Remove Dashboard Access - Version 1.1

Version Description

Enhancements: * Instantiate as a static instance for better modularity * Move Dashboard Access Controls settings to Settings > Reading * Add optional login message option * Add better settings sanitization * New Filter: rda_default_caps_for_role - Filter default roles for Admins, Editors, and Authors * New Debug Mode

Bug Fixes: * Remove unnecessarily stringent URL mask on the redirect URL option

Download this release

Release Info

Developer DrewAPicture
Plugin Icon 128x128 Remove Dashboard Access
Version 1.1
Comparing to
See all releases

Code changes from version 1.0 to 1.1

Files changed (10) hide show
  1. inc/class.rda-options.php +573 -0
  2. inc/{class-rda-remove-access.php → class.rda-remove-access.php} +48 -45
  3. inc/js/settings.js +13 -0
  4. languages/remove-dashboard-access.mo +0 -0
  5. languages/remove-dashboard-access.po +116 -0
  6. languages/remove-wp-dashboard-access.pot +0 -91
  7. readme.txt +58 -27
  8. remove-dashboard-access.php +34 -0
  9. remove-wp-dashboard-access.php +0 -350
  10. uninstall.php +10 -1
inc/class.rda-options.php ADDED
@@ -0,0 +1,573 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * Remove Dashboard Access Options Class
4
+ *
5
+ * @since 1.0
6
+ */
7
+ if ( ! class_exists( 'RDA_Options' ) ) {
8
+ class RDA_Options {
9
+
10
+ /**
11
+ * Static instance to make removing actions and filters modular.
12
+ *
13
+ * @since 1.1
14
+ * @access public
15
+ * @static
16
+ */
17
+ public static $instance;
18
+
19
+ /**
20
+ * @var $settings rda-settings options array
21
+ *
22
+ * @since 1.0
23
+ * @access public
24
+ */
25
+ public $settings = array();
26
+
27
+ /**
28
+ * Init
29
+ *
30
+ * @since 1.0
31
+ * @access public
32
+ */
33
+ public function __construct() {
34
+ self::$instance = $this;
35
+
36
+ self::$instance->setup();
37
+ }
38
+
39
+ /**
40
+ * Set up various actions, filters, and other items.
41
+ *
42
+ * @since 1.1
43
+ * @access public
44
+ */
45
+ public function setup() {
46
+ load_plugin_textdomain( 'remove_dashboard_access', false, dirname( plugin_basename( __FILE__ ) ) . '/languages/' );
47
+
48
+ $this->maybe_map_old_settings();
49
+
50
+ $this->settings = array(
51
+ 'access_switch' => get_option( 'rda_access_switch', 'manage_options' ),
52
+ 'access_cap' => get_option( 'rda_access_cap', 'manage_options' ),
53
+ 'enable_profile' => get_option( 'rda_enable_profile', 1 ),
54
+ 'redirect_url' => get_option( 'rda_redirect_url', home_url() ),
55
+ 'login_message' => get_option( 'rda_login_message', __( 'This site is in maintenance mode.', 'remove_dashboard_access' ) ),
56
+ );
57
+
58
+ // Settings.
59
+ add_action( 'admin_init', array( $this, 'settings' ) );
60
+ add_action( 'admin_head-options-reading.php', array( $this, 'access_switch_js' ) );
61
+
62
+ // Settings link in plugins list.
63
+ add_filter( 'plugin_action_links', array( $this, 'settings_link' ), 10, 2 );
64
+
65
+ // Login message.
66
+ add_filter( 'login_message', array( $this, 'output_login_message' ) );
67
+ }
68
+
69
+ /**
70
+ * (maybe) Map old settings (1.0-) to the new ones (1.1+).
71
+ *
72
+ * @since 1.1
73
+ * @access public
74
+ */
75
+ public function maybe_map_old_settings() {
76
+ // If the settings aren't there, bail.
77
+ if ( false == $old_settings = get_option( 'rda-settings' ) ) {
78
+ return;
79
+ }
80
+
81
+ $new_settings = array();
82
+
83
+ if ( ! empty( $old_settings ) && is_array( $old_settings ) ) {
84
+ // Access Switch.
85
+ $new_settings['rda_access_switch'] = empty( $old_settings['access_switch'] ) ? 'manage_options' : $old_settings['access_switch'];
86
+
87
+ // Access Cap.
88
+ $new_settings['rda_access_cap'] = ( 'capability' == $new_settings['access_switch'] ) ? 'manage_options' : $new_settings['rda_access_switch'];
89
+
90
+ // Redirect URL.
91
+ $new_settings['rda_redirect_url'] = empty( $old_settings['redirect_url'] ) ? home_url() : $old_settings['redirect_url'];
92
+
93
+ // Enable Profile.
94
+ $new_settings['rda_enable_profile'] = empty( $old_settings['enable_profile'] ) ? true : $old_settings['enable_profile'];
95
+
96
+ // Login Message.
97
+ $new_settings['rda_login_message'] = '';
98
+ }
99
+
100
+ foreach ( $new_settings as $key => $value ) {
101
+ update_option( $key, $value );
102
+ }
103
+
104
+ delete_option( 'rda-settings' );
105
+ }
106
+
107
+ /**
108
+ * Activation Hook.
109
+ *
110
+ * Setup default options on activation.
111
+ *
112
+ * @since 1.0
113
+ * @access public
114
+ *
115
+ * @see $this->setup()
116
+ */
117
+ public function activate() {
118
+ $settings = array(
119
+ 'rda_access_switch' => 'manage_options',
120
+ 'rda_access_cap' => 'manage_options',
121
+ 'rda_redirect_url' => home_url(),
122
+ 'rda_enable_profile' => 1,
123
+ 'rda_login_message' => ''
124
+ );
125
+
126
+ foreach ( $settings as $key => $value ) {
127
+ update_option( $key, $value );
128
+ }
129
+ }
130
+
131
+ /**
132
+ * Register settings and settings sections.
133
+ *
134
+ * @since 1.0
135
+ * @access public
136
+ *
137
+ * @see $this->setup()
138
+ */
139
+ public function settings() {
140
+ // Dashboard Access Controls section.
141
+ add_settings_section( 'rda_options', __( 'Dashboard Access Controls', 'remove_dashbord_access' ), array( $this, 'settings_section' ), 'reading' );
142
+
143
+ // Settings.
144
+ $sets = array(
145
+ 'rda_access_switch' => array(
146
+ 'label' => __( 'Dashboard User Access:', 'remove_dashboard_access' ),
147
+ 'callback' => 'access_switch_cb',
148
+ ),
149
+ 'rda_access_cap' => array(
150
+ 'label' => '',
151
+ 'callback' => 'access_cap_dropdown',
152
+ ),
153
+ 'rda_redirect_url' => array(
154
+ 'label' => __( 'Redirect URL:', 'remove_dashboard_access' ),
155
+ 'callback' => 'url_redirect_cb',
156
+ ),
157
+ 'rda_enable_profile' => array(
158
+ 'label' => __( 'User Profile Access:', 'remove_dashboard_access' ),
159
+ 'callback' => 'profile_enable_cb',
160
+ ),
161
+ 'rda_login_message' => array(
162
+ 'label' => __( 'Login Message', 'remove_dashboard_access' ),
163
+ 'callback' => 'login_message_cb',
164
+ ),
165
+ );
166
+
167
+ foreach ( $sets as $id => $settings ) {
168
+ add_settings_field( $id, $settings['label'], array( $this, $settings['callback'] ), 'reading', 'rda_options' );
169
+
170
+ // Pretty lame that we need separate sanitize callbacks for everything.
171
+ $sanitize_callback = str_replace( 'rda', 'sanitize', $id );
172
+ register_setting( 'reading', $id, array( $this, $sanitize_callback ) );
173
+ };
174
+
175
+ // Debug info "setting".
176
+ if ( ! empty( $_GET['rda_debug'] ) ) {
177
+ add_settings_field( 'rda_debug_mode', __( 'Debug Info', 'remove_dashboard_access' ), array( $this, '_debug_mode' ), 'reading', 'rda_options' );
178
+ }
179
+
180
+ }
181
+
182
+ /**
183
+ * Dashboard Access Controls display callback.
184
+ *
185
+ * @since 1.1
186
+ * @access public
187
+ */
188
+ public function settings_section() {
189
+ _e( 'Dashboard access can be restricted to users of certain roles only or users with a specific capability.', 'remove_dashboard_access' );
190
+ }
191
+
192
+ /**
193
+ * Access Controls 2 of 2.
194
+ *
195
+ * Output the capability drop-down.
196
+ *
197
+ * @since 1.1
198
+ * @access public
199
+ */
200
+ public function access_cap_dropdown() {
201
+ $switch = $this->settings['access_switch'];
202
+ ?>
203
+ <p><label>
204
+ <input name="rda_access_switch" type="radio" value="capability" class="tag" <?php checked( 'capability', esc_attr( $switch ) ); ?> />
205
+ <?php _e( '<strong>Advanced</strong>: Limit by capability:', 'remove_dashboard_access' ); ?>
206
+ </label><?php $this->_output_caps_dropdown(); ?></p>
207
+ <p>
208
+ <?php printf( __( 'You can find out more about specific %s in the Codex.', 'remove_dashboard_access' ),
209
+ sprintf( '<a href="%1$s" target="_new">%2$s</a>',
210
+ esc_url( 'http://codex.wordpress.org/Roles_and_Capabilities' ),
211
+ esc_html( __( 'Roles &amp; Capabilities', 'remove_dashboard_access' ) )
212
+ )
213
+ ); ?>
214
+ </p>
215
+ <?php
216
+ }
217
+
218
+ /**
219
+ * Capability-type radio switch jQuery script.
220
+ *
221
+ * When the 'Limit by capability' radio option is selected the script.
222
+ * enables the capabilities drop-down. Default state is disabled.
223
+ *
224
+ * @since 1.0
225
+ * @access public
226
+ *
227
+ * @see $this->setup()
228
+ */
229
+ public function access_switch_js() {
230
+ wp_enqueue_script( 'rda-settings', plugin_dir_url( __FILE__ ) . 'js/settings.js', array( 'jquery' ), '1.0' );
231
+ }
232
+
233
+ /**
234
+ * Enable/Disable radio toggle display callback.
235
+ *
236
+ * @since 1.1
237
+ * @access public
238
+ *
239
+ * @see $this->options_setup()
240
+ */
241
+ public function plugin_toggle_cb() {
242
+ printf( '<input name="rda_toggle_plugin_off" type="checkbox" value="1" class="code" %1$s/>%2$s',
243
+ checked( esc_attr( $this->settings['toggle_plugin_off'] ), true, false ),
244
+ __( ' Disable access controls and redirection', 'remove_dashboard_access' )
245
+ );
246
+ }
247
+
248
+ /**
249
+ * Capability-type radio switch display callback.
250
+ *
251
+ * Displays the radio button switch for choosing which
252
+ * capability users need to access the Dashboard. Mimics
253
+ * 'Page on front' UI in options-reading.php for a more
254
+ * integrated feel.
255
+ *
256
+ * @since 1.0
257
+ * @access public
258
+ *
259
+ * @see $this->caps_dropdown()
260
+ */
261
+ public function access_switch_cb() {
262
+ echo '<a name="dashboard-access"></a>';
263
+
264
+ $switch = $this->settings['access_switch'];
265
+
266
+ /**
267
+ * Filter the capability defaults for admins, editors, and authors.
268
+ *
269
+ * @since 1.1
270
+ *
271
+ * @param array $capabilities {
272
+ * Default capabilities for various roles.
273
+ *
274
+ * @type string $admin Capability to use for administrators only. Default 'manage_options'.
275
+ * @type string $editor Capability to use for admins + editors. Default 'edit_others_posts'.
276
+ * @type string $author Capability to use for admins + editors + authors. Default 'publish_posts'.
277
+ * }
278
+ */
279
+ $defaults = apply_filters( 'rda_default_caps_for_role', array(
280
+ 'admin' => 'manage_options',
281
+ 'editor' => 'edit_others_posts',
282
+ 'author' => 'publish_posts'
283
+ ) );
284
+ ?>
285
+ <p><label>
286
+ <input name="rda_access_switch" type="radio" value="<?php echo esc_attr( $defaults['admin'] ); ?>" class="tag" <?php checked( $defaults['admin'], esc_attr( $switch ) ); ?> />
287
+ <?php _e( 'Administrators only', 'remove_dashboard_access' ); ?>
288
+ </label></p>
289
+ <p><label>
290
+ <input name="rda_access_switch" type="radio" value="<?php echo esc_attr( $defaults['editor'] ); ?>" class="tag" <?php checked( $defaults['editor'], esc_attr( $switch ) ); ?> />
291
+ <?php _e( 'Editors and Administrators', 'remove_dashboard_access' ); ?>
292
+ </label></p>
293
+ <p><label>
294
+ <input name="rda_access_switch" type="radio" value="<?php echo esc_attr( $defaults['author'] ); ?>" class="tag" <?php checked( $defaults['author'], esc_attr( $switch ) ); ?> />
295
+ <?php _e( 'Authors, Editors, and Administrators', 'remove_dashboard_access' ); ?>
296
+ </label></p>
297
+
298
+ <?php
299
+ }
300
+
301
+
302
+ /**
303
+ * Capability-type switch drop-down.
304
+ *
305
+ * @since 1.0
306
+ * @access private
307
+ *
308
+ * @see $this->access_switch_cb()
309
+ */
310
+ private function _output_caps_dropdown() {
311
+ /** @global WP_Roles $wp_roles */
312
+ global $wp_roles;
313
+
314
+ $capabilities = array();
315
+ foreach ( $wp_roles->role_objects as $key => $role ) {
316
+ if ( is_array( $role->capabilities ) ) {
317
+ foreach ( $role->capabilities as $cap => $grant )
318
+ $capabilities[$cap] = $cap;
319
+ }
320
+ }
321
+
322
+ // Gather legacy user levels.
323
+ $levels = array(
324
+ 'level_0','level_1', 'level_2', 'level_3',
325
+ 'level_4', 'level_5', 'level_6', 'level_7',
326
+ 'level_8', 'level_9', 'level_10',
327
+ );
328
+
329
+ // Remove levels from caps array (Thank you Justin Tadlock).
330
+ $capabilities = array_diff( $capabilities, $levels );
331
+
332
+ // Remove # capabilities (maybe from some plugin, perhaps?).
333
+ for ( $i = 0; $i < 12; $i++ ) {
334
+ unset( $capabilities[$i] );
335
+ }
336
+
337
+ // Alphabetize for nicer display.
338
+ ksort( $capabilities );
339
+
340
+ if ( ! empty( $capabilities ) ) {
341
+ // Start <select> element.
342
+ print( '<select name="rda_access_cap">' );
343
+
344
+ // Default first option.
345
+ printf( '<option selected="selected" value="manage_options">%s</option>', __( '--- Select a Capability ---', 'removed_dashboard_access' ) );
346
+
347
+ // Build capabilities dropdown.
348
+ foreach ( $capabilities as $capability => $value ) {
349
+ printf( '<option value="%1$s" %2$s>%3$s</option>', esc_attr( $value ), selected( $this->settings['access_cap'], $value ), esc_html( $capability ) );
350
+ }
351
+ print( '</select>' );
352
+ }
353
+ }
354
+
355
+ /**
356
+ * Enable profile access checkbox display callback.
357
+ *
358
+ * @since 1.0
359
+ * @access public
360
+ *
361
+ * @see $this->options_setup()
362
+ *
363
+ * @uses checked() Outputs the checked attribute when the option is enabled.
364
+ */
365
+ public function profile_enable_cb() {
366
+ printf( '<input name="rda_enable_profile" type="checkbox" value="1" class="code" %1$s/>%2$s',
367
+ checked( esc_attr( $this->settings['enable_profile'] ), true, false ),
368
+ /* Translators: The leading space is intentional to space the text away from the checkbox */
369
+ __( ' Allow all users to edit their profiles in the dashboard.', 'remove_dashboard_access' )
370
+ );
371
+ }
372
+
373
+ /**
374
+ * Redirect URL display callback.
375
+ *
376
+ * Default value is home_url(). $this->sanitize_option() handles validation and escaping.
377
+ *
378
+ * @since 1.0
379
+ * @access public
380
+ *
381
+ * @see $this->options_setup()
382
+ */
383
+ public function url_redirect_cb() {
384
+ ?>
385
+ <p><label>
386
+ <?php _e( 'Redirect disallowed users to:', 'remove_dashboard_access' ); ?>
387
+ <input name="rda_redirect_url" class="regular-text" type="text" value="<?php echo esc_attr( $this->settings['redirect_url'] ); ?>" placeholder="<?php printf( esc_attr__( 'Default: %s', 'remove_dashboard_access' ), home_url() ); ?>" />
388
+ </label></p>
389
+ <?php
390
+ }
391
+
392
+ /**
393
+ * Login Message display callback.
394
+ *
395
+ * @since 1.1
396
+ * @access public
397
+ */
398
+ public function login_message_cb() {
399
+ ?>
400
+ <p><input name="rda_login_message" class="regular-text" type="text" value="<?php echo esc_attr( $this->settings['login_message'] ); ?>" placeholder="<?php esc_attr_e( '(Disabled when empty)', 'remove_dashboard_access' ); ?>" /></p>
401
+ <?php
402
+ }
403
+
404
+ /**
405
+ * Login Message option callback.
406
+ *
407
+ * @since 1.1
408
+ * @access public
409
+ */
410
+ public function output_login_message( $message ) {
411
+ if ( ! empty( $this->settings['login_message'] ) ) {
412
+ $message .= '<p class="message">' . esc_html( $this->settings['login_message'] ) . '</p>';
413
+ }
414
+ return $message;
415
+ }
416
+
417
+ /**
418
+ * Access Switch sanitize callback.
419
+ *
420
+ * @since 1.1
421
+ * @access public
422
+ *
423
+ * @param string $option Access switch capability.
424
+ * @return string Sanitized capability.
425
+ */
426
+ public function sanitize_access_switch( $option ) {
427
+ return $option;
428
+ }
429
+
430
+ /**
431
+ * Access capability sanitize callback.
432
+ *
433
+ * @since 1.1
434
+ * @access public
435
+ *
436
+ * @param string $option Access capability.
437
+ * @return string Sanitized capability. If the option is empty, default to the value of
438
+ * 'rda_access_switch'.
439
+ */
440
+ public function sanitize_access_cap( $option ) {
441
+ return empty( $option ) ? get_option( 'rda_access_switch' ) : $option;
442
+ }
443
+
444
+ /**
445
+ * Redirect URL sanitize callback.
446
+ *
447
+ * @since 1.1
448
+ * @access public
449
+ *
450
+ * @param string $option Redirect URL.
451
+ * @return string If empty, defaults to home_url(). Otherwise sanitized URL.
452
+ */
453
+ public function sanitize_redirect_url( $option ) {
454
+ return empty( $option ) ? home_url() : esc_url_raw( $option );
455
+ }
456
+
457
+ /**
458
+ * Enable Profile sanitize callback.
459
+ *
460
+ * @since 1.1
461
+ * @access public
462
+ *
463
+ * @param bool $option Whether to enable all users to edit their profiles.
464
+ * @return bool Whether all users will be able to edit their profiles.
465
+ */
466
+ public function sanitize_enable_profile( $option ) {
467
+ return (bool) empty( $option ) ? false : true;
468
+ }
469
+
470
+ /**
471
+ * Login Message sanitize callback.
472
+ *
473
+ * @since 1.1
474
+ * @access public
475
+ *
476
+ * @param string $option Login message.
477
+ * @return string Sanitized login message.
478
+ */
479
+ public function sanitize_login_message( $option ) {
480
+ return sanitize_text_field( $option );
481
+ }
482
+
483
+ /**
484
+ * Required capability for Dashboard access.
485
+ *
486
+ * @since 1.0
487
+ * @access public
488
+ *
489
+ * @return string $this->settings['access_cap'] if set, otherwise, 'manage_options' (filterable).
490
+ */
491
+ public function capability() {
492
+ /**
493
+ * Filter the access capability.
494
+ *
495
+ * @since 1.1
496
+ *
497
+ * @param string $capability Capability needed to access the Dashboard.
498
+ */
499
+ return apply_filters( 'rda_access_capability', $this->settings['access_cap'] );
500
+ }
501
+
502
+ /**
503
+ * Plugins list 'Settings' row link.
504
+ *
505
+ * @since 1.0
506
+ *
507
+ * @see $this->setup()
508
+ *
509
+ * @param array $links Row links array to filter.
510
+ * @return array $links Filtered links array.
511
+ */
512
+ public function settings_link( $links, $file ) {
513
+ // WordPress.org slug.
514
+ if ( 'remove-dashboard-access-for-non-admins/remove-dashboard-access.php' == $file
515
+ // GitHub slug
516
+ || 'remove-dashboard-access/remove-dashboard-access' == $file
517
+ ) {
518
+ array_unshift( $links, sprintf( '<a href="%1$s">%2$s</a>',
519
+ admin_url( 'options-reading.php#dashboard-access' ),
520
+ esc_html__( 'Settings', 'remove_dashboard_access' )
521
+ ) );
522
+ }
523
+ return $links;
524
+ }
525
+
526
+ /**
527
+ * Debug mode output.
528
+ *
529
+ * When rda_debug=1 is passed via the query string, displays a table with all the raw
530
+ * option values for debugging purposes.
531
+ *
532
+ * @since 1.1
533
+ * @access public
534
+ */
535
+ public function _debug_mode() {
536
+ ?>
537
+ <style type="text/css">
538
+ table.rda_debug {
539
+ width: 400px;
540
+ border: 1px solid #222;
541
+ }
542
+ .rda_debug th {
543
+ text-align: center;
544
+ }
545
+ .rda_debug th,
546
+ .rda_debug td {
547
+ width: 50%;
548
+ padding: 15px 10px;
549
+ border: 1px solid #222;
550
+ }
551
+ </style>
552
+ <table class="rda_debug">
553
+ <tbody>
554
+ <tr>
555
+ <th><?php _e( 'Setting', 'remove_dashboard_access' ); ?></th>
556
+ <th><?php _e( 'Value', 'remove_dashboard_access' ); ?></th>
557
+ </tr>
558
+ <?php foreach ( $this->settings as $key => $value ) :
559
+ $value = empty( $value ) ? __( 'empty', 'remove_dashboard_access' ) : $value;
560
+ ?>
561
+ <tr>
562
+ <td><?php echo esc_html( $key ); ?></td>
563
+ <td><?php echo esc_html( $value ); ?></td>
564
+ </tr>
565
+ <?php endforeach; ?>
566
+ </tbody>
567
+ </table>
568
+ <?php
569
+ }
570
+
571
+ } // RDA_Options
572
+
573
+ } // class exists
inc/{class-rda-remove-access.php → class.rda-remove-access.php} RENAMED
@@ -9,7 +9,7 @@ if ( ! class_exists( 'RDA_Remove_Access' ) ) {
9
  class RDA_Remove_Access {
10
 
11
  /**
12
- * @var $capability
13
  *
14
  * String with capability passed from RDA_Options{}
15
  *
@@ -18,7 +18,7 @@ class RDA_Remove_Access {
18
  var $capability;
19
 
20
  /**
21
- * @var $settings
22
  *
23
  * Array of settings passed from RDA_Options{}
24
  *
@@ -35,10 +35,11 @@ class RDA_Remove_Access {
35
  * @param array $settings Settings array passed from RDA_Options instance.
36
  */
37
  function __construct( $capability, $settings ) {
38
- if ( ! $capability )
39
  return; // Bail
40
- else
41
  $this->capability = $capability;
 
42
 
43
  $this->settings = $settings;
44
 
@@ -46,7 +47,7 @@ class RDA_Remove_Access {
46
  }
47
 
48
  /**
49
- * Determine if user is allowed to access the Dashboard
50
  *
51
  * @since 1.0
52
  *
@@ -54,76 +55,78 @@ class RDA_Remove_Access {
54
  * @return null Bail if the current user has the requisite capability.
55
  */
56
  function is_user_allowed() {
57
- if ( $this->capability && ! current_user_can( $this->capability ) && ! defined( 'DOING_AJAX' ) )
58
- $this->bdth_hooks();
59
- else
60
  return; // Bail
 
61
  }
62
 
63
  /**
64
- * "Batten down the hatches" Hooks
65
  *
66
  * dashboard_redirect - Handles redirecting disallowed users.
67
- * hide_menus - Hides the admin menus with CSS (not ideal but will suffice).
68
  * hide_toolbar_items - Hides various Toolbar items on front and back-end.
69
  *
70
  * @since 1.0
71
  */
72
- function bdth_hooks() {
73
- add_action( 'admin_init', array( $this, 'dashboard_redirect' ) );
74
- add_action( 'admin_head', array( $this, 'hide_menus' ) );
75
- add_action( 'admin_bar_menu', array( $this, 'hide_toolbar_items' ), 999 );
76
  }
77
 
78
  /**
79
- * Dashboard Redirect
80
- *
81
- * @since 0.1
82
  *
83
- * @uses global $pagenow Used to determine the current page.
84
- * @uses wp_redirect() Used to redirect disallowed users to chosen URL.
85
  */
86
- function dashboard_redirect() {
87
- global $pagenow;
88
- if ( 'profile.php' != $pagenow || $this->settings['enable_profile'] != 1 ) {
89
- wp_redirect( $this->settings['redirect_url'] );
90
- exit;
 
 
 
 
 
 
 
 
 
 
 
91
  }
92
  }
93
 
94
  /**
95
- * Hide Admin Menus
96
  *
97
- * @since 1.0
98
  *
99
- * @todo Determine why 'Tools' menu can't be easily unset from admin menu
100
- * @return null
101
  */
102
- function hide_menus() {
103
- ?>
104
- <style type="text/css">
105
- #adminmenuback, #adminmenuwrap {
106
- display: none;
107
- }
108
- .wrap {
109
- margin-top: 1.5%;
110
- }
111
- #wpcontent {
112
- margin-left: 2%;
113
  }
114
- <?php
115
  }
116
 
117
  /**
118
- * Hide Toolbar Items
119
  *
120
  * @since 1.0
121
  *
122
- * @uses apply_filters() to make front-end and back-end Toolbar node arrays filterable.
123
- * @param global $wp_admin_bar For remove_node() method access.
124
  */
125
  function hide_toolbar_items( $wp_admin_bar ) {
126
- $edit_profile = $this->settings['enable_profile'] == 0 ? 'edit-profile' : '';
127
  if ( is_admin() ) {
128
  $ids = array( 'about', 'comments', 'new-content', $edit_profile );
129
  $nodes = apply_filters( 'rda_toolbar_nodes', $ids );
@@ -138,4 +141,4 @@ class RDA_Remove_Access {
138
 
139
  } // RDA_Remove_Access
140
 
141
- } // class_exists
9
  class RDA_Remove_Access {
10
 
11
  /**
12
+ * @var string $capability
13
  *
14
  * String with capability passed from RDA_Options{}
15
  *
18
  var $capability;
19
 
20
  /**
21
+ * @var array $settings
22
  *
23
  * Array of settings passed from RDA_Options{}
24
  *
35
  * @param array $settings Settings array passed from RDA_Options instance.
36
  */
37
  function __construct( $capability, $settings ) {
38
+ if ( empty( $capability ) ) {
39
  return; // Bail
40
+ } else {
41
  $this->capability = $capability;
42
+ }
43
 
44
  $this->settings = $settings;
45
 
47
  }
48
 
49
  /**
50
+ * Determine if user is allowed to access the Dashboard.
51
  *
52
  * @since 1.0
53
  *
55
  * @return null Bail if the current user has the requisite capability.
56
  */
57
  function is_user_allowed() {
58
+ if ( $this->capability && ! current_user_can( $this->capability ) && ! defined( 'DOING_AJAX' ) ) {
59
+ $this->lock_it_up();
60
+ } else {
61
  return; // Bail
62
+ }
63
  }
64
 
65
  /**
66
+ * "Lock it up" Hooks.
67
  *
68
  * dashboard_redirect - Handles redirecting disallowed users.
69
+ * hide_menus - Hides the admin menus.
70
  * hide_toolbar_items - Hides various Toolbar items on front and back-end.
71
  *
72
  * @since 1.0
73
  */
74
+ function lock_it_up() {
75
+ add_action( 'admin_init', array( $this, 'dashboard_redirect' ) );
76
+ add_action( 'admin_head', array( $this, 'hide_menus' ) );
77
+ add_action( 'admin_bar_menu', array( $this, 'hide_toolbar_items' ), 999 );
78
  }
79
 
80
  /**
81
+ * Hide menus other than profile.php.
 
 
82
  *
83
+ * @since 1.1
 
84
  */
85
+ public function hide_menus() {
86
+ /** @global array $menu */
87
+ global $menu;
88
+
89
+ $menu_ids = array();
90
+
91
+ // Gather menu IDs (minus profile.php).
92
+ foreach ( $menu as $index => $values ) {
93
+ if ( isset( $values[2] ) ) {
94
+ if ( 'profile.php' == $values[2] ) {
95
+ continue;
96
+ }
97
+
98
+ // Remove menu pages.
99
+ remove_menu_page( $values[2] );
100
+ }
101
  }
102
  }
103
 
104
  /**
105
+ * Dashboard Redirect.
106
  *
107
+ * @since 0.1
108
  *
109
+ * @see wp_redirect() Used to redirect disallowed users to chosen URL.
 
110
  */
111
+ function dashboard_redirect() {
112
+ /** @global string $pagenow */
113
+ global $pagenow;
114
+
115
+ if ( 'profile.php' != $pagenow || ! $this->settings['enable_profile'] ) {
116
+ wp_redirect( $this->settings['redirect_url'] );
117
+ exit;
 
 
 
 
118
  }
 
119
  }
120
 
121
  /**
122
+ * Hide Toolbar Items.
123
  *
124
  * @since 1.0
125
  *
126
+ * @param WP_Admin_Bar $wp_admin_bar For remove_node() method access.
 
127
  */
128
  function hide_toolbar_items( $wp_admin_bar ) {
129
+ $edit_profile = ! $this->settings['enable_profile'] ? 'edit-profile' : '';
130
  if ( is_admin() ) {
131
  $ids = array( 'about', 'comments', 'new-content', $edit_profile );
132
  $nodes = apply_filters( 'rda_toolbar_nodes', $ids );
141
 
142
  } // RDA_Remove_Access
143
 
144
+ } // class_exists
inc/js/settings.js ADDED
@@ -0,0 +1,13 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ /**
2
+ * Mimic WordPress Core's front-page dropdown toggle control.
3
+ */
4
+ jQuery( document ).ready( function( $ ) {
5
+ var section = $( '.form-table' ),
6
+ capType = section.find( 'input:radio[value="capability"]' ),
7
+ selects = section.find( 'select' ),
8
+ check_disabled = function() {
9
+ selects.prop( 'disabled', ! capType.prop( 'checked' ) );
10
+ };
11
+ check_disabled();
12
+ section.find( 'input:radio' ).change( check_disabled );
13
+ } );
languages/remove-dashboard-access.mo ADDED
Binary file
languages/remove-dashboard-access.po ADDED
@@ -0,0 +1,116 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ msgid ""
2
+ msgstr ""
3
+ "Project-Id-Version: Remove Dashboard Access\n"
4
+ "POT-Creation-Date: 2014-07-14 20:21-0700\n"
5
+ "PO-Revision-Date: 2014-07-14 20:22-0700\n"
6
+ "Last-Translator: \n"
7
+ "Language-Team: Drew Jaynes (DrewAPicture) <info@drewapicture.com>\n"
8
+ "Language: en\n"
9
+ "MIME-Version: 1.0\n"
10
+ "Content-Type: text/plain; charset=UTF-8\n"
11
+ "Content-Transfer-Encoding: 8bit\n"
12
+ "X-Generator: Poedit 1.6.6\n"
13
+ "X-Poedit-KeywordsList: __;_e;esc_attr__;esc_attr_e;esc_html__;esc_html_e;_x;"
14
+ "_ex;esc_attr_x;esc_html_x;_n;_nx;_n_noop;_nx_noop\n"
15
+ "X-Poedit-Basepath: ../\n"
16
+ "X-Poedit-SearchPath-0: .\n"
17
+
18
+ #: inc/class.rda-options.php:56
19
+ msgid "This site is in maintenance mode."
20
+ msgstr ""
21
+
22
+ #: inc/class.rda-options.php:117
23
+ msgid "Dashboard Access Controls"
24
+ msgstr ""
25
+
26
+ #: inc/class.rda-options.php:122
27
+ msgid "Dashboard User Access:"
28
+ msgstr ""
29
+
30
+ #: inc/class.rda-options.php:130
31
+ msgid "Redirect URL:"
32
+ msgstr ""
33
+
34
+ #: inc/class.rda-options.php:134
35
+ msgid "User Profile Access:"
36
+ msgstr ""
37
+
38
+ #: inc/class.rda-options.php:138
39
+ msgid "Login Message"
40
+ msgstr ""
41
+
42
+ #: inc/class.rda-options.php:153
43
+ msgid "Debug Info"
44
+ msgstr ""
45
+
46
+ #: inc/class.rda-options.php:165
47
+ msgid ""
48
+ "Dashboard access can be restricted to users of certain roles only or users "
49
+ "with a specific capability."
50
+ msgstr ""
51
+
52
+ #: inc/class.rda-options.php:181
53
+ msgid "<strong>Advanced</strong>: Limit by capability:"
54
+ msgstr ""
55
+
56
+ #: inc/class.rda-options.php:184
57
+ #, php-format
58
+ msgid "You can find out more about specific %s in the Codex."
59
+ msgstr ""
60
+
61
+ #: inc/class.rda-options.php:187
62
+ msgid "Roles &amp; Capabilities"
63
+ msgstr ""
64
+
65
+ #: inc/class.rda-options.php:220
66
+ msgid " Disable access controls and redirection"
67
+ msgstr ""
68
+
69
+ #: inc/class.rda-options.php:263
70
+ msgid "Administrators only"
71
+ msgstr ""
72
+
73
+ #: inc/class.rda-options.php:267
74
+ msgid "Editors and Administrators"
75
+ msgstr ""
76
+
77
+ #: inc/class.rda-options.php:271
78
+ msgid "Authors, Editors, and Administrators"
79
+ msgstr ""
80
+
81
+ #: inc/class.rda-options.php:321
82
+ msgid "--- Select a Capability ---"
83
+ msgstr ""
84
+
85
+ #: inc/class.rda-options.php:345
86
+ msgid " Allow all users to edit their profiles in the dashboard."
87
+ msgstr ""
88
+
89
+ #: inc/class.rda-options.php:362
90
+ msgid "Redirect disallowed users to:"
91
+ msgstr ""
92
+
93
+ #: inc/class.rda-options.php:363
94
+ #, php-format
95
+ msgid "Default: %s"
96
+ msgstr ""
97
+
98
+ #: inc/class.rda-options.php:376
99
+ msgid "(Disabled when empty)"
100
+ msgstr ""
101
+
102
+ #: inc/class.rda-options.php:480
103
+ msgid "Settings"
104
+ msgstr ""
105
+
106
+ #: inc/class.rda-options.php:514
107
+ msgid "Setting"
108
+ msgstr ""
109
+
110
+ #: inc/class.rda-options.php:515
111
+ msgid "Value"
112
+ msgstr ""
113
+
114
+ #: inc/class.rda-options.php:518
115
+ msgid "empty"
116
+ msgstr ""
languages/remove-wp-dashboard-access.pot DELETED
@@ -1,91 +0,0 @@
1
- msgid ""
2
- msgstr ""
3
- "Project-Id-Version: Remove Dashboard Access\n"
4
- "POT-Creation-Date: 2013-02-15 21:54-0700\n"
5
- "PO-Revision-Date: 2013-02-15 21:54-0700\n"
6
- "Last-Translator: \n"
7
- "Language-Team: Drew Jaynes (DrewAPicture) <info@drewapicture.com>\n"
8
- "Language: English\n"
9
- "MIME-Version: 1.0\n"
10
- "Content-Type: text/plain; charset=UTF-8\n"
11
- "Content-Transfer-Encoding: 8bit\n"
12
- "X-Generator: Poedit 1.5.5\n"
13
- "X-Poedit-KeywordsList: __;_e;esc_attr__;esc_attr_e;esc_html__;esc_html_e;_x;"
14
- "_ex;esc_attr_x;esc_html_x;_n;_nx;_n_noop;_nx_noop\n"
15
- "X-Poedit-Basepath: ../\n"
16
- "X-Poedit-SearchPath-0: .\n"
17
-
18
- #: remove-wp-dashboard-access.php:91 remove-wp-dashboard-access.php:110
19
- msgid "Dashboard Access Settings"
20
- msgstr ""
21
-
22
- #: remove-wp-dashboard-access.php:92
23
- msgid "Dashboard Access"
24
- msgstr ""
25
-
26
- #: remove-wp-dashboard-access.php:135
27
- msgid "Access Controls"
28
- msgstr ""
29
-
30
- #: remove-wp-dashboard-access.php:136
31
- msgid "User Access:"
32
- msgstr ""
33
-
34
- #: remove-wp-dashboard-access.php:137
35
- msgid "User Profile Access:"
36
- msgstr ""
37
-
38
- #: remove-wp-dashboard-access.php:140
39
- msgid "Redirection Settings"
40
- msgstr ""
41
-
42
- #: remove-wp-dashboard-access.php:141
43
- msgid "Redirect URL:"
44
- msgstr ""
45
-
46
- #: remove-wp-dashboard-access.php:150
47
- msgid ""
48
- "Dashboard access can be restricted to Administrators only (default) or users "
49
- "with a specific capability."
50
- msgstr ""
51
-
52
- #: remove-wp-dashboard-access.php:171
53
- msgid "Administrators only"
54
- msgstr ""
55
-
56
- #: remove-wp-dashboard-access.php:175
57
- msgid "Limit by capability:"
58
- msgstr ""
59
-
60
- #: remove-wp-dashboard-access.php:180
61
- #, php-format
62
- msgid "You can find out more about specific %s in the Codex."
63
- msgstr ""
64
-
65
- #: remove-wp-dashboard-access.php:183
66
- msgid "Roles and Capabilities"
67
- msgstr ""
68
-
69
- #: remove-wp-dashboard-access.php:267
70
- msgid " Allow users to edit their profiles in the dashboard."
71
- msgstr ""
72
-
73
- #: remove-wp-dashboard-access.php:277
74
- #, php-format
75
- msgid ""
76
- "Users who lack the selected role or capability will be redirected to a URL "
77
- "you specify. Left blank, default is: <strong>%s</strong>"
78
- msgstr ""
79
-
80
- #: remove-wp-dashboard-access.php:290
81
- msgid "Redirect users to:"
82
- msgstr ""
83
-
84
- #: remove-wp-dashboard-access.php:312
85
- #, php-format
86
- msgid "Please enter a properly-formed URL. For example: %s"
87
- msgstr ""
88
-
89
- #: remove-wp-dashboard-access.php:345
90
- msgid "Settings"
91
- msgstr ""
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
readme.txt CHANGED
@@ -1,54 +1,61 @@
1
  === Plugin Name ===
2
- Contributors: DrewAPicture, 10up
3
  Donate link: http://www.werdswords.com
4
  Tags: dashboard, access, users, administration
5
  Requires at least: 3.1
6
- Tested up to: 3.5.1
7
- Stable tag: 1.0
8
 
9
- This plugin limits user access to the dashboard based on whether users have a chosen capability. Disallowed users are redirected to a chosen URL.
10
 
11
  == Description ==
12
 
13
- Remove Dashboard Access was completely rewritten for version 1.0!
14
-
15
- New features include:
16
-
17
- * Limit Dashboard access to Administrators only, or limit by specific capability.
18
- * Allow/disallow user profile access
19
  * Choose your own redirect URL
 
 
20
  * (<a href="http://wordpress.org/extend/plugins/remove-dashboard-access-for-non-admins/other_notes/">more info</a>)
21
 
22
- A full list of capabilities and their associated roles can be found here: http://codex.wordpress.org/Roles_and_Capabilities
23
-
24
  <strong>Contribute to RDA</strong>
25
 
26
- This plugin is in active development <a href="https://github.com/DrewAPicture/remove-dashboard-access" target="_new">on GitHub</a>. If you'd like to contribute, pull requests are welcome!
27
 
28
  == Installation ==
29
 
30
- 1. Upload `remove-wp-dashboard-access.php` to the `/wp-content/plugins/` directory
31
- 2. Activate the plugin through the 'Plugins' menu in WordPress
32
 
33
  == Frequently Asked Questions ==
34
 
35
- = What happens to disallowed users who try to login to the Dashboard? =
 
 
 
 
 
 
 
 
36
 
37
- Users lacking the chosen capability or role will be redirected to the URL set in Settings > Dashboard Access.
38
 
39
  == Other Notes ==
40
 
41
  <strong>Capabilities</strong>
42
 
43
- * In v1.0+, you can limit Dashboard access to Admins or by selecting a capability. More information on WordPress' default roles and capabilities can be found here: http://codex.wordpress.org/Roles_and_Capabilities
44
 
45
  <strong>User Profile Access</strong>
46
 
47
- * In v1.0+, you can allow or disallow the ability for all users to edit their profiles in the Dashboard. Users lacking the chosen capability won't be able to access any other sections of the Dashboard.
 
 
 
 
48
 
49
  <strong>Hiding other plugins/themes' Toolbar menus</strong>
50
 
51
- v1.0+ hides some built-in WordPress Toolbar menus by default, but can be extended to hide menus from other plugins or themes via two filters: `rda_toolbar_nodes`, and `rda_frontend_toolbar_nodes`.
52
 
53
  How to find the menu (node) id:
54
 
@@ -57,6 +64,12 @@ How to find the menu (node) id:
57
 
58
  How to filter the disallowed Toolbar nodes on the front-end:
59
  `
 
 
 
 
 
 
60
  function hide_some_toolbar_menu( $ids ) {
61
  $ids[] = 'SOMETHING';
62
  return $ids;
@@ -64,20 +77,38 @@ function hide_some_toolbar_menu( $ids ) {
64
  add_filter( 'rda_frontend_toolbar_nodes', 'hide_some_toolbar_menu' );
65
  `
66
 
67
- Common plugin Toolbar menus and their ids:
 
 
 
 
 
68
 
69
- * <a href="http://wordpress.org/extend/plugins/jetpack/">JetPack by WordPress.com</a> (Notifications) - 'notes'
70
- * <a href="http://wordpress.org/extend/plugins/wordpress-seo/">WordPress SEO by Yoast</a> - 'wpseo-menu'
71
- * <a href="http://wordpress.org/extend/plugins/w3-total-cache/">W3 Total Cache</a> - 'w3tc'
72
 
73
- == Screenshots ==
74
 
75
- 1. The new 1.0 accesss options screen.
76
 
 
77
  2. Allow users to access their profile settings (only).
 
78
 
79
  == Changelog ==
80
 
 
 
 
 
 
 
 
 
 
 
 
 
 
81
  = 1.0 =
82
 
83
  * Complete rewrite!
@@ -120,4 +151,4 @@ Common plugin Toolbar menus and their ids:
120
 
121
  = 0.1 =
122
 
123
- * Initial submission
1
  === Plugin Name ===
2
+ Contributors: DrewAPicture
3
  Donate link: http://www.werdswords.com
4
  Tags: dashboard, access, users, administration
5
  Requires at least: 3.1
6
+ Tested up to: 4.0
7
+ Stable tag: 1.1
8
 
9
+ Disable Dashboard access for users of a specific role or capability. Disallowed users are redirected to a chosen URL.
10
 
11
  == Description ==
12
 
13
+ * Limit Dashboard access to Administrators only, Admins + Editors, Admins + Editors + Authors, or limit by specific capability.
 
 
 
 
 
14
  * Choose your own redirect URL
15
+ * Optionally allow user profile access
16
+ * Optionally display a message on the login screen
17
  * (<a href="http://wordpress.org/extend/plugins/remove-dashboard-access-for-non-admins/other_notes/">more info</a>)
18
 
 
 
19
  <strong>Contribute to RDA</strong>
20
 
21
+ This plugin is in active development <a href="https://github.com/DrewAPicture/remove-dashboard-access" target="_new">on GitHub</a>. Pull requests are welcome!
22
 
23
  == Installation ==
24
 
25
+ 1. Search 'Remove Dashboard Access' from the Install Plugins screen.
26
+ 2. Install plugin, click Activate.
27
 
28
  == Frequently Asked Questions ==
29
 
30
+ = What happens to disallowed users who try to access to the Dashboard? =
31
+
32
+ Users lacking the chosen capability or role(s) will be redirected to the URL set in Settings > Dashboard Access.
33
+
34
+ = Why haven't you added an option to disable the WordPress Toolbar?
35
+
36
+ The Toolbar contains certain important links (even for disallowed users) such as for accessing to the profile editor and/or logging out. Plus, there are many plugins out there for disabling the Toolbar if you really want to.
37
+
38
+ = Can I disable the redirection/profile-editing controls without disabling the plugin?
39
 
40
+ No. Disable the plugin if you don't wish to leverage the functionality.
41
 
42
  == Other Notes ==
43
 
44
  <strong>Capabilities</strong>
45
 
46
+ * You can limit Dashboard access to Admins only, Editors or above, Authors or above, or by selecting a capability. More information on WordPress' default roles and capabilities can be found here: http://codex.wordpress.org/Roles_and_Capabilities
47
 
48
  <strong>User Profile Access</strong>
49
 
50
+ * You can optionally allow all users the ability to edit their profiles in the Dashboard. Users lacking the chosen capability won't be able to access any other sections of the Dashboard.
51
+
52
+ <strong>Login Message</strong>
53
+
54
+ * Supply a message to display on the login screen. Leaving this blank disables the message.
55
 
56
  <strong>Hiding other plugins/themes' Toolbar menus</strong>
57
 
58
+ * Remove Dashboard Access removes some built-in WordPress Toolbar menus by default, but can be extended to hide menus from other plugins or themes via two filters: `rda_toolbar_nodes` (viewing from the admin), and `rda_frontend_toolbar_nodes` (viewing from the front-end).
59
 
60
  How to find the menu (node) id:
61
 
64
 
65
  How to filter the disallowed Toolbar nodes on the front-end:
66
  `
67
+ /**
68
+ * Filter hidden Toolbar menus on the front-end.
69
+ *
70
+ * @param array $ids Toolbar menu IDs.
71
+ * @return array (maybe) filtered front-end Toolbar menu IDs.
72
+ */
73
  function hide_some_toolbar_menu( $ids ) {
74
  $ids[] = 'SOMETHING';
75
  return $ids;
77
  add_filter( 'rda_frontend_toolbar_nodes', 'hide_some_toolbar_menu' );
78
  `
79
 
80
+ <strong>Common plugin Toolbar menus and their ids:</strong>
81
+ | Plugin | Menu ID |
82
+ | ------ | ------- |
83
+ | <a href="http://wordpress.org/extend/plugins/jetpack/">Jetpack by WordPress.com</a> (notifications) | 'notes |
84
+ | <a href="http://wordpress.org/extend/plugins/wordpress-seo/">WordPress SEO by Yoast</a> | 'wpseo-menu' |
85
+ | <a href="http://wordpress.org/extend/plugins/w3-total-cache/">W3 Total Cache</a> | 'w3tc' |
86
 
87
+ <strong>Debug Mode</strong>
 
 
88
 
89
+ To view debugging information on the Settings > Reading screen, visit yoursite.com/wp-admin/options-reading.php?rda_debug=1
90
 
91
+ == Screenshots ==
92
 
93
+ 1. The Dashboard Access Controls settings in the Settings > Reading screen.
94
  2. Allow users to access their profile settings (only).
95
+ 3. Optional login message.
96
 
97
  == Changelog ==
98
 
99
+ = 1.1 =
100
+
101
+ Enhancements:
102
+ * Instantiate as a static instance for better modularity
103
+ * Move Dashboard Access Controls settings to Settings > Reading
104
+ * Add optional login message option
105
+ * Add better settings sanitization
106
+ * New Filter: `rda_default_caps_for_role` - Filter default roles for Admins, Editors, and Authors
107
+ * New Debug Mode
108
+
109
+ Bug Fixes:
110
+ * Remove unnecessarily stringent URL mask on the redirect URL option
111
+
112
  = 1.0 =
113
 
114
  * Complete rewrite!
151
 
152
  = 0.1 =
153
 
154
+ * Initial submission
remove-dashboard-access.php ADDED
@@ -0,0 +1,34 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * Plugin Name: Remove Dashboard Access
4
+ * Plugin URI: http://www.werdswords.com
5
+ * Description: Removes Dashboard access for certain users based on capability.
6
+ * Version: 1.1
7
+ * Author: Drew Jaynes (DrewAPicture)
8
+ * Author URI: http://www.drewapicture.com
9
+ * License: GPLv2
10
+ */
11
+
12
+ // Bail if called directly.
13
+ if ( ! defined( 'ABSPATH' ) ) {
14
+ exit;
15
+ }
16
+
17
+ // RDA_Options Class
18
+ require_once( dirname( __FILE__ ) . '/inc/class.rda-options.php' );
19
+
20
+ // RDA_Remove_Access Class
21
+ require_once( dirname( __FILE__ ) . '/inc/class.rda-remove-access.php' );
22
+
23
+ // Load options instance
24
+ if ( class_exists( 'RDA_Options' ) ) {
25
+ $load = new RDA_Options;
26
+
27
+ // Set up options array on activation.
28
+ register_activation_hook( __FILE__, array( $load, 'activate' ) );
29
+
30
+ // Run it
31
+ if ( class_exists( 'RDA_Remove_Access' ) ) {
32
+ $access = new RDA_Remove_Access( $load->capability(), $load->settings );
33
+ }
34
+ }
remove-wp-dashboard-access.php DELETED
@@ -1,350 +0,0 @@
1
- <?php
2
- /**
3
- * Plugin Name: Remove Dashboard Access
4
- * Plugin URI: http://www.werdswords.com
5
- * Description: Removes Dashboard access for certain users based on capability.
6
- * Version: 1.0
7
- * Author: Drew Jaynes (DrewAPicture)
8
- * Author URI: http://www.drewapicture.com
9
- * License: GPLv2
10
- */
11
-
12
- // Load options instance
13
- if ( class_exists( 'RDA_Options' ) )
14
- $load = new RDA_Options;
15
-
16
- // RDA_Remove_Access Class
17
- require_once( dirname( __FILE__ ) . '/inc/class-rda-remove-access.php' );
18
-
19
- // Run it
20
- if ( class_exists( 'RDA_Remove_Access' ) )
21
- new RDA_Remove_Access( $load->capability(), $load->settings );
22
-
23
-
24
- class RDA_Options {
25
-
26
- /**
27
- * @var $settings rda-settings options array
28
- *
29
- * @since 1.0
30
- */
31
- var $settings = array();
32
-
33
- /**
34
- * Init
35
- *
36
- * @since 1.0
37
- */
38
- function __construct() {
39
- load_plugin_textdomain( 'remove_dashboard_access', false, dirname( plugin_basename( __FILE__ ) ) . '/languages/' );
40
-
41
- $this->settings = (array) get_option( 'rda-settings' );
42
- $this->hooks();
43
- }
44
-
45
- /**
46
- * Action Hooks and Filters
47
- *
48
- * activate - Setup options array on activation.
49
- * options_page - Adds the options page.
50
- * options_setup - Register options pages settings sections and fields.
51
- * access_switch_js - Prints jQuery script via admin_head-$suffix for the options page.
52
- * settings_link - Adds a 'Settings' link to the plugin row links via plugin_action_links_$plugin.
53
- *
54
- * @since 1.0
55
- */
56
- function hooks() {
57
- register_activation_hook( __FILE__, array( $this, 'activate' ) );
58
-
59
- add_action( 'admin_menu', array( $this, 'options_page' ) );
60
- add_action( 'admin_init', array( $this, 'options_setup' ) );
61
- add_action( 'admin_head-settings_page_dashboard-access', array( $this, 'access_switch_js' ) );
62
- add_filter( 'plugin_action_links_' . plugin_basename( __FILE__ ), array( $this, 'settings_link' ) );
63
- }
64
-
65
- /**
66
- * Activation Hook
67
- *
68
- * Setup options array on activation.
69
- *
70
- * @since 1.0
71
- */
72
- function activate() {
73
- $options = array(
74
- 'access_switch' => 'manage_options',
75
- 'access_cap' => 'manage_options',
76
- 'enable_profile' => 1,
77
- 'redirect_url' => home_url()
78
- );
79
- update_option( 'rda-settings', $options );
80
- }
81
-
82
- /**
83
- * Options page: Remove Access
84
- *
85
- * @since 1.0
86
- *
87
- * @uses add_options_page() to add a submenu under 'Settings'
88
- */
89
- function options_page() {
90
- add_options_page(
91
- __( 'Dashboard Access Settings', 'remove_dashboard_access' ),
92
- __( 'Dashboard Access', 'remove_dashboard_access' ),
93
- 'manage_options',
94
- 'dashboard-access',
95
- array( $this, 'options_page_cb' )
96
- );
97
- }
98
-
99
- /**
100
- * Options page: callback
101
- *
102
- * Outputs the form for the 'Remove Access' submenu
103
- *
104
- * @since 1.0
105
- */
106
- function options_page_cb() {
107
- ?>
108
- <div class="wrap">
109
- <?php screen_icon(); ?>
110
- <h2><?php _e( 'Dashboard Access Settings', 'remove_dashboard_access' ); ?></h2>
111
- <form action="options.php" method="POST" id="rda-options-form">
112
- <?php
113
- settings_fields( 'rda-options' );
114
- do_settings_sections( 'dashboard-access' );
115
- submit_button();
116
- ?>
117
- </form>
118
- </div><!-- .wrap -->
119
- <?php
120
- }
121
-
122
- /**
123
- * Register settings and settings sections.
124
- *
125
- * @since 1.0
126
- *
127
- * @uses register_setting() Registers the 'rda-options' settings group
128
- * @uses add_settings_section() Adds the settings sections
129
- * @uses add_settings_filed() Adds the settings fields
130
- */
131
- function options_setup() {
132
- register_setting( 'rda-options', 'rda-settings', array( $this, 'sanitize_options' ) );
133
-
134
- // Permissions
135
- add_settings_section( 'rda-permissions', __( 'Access Controls', 'remove_dashboard_access' ), array( $this, 'access_desc_cb' ), 'dashboard-access' );
136
- add_settings_field( 'access-switch', __( 'User Access:', 'remove_dashboard_access' ), array( $this, 'access_switch_cb' ), 'dashboard-access', 'rda-permissions' );
137
- add_settings_field( 'profile-enable', __( 'User Profile Access:', 'remove_dashboard_access' ), array( $this, 'profile_enable_cb' ), 'dashboard-access', 'rda-permissions' );
138
-
139
- // Redirect
140
- add_settings_section( 'rda-redirect', __( 'Redirection Settings', 'remove_dashboard_access' ), array( $this, 'redirect_desc_cb' ), 'dashboard-access' );
141
- add_settings_field( 'redirect-url', __( 'Redirect URL:', 'remove_dashboard_access' ), array( $this, 'url_redirect_cb' ), 'dashboard-access', 'rda-redirect' );
142
- }
143
-
144
- /**
145
- * Access Controls Description
146
- *
147
- * @since 1.0
148
- */
149
- function access_desc_cb() {
150
- _e( 'Dashboard access can be restricted to Administrators only (default) or users with a specific capability.', 'remove_dashboard_access' );
151
- }
152
-
153
- /**
154
- * Capability-type radio switch display callback
155
- *
156
- * Displays the radio button switch for choosing which
157
- * capability users need to access the Dashboard. Mimics
158
- * 'Page on front' UI in options-reading.php for a more
159
- * integrated feel.
160
- *
161
- * @since 1.0
162
- *
163
- * @uses checked() Activates the checked attribute on the selected option.
164
- * @uses $this->caps_dropdown() Displays the capabilities dropdown paired with the second access switch radio option.
165
- */
166
- function access_switch_cb() {
167
- $switch = esc_attr( $this->settings['access_switch'] );
168
- ?>
169
- <p><label>
170
- <input name="rda-settings[access_switch]" type="radio" value="manage_options" class="tag" <?php checked( 'manage_options', $switch ); ?> />
171
- <?php _e( 'Administrators only', 'remove_dashboard_access' ); ?>
172
- </label></p>
173
- <p><label>
174
- <input name="rda-settings[access_switch]" type="radio" value="capability" class="tag" <?php checked( 'capability', $switch ); ?> />
175
- <?php _e( 'Limit by capability:', 'remove_dashboard_access' ); ?>
176
- </label>
177
- <?php $this->output_caps_dropdown(); ?>
178
- </p>
179
- <p>
180
- <?php printf( __( 'You can find out more about specific %s in the Codex.', 'remove_dashboard_access' ),
181
- sprintf( '<a href="%1$s" target="_new">%2$s</a>',
182
- esc_url( 'http://codex.wordpress.org/Roles_and_Capabilities' ),
183
- esc_html( __( 'Roles and Capabilities', 'remove_dashboard_access' ) )
184
- )
185
- ); ?>
186
- </p>
187
- <?php
188
- }
189
-
190
- /**
191
- * Capability-type radio switch jQuery script
192
- *
193
- * When the 'Limit by capability' radio option is selected the script
194
- * enables the capabilities drop-down. Default state is disabled.
195
- *
196
- * @since 1.0
197
- */
198
- function access_switch_js() {
199
- ?>
200
- <script type="text/javascript">
201
- jQuery(document).ready(function($){
202
- var section = $('#rda-options-form'),
203
- capType = section.find('input:radio[value="capability"]'),
204
- selects = section.find('select'),
205
- check_disabled = function(){
206
- selects.prop( 'disabled', ! capType.prop('checked') );
207
- };
208
- check_disabled();
209
- section.find('input:radio').change(check_disabled);
210
- });
211
- </script>
212
- <?php
213
- }
214
-
215
- /**
216
- * Capability-type switch drop-down
217
- *
218
- * @since 1.0
219
- *
220
- * @uses global $wp_roles to derive an array of capabilities.
221
- */
222
- function output_caps_dropdown() {
223
- global $wp_roles;
224
-
225
- $capabilities = array();
226
- foreach ( $wp_roles->role_objects as $key => $role ) {
227
- if ( is_array( $role->capabilities ) ) {
228
- foreach ( $role->capabilities as $cap => $grant )
229
- $capabilities[$cap] = $cap;
230
- }
231
- }
232
-
233
- // Gather legacy user levels
234
- $levels = array(
235
- 'level_0','level_1', 'level_2', 'level_3',
236
- 'level_4', 'level_5', 'level_6', 'level_7',
237
- 'level_8', 'level_9', 'level_10'
238
- );
239
-
240
- // Remove levels from caps array
241
- $capabilities = array_diff( $capabilities, $levels );
242
-
243
- // Alphabetize for nicer display
244
- ksort( $capabilities );
245
-
246
- // Start <select> element, plus default first option
247
- print( '<select name="rda-settings[access_cap]"><option selected="selected" value="manage_options">--- Select One ---</option>' );
248
-
249
- // Build capabilities dropdown
250
- foreach ( $capabilities as $capability => $value ) {
251
- printf( '<option value="%1$s" %2$s>%3$s</option>', esc_attr( $value ), selected( $this->settings['access_cap'], $value ), esc_html( $capability ) );
252
- }
253
- print( '</select>' );
254
- }
255
-
256
- /**
257
- * Enable profile access checkbox display callback
258
- *
259
- * @since 1.0
260
- *
261
- * @uses checked() Outputs the checked attribute when the option is enabled.
262
- */
263
- function profile_enable_cb() {
264
- printf( '<input name="rda-settings[enable_profile]" type="checkbox" value="1" class="code" %1$s/>%2$s',
265
- checked( esc_attr( $this->settings['enable_profile'] ), true, false ),
266
- /* Translators: The leading space is intentional to space the text away from the checkbox */
267
- __( ' Allow users to edit their profiles in the dashboard.', 'remove_dashboard_access' )
268
- );
269
- }
270
-
271
- /**
272
- * Redirect Settings Title & Description
273
- *
274
- * @since 1.0
275
- */
276
- function redirect_desc_cb() {
277
- printf( __( 'Users who lack the selected role or capability will be redirected to a URL you specify. Left blank, default is: <strong>%s</strong>', 'remove_dashboard_access' ), home_url() );
278
- }
279
-
280
- /**
281
- * Redirect URL display callback
282
- *
283
- * Default value is home_url(). $this->sanitize_options() handles validation and escaping.
284
- *
285
- * @since 1.0
286
- */
287
- function url_redirect_cb() {
288
- ?>
289
- <p><label>
290
- <?php _e( 'Redirect users to:', 'remove_dashboard_access' ); ?>
291
- <input name="rda-settings[redirect_url]" class="regular-text" type="text" value="<?php echo esc_attr( $this->settings['redirect_url'] ); ?>" />
292
- </label></p>
293
- <?php
294
- }
295
-
296
- /**
297
- * Sanitize options values for 'rda-settings'
298
- *
299
- * @since 1.0
300
- *
301
- * @param array $options Options array to sanitize and validate.
302
- * @return array $options The sanitized options array values.
303
- */
304
- function sanitize_options( $options ) {
305
- $options['access_switch'] = esc_attr( $options['access_switch'] );
306
- $options['enable_profile'] = ( isset( $options['enable_profile'] ) && true == $options['enable_profile'] ) ? true : false;
307
- if ( empty( $options['redirect_url'] ) )
308
- // If Redirect URL is empty, use the home_url()
309
- $options['redirect_url'] = home_url();
310
- elseif ( ! preg_match( '|^\S+://\S+\.\S+.+$|', $options['redirect_url'] ) )
311
- // Malformed URL, throw a validation error
312
- add_settings_error( 'rda-settings[redirect_url]', 'invalid-url', sprintf( __( 'Please enter a properly-formed URL. For example: %s', 'remove_dashboard_access' ), esc_url( home_url() ) ) );
313
- else
314
- $options['redirect_url'] = esc_url_raw( $options['redirect_url'] );
315
- return $options;
316
- }
317
-
318
- /**
319
- * Required capability for Dashboard access
320
- *
321
- * @since 1.0
322
- *
323
- * @return string $this->settings['access_cap'] if isset, otherwise, 'manage_options' (filterable)
324
- */
325
- function capability() {
326
- if ( isset( $this->settings['access_cap'] ) )
327
- return $this->settings['access_cap'];
328
- else
329
- return apply_filters( 'rda_default_access_cap', 'manage_options' );
330
- }
331
-
332
- /**
333
- * Plugins list 'Settings' row link
334
- *
335
- * @since 1.0
336
- *
337
- * @param array $links Row links array to filter.
338
- * @return array $links Filtered links array.
339
- */
340
- function settings_link( $links ) {
341
- return array_merge(
342
- array( 'settings' => sprintf(
343
- '<a href="%1$s">%2$s</a>',
344
- esc_url( admin_url( 'options-general.php?page=dashboard-access' ) ),
345
- esc_attr( __( 'Settings', 'remove_dashboard_access' ) )
346
- ) ), $links
347
- );
348
- }
349
-
350
- } // RDA_Options
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
uninstall.php CHANGED
@@ -4,5 +4,14 @@
4
  *
5
  * @since 1.0
6
  */
 
 
 
 
 
 
 
7
 
8
- delete_option( 'rda-settings' );
 
 
4
  *
5
  * @since 1.0
6
  */
7
+ $settings = array(
8
+ 'rda_access_switch',
9
+ 'rda_access_cap',
10
+ 'rda_redirect_url',
11
+ 'rda_enable_profile',
12
+ 'rda_login_message'
13
+ );
14
 
15
+ foreach ( $settings as $setting ) {
16
+ delete_option( $setting );
17
+ }