
180
  = 1.4.2 =
181
  * Added: Access restriction capabilities shown for enabled post types on overview screens.
182
  * WordPress 3.7.1 compatibility checked.
@@ -349,6 +355,9 @@ Some installations wouldn't work correctly, showing no capabilities and making i
349
 
350
  == Upgrade Notice ==
351
 
 
 
 
352
  = 1.4.2 =
353
  * Improved views and filters regarding access restrictions which are now shown in overviews for enabled post types. Checked WordPress 3.7.1 compatibility. Some bug fixes and internal improvements.
354
 
4
  Tags: access, access control, capability, capabilities, content, download, downloads, file, file access, files, group, groups, member, members, membership, memberships, paypal, permission, permissions, subscription, subscriptions, woocommerce
5
  Requires at least: 3.5
6
  Tested up to: 3.7.1
7
+ Stable tag: 1.4.3
8
  License: GPLv3
9
 
10
  Groups is an efficient and powerful solution, providing group-based user membership management, group-based capabilities and content access control.
177
 
178
  == Changelog ==
179
 
180
+ = 1.4.3 =
181
+ * Added: Bulk editing (add/remove) of post access restriction capabilities.
182
+ * Fixed: A typo in the Access Restriction column's tooltip text.
183
+ * Fixed: Validation of access restriction capabilities when saved on options admin screen.
184
+ * Changed: Users must now have the groups_access capability to be able to use the access restriction meta box on posts.
185
+
186
  = 1.4.2 =
187
  * Added: Access restriction capabilities shown for enabled post types on overview screens.
188
  * WordPress 3.7.1 compatibility checked.
355
 
356
  == Upgrade Notice ==
357
 
358
+ = 1.4.3 =
359
+ * Added bulk editing (add/remove) of post access restriction capabilities, restricted use of access restriction box on posts, fixed some bugs.
360
+
361
  = 1.4.2 =
362
  * Improved views and filters regarding access restrictions which are now shown in overviews for enabled post types. Checked WordPress 3.7.1 compatibility. Some bug fixes and internal improvements.
363