User Role Editor - Version 4.28

Version Description

Release Info

Developer	shinephp
Plugin	User Role Editor
Version	4.28
Comparing to
See all releases

Code changes from version 4.27.2 to 4.28

Files changed (14) hide show

images/ajax-loader.gif +0 -0
images/remove-16.png +0 -0
includes/classes/base-lib.php +1 -0
includes/classes/capabilities-groups-manager.php +83 -34
includes/classes/role-view.php +6 -6
includes/classes/ure-lib.php +43 -7
includes/classes/user-role-editor.php +4 -4
includes/classes/user-view.php +2 -2
includes/classes/view.php +2 -2
includes/classes/woocommerce-capabilities.php +124 -0
includes/loader.php +1 -0
includes/settings-template.php +3 -3
readme.txt +4 -3
user-role-editor.php +2 -2

images/ajax-loader.gif ADDED Viewed

Binary file

images/remove-16.png ADDED Viewed

Binary file

includes/classes/base-lib.php CHANGED Viewed

	@@ -227,6 +227,7 @@ class URE_Base_Lib {
227	// end of check_version()
228
229	/**

230	* returns 'selected' HTML cluster if $value matches to $etalon
231	*
232	* @param string $value


227	// end of check_version()
228
229	/**
230	+ * @TODO: replace with selected() from WordPress general-template.php
231	* returns 'selected' HTML cluster if $value matches to $etalon
232	*
233	* @param string $value

includes/classes/capabilities-groups-manager.php CHANGED Viewed

	@@ -50,24 +50,53 @@ class URE_Capabilities_Groups_Manager {
50	$built_in_pt[] = 'attachment';
51	}
52

53	foreach($post_types as $post_type) {
54	- if (!isset($_post_types[$post_type->name])) {
55	continue;
56	}
57	- if (in_array($post_type->name, ~~$built_in_pt~~)) {




58	continue;
59	}


60	$this->groups[$post_type->name] = array('caption'=>$post_type->labels->name, 'parent'=>'custom_post_types', 'level'=>2);
61	}
62	}
63	// end of add_custom_post_types()
64
65






















66	public function get_groups_tree() {
67
68	if ($this->groups!==null) {
69	return $this->groups;
70	- }
71
72	$this->groups = array(
73	'all'=>array('caption'=>esc_html__('All', 'user-role-editor'), 'parent'=>null, 'level'=>0),
	@@ -85,10 +114,10 @@ class URE_Capabilities_Groups_Manager {
85	}
86	$this->groups['deprecated'] = array('caption'=>esc_html__('Deprecated', 'user-role-editor'), 'parent'=>'core', 'level'=>2);
87
88	- $this->add_custom_post_types();
89	-
90	- $this->groups = apply_filters('ure_capabilities_groups_tree', $this->groups);
91	$this->groups['custom'] = array('caption'=>esc_html__('Custom capabilities', 'user-role-editor'), 'parent'=>'all', 'level'=>1);


92
93	return $this->groups;
94	}
	@@ -204,18 +233,46 @@ class URE_Capabilities_Groups_Manager {
204	// end of get_built_in_wp_caps()
205
206
207	- private function ~~get_custom_post_type_capabilities~~(~~$post_type, $post_edit_caps~~) {
208	- ~~foreach(~~$~~post_edit_caps~~ as ~~$capability~~) {
209	- if (~~!isset($post_type->cap->$capability~~)~~) {~~
210	- ~~continue;~~



















211	}
212	- ~~$cap = $post_type->cap->$capability;~~
213	if (!isset($this->cpt_caps[$cap])) {
214	$this->cpt_caps[$cap] = array('custom', 'custom_post_types');
215	}
216	$this->cpt_caps[$cap][] = $post_type->name;
217	}
218	}









219	// end of get_custom_post_type_capabilities()
220
221
	@@ -245,32 +302,25 @@ class URE_Capabilities_Groups_Manager {
245	return $this->cpt_caps;
246	}
247	// end of _get_all_custom_post_types_capabilities()
248	-
249	-
250	- private function get_woocommerce_capabilities() {
251	-
252	- $caps = array();
253	-
254	- return $caps;
255	- }
256	- // end of get_woocommerce_capabilities()
257	-
258
259	private function get_groups_for_custom_cap($cap_id) {
260
261	- $wc_caps = ~~$this->get_woocommerce_capabilities~~();
262	- $groups = array();
263	if (isset($wc_caps[$cap_id])) {
264	- $~~groups~~ = $wc_caps[$cap_id];
265	}
266	-
267	if (isset($this->cpt_caps[$cap_id])) {
268	- $~~groups~~ = $this->cpt_caps[$cap_id];
269	}
270
271	- if (~~empty($groups~~)~~) {~~
272	- ~~$groups~~ ~~= array~~(~~'custom'~~);
273	- }




274
275	return $groups;
276	}
	@@ -283,11 +333,10 @@ class URE_Capabilities_Groups_Manager {
283	$groups = $built_in_wp_caps[$cap_id];
284	} else {
285	$groups = $this->get_groups_for_custom_cap($cap_id);
286	- }
287	-
288	- $groups = ~~apply_filters(~~'~~ure_custom_capability_groups~~', ~~$groups,~~ ~~$cap_id);~~
289	-
290	- $groups[] = 'all'; // Every capability belongs to the 'all' group
291
292	return $groups;
293	}


50	$built_in_pt[] = 'attachment';
51	}
52
53	+ $show_wc_post_types_under_wc_only = apply_filters('ure_show_wc_post_types_under_wc_only', false);
54	foreach($post_types as $post_type) {
55	+ if (!isset($_post_types[$post_type->name]) \|\| in_array($post_type->name, $built_in_pt)) {
56	continue;
57	}
58	+ if ($show_wc_post_types_under_wc_only && in_array($post_type->name, URE_Woocommerce_Capabilities::$post_types)) {
59	+ continue;
60	+ }
61	+ /*
62	+ if (!$post_type->public) {
63	continue;
64	}
65	+ *
66	+ */
67	$this->groups[$post_type->name] = array('caption'=>$post_type->labels->name, 'parent'=>'custom_post_types', 'level'=>2);
68	}
69	}
70	// end of add_custom_post_types()
71
72
73	+ private function add_woocommerce_groups() {
74	+
75	+ $full_caps = $this->lib->get('full_capabilities');
76	+ if (!isset($full_caps['manage_woocommerce'])) {
77	+ return;
78	+ }
79	+
80	+ $post_types = get_post_types(array(), 'objects');
81	+
82	+ $this->groups['woocommerce'] = array('caption'=>esc_html__('WooCommerce', 'user-role-editor'), 'parent'=>'custom', 'level'=>3);
83	+ $this->groups['woocommerce_core'] = array('caption'=>esc_html__('Core', 'user-role-editor'), 'parent'=>'woocommerce', 'level'=>4);
84	+ foreach(URE_Woocommerce_Capabilities::$post_types as $post_type) {
85	+ if (!isset($post_types[$post_type])) {
86	+ continue;
87	+ }
88	+ $this->groups['woocommerce_'. $post_type] = array('caption'=>$post_types[$post_type]->labels->name, 'parent'=>'woocommerce', 'level'=>4);
89	+ }
90	+
91	+ }
92	+ // end of add_woocommerce_group()
93	+
94	+
95	public function get_groups_tree() {
96
97	if ($this->groups!==null) {
98	return $this->groups;
99	+ }
100
101	$this->groups = array(
102	'all'=>array('caption'=>esc_html__('All', 'user-role-editor'), 'parent'=>null, 'level'=>0),

114	}
115	$this->groups['deprecated'] = array('caption'=>esc_html__('Deprecated', 'user-role-editor'), 'parent'=>'core', 'level'=>2);
116
117	+ $this->add_custom_post_types();


118	$this->groups['custom'] = array('caption'=>esc_html__('Custom capabilities', 'user-role-editor'), 'parent'=>'all', 'level'=>1);
119	+ $this->add_woocommerce_groups();
120	+ $this->groups = apply_filters('ure_capabilities_groups_tree', $this->groups);
121
122	return $this->groups;
123	}

233	// end of get_built_in_wp_caps()
234
235
236	+ private function get_post_types_without_caps() {
237	+ $pt_without_caps = array();
238	+ $wc_pts = URE_Woocommerce_Capabilities::get_post_types_without_caps();
239	+
240	+ $pt_without_caps = array_merge($pt_without_caps, $wc_pts);
241	+
242	+ return $pt_without_caps;
243	+ }
244	+ // end of get_post_types_without_caps()
245	+
246	+
247	+ /**
248	+ * Get capabilities registered with custom post type
249	+ *
250	+ * @param object $post_type
251	+ * @param array $post_edit_caps
252	+ */
253	+ private function get_registered_cpt_caps($post_type, $post_edit_caps) {
254	+ foreach ($post_edit_caps as $capability) {
255	+ if (isset($post_type->cap->$capability)) {
256	+ $cap = $post_type->cap->$capability;
257	+ } else {
258	+ continue;
259	}
260	+
261	if (!isset($this->cpt_caps[$cap])) {
262	$this->cpt_caps[$cap] = array('custom', 'custom_post_types');
263	}
264	$this->cpt_caps[$cap][] = $post_type->name;
265	}
266	}
267	+ // end of get_registered_cpt_caps()
268	+
269	+
270	+ private function get_custom_post_type_capabilities($post_type, $post_edit_caps) {
271	+ $pt_without_caps = $this->get_post_types_without_caps();
272	+ if (!in_array($post_type->name, $pt_without_caps)) {
273	+ $this->get_registered_cpt_caps($post_type, $post_edit_caps);
274	+ }
275	+ }
276	// end of get_custom_post_type_capabilities()
277
278

302	return $this->cpt_caps;
303	}
304	// end of _get_all_custom_post_types_capabilities()
305	+









306
307	private function get_groups_for_custom_cap($cap_id) {
308
309	+ $wc_caps = URE_Woocommerce_Capabilities::get();

310	if (isset($wc_caps[$cap_id])) {
311	+ $groups1 = $wc_caps[$cap_id];
312	}

313	if (isset($this->cpt_caps[$cap_id])) {
314	+ $groups2 = $this->cpt_caps[$cap_id];
315	}
316
317	+ $groups = array('custom');
318	+ if (!empty($groups1)) {
319	+ $groups = array_merge($groups, $groups1);
320	+ }
321	+ if (!empty($groups2)) {
322	+ $groups = array_merge($groups, $groups2);
323	+ }
324
325	return $groups;
326	}

333	$groups = $built_in_wp_caps[$cap_id];
334	} else {
335	$groups = $this->get_groups_for_custom_cap($cap_id);
336	+ }
337	+ $groups = apply_filters('ure_custom_capability_groups', $groups, $cap_id);
338	+ $groups[] = 'all'; // Every capability belongs to the 'all' group
339	+ $groups = array_unique($groups);

340
341	return $groups;
342	}

includes/classes/role-view.php CHANGED Viewed

	@@ -45,7 +45,7 @@ class URE_Role_View extends URE_View {
45	$this->role_default_html = '<select id="default_user_role" name="default_user_role" '. $select_style .'>';
46	foreach ($roles as $key => $value) {
47	$selected = $this->lib->option_selected($key, $wp_default_role);
48	- $disabled = ($key==='administrator' && $caps_access_restrict_for_simple_admin && !is_super_admin()) ? 'disabled' : '';
49	if ($show_admin_role \|\| $key != 'administrator') {
50	$translated_name = esc_html__($value['name'], 'user-role-editor'); // get translation from URE language file, if exists
51	if ($translated_name === $value['name']) { // get WordPress internal translation
	@@ -81,7 +81,7 @@ class URE_Role_View extends URE_View {
81	continue;
82	}
83	$selected1 = $this->lib->option_selected($key, $current_role);
84	- $disabled = ($key==='administrator' && $caps_access_restrict_for_simple_admin && !is_super_admin()) ? 'disabled' : '';
85	if ($show_admin_role \|\| $key != 'administrator') {
86	$translated_name = esc_html__($value['name'], 'user-role-editor'); // get translation from URE language file, if exists
87	if ($translated_name === $value['name']) { // get WordPress internal translation
	@@ -236,7 +236,7 @@ if ($multisite && !is_network_admin()) {
236	} else {
237	$add_del_role_for_simple_admin = 1;
238	}
239	- $super_admin = is_super_admin();
240	$multisite = $this->lib->get('multisite');
241
242	?>
	@@ -294,7 +294,7 @@ if ($multisite && !is_network_admin()) {
294	<div id="ure_service_tools">
295	<?php
296	do_action('ure_role_edit_toolbar_service');
297	- if (!$multisite \|\| (is_main_site( get_current_blog_id()) \|\| (is_network_admin() && is_super_admin()))) {
298	if (current_user_can('ure_reset_roles')) {
299	?>
300	<button id="ure_reset_roles_button" class="ure_toolbar_button" style="color: red;" title="Reset Roles to its original state">Reset</button>
	@@ -326,7 +326,7 @@ if ($multisite && !is_network_admin()) {
326	$checked = '';
327	}
328	$caps_access_restrict_for_simple_admin = $this->lib->get_option('caps_access_restrict_for_simple_admin', 0);
329	- if (is_super_admin() \|\| !$multisite \|\| !$this->lib->is_pro() \|\| !$caps_access_restrict_for_simple_admin) {
330	?>
331	<input type="checkbox" name="ure_caps_readable" id="ure_caps_readable" value="1" <?php echo $checked; ?> onclick="ure_turn_caps_readable(0);"/>
332	<label for="ure_caps_readable"><?php esc_html_e('Show capabilities in human readable form', 'user-role-editor'); ?></label>
	@@ -342,7 +342,7 @@ if ($multisite && !is_network_admin()) {
342	<label for="ure_show_deprecated_caps"><?php esc_html_e('Show deprecated capabilities', 'user-role-editor'); ?></label>
343	<?php
344	}
345	- if ($multisite && $active_for_network && !is_network_admin() && is_main_site(get_current_blog_id()) && is_super_admin()) {
346	$hint = esc_html__('If checked, then apply action to ALL sites of this Network');
347	$apply_to_all = $this->lib->get('apply_to_all');
348	if ($apply_to_all) {


45	$this->role_default_html = '<select id="default_user_role" name="default_user_role" '. $select_style .'>';
46	foreach ($roles as $key => $value) {
47	$selected = $this->lib->option_selected($key, $wp_default_role);
48	+ $disabled = ($key==='administrator' && $caps_access_restrict_for_simple_admin && !$this->lib->is_super_admin()) ? 'disabled' : '';
49	if ($show_admin_role \|\| $key != 'administrator') {
50	$translated_name = esc_html__($value['name'], 'user-role-editor'); // get translation from URE language file, if exists
51	if ($translated_name === $value['name']) { // get WordPress internal translation

81	continue;
82	}
83	$selected1 = $this->lib->option_selected($key, $current_role);
84	+ $disabled = ($key==='administrator' && $caps_access_restrict_for_simple_admin && !$this->lib->is_super_admin()) ? 'disabled' : '';
85	if ($show_admin_role \|\| $key != 'administrator') {
86	$translated_name = esc_html__($value['name'], 'user-role-editor'); // get translation from URE language file, if exists
87	if ($translated_name === $value['name']) { // get WordPress internal translation

236	} else {
237	$add_del_role_for_simple_admin = 1;
238	}
239	+ $super_admin = $this->lib->is_super_admin();
240	$multisite = $this->lib->get('multisite');
241
242	?>

294	<div id="ure_service_tools">
295	<?php
296	do_action('ure_role_edit_toolbar_service');
297	+ if (!$multisite \|\| (is_main_site( get_current_blog_id()) \|\| (is_network_admin() && $this->lib->is_super_admin()))) {
298	if (current_user_can('ure_reset_roles')) {
299	?>
300	<button id="ure_reset_roles_button" class="ure_toolbar_button" style="color: red;" title="Reset Roles to its original state">Reset</button>

326	$checked = '';
327	}
328	$caps_access_restrict_for_simple_admin = $this->lib->get_option('caps_access_restrict_for_simple_admin', 0);
329	+ if ($this->lib->is_super_admin() \|\| !$multisite \|\| !$this->lib->is_pro() \|\| !$caps_access_restrict_for_simple_admin) {
330	?>
331	<input type="checkbox" name="ure_caps_readable" id="ure_caps_readable" value="1" <?php echo $checked; ?> onclick="ure_turn_caps_readable(0);"/>
332	<label for="ure_caps_readable"><?php esc_html_e('Show capabilities in human readable form', 'user-role-editor'); ?></label>

342	<label for="ure_show_deprecated_caps"><?php esc_html_e('Show deprecated capabilities', 'user-role-editor'); ?></label>
343	<?php
344	}
345	+ if ($multisite && $active_for_network && !is_network_admin() && is_main_site(get_current_blog_id()) && $this->lib->is_super_admin()) {
346	$hint = esc_html__('If checked, then apply action to ALL sites of this Network');
347	$apply_to_all = $this->lib->get('apply_to_all');
348	if ($apply_to_all) {

includes/classes/ure-lib.php CHANGED Viewed

	@@ -978,7 +978,7 @@ class Ure_Lib extends URE_Base_Lib {
978	if (!$this->multisite) { // work for multisite only
979	return false;
980	}
981	- if (!$ignore_super_admin && is_super_admin()) { // Do not block superadmin
982	return false;
983	}
984	$caps_access_restrict_for_simple_admin = $this->get_option('caps_access_restrict_for_simple_admin', 0);
	@@ -1598,7 +1598,7 @@ class Ure_Lib extends URE_Base_Lib {
1598	protected function update_roles() {
1599	global $wp_roles;
1600
1601	- if ($this->multisite && is_super_admin() && $this->apply_to_all) { // update Role for the all blogs/sites in the network (permitted to superadmin only)
1602	if (!$this->multisite_update_roles()) {
1603	return false;
1604	}
	@@ -2199,11 +2199,47 @@ class Ure_Lib extends URE_Base_Lib {
2199
2200	return false;
2201	}
2202	- // end of user_can()
2203
2204
2205	- ~~// returns true if current user has $capability assigned through the roles or directly~~
2206	- // ~~returns~~ ~~true~~ if ~~current~~ ~~user~~ ~~has role with name equal $cap~~




































2207	public function user_has_capability($user, $cap) {
2208
2209	global $wp_roles;
	@@ -2211,7 +2247,7 @@ class Ure_Lib extends URE_Base_Lib {
2211	if (!is_object($user) \|\| empty($user->ID)) {
2212	return false;
2213	}
2214	- if (~~is_multisite()~~ && is_super_admin($user->ID)) {
2215	return true;
2216	}
2217
	@@ -2261,7 +2297,7 @@ class Ure_Lib extends URE_Base_Lib {
2261
2262
2263	public function get_edit_user_caps_mode() {
2264	- if ($this->multisite && is_super_admin()) {
2265	return 1;
2266	}
2267


978	if (!$this->multisite) { // work for multisite only
979	return false;
980	}
981	+ if (!$ignore_super_admin && $this->is_super_admin()) { // Do not block superadmin
982	return false;
983	}
984	$caps_access_restrict_for_simple_admin = $this->get_option('caps_access_restrict_for_simple_admin', 0);

1598	protected function update_roles() {
1599	global $wp_roles;
1600
1601	+ if ($this->multisite && $this->is_super_admin() && $this->apply_to_all) { // update Role for the all blogs/sites in the network (permitted to superadmin only)
1602	if (!$this->multisite_update_roles()) {
1603	return false;
1604	}

2199
2200	return false;
2201	}
2202	+ // end of user_can()
2203
2204
2205	+ /**
2206	+ * Wrapper for WordPress capabilities.php is_super_admin().
2207	+ * Returns true if user has a real super administrator permissions
2208	+ * It takes into account $this->raised_permissions value, in order do not count a user with temporally raised permissions a real superadmin
2209	+ * @param int $user_id
2210	+ * @global WP_User $current_user
2211	+ * @return boolean
2212	+ */
2213	+ public function is_super_admin($user_id = false) {
2214	+
2215	+ if (empty($user_id)) {
2216	+ $user = wp_get_current_user();
2217	+ $user_id = $user->ID;
2218	+ } else {
2219	+ $user = get_userdata($user_id);
2220	+ }
2221	+ if (!$user \|\| !$user->exists()) {
2222	+ return false;
2223	+ }
2224	+
2225	+ if ($this->multisite && $this->raised_permissions) {
2226	+ return false;
2227	+ }
2228	+
2229	+ if (!$this->multisite && $this->user_has_capability($user, 'administrator')) {
2230	+ return true;
2231	+ }
2232	+
2233	+ $result = is_super_admin($user_id);
2234	+
2235	+ return $result;
2236	+ }
2237	+ // end of is_super_admin()
2238	+
2239	+
2240	+ // Returns true if user is a real superadmin
2241	+ // Returns true if user has $capability assigned through the roles or directly
2242	+ // Returns true if user has role with name equal $cap
2243	public function user_has_capability($user, $cap) {
2244
2245	global $wp_roles;

2247	if (!is_object($user) \|\| empty($user->ID)) {
2248	return false;
2249	}
2250	+ if ($this->multisite && !$this->raised_permissions && is_super_admin($user->ID)) { // do not replace with $this->is_super_admin() to exclude recursion
2251	return true;
2252	}
2253

2297
2298
2299	public function get_edit_user_caps_mode() {
2300	+ if ($this->multisite && $this->is_super_admin()) {
2301	return 1;
2302	}
2303

includes/classes/user-role-editor.php CHANGED Viewed

	@@ -311,7 +311,7 @@ class User_Role_Editor {
311	if ($current_user->ID===0) {
312	return;
313	}
314	- if (is_super_admin()) { // Superadmin may do all
315	return;
316	}
317
	@@ -324,8 +324,8 @@ class User_Role_Editor {
324	return;
325	}
326
327	- // editing a user profile
328	- if (!is_super_admin($current_user->ID) && is_super_admin($profileuser->ID)) { // trying to edit a superadmin while himself is less than a superadmin
329	wp_die(esc_html__('You do not have permission to edit this user.', 'user-role-editor'));
330	} elseif (!( is_user_member_of_blog($profileuser->ID, get_current_blog_id()) && is_user_member_of_blog($current_user->ID, get_current_blog_id()) )) { // editing user and edited user aren't members of the same blog
331	wp_die(esc_html__('You do not have permission to edit this user.', 'user-role-editor'));
	@@ -405,7 +405,7 @@ class User_Role_Editor {
405	$multisite = $this->lib->get('multisite');
406	// if multi-site, then allow plugin activation for network superadmins and, if that's specially defined, - for single site administrators too
407	if ($multisite) {
408	- if (is_super_admin() \|\| $this->lib->user_is_admin()) {
409	return $plugins;
410	}
411	} else {


311	if ($current_user->ID===0) {
312	return;
313	}
314	+ if ($this->lib->is_super_admin()) { // Superadmin may do all
315	return;
316	}
317

324	return;
325	}
326
327	+ // editing a user profile: it's correct to call is_super_admin() directly here, as permissions are raised for the $current_user only
328	+ if (!$this->lib->is_super_admin($current_user->ID) && is_super_admin($profileuser->ID)) { // trying to edit a superadmin while himself is less than a superadmin
329	wp_die(esc_html__('You do not have permission to edit this user.', 'user-role-editor'));
330	} elseif (!( is_user_member_of_blog($profileuser->ID, get_current_blog_id()) && is_user_member_of_blog($current_user->ID, get_current_blog_id()) )) { // editing user and edited user aren't members of the same blog
331	wp_die(esc_html__('You do not have permission to edit this user.', 'user-role-editor'));

405	$multisite = $this->lib->get('multisite');
406	// if multi-site, then allow plugin activation for network superadmins and, if that's specially defined, - for single site administrators too
407	if ($multisite) {
408	+ if ($this->lib->is_super_admin() \|\| $this->lib->user_is_admin()) {
409	return $plugins;
410	}
411	} else {

includes/classes/user-view.php CHANGED Viewed

	@@ -69,7 +69,7 @@ class URE_User_View extends URE_View {
69	$user_info .= ' (' . $this->user_to_edit->display_name . ')';
70	}
71	$user_info .= $anchor_end . '</span>';
72	- if (is_multisite() && is_super_admin($this->user_to_edit->ID)) {
73	$user_info .= ' <span style="font-weight: bold; color:red;">' . esc_html__('Network Super Admin', 'user-role-editor') . '</span>';
74	}
75
	@@ -142,7 +142,7 @@ class URE_User_View extends URE_View {
142	<td> </td>
143	<td style="padding-left: 10px; padding-bottom: 5px;">
144	<?php
145	- if (is_super_admin() \|\| !$this->multisite \|\| !class_exists('User_Role_Editor_Pro') \|\| !$caps_access_restrict_for_simple_admin) {
146	if ($caps_readable) {
147	$checked = 'checked="checked"';
148	} else {


69	$user_info .= ' (' . $this->user_to_edit->display_name . ')';
70	}
71	$user_info .= $anchor_end . '</span>';
72	+ if (is_multisite() && $this->lib->is_super_admin($this->user_to_edit->ID)) {
73	$user_info .= ' <span style="font-weight: bold; color:red;">' . esc_html__('Network Super Admin', 'user-role-editor') . '</span>';
74	}
75

142	<td> </td>
143	<td style="padding-left: 10px; padding-bottom: 5px;">
144	<?php
145	+ if ($this->lib->is_super_admin() \|\| !$this->multisite \|\| !class_exists('User_Role_Editor_Pro') \|\| !$caps_access_restrict_for_simple_admin) {
146	if ($caps_readable) {
147	$checked = 'checked="checked"';
148	} else {

includes/classes/view.php CHANGED Viewed

	@@ -94,7 +94,7 @@ class URE_View {
94	$blocked = false;
95	$multisite = $this->lib->get('multisite');
96	if ($multisite && $this->lib->block_cap_for_single_admin($cap_id, true)) {
97	- if (is_super_admin()) {
98	if (!is_network_admin()) {
99	$label_style = 'style="color: red;"';
100	}
	@@ -118,7 +118,7 @@ class URE_View {
118	$onclick_for_admin = '';
119	$multisite = $this->lib->get('multisite');
120	$current_role = $this->lib->get('current_role');
121	- if (!($multisite && is_super_admin())) { // do not limit SuperAdmin for multi-site
122	if ('administrator'==$current_role) {
123	$onclick_for_admin = 'onclick="ure_turn_it_back(this)"';
124	}


94	$blocked = false;
95	$multisite = $this->lib->get('multisite');
96	if ($multisite && $this->lib->block_cap_for_single_admin($cap_id, true)) {
97	+ if ($this->lib->is_super_admin()) {
98	if (!is_network_admin()) {
99	$label_style = 'style="color: red;"';
100	}

118	$onclick_for_admin = '';
119	$multisite = $this->lib->get('multisite');
120	$current_role = $this->lib->get('current_role');
121	+ if (!($multisite && $this->lib->is_super_admin())) { // do not limit SuperAdmin for multi-site
122	if ('administrator'==$current_role) {
123	$onclick_for_admin = 'onclick="ure_turn_it_back(this)"';
124	}

includes/classes/woocommerce-capabilities.php ADDED Viewed

	@@ -0,0 +1,124 @@


1	+ <?php
2	+ /**
3	+ * Class to provide the list of WooCommerce plugin user capabilities
4	+ *
5	+ * @package User-Role-Editor
6	+ * @subpackage Admin
7	+ * @author Vladimir Garagulya <support@role-editor.com>
8	+ * @copyright Copyright (c) 2010 - 2016, Vladimir Garagulya
9	+ **/
10	+ class URE_Woocommerce_Capabilities {
11	+
12	+ public static $post_types = array('product', 'shop_order', 'shop_coupon', 'shop_webhook', 'product_variation', 'shop_order_refund');
13	+ private static $capability_types = array('product', 'shop_order', 'shop_coupon', 'shop_webhook');
14	+
15	+
16	+ public static function add_group_to_caps(&$caps, $post_type, $group) {
17	+
18	+ $post_types = $post_type .'s';
19	+ $caps['edit_'. $post_types][] = $group;
20	+ $caps['edit_others_'. $post_types][] = $group;
21	+ $caps['publish_'. $post_types][] = $group;
22	+ $caps['read_private_'. $post_types][] = $group;
23	+ $caps['delete_'. $post_types][] = $group;
24	+ $caps['delete_private_'. $post_types][] = $group;
25	+ $caps['delete_published_'. $post_types][] = $group;
26	+ $caps['delete_others_'. $post_types][] = $group;
27	+ $caps['edit_private_'. $post_types][] = $group;
28	+ $caps['edit_published_'. $post_types][] = $group;
29	+
30	+ }
31	+ // end of add_group_to_caps()
32	+
33	+
34	+ private static function add_base_caps(&$caps, $group, $subgroup, $cap_type) {
35	+
36	+ $cap_types = $cap_type .'s';
37	+ $caps['edit_'. $cap_type] = array('custom', $group, $subgroup, $cap_type);
38	+ $caps['read_'. $cap_type] = array('custom', $group, $subgroup, $cap_type);
39	+ $caps['delete_'. $cap_type] = array('custom', $group, $subgroup, $cap_type);
40	+ $caps['edit_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
41	+ $caps['edit_others_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
42	+ $caps['publish_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
43	+ $caps['read_private_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
44	+ $caps['delete_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
45	+ $caps['delete_private_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
46	+ $caps['delete_published_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
47	+ $caps['delete_others_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
48	+ $caps['edit_private_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
49	+ $caps['edit_published_'. $cap_types] = array('custom', $group, $subgroup, $cap_type);
50	+
51	+ }
52	+ // end of add_caps()
53	+
54	+ /**
55	+ * Returns full list of WooCommerce plugin user capabilities
56	+ */
57	+ public static function get() {
58	+
59	+ $caps = array(
60	+ 'manage_woocommerce'=>array('custom', 'woocommerce', 'woocommerce_core'),
61	+ 'view_woocommerce_reports'=>array('custom', 'woocommerce', 'woocommerce_core'),
62	+ 'view_admin_dashboard'=>array('custom', 'woocommerce', 'woocommerce_core')
63	+ );
64	+
65	+ // code was built on the base of woocommerce/includes/class-wc-install.php method WC_Install::get_core_capabilities()
66	+ $group = 'woocommerce';
67	+ foreach (self::$capability_types as $cap_type) {
68	+ $subgroup = $group .'_'. $cap_type;
69	+ self::add_base_caps($caps, $group, $subgroup, $cap_type);
70	+ $caps['manage_'. $cap_type .'_terms'] = array('custom', $group, $subgroup, $cap_type);
71	+ $caps['edit_'. $cap_type .'_terms'] = array('custom', $group, $subgroup, $cap_type);
72	+ $caps['delete_'. $cap_type .'_terms'] = array('custom', $group, $subgroup, $cap_type);
73	+ $caps['assign_'. $cap_type .'_terms'] = array('custom', $group, $subgroup, $cap_type);
74	+ }
75	+
76	+ $pto1 = get_post_type_object('product_variation');
77	+ if (empty($pto1) \|\| $pto1->capability_type === 'product') { // default, not redefined by some plugin
78	+ // add capabilities group for the product_variation custom post type
79	+ self::add_group_to_caps($caps, 'product', 'woocommerce_product_variation');
80	+ self::add_group_to_caps($caps, 'product', 'product_variation');
81	+ } else {
82	+ $cap_type = 'product_variation';
83	+ $subgroup = $group .'_'. $cap_type;
84	+ self::add_base_caps($caps, $group, $subgroup, $cap_type);
85	+ }
86	+ $pto2 = get_post_type_object('shop_order_refund');
87	+ if (empty($pto2) \|\| $pto2->capability_type === 'shop_order') { // default, not redefined by some plugin
88	+ // add capabilities group for the shop_order_refund custom post type
89	+ self::add_group_to_caps($caps, 'shop_order', 'woocommerce_shop_order_refund');
90	+ self::add_group_to_caps($caps, 'shop_order', 'shop_order_refund');
91	+ } else {
92	+ $cap_type = 'shop_order_variant';
93	+ $subgroup = $group .'_'. $cap_type;
94	+ self::add_base_caps($caps, $group, $subgroup, $cap_type);
95	+ }
96	+
97	+ return $caps;
98	+ }
99	+ // end of get()
100	+
101	+
102	+ /**
103	+ * This custom post types use capabilities from the other custom post types
104	+ * So we should define capabilities set for theme manually
105	+ * @return array()
106	+ */
107	+ public static function get_post_types_without_caps() {
108	+
109	+ $pt_without_caps = array();
110	+ $pto1 = get_post_type_object('product_variation');
111	+ if (!empty($pto1) && $pto1->capability_type === 'product') {
112	+ $pt_without_caps[] = $pto1->name;
113	+ }
114	+ $pto2 = get_post_type_object('shop_order_refund');
115	+ if (!empty($pto2) && $pto2->capability_type === 'shop_order') {
116	+ $pt_without_caps[] = $pto2->name;
117	+ }
118	+
119	+ return $pt_without_caps;
120	+ }
121	+ // end of get_post_types_without_caps()
122	+
123	+ }
124	+ // end of URE_Woocommerce_Capabilities class

includes/loader.php CHANGED Viewed

	@@ -20,6 +20,7 @@ require_once(URE_PLUGIN_DIR .'includes/classes/screen-help.php');
20	require_once(URE_PLUGIN_DIR .'includes/classes/known-js-css-compatibility-issues.php');
21	require_once(URE_PLUGIN_DIR .'includes/classes/role-additional-options.php');
22	require_once(URE_PLUGIN_DIR .'includes/classes/capability.php');

23	require_once(URE_PLUGIN_DIR .'includes/classes/capabilities-groups-manager.php');
24	require_once(URE_PLUGIN_DIR .'includes/classes/view.php');
25	require_once(URE_PLUGIN_DIR .'includes/classes/role-view.php');


20	require_once(URE_PLUGIN_DIR .'includes/classes/known-js-css-compatibility-issues.php');
21	require_once(URE_PLUGIN_DIR .'includes/classes/role-additional-options.php');
22	require_once(URE_PLUGIN_DIR .'includes/classes/capability.php');
23	+ require_once(URE_PLUGIN_DIR .'includes/classes/woocommerce-capabilities.php');
24	require_once(URE_PLUGIN_DIR .'includes/classes/capabilities-groups-manager.php');
25	require_once(URE_PLUGIN_DIR .'includes/classes/view.php');
26	require_once(URE_PLUGIN_DIR .'includes/classes/role-view.php');

includes/settings-template.php CHANGED Viewed

	@@ -29,7 +29,7 @@ if (!$license_key_only) {
29	?>
30	<li><a href="#ure_tabs-3"><?php esc_html_e('Default Roles', 'user-role-editor'); ?></a></li>
31	<?php
32	- if ($multisite && ($this->lib->is_pro() \|\| is_super_admin())) {
33	?>
34	<li><a href="#ure_tabs-4"><?php esc_html_e('Multisite', 'user-role-editor'); ?></a></li>
35	<?php
	@@ -169,14 +169,14 @@ if (!$multisite) {
169	</div> <!-- ure_tabs-3 -->
170
171	<?php
172	- if ( $multisite && ($this->lib->is_pro() \|\| is_super_admin())) {
173	?>
174	<div id="ure_tabs-4">
175	<div id="ure-settings-form-ms">
176	<form name="ure_settings_ms" method="post" action="<?php echo $link; ?>?page=settings-<?php echo URE_PLUGIN_FILE; ?>" >
177	<table id="ure_settings_ms">
178	<?php
179	- if (is_super_admin()) {
180	?>
181	<tr>
182	<td>


29	?>
30	<li><a href="#ure_tabs-3"><?php esc_html_e('Default Roles', 'user-role-editor'); ?></a></li>
31	<?php
32	+ if ($multisite && ($this->lib->is_pro() \|\| $this->lib->is_super_admin())) {
33	?>
34	<li><a href="#ure_tabs-4"><?php esc_html_e('Multisite', 'user-role-editor'); ?></a></li>
35	<?php

169	</div> <!-- ure_tabs-3 -->
170
171	<?php
172	+ if ( $multisite && ($this->lib->is_pro() \|\| $this->lib->is_super_admin())) {
173	?>
174	<div id="ure_tabs-4">
175	<div id="ure-settings-form-ms">
176	<form name="ure_settings_ms" method="post" action="<?php echo $link; ?>?page=settings-<?php echo URE_PLUGIN_FILE; ?>" >
177	<table id="ure_settings_ms">
178	<?php
179	+ if ($this->lib->is_super_admin()) {
180	?>
181	<tr>
182	<td>

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=vladi
4	Tags: user, role, editor, security, access, permission, capability
5	Requires at least: 4.0
6	Tested up to: 4.6.1
7	- Stable tag: 4.~~27.2~~
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
	@@ -23,8 +23,6 @@ Multi-site support is provided.
23
24	To read more about 'User Role Editor' visit [this page](http://www.shinephp.com/user-role-editor-wordpress-plugin/) at [shinephp.com](http://shinephp.com)
25
26	- Short demo about 1st steps with User Role Editor:
27	- https://www.youtube.com/watch?v=UmMtOmWGGxY
28
29	Do you need more functionality with quality support in the real time? Do you wish to remove advertisements from User Role Editor pages?
30	[Buy Pro version](https://www.role-editor.com).
	@@ -77,6 +75,9 @@ If you wish to check available translations or help with plugin translation to y
77	https://translate.wordpress.org/projects/wp-plugins/user-role-editor/
78
79	== Changelog ==



80
81	= [4.27.2] 15.09.2016 =
82	* Update: There was a conflict with plugins which use a '\|' character at the custom user capabilities: e.g. 'Nginx Helper \| Config' from "Nginx Helper' plugin.


4	Tags: user, role, editor, security, access, permission, capability
5	Requires at least: 4.0
6	Tested up to: 4.6.1
7	+ Stable tag: 4.28
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10

23
24	To read more about 'User Role Editor' visit [this page](http://www.shinephp.com/user-role-editor-wordpress-plugin/) at [shinephp.com](http://shinephp.com)
25


26
27	Do you need more functionality with quality support in the real time? Do you wish to remove advertisements from User Role Editor pages?
28	[Buy Pro version](https://www.role-editor.com).

75	https://translate.wordpress.org/projects/wp-plugins/user-role-editor/
76
77	== Changelog ==
78	+ = [4.28] 20.10.2016 =
79	+ * New: WooCommerce plugin user capabilities (if exist) are grouped separately.
80	+ * Update: Temporally raised permissions flag is taken into account when checking, if user has a superadmin privileges. WordPress is_super_admin() function was replaced with custom wrapper to define if current user is a real superadmin or just a local admin with the temporally raised (add/edit users pages) permissions.
81
82	= [4.27.2] 15.09.2016 =
83	* Update: There was a conflict with plugins which use a '\|' character at the custom user capabilities: e.g. 'Nginx Helper \| Config' from "Nginx Helper' plugin.

user-role-editor.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: User Role Editor
4	Plugin URI: https://www.role-editor.com
5	Description: Change/add/delete WordPress user roles and capabilities.
6	- Version: 4.~~27.2~~
7	Author: Vladimir Garagulya
8	Author URI: https://www.role-editor.com
9	Text Domain: ure
	@@ -23,7 +23,7 @@ if (defined('URE_PLUGIN_URL')) {
23	wp_die('It seems that other version of User Role Editor is active. Please deactivate it before use this version');
24	}
25
26	- define('URE_VERSION', '4.~~27.2~~');
27	define('URE_PLUGIN_URL', plugin_dir_url(__FILE__));
28	define('URE_PLUGIN_DIR', plugin_dir_path(__FILE__));
29	define('URE_PLUGIN_BASE_NAME', plugin_basename(__FILE__));


3	Plugin Name: User Role Editor
4	Plugin URI: https://www.role-editor.com
5	Description: Change/add/delete WordPress user roles and capabilities.
6	+ Version: 4.28
7	Author: Vladimir Garagulya
8	Author URI: https://www.role-editor.com
9	Text Domain: ure

23	wp_die('It seems that other version of User Role Editor is active. Please deactivate it before use this version');
24	}
25
26	+ define('URE_VERSION', '4.28');
27	define('URE_PLUGIN_URL', plugin_dir_url(__FILE__));
28	define('URE_PLUGIN_DIR', plugin_dir_path(__FILE__));
29	define('URE_PLUGIN_BASE_NAME', plugin_basename(__FILE__));