User Role Editor - Version 4.29

Version Description

Download this release

Release Info

Developer shinephp
Plugin Icon 128x128 User Role Editor
Version 4.29
Comparing to
See all releases

Code changes from version 4.28 to 4.29

Files changed (13) hide show
  1. includes/classes/ajax-processor.php +1 -1
  2. includes/classes/base-lib.php +0 -18
  3. includes/classes/capabilities-groups-manager.php +21 -3
  4. includes/classes/role-view.php +3 -3
  5. includes/classes/ure-lib.php +23 -200
  6. includes/classes/ure-own-capabilities.php +162 -0
  7. includes/classes/user-role-editor.php +4 -4
  8. includes/classes/view.php +5 -5
  9. includes/classes/woocommerce-capabilities.php +1 -1
  10. includes/loader.php +1 -0
  11. license.txt +1 -1
  12. readme.txt +8 -2
  13. user-role-editor.php +2 -2
includes/classes/ajax-processor.php CHANGED
@@ -46,7 +46,7 @@ class URE_Ajax_Processor {
46
  die;
47
  }
48
 
49
- $key_capability = $this->lib->get_key_capability();
50
  if (!current_user_can($key_capability)) {
51
  echo json_encode(array('result'=>'error', 'message'=>'URE: Insufficient permissions'));
52
  die;
46
  die;
47
  }
48
 
49
+ $key_capability = URE_Own_Capabilities::get_key_capability();
50
  if (!current_user_can($key_capability)) {
51
  echo json_encode(array('result'=>'error', 'message'=>'URE: Insufficient permissions'));
52
  die;
includes/classes/base-lib.php CHANGED
@@ -226,24 +226,6 @@ class URE_Base_Lib {
226
  }
227
  // end of check_version()
228
 
229
- /**
230
- * @TODO: replace with selected() from WordPress general-template.php
231
- * returns 'selected' HTML cluster if $value matches to $etalon
232
- *
233
- * @param string $value
234
- * @param string $etalon
235
- * @return string
236
- */
237
- public function option_selected($value, $etalon) {
238
- $selected = '';
239
- if (strcasecmp($value, $etalon) == 0) {
240
- $selected = 'selected="selected"';
241
- }
242
-
243
- return $selected;
244
- }
245
- // end of option_selected()
246
-
247
 
248
  public function get_current_url() {
249
  global $wp;
226
  }
227
  // end of check_version()
228
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
229
 
230
  public function get_current_url() {
231
  global $wp;
includes/classes/capabilities-groups-manager.php CHANGED
@@ -70,6 +70,14 @@ class URE_Capabilities_Groups_Manager {
70
  // end of add_custom_post_types()
71
 
72
 
 
 
 
 
 
 
 
 
73
  private function add_woocommerce_groups() {
74
 
75
  $full_caps = $this->lib->get('full_capabilities');
@@ -116,7 +124,9 @@ class URE_Capabilities_Groups_Manager {
116
 
117
  $this->add_custom_post_types();
118
  $this->groups['custom'] = array('caption'=>esc_html__('Custom capabilities', 'user-role-editor'), 'parent'=>'all', 'level'=>1);
 
119
  $this->add_woocommerce_groups();
 
120
  $this->groups = apply_filters('ure_capabilities_groups_tree', $this->groups);
121
 
122
  return $this->groups;
@@ -306,10 +316,18 @@ class URE_Capabilities_Groups_Manager {
306
 
307
  private function get_groups_for_custom_cap($cap_id) {
308
 
309
- $wc_caps = URE_Woocommerce_Capabilities::get();
310
- if (isset($wc_caps[$cap_id])) {
311
- $groups1 = $wc_caps[$cap_id];
312
  }
 
 
 
 
 
 
 
 
313
  if (isset($this->cpt_caps[$cap_id])) {
314
  $groups2 = $this->cpt_caps[$cap_id];
315
  }
70
  // end of add_custom_post_types()
71
 
72
 
73
+ private function add_ure_group() {
74
+
75
+ $this->groups['user_role_editor'] = array('caption'=>esc_html__('User Role Editor', 'user-role-editor'), 'parent'=>'custom', 'level'=>3);
76
+
77
+ }
78
+ // end of get_ure_group()
79
+
80
+
81
  private function add_woocommerce_groups() {
82
 
83
  $full_caps = $this->lib->get('full_capabilities');
124
 
125
  $this->add_custom_post_types();
126
  $this->groups['custom'] = array('caption'=>esc_html__('Custom capabilities', 'user-role-editor'), 'parent'=>'all', 'level'=>1);
127
+ $this->add_ure_group();
128
  $this->add_woocommerce_groups();
129
+
130
  $this->groups = apply_filters('ure_capabilities_groups_tree', $this->groups);
131
 
132
  return $this->groups;
316
 
317
  private function get_groups_for_custom_cap($cap_id) {
318
 
319
+ $ure_caps = URE_Own_Capabilities::get_caps_groups();
320
+ if (isset($ure_caps[$cap_id])) {
321
+ $groups1 = $ure_caps[$cap_id];
322
  }
323
+
324
+ if (empty($groups1)) {
325
+ $wc_caps = URE_Woocommerce_Capabilities::get_caps_groups();
326
+ if (isset($wc_caps[$cap_id])) {
327
+ $groups1 = $wc_caps[$cap_id];
328
+ }
329
+ }
330
+
331
  if (isset($this->cpt_caps[$cap_id])) {
332
  $groups2 = $this->cpt_caps[$cap_id];
333
  }
includes/classes/role-view.php CHANGED
@@ -44,7 +44,7 @@ class URE_Role_View extends URE_View {
44
  $wp_default_role = $this->lib->get('wp_default_role');
45
  $this->role_default_html = '<select id="default_user_role" name="default_user_role" '. $select_style .'>';
46
  foreach ($roles as $key => $value) {
47
- $selected = $this->lib->option_selected($key, $wp_default_role);
48
  $disabled = ($key==='administrator' && $caps_access_restrict_for_simple_admin && !$this->lib->is_super_admin()) ? 'disabled' : '';
49
  if ($show_admin_role || $key != 'administrator') {
50
  $translated_name = esc_html__($value['name'], 'user-role-editor'); // get translation from URE language file, if exists
@@ -65,7 +65,7 @@ class URE_Role_View extends URE_View {
65
 
66
  global $current_user;
67
 
68
- $key_capability = $this->lib->get_key_capability();
69
  $user_is_ure_admin = current_user_can($key_capability);
70
  $role_to_skip = ($user_is_ure_admin) ? '':$current_user->roles[0];
71
 
@@ -80,7 +80,7 @@ class URE_Role_View extends URE_View {
80
  if ($key===$role_to_skip) { // skip role of current user if he does not have full access to URE
81
  continue;
82
  }
83
- $selected1 = $this->lib->option_selected($key, $current_role);
84
  $disabled = ($key==='administrator' && $caps_access_restrict_for_simple_admin && !$this->lib->is_super_admin()) ? 'disabled' : '';
85
  if ($show_admin_role || $key != 'administrator') {
86
  $translated_name = esc_html__($value['name'], 'user-role-editor'); // get translation from URE language file, if exists
44
  $wp_default_role = $this->lib->get('wp_default_role');
45
  $this->role_default_html = '<select id="default_user_role" name="default_user_role" '. $select_style .'>';
46
  foreach ($roles as $key => $value) {
47
+ $selected = selected($key, $wp_default_role, false);
48
  $disabled = ($key==='administrator' && $caps_access_restrict_for_simple_admin && !$this->lib->is_super_admin()) ? 'disabled' : '';
49
  if ($show_admin_role || $key != 'administrator') {
50
  $translated_name = esc_html__($value['name'], 'user-role-editor'); // get translation from URE language file, if exists
65
 
66
  global $current_user;
67
 
68
+ $key_capability = URE_Own_Capabilities::get_key_capability();
69
  $user_is_ure_admin = current_user_can($key_capability);
70
  $role_to_skip = ($user_is_ure_admin) ? '':$current_user->roles[0];
71
 
80
  if ($key===$role_to_skip) { // skip role of current user if he does not have full access to URE
81
  continue;
82
  }
83
+ $selected1 = selected($key, $current_role, false);
84
  $disabled = ($key==='administrator' && $caps_access_restrict_for_simple_admin && !$this->lib->is_super_admin()) ? 'disabled' : '';
85
  if ($show_admin_role || $key != 'administrator') {
86
  $translated_name = esc_html__($value['name'], 'user-role-editor'); // get translation from URE language file, if exists
includes/classes/ure-lib.php CHANGED
@@ -78,8 +78,8 @@ class Ure_Lib extends URE_Base_Lib {
78
 
79
  $ure_version = $this->get_option('ure_version', '0');
80
  if (version_compare( $ure_version, URE_VERSION, '<' ) ) {
81
- // for upgrade to 4.18 and higher from older versions
82
- $this->init_ure_caps();
83
  $this->put_option('ure_version', URE_VERSION, true);
84
  }
85
 
@@ -128,52 +128,7 @@ class Ure_Lib extends URE_Base_Lib {
128
 
129
  }
130
  // end of set_raised_permissions()
131
-
132
-
133
- public function get_ure_caps() {
134
-
135
- $ure_caps = array(
136
- 'ure_edit_roles' => 1,
137
- 'ure_create_roles' => 1,
138
- 'ure_delete_roles' => 1,
139
- 'ure_create_capabilities' => 1,
140
- 'ure_delete_capabilities' => 1,
141
- 'ure_manage_options' => 1,
142
- 'ure_reset_roles' => 1
143
- );
144
-
145
- return $ure_caps;
146
- }
147
- // end of get_ure_caps()
148
-
149
-
150
- public function init_ure_caps() {
151
- global $wp_roles;
152
 
153
- if (!isset($wp_roles)) {
154
- $wp_roles = new WP_Roles();
155
- }
156
-
157
- if (!isset($wp_roles->roles['administrator'])) {
158
- return;
159
- }
160
-
161
- // Do not turn on URE caps for local administrator by default under multisite, as there is a superadmin.
162
- $turn_on = !$this->multisite;
163
-
164
- $old_use_db = $wp_roles->use_db;
165
- $wp_roles->use_db = true;
166
- $administrator = $wp_roles->role_objects['administrator'];
167
- $ure_caps = $this->get_ure_caps();
168
- foreach(array_keys($ure_caps) as $cap) {
169
- if (!$administrator->has_cap($cap)) {
170
- $administrator->add_cap($cap, $turn_on);
171
- }
172
- }
173
- $wp_roles->use_db = $old_use_db;
174
- }
175
- // end of init_ure_caps()
176
-
177
 
178
  /**
179
  * get options for User Role Editor plugin
@@ -241,50 +196,7 @@ class Ure_Lib extends URE_Base_Lib {
241
  return $this->main_blog_id;
242
 
243
  }
244
-
245
-
246
- /**
247
- * return key capability to have access to User Role Editor Plugin
248
- *
249
- * @return string
250
- */
251
- public function get_key_capability() {
252
-
253
- if (!$this->multisite) {
254
- $key_capability = URE_KEY_CAPABILITY;
255
- } else {
256
- $enable_simple_admin_for_multisite = $this->get_option('enable_simple_admin_for_multisite', 0);
257
- if ( (defined('URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE') && URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE == 1) ||
258
- $enable_simple_admin_for_multisite) {
259
- $key_capability = URE_KEY_CAPABILITY;
260
- } else {
261
- $key_capability = 'manage_network_plugins';
262
- }
263
- }
264
-
265
- return $key_capability;
266
- }
267
- // end of get_key_capability()
268
-
269
-
270
- public function get_settings_capability() {
271
-
272
- if (!$this->multisite) {
273
- $settings_access = 'ure_manage_options';
274
- } else {
275
- $enable_simple_admin_for_multisite = $this->get_option('enable_simple_admin_for_multisite', 0);
276
- if ( (defined('URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE') && URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE == 1) ||
277
- $enable_simple_admin_for_multisite) {
278
- $settings_access = 'ure_manage_options';
279
- } else {
280
- $settings_access = $this->get_key_capability();
281
- }
282
- }
283
-
284
- return $settings_access;
285
- }
286
- // end of get_settings_capability()
287
-
288
 
289
  /**
290
  * return front-end according to the context - role or user editor
@@ -303,20 +215,8 @@ class Ure_Lib extends URE_Base_Lib {
303
  // end of editor()
304
 
305
 
306
- private function get_ure_container_width() {
307
-
308
- $width = ($this->ure_object == 'user') ? 1300 : 1150;
309
- if ($this->is_pro()) {
310
- $width -= 200;
311
- }
312
-
313
- return $width;
314
- }
315
- // end of get_ure_container_width()
316
-
317
-
318
  protected function show_editor() {
319
- //$container_width = $this->get_ure_container_width();
320
  $this->show_message($this->notification);
321
  if ($this->ure_object == 'user') {
322
  $view = new URE_User_View();
@@ -678,7 +578,7 @@ class Ure_Lib extends URE_Base_Lib {
678
  public function user_is_admin($user_id = false) {
679
  global $current_user;
680
 
681
- $ure_key_capability = $this->get_key_capability();
682
  if (empty($user_id)) {
683
  $user_id = $current_user->ID;
684
  }
@@ -936,7 +836,7 @@ class Ure_Lib extends URE_Base_Lib {
936
  }
937
 
938
  $caps_to_exclude = $this->get_built_in_wp_caps();
939
- $ure_caps = $this->get_ure_caps();
940
  $caps_to_exclude = array_merge($caps_to_exclude, $ure_caps);
941
 
942
  $caps_to_remove = array();
@@ -997,85 +897,6 @@ class Ure_Lib extends URE_Base_Lib {
997
  // end of block_cap_for_single_admin()
998
 
999
 
1000
- /**
1001
- * return link to the capability according its name in $capability parameter
1002
- *
1003
- * @param string $capability
1004
- * @return string
1005
- */
1006
- protected function capability_help_link($capability) {
1007
-
1008
- if (empty($capability)) {
1009
- return '';
1010
- }
1011
-
1012
- switch ($capability) {
1013
- case 'activate_plugins':
1014
- $url = 'http://www.shinephp.com/activate_plugins-wordpress-capability/';
1015
- break;
1016
- case 'add_users':
1017
- $url = 'http://www.shinephp.com/add_users-wordpress-user-capability/';
1018
- break;
1019
- case 'create_users':
1020
- $url = 'http://www.shinephp.com/create_users-wordpress-user-capability/';
1021
- break;
1022
- case 'delete_others_pages':
1023
- case 'delete_others_posts':
1024
- case 'delete_pages':
1025
- case 'delete_posts':
1026
- case 'delete_protected_pages':
1027
- case 'delete_protected_posts':
1028
- case 'delete_published_pages':
1029
- case 'delete_published_posts':
1030
- $url = 'http://www.shinephp.com/delete-posts-and-pages-wordpress-user-capabilities-set/';
1031
- break;
1032
- case 'delete_plugins':
1033
- $url = 'http://www.shinephp.com/delete_plugins-wordpress-user-capability/';
1034
- break;
1035
- case 'delete_themes':
1036
- $url = 'http://www.shinephp.com/delete_themes-wordpress-user-capability/';
1037
- break;
1038
- case 'delete_users':
1039
- $url = 'http://www.shinephp.com/delete_users-wordpress-user-capability/';
1040
- break;
1041
- case 'edit_dashboard':
1042
- $url = 'http://www.shinephp.com/edit_dashboard-wordpress-capability/';
1043
- break;
1044
- case 'edit_files':
1045
- $url = 'http://www.shinephp.com/edit_files-wordpress-user-capability/';
1046
- break;
1047
- case 'edit_plugins':
1048
- $url = 'http://www.shinephp.com/edit_plugins-wordpress-user-capability';
1049
- break;
1050
- case 'moderate_comments':
1051
- $url = 'http://www.shinephp.com/moderate_comments-wordpress-user-capability/';
1052
- break;
1053
- case 'read':
1054
- $url = 'http://shinephp.com/wordpress-read-capability/';
1055
- break;
1056
- case 'update_core':
1057
- $url = 'http://www.shinephp.com/update_core-capability-for-wordpress-user/';
1058
- break;
1059
- case 'ure_edit_roles':
1060
- $url = 'https://www.role-editor.com/user-role-editor-4-18-new-permissions/';
1061
- break;
1062
- default:
1063
- $url = '';
1064
- }
1065
- // end of switch
1066
- if (!empty($url)) {
1067
- $link = '<a href="' . $url . '" title="' . esc_html__('read about', 'user-role-editor') .' '. $capability .' '.
1068
- esc_html__('user capability', 'user-role-editor') .'" target="new"><img src="' .
1069
- URE_PLUGIN_URL . 'images/help.png" alt="' . esc_html__('Help', 'user-role-editor') . '" /></a>';
1070
- } else {
1071
- $link = '';
1072
- }
1073
-
1074
- return $link;
1075
- }
1076
- // end of capability_help_link()
1077
-
1078
-
1079
  /**
1080
  * Go through all users and if user has non-existing role lower him to Subscriber role
1081
  *
@@ -1336,11 +1157,12 @@ class Ure_Lib extends URE_Base_Lib {
1336
  *
1337
  */
1338
  protected function add_ure_caps() {
1339
- $key_capability = $this->get_key_capability();
1340
- if (!current_user_can($key_capability)) {
 
1341
  return;
1342
  }
1343
- $ure_caps = $this->get_ure_caps();
1344
  foreach(array_keys($ure_caps) as $cap) {
1345
  $this->add_capability_to_full_caps_list($cap);
1346
  }
@@ -1402,7 +1224,7 @@ class Ure_Lib extends URE_Base_Lib {
1402
  }
1403
 
1404
  $this->wp_roles_reinit();
1405
- $this->init_ure_caps();
1406
  if ($this->is_full_network_synch() || $this->apply_to_all) {
1407
  $this->current_role = '';
1408
  $this->direct_network_roles_update();
@@ -1444,7 +1266,7 @@ class Ure_Lib extends URE_Base_Lib {
1444
  return false;
1445
  }
1446
 
1447
- $key_capability = $this->get_key_capability();
1448
  $user_is_ure_admin = current_user_can($key_capability);
1449
  if (!$user_is_ure_admin) {
1450
  if (in_array($this->current_role, $current_user->roles)) {
@@ -1976,7 +1798,7 @@ class Ure_Lib extends URE_Base_Lib {
1976
  __('Export', 'user-role-editor');
1977
  }
1978
  }
1979
- // end of ure_TranslationData()
1980
 
1981
 
1982
  /**
@@ -2203,15 +2025,18 @@ class Ure_Lib extends URE_Base_Lib {
2203
 
2204
 
2205
  /**
2206
- * Wrapper for WordPress capabilities.php is_super_admin().
2207
  * Returns true if user has a real super administrator permissions
2208
- * It takes into account $this->raised_permissions value, in order do not count a user with temporally raised permissions a real superadmin
 
 
 
 
2209
  * @param int $user_id
2210
  * @global WP_User $current_user
2211
  * @return boolean
2212
  */
2213
  public function is_super_admin($user_id = false) {
2214
-
2215
  if (empty($user_id)) {
2216
  $user = wp_get_current_user();
2217
  $user_id = $user->ID;
@@ -2222,17 +2047,15 @@ class Ure_Lib extends URE_Base_Lib {
2222
  return false;
2223
  }
2224
 
2225
- if ($this->multisite && $this->raised_permissions) {
2226
- return false;
2227
  }
2228
 
2229
  if (!$this->multisite && $this->user_has_capability($user, 'administrator')) {
2230
  return true;
2231
- }
2232
-
2233
- $result = is_super_admin($user_id);
2234
 
2235
- return $result;
2236
  }
2237
  // end of is_super_admin()
2238
 
78
 
79
  $ure_version = $this->get_option('ure_version', '0');
80
  if (version_compare( $ure_version, URE_VERSION, '<' ) ) {
81
+ // put version upgrade stuff here
82
+
83
  $this->put_option('ure_version', URE_VERSION, true);
84
  }
85
 
128
 
129
  }
130
  // end of set_raised_permissions()
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
131
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
132
 
133
  /**
134
  * get options for User Role Editor plugin
196
  return $this->main_blog_id;
197
 
198
  }
199
+
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
200
 
201
  /**
202
  * return front-end according to the context - role or user editor
215
  // end of editor()
216
 
217
 
 
 
 
 
 
 
 
 
 
 
 
 
218
  protected function show_editor() {
219
+
220
  $this->show_message($this->notification);
221
  if ($this->ure_object == 'user') {
222
  $view = new URE_User_View();
578
  public function user_is_admin($user_id = false) {
579
  global $current_user;
580
 
581
+ $ure_key_capability = URE_Own_Capabilities::get_key_capability();
582
  if (empty($user_id)) {
583
  $user_id = $current_user->ID;
584
  }
836
  }
837
 
838
  $caps_to_exclude = $this->get_built_in_wp_caps();
839
+ $ure_caps = URE_Own_Capabilities::get_caps();
840
  $caps_to_exclude = array_merge($caps_to_exclude, $ure_caps);
841
 
842
  $caps_to_remove = array();
897
  // end of block_cap_for_single_admin()
898
 
899
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
900
  /**
901
  * Go through all users and if user has non-existing role lower him to Subscriber role
902
  *
1157
  *
1158
  */
1159
  protected function add_ure_caps() {
1160
+
1161
+ $key_cap = URE_Own_Capabilities::get_key_capability();
1162
+ if (!current_user_can($key_cap)) {
1163
  return;
1164
  }
1165
+ $ure_caps = URE_Own_Capabilities::get_caps();
1166
  foreach(array_keys($ure_caps) as $cap) {
1167
  $this->add_capability_to_full_caps_list($cap);
1168
  }
1224
  }
1225
 
1226
  $this->wp_roles_reinit();
1227
+ URE_Own_Capabilities::init_caps();
1228
  if ($this->is_full_network_synch() || $this->apply_to_all) {
1229
  $this->current_role = '';
1230
  $this->direct_network_roles_update();
1266
  return false;
1267
  }
1268
 
1269
+ $key_capability = URE_Own_Capabilities::get_key_capability();
1270
  $user_is_ure_admin = current_user_can($key_capability);
1271
  if (!$user_is_ure_admin) {
1272
  if (in_array($this->current_role, $current_user->roles)) {
1798
  __('Export', 'user-role-editor');
1799
  }
1800
  }
1801
+ // end of translation_data()
1802
 
1803
 
1804
  /**
2025
 
2026
 
2027
  /**
 
2028
  * Returns true if user has a real super administrator permissions
2029
+ * It takes into account $this->raised_permissions value, in order do not count a user with temporally raised permissions
2030
+ * of a real superadmin under WP Multisite
2031
+ * For WP Singlesite superadmin is a user with 'administrator' role only in opposite the WordPress's is_super_admin(),
2032
+ * which counts any user with 'delete_users' capability as a superadmin.
2033
+ *
2034
  * @param int $user_id
2035
  * @global WP_User $current_user
2036
  * @return boolean
2037
  */
2038
  public function is_super_admin($user_id = false) {
2039
+
2040
  if (empty($user_id)) {
2041
  $user = wp_get_current_user();
2042
  $user_id = $user->ID;
2047
  return false;
2048
  }
2049
 
2050
+ if ($this->multisite && !$this->raised_permissions && is_super_admin($user_id)) {
2051
+ return true;
2052
  }
2053
 
2054
  if (!$this->multisite && $this->user_has_capability($user, 'administrator')) {
2055
  return true;
2056
+ }
 
 
2057
 
2058
+ return false;
2059
  }
2060
  // end of is_super_admin()
2061
 
includes/classes/ure-own-capabilities.php ADDED
@@ -0,0 +1,162 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * Class to provide the routine for the own User Role Editor user capabilities list
4
+ *
5
+ * @package User-Role-Editor
6
+ * @subpackage Admin
7
+ * @author Vladimir Garagulya <support@role-editor.com>
8
+ * @copyright Copyright (c) 2010 - 2016, Vladimir Garagulya
9
+ **/
10
+ class URE_Own_Capabilities {
11
+ const URE_KEY_CAP_TR = 'ure_key_cap';
12
+ const URE_SETTINGS_CAP_TR = 'ure_settings_cap';
13
+
14
+
15
+ public static function get_caps() {
16
+
17
+ $lib = URE_Lib::get_instance();
18
+
19
+ $ure_caps = array(
20
+ 'ure_edit_roles' => 1,
21
+ 'ure_create_roles' => 1,
22
+ 'ure_delete_roles' => 1,
23
+ 'ure_create_capabilities' => 1,
24
+ 'ure_delete_capabilities' => 1,
25
+ 'ure_manage_options' => 1,
26
+ 'ure_reset_roles' => 1
27
+ );
28
+
29
+ if ($lib->is_pro()) {
30
+ $multisite = $lib->get('multisite');
31
+
32
+ $ure_caps['ure_export_roles'] = 1;
33
+ $ure_caps['ure_import_roles'] = 1;
34
+ $ure_caps['ure_admin_menu_access'] = 1;
35
+ $ure_caps['ure_widgets_access'] = 1;
36
+ $ure_caps['ure_widgets_show_access'] = 1;
37
+ $ure_caps['ure_meta_boxes_access'] = 1;
38
+ $ure_caps['ure_other_roles_access'] = 1;
39
+ $ure_caps['ure_edit_posts_access'] = 1;
40
+ $ure_caps['ure_plugins_activation_access'] = 1;
41
+ $ure_caps['ure_view_posts_access'] = 1;
42
+ if ($multisite) {
43
+ $ure_caps['ure_themes_access'] = 1;
44
+ }
45
+ }
46
+
47
+ return $ure_caps;
48
+ }
49
+ // end of get_caps()
50
+
51
+
52
+ /**
53
+ * return key capability to have access to User Role Editor Plugin
54
+ */
55
+ public static function get_key_capability() {
56
+
57
+ $key_cap = get_transient(self::URE_KEY_CAP_TR);
58
+ if (!empty($key_cap)) {
59
+ return $key_cap;
60
+ }
61
+ $lib = URE_Lib::get_instance();
62
+ $multisite = $lib->get('multisite');
63
+ if (!$multisite) {
64
+ $key_cap = URE_KEY_CAPABILITY;
65
+ } else {
66
+ $enable_simple_admin_for_multisite = $lib->get_option('enable_simple_admin_for_multisite', 0);
67
+ if ( (defined('URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE') && URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE == 1) ||
68
+ $enable_simple_admin_for_multisite) {
69
+ $key_cap = URE_KEY_CAPABILITY;
70
+ } else {
71
+ $key_cap = 'manage_network_plugins';
72
+ }
73
+ }
74
+ set_transient(self::URE_KEY_CAP_TR, $key_cap, 60);
75
+
76
+ return $key_cap;
77
+ }
78
+ // end of get_key_capability()
79
+
80
+
81
+ /**
82
+ * Return user capability for the User Role Editor Settings page
83
+ *
84
+ * @return string
85
+ */
86
+ public static function get_settings_capability() {
87
+
88
+ $settings_cap = get_transient(self::URE_SETTINGS_CAP_TR);
89
+ if (!empty($settings_cap)) {
90
+ return $settings_cap;
91
+ }
92
+
93
+ $lib = URE_Lib::get_instance();
94
+ $multisite = $lib->get('multisite');
95
+ if (!$multisite) {
96
+ $settings_cap = 'ure_manage_options';
97
+ } else {
98
+ $enable_simple_admin_for_multisite = $lib->get_option('enable_simple_admin_for_multisite', 0);
99
+ if ((defined('URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE') && URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE == 1) ||
100
+ $enable_simple_admin_for_multisite) {
101
+ $settings_cap = 'ure_manage_options';
102
+ } else {
103
+ $settings_cap = self::get_key_capability();
104
+ }
105
+ }
106
+ set_transient(self::URE_SETTINGS_CAP_TR, $settings_cap, 60);
107
+
108
+ return $settings_cap;
109
+ }
110
+ // end of get_settings_capability()
111
+
112
+
113
+ public static function init_caps() {
114
+ global $wp_roles;
115
+
116
+ if (!isset($wp_roles)) {
117
+ $wp_roles = new WP_Roles();
118
+ }
119
+
120
+ if (!isset($wp_roles->roles['administrator'])) {
121
+ return;
122
+ }
123
+
124
+ $lib = URE_Lib::get_instance();
125
+ $multisite = $lib->get('multisite');
126
+ // Do not turn on URE caps for local administrator by default under multisite, as there is a superadmin.
127
+ $turn_on = !$multisite;
128
+
129
+ $old_use_db = $wp_roles->use_db;
130
+ $wp_roles->use_db = true;
131
+ $administrator = $wp_roles->role_objects['administrator'];
132
+ $ure_caps = self::get_caps();
133
+ foreach(array_keys($ure_caps) as $cap) {
134
+ if (!$administrator->has_cap($cap)) {
135
+ $administrator->add_cap($cap, $turn_on);
136
+ }
137
+ }
138
+ $wp_roles->use_db = $old_use_db;
139
+ }
140
+ // end of init_caps()
141
+
142
+
143
+ /**
144
+ * Return list of URE capabilities with data about groups they were included
145
+ *
146
+ * @return array
147
+ */
148
+ public static function get_caps_groups() {
149
+
150
+ $ure_caps = self::get_caps();
151
+
152
+ $caps = array();
153
+ foreach($ure_caps as $ure_cap=>$value) {
154
+ $caps[$ure_cap] = array('custom', 'user_role_editor');
155
+ }
156
+
157
+ return $caps;
158
+ }
159
+ // end of get_caps_groups()
160
+
161
+ }
162
+ // end of URE_Capabilities class
includes/classes/user-role-editor.php CHANGED
@@ -52,7 +52,7 @@ class User_Role_Editor {
52
  register_deactivation_hook(URE_PLUGIN_FULL_PATH, array($this, 'cleanup'));
53
 
54
  // Who can use this plugin
55
- $this->key_capability = $this->lib->get_key_capability();
56
 
57
  // Process URE's internal tasks queue
58
  $task_queue = URE_Task_Queue::get_instance();
@@ -536,7 +536,7 @@ class User_Role_Editor {
536
  $multisite = $this->lib->get('multisite');
537
  $active_for_network = $this->lib->get('active_for_network');
538
  if ( !$multisite || ($multisite && !$active_for_network) ) {
539
- $settings_capability = $this->lib->get_settings_capability();
540
  $this->settings_page_hook = add_options_page(
541
  $translated_title,
542
  $translated_title,
@@ -685,7 +685,7 @@ class User_Role_Editor {
685
 
686
 
687
  public function settings() {
688
- $settings_capability = $this->lib->get_settings_capability();
689
  if (!current_user_can($settings_capability)) {
690
  wp_die(esc_html__( 'You do not have sufficient permissions to manage options for User Role Editor.', 'user-role-editor' ));
691
  }
@@ -776,7 +776,7 @@ class User_Role_Editor {
776
  function setup() {
777
 
778
  $this->lib->make_roles_backup();
779
- $this->lib->init_ure_caps();
780
 
781
  $task_queue = URE_Task_Queue::get_instance();
782
  $task_queue->add('on_activation');
52
  register_deactivation_hook(URE_PLUGIN_FULL_PATH, array($this, 'cleanup'));
53
 
54
  // Who can use this plugin
55
+ $this->key_capability = URE_Own_Capabilities::get_key_capability();
56
 
57
  // Process URE's internal tasks queue
58
  $task_queue = URE_Task_Queue::get_instance();
536
  $multisite = $this->lib->get('multisite');
537
  $active_for_network = $this->lib->get('active_for_network');
538
  if ( !$multisite || ($multisite && !$active_for_network) ) {
539
+ $settings_capability = URE_Own_Capabilities::get_settings_capability();
540
  $this->settings_page_hook = add_options_page(
541
  $translated_title,
542
  $translated_title,
685
 
686
 
687
  public function settings() {
688
+ $settings_capability = URE_Own_Capabilities::get_settings_capability();
689
  if (!current_user_can($settings_capability)) {
690
  wp_die(esc_html__( 'You do not have sufficient permissions to manage options for User Role Editor.', 'user-role-editor' ));
691
  }
776
  function setup() {
777
 
778
  $this->lib->make_roles_backup();
779
+ URE_Own_Capabilities::init_caps();
780
 
781
  $task_queue = URE_Task_Queue::get_instance();
782
  $task_queue->add('on_activation');
includes/classes/view.php CHANGED
@@ -130,9 +130,9 @@ class URE_View {
130
  $caps_readable = $this->lib->get('caps_readable');
131
  $caps_groups_manager = URE_Capabilities_Groups_Manager::get_instance();
132
 
133
- $key_capability = $this->lib->get_key_capability();
134
  $user_is_ure_admin = current_user_can($key_capability);
135
- $ure_caps = $this->lib->get_ure_caps();
136
 
137
  $output = '<div id="ure_caps_list_container">'
138
  . '<div id="ure_caps_list">';
@@ -270,9 +270,9 @@ class URE_View {
270
  <div class="ure-table-cell ure-caps-option nowrap">
271
  <?php esc_html_e('Columns:', 'user-role-editor');?>
272
  <select id="caps_columns_quant" name="caps_columns_quant" onchange="ure_change_caps_columns_quant();">
273
- <option value="1" <?php echo $this->lib->option_selected(1, $caps_columns_quant);?> >1</option>
274
- <option value="2" <?php echo $this->lib->option_selected(2, $caps_columns_quant);?> >2</option>
275
- <option value="3" <?php echo $this->lib->option_selected(3, $caps_columns_quant);?> >3</option>
276
  </select>
277
  </div>
278
  </div>
130
  $caps_readable = $this->lib->get('caps_readable');
131
  $caps_groups_manager = URE_Capabilities_Groups_Manager::get_instance();
132
 
133
+ $key_capability = URE_Own_Capabilities::get_key_capability();
134
  $user_is_ure_admin = current_user_can($key_capability);
135
+ $ure_caps = URE_Own_Capabilities::get_caps();
136
 
137
  $output = '<div id="ure_caps_list_container">'
138
  . '<div id="ure_caps_list">';
270
  <div class="ure-table-cell ure-caps-option nowrap">
271
  <?php esc_html_e('Columns:', 'user-role-editor');?>
272
  <select id="caps_columns_quant" name="caps_columns_quant" onchange="ure_change_caps_columns_quant();">
273
+ <option value="1" <?php selected(1, $caps_columns_quant);?> >1</option>
274
+ <option value="2" <?php selected(2, $caps_columns_quant);?> >2</option>
275
+ <option value="3" <?php selected(3, $caps_columns_quant);?> >3</option>
276
  </select>
277
  </div>
278
  </div>
includes/classes/woocommerce-capabilities.php CHANGED
@@ -54,7 +54,7 @@ class URE_Woocommerce_Capabilities {
54
  /**
55
  * Returns full list of WooCommerce plugin user capabilities
56
  */
57
- public static function get() {
58
 
59
  $caps = array(
60
  'manage_woocommerce'=>array('custom', 'woocommerce', 'woocommerce_core'),
54
  /**
55
  * Returns full list of WooCommerce plugin user capabilities
56
  */
57
+ public static function get_caps_groups() {
58
 
59
  $caps = array(
60
  'manage_woocommerce'=>array('custom', 'woocommerce', 'woocommerce_core'),
includes/loader.php CHANGED
@@ -11,6 +11,7 @@
11
  require_once(URE_PLUGIN_DIR .'includes/define-constants.php');
12
  require_once(URE_PLUGIN_DIR .'includes/misc-support-stuff.php');
13
  require_once(URE_PLUGIN_DIR .'includes/classes/task-queue.php');
 
14
  require_once(URE_PLUGIN_DIR .'includes/classes/bbpress.php');
15
  require_once(URE_PLUGIN_DIR .'includes/classes/assign-role.php');
16
  require_once(URE_PLUGIN_DIR .'includes/classes/user-other-roles.php');
11
  require_once(URE_PLUGIN_DIR .'includes/define-constants.php');
12
  require_once(URE_PLUGIN_DIR .'includes/misc-support-stuff.php');
13
  require_once(URE_PLUGIN_DIR .'includes/classes/task-queue.php');
14
+ require_once(URE_PLUGIN_DIR .'includes/classes/ure-own-capabilities.php');
15
  require_once(URE_PLUGIN_DIR .'includes/classes/bbpress.php');
16
  require_once(URE_PLUGIN_DIR .'includes/classes/assign-role.php');
17
  require_once(URE_PLUGIN_DIR .'includes/classes/user-other-roles.php');
license.txt CHANGED
@@ -1,6 +1,6 @@
1
  User Role Editor WordPress plugin
2
 
3
- Copyright 2009-2013 by Vladimir Garagulya - vladimir@shinephp.com
4
 
5
  This program is free software; you can redistribute it and/or modify
6
  it under the terms of the GNU General Public License as published by
1
  User Role Editor WordPress plugin
2
 
3
+ Copyright 2009-2016 by Vladimir Garagulya - vladimir@shinephp.com
4
 
5
  This program is free software; you can redistribute it and/or modify
6
  it under the terms of the GNU General Public License as published by
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=vladi
4
  Tags: user, role, editor, security, access, permission, capability
5
  Requires at least: 4.0
6
  Tested up to: 4.6.1
7
- Stable tag: 4.28
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
@@ -75,8 +75,14 @@ If you wish to check available translations or help with plugin translation to y
75
  https://translate.wordpress.org/projects/wp-plugins/user-role-editor/
76
 
77
  == Changelog ==
 
 
 
 
 
 
78
  = [4.28] 20.10.2016 =
79
- * New: WooCommerce plugin user capabilities (if exist) are grouped separately.
80
  * Update: Temporally raised permissions flag is taken into account when checking, if user has a superadmin privileges. WordPress is_super_admin() function was replaced with custom wrapper to define if current user is a real superadmin or just a local admin with the temporally raised (add/edit users pages) permissions.
81
 
82
  = [4.27.2] 15.09.2016 =
4
  Tags: user, role, editor, security, access, permission, capability
5
  Requires at least: 4.0
6
  Tested up to: 4.6.1
7
+ Stable tag: 4.29
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
75
  https://translate.wordpress.org/projects/wp-plugins/user-role-editor/
76
 
77
  == Changelog ==
78
+ = [4.29] 10.11.2016 =
79
+ * New: User Role Editor own user capabilities are grouped separately under Custom capabilities.
80
+ * Update: URE_Lib::is_super_admin() uses WordPress core is_super_admin() for multisite setup only. Superadmin is a user with 'administrator' role in the case of single site WordPress installation.
81
+ This is the difference with the WordPress core which counts as a superadmin (for single site WP installation) any user with a 'delete_users' capability.
82
+ * Update: BaseLib::option_selected() calls were replaced with the calls of a similar selected() function from WordPress core.
83
+
84
  = [4.28] 20.10.2016 =
85
+ * New: WooCommerce plugin user capabilities (if exist) are grouped separately under Custom capabilities.
86
  * Update: Temporally raised permissions flag is taken into account when checking, if user has a superadmin privileges. WordPress is_super_admin() function was replaced with custom wrapper to define if current user is a real superadmin or just a local admin with the temporally raised (add/edit users pages) permissions.
87
 
88
  = [4.27.2] 15.09.2016 =
user-role-editor.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: User Role Editor
4
  Plugin URI: https://www.role-editor.com
5
  Description: Change/add/delete WordPress user roles and capabilities.
6
- Version: 4.28
7
  Author: Vladimir Garagulya
8
  Author URI: https://www.role-editor.com
9
  Text Domain: ure
@@ -23,7 +23,7 @@ if (defined('URE_PLUGIN_URL')) {
23
  wp_die('It seems that other version of User Role Editor is active. Please deactivate it before use this version');
24
  }
25
 
26
- define('URE_VERSION', '4.28');
27
  define('URE_PLUGIN_URL', plugin_dir_url(__FILE__));
28
  define('URE_PLUGIN_DIR', plugin_dir_path(__FILE__));
29
  define('URE_PLUGIN_BASE_NAME', plugin_basename(__FILE__));
3
  Plugin Name: User Role Editor
4
  Plugin URI: https://www.role-editor.com
5
  Description: Change/add/delete WordPress user roles and capabilities.
6
+ Version: 4.29
7
  Author: Vladimir Garagulya
8
  Author URI: https://www.role-editor.com
9
  Text Domain: ure
23
  wp_die('It seems that other version of User Role Editor is active. Please deactivate it before use this version');
24
  }
25
 
26
+ define('URE_VERSION', '4.29');
27
  define('URE_PLUGIN_URL', plugin_dir_url(__FILE__));
28
  define('URE_PLUGIN_DIR', plugin_dir_path(__FILE__));
29
  define('URE_PLUGIN_BASE_NAME', plugin_basename(__FILE__));